William Binney doesn’t have a membership card to the small group of which he’s a part — people who have spoken out against the National Security Agency, and been left relatively unscathed — but at least he has the next best thing, a valid passport.
The former National Security Agency official, who spent three decades of his life in espionage — and is said to have been one of the reasons why Edward Snowden took and handed thousands of classified documents to journalists two years ago — still talks about his time in the intelligence community.
“The biggest threat to US citizens is the US government,” said Binney in a Reddit “ask me anything” session.
Which in itself would be a bold claim if it weren’t for the most recent revelations, which we can thank his whistleblowing “successor” for.
The NSA, once called the “No Such Agency” for its clandestine and secretive operations, has been embroiled in a string of intelligence-gathering and law-bending practices that have not only ensnared much of the world’s communications, but also the data belonging to Americans — the same people the agency is tasked with protecting.
One of those operations included developing cyberweapons based on hardware and software security vulnerabilities.
“I don’t think any software is safe from surveillance,” said Binney, in response to a question about free and open-source operating systems and software, such as Linux.
A few days earlier, the NSA, known for exploiting vulnerabilities in software, said in more than 90 percent of cases it would disclose flaws, with the exception of when “national security reasons” outweigh the public good. The NSA did not say when it would disclose those flaws, however, leaving open the possibility that they are used before they are turned over to be fixed.
Binney’s comments run contrary to how many see, in particular, open-source software, which many regard as more secure than closed-off systems, like Windows.
Ladar Levison, founder of Lavabit, the encrypted email service said to have been used by Snowden prior to his departure from the US, said in phone conversation earlier this year that although he distrusts some US software, “you don’t have to distrust everything.”
“The true problem is that you don’t know what can be trusted and what can’t. I personally find myself seeking open platforms, systems, and tools, where I can go in and look — or at least if not myself, one of my peers,” he said.
Other open-source developers, like Cryptocat developer Nadim Kobeissi, have also said that open-source code makes it near-impossible to include backdoors.
To read more and the full story follow this link to ZD Net.