Defense, intelligence, policing, all these things exist in order to uphold the constitution, protect the "American ideals", etc. Many of his statements pretty directly show that he doesn't care about the collateral damage to innocent people's privacy or any founding principles, he just wants his mission to be unhindered. It's the same mentality behind police forces wanting to make their job less dangerous and more straightforward, by escalating use of force and trampling rights.
With this hypocrisy, as has come many times before (congress shocked and demanding privacy when the CIA spies on them, for instance)... I can only shake my head. Come on.
Encryption is our webcam tape.
They aren't particularly interested in the 'big picture'. They may say they are, they may think they are, but on a practical, day-to-day basis, it's irrelevant. They know the mission of their organizational unit, they know the goals that need to be accomplished to achieve that mission, they know the metrics they need to hit to advance within that organization, and they are adept at focusing their full attention and energy on whatever task is in front them that leads directly to those ends. It's a personality type that thrives in large organizations - government, private, whatever - and to a certain extent its necessary to make large organizations work, but the risk is that you end up with people wielding significant power who behave like wind-up dolls.
This is really the one.
It seems like the country is in a crisis of metrics. Nobody trusts anybody to do their job anymore so everything has to have a surrounding bureaucracy with the stated purpose of keeping everybody honest but having the actual consequence of setting many misguided and contradictory rules and then strictly enforcing an arbitrary subset of them.
The people who succeed are then the people best able to game the bureaucracy rather than the people who are honest and good at their jobs.
That is basically how the Soviet Union fell. Something has got to change if we don't want to be next.
I'm no way trying to defend his agency's actions on encryption - it's chilling and probably one of the most important and defining issues of the information age. Only adding this to point out that people are complex and not black and white and their motives and beliefs and actions can sometimes be in conflict and cognitively dissonant.
1 http://www.washingtonpost.com/wp-dyn/content/article/2007/05...
With people like this, I'd just really like to get them alone in a room, off the record, and probe their beliefs, motivations, why they did things, etc.
I wonder what it was like to work with Comey at Bridgewater Associates.
Step 1: Find someone using encryption
Step 2: ???? pretty easy to create a virus or something ????
Step 3: Access encrypted information.
Why dig a well when water evaporates into the air? Because pragmatically the amount of water over time matters and what could be described in an incredibly naive way as an absolute suddenly becomes a very different scenario when looking at reality.
The NSA has tapped fiber backbones, encryption would stop them from getting information from that source.
If you think there is already no privacy, post your full name, address and a picture of yourself in the shower, I'll leave it up to you whether you want to encrypt it or not.
(Also the fact that anyone is able to store crypto-currencies pokes an immediate hole in your theory)
You need encryption for the same reason you need locks. Locks are not the only trick to provide you security but they are pretty much a very necessary tool. Without solid encryption you can't have a lot of the good things on the internet: online banking, online shopping, filling taxes online,...
> it is still pretty easy to create a virus or something that access the data at the moment it is used
It is not so much anymore. Viruses are getting quite harder to make, even for Microsoft Windows. And, even if you were right, you still need encryption for people that are smart enough to avoid viruses.
I'm actually OK with the idea of sending my full name, address and a picture of myself in the shower to the NSA, CIA, SIS or similar, to be included in one of their databases. Because that's what we're talking about, privacy from law enforcement and intelligence agencies searching for criminals, spies, terrorists etc. To suggest that posting such information publicly is exactly the same as it existing in these agency databases is pretty disingenuous.
There's nothing new about this, btw. The US government doesn't care about protecting the elusive "American ideals" or your freedoms and it has been that way for decades if not hundreds of years. There's nothing idealistic about the way a government operates, regardless of country.
Excuse me, but you are made to believe that they exist in order to uphold the constitution and yada yada.
They'll voluntarily make their own jobs more difficult if it makes the project better, even in ways that only others skilled in their craft would notice. They'll actually fight management for more hours, more money, better tools, different processes, etc. so they can get it right. Management's role isn't to force them to do their jobs, but to restrain them from going overboard.
Of course, this requires that they feel respected, sufficiently autonomous, and compensated fairly. And that they like what they're doing, at least a little bit. You get this routinely from theater professionals. Warehouse stock pickers, not so much.
Quantitative metrics and "goals" are a form of coercion that management deploys against its enemies to extract performance from people who fundamentally don't want to do a good job. In this kind of situation, we've taken to threatening to cut off their access to food and medicine and send armed men to seize their homes and cars (no, the layer of indirection between employers and lenders doesn't really matter). People like to eat, so they play along. And in rote jobs that only exist because they aren't cost-effective to automate yet, maybe that's the only way to do it.
You're not guaranteed a work environment where craftsmen are intrinsically motivated just by foregoing metrics, but as soon as your introduce "goals" (i.e. threats) a good chunk of people who would otherwise be on your side have instantly switched to searching for the minimum effort they can get away with until their either retire or find job that respects them.
Even if people still somehow feel respected, hitting/optimizing the metrics probably means doing the job sub-optimally, and that takes its toll - even if you personally decide not to play the wrongheaded metrics game, others in the organization will, and that creates conflicts (that you usually lose) where there should have been cooperation.
The Wire is essentially a show about this, and how it creates institutional dysfunction that breaks cities. "The fury of a bureaucrat who wants to do their job but can't because they've been fucked over."
Again, I'm honestly asking because I don't know. Large human organizations seem to repeatably converge on similar design patterns, but if there's a better way, I want to know it.
On one hand, you want to (in my world) empower developers and let them take ownership of ... whatever. On the other hand, you want to learn, as a group how to do better. On the gripping hand, you want to be able to tell the customers (and investors) what to expect and when.
It seems as if you can do the combination of #1 & #3, somehow, without tracking what you are doing and how you are doing it, but that #2 requires us to baseline what we are doing and try to brainstorm about what we can try in an attempt to, as a functional group, do better.
In your world, measurement is "bad" for an individual's autonomy. And it may well be. How does an organization accomplish goal #2 (and #3) along with #1?
Anecdotally, I found that the self-directed process improvement (PSP - https://en.wikipedia.org/wiki/Personal_software_process) helped a great deal. I didn't go overboard with formalism, just jotted myself some notes along the way during the week that I spent 20 minutes compiling on Friday, but I found that I had to record what I was doing to even know what I was doing. And that's just me. Maybe I'm an idiot, but I really didn't know. And my own estimates of what I was doing were ... surprisingly off.
We are about one month into a three-month experiment where we are asking people to track time on their activities (mix of IT and developers). For some, it is a struggle with all the complaints when you try to make a small group "corporate". For others, they are having huge revelations of where their time is going that (I think) has been valuable.
What I've been trying to communicate is that the time tracking data has nothing to do with the individual, and is not being used as a measure of performance (it really isn't, and it isn't on anyones performance plans). What it IS being used for is a way for us to communicate with senior leadership to better demonstrate our value to the organization (in terms they are more familiar with). Basically, the "IT needs to better speak to the business" conversation that's been going on for ~15 years or so now. I suppose you could also tie it into the topic of when a startup grows beyond x people, with x in the range of 30-50 people.
It isn't actually the measurement itself. It's when the metrics end up tied to rewards and penalties that people start to game them. [1]
What you could do is measure things and then, when unit 15 is above average and unit 9 is below average, figure out why and let everybody know what works and what doesn't.
Which also has the side benefit of improving your metrics. Because if you see that unit 15 has the best numbers and you treat this as an undifferentiated "unit 15 is better and we don't know why but let's reward them" metric, you can miss things like, unit 15's district has a higher population density and they're actually below average after you take that into account.
Investigating the sources of success and failure without assigning personal consequences to them allows people to be honest about why they succeeded or failed. And then if anybody has actually found the secret to success you can share it with everyone else.
[1] Although you do have to be careful not to make "collecting metrics" a thing that eats half of each employee's work time.
That's key. You never get them right the first time, so improving your tracker is even more important than improving the tracked.