Apple's Security Expert Joined the ACLU To Tackle 'Authoritarian Fever'

An anonymous reader quotes a report from Motherboard: Apple security expert Jon Callas, who helped build protection for billions of computers and smartphones against criminal hackers and government surveillance, is now taking on government and corporate spying in the policy realm. Jon Callas is an elder statesman in the world of computer security and cryptography. He's been a vanguard in developing security for mobile communications and email as chief technology officer and co-founder of PGP Corporation -- which created Pretty Good Privacy, the first widely available commercial encryption software -- and serving the same roles at Silent Circle and Blackphone, touted as the world's most secure Android phone.

As a security architect and analyst for Apple computers -- he served three stints with the tech giant in 1995-1997, 2009-2011, and 2016-2018 -- he has played an integral role in helping to develop and assess security for the Mac and iOS operating systems and various components before their release to the public. His last stretch there as manager of a Red Team (red teams hack systems to expose and fix their vulnerabilities) began just after the FBI tried to force the tech giant to undermine security it had spent years developing for its phones to break into an iPhone belonging to one of the San Bernardino shooters. But after realizing there's a limit to the privacy and surveillance issues technology companies can address, Callas decided to tackle the issues from the policy side, accepting a two-year position as senior technology fellow for the American Civil Liberties Union. Callas spoke to Motherboard about government backdoors, the need for tech expertise in policymaking, and what he considers the biggest challenge for the security industry.

More worried about Google/Facebook than the NSA

- While the government can *theoretically* throw you in prison/Gitmo if it misinterprets your intercepted texts to Mom as coded threats to blow up the White House, the odds of it happening are infinitesimal and the procedure for doing so is long and tedious. In fact there's no example that I'm aware of of anything of the sort happening. The government can't do a single thing to you unless you have (or it thinks you have) explicitly committed a crime. Meanwhile tech companies can and eagerly will summarily and mercilessly financially ruin you and effectively banish you from human interaction if they simply don't like your opinions. While this isn't as bad as getting thrown in jail, the odds of it actually happening are infinitely greater, so the actual expected damage is higher.

- Government is at least theoretically hamstrung by the 1st/4th amendments, while big tech companies get to hide behind the "private company" excuse. (No the constitution isn't going to stop the government long-term, but it at least slows them down and puts them at a competitive disadvantage.) Also, as always massive bureaucracy makes the government slower/worse than the private sector at anything it tries to do.

- Google/Facebook are actively and proudly already using their power to manipulate the public's beliefs/emotions/behaviors. The government does the same, but "influencing" people via customized algorithmic manipulation of the social media feeds that they're obsessively staring at 10 hours a day is much more effective than just feeding some bullshit to gullible buzzfeed reporters now and then.

Taken as a whole, Google probably already has more raw power than all but a tiny handful of world governments (if even that many), with virtually no effective checks on its power or ambition going forward.

Re:ACLU!?!

[Bobrick]

Sounds like a snowflake is offended.