Hacker News new | ask | show | jobs
by tptacek 3529 days ago
This article perfectly illustrates a major flaw in surveillance journalism.

As luck would have it, I'm pretty familiar with Endace --- or was, back in 2003-2005. I was at Arbor Networks then. Arbor does large-scale network instrumentation for anti-DDoS and performance monitoring. By the time I left, every major ISP in the world had their network instrumented with Arbor gear.

We'd had lots of conversations with Endace. We were as a firm extremely interested in any technology we could buy off the rack to get performant access to raw packets and telemetry data --- Arbor had no hardware engineers, and everything they shipped at the time shipped on COTS X86 rackmounts running OpenBSD. My point here is not just that there are multiple uses for the kind of stuff Endace makes, but also that I vividly remember Endace because very few companies made products in this space at all.

Obviously, any company that can facilitate efficient access to, storage of, and analysis of raw traffic data is going to have multiple markets to sell to. And we should not make apologies for companies that take the extra money --- sell their souls, so to speak --- by offering their products to facilitate dragnet surveillance. We would all do well to keep in mind that the problem with selling to this market is far worse than NSA's abuses, which are trivial compared to the abuses perpetrated by countries in the Middle East and Asia. Point being: packaging and selling for the global surveillance market is ethically hazardous in the extreme.

No, the problem here is that this kind of story is unintentionally deceptive about who the real enablers of large-scale surveillance are. They're not the dinky little company in New Zealand selling packet capture technology. They're the networking and database giants, the companies our parents automatically have their retirement accounts invested in because they're huge components of the stock market, who have entire teams of people, euphemistically named (maybe something like "public sector" or "APAC public sector" or "GSA" or "defense"), packaging and selling 8-9 figure "solutions" to government around the world. Compared the giants, Endace is a gnat. They're not the enablers. We know who the real enablers are.

You can tell, because of the article's lurid descriptions of Endace's major transactions with GCHQ --- the focus of the article. They've got smoking gun proof: invoices for $300,000 and $160,000. Or: less than SourceFire would have charged Chick-Fil-A† to install commercial Snort boxes.

I have no idea if Chick-Fil-A was a SourceFire customer.
2 comments
YeGoblynQueenne 3529 days ago
Not sure who's letting the giants off the hook. We all know NSA, GCHQ et al government actors are snooping all they can snoop. People are afraid and disgusted of the practice enough that it must be a consideration for firms who want to seel that sort of tech. More importantly, it's probably keeping a good chunk of the smarter, more skilled engineers away from those firms.

I mean, small player or not, naming and shaming Endace is a small step towards taking down the big giants, or at least one little point of damage to their plans.

Besides, we the people are reduced to guerilla warfare, here. We can't just attack the giants directly. But you need to start with something, no?

link
tptacek 3529 days ago
I'm not talking about NSA and GCHQ. I'm talking about commercial vendors who serve as their arms dealers. Endace is a minnow in that market. Most of the money goes to just a few sharks. I'm saying that journalists need to stop fishing for minnows just because their stories are easier to tell.
link
tedunangst 3529 days ago
If we're going to hunt all the witches, may as well practice on the little ones.
link
tptacek 3529 days ago
The problem is that the obsessive focus The Intercept has on these kinds of scoops, where they've identified a "key player" in the surveillance market that nobody has heard of --- EXCLUSIVE MUST CREDIT INTERCEPT --- creates a narrative in which technical surveillance is mostly attributable to a number of small rogue companies.

But nothing could be further from the truth. The amount of money Endace made on enabling GCHQ surveillance is literally a rounding error compared to the invoices that the tech giants generated on the same projects. We are letting the giants off the hook, and hammering these doofuses from New Zealand who just want to find a way to make money building packet capture cards. I almost have a hard time blaming them: packet capture cards are fun to work on but difficult to make a viable business out of. At least I understand a sort of relatable motivation for what Endace did. No such motivation exists for the GSA/FGA sales teams of the tech giants. If their firms sold murder-robots, those teams would happily sell them to North Korea if they could.

Endace deserves the attention, but the giants deserve it more, and they're getting let off the hook.

link
tedunangst 3528 days ago
Not unlike The Thirteen Bankers. If it weren't for these individuals, everything would be just dandy.
link
tptacek 3528 days ago
That is perfect. Thank you.
link