There is a lot of unnecessary bile about Google getting security help from the National Security Agency. Well, unnecessary unless you believe in vampires, staged moon landings, “Bill Gates will give you a million bucks if you forward this email” or that nuclear fusion is highly sensitive to temperature, and massive stars have higher temperature cores so that they can support the greater mass of the star, all leading to the high luminosity.
Feh! SOME people.
As reported by The Washington Post:
The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity.
Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.
Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google’s policies or laws that protect the privacy of Americans’ online communications. The sources said the deal does not mean the NSA will be viewing users’ searches or e-mail accounts or that Google will be sharing proprietary data.
Despite the gnashing of teeth and wringing of pale, woman-like hands of the Find-A-Conspiracy folks, that’s pretty much it.
Here’s the deal. For generations, the National Security Agency has intercepted and decrypted/decoded the communications of America’s adversaries. In the long history of U.S. cryptographic operations, much was learned about how those enemies encrypted their communications. How our enemies attempted to intercept our own government communications was studied and procedures were implemented to protect American messages from those attempts. In the last 10-15 years, more and more of those communications – both ours and theirs – have been in the cyber environment.
Over time, NSA morphed into two primary component missions. One is to intercept, decrypt, translate and analyze foreign adversary communications. The other mission – Information Assurance – is to protect government communications but it has long assisted the private sector in securing information and information networks.
Information Assurance involves preventing unauthorized access to sensitive or classified national security information and systems. The purpose of the Information Assurance mission is to keep others from stealing or tampering with our national security systems and information. This work not only keeps our vital information out of unauthorized hands, but helps ensure that the information our decision makers need is available and reliable when they need it.
Under National Security Directive 42, the Director of NSA has responsibility for the security of national security information systems, covering the Department of Defense and other Federal departments and agencies. NSA/CSS also helps improve the security of critical operations and information by providing know-how and technology to suppliers and clients.
“NSA/CSS also helps improve the security of critical operations and information by providing know-how and technology to suppliers and clients.”
And there it is… the point – the impetus behind the NSA/Google collaboration.
The National Security Agency is using it’s familiarity of cyber operations – knowing what adversaries do and how they do it – along with it’s own expertise in protecting national information systems to assist Google and, thus protect Google’s users. Know anyone who uses Google?
This post isn’t gonna assuage those who believe NSA or any of the other intelligence organizations are out to get them. The Tin Hat League will always believe in the worst. The truth is, NSA doesn’t have the time, money, inclination or legal authority to read your email, monitor your porn habits or listen to your cell phone calls. As an American citizen, you are not subject to agency scrutiny except under very specific – EXTREME – circumstances that must be vetted through an army of NSA attorneys and the U.S. Justice Department.
So, if you want to Google “Sarah Palin bikini,” “Toyota recall” or even yourself, go ahead. No one will know.
[None of this post was reviewed, sanctioned by or discussed with ANYone at the National Security Agency, the Department of Defense, the intelligence community or the U.S. government. Information herein is unclassified and gathered from publicly available information, most of which is cited, or my own experiences.]