In America, we are all aware of the various cyber threats to our privacy: backdoors, classification, tracking, malware, and spying of unencrypted data streams to name but a few. Nonetheless, given the complexity of the systems, protocols, and opaqueness of the devices we use, most of us throw our arms up in the air, continue to use our connected gadgets, and just hope that our private data is not exposed or used against us somewhere down the road.
If we continue along this current path of using systems that do not deserve our trust, we risk permanently losing our privacy. Just consider the exponential growth of computing power, network bandwidth, storage, IoT deployment, and artificial intelligence, and it becomes a simple exercise to imagine a day in the near future where all network activity and much of our daily life are monitored by autonomous robocops. No thank you!
We must begin using systems that can be fully trusted to protect our privacy. The best response to closed, untrustworthy devices is the development of a fully open system that is architected, developed, manufactured, and tested in full public view. Many existing cryptographic algorithms and pieces of network software are already open and subject to public scrutiny, but the hardware (e.g., processors and network controllers) they execute upon is not. This needs to change for devices we trust to guard our data, and this article briefly discusses the motivation for open hardware and some of its high level requirements.
Americans should know they have a God given right to free speech, but what about privacy? There are no clear protections of data privacy in the Constitution, and it is hard to fault the founding fathers for not envisioning the Internet, smart phones, and billions of IoT gadgets watching us when electricity had barely been discovered.
For now, let us set aside the probable need to amend the Constitution to elucidate our right to privacy. However, we may be rightfully wondering to what extent our right to free speech is threatened in an environment where our private spoken and written words can be analyzed by others and potentially used against us. Are not private meeting rooms, notebooks, diaries, and family chats at a dinner table required to refine our ideas before willfully making them public?
This cannot be a “who cares” moment in American history. It is our responsibility to show devotion to the freedoms that our fellow Americans fought for in wars and died protecting. We must think pragmatically about the path we are on and what happens to our rights if privacy becomes a thing of the past.
We must also begin to demand that the systems we use be trustworthy with our private data. System is a broad term, and we would be foolish to think that every web site across the Internet could be trustworthy with our data, regardless of whether the transmission of the data is encrypted or not. However, devices that we buy and hold in our possession must keep our personal data private. Unfortunately, one of the impediments to achieving this goal is the established culture of networked devices serving multiple masters: the owner and the providers who seek to mine our data.
It is not just corporations and rogue hackers that are interested in our private data. The US Government has gone to great lengths to ensure they can also tap into private communication and data. This was codified into law in 1994 as the Communications Assistance for Law Enforcement Act (CALEA) for traditional telephony networks and later expanded to broadband Internet. Just recently, CALEA appeared in the FCC's Net Neutrality order apparently leaving the door open to instrumenting wire taps on all equipment connected to the Internet.
Most Americans trust the US Government and like the idea of them having the necessary tools to keep us safe. However, we must ask if it is necessary for our government to have the ability to spy on all its citizens. For example, the never-ending global march of Communism was decimated less than thirty years ago without the ability to spy into every American home. Also, consider what Tim Cook pointed out in his recent and now famous customer letter: “criminals and bad actors will still encrypt, using tools that are readily available to them”.
It is also no secret that various governments around the world engage in cyber warfare by introducing viruses and backdoors into their opponent's systems. Who is to say that trojan horses are not being introduced into silicon during fabrication, regardless of whether the device is genuine or counterfeit? Is it impossible during the manufacturing process to secretly insert a state machine in a network interface to be triggered by a unique bit sequence on the wire that then grants control of the system to the attacker?
The ground becomes much more fertile for secret backdoors wherever closed microcode or firmware exist. Malware can hide in disk drives, rootkits in GPUs, and backdoors can be present in network controllers. Yes, intrusion detection software exists, but adding secure software above untrustworthy hardware is like building a home without a foundation; in both cases, there is a dangerous, false sense of security.
We must collectively define and build truly open devices that we use to protect our privacy. Linux, the de facto operating system in the network, epitomizes the power of open, collaborative development. There are thousands of people looking at Linux source code every day, improving it, testing it, and fixing it. A similar rigorous process is applied to public cryptographic algorithms. Anyone and everyone can try to break them. This same philosophy needs to be adopted for the underlying hardware that is to be trusted to guard our private data. We must remember that the security chain is only as strong as its weakest link.
Open hardware components must be fabricated in an environment where each step of the manufacturing process, from RTL synthesis to packaging, can be validated by all interested parties to be free of any detrimental artifacts that may compromise the security of the finished device.
Listed below are some of the functional requirements of a trustworthy private device:
- The device must only serve one master: the owner.
- The owner must rest assured that the device is free of backdoors and other trojan horses.
- The right of a provider to snoop and collect data is null & void and any un-permitted attempts to do so must be blocked. If collection is permitted, it must be performed transparently.
- Full network visibility and control is supported to enhance our privacy and security. All activity between a device and the Internet must be visible, understandable, and simple to disable.
- Lastly, a device should be able to thwart classification of the user's network activity by automatically generating extraneous, benign requests and activity. In other words, jam the data mining radar that is prevalent across the Internet.
Of course, some of these latter goals could be achieved by existing handhelds, routers, and wireless access points, but they are not. The tech giants have led us into the cloud and IoT era but have kept us in the dark when it comes to visibility and control.
It is doubtful that these tech giants will embrace the idea of fully open devices because it devalues their closed systems and current business models. Closed operating systems, commercial processors, and data mining is collectively a multi-billion dollar business.
If our government rules that commercial devices must ship with the ability to snoop private data, then citizens should exercise their right to develop a private system for themselves without corporate sponsorship. In other words, citizens can not be forced to backdoor themselves.
However, the US Government stands to gain from the realization of a fully open system. Government employees and the data they keep secret will benefit from the knowledge that the underlying hardware in use has been thoroughly scrutinized for security holes. This in turn benefits all Americans since it will be more likely that classified data remains classified and cyber attacks from rogue nations will be less likely to succeed. It is a win-win solution. Our representatives need to get behind this initiative and let the process flourish in the open for all to analyze, test, and reap its rewards.
Lastly, it is important to acknowledge that this initiative will certainly have its economic roadblocks, and the unit cost may be higher than today's phones or routers. However, for those of us that cherish our rights, the ability to truly protect private data is priceless. And of course, wherever challenges and roadblocks exist, there are opportunities, many of which could lead to new economic expansion in America and other free nations.