The unintentional consequences of the NSA’s spying revelations are something much bigger than most people have realized yet. The fact is, you can no longer trust the cloud or proprietary software for anything that matters. You will probably never be able to trust important data to an external provider ever again, no matter what their marketing literature tells you. They can easily insert hooks that allow that data to be snooped before it gets encrypted or after.

Let me ask you this: Now that you know that Microsoft gleefully inserted flaws into and/or bypassed their own encryption schemes, can you ever really trust code that you can’t inspect again? Proprietary software is now heading for its grave. It’s official. Can you ever trust a cloud company, now that you know Microsoft subverted their own encryption to feed the government information? The flaws in Microsoft’s encryption means that financial transactions, privileged discussions with lawyers, private competitive discussions and anything else that you hoped would be secured were not and never were. Skype was never encrypted. Real encryption does not have backdoors. If you trust anything these companies every tell you again, then you’re a fucking fool. The cascading effective of this mistrust is huge. If Microsoft can subvert their own encryption, can they spy on companies they might want to buy or destroy in the market? If one of those company’s employees just happened to use SkyDrive with some passwords and some internal memos, they could get to it. Of course, I am just speculating. Did they do this? No idea. But that possibility is there now. And that possibility creates doubt in consumers’ minds. What’s to stop any company from looking at anything? HINT: Nothing.

So here is my sense of it: Public cloud? Dead. Nobody ever trusted the public cloud anyway. Proprietary software encryption? Dead. Closed source software? Dead. If you can’t look at the code anymore and vet that it does not intentionally introduced backdoors than you can’t trust that code, period. If you do, then you’re an idiot. There is just no way around it.

Unfortunately, this also means that they are going to kill The Internet as we know it today. Other countries will not sit by and allow us to just grab all of their communications, whether friend or foe. The Internet will start to fragment into smaller fiefdoms. It’s already happening. The Chinese basically have their own Internet. Putin used the Snowden leaks to again push for UN control of the Internet. Other dictatorships will accelerate this process now, because they can’t afford to trust American companies to not include backdoors. Ironically, this means that they will continue to build home grown tech that we don’t have access to, which makes it harder to spy on our enemies.

Open Source will even be affected by this. The Chinese have already forked their own Linux and now Android. They will just take the Open Source code that they know they can trust and build forked untrustworthy versions to spy on their own citizens. They’ve already done it and I expect this trend to accelerate too.

Nobody every really trusted the public cloud anyway. The NSA just put the nail in its coffin. There’s a lot of marketing hype about cloud. Many companies are legitimately excited about it, but the dirty little secret in the industry is that nobody trusts the public version. Sure sometimes the average person trusts it to store his music or sync his bookmarks. Big companies have never trusted the public cloud for anything that actually matters. Financial data doesn’t live there. Credit cards don’t live there. There are exceptions I’m sure, many of them, but most companies are building private clouds. They may use the public cloud to waste the cloud provider’s commodity CPU and memory, but the crown jewels usually won’t live there. Now anyone who has even an ounce of security knowledge would never advise his company to put anything that matters there. Microsoft is already a company openly hated by most admins. How can you trust anything but Open Source software to run your business on? If you can’t look at the code, you can’t trust that built in encryption scheme.

Look, I don’t think it’s any surprise that governments are spying on everyone. Our government isn’t the only one. No way. I think everyone was surprised by the scope. They shouldn’t have been because we knew they were trying to do this in 2002, when Darpa put out a call to build the tech that went into PRISM called Total Information Awareness. The site went up fast, looking for companies to submit bids and after it went viral, they pulled it down quickly, but not before people made offline copies of the site. It’s not hidden. It’s hidden in plain site. It’s on Wikipedia for God’s sake. They told us they were going to build it. As Ray Ozzie, former head of Microsoft software said, we got what we asked for when we hastily passed the Patriot Act in 2001. When people reacted poorly, what did they do? They built it anyway. Duh, of course they did. Oh sure, a few senators managed to de-fund it, but work just continued under different project names. Does anyone doubt it got built? Of course not. And people stopped asking questions and forgot about it. You don’t need any special clearance to read Wikipedia, you just have to think for five seconds and put the pieces together. The World Wide Web and the global communications systems are just too tempting a target for any people in power. It’s like a drug to them. They want more and more. The only solution is for people to use more open systems, systems that are harder to corrupt, open source systems where everyone can look at the code, be they the government, the financial community or the average citizen.

The problem with programs that collect data on anything is that they can be turned against anyone for any reason. Then it becomes easy to find something on just about everyone who disagrees with you and take them out. In China, if they find a lawyer who is winning too many cases against them, they just round him up and arrest him. A more advanced and insidious control mechanism wouldn’t even require that kind of outright attack. How hard would it be for the information they gathered to be used against a protestor? Maybe they find out someone downloaded a song illegally or a movie and arrest him for that? They don’t even have to go that far. They can leave the courts out of it. When you look closely at someone’s life, almost anyone can be made to look bad. Again, you don’t even need to use the courts. You just leak a story about someone and back it up with emails from the person and that is that. Reputation destroyed. Credibility lost. Threat contained.

So what of the man who brought this debate to the forefront, Ed Snowden? This is a 29-year-old kid who gave up his freedom and choice so you could know a little bit more about what people do in our name. Because remember, at least in theory, America is still a “government for the people, by the people.” We may decide it’s too much or we may decide it’s worth the risk, but it’s still our debate to have. No matter what happens to Snowden, he gave us something to talk about. I feel bad for the kid. He tried to do the right thing. Maybe his methodology was flawed, maybe not. We love to paint these things as black and white, but it’s all so very, very grey. I don’t think he had a very good plan after the release. Unfortunately, he’ll end up in a place granting him asylum that has even worse violations of people’s freedoms, like Russia where protesting is virtually illegal and where they round up protestors, accuse them of “mass riots” and “assaulting an officer” in Communist style show trials. Seriously. Pussy Riot anyone? In other words, the kid will end up spending the rest of his life in a country where people can’t even speak their mind publicly. How long will he be able to hold his tongue in a place like that?

In the long term, we will evolve solutions to our own problems. We don’t need big untrustworthy companies to run our cloud for us. We can run it ourselves. And people will come up with new ideas, ideas that empower people, rather than leach power away from them. It will probably look something like Plug, a Kickstarter project that unites all of your storage to all of your devices in your house, hosted by you. Oh and it’s the size of a pack of chewing gum. So keep your public cloud for garbage work, like compiling software and powering websites with a million disposable Apache servers. We’ll make our own cloud. It will be the people’s cloud.

The post How the NSA Just Killed The Public Cloud and Proprietary Software while Fragmenting the Internet appeared first on Me Uploads.