Sean Connery-era James Bond would envy the spying opportunities offered by modern technology, while other anonymizing tools would have saved Jason Bourne a lot of trouble. But before we get into this year's top snooping imbroglios, let's look back.
A true story
In the late 1900s, Crypto AG was a prolific supplier of industrial-grade encryption machines and cipher devices. The Swiss firm hawked its wares to governments for spies, diplomats, and political leaders in over 120 countries and was saying "crypto" before Satoshi was born.
Plot twist: In 1970, the CIA and West Germany’s spy agency bought Crypto AG together, the WaPo revealed in a bonkers story Tuesday. They worked in cahoots until 1993, when the German intelligence agency sold its stake to the CIA.
Crypto AG customers ranged from Iranian mullahs to papal nuncios. During the firm's heyday, the Soviet Union and China suspected that something was rotten. They didn't buy from Crypto AG, weary about its Western links.
Thesaurus crosses the Rubicon
In what the CIA dubbed "the intelligence coup of the century," spooks in Langley eavesdropped on sensitive communications of Crypto AG customers. A former CIA and NSA senior official told the WaPo he had no regrets from the operation, codenamed "Thesaurus" and then "Rubicon."
The CIA and NSA didn't build backdoors into Crypto AG per se, but massaged the encryption algorithms to make decryption easier. As strong encryption became more commonplace in the 21 century, Crypto AG's influence faded. Rubicon's cloak-and-dagger run ended two years ago, when the CIA liquidated Crypto AG's assets. But as Edward Snowden knows, the U.S. still fields state-of-the-art spying tools.
Back to today
The U.S. thinks Huawei is a modern version of Crypto AG operating in plain sight. U.S. officials say they have proof that since at least 2009, Huawei has been able to secretly access mobile network backdoors in its equipment around the world, the WSJ reported Wednesday.
- Huawei denies the allegations.
Keep up with the innovative tech transforming business
Tech Brew keeps business leaders up-to-date on the latest innovations, automation advances, policy shifts, and more, so they can make informed decisions about tech.
Let's clear something up: Authorized employees of network operators and law enforcement can legally tap equipment and intercept communications, in accordance with host country laws. But manufacturers up the supply chain stream shouldn't have that capability.
Why now? Washington is losing its fight to firewall global 5G networks from Huawei gear. The Chinese company has essentially said put up or shut up, asking the U.S. repeatedly to reveal a smoking gun. Washington's latest claim could be those pocket aces.
Caught in the crosshairs
With all this snooping, it's no wonder Facebook and Apple want to lock down their products with end-to-end encryption. "For all of human history, people have been able to communicate privately with each other...and we don't think that should go away in a modern society," WhatsApp boss Will Cathcart told the WSJ.
- Cathcart was taking a victory lap this week after WhatsApp passed 2 billion active users. Intelligence gold mine much?
But these encryption measures, which the feds call the "going dark" problem, can obstruct investigations. Officials say uncrackable cryptographic measures provide cover for terrorists, pedophiles, and human trackers. So the government wants the ability to access backdoors in hardware, software, comms equipment, and networking gear.
Many tech companies, privacy advocates, and cryptographic experts say that access compromises security. They think if you build it (backdoors for good guys), they will come (bad guys wanting to exploit a vulnerability). Big Tech is also justifiably worried about surveillance dragnets from U.S. and foreign governments.
Bottom line
Spies gonna spy. The U.S. has spied on Germany, its former Crypto AG partner in crime. And the NSA has hacked Huawei, among many other targets.
But Washington frets that Huawei backdoors give China an unfair advantage in espionage. At the same time, it wants backdoors into U.S. tech firms for law enforcement. Confused? Me too. Tech companies too.