This entire event was a staged press op. Keith Alexander is a ~30 year veteran of SIGINT, electronic warfare, and intelligence, and a Four-Star US Army General --- which is a bigger deal than you probably think it is. He's a spy chief in the truest sense and a master politician. Anyone who thinks he walked into that conference hall in Caesars without a near perfect forecast of the outcome of the speech is kidding themselves.
Heckling Alexander played right into the strategy. It gave him an opportunity to look reasonable compared to his detractors, and, more generally (and alarmingly), to have the NSA look more reasonable compared to opponents of NSA surveillance. It allowed him to "split the vote" with audience reactions, getting people who probably have serious misgivings about NSA programs to applaud his calm and graceful handling of shouted insults; many of those people probably applauded simply to protest the hecklers, who after all were making it harder for them to follow what Alexander was trying to say.
There was no serious Q&A on offer at the keynote. The questions were pre-screened; all attendees could do was vote on them. There was no possibility that anything would come of this speech other than an effectively unchallenged full-throated defense of the NSA's programs.
Even the premise of the keynote was calculated to wrong-foot NSA opponents. However much you might want to hear Alexander account for the activities of the NSA, the NSA itself is not the real oversight mechanism for the NSA! My guess is that no pol with meaningful oversight over NSA would have consented to address a room full of technology professionals about NSA's programs; they were happy to send NSA's own supremely well-trained figurehead to do that for them.
I think a walkout might have been effective, had it been organized well enough in advance (perhaps with some of the same aplomb as the [I think misguided] opposition to CISPA); at least you'd get some stinging photos.
My main take away from your comment is that Keith Alexander is Enabran Tain & that I feel like the US is approximating the Cardassian Union more everyday.
The existence of nuclear weapons has rendered traditional warfare unprofitable, except against the very weak, and even in those cases only military contractors benefit.
We invaded and occupied Iraq and didn't even get any oil, just a trillion or so in national debt. At least in the time of Rome citizen soldiers were titled large swaths of land in the conquered territories.
I expect in the long drawn out economic warfare to come that cyber espionage and surveillance to be critical advantages & well connected military contractors with access to the NSA's total information awareness database to profit handsomely from insider trading.
Update & Question:
I'm taking a short break from work and wondering why this comment has been down voted twice?
Instead of down voting & unless you just hate ST: DS9 references, can you provide a plausible argument against the inevitability that tapping the entire world's communications will not lead to insider trading?
There are so few terrorists in the world, and so many opportunities to profit from having early access to employment reports, corporate revenue numbers and other economic data.
Please give me a compelling reason why a wiretap on all the worlds communications is more likely to be used to catch terrorists than for simple greed?
>We invaded and occupied Iraq and didn't even get any oil, just a trillion or so in national debt. At least in the time of Rome citizen soldiers were titled large swaths of land in the conquered territories.
The trillions in national debt benefits somebody. Somebody somewhere gets those interest payments and they wouldn't have if the U.S had not borrowed from them.
Yes, but the cost far outweighs the benefits. The world (and the economy) is not a zero-sum game. People usually say that when they want to state that value can be created, but it cuts both ways. The fact that it's not a zero-sum game means that value can be destroyed.
We blew a trillion bucks on nothing useful. That's destroyed value. That somebody is benefitting in some small way from the side effects of this doesn't change that fact overall.
To reduce it to more comprehensible terms, imagine that I take out a $10,000 loan to buy a car, then crush that car into a cube. That's one less car in the world than before. That's a waste of $10,000 in value. That my creditors benefitted because they got interest off the loan doesn't change that fact.
This is an interesting question, what is value? What I took away from my econ classes long ago is that it's hard to determine the value of something outside of price (objectively). So if the hypothetical US taxpayer is satisfied with the perceived security they got from building
expensive machines, transporting them to the other side of the world, and blowing them up, then it's hard to argue with him.
This perspective, horribly, leans towards moving the large bulk of defense spending into the category of non-essential goods like cable tv, or beer, football, shopping at pottery barn. This is spending with a focus on the psychological state the good induces.
On the other hand, a true believer in the project of us military probably really feels that resources spent on war are actually essential to survival and should be categorized with spending on food, shelter,medical care, insurance.
Yep, excellent points there. I think my beliefs about the value of the war are superior to others' (because I'd change them if I didn't think that!) so I'd just call those people wrong and say that value really was destroyed. But, of course, I could be the one who is wrong.
If this was all capitalistic private enterprise, it would be much simpler. The people who saw value in it would contribute whatever money they thought was worthwhile, and that would be the "value" of the effort. I kind of doubt that most of the people who feel the war was necessary would actually put up the $3,000 per person if they had to write a check for it, but who knows.
When you get government involved, the question of value becomes much more complex.
I don't understand. My argument is simply that value can be destroyed, and that people can still benefit during this process even when the value being destroyed greatly dwarfs the benefit. There's nothing about that which requires the cost and benefit to go to the same place.
A car is a depreciating asset, so all crushing it does is accelerate its depreciation. Some utility is lost, but you also have to consider the impact of the 10k. Some went to steel mills, to workers, to dealers, etc. It's not like burning a stack of $100 bills.
If one were especially paranoid, one could note that the massive increase in debt from the Iraq war makes the "starve the beast" approach to government [1] much more plausible.
I don't think the US far right is quite that farsighted or quite that cynical. However, I've historically been too optimistic about the American power elite, so I wouldn't take my word for it.
Oh, come on. Bush went into office to starve the beast from day 1, and that's what we were all talking about when he rammed is stupid tax cuts through congress. That's what was going on when Senators were flipping from R to D until he was distracted by 9/11.
Control of the oil in Iraq is more strategically important than in the one scenario you describe.
As an aside I never read that Hussein had threatened to flood the market, I read that he threatened, as a negotiating tactic, to withhold oil. Do you have a source for the "flooding the market" claim?
For values of "for other things" of creating a massive flood of dollars on the world financial markets, undercutting its value, and precipitating a financial crisis the likes of which the US still hasn't seen.
There's also the theory suggested by some (I've just watched Robert Newberg's "History of Oil" though I've seen the point made elsewhere) that it was the move by Iraq, Iran, North Korea, and Venezuela to move oil sales from dollars to Euros which had something to do with the war.
Unfortunately those "investments" in war came at a time when investments in the US infrastructure and renewable energy would have paid MUCH bigger dividends.
Just a few days ago was the 75th anniversary of Henry Ford getting a medal from Hitler. I guess we learn from history that we don't learn from history.
Those boys aren't so interested in "starving the beast" as they are in feeding their wealthy constituent-donors. We need campaign finance reform.
And then, it's of course also about redistributing these tax dollars to your own benefit. It's about politicians taking money out of the tax pot and giving it to their friends.
...a "business" which companies like Google, Facebook, Twitter et al. are certainly doing/planning on doing too, at least indirectly, privately or otherwise under the radar.
They can also simply look at the correlations between the movements of their data and the market movements, and then make their predictions and thus investment decisions. It's not even rocket science.
Given their "Big Data" treasures, I don't think they will be able to resist that temptation.
This is another reason why I generally see a future of decentralization: it's simply a concept that's less prone to corruption and failure.
"Ubiquitous surveillance prevents millions from speaking
freely. BlackHat keynote attendees, let's not let Gen.
Alexander speak freely today."
I anticipated the protest to be effective, since black-hat hackers have somewhat of a culture of booing presenters who they morally object to. See for example an undercover reporter that was booed out of DEFCON in 2007. http://www.zdnet.com/blog/ou/undercover-nbc-dateline-reporte...
I think the thing that made this disruption ineffective is the majority of attendees weren't black-hat hackers. They were mostly corporate professionals. See Black Hat's own demographic survey http://www.blackhat.com/docs/bh-us-12/sponsors/bh-us-12-spon...
It's therefore not really surprising that most of the audience wanted to hear the general speak, and was annoyed by the disruption.
If, on the other hand, the general were speaking at DEFCON I think he probably would have been almost unanimously booed off the stage. But the feds are staying away from DEFON this year (for that reason).
So in retrospect, I think the disruption was a miscalculated PR move for the hacker community.
I think Moxie Marlinspike truly and deeply cares about these issues, isn't an outrage tourist, and has done more for online privacy than I probably ever will. I think he truly believed that attempting to disrupt the talk could be an effective strategy. But I also think he was wrong about this.
I'm actually less interested in our external perception than in how we see ourselves. I think the value of being disruptive isn't necessarily to show the world anything, but to define ourselves as a community with a cultural narrative that is unsympathetic to government surveillance.
If that's the narrative we want to create, then I think we need to take every opportunity we can to inject whatever cultural influence we can, because keynotes like this are the NSA's effort to do the opposite. I agree that one or two people heckling doesn't mean much, but I appreciate the bravery of the people that were disruptive, and I only wish that everyone there critical of Gen Alexander had contributed to an enormous chorus of boos and forced him off the stage.
In the end, at the very least the title of this story is "NSA director heckled on stage at Black Hat security conference" rather than "NSA director universally applauded by Black Hat security conference."
In the end, I don't think it matters much either way.
I think the walkout would have had the benefit of creating a wall of peers waiting outside the conference hall watching their peers who refused to participate. Also, again, good photo op.
It's funny, you and I are on the same page about wanting to disentangle software security (and I guess infosec) people from USG/SIGINT/LEO work, but for I suspect are somewhat different reasons. So many people on HN seem to think the whole industry is in the back pocket of the USG, which just isn't true; I think a lot of people considering careers helping with online privacy think they need to surrender their moral qualms about assisting the USG, which just isn't true.
I agree with the basic argument that Alexander is a savvy SOB and knew what he was in for...
BUT, you're making it sound like getting heckled on stage was desirable. I don't agree. I think it is more appropriate to say that the NSA is between a rock and a hard place. They could either...
* Get heckled and look culpable, but maintain the illusion that they give a shit what the general public thinks, or...
* Not attend and completely look like assholes hell bent on violating civil liberties.
Keith Alexander didn't win any friends by getting heckled. He just made fewer enemies.
> I think it is more appropriate to say that the NSA is between a rock and a hard place.
I think they're between breaching the constitution with far-reaching surveillance the Stasi would've given their left nut for, and hiding behind secret courts to legitimise their acts through rubber stamping. The surveillance continues. The genie is out of the bottle, justified by the biggest lie you were told - i.e. that there ever was a rock or hard place to begin with.
Or, they could hire a heckler (or manipulate a likely heckler in to being there) to make sure they get heckled, in just the right way, so they can respond and seem calm and win over some coverts to their cause, sow confusion and fracture the opposition.
In my mind, I imagine what I wrote above as being disinformation 101.
every article that I saw yesterday painted the general as a hero and the heckler as a turd. It seemed like a concerted PR effort to me. It's about discrediting you opponents in the public forum.
Aside from that, It struck me that a lot of people at conferences like this are on the NSA payroll one way or another. I'd hardly call the group a bunch of freedom fighters.
Agreed; his extensive infosec background and smooth-talking politician talents meant that he probably had full knowledge of how this was going to go down. What's interesting is why he attempted PR reconciliation at a relatively niche conference. Black Hat doesn't have much connection to the mass public, and trying to make yourself look good in front of a mass of angry hackers is pointless anyhow because hackers tend to stay angry about topics like privacy.
Now, if he had a full blown press conference with civilian attendees, then, well...
NSA recruits from engineering universities. They are quite good at it. The idea that he needs to troll Black Hat for talent dignifies the audience at Black Hat and misses the truth of what was happening there.
I speak at one of those universities almost every year, primarily so that I can talk in opposition to the NSA recruiter who is always there giving a talk at the same time.
Those young people look strongly to the culture defined in large part by conferences like Defcon and BlackHat in order to make their choices. For many of them, the trip to LV is the highlight of their year. If the culture of those events changes to be substantially hostile to the NSA and its employees, I can believe that young people in that demographic would at least think twice about joining the NSA.
Basically, I think keynotes like this are part of a cultural war for this community, and I think it's an important one.
> I speak at one of those universities almost every year, primarily so that I can talk in opposition to the NSA recruiter who is always there giving a talk at the same time.
Wow. That's really above and beyond the call of duty. Thanks for being one of the good guys. Sometimes it doesn't feel like there are any left.
Give me a break. Black Hat was started as an excuse to get companies to pay for their infosec teams to attend Defcon. I was at Defcon in the '90s, and spoke at the second-ever Black Hat; my partner Jeremy spoke at the first.
I think that start is exactly why BlackHat != Defcon, a decade and half later. Defcon's a "Let's Spend a Weekend in Vegas", while BlackHat is now held around the world.
> NSA recruits from engineering universities. They are quite good at it.
Given the nature of the technical problems they face, they would have to be pretty incompetent to not be good at recruiting from engineering universities.
"Would you rather build yet another CRUD app, or build systems that trawl through 20+ TB of data every day?"
Obviously there are ethical issues, but peoples' ethics are much more pliable than most of us like to believe.
> Obviously there are ethical issues, but peoples' ethics are much more pliable than most of us like to believe.
The irritating thing about this is that most of us aren't taught ethics. Most people don't take philosophy courses. Most people don't take civics courses. We're expected to just figure it out through osmosis.
It's not about pliability. Most people never actually develop their own approach to ethics.
Yeah. As much as a flaming atheist as I am, I regret that people aren't spending as much time getting an ethical education as they once did.
I suspect that one could teach an excellent non-religious Sunday School class by only asking difficult questions. The only people who scare me more than people who have never thought much about ethics are the ones who think they know The Answer.
Absolutely. That's roughly what philosophy courses are meant to do. They fire a shotgun round into the air to show you as much variance and disagreement between cogent and prominent thinkers and then ask, "So... what do you think?" (Speaking solely in terms of American education,) Literature classes also do this to a smaller extent. In elementary schools, more so but it's supposed to be done in social studies... which converts into history class later on.
These are all huge opportunities to teach ethics. We don't take them, because ethics isn't a marketable skill and has always been an implicit lesson. So we wrote standards and tests and teach to those and now here we are. Most people who graduate from high school do so believing that democracy is a flawed-but-least-flawed model of government they just have to endure, that history consists of great figures who dwarf the capabilities of the little people, and that actually understanding the breadth of our social fabric is pretty much impossible.
Ethics? Ethics is whatever doesn't piss off your best friend and still gets you laid.
I took Ethics as an elective during my C.S. undergrad and I think it's still in the top 3 of the most-formative individual courses of study I've ever undertaken. I'd highly highly recommend people take ethics or philosophy classes, if only to see how even the simplest scenarios can have complex dilemmas.
I had a Philosophy of Ethics course during my C.S. undergrad that was actually taught by a former member of the Michigan House of Representatives. He would discuss the kind of things he had to make decisions on during his time there, regarding the different points of view he had to take into account from an ethics perspective, and then have an open dialog with the class to discuss the different facets of the subject. Was a very interesting class that gave some interesting perspective.
I can't picture how you could teach ethics, actually. Meaning, if someone is already unethical, I can't see a way to make them ethical and in reverse - if you have an ethical person, they don't need to be told to be ethical. Is it then mostly a class on reassuring already ethical people that they're behaving well?
There isn't such a thing as an ethical person. There are situations and [un]ethical responses. Most people have no structured guidance on how to feel out a situation to categorize possible responses as ethical or unethical. Forming that structure would be the purpose of the class.
To draw an analogy, most programmers can write code. But programming class isn't really about teaching a language's order of operations or explaining its particular grammar: the value of a programming class has to do with its explanations of modularity and data encapsulation, of structuring flow and conceptualizing objects. Then examples are provided that exercise these explanations so that you can apply them in future situations.
Nah. Consider, for example, most of the people who participated in the mortgage bubble. Almost all of them thought they were behaving ethically. Most of them weren't, because the system was a) familiar enough that it didn't trip people's bad-situation triggers, and b) complicated enough that it was hard to see what the downstream ethical problems were.
E.g., the nice person at the mortgage issuer said the loan was good for them, so they just signed what he told them. And the mortgage guy was just doing what his boss told him. And that boss was just following the incentive plan set up. And the people buying the mortgages in bulk seemed happy with them, as did the ratings agencies. But in my view, most or all of them acted unethically; one can't swim in the mud and come out clean.
Even if everybody wants to do the right thing, what the right thing is hard to figure out. Ethics classes force people to think things through. They can't make a sociopath healthy, but they can help everybody else to sort out right from wrong in complicated situations.
I have no idea why anyone outside of the DoD would fear him.
Again, the truth is simple: it was a press op. The event was corporate enough that nobody was going to throw pies at him, but just countercultural enough that he could be assured that someone would make him look better by heckling.
"I’ve been tough on Spitzer, but we can’t forget that the reason he got in trouble was because of the new NSA domestic surveillance apparatus that was so brilliantly depicted in the Wall Street Journal yesterday. Here’s the Lede.
Five years ago, Congress killed an experimental Pentagon
anti-terrorism program meant to vacuum up electronic data
about people in the U.S. to search for suspicious
patterns. Opponents called it too broad an intrusion on
Americans’ privacy, even after the Sept. 11 terrorist
attacks.
But the data-sifting effort didn’t disappear. The National
Security Agency, once confined to foreign surveillance,
has been building essentially the same system.
Spitzer was what the data-mining experts at the NSA call a PEP–a politically exposed person. Banks now monitor PEP’s money wiring activities figuring they are classic targets of blackmail or bribery. Spitzer got caught in the data mining screen. I know people will probably say that even Mukasey had to sign off on an investigation as explosive as this. Spitzer was a self-detructive idiot, but at the end of the day, we have to realize that nobody has any privacy anymore."
The audience for this event is infosec professionals wearing t-shirts, for whatever that's worth to you. Demographically pretty compatible with Reddit, or at least the subset of Redditors with top-quartile (for IT) incomes.
To the extent that this audience has any engagement with public policy, that engagement is likely to take a Ron Paul-ish flavor.
Sorry, my comment wasn't very clear. I was comparing the behavior of the two audiences more than appearance or socioeconomic status or anything else. When the video comes out, people are likely to be reminded of the people doing Mic Checks at board meetings etc. And for many, that sort of thing is just rude and out of bounds.
Notice how he wore his uniform this year instead of something more casual like he did at last year's Def Con. I agree, this was very carefully orchestrated to help discredit his detractors.
That's not the BlackHat audience that I've seen for many years now. It's basically RSA these days. I think that demographic exists at BH as a vocal minority. When you're actually on the floor, it's difficult to actually find anybody you're thinking of. Don't forget that attendance is over 8,000 lately, IIRC.
I'm not going to say the conference isn't vendor-y and commercial; it is definitely that, and more so than it started. But it's nothing resembling RSA. Also: Defcon is nothing like what it was in the 90's; it's had a trajectory reminiscent of Burning Man's.
Fearing someone for organizational reasons is different than the fear I believe he is referring to. People may fear him due to the power he holds on changing people's lives with the information he controls and has access to.
I think he went to Black Hat because unlike Defcon, Black Hat is run by a large multinational media company with a PR department trained and motivated to secure keynote speakers who will attract the most press attention to the conference.
What is astonishing by that? They can easily be splicing fiber cables taking a copy of most Internet traffic and recording either the actual call or just the from/to/length info and his answer is totally correct. It is actually a really terrible question.
What? Defcon basically said "Hey feds, don't show up here". They may have said someone who works for the feds can show up, but they asked that they not represent their employeers, and to only represent themselves.
Not technically the same as a blanket ban, but they were pretty clear that they didn't want anyone attending while representing federal agency...
It's not about reconciliation with hackers, it's about creating a picture that will be portrayed to the rest of the country by the popular media.
News shows and websites will tell the story about a reasonable-seeming establishment guy going to give a speech, and a bunch of weird-looking hackers acting unruly.
The niche-ness of the conference could be part of the media strategy. If you want to portray your critics as part of a fringe, you find a place on the fringe and get yourself photographed there, dodging thrown beer bottles.
While I'm sure he's very capable and very much an expert in his field, I don't think he's this charming super politician that planned an elaborate scheme to sway the conference attendees' opinions by appearing to be sensible and calm in front of hecklers.
I mean, can you imagine how horrible this would have turned out if he didn't stay calm? It's basically standard procedure to stay calm and try to explain your way out of it. Sure, he got some applause, and the heckler got some applause too. I think anyone could have imagined something like that happening.
> There was no serious Q&A on offer at the keynote. The questions were pre-screened; all attendees could do was vote on them.
A joke in every sense, then. Audacious. He leads with a bit of humor, then says,
> and I do want to give a chance for you to ask some questions. Hopefully they'll be easy ones, and I have a crew here that can answer the hard ones if I need to.
I'm certain that this infiltration will be a pretty standard play; you can bet the security services also have people who get extra money at Google, Amazon, Facebook, Skype etc.
Alexander didn't score any points for himself or his organization by coming off like he has something to defend besides American citizens.
0. The intros were more than courteous, they were gushing
1. "Holding questions to the end" was an obvious grinfuck
2. The 8 minutes of q&a seemed completely prepared
3. It also had a sense of "we're hiring"
I don't know the guy, so I don't know where he actually stands on things. So I sure as shit don't trust anything he says just yet.
For what it's worth: I don't the the NSA is at all interested in hiring Black Hat attendees. I don't mean "that's not why they're there at Black Hat, to recruit". I mean, "they don't want those people to begin with".
I was just about to get on this thread and post about how reasonable and measured his response was. Your comment is one of the better ones I've read on this whole topic.
How can you still believe that guy anymore? He could be petting bunnies, while he sings with an angel's voice about how they're protecting the nation and that their spying is really not that bad - and I wouldn't believe him.
Obama's promises sounded very compelling and believable, too - until we learned the facts of his actions after he already won his 2nd mandate. I think it's important to remember that whenever you hear a politician speaking nicely without anything real to back it up. Otherwise we'd doomed to repeat the same mistakes, over and over and over again, fooled by master actors.
I'm an Australian. Obama is the most disappointing politician I've ever seen. He talks of Hope, then he takes it away. He talks of Freedom, but doesn't allow it. That's very sad.
And? My disappointment with my own government does not mean that I can't be disappointed with the leader of the "Free World" - one that is increasingly monitoring its own citizens, much like a totalitarian state would.
If this is how it goes in the United States, and the U.S. is held up as the standard for freedom, how is that good for the rest of the world?
> Alexander also noted the 6,000 NSA cryptologists who have deployed to Afghanistan and Iraq, 20 of whom were killed in the line of duty according to Alexander. “Think about people willing to go forward to Iraq and Afghanistan, to make sure our soldiers, airmen and marines get the intelligence they need,” he said. “I believe these are the most noble people we have in this country.”
Having lost a brother who deployed as a signals operator in Afghanistan (to an IED), it always makes me cringe whenever they use forward-deployed soldiers as a defense of the higher-level states "nobility". There is nothing noble about mass surveillance or the invasion of privacy of non-enemy combatant nations/citizens.
The fact citizens signed up to risk their lives in combat-zones at the bottom end of the chain does not legitimize the actions of those at the top.
Hear, hear! When the top brass evoke these deaths, it's like they're saying "if our sainted dead soldiers followed these orders, how can you possibly disagree?" Frankly, the last general worthy of making that sort of comparison was Eisenhower, and he would have been the last man in the military to do so. He was already sickened at this leadership culture when he was President. If he were alive today he would cross the street to avoid a conversation with Alexander.
Hackers applauded Alexander? He really has played them like pipes.
You can argue all you want, but in the end, some boundaries have to be set. What the NSA did (does actually) is way past that boundary for most people, and I think with reason, but that's another debate. He hasn't supplied any argument that would make us reconsider the boundaries. All this terrorist talk is bullshit.
Despite the vaguely militant-underground name "Black Hat", it's a conference of mainstream security researchers, run by a large media firm (CMP Media, which also runs the Game Developer's Conference, and owns a bunch of magazines like InformationWeek). Many of the attendees are themselves in government positions, or serving as contractors. So I'm not sure I'd expect a particularly strong backlash. Heck, some attendees could well be in a position to have already known some of the things that were leaked.
Well, a militant-defensive-underground would call themselves "Grey Hat" or something. Black Hat implies exploiting flaws for personal gain, doesn't it?
I imagine a bunch of these Black Hat people fancy their big payout using their skills for evil.
There are not really any hackers at BlackHat. Some go to give a talk for their own interests, some go to see their friends talk, but the "hackers" largely skip the conference and go hang out on their company dime and go to the private after-parties. It's a running joke that the real conference is at the Galleria Bar.
I hadn't seen the footage, and the piece did a poor job conveying what they applause was for. After watching the video it looks like he drew at least some (if not all) of the applause. Not sure if I like that from Black Hat or not.
Funny how Alexander says he's read the Constitution, and implores the heckler to do the same. If one can read the Constitution and square the NSA's mass surveillance with the 4th amendment then one can square a circle. There really is no point in debating people like this on the technicalities of the Constitution. What they understand is power. He has it and we don't. He knows how to pull the levers that matter, and which Congressman and executive branch bureaucrats to lean on to make sure his bailiwick is not reduced by a single inch. The rest of us, sadly, are left flailing around hoping that pointing to a piece of paper is an effective check on evil.
The NSA is filtering a public utility. The users of this utility choose what information they want to broadcast, and should do so with the full knowledge that this information is being bounced between dozens of routers every time it goes out, any one of which may be monitored by its owners. This information ultimately ends up at the destination IP address, whose owner is able to use this data in whichever manner he sees fit, including submittal of said data to a major governmental intelligence organization as occurs with PRISM.
The problem is that people foolishly assume that the plaintext packets they send online are private by default. As in real life, good privacy can only be assured by significant effort on the part of the communicants. Is it evil to observe something occurring on a public street corner? It is not different to observe something occuring on a public IP router.
>"The microphones in every nook and cranny are merely filtering a public good, the air. You should know that when you vibrate the air with your vocal chords to make the sound of words, you're willingly broadcasting information patterns in quadrillions of particles in the air. It's not our fault you're so stupid about your security."
Don't be dense. Letters are easily intercepted and read, but we still expect that the government is not doing so because the constitution forbids that sort of behavior and the judicial branch is supposed to protect us from it.
You're conflating privacy with security. Security requires encryption, etc... privacy exists in the absence of monitoring devices.
The proper analog is a letter v. a postcard. There is no reasonable expectation that the contents of a postcard will remain private -- the message is right there, and people will see it even accidentally. A typical plaintext packet is the same way. Stuffing your papers in a sealed envelope is analogous to passing your plaintext through an encryption algorithm.
If you are "vibrating the air" in public, then yes, you should realize that there could be a microphone nearby that records what you're saying (and in fact, in modern practice, there is a microphone on pretty much every person you see, any of which could be recording at any time).
This is a great opportunity for education, then, correct? Tools have existed that would ameliorate this entire issue for a long time. We need to get people to start using them!
That's a stretch. I don't expect privacy when I shout on the street corner; that's broadcasting. I do expect privacy when I send email, because that's totally bounded.
The postal system is a public utility. Should it be filtered? What we're arguing now is why one envelope is special. I put my communications in paper envelope and I'm protected, but when I put it in an SMTP envelope, I'm not. I'd like someone to rationalize that.
As far as I'm concerned, let's do it one way or another. Either protect email or start OCRing the post.
> The problem is that people foolishly assume that the plaintext packets they send online are private by default
The NSA are trying to decrypt encrypted messages too though, tapping VPNs etc. It's not like they're just surveilling plaintext comms.
> people foolishly assume
Yes those ignorant fools deserve everything they get for not being security enthusiasts, and for assuming good faith on the part of their government, right?
My understanding is that their Constitutional dodge is rooted in Scalia's originalism: the 4th says "papers", which means specifically physical pieces of paper, not phone calls or emails.
What I've been wondering about though, is the legal definition of "effects" (noun, not verb). That term seems very broad to me, and should include emails, but I'm not a lawyer.
They don't need a dodge, they just ignore the law or get new laws that circumvent previous laws. With little or no oversight this is easily accomplished. Especially since the group that requires oversight is gathering information and information is power.
This is nothing new, read up on J. Edgar Hoover with his wiretapping and files on almost everybody. Sometimes with White House knowledge and approval, sometimes without. All this while completely ignoring that quaint document down the street called the Constitution. Doing things like that is easy if you can hand over a note to someone that starts out "It'd be a shame if people found out about [insert criminal/embarrassing act here]." Information is power.
Oh, I agree. But they do successfully maintain the veneer. Regardless of how, the Supreme Court is complicit, and they engage in some tortured linguistic judo in the process.
>the four-star general presented a timeline of terrorist attacks around the world, from the 1993 World Trade Center bombing to the Boston Marathon attack.
Can anyone speak as to why, with the NSA's systems, they were not able to thwart an attack by the ass clowns in Boston? Russia even warned us about them and they made frequent contact with foreigners.
I'm sorry, but that terrorist event seems like low hanging fruit if their system really works to protect us.
The question is: Did they want to thwart the attack?
One obvious possibility is that the system that has been erected simply needs fear to be able to continue to exist.
Let some attacks happen (and some Taliban prisons break) from time to time and people can be and will be manipulated via fear, so the powerful stay powerful and the rich become richer. Same old, same old...
Next stop: Middle Class Gone.
Then, people will have nothing to lose again and wake up. Next, we'll have riots and one day, the old system is dead and history will repeat itself once more. So much for the long term.
In wartime, it's not uncommon to not act on intel to stop an attack, so as to preserve its strategic value and save more lives later. For any insiders who truly believe in the NSA's mission (which is being generous), "let a few die today to preserve a system that will save thousands tomorrow" is not a big leap.
The obvious conclusion to draw from this - and really, that anybody should be able to draw - is that the system doesn't work to protect regular people.
This shouldn't really come as a surprise, either. Surveillance is not effective for preventing crimes. It is somewhat more useful for investigating crimes after they've happened.
Because the NSA is dedicated toward detecting and gaining intel on organized terror collectives abroad.
Domestic terrorism is domestic and therefore under the FBI's purview. And despite what Snowden seems to think about mind-reading programs, unless either brother put out on the public Internet or phone communications what they were planning to do, there would have been no way for NSA to pre-emptively detect it even if they were warrantlessly monitoring all domestic communications.
So in a way your question is equivalent to asking why ASLR didn't stop that CSRF attack on the web page you just viewed.
> Can anyone speak as to why, with the NSA's systems, they were not able to thwart an attack by the ass clowns in Boston?
Dzhokhar and Tamerlan were granted legal permanent residence in 2007. Dzhokhar became a nautralized citizen in 2012. Tamerlan's application was on hold due to the DHS being a little suspicious of him.
If the system is working as it should, the NSA could have been prohibited from monitoring the brothers.
I don't care whether the director of the NSA is a bad guy, it just makes you look bad if you heckle someone on stage. There are probably few more scrutinizing audiences for the director of the NSA than a professional security conference. I would rather have him say what he has to say and be analysed by the many bright minds at the conference than for him to be childishly interrupted and waste time that could be spent talking about the actual role of the NSA in the security of the nation.
General Alexander doesn't have to act rude when he has the power of the NSA behind him. The only power we have in a situation like that is to be disruptive and to be rude. Why should we treat him with respect given all the disrespectful things that he's instrumental in?
Those in power keep trying to present this as a "conversation" or a "dialog," but that's absolute bullshit. They're not actually trying to have a conversation, so we shouldn't behave as if that's what's happening. The most powerful thing we could have done would have been to boo him off the stage.
The most powerful thing we could have done would have been to boo him off the stage.
Exactly this. I was hoping that when I clicked through on this story, that I would read about that happening. Sadly, twas not to be.
Even if it was a niche hacker conference that most "regular" people have never heard of, if he'd been booed off of the stage and the media had given it any attention at all, it would have been a symbolically meaningful moment and a powerful message.
A person standing up in the middle of the audience, and turning their back to him, and standing there for the entire presentation would have been much more powerful.
The problem with being disruptive and rude is that it is generally unpopular in America. So in the battle for "hearts and minds" (i.e. for positive press coverage), the intended message can become tainted by the delivery.
Here's one alternative idea: If you can organize enough people for it to look good on camera, a coordinated walk-out could be effective. Tip off a few key press folks in advance, so they know to shoot B roll of people walking out. Then you hold a short press avail in the hall outside the ballroom, delivering a statement with all the people who walked out massed behind you.
It's still confrontational, which the press likes, but it appears more civil and organized.
We shouldn't be criticizing the heckler for not being a good enough or different enough heckler, we should be criticizing everyone else who did nothing at all.
How well would it turn out for people to conduct in civil disobedience against a group that has clearly shown to have little respect for due process and civil rights?
> it just makes you look bad if you heckle someone on stage.
It also takes a lot of courage to do just that. And people with courage are rare. They need our support. People who are 2 inches away from getting loud need our support. Because they are the people who can start the chain reaction that is so urgently needed now and that will not happen if we collectively shut up and just stay polite. We have been seriously betrayed and we have now every reason, right and duty to break free from the rules which were appropriate for the times "when things were good".
So I think he did just what everybody should have done - in a perfect world.
It takes courage to be a whistleblower, or to make any decision different from your peers. It does not take courage to heckle someone on a stage from the safety of a crowd. It happens at almost every comedy show, concert, and sporting event. Heckling someone on stage when you're in the crowd isn't rare at all.
I disagree. This was a situation where a four star general was standing on stage in military uniform, flanked by secret service, with local security also making a visible show of force. It was an intimidating situation amidst a crowd that was largely unsympathetic to critique, and I think it took a certain amount of courage to be the first to yell something.
I thought everything but the "read the constitution!" heckle was well timed and on point. I only wish that more had joined in.
I think I'd agree with you if it were a public crowd at a more neutral venue, but this is the equivalent of saying that the NSA is bad on HN. Gen. Alexander wasn't there to take off the boogeyman mask for the security professionals, he was there to gain sympathy for the NSA, and it worked beautifully.
The hackers were in their own seat of power, and the guy came to them. There was no particular courage there. Had they heckled at, say, a military graduation ceremony he was presiding over, then yes, that would take courage.
I agree with the sentiment. I think that most people in that crowd were probably thinking that they can't possibly believe what he's going to tell them. Why is he on stage? However, I also agree that people yelling things like this from a crowd while he was on stage plays directly into their hand. It makes people sympathize and makes the General look more reasonable. In a perfect world, everyone would have walked out and not listened to him at all.
> it just makes you look bad if you heckle someone on stage.
I disagree. It's important that we speak truth to power. If we don't then they won't hear our case. You don't think the president is wandering around Hacker News and Reddit looking for details do you? No. They employ PR firms or former employees of them to filter information back to reports which get filtered through various aides which finally makes it to the ear of the president.
However, when you stand and loudly speak your feelings, the message doesn't get filtered. That's an important part of the process.
I find particularly hard to believe the "6,000 NSA cryptologists who have deployed to Afghanistan and Iraq" part. Why would anyone want to deploy cryptologists into a war zone?
I also found disheartening the applause given to the general for his clever answers. "I have. So should you"?! I expected more from the Black Hat crowd.
And, finally, I applaud Jon McCoy for his sacrifice. His willingness to endure all the cavity searches he'll be subjected to before and after every flight inspires us all.
They aren't really the same cryptologists that we think of, and they aren't the same guys who are writing programs to go through our phone records.
The majority of cryptologists who are forward deployed are there to ensure that the cryptography is used correctly. Despite many years of attempts to make it easier to use, cryptography. especially for portable radios, is a pain in the ass to use. People have to be trained. Areas have to be made where crypto equipment is stored and secured. Deficiencies in use have to be identified. That's what those people are for.
With the fact that we've had more than two million troops deployed during the War on Terror, I'm actually surprised that the number of NSA cryptologists is at 6,000. They must be very senior people.
In the Air Force I was a 'cryptologic Russian linguist' (it had nothing to do with code-breaking, although it was an intelligence field). I wonder if he was referencing linguists.
"Ninety-eight percent of society has issues with this"
"The national survey by the Pew Research Center, conducted July 17-21 among 1,480 adults, finds that 50% approve of the government’s collection of telephone and internet data as part of anti-terrorism efforts, while 44% disapprove. These views are little changed from a month ago, when 48% approved and 47% disapproved."
I highly recommend reading "The Myth of the Rational Voter: Why Democracies Choose Bad Policies" [1].
Even if polling shows a lack of discontent, it does not mean they were voting rationally. The emotional fear machine of terrorism will always sway towards totalitarianism policies. But if the majority of those citizens were honestly questioned about having their phones (and their entire families) monitored, I doubt they would be for it.
Irrationality and logical fallacies are flourishing on both ends of the spectrum (citizens and politicians), and there are few vocal voices in between correcting the bullshit.
What's missing are leaders (aka media) evaluating and promoting policies based on rationality reasoning rather than what emotional ploys that sell.
> What's missing are leaders (aka media) evaluating and promoting policies based on rationality reasoning rather than what emotional ploys that sell.
Leaders in media have no external incentive to promote rationality. They make money by appealing to their audience, to increase the size and loyalty of that audience.
News is a commercial product. Ratings represent the value of the program to advertisers as a measure of viewership, and the news exists as a way to generate those ratings. No ratings, no advertisers, no news. As with so many other forms of media, you are not the consumer, you're the product (or more specifically, the likelihood of your attention in those all important spaces between the segments.)
Unless you want the state to control everything, how do news organizations make the money they need to put on the broadcasts, if not with ratings? They have to sell something to somebody right? Should the US have a licensing system like they have in Britain?
There are newscasts on PBS but almost nobody watches them (I do, but then I used to work at a small PBS station) and tote bags can only get you so far.
I agree that it is a terrible system, but I literally can't think of a viable alternative. Information is so powerful, I'd say it deserves to be a fourth branch if government, except that it's power would quickly eclipse all others. As bad as Fox News is, I have no expectation that Gov News would be any better. And as long as we have the 1st, we'd still have Fox News anyway.
The best I could think of is tightening the reins through FCC licenses, revoking them for intentional deception (although good luck proving this in a way that can't backfire.)
From the same poll: 56% say that the courts do not provide adequate limits on these programs, and 47% say the programs go too far in restricting civil liberties. It's about 50-50, but the trend lines are ALL in the right direction, whether you compare to 2,5, or 10 years ago.
I think it's possible for some people to broadly approve of the collection, but still have issues with it. Not sure where that 98% number comes from, but I think the 50% "approval" number is misleading on its own.
> “No, I’m saying I don’t trust you!” shouted McCoy.
I believe that's pretty central here. I don't see how we can ever be able again to trust an organism such as the NSA - or even the government.
Transparency is the only solution here. Will we get it?
If we don't, the only other solution would be to cut budgets so drastically that such an enterprise will simply not be possible financially, anymore.
And maybe, as a general improvement: Decentralize the government and give the States back their autonomy (and here you have your link between technology and politics - see the recent cry for less "political posts" on HN).
> I believe that's pretty central here. I don't see how we can ever be able again to trust an organism such as the NSA - or even the government.
We won't. This cancer is a one-way street. It will kill the organism and kill itself with it. And they know it. That's why they buy billions of ammunition rounds and dispatch lightweight tanks throught the states borders. They know that history repeat itself and they don't want another fourth of July to be celebrated in 500 years now (this time US 2.0 that bunch of clever people used GIT to form a better government). NSA systems are not in place to save you and your family from terrorist -- terrorism needs to be wisely guided; some need to leak through so that you and your family keep being scared, submit to the State and pay more taxes for more "safety". Terrorism is not on their agenda. Had they not let shoe bomber and Boston bombers do what they did, me and you would protest against more surveillance (with Boston bombers officials were inconveniently kept notified by russian government) because we would have been felt safe.
> Transparency is the only solution here. Will we get it?
We won't and we can't. They will oppose it saying that if we tell you what we do, bad guys will use it. Nothing will change this approach. Manning did a huge leak of gov docs and military officials said many lives will be lost as a result; other than Arab spring that did not happen on US soil, nothing happened at all. It was a bluff that they will continue using.
> If we don't, the only other solution would be to cut budgets so drastically that such an enterprise will simply not be possible financially, anymore.
Its not that simple. Even President of United State does not know how many black-ops agencies exist within the goverment. Some entities of the gov sponsor themselves God only knows doing what. If you cut their air supply, they will go to CIA and say: "here are the tapes when you and other officials are negotiating deals with drug cartels in Afganistan, here is a conversation where smuggling is being organized to move tons of heroine into US on a military aircraft, sponsor our venture or we will leak the info". And there you have it. Most likely dirty branches of gov do not need public money but of course they will take it anyways.
> That's why they buy billions of ammunition rounds and dispatch lightweight tanks throught the states borders.
I didn't know this, but I was thinking along the same lines when I read about the "anti-missile blimps" being deployed over DC. I mean it's as if they "prepared for what's coming".
So you seem to think that there is actually no real solution apart from letting things fall apart and then "start from scratch"?
I'd be really interested to hear what other people see as potential solutions for all this.
Looks like I'm a little late for this comment party, but I'd just like to highlight one comment from the Forbes website that I thought was good:
"In general I agree with McCoy in his ad-hoc debate with Gen Alexander as well as his post presentation remarks about the distorted perspective of national security. At the same time, I do conceed that the NSA is acting in good faith and ‘within the law’ as presented to them via the Patriot Act. I have similar feeling about the value of TSA, but whereas the TSA is a publicly disclosed program, my most pressing concern with the NSA is the secrecy of it. First, the secrecy presents an extremely high degree of risk (in terms of both the probabilty of occurance as well as the dangers) of mission creep. I doubt Congressional nor FISC oversight are adequate to mitigate this risk. Second, secrecy is not really a valid tool for deterence. Anti-terrorism programs are like a doomsday devices: it’s a good deterence only if it is widely known about (see Dr Strangelove). Moreover, while secret programs might be good for support of kill/capture programs, it is far from clear that such efforts reduce terrorism.
For all I know, the government spy/drone program is to terrorists as a hammer is to an ant colony. If you have a spilled pot of honey in the kitchen, it doesn’t matter how good you are at spotting and smashing ants. I want to know these things, so that I can help shape public policy through the ballot box."
--uspatriot2001
I think that's a good assessment of the high-level picture, and it's much more informative than "NSA BAD! Freedom good!" (not to belittle anyone's comments here) in that it reflects a road forward.
I listened starting a couple minutes before that and felt like I was going to fall asleep. I'm sure it loses something not being there in person but Mr. Alexander's delivery sure seems ponderous.
Thank you for sharing. I'll be sure to listen in later.
While everyone else on this subject is going to be armchair-debating whether or not the article is a fair representation of what happened... I'm going to just listen into the audio myself and make my own opinion.
All things considered, it seems like Keith Alexander did a pretty good job of handling the situation. Personally I think the heckler sounded like a douche ("read the Constitution" sounds like a dumb thing to say to a 4 star general who probably has better knowledge of it than your average hacker), even if he (the heckler) had some good points.
It would have been easy for the situation to devolve into something much uglier, but fortunately it seems like things stayed pretty calm!
For the same reason that an average hacker would have a much better knowledge of the code for various daemons than the sysadmins who administer them - they're reading critically and looking for vulnerabilities where the actual semantics differ from the purported ones. I've no doubt that what the NSA does actually is "constitutional" under the common corrupted interpretations of it - government programs are structured to avoid mortal conflicts with the constitution, sympathetic or even just probabilistic courts then assert that specific facets aren't actually over the line, and severable agents acting "independently" informally make up the difference.
Law is akin to code, and suffers from the same complexity-induced limitations that end up as the halting problem. With enough indirection, meanings and definitions divert wildly from what they purport. This divergence starts as soon as abstraction enters the picture - for example the widespread tendency to see rights as "primitives" that are acceded when forming higher-level emergent structures. Participation in the higher-level structure becomes de facto mandatory, and those purported rights end up nowhere to be seen. And once this erosion process starts, it becomes harder and harder for anybody to see that their rights should apply universally, rather than just in a nondescript wood shack on unincorporated land in Wyoming.
Certainly I agree with your perception of how the NSA and General Alexander believe that they are "conforming" to a proper interpretation of the Constitution, though I disagree with that particular interpretation they hew to.
I guess I feel that the average hacker has a better understanding of the platonic ideal or "most correct" interpretation of the Constitution than Gen. Alexander.
Wow, I am really, really surprised.
Especially as Gen. Alexander gave the keynote speech to DEFCON last year, and explicitly said, when asked after his speech:
Q: "[..]Does the NSA really keep a file on anyone? [...]"
No idea how accurate a depiction of the speech this is, but the article is -- contrary to the title -- portraying the speech as having been warmly received, applauded, with one lone heckler. Now, whether or not one agrees with General Alexander, there are more courteous and productive ways to express yourself than yelling "bullshit".
> there are more courteous and productive ways to express yourself than yelling "bullshit".
I disagree. When chatting with Faust, I think it's better to avoid the drawn out conversation and just tell him to fuck off. This Alexander guy is a liar and a felon (lying under oath to congress) and has earned our collective disrespect. He deserves a lot more than "bullshit!" He's a domestic terrorist that's infiltrated the government as far as I'm concerned.
What matters is choosing a strategy that will be effective in exposing this intel-gathering to public scrutiny. One person shouting is not such a strategy.
It's the difference between individual catharsis and effective political strategy that produces an outcome.
So what would be a winning strategy in this scenario?
I don't think there is one. So let him know you think he's an arsehole while you have the chance because nothing you can say or do is going to change the general's stance on this issue. He's above the law and completely unaccountable. But he's not beyond being called out for being a bad person by another person, and I suspect that's the closest you're going to get to justice on this issue.
Well, you have to be prepared, and think out the consequences. You should have some leaders who are used to acting disciplined in public protest.
If you choose to shout him down (e.g., for a messy and still-controversial example, http://en.wikipedia.org/wiki/AIDS_Coalition_to_Unleash_Power...) you'd better have a united message and a goal, and media present. And it might still be a bit of a mess. (I had the privilege of attending a lecture on organizing by one of the leaders of this action.)
Other choices are to turn your backs on the speaker, or to walk out en masse.
I'm not sure there was time to prepare for this one, because these revelations are so fresh.
*
By the way, you seem pessimistic that this state of affairs can change due to grassroots action. I don't share your pessimism. When people find out the NSA has been scooping up their e-mail and Facebook chats?
It was kind of a flip thing to say; I was on a bit of a roll.
The argument, such as it is, would go something like this: Instead of physical terror, the policies Alexander pursues create a psychological terror that jeopardizes "our way of life". Instead of a fear of being blown up, we have a fear of persecution for what we say.
A terrorist thinks he is beyond the law and uses his limited power to create fear in a population in order to achieve his ends, which the majority does not support. That's a description that seems to apply to Alexander.
I know he's different, but he's definitely not as different as he thinks.
Well it's not like anyones going to make a salient and logical point and the NSA is going to turn around and say "You know what, you're right, this is wrong. We'll stop it immediately". So shouting "bullshit" at the top of your voice has the same effect, which is no effect at all. So no one is any worse off for this kind of behaviour.
That said, I think the audience should have received him with absolute silence. No applause, no heckling, nothing to betray the mood of the crowd. Let's see how the General Alexander feels about a thousand eyes scrutinising him with no clue as to what they're thinking or planning. Then maybe he'll have an idea about what it feels like to be on this side of the equation.
How on earth does shouting "bullshit" at him like an idiot fratboy make him any more likely to give your concerns any credence?
The best it can do is surprise him for a millisecond, then let him write you off as an "unserious" person to be briefly patronized and then devoutly ignored (or worse, add you to a list of "interesting" persons).
How on earth does shouting "bullshit" at him like an idiot fratboy make him any more likely to give your concerns any credence?
Why would you think that was the desired outcome? If I'd been the one heckling him, I can guarantee you my thinking would not have been anything along the lines of "I want this guy to listen to what I have to say, consider it carefully, and then decide something". Why? Because I'm pretty close to 100% sure that Keith Alexander doesn't give a flying fuck what I think about anything, and never will no matter what I say. Hey, in an ideal world, I'd be wrong, and I hope I am. But I wouldn't bet a plug nickel on it.
No, if I'd been there and been heckling him, it would have been solely in the hopes of invoking the "someone must go first" aspect of crowd psychology, and hoping to see him booed off of the stage... because I think having that happen, and having it reported that that happened, would send a powerful message to everybody involved... Alexander, members of Congress, the public at large, and other hackers.
then let him write you off as an "unserious" person to be briefly patronized
I don't see any reason to think that that isn't his opinion of everyone in the crowd from the moment he walked in. Remember, to these NSA guys, people like us are "the enemy".
When he stands on a stage and looks out at a crowd, he isn't seeing law-abiding, honest, hard-working American citizens worthy of their Constitutionally guaranteed rights - he's seeing a room full of "potential terrorists".
This isn't politeness on Welch's part. This is how every member of the upper tiers of the MIC should be treated by the entire country:
"Until this moment, Senator, I think I have never really gauged your cruelty or your recklessness...Little did I dream you could be so reckless and so cruel as to do an injury to that lad...It is, I regret to say, equally true that I fear he shall always bear a scar needlessly inflicted by you. If it were in my power to forgive you for your reckless cruelty I would do so. I like to think I am a gentle man but your forgiveness will have to come from someone other than me."
When McCarthy tried to renew his attack, Welch interrupted him:
"Senator, may we not drop this? We know he belonged to the Lawyers Guild. Let us not assassinate this lad further, Senator. You've done enough. Have you no sense of decency, sir? At long last, have you left no sense of decency?"
McCarthy tried to ask Welch another question about Fisher, and Welch cut him off:
"Mr. McCarthy, I will not discuss this further with you. You have sat within six feet of me and could have asked me about Fred Fisher. You have seen fit to bring it out. And if there is a God in Heaven it will do neither you nor your cause any good. I will not discuss it further. I will not ask Mr. Cohn any more questions. You, Mr. Chairman, may, if you will, call the next witness."
The examples you gave are of eloquent if harsh statesmanship from a sitting Senator, and I absolutely agree that is exactly what needs to be happening now. Ed Snowden is actually doing a really good job of it with his press releases, in fact.
But that's a far cry from yelling "bullshit" at the back of a conference room.
If we keep "turning the other cheek" we'll end up with broken jaws. I'm a polite individual but politeness will only get you so far. At some point people have to make a stand and say what is actually on their minds in as powerful a way as they know how.
Being rude also doesn't work as a method of political change? It doesn't, and in addition you alienate people who thing being civilised is a good thing.
Politicians are already one of the most reviled groups around, and that doesn't discourage them.
Stage effective, organised opposition that will actually threaten their plushy careers, then they'll listen.
Keith Alexander's way of bending words, and his facility with swinging a crowd and lying skillfully under pressure once again reminds me disturbingly of accounts I've read about psychopaths, and of probable psychopaths I've encountered.
Those patterns could of course be stuff you pick up anyway as a top player for power, but I find the parallels highly worrisome.
For those who have never read anything about the subject, may I suggest browsing e.g. "Without conscience" by Robert D. Hare. The sections with court proceedings in particular illustrate well what I mean.
Defcon and Blackhat were founded by the same dude. Why didn't they exclude feds from BlackHat as well? Guessing it was probably because that is their big money maker with all the corp/fed support.
BlackHat is a more "professional" event for the security industry. People that ostensibly work in the security industry go there just like people go to o'reilly conferences for various technical areas.
DEFCON is a community event for anybody and is totally anonymous (entry fee is only payable by cash in person) and has a more freewheeling, community feel.
From the article:
“Everyone’s thinking this, but no one’s saying it public, so everyone thinks they’re alone,” he said. “Ninety-eight percent of society has issues with this…But no one speaks up.”
While I think some people don't how to speak up, beside calling/writing my congress person, many don't care either way. In fact, many older people I have talked to (I am in my twenties) dont have a problem with what the NSA is doing. They dont really mind if their data is being sifted through as long as its being used to "Find Terrorists or what have you."
My problem is the lack of oversight and the fact court that has approved 1,789 out of 1,748 requests (97.7%!!!!). Not only that but they have legal justifications for what they are doing, therefore since its legal its allowed, forget the morals/ethics involved.
Who's to say they won't turn this around on the public at large because it will prevent smaller crimes instead of terrorists. Also whats to stop the government from calling people who oppose their views terrorists and then just spy directly at American people.
All this bad press is a great incentive for people to develop encryption skills. I'm now looking into javascript client to client encryption of certain social sites and services using greasemonkey to organise the contacts and keys database.
Heckling Alexander played right into the strategy. It gave him an opportunity to look reasonable compared to his detractors, and, more generally (and alarmingly), to have the NSA look more reasonable compared to opponents of NSA surveillance. It allowed him to "split the vote" with audience reactions, getting people who probably have serious misgivings about NSA programs to applaud his calm and graceful handling of shouted insults; many of those people probably applauded simply to protest the hecklers, who after all were making it harder for them to follow what Alexander was trying to say.
There was no serious Q&A on offer at the keynote. The questions were pre-screened; all attendees could do was vote on them. There was no possibility that anything would come of this speech other than an effectively unchallenged full-throated defense of the NSA's programs.
Even the premise of the keynote was calculated to wrong-foot NSA opponents. However much you might want to hear Alexander account for the activities of the NSA, the NSA itself is not the real oversight mechanism for the NSA! My guess is that no pol with meaningful oversight over NSA would have consented to address a room full of technology professionals about NSA's programs; they were happy to send NSA's own supremely well-trained figurehead to do that for them.
I think a walkout might have been effective, had it been organized well enough in advance (perhaps with some of the same aplomb as the [I think misguided] opposition to CISPA); at least you'd get some stinging photos.