NSA and Silicon Valley—25 years of history

A career in cybersecurity

|The Volokh Conspiracy |


This is admittedly self-indulgent, but I was recently interviewed by Cyberinsecurity News about my involvement in technology and national security policy over the years, and the result might be of interest to those who weren't there for the fights that still shape the policy environment. A sample:

Now, you cannot overestimate how significant the decryption victories of World War II were in shaping NSA's culture. They were, one way or another, part of breaking Japanese codes, and Nazi codes, and everyone agreed that those decryption achievements shortened the war and maybe made it possible to win the war. Given the stakes, no one wanted to be caught in the situation again where we did not have an overwhelming advantage with respect to dealing with foreign nations' codes. At the same time, the Soviets, who had seen that experience, had developed formidable capabilities of their own. We only occasionally got little glimpses of what was going on inside Russian communications, because their encryption was so good and so disciplined. So everybody was aware that what we had achieved in World War II was not ours by birthright. It was going to have to be something we scrapped and clawed at if we wanted to get that advantage again. So NSA was reluctant to surrender any advantage, including export controls on encryption.

For Microsoft and the rest of Silicon Valley, they were already deep into the cycle of destroying other people's businesses by turning them into software. Microsoft had done that successfully and become a massive new company at a time when new companies were rare. Basically by eating other people's businesses and saying, "Oh, sorry about that!" and moving on. I think they started out with the assumption that NSA's encryption and decryption advantage was just one more business model that was not going to survive Microsoft's software advantages. They were more confident maybe than they should have been, but they had plenty of experience and a lot of achievement behind them. You had two very proud, very self-confident organizations dueling with each other over matters that each of them thought was central to their future.

More here: http://www.cyberinsecuritynews.com/stewart-baker-1