The NSA and the Electronic Umbrella
No one paying attention should be shocked that the NSA has placed “backdoors” in the firmware of hard drives and networking equipment. For those with less technical savvy, firmware is the low-level software that mechanically operates equipment: spin this fast, move the needle this way, and so on. It does point emphasize something the US government has long known: a government must maintain total control over its own supply chain for secure hardware. From the circuit boards all the way up to the high-level operating systems, everything must be totally secure from foreign intrusion. For the US and China, this is all well and good, and has been practiced for decades.
But what to do if you’re Canada or Taiwan? Both are active internationally, with modern militaries and hopes for regional influence. Neither has the infrastructure to affordably be maintaining an entire supply chain for secure hardware. That’s really difficult. Canada doesn’t have huge microchip fabs; Taiwan does, but they were founded by foreigners. Neither has the resources of an NSA to develop completely secure software for government use. The US and China have a hard time keeping secrets from each other; the Canadians and Taiwanese, and for that matter the Dutch and Vietnamese and Koreans should have approximately zero confidence in their secrecy. Only a few powers have the intellectual and infrastructural capacity for mostly-secure computing: the US, China, Japan, Russia and possibly the Europeans.
A hypothesis: the nature of electronic surveillance is a force tending towards tight power blocs. If you are Canada, you could try to start up and maintain a secure hardware environment no matter the cost and risks. But if you could guarantee your safety by using the NSA-approved gear…well, it might better to know the Americans are listening than merely suspecting the Chinese. If you’re a poor country relying on Chinese development aid, the choice is even clearer – take whatever the Chinese are giving you with open hands. You may have to toe the Party line, but at least the CIA won’t know about your plan to invade North Trashcanistan.
The electronic umbrella is similar to the Cold War’s nuclear umbrella, but more interesting. Nuclear weapons usage is drastic, infrequent, and incontrovertible. Electronic surveillance is commonplace, continuous, and deniable. In particular, targets tend not to know when they’ve been hacked. A known quantity of surveillance from friends might be much better than an unknown quantity from an enemy. As the implications sink in for the second-tier powers of the world, the borders of hardware and OS could end up just as clearly drawn as that of economic systems a generation ago.