Free Software Underlies the NSA Surveillance State

From P2P Foundation
Jump to: navigation, search

= "to trumpet free and open source software as an alternative to the surveillance systems it has helped to build is nothing but wishful thinking".


Tom Slee reacts to Jacob Appelbaum’s 29C3 keynote from December 2012, about the surveillance state:

“The picture of hackers versus spooks, positioning free and open source software as an alternative to the surveillance technologies of the NSA, just doesn’t hold up. Appelbaum must know that the NSA has a long history of engagement with open-source software, so “closed source proprietary malware for cops” mischaracterizes the technology of surveillance. The NSA Boundless Informant data-mining tool proclaims that it “leverages FOSS technology”, specifically the Hadoop File System, MapReduce (perhaps built on the Apache Accumulo project, which was created by the NSA and contributed to the Apache Foundation), and CloudBase.

These are just the most recent examples: the NSA holds Open Source industry Days, like this one last year; it developed the SELinux mechanisms for supporting access control security policies that has been integrated into the mainline Linux kernel since version 2.6. There’s a good chance that the NSA’s huge new data center in Bluffdale, Utah, which Appelbaum describes at the beginning of his talk, is running open source SELinux software on every computer.

And beyond the NSA, the new set of “Big Data” technologies associated with data acquisition and analysis has strong open source roots. These are the file systems, data storage systems and data-processing systems built to manage data sets that span so many disks that routine failure of servers is expected, and tolerance for such failure must be built into the system. While much of the initiative came from proprietary systems built at the web giants (Google File System, Google Big Table, Amazon Dynamo), the open source implementations of Hadoop File System, Hadoop Map Reduce, and databases such as MongoDB and Cassandra are becoming the industry norm. Surveillance is as much an open source phenomenon as a closed source one.” (