FacebookTwitterGoogle+RedditEmail

Volkswagen and the Quandary of Hidden Code

by

Though the media may be inclined to shine a spotlight on Volkswagen and its systemic rigging of emission control systems the public record shows that the practice of secretly modifying technology to enable questionable features is fairly widespread. For example, accessing computers using hidden code is a mainstay of NSA surveillance and they’ve gotten so adept at it that plans have been drawn up to industrialize attacks against millions of machines at a time. And while federal officials and tech CEOs quibble over cryptographic back doors there are spies currently relying on hidden code to break into networks all over the planet.

Documents provided by Edward Snowden reveal classified intelligence operations like BULLRUN and the SIGINT Enabling project, industry-wide campaigns to undermine cyber security by inserting stealthy technical modifications.

Make no mistake, this is evidence that the tech industry hopes you’ll forget. They’re focused on maintaining earnings after being caught collaborating with security services. The execs would much rather frame themselves as our protectors rather than willing participants who subvert their products and conspire with authorities on a first-name basis. Hence there is a degree of theater to the debate playing itself out in the public arena. The media is, to an extent, complicit.

Tech CEOs may complain vocally to President Xi about the prospect of installing back doors in products destined for markets in China. But, honestly, can you blame Chinese leaders for wanting the same sort of benefits that tech companies have already provided to U.S. spies? The sheer size of the market in China may lead the Silicon Valley crowd to comply. Just ask Boeing, it recently signed a deal to sell 300 aircraft to China for $38 billion.

Rest assured that there is a way forward. Hidden code thrives in the dark. This means that transparency and sunlight are appropriate remedies. Specifically, commercial products should be open source so that anyone can inspect them. As Columbia law professor Eben Moglen astutely observed, “If Volkswagen knew that every customer who buys a vehicle would have a right to read the source code of all the software in the vehicle, they would never even consider the cheat, because the certainty of getting caught would terrify them.”

In addition government subversion programs that implement hidden code need to be outlawed. The tech industry —itself a direct descendent of the defense sector— cannot, or rather will not, fight this battle on its own. The covert arm of U.S. intelligence has a long and storied history of toppling foreign regimes. It doesn’t matter how much ruckus Apple’s CEO makes in public. Do you honestly think Tim Cook could resist this kind of pressure any more than Costas Tsalikidis or Salvador Allende? There are subtle and inexorable currents running under the surface of the body politic. They’re driven by forces much bigger than any one company. Look further and pathways to the American Deep State will emerge.

But even these measures aren’t sufficient. Secret components can masquerade as accidental bugs which are plausibly deniable. For example, it’s been documented that Microsoft had a clandestine arrangement to provide the NSA with early information on zero-day vulnerabilities. Therefore the executives of Silicon Valley need to be held liable for shoddy implementation so that companies have incentives to treat bugs as the catastrophes that they are rather than as a negative externality. Formally verified code, mathematically proven to be free of defects, is an emerging reality.

There is no shortage of talent or resources to tackle this problem. The major impediment preventing engineers from making significant headway on eliminating hidden code is skewed priorities both on behalf of corporate leadership and the political class which serves them. Hidden code represents control, it represents power. We need to take that power back.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

Weekend Edition
January 19, 2018
Friday - Sunday
Paul Street
Dr. King’s Long Assassination
David Roediger
A House is Not a Hole: (Not) Caring about What Trump Says
George Burchett
How the CIA Tried to Bribe Wilfred Burchett
Mike Whitney
Trump’s Plan B for Syria: Occupation and Intimidation
Michael Hudson – Charles Goodhart
Could/Should Jubilee Debt Cancellations be Reintroduced Today?
Marshall Auerback – Franklin C. Spinney
Boss Tweet’s Generals Already Run the Show
Andrew Levine
Remember, Democrats are Awful Too
James Bovard
Why Ruby Ridge Still Matters
Wilfred Burchett
The Bug Offensive
Brian Cloughley
Now Trump Menaces Pakistan
Ron Jacobs
Whiteness and Working Folks
Jeffrey St. Clair
The Keeper of Crazy Beats: Charlie Haden and Music as a Force of Liberation
Robert Fantina
Palestine and Israeli Recognition
Jan Oberg
The New US Syria “Strategy”, a Recipe For Continued Disaster
ADRIAN KUZMINSKI
The Return of the Repressed
Mel Gurtov
Dubious Partnership: The US and Saudi Arabia
Robert Fisk
The Next Kurdish War Looms on the Horizon
Lawrence Davidson
Contextualizing Sexual Harassment
Jeff Berg
Approaching Day Zero
Karl Grossman
Disaster Island
Thomas S. Harrington
What Nerve! In Catalonia They are Once Again Trying to Swear in the Coalition that Won the Most Votes
Pepe Escobar
Rome: A Eulogy
Robert Hunziker
Will Aliens Save Humanity?
Jonah Raskin
“Can’t Put the Pot Genie Back in the Bottle”: An Interview with CAL NORML’s Dale Gieringer
Stepan Hobza
Beckett, Ionesco, and Trump
Joseph Natoli
The ‘Worlding’ of the Party-less
Julia Stein
The Myths of Housing Policy
George Ochenski
Zinke’s Purge at Interior
Christopher Brauchli
How Trump Killed the Asterisk
Rosemary Mason - Colin Todhunter
Corporate Monopolies Will Accelerate the Globalisation of Bad Food, Poor Health and Environmental Catastrophe
Michael J. Sainato
U.S Prisons Are Ending In-Person Visits, Cutting Down On Reading Books
Michael Barker
Blame Game: Carillion or Capitalism?
Binoy Kampmark
The War on Plastic
Cindy Sheehan – Rick Sterling
Peace Should Be Integral to the Women’s March
Kevin Zeese - Margaret Flowers
No Foreign Bases!
Matthew Stevenson
Into Africa: Across the Boer Heartland to Pretoria
Joe Emersberger
What’s Going On in Ecuador? An Interview With Wladimir Iza
Clark T. Scott
1918, 1968, 2018: From Debs to Trump
Cesar Chelala
Women Pay a Grievous Price in Congo’s Conflict
Michael Welton
Secondly
Robert Koehler
The Wisdom of Mass Salvation
Seth Sandronsky
Misreading Edu-Reform 
Ann Garrison
Full-Spectrum Arrogance: US Bases Span the Globe
Louis Proyect
Morality Tales on the American Malaise: the Films of Rick Alverson
David Yearsley
Winston and Paddington: Marianelli’s Musical Bears
FacebookTwitterGoogle+RedditEmail