On Data Leaks

I know this entry is going to disqualify me from working for big tech or the government but oh well. Other things I’ve said on this journal have probably already disqualified me anyways.

Ransomware Groups Are Scum

Ransomware groups that leak customer data if they don’t get their ransom have no morals. The only useful societal functions they fulfill are:

• Teaching people that corporations can’t protect their data.
• Forcing corporations to care about cybersecurity.

But don’t be fooled. None of that motivates them. They only care about money just like the corporations they target. In order to do some actual good, one can unconditionally leak internal company emails that reveal corruption, source code for proprietary software with anti-features, and hardware keys used by vendors to prevent installing custom roms. But not the data of innocent customers and citizens.

We Need Useful Leaks

Corporate Leaks

It honestly blows my mind that with all the employees Micro$oft has they’re able to keep Windows source code secret. Or any Micro$oft program for that matter. It only takes 1 person to leak it. I’d love to see Mac and iOS source code leaked so we know all the ways crApple is backdooring and spying on iBad users. The people deserve to know. It would be great if leaks were so commonplace that it’s impractical for any moderately-sized corrupt organization to hide corruption.

Government Leaks

If you work inside the NSA, FBI, CIA, or another government agency for any country, I encourage you to consider whether your duty to your fellow citizens requires you to follow in Snowden’s footsteps. If you expose significant corruption, you’ll quickly find out that the ‘rights’ you think you have don’t mean a damn thing. Take note of what happened to heroic whistleblowers like Snowden, Assange, and Manning. The state classified them as terrorists and traitors and pursued them relentlessly. So if you’re a government whistleblower, it pays to be cautious.

Legality Versus Morality

Unless you’re incapable of basic critical thinking, you understand what’s right and what’s legal are two very different things. The death penalty is wrong, but not outlawed everywhere. Shoplifting to feed a hungry child is illegal, but not immoral. Leaking classified government documents and corporate secrets can be ethical, if it serves the greater good.

Dumb Arguments Against Whistleblowing

Some people think it’s not their decision to make to release documents. They think that the only moral option is going through the proper, legal channels through which inevitably nothing changes. It never ceases to amaze me that highly skilled engineers in corporate/government environments don’t apply the same critical thinking required in their discipline to the ethics of what they’re doing. They can explain singletons to you but they’re too oblivious to notice their code is enabling fascism. Logic and critical thinking are general-purpose tools that apply to everything. If you can spend hours a day tracing through code, you can spend a few minutes a day considering the social consequences of what you’re doing because that’s more important.

So what’s wrong with the “it’s not my decision to make” argument? The same thing that’s wrong with the “I was just following orders” excuse that has been debunked since the Nuremberg trials. Who is making the decision about whose decision it is to make? You are. The buck always stops at you. You can delegate thinking to some authority figure but you’re still choosing your authority figures. That can’t be delegated away. You see, in the end, it always falls on you to decide what’s right.