The NSA is releasing a free reverse engineering tool this year at the RSA security conference in San Francisco.
A lot of people are asking about the motive of the NSA releasing a free reverse engineering tool at RSA this year.
Theories include: it’s a backdoor, it’s a tracking mechanism, etc.
My opinion? Recruiting.
It’s a PR move to attract talent post-Snowden/ShadowBrokers.
Many in the security community—who have an understandable and healthy distrust of the NSA—are wondering if there could be a backdoor in the software, if they’re using it to spy on people, etc. The various theories are interesting reading.
And reducing the loss of talent they already have.
I think the answer is much simpler—they’re using the release of the tool to inject some goodwill into the community in hopes of attracting new talent.
In short, it’s all about recruiting.
Between Snowden, the ShadowBrokers leaks, and the damage caused by EternalBlue and NotPetya, I’m guessing morale is at a dangerously low level and they need to do something to raise interest and motivation for working there.
Releasing an open-source tool to help people do reverse engineering, while simultaneously training people how to be good guys and gals is a pretty smart move in my mind.
The simplest explanation is usually the right one.
Unsupervised Learning — Security, Tech, and AI in 10 minutes…
Get a weekly breakdown of what's happening in security and tech—and why it matters.
Someone mentioned on Twitter that the move reminded them of The Last Starfighter, where an alien spaceforce used a video game to find top talent to help defend the world. I think that’s spot on.
The military has been doing this for years as sort of an open secret, and they spend tons of money making the military and government appear in a positive light in Hollywood movies.
Some might think that’s gross, but I think the worst part about it is the fact that so few people notice—or would even care if they knew. It’s the same kind of thing here with this release. It smells exactly like public relations. But is that really a bad thing?
I wish they’d just come out and say it. Own the fact that it’s a bit of PR, and recruiting, and camaraderie all in one.
Despite the failings of the NSA in recent years, I don’t know many Americans who think we don’t need them. And to do their job well they need talent. And for that talent to perform they need to believe that they’re on the good side.
Or they’re Mr. Burns waiting to pounce—who knows…
I see the overture as a good thing. It’s them eating a piece of humble pie, and cautiously reaching out to the community with a gift. I hope we accept it, and I hope it makes the tenuous bond between us stronger.
Because like it or not, we need each other.
The last thing we need—with Russia and China owning us with impunity—is to be fighting amongst ourselves.