We're risking the future of the net. People are already losing their trust. Once you get burned once - somebody steals your credit card, or makes a purchase on your account - people tend to stay away from online commerce and from trusting online services.
Governmental surveillance is not about the government collecting the information you're sharing publicly and willingly; it's about collecting the information you don't think you're sharing at all, such as the online searches you do on search engines... or private emails or text messages... or the location of your mobile phone at any time.
Foreigners like me have no privacy rights whatsoever. Yet we keep using U.S.-based services all the time, making us a legal target for gathering and storing our private information. Other countries do surveillance as well. But nobody has the global visibility that United States does.
I believe in the freedom of the net, but I don't believe in the freedom of the net at the cost of having these online criminal gangs running completely loose and using the freedom of the net to steal everybody's money and take away the trust we have.
It's so cheap to store all data. It's cheaper to keep it than to delete it. And that means people will change their behavior because they know anything they say online can be used against them in the future.
Surveillance changes history. We know this through examples of corrupt presidents like Nixon.
One thing we should all understand is that we are brutally honest with search engines. You show me your search history, and I'll find something incriminating or something embarrassing there in five minutes. We are more honest with search engines than we are with our families.
Nuclear scientists lost their innocence when we used the atom bomb for the very first time. So we could argue computer scientists lost their innocence in 2009 when we started using malware as an offensive attack weapon.
It's been a bit sad to see that out of Linux distributions, it was Android - the most successful mobile Linux distribution - that has really introduced the malware problem to the Linux world.
You can get the best locksmith in the world to design the best lock he can design, is it pick proof? No, it's not: it can be very hard to pick, but it is pickable. Because you can get, say, the next 10 best locksmiths, and give them unlimited money and time, they will figure out a way to pick it.
Anonymous is like an amoeba: it's got too many different operations run by truly different people which might not share a single person with another operation, but they use the same branding - they are part of the Anonymous brand, just like al-Qaida.
It's not publicly known, but antivirus companies co-operate all the time. On the surface, antivirus vendors are direct competitors. And in fact, the competition is fierce on the sales and marketing side. But on the technical side, we're actually very friendly to each other. It seems that everyone knows everyone else.
Stuxnet, Duqu and Flame are not normal, everyday malware, of course. All three of them were most likely developed by a Western intelligence agency as part of covert operations that weren't meant to be discovered. The fact that the malware evaded detection proves how well the attackers did their job.
We want to detect malware, regardless of its source or purpose. Politics don't even enter the discussion, nor should they. Any malware, even targeted, can get out of hand and cause 'collateral damage' to machines that aren't the intended victim.
