FacebookTwitterGoogle+RedditEmail

Volkswagen and the Quandary of Hidden Code

by

Though the media may be inclined to shine a spotlight on Volkswagen and its systemic rigging of emission control systems the public record shows that the practice of secretly modifying technology to enable questionable features is fairly widespread. For example, accessing computers using hidden code is a mainstay of NSA surveillance and they’ve gotten so adept at it that plans have been drawn up to industrialize attacks against millions of machines at a time. And while federal officials and tech CEOs quibble over cryptographic back doors there are spies currently relying on hidden code to break into networks all over the planet.

Documents provided by Edward Snowden reveal classified intelligence operations like BULLRUN and the SIGINT Enabling project, industry-wide campaigns to undermine cyber security by inserting stealthy technical modifications.

Make no mistake, this is evidence that the tech industry hopes you’ll forget. They’re focused on maintaining earnings after being caught collaborating with security services. The execs would much rather frame themselves as our protectors rather than willing participants who subvert their products and conspire with authorities on a first-name basis. Hence there is a degree of theater to the debate playing itself out in the public arena. The media is, to an extent, complicit.

Tech CEOs may complain vocally to President Xi about the prospect of installing back doors in products destined for markets in China. But, honestly, can you blame Chinese leaders for wanting the same sort of benefits that tech companies have already provided to U.S. spies? The sheer size of the market in China may lead the Silicon Valley crowd to comply. Just ask Boeing, it recently signed a deal to sell 300 aircraft to China for $38 billion.

Rest assured that there is a way forward. Hidden code thrives in the dark. This means that transparency and sunlight are appropriate remedies. Specifically, commercial products should be open source so that anyone can inspect them. As Columbia law professor Eben Moglen astutely observed, “If Volkswagen knew that every customer who buys a vehicle would have a right to read the source code of all the software in the vehicle, they would never even consider the cheat, because the certainty of getting caught would terrify them.”

In addition government subversion programs that implement hidden code need to be outlawed. The tech industry —itself a direct descendent of the defense sector— cannot, or rather will not, fight this battle on its own. The covert arm of U.S. intelligence has a long and storied history of toppling foreign regimes. It doesn’t matter how much ruckus Apple’s CEO makes in public. Do you honestly think Tim Cook could resist this kind of pressure any more than Costas Tsalikidis or Salvador Allende? There are subtle and inexorable currents running under the surface of the body politic. They’re driven by forces much bigger than any one company. Look further and pathways to the American Deep State will emerge.

But even these measures aren’t sufficient. Secret components can masquerade as accidental bugs which are plausibly deniable. For example, it’s been documented that Microsoft had a clandestine arrangement to provide the NSA with early information on zero-day vulnerabilities. Therefore the executives of Silicon Valley need to be held liable for shoddy implementation so that companies have incentives to treat bugs as the catastrophes that they are rather than as a negative externality. Formally verified code, mathematically proven to be free of defects, is an emerging reality.

There is no shortage of talent or resources to tackle this problem. The major impediment preventing engineers from making significant headway on eliminating hidden code is skewed priorities both on behalf of corporate leadership and the political class which serves them. Hidden code represents control, it represents power. We need to take that power back.

More articles by:

Bill Blunden is a journalist whose current areas of inquiry include information security, anti-forensics, and institutional analysis. He is the author of several books, including “The Rootkit Arsenal” andBehold a Pale Farce: Cyberwar, Threat Inflation, and the Malware-Industrial Complex.” Bill is the lead investigator at Below Gotham Labs and a member of the California State University Employees Union, Chapter 305.

CounterPunch Magazine

minimag-edit

bernie-the-sandernistas-cover-344x550

zen economics

July 27, 2017
Edward Curtin
The Deep State, Now and Then
Melvin Goodman
The Myth of American Exceptionalism
Nozomi Hayase
From Watergate to Russiagate: the Hidden Scandal of American Power
Kenneth Surin
Come Fly the Unfriendly Skies
Andre Vltchek
Philippines: Western Media is Distorting Reality, People and Army Unite to Battle “ISIS”
Robert Fisk
Out of the Ruins of Aleppo: a Syrian Community Begins to Rebuild
Andrew Moss
What is Adelanto?
Thomas Mountain
Free Speech or Terror TV? Al Jazeera’s Support for ISIS and Al Queda
Robert J. - Byers
Jamboree Travesty
Thomas Knapp
Send in the Clown: Scaramucci Versus the Leakers
Rob Seimetz
Because the Night Belonged to Us in St. Petersburg (Florida)
Paul Cantor
Momentum Not Mojo
Patrick Walker
In Defense of Caitlin Johnstone (Part Two)
July 26, 2017
John W. Whitehead
Policing for Profit: Jeff Sessions & Co.’s Thinly Veiled Plot to Rob Us Blind
Pete Dolack
Trump’s Re-Negotiation Proposal Will Make NAFTA Worse
George Capaccio
“Beauty of Our Weapons” in the War on Yemen
Ramzy Baroud
Fear and Trepidation in Tel Aviv: Is Israel Losing the Syrian War?
John McMurtry
Brexit Counter-Revolution Still in Motion
Ted Rall
The Democrats Are A Lost Cause
Tom Gill
Is Macron Already Faltering?
Ed Kemmick
Empty Charges Erode Trust in Montana Elections
Rev. William Alberts
Fake News? Or Fake Faith?
James Heddle
The Ethics and Politics of Nuclear Waste are Being Tested in Southern California
Binoy Kampmark
Slaying in Minneapolis: Justine Damond, Shooting Cultures and Race
Jeff Berg
Jonesing for Real Change
Jesse Jackson
The ‘Voter Fraud’ Commission Itself is Fraudulent
July 25, 2017
Paul Street
A Suggestion for Bernie: On Crimes Detectable and Not
David W. Pear
Venezuela on the Edge of Civil War
John Grant
Uruguay Tells US Drug War to Take a Hike
Charles Pierson
Like Climate Change? You’ll Love the Langevin Amendment
Linda Ford
Feminism Co-opted
Andrew Stewart
Any Regrets About Not Supporting Clinton Last Summer?
Aidan O'Brien
Painting the Irish Titanic Pink
Rob Seimetz
Attitudes Towards Pets vs Attitudes Towards the Natural World
Medea Benjamin
A Global Movement to Confront Drone Warfare
Norman Solomon
When Barbara Lee Doesn’t Speak for Me
William Hawes
What Divides America From the World (and Each Other)
Veteran Intelligence Professionals for Sanity
Was the “Russian Hack” an Inside Job?
Chandra Muzaffar
The Bilateral Relationship that Matters
Binoy Kampmark
John McCain: Cancer as Combatant
July 24, 2017
Patrick Cockburn
A Shameful Silence: Where is the Outrage Over the Slaughter of Civilians in Mosul?
Robert Hunziker
Extremely Nasty Climate Wake-Up
Ron Jacobs
Dylan and Woody: Goin’ Down the Road Feelin’ Bad
Dan Glazebrook
Quantitative Easing: the Most Opaque Transfer of Wealth in History
Ellen Brown
Saving Illinois: Getting More Bang for the State’s Bucks
FacebookTwitterGoogle+RedditEmail