Which is a fundamental mistake to make with the U.S. government, even if we’re talking only about the executive branch, even if we’re only talking about DoD, even if we’re only talking about the IC.
The current position seems to be no-one has access, not even Anthropic employees. What powers does the US government have to force them to provide access? If they have that power why did they not use it to force them to provide their products for military use?
You misunderstand - the government issued a directive to Anthropic that effectively forced them to pull access from everyone, even their own employees.
The directive was to remove access to non-Americans, not to pull access from everyone. It’s because Anthropic cannot verify the identity of its users that it pulled access from everyone, not because the government explicitely requested that.
If their operation team is not US based that's going to be difficult to operate. They would have to reorganize the whole company as I'm pretty sure that they are not employing only US citizen.
Well, kinda in effect. He lacked the authority to make the call, and it is quite obviously being ignored by most suppliers. If it were actually enforced, I believe no companies that are contractors for the DoD could even host Anthropic- like GCP, Azure, and AWS. Perhaps they are currently figuring out how to get off all cloud provider govclouds, but I doubt it.
Probably not. The US constitution limits what government can force on the people. If the NSA tries to force something that will spend years in court (if anyone wants to fight)
> The US constitution limits what government can force on the people.
The US constitution also prohibits:
- refusing to spend money that congress has appropriated
- dismantling congressionally-created federal agencies without congressional authorization
- directing federal agencies to selectively apply the law according to the preference of the executive
- giving control of federal agencies to individuals who have not been appointed by the legislative branch
- terminating, detaining, or deporting people without due process
- retaliation against private citizens or corporations for speech protected under the first amendment
- discriminating on protected grounds under the equal protections clause
... and yet the administration has done all these things with impunity while effete judges wring their hands and write sternly-worded letters. The US constitution demonstrably no longer has any force or effect.
Yeah... NSA literally has MITM proxies/interception of any traffic they want inside every major US tech company (based on my reading/following of Snowden leaks and others). Anthropic wouldn't be able to exist without implicit NSA approval. This article reads more like a marketing piece for Anthropic/Mythos... and ends by talking about how much NSA wants Anthropic models.
You just intercept the traffic after its decrypted on the server side, or are you suggesting you somehow send encrypted traffic that never gets decrypted?
It's just not technically feasible, so there's nothing to lie about. They're not MITMing petabytes/sec across dozens (hundreds?) of companies and they haven't broken TLS1.3.
If I have a box at Digital Ocean and I'm communicating with it with TLS1.3 using a Let's Encrypt cert that I generated, where, exactly, does this magical MITM box come into play?
Of course it's feasible, you just intercept the traffic post-decryption on the cloud/server side. You don't control how/where your traffic to 3p cloud services is decrypted.
You keep saying this, but it's nonsensical. If I terminate TLS on the box that does processing, there's nothing to intercept.
And these days (especially post-Snowden), many (most?) companies encrypt data when sending between servers within their own (private network) infrastructure.
I worked on these cases at EFF and I'm skeptical of the automatic "NSA has access to everything" intuition.
What we learned from that era includes things like
(1) spy agencies are incredibly aggressive and pursue tons of different angles to get access to things
(2) spy agencies have a lot of money
(3) spy agencies often have interpretations of law that would surprise the public or legal experts (and sometimes courts have issued sealed rulings permitting them to do things that surprise the public or legal experts later when they're unsealed)
(4) some people throughout different parts of society assume culturally that companies in a country "should" generally help the spy agencies of that country's government because they are the "good guys" or "on the same team" or whatever
These things are all pretty bad and scary, but they still don't imply absolutely infinite power or access, because all of them come with different kinds of pushback. People also just tell them no!
I want to write an article with a colleague about the continuing role of culture here, because I think there are companies or industries where the default reaction is to want to cooperate with the government, and others where the default reaction is not that.
There are certainly secret things that have never come out, e.g. whatever Senator Wyden keeps alluding to, and what kind of program or authority was behind the interception of hardware shipments to covertly tamper with them, and whether there is a bulk financial data interception program, and presumably lots of other stuff. I don't agree with these things, and I want them to be exposed and stopped, and I also don't think they constitute infinite power over all parts of the tech industry.
>they're cops with too much access, it doesn't take a genius to outsmart a cop
the nsa has an unlimited budget and spend a good portion of that budget recruiting some of the smartest people in the country. while they dont have super powers, they also arent the town cop who took a 6 month course after high school then joined the force.
it does no good to hold them up as mythical figures. it also does no good to pretend they are bumbling idiots.
(every math phd i am acquainted with has been approached by nsa recruiters. none of them have been approached by police agencies.)
No they don't, and if you're going to try to argue something with that as your opener, it very easily casts large amounts of skepticism on whatever you are about to say.
Perhaps you're exaggerating for effect, but that also undermines your point.
Some of the smartest people I know have worked on fighting NSA, but they had a drastically smaller budget than NSA itself, and the mental availability bias is skewed by the fact that the "fighting NSA" people talked about their work all the time, while the "being NSA" people generally didn't.
I do know one extremely smart person who went to work there, and I witnessed a failed recruitment of another extremely smart person.
> every math phd i am acquainted with has been approached by nsa recruiters.
how many of them took them up on the offer, and how many are in leadership roles?
it takes a very narrow range of personality to want to be a cop, which at the end of the day is a government job... the only people they make rich are contractors
I'm not saying there aren't smart people working there but it's ridiculous to assume they have an iron grasp on all communication from the top tech companies in the world, while also monitoring half the world's governments... they just don't
>how many of them took them up on the offer, and how many are in leadership roles?
this is not really relevant to the point, but to satisfy your curiosity: more than one, and one.
>it takes a very narrow range of personality to want to be a cop
the nsa's brightest aren't doing "cop" things. certainly none of the people i know of working there are "cop-minded" in any sense.
they are doing cool research and application things. otherwise they wouldn't be able to entice the phds to stick around. these are people that want to work at the forefront of their field, doing interesting work, and the nsa is one avenue of doing that (with good job security, benefits, etc.).
>it's ridiculous to assume they have an iron grasp on all communication from the top tech companies in the world, while also monitoring half the world's governments
we agree here. they are certainly doing "HNDL" (harvest now, decrypt later) at a very large scale. but obviously they are not able to collect and store every piece of communication at every tech company over years and years. (the intelligence community comprehensive national cybersecurity initiative data center is large, but not that large)
> this is not really relevant to the point, but to satisfy your curiosity: more than one, and one.
What? That's not only relevant to the point, it's incredibly relevant. If the NSA is only able to recruit 2% of the math PhDs they approach, then that's important information.
"More than one" is not particularly useful; you seem to be dodging the question because it undermines your argument.
> how many of them took them up on the offer, and how many are in leadership roles?
In my cohort? Several, and who knows? The recruitment effort is very visible and intense.
The US math phd market has been a slow-rolling disaster for over a decade. Everyone who can hack it outside the ivory tower is actively looking for the exits.
So why is it surprising that some of them go to work at the NSA?
> it takes a very narrow range of personality to want to be a cop, which at the end of the day is a government job... the only people they make rich are contractors
I don’t think you have context on what math phds are making in entry level positions, post-docs, or adjuncting. I just picked a random entry level NSA role on LinkedIn (doctorate + 0 yrs) and they’re offering solid six digits. There are tenured faculty (post-doc(s) + 5ish yrs) who don’t make that.
The DPA only gives that power to the President [1].
[1] https://en.wikipedia.org/wiki/Defense_Production_Act_of_1950