Thursday, 4 July 2013

Strong ties bind spy agencies and Silicon Valley

Silicon Valley has tried to distance itself from the controversial US surveillance programmes exposed by Edward Snowden, but there is a long history of close cooperation between technology companies and the intelligence community.

2 comments:

Guanyu said...

Strong ties bind spy agencies and Silicon Valley

Reuters
04 July 2013

Silicon Valley has tried to distance itself from the controversial US surveillance programmes exposed by Edward Snowden, but there is a long history of close cooperation between technology companies and the intelligence community.

Former US officials and intelligence sources say the collaboration between the tech industry and spy agencies is both broader and deeper than most people realize, dating back to the formative years of Silicon Valley itself.

As US intelligence agencies accelerate efforts to acquire new technology and fund research on cyber security, they have invested in start-up companies, encouraged firms to put more military and intelligence veterans on company boards, and nurtured a broad network of personal relationships with top technology executives.

And they are using those connections to carry out specific espionage missions, current and former officials say, even as they work with the tech industry to avoid overt cooperation that might raise the hackles of foreign customers.

Joel Harding, an intelligence officer for the Joint Chiefs of Staff in the 1990s who went on to work at big defence contractors Computer Sciences Corp and SAIC, said spy agencies have at times persuaded companies to alter their hardware and software products to enable monitoring of foreign targets.

In one instance several years ago, an intelligence agency paid a tech company supervisor US$50,000 to install tampered computer chips in machines bound for a customer in a foreign country so that they could be used for espionage, Mr Harding said, declining to provide specifics.

“They looked exactly the same, but they changed the chips,” he said.

A current US intelligence operative, who spoke on condition of anonymity, said the government often works through third parties, in part to shield the big tech companies from fallout if the operations are discovered.

He cited a case more than a decade ago in which the government secretly created a computer reselling company to sell laptops to Asian governments.

The reseller bought laptops from a company called Tadpole Computer, which made machines based on Sun Microsystems processors. The reseller added secret software that allowed intelligence analysts to access the machines remotely.

Tadpole was later bought by defence contractor General Dynamics Corp in 2005. General Dynamics declined to comment. Sun’s new owner, Oracle Corp, did not respond to an inquiry.

Despite these secret collaborations, former intelligence officials and company executives say the great fear of overseas customers - that widely used US technology products contain a “back door” accessible only to the National Security Agency (NSA) or Central Intelligence Agency (CIA) - is exaggerated.

They said computers and communications overseas are captured by other means, including third parties such as the laptop reseller and special software developed by the agencies.

Defence contractors offer the government the means to break in to the products of virtually every major software vendor, according to a product catalogue reviewed by Reuters that was described as typical for the industry. The NSA did not respond to a request for comment.

More massive cooperation is rare because big tech companies sell to many countries and have too much business at stake in markets like China to risk installing a back door that could be discovered, said one intelligence veteran who had worked for Microsoft Corp.

“Microsoft is technically a US company, but it’s an international conglomerate with tons of subsidiaries,” he said. “It’s a major part of Microsoft strategy to sell to China.” A spokeswoman for the company declined to comment.

Silicon Valley’s relationship with US intelligence agencies is under scrutiny after Snowden, a former contractor for the NSA, last month exposed a top secret Internet monitoring programme known as Prism that relied on customer data supplied by major technology companies.

Guanyu said...

Google Inc, Microsoft, Facebook Inc and others scrambled to assure their customers that they only handed over data for specific intelligence investigations involving foreign targets, and they denied giving the NSA access to wholesale client data.

But last weekend, the European Union (EU) demanded that Washington explain its surveillance programmes and some European politicians said there were grounds to break off trade talks. Others urged citizens to stop relying on US providers.

HISTORY OF SHARED INTERESTS

The close and symbiotic relationship between US tech companies and government defence and intelligence agencies is frequently underplayed in the mythology of Silicon Valley.

Defence contracts were its lifeblood through much of the 1950s and 1960s. Frederick Terman, who led Allied radio-jamming efforts in World War II, came to Stanford University with grant money and counted the founders of Hewlett-Packard Co among his students.

Varian Associates and other startups, many with ties to Stanford, got their start in the 1950s with military contracts for microwave and vacuum-tube technologies that were used in aerospace projects.

In the 1960s, government space and defence programmes, especially the Minuteman missile effort, were the biggest customers for the Valley’s expensive integrated circuit computer chips. Database software maker Oracle Corp’s first customer was the CIA.

“The birth of Silicon Valley was solving defence problems,” said Anup Ghosh, whose cyber security firm Invincea Inc was launched in 2009 with funding from the Pentagon’s Defence Advanced Research Projects Agency (Darpa).

Darpa, which initially funded what became the Internet out of a desire for a communications network that would survive a nuclear attack, has intensified its work on Internet security in recent years and recently launched a “fast-track” programme to get smaller amounts of money to start-ups more quickly.

Federal cyber security spending is expected to reach US$11.9 billion next year, up from US$8.6 billion in 2010, according to budget analysts at Deltek.

BUMPS IN THE RELATIONSHIP

The relationship between the Valley and the government has had its bumps. A low point came in the mid-1990s, when then-President Bill Clinton pressed the industry to include in its products a device called the Clipper Chip, which had an NSA-designed back door to allow for law enforcement eavesdropping if authorities obtained a warrant.

Civil liberties groups and such technology leaders as Microsoft and Apple Inc objected, in part because the code could be broken and presented a security risk, and eventually the administration backed down.

Stung by that setback, Washington tried harder to learn the Valley’s language. Its most visible initiative was the creation of In-Q-Tel, a venture capital fund intended to finance companies whose products were of interest to the CIA and other agencies.

In-Q-Tel’s portfolio now includes security companies such as FireEye and data analysis firms like Palantir Technologies, which counts the CIA as a major customer. In-Q-Tel often makes modest investments in exchange for companies adding specific features to their products, former employees said. In-Q-Tel declined to comment.

Government agencies often demand the right to review the software code of their technology vendors, said former McAfee Chief Technology Officer Stuart McClure. That could allow them to spot. - Reuters