NSA whistleblower Edward Snowden says that open source and OpenStack can help users avoid the silent vulnerability of things they don’t control or influence
Using public cloud and proprietary software represents a “silent vulnerability” to millions of users around the world, according to National Security Agency whistleblower Edward Snowden.
Snowden appeared remotely via a video link at the OpenStack Summit here May 9 in a question-and-answer keynote with OpenStack Foundation Chief Operating Officer Mark Collier. Snowden said the average user is unaware of how the internet works.
“For most people, the internet is magic,” he said.
According to Snowden, it’s not good enough to let people mindlessly build internet and cloud services, which is where OpenStack plays an important role.
He noted that while there are for-profit alternatives in the cloud space like Amazon that do a decent job, they are fundamentally disempowering.
“You give them money and they give you a service, but you are also giving up control and influence; you can’t reshape their infrastructure,” Snowden said. “You end up reaching a certain point where you are sinking costs into an infrastructure that isn’t yours.
“What OpenStack does is it lets you close the silent vulnerability of things that you don’t control or shape,” he added.
The OpenStack vision as Snowden sees it is that it is private infrastructure in the sense that individuals can own and control it and can shape the foundation on which everybody builds. Snowden’s hope for OpenStack is that it will allow individuals to direct the future of the internet in a more open way.
Snowden is a strong advocate for open-source technology and processes. When he leaked his NSA revelations in 2013, open-source and Linux technologies played a key role, including the Tor network and the Tails Linux distribution.
Snowden is now president of the Freedom of the Press Foundation, which is also helping to build open-source tools like SecureDrop for sharing.
He added that the traditional beauty of open source is that many eyes make all bugs shallow, though that’s not always true as proven with the disclosure of bugs like Heartbleed and Shellshock.
That said, he noted that the discovery of open-source flaws is not argument against open source, but rather an endorsement. When a vulnerability is found in open-source software, the entire community can respond and improve. With closed-source proprietary software, the same level of visibility is not possible.
“The point to open source is that we don’t have to compromise,” Snowden said. “We want a better world so we build it.”
Originally published on eWeek