Yes. After the Snowden leaks and Shadowbrokers/Vault7/WannaCry disasters, the agencies put a lot of effort into reassuring the public that US technology was trustworthy. This included things like making public the Vulnerabilities Equities Process [1], and other work to restore trust in cryptographic standards agencies like NIST [2]. It also included more public engagement with industry to report serious vulnerabilities [3].
The intelligence community didn't open up like this because they wanted to be nice. They did it because there was a very real concern that US industry would be damaged in the eyes of global consumers -- primarily as a result of our intelligence agencies being being too aggressive and, frankly, being sloppy. (It's bad enough to pay for and hoard backdoors, it's another thing entirely when those backdoors are repeatedly stolen and leaked for bad actors to use.)
I guess the news here is that the NSA didn't learn very much from these episodes, or at least, it no longer feels like it needs to repair the damage.
I guess the news here is that the NSA didn't learn very much from these episodes, or at least, it no longer feels like it needs to repair the damage.
This seems to be a common thread in American political corruption. After a certain point, the public just doesn't remember or can't be bothered to care or feels powerless to do anything. Then you can basically do whatever you want as long as you stay quiet enough to avoid another wave of media outrage.
Couldn't they just have said "no we have no backdoors"? NSA would look good, Congress would look good for asking the tough questions. When eventually new evidence comes to light that they do have backdoors, they have the choice then between continuing to deny deny deny, or pointing to national security interests.
>Couldn't they just have said "no we have no backdoors"?
No, because once their backdoors are (inevitably) going to be found/leaked, they'll come off as liars. Plus, if they would have said no, nobody would buy that or would think they're asleep at the wheel.
The intelligence community didn't open up like this because they wanted to be nice. They did it because there was a very real concern that US industry would be damaged in the eyes of global consumers -- primarily as a result of our intelligence agencies being being too aggressive and, frankly, being sloppy. (It's bad enough to pay for and hoard backdoors, it's another thing entirely when those backdoors are repeatedly stolen and leaked for bad actors to use.)
I guess the news here is that the NSA didn't learn very much from these episodes, or at least, it no longer feels like it needs to repair the damage.
[1] https://en.wikipedia.org/wiki/Vulnerabilities_Equities_Proce... [2] https://www.nist.gov/system/files/documents/2017/05/09/VCAT-... [3] https://www.thesslstore.com/blog/nsa-microsoft-releases-patc...