[cryptography] motivation, research ethics & organizational criminality (Re: Forward Secrecy Extensions for OpenPGP: Is this still a good proposal?)

ianG iang at iang.org
Sat Sep 14 07:42:41 EDT 2013


On 13/09/13 17:28 PM, David D wrote:
>... It is my opinion that if you want to stop the NSA by focusing on those who might still have a sliver of humanity remaining one would want to:
>
> 1.  Make working at the NSA a series of scarlet letters.
> 2.  Make their existing and future work useless.
> 3.  Make their ideas/opinions unheard or highly suspect.
> 4.  Provide opportunities in the private sector/open source that provide gainful employment.
> 5.  Exposing those responsible for sabotage.   Think: e-mail dumps, more leaks, etc.


The modus operandi for creating secret cells is to insert people who've 
done their (eg) 20 years in (eg) NSA into the corporations.  These 
people come with prior loyalties, and are always susceptible to placing 
those prior interests above the interests of the new employers or their 
customers.

Unfortunately for them, there isn't much to be done about it.  Once 
employed in a security clearance context of related work, they are 
pretty much owned;  the law & attitude is against them.

So one of the questions we ask is whether the person has ever done a 
security clearance.  If so, we've got a very interesting discussion to 
follow...

BTW, good people will always get a job.  The question is really about 
whether you want those good people guarding your customer data, or 
whether something neutral can be found.

iang



More information about the cryptography mailing list