Interesting People mailing list archives
Google Engineers Refused to Build Security Tool to Win Military Contracts
From: "Dave Farber" <farber () gmail com>
Date: Sun, 24 Jun 2018 11:01:10 +0900
Keio University Distinguished Professor Tokyo Japan Cell +81 70 4490 7275 Begin forwarded message:
From: Ross Stapleton-Gray <ross.stapletongray () gmail com> Date: June 24, 2018 at 10:39:15 GMT+9 To: DAVID FARBER <dave () farber net> Subject: Re: [IP] Google Engineers Refused to Build Security Tool to Win Military Contracts This reads a little weird. In that world (my former world), an "air gap" is essentially the act of not connecting two systems. I left a bit after the Intelligence Community started to elevate "open source intelligence" as a thing, hence wanted much more ingestion of outside stuff, and there was a lot of focus on things like A/B switches, where an analyst could have a classified network connection to their desktop, alongside an unclassified one, and manually switch from one to the other, but you'd have to purge the workstation's memory before going from the classified to the unclassified connection. Lots of attention paid also (then and certainly now) to "cross-domain" solutions, for moving information from a system at one level of classification, to another at a different one. Less of a problem bringing less sensitive information into a more sensitive system (down to, say, writing a diskette on your workstation connected to the Internet, walking it across the "air gap" via "sneaker net," flipping the write-protect tab, and reading it on your classified workstation); far greater difficulties in going the other direction, and getting anyone to sign off on a solution that could automatically screen information for release. So something dubbed an "air gap" technology is puzzling... Related, there was an interesting SBIR topic this past fall: the Air Force was looking for solutions to more cheaply digitize tons of paper whose contents would need to be reviewed for potential declassification and release: https://www.sbir.gov/sbirsearch/detail/1319143 I know of a clever hack to address a lot of this, piggybacking on an existing company in the (unclassified, not working with the IC) space, and may get around to pitching it some day. Ross Stapleton-Gray & Associates, Inc. Albany, CAOn Sat, Jun 23, 2018 at 6:09 PM, Dave Farber <farber () gmail com> wrote: Keio University Distinguished Professor Tokyo Japan Cell +81 70 4490 7275 Begin forwarded message:From: Lauren Weinstein <lauren () vortex com> Date: June 24, 2018 at 00:05:46 GMT+9 To: nnsquad () nnsquad org Subject: [ NNSquad ] Google Engineers Refused to Build Security Tool to Win Military Contracts Google Engineers Refused to Build Security Tool to Win Military Contracts https://www.bloomberg.com/news/articles/2018-06-21/google-engineers-refused-to-build-security-tool-to-win-military-contracts Earlier this year, a group of influential software engineers in Google's cloud division surprised their superiors by refusing to work on a cutting-edge security feature. Known as "air gap," the technology would have helped Google win sensitive military contracts.
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-a538de84&post_id=20180623220120:7B28ADAA-7752-11E8-A105-AAE503C328F5 Powered by Listbox: http://www.listbox.com
Current thread:
- Google Engineers Refused to Build Security Tool to Win Military Contracts Dave Farber (Jun 23)
- <Possible follow-ups>
- Google Engineers Refused to Build Security Tool to Win Military Contracts Dave Farber (Jun 23)