Episode 4: Jeffrey Carr on the Sony hack

Download the file

I have a couple of conversations waiting to be produced, but with all the controversy swirling around the Sony hack, I decided to have another talk with cyberwarfare expert Jeffrey Carr to figure out what the hell is happening.

PLUS! This podcast now has a co-host: friend and Chief Technology Strategist for Red Hat, Gunnar Hellekson. Gunnar is an experienced podcaster and will bring a lot to this show.

Episode 3: Jeffrey Carr

Download the file

Wow, it’s been a while. I’m sorry for going silent. I’ve been busy learning the ropes of fatherhood. I recorded this episode way back in July, and ever since, I’ve been trying to find a time to package it up.

Jeffrey Carr of Taia Global is the first person I look to for a global picture of cyberwarfare, which is exactly what I’ve found lacking for English news coverage of NSA surveillance: The U.S. is doing this, but are other countries doing the same? Are foreign leaders outraged because the US’s actions are out of line with global doctrine? Or are these leaders simply playing along, safeguarding the fact that they, like all other nations past and present, have spied on others to the greatest extent of their ability? I’m not saying the answers to these questions make the difference between right and wrong. I’m saying that the broader context is critical to understanding what is going on, and that we can’t solve this problem without that context.

There’s no way an 60-minute conversation can tell you everything you need to know. My goal for this episode was to give myself, and all of you, some basic knowledge on a very difficult topic. We cover some other stuff as well: the NSA’s dual missions of cyberdefense and offense; the questionable veracity of signals intelligence; and why superpowers are not the real threat to global cybersecurity:

As somebody who is in the profession of information security, I would like to see the NSA be clearer about its role in terms of defending our network versus finding ways to break into a network, and find a way to accomplish that mission without weakening the technology that we rely upon to defend our networks.

Footnotes for this episode:

Episode 2: Lewis Shepherd

Download the file

Lewis and I have a lot in common: he and I both used to work at the Defense Intelligence Agency, and we’re both geeks at heart who desperately want government to think differently about technology. In this episode, we talk about the tradition of cooperation between government and the technology sector, and whether more data leads to better intelligence analysis. Some quotes:

Anybody from the technology world who is having a conversation with an intelligence agency customer in 2002, 3, 4, 5…very rarely was that conversation (about privacy implications)

(NSA) was trying to meet what it thought were urgent requirements, and therefore kept any discussion of the policy implications and the civil liberty implications completely at bay.

When I would look, on a visit to Baghdad, at what soldiers in the field were doing, analysts were completely hunkered down inside well-protected bases, and staring at a screen the entire time. If you believe that you can have a totality of data…a picture of the Red force that is so accurate that you can predict what the Red force will do at any given time…then you’re gonna stay inside your bunker and never interact with the reality of Iraq…That’s another part of this discussion: What’s the optimality of technology’s contribution in modern warfare and combat?

Items mentioned in this episode:

We didn’t mention it in this episode, but if you want to understand the work of intelligence analysis, you must read Richard Heuer’s The Psychology of Intelligence Analysis. For content specific to this episode, see Chapter 5, “Do you really need more information?”, which is exactly what you think it’s about. If you want even more readings, try Curing Analytic Pathologies, by Jeffrey Cooper, or Analytic Culture in the U.S. Intelligence Community, by Rob Johnston. All three were published by the U.S. Government and are entirely free online.

I reference these works because they all touch on a fundamental problem that is critical to the subject of this podcast: How much information is enough? When do the costs of additional data outweigh its benefits? There are privacy costs, but these works focus on the cognitive costs of data: sooner or later, more information only serves to cloud your thinking. Reforming the analysis process to help analysts reach better decisions with the information they have has been an ongoing struggle for decades.

However, when reading them, keep in mind that today’s analysts track threats of a different nature than those of 30 years ago. Surveilling the Supreme Soviet, whose members are known, to defend against long-term strategic threats is not the same thing as surveilling a network of anonymous actors to defend against subway bombings. Different enough to make it worthwhile to collect metadata on everyone within three hops of a target? I don’t know. But it is different enough to warrant consideration.

Episode 1: Clay Shirky

Download the file

NOTE: There’s some reverb in this episode. I apologize. Audio quality will improve in future episodes.

Clay is the author of several books on Internet society, including “Here Comes Everybody” and “Cognitive Surplus.” I chose him for the first episode because he’s good at reviewing problems as an objective third party. In this discussion, we talk about 9/11 as a criminal act vs an act of war; the militarization of police power in small American towns; and why it’s dangerous for the NSA to have all this data (“It’s not because anybody at the NSA cares what I’m doing.”)

Some quotes:

“As a citizen, I expect that if the citizens don’t approve of what the government’s doing, even if we didn’t know, (the government) won’t do that.”

“The government has simply lost the habit of self-discipline relative to the expectations of American citizens.”

“I think every year we go in which there is no major court case hashing out the 4th Amendment limits of this kind of surveillance is bad for the nation.”

Names and articles mentioned in this episode:



Balancing security and privacy is a hard problem. Freaking out won’t do any good.

That is the inspiration for this project. I have watched in frustration as reporters have stoked public anxiety by reporting on the NSA’s capabilities, without adding any context about what these capabilities are for or how we got to this point, leaving readers to assume that the NSA is actively watching their every move.

Meanwhile, the Intelligence Community has done an atrocious job of filling in this gap, tripping over themselves with statements that do not add up, reinforcing their image as an institution that is not to be trusted. They are not in the habit of explaining their work to the public, and it shows. They continue to take the “Just trust us” approach to earning public support, oblivious to the fact that the public doesn’t know who “us” is.

It is in the interest of both sides to understand the other’s perspective. This problem was created when two parties–the public, and the government they create–lost touch with one another’s needs. Solving this problem requires balancing two competing needs: the national security community’s need for secrecy, and the public’s right to know.

Nowhere have I seen this problem mentioned by any journalist–I have not read everything on the topic, so I can’t say definitively that no one is talking about this–but the press have been preoccupied with the intrigue, focusing on revelation after revelation, leading the public to convene at, as Marc Andreessen put it, a gigantic collective fainting couch. This is not a good way to solve a hard problem.

In fact, the only time I ever heard people discussing how to solve this problem is when they’ve been saying it to me, one-on-one, during a calm, prolonged conversation about the past year’s revelations. I have walked away from these conversations thinking, “I wish I had recorded that.” These impromptu conversations were immensely helpful in helping me sort out my own conflicted feelings about this problem, so I decided to do more of them–this time, into a microphone. I hope our words help listeners appreciate the many facets of this problem and think about them more constructively.