Slashdot Mirror

← Back to Stories (view on slashdot.org)

John McAfee: NSA's Back Door Has Given Every US Secret To Enemies (businessinsider.com)

Posted by BeauHD on from the weaponized-software dept.

John McAfee, American computer programmer and contributing editor of Business Insider, explains how the NSA's back door has given every U.S. secret to its enemies. He begins by mentioning the importance of software, specifically meta- software, which contains a high level set of principles designed to help a nation survive in a cyberwar. Such software must not contain any back doors under any circumstances, otherwise it can and may very likely allow perceived enemies of the U.S. to have access to top-secret information. For example, the Chinese used the NSA's back door to hack the Defense Department last year and steal 5.6 million fingerprints of critical personnel. "Whatever gains the NSA has made through the use of their back door, it cannot possibly counterbalance the harm done to our nation by everyone else's use of that same back door." McAfee believes the U.S. has failed to grasp the subtle implications of technology and, as a result, is 20 years behind the Chinese, and by association, the Russians as well.

5 of 186 comments (clear)

  1. Dear John by alphatel · · Score: 5, Insightful

    You are mad. Perhaps even more crazy is the fact that you speak the truth.

    --
    When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
  2. Re:Didn't McAfee Side With the FBI? by PsychoSlashDot · · Score: 5, Informative

    I thought he sided with the FBI against Apple. He thinks Apple should include a backdoor in their phones for the FBI...and now he's pointing out how dangereous backdoors are....

    No, he didn't side with anyone. He offered to decrypt the phone. That's not what the FBI wants. The FBI wants Apple to produce vulnerable code. John didn't offer to produce vulnerable code. By making his offer, McAfee was illustrating that the FBI isn't after the decrypted data.

    --
    "Oh no... he found the .sig setting."
  3. Jumping at conclusions by Anonymous Coward · · Score: 5, Interesting

    From TFA:

    The British spy agency GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks.

    I hope we all understand now what “acquired the capability” means. The NSA planted a programmer within Jupiter Networks. The was no other way to “acquire" this capability.

    Except that he just referenced a claim that the British acquired the capability by being told about the backdoor, and he then goes on to say that the Chinese acquired the same capability by discovering the backdoor through reverse-engineering. So there is another way after all.

    Which raises the following possibilities, each just as plausible as "The NSA planted a programmer":

    1. The Chinese planted a programmer, and the NSA or GCHQ discovered it via reverse-engineering and shared it with the other.
    2. The Chinese planted a programmer, and the NSA discovered it during review of source-code shared as a condition of purchasing for sensitive government use.
    3. A programmer was paid to create the backdoor by a non-governmental entity interested in corporate espionage, and all the state actors discovered it via reverse-engineering.
    4. The backdoor was created unintentionally (e.g. failure to remove white-box test code before going to production), and all the actors discovered it via reverse-engineering and/or source review.

    Basically, John presents no evidence whatsoever for his claim that the NSA caused the backdoor.

    Ultimately, I do agree with his point he does make is that code inspections can catch and close both intentional and unintentional backdoors. But the rest of the article is FUD.

    1. Re:Jumping at conclusions by hawguy · · Score: 5, Insightful

      From TFA:

      The British spy agency GCHQ, with the knowledge and apparent cooperation of the NSA, acquired the capability to covertly exploit security vulnerabilities in 13 different models of firewalls made by Juniper Networks.

      I hope we all understand now what “acquired the capability” means. The NSA planted a programmer within Jupiter Networks. The was no other way to “acquire" this capability.

      Except that he just referenced a claim that the British acquired the capability by being told about the backdoor, and he then goes on to say that the Chinese acquired the same capability by discovering the backdoor through reverse-engineering. So there is another way after all.

      Which raises the following possibilities, each just as plausible as "The NSA planted a programmer":

      1. The Chinese planted a programmer, and the NSA or GCHQ discovered it via reverse-engineering and shared it with the other.
      2. The Chinese planted a programmer, and the NSA discovered it during review of source-code shared as a condition of purchasing for sensitive government use.
      3. A programmer was paid to create the backdoor by a non-governmental entity interested in corporate espionage, and all the state actors discovered it via reverse-engineering.
      4. The backdoor was created unintentionally (e.g. failure to remove white-box test code before going to production), and all the actors discovered it via reverse-engineering and/or source review.

      Basically, John presents no evidence whatsoever for his claim that the NSA caused the backdoor.

      Ultimately, I do agree with his point he does make is that code inspections can catch and close both intentional and unintentional backdoors. But the rest of the article is FUD.

      If the NSA discovered the backdoor on their own and didn't share it with Juniper so they could close it, that's arguably worse than if the NSA planted it themselves. At least if they planted it themselves, they could convince themselves that it's buried too deep to be discovered, but if they stumbled upon it themselves, then they *knew* it was discoverable and that it's likely that others had discovered it too.

  4. Re:Sublte Lie by sumdumass · · Score: 5, Insightful

    Wow..

    If it is known that I can defeat security measure X for Y reasons, then I can defeat security measure X for any reasons. Yes, the FBI specifically asked Apple to write code to defeat it's own security measure. If it happens, the FBI does not need to have access to the code, just access to Apple which is the same in all respects considering the loose requirements for warrants under laws like the patriot act and so on.

    Nothing material about what was said is false. Please stop arguing semantics. It is about as bad as Dick Cheney going around saying that no one's civil liberties were violated in the metadata bulk collection spying because they are officially "company records" and not private communications.