Back in 2006 Ori Brafman and Rod Beckstrom, in The Starfish and the Spider, contrasted the way networks and hierarchies respond to outside attacks. Networks, when attacked, become even more decentralized and resilient. A good example is Napster and its successors, each of which has more closely approached an ideal peer-to-peer model, and further freed itself from reliance on infrastructure that can be shut down by central authority, than its predecessors. Hierarchies, on the other hand, respond to attack by becoming even more ossified, brittle and closed. Hierarchies respond to leaks by becoming internally opaque and closed even to themselves, so that their information is compartmentalized and they are less able to make effective use of the knowledge dispersed among their members.
We can see this in the way the national security state has responded to leaks, first by US Army PFC Bradley Manning and now by former NSA contractor Edward Snowden. Hugh Gusterton, in Bulletin of the Atomic Scientists (“Not All Secrets are Alike,” July 23), notes that the government is taking measures to avoid future such leaks by “segmenting access to information so that individual analysts cannot avail themselves of so much, and by giving fewer security clearances, especially to employees of contractors.”
This approach is doomed. “Segmentation of access runs counter to the whole point of the latest intelligence strategy, which is fusion of data from disparate sources. The more Balkanized the data, the less effective the intelligence. And … intelligence agencies are collecting so much information that they have to hire vast numbers of new employees, many of whom cannot be adequately vetted.”
Meanwhile, the internal witch hunt atmosphere in the U.S. security apparatus is alienating the very contract-work hackers whose skills it is increasingly dependent on. The Electronic Frontier Foundation (EFF) sticker on Snowden’s laptop wasn’t a deviation the NSA’s leadership failed to catch. It’s typical of the cultural pool from which the NSA, of necessity, recruits its contractors. Such people read the news, and they aren’t impressed with the government’s draconian treatment of people like Aaron Swartz, Bradley Manning and Edward Snowden. Recruiters are running up against increased skepticism among those with the skills it needs; the chilly reception NSA chief Keith Alexander met with at DefCon is symbolic of this new atmosphere.
Further, as an anonymous former EFF intern notes, even idealistic young people who believe in the NSA’s mission find themselves paralyzed by the increasingly adversarial atmosphere, afraid even to type code into a terminal for fear of learning after the fact that they violated one of the CFAA’s vague, Kafkaesque provisions.
All this is happening even as surveillance agencies are deluged with ever-increasing, unmanageable amounts of raw data. The ratio of hay to needles is growing exponentially. The larger the volume of raw data to be analyzed algorithmically, the larger the number of false positives the system generates. The sheer volume of false positives, and the ratio of false positives to genuine leads, is enough to paralyze government. Back in 2009, Homeland Security couldn’t react in time to stop the Underwear Bomber when his own father directly notified them he was planning to blow up a plane.
The very people the security state is most interested in monitoring — ranging from genuine terrorists to domestic dissidents like Snowden and the occupy movement — respond to every increase in surveillance by making themselves more opaque to the government. The Snowden scandal resulted in a spike in adoption of measures like PGP encryption and TOR browsing. Even as the NSA is hoovering up more and more hay, more and more needles quietly remove themselves from the haystack.
The U.S. security state and its agencies, in the long run, are doomed for the same reason that all authoritarian hierarchies are doomed: They’re stupid. And the people they’re trying to control are smart.