Volkswagen and the Quandary of Hidden Code

Though the media may be inclined to shine a spotlight on Volkswagen and its systemic rigging of emission control systems the public record shows that the practice of secretly modifying technology to enable questionable features is fairly widespread. For example, accessing computers using hidden code is a mainstay of NSA surveillance and they’ve gotten so adept at it that plans have been drawn up to industrialize attacks against millions of machines at a time. And while federal officials and tech CEOs quibble over cryptographic back doors there are spies currently relying on hidden code to break into networks all over the planet.

Documents provided by Edward Snowden reveal classified intelligence operations like BULLRUN and the SIGINT Enabling project, industry-wide campaigns to undermine cyber security by inserting stealthy technical modifications.

Make no mistake, this is evidence that the tech industry hopes you’ll forget. They’re focused on maintaining earnings after being caught collaborating with security services. The execs would much rather frame themselves as our protectors rather than willing participants who subvert their products and conspire with authorities on a first-name basis. Hence there is a degree of theater to the debate playing itself out in the public arena. The media is, to an extent, complicit.

Tech CEOs may complain vocally to President Xi about the prospect of installing back doors in products destined for markets in China. But, honestly, can you blame Chinese leaders for wanting the same sort of benefits that tech companies have already provided to U.S. spies? The sheer size of the market in China may lead the Silicon Valley crowd to comply. Just ask Boeing, it recently signed a deal to sell 300 aircraft to China for $38 billion.

Rest assured that there is a way forward. Hidden code thrives in the dark. This means that transparency and sunlight are appropriate remedies. Specifically, commercial products should be open source so that anyone can inspect them. As Columbia law professor Eben Moglen astutely observed, “If Volkswagen knew that every customer who buys a vehicle would have a right to read the source code of all the software in the vehicle, they would never even consider the cheat, because the certainty of getting caught would terrify them.”

In addition government subversion programs that implement hidden code need to be outlawed. The tech industry —itself a direct descendent of the defense sector— cannot, or rather will not, fight this battle on its own. The covert arm of U.S. intelligence has a long and storied history of toppling foreign regimes. It doesn’t matter how much ruckus Apple’s CEO makes in public. Do you honestly think Tim Cook could resist this kind of pressure any more than Costas Tsalikidis or Salvador Allende? There are subtle and inexorable currents running under the surface of the body politic. They’re driven by forces much bigger than any one company. Look further and pathways to the American Deep State will emerge.

But even these measures aren’t sufficient. Secret components can masquerade as accidental bugs which are plausibly deniable. For example, it’s been documented that Microsoft had a clandestine arrangement to provide the NSA with early information on zero-day vulnerabilities. Therefore the executives of Silicon Valley need to be held liable for shoddy implementation so that companies have incentives to treat bugs as the catastrophes that they are rather than as a negative externality. Formally verified code, mathematically proven to be free of defects, is an emerging reality.

There is no shortage of talent or resources to tackle this problem. The major impediment preventing engineers from making significant headway on eliminating hidden code is skewed priorities both on behalf of corporate leadership and the political class which serves them. Hidden code represents control, it represents power. We need to take that power back.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

Weekend Edition
March 16, 2018
Friday - Sunday
Michael Uhl
The Tip of the Iceberg: My Lai Fifty Years On
Bruce E. Levine
School Shootings: Who to Listen to Instead of Mainstream Shrinks
Mel Goodman
Caveat Emptor: MSNBC and CNN Use CIA Apologists for False Commentary
Paul Street
The Obama Presidency Gets Some Early High Historiography
Kathy Deacon
Me, My Parents and Red Scares Long Gone
Jeffrey St. Clair
Roaming Charges: Rexless Abandon
Andrew Levine
Good Enemies Are Hard To Find: Therefore Worry
Jim Kavanagh
What to Expect From a Trump / Kim Summit
Ron Jacobs
Trump and His Tariffs
Joshua Frank
Drenched in Crude: It’s an Oil Free For All, But That’s Not a New Thing
Gary Leupp
What If There Was No Collusion?
Matthew Stevenson
Why Vietnam Still Matters: Bernard Fall Dies on the Street Without Joy
Robert Fantina
Bad to Worse: Tillerson, Pompeo and Haspel
Brian Cloughley
Be Prepared, Iran, Because They Want to Destroy You
Richard Moser
What is Organizing?
Scott McLarty
Working Americans Need Independent Politics
Rohullah Naderi
American Gun Violence From an Afghan Perspective
Sharmini Peries - Michael Hudson
Why Trump’s Tariff Travesty Will Not Re-Industrialize the US
Ted Rall
Democrats Should Run on Impeachment
Robert Fisk
Will We Ever See Al Jazeera’s Investigation Into the Israel Lobby?
Kristine Mattis
Superunknown: Scientific Integrity Within the Academic and Media Industrial Complexes
John W. Whitehead
Say No to “Hardening” the Schools with Zero Tolerance Policies and Gun-Toting Cops
Edward Hunt
UN: US Attack On Syrian Civilians Violated International Law
Barbara Nimri Aziz
Iraq Outside History
Wilfred Burchett
Vietnam Will Win: The Long Hard Road
Victor Grossman
Germany: New Faces, Old Policies
Medea Benjamin - Nicolas J. S. Davies
The Iraq Death Toll 15 Years After the US Invasion
Binoy Kampmark
Amazon’s Initiative: Digital Assistants, Home Surveillance and Data
Chuck Collins
Business Leaders Agree: Inequality Hurts The Bottom Line
Jill Richardson
What We Talk About When We Talk About “Free Trade”
Eric Lerner – Jay Arena
A Spark to a Wider Fire: Movement Against Immigrant Detention in New Jersey
Negin Owliaei
Teachers Deserve a Raise: Here’s How to Fund It
Kollibri terre Sonnenblume
What to Do at the End of the World? Interview with Climate Crisis Activist, Kevin Hester
Kevin Proescholdt
Secretary of Interior Ryan Zinke Attacks America’s Wilderness
Franklin Lamb
Syrian War Crimes Tribunals Around the Corner
Beth Porter
Clean Energy is Calling. Will Your Phone Company Answer?
George Ochenski
Zinke on the Hot Seat Again and Again
Lance Olsen
Somebody’s Going to Extremes
Robert Koehler
Breaking the Ice
Pepe Escobar
The Myth of a Neo-Imperial China
Graham Peebles
Time for Political Change and Unity in Ethiopia
Terry Simons
10 American Myths “Refutiated”*
Thomas Knapp
Some Questions from the Edge of Immortality
Louis Proyect
The 2018 Socially Relevant Film Festival
David Yearsley
Keaton’s “The General” and the Pernicious Myths of the Heroic South