Since June, fugitive NSA analyst Edward Snowden has been leaking Top Secret documents about the tactics, techniques, and procedures of America's top surveillance wing — some of which include details of help, coerced or otherwise, from the leading U.S. tech companies.
It's hard to put a finger on the total monetary damage American technology companies have suffered overseas as a result of the NSA revelations, but some say as much as $35 billion over three years.
Equally difficult to judge is when those tech companies will back win the trust of the globe.
This week, the folks out of Red Team Journal brought up an interesting WWII story about surveillance and counterintelligence.
At the time, the Allies had cracked the German communication code, and the Germans knew they had cracked it.
The Germans doubted their system because they knew the British could radio false orders to the German bombers with no trouble.
As [WWII veteran and author R. V.] Jones recalls, “In fact we did not do this, but it seemed such an easy countermeasure that the German crews thought that we might, and they therefore began to be suspicious about the instructions that they received.”2
The implications of this are perhaps obvious but worth stating nonetheless: a lack of trust can exist even if an adversary fails to exploit a weakness in the system.
Even genuine instructions were thought suspect, just as genuine apologies or genuine assertions in future that the NSA has been ousted from particular companies' networks may be suspect.
Bruce Schneier, an information technology expert, wrote today"I think about this all the time with respect to our IT systems and the NSA. Even though we don't know which companies the NSA has compromised -- or by what means -- knowing that they could have compromised any of them is enough to make us mistrustful of all of them. This is going to make it hard for large companies like Google and Microsoft to get back the trust they lost."