FacebookTwitterGoogle+RedditEmail

Volkswagen and the Quandary of Hidden Code

Though the media may be inclined to shine a spotlight on Volkswagen and its systemic rigging of emission control systems the public record shows that the practice of secretly modifying technology to enable questionable features is fairly widespread. For example, accessing computers using hidden code is a mainstay of NSA surveillance and they’ve gotten so adept at it that plans have been drawn up to industrialize attacks against millions of machines at a time. And while federal officials and tech CEOs quibble over cryptographic back doors there are spies currently relying on hidden code to break into networks all over the planet.

Documents provided by Edward Snowden reveal classified intelligence operations like BULLRUN and the SIGINT Enabling project, industry-wide campaigns to undermine cyber security by inserting stealthy technical modifications.

Make no mistake, this is evidence that the tech industry hopes you’ll forget. They’re focused on maintaining earnings after being caught collaborating with security services. The execs would much rather frame themselves as our protectors rather than willing participants who subvert their products and conspire with authorities on a first-name basis. Hence there is a degree of theater to the debate playing itself out in the public arena. The media is, to an extent, complicit.

Tech CEOs may complain vocally to President Xi about the prospect of installing back doors in products destined for markets in China. But, honestly, can you blame Chinese leaders for wanting the same sort of benefits that tech companies have already provided to U.S. spies? The sheer size of the market in China may lead the Silicon Valley crowd to comply. Just ask Boeing, it recently signed a deal to sell 300 aircraft to China for $38 billion.

Rest assured that there is a way forward. Hidden code thrives in the dark. This means that transparency and sunlight are appropriate remedies. Specifically, commercial products should be open source so that anyone can inspect them. As Columbia law professor Eben Moglen astutely observed, “If Volkswagen knew that every customer who buys a vehicle would have a right to read the source code of all the software in the vehicle, they would never even consider the cheat, because the certainty of getting caught would terrify them.”

In addition government subversion programs that implement hidden code need to be outlawed. The tech industry —itself a direct descendent of the defense sector— cannot, or rather will not, fight this battle on its own. The covert arm of U.S. intelligence has a long and storied history of toppling foreign regimes. It doesn’t matter how much ruckus Apple’s CEO makes in public. Do you honestly think Tim Cook could resist this kind of pressure any more than Costas Tsalikidis or Salvador Allende? There are subtle and inexorable currents running under the surface of the body politic. They’re driven by forces much bigger than any one company. Look further and pathways to the American Deep State will emerge.

But even these measures aren’t sufficient. Secret components can masquerade as accidental bugs which are plausibly deniable. For example, it’s been documented that Microsoft had a clandestine arrangement to provide the NSA with early information on zero-day vulnerabilities. Therefore the executives of Silicon Valley need to be held liable for shoddy implementation so that companies have incentives to treat bugs as the catastrophes that they are rather than as a negative externality. Formally verified code, mathematically proven to be free of defects, is an emerging reality.

There is no shortage of talent or resources to tackle this problem. The major impediment preventing engineers from making significant headway on eliminating hidden code is skewed priorities both on behalf of corporate leadership and the political class which serves them. Hidden code represents control, it represents power. We need to take that power back.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

January 21, 2019
W. T. Whitney
New US Economic Attack Against Cuba, Long Threatened, May Hit Soon
Jérôme Duval
Macronist Repression Against the People in Yellow Vests
Dean Baker
The Next Recession: What It Could Look Like
Eric Mann
All Hail the Revolutionary King: Martin Luther King and the Black Revolutionary Tradition
Binoy Kampmark
Spy Theories and the White House: Donald Trump as Russian Agent
Edward Curtin
We Need a Martin Luther King Day of Truth
Bill Fried
Jeff Sessions and the Federalists
Ed Corcoran
Central America Needs a Marshall Plan
Colin Todhunter
Complaint Lodged with European Ombudsman: Regulatory Authorities Colluding with Agrochemicals Industry
Manuel E. Yepe
The US War Against the Weak
Weekend Edition
January 18, 2019
Friday - Sunday
Melvin Goodman
Star Wars Revisited: One More Nightmare From Trump
John Davis
“Weather Terrorism:” a National Emergency
Jeffrey St. Clair
Roaming Charges: Sometimes an Establishment Hack is Just What You Need
Joshua Frank
Montana Public Schools Block Pro-LGBTQ Websites
Louisa Willcox
Sky Bears, Earth Bears: Finding and Losing True North
Robert Fisk
Bernie Sanders, Israel and the Middle East
Robert Fantina
Pompeo, the U.S. and Iran
David Rosen
The Biden Band-Aid: Will Democrats Contain the Insurgency?
Nick Pemberton
Human Trafficking Should Be Illegal
Steve Early - Suzanne Gordon
Did Donald Get The Memo? Trump’s VA Secretary Denounces ‘Veteran as Victim’ Stereotyping
Andrew Levine
The Tulsi Gabbard Factor
John W. Whitehead
The Danger Within: Border Patrol is Turning America into a Constitution-Free Zone
Dana E. Abizaid
Kafka’s Grave: a Pilgrimage in Prague
Rebecca Lee
Punishment Through Humiliation: Justice For Sexual Assault Survivors
Dahr Jamail
A Planet in Crisis: The Heat’s On Us
John Feffer
Trump Punts on Syria: The Forever War is Far From Over
Dave Lindorff
Shut Down the War Machine!
Glenn Sacks
LA Teachers’ Strike: Student Voices of the Los Angeles Education Revolt  
Mark Ashwill
The Metamorphosis of International Students Into Honorary US Nationalists: a View from Viet Nam
Ramzy Baroud
The Moral Travesty of Israel Seeking Arab, Iranian Money for its Alleged Nakba
Ron Jacobs
Allen Ginsberg Takes a Trip
Jake Johnston
Haiti by the Numbers
Binoy Kampmark
No-Confidence Survivor: Theresa May and Brexit
Victor Grossman
Red Flowers for Rosa and Karl
Cesar Chelala
President Donald Trump’s “Magical Realism”
Christopher Brauchli
An Education in Fraud
Paul Bentley
The Death Penalty for Canada’s Foreign Policy?
David Swanson
Top 10 Reasons Not to Love NATO
Louis Proyect
Breaking the Left’s Gay Taboo
Kani Xulam
A Saudi Teen and Freedom’s Shining Moment
Ralph Nader
Bar Barr or Regret this Dictatorial Attorney General
Jessicah Pierre
A Dream Deferred: MLK’s Dream of Economic Justice is Far From Reality
Edward J. Martin
Glossip v. Gross, the Eighth Amendment and the Torture Court of the United States
Chuck Collins
Shutdown Expands the Ranks of the “Underwater Nation”
Paul Edwards
War Whores
FacebookTwitterGoogle+RedditEmail