Some Snowden consequences

Sir Humphrey says among much else, all worth reading:

An outsider looking in may well conclude that the sort of military assets needed to build and effect long term change, stability and security are those which have effects such as training teams, defence attaches, limited professional training and so on with the nuclear deterrent as the ultimate guarantor of security, and not so much on very heavy army assets like armoured divisions which are much harder to deploy. Looking more broadly, things like focusing heavily on cyber security defence is arguably more important than some other tasks – this is perhaps the problem facing the military today. The sort of interaction many nations want is quite localised, involving maybe a training team or specialist advisors or access to training courses.

I don’t think anyone can disagree that all sorts of countries, flooded with new electronics and computing capacity, well aware of the vast advantages it gave Western militaries in the last 30 or so years, are probably both deeply worried and also only vaguely informed about their information security problems.

Similarly, deploying four people from CESG or JANET CSIRT to do an assessment is the sort of thing that might gain friends and influence people, at remarkably low cost. We sent the Red Arrows on tour around the Gulf and did a half a dozen squadron-sized Typhoon deployments trying to sell Eurofighters with vast amounts of extremely expensive taxpayer-funded whoosh. “Cyberengagement” or better “information security cooperation” sounds like a great idea.

Until you remember that we hugely overdid the intelligence half of the whole thing, our fibres are radioactive, GCHQ pulls in the Queen’s selfies to the pool boy, if you ever sent a vCard on a UK-owned GSM network they kept it, and literally nobody will ever trust us on this issue ever again.

This goes double, triple, or quadruple with the news – try ioerror’s CCC talk if you haven’t already – that we’ve been involved in trying to compromise security tools, forums, and infrastructure everybody uses. I find this more shocking than pretty much anything else in this story.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.