Comment by gohrt

you probably shouldn't trust your leased fiber with unencrypted data.

Or even your own fiber (Google owns tens of thousands of miles of it). There's nothing to prevent the black-hat guys from digging down to a cable in the middle of nowhere and installing an optical tap. Especially if they did it before commissioning, after which signal levels would start being monitored.

I've seen no indication that Google considers the NSA any sort of opponent.

Why would NSA agents go through all the trouble of tapping cables when they could probably just gain employment at Google and do whatever they want. I don't think encryption would make a difference here.

Why would the anti-virus industry refuse to hire people that had developed viruses? Aren't those the people that think like virus writers and could write better antivirus software? Same with the hacking half of that. Those are the people that best know how to secure systems.

Wouldn't it be the people that used to be blackhat and have transitioned to gray or white-hat hacking that would be the best people to provide their services for pen-testing/anti-virus writing/etc?

Is the probability of an so-called ex-virus-writer writing in exploits into the system higher than someone else?

Is their knowledge worth the chance?

> ... instant dismissal and black-listing (from pretty much the entire computer security industry)

I'm not sure where you got that from. A large percentage of the security industry is made up of people who got their start as blackhats.

I'm not sure if any security company would gain much by avoiding former government employees - you'd decline Abe Honest because he had worked in government earlier, but any Joe Infiltrator from NSA could come to your interview with CV, online profile + references/contacts claiming that he's worked in, say, Microsoft for 20 years.

Breaking: most people, even most people in the tech community, don't look on the NSA with that level of contempt, if any at all.

This is unfortunate--in a just world everyone doing this would be imprisoned for many years and have all their ill-gotten gains stripped from them--but a real fact. And the typical NSA software developer is certainly highly qualified and very, very smart. Going purely by business concerns, if you have a need for someone with the skill set that'd come from working for the NSA, you can't afford to pass them up just because they worked with the NSA.

You can also be sure that, even if the NSA were disbanded fully and all its employees hated so much that they could not get domestic employment anywhere, many international actors would be extremely excited to pay top dollar for their talent. And by top dollar, we're not talking piddling six figure salaries.

When the NSA sends people out to infiltrate companies, they won't write "NSA" on their resume. For the rest of former NSA employees, a lot of them will have resumes that say: Palantir, Booz Allen Hamilton, etc.

I suspect that anyone who has been a software developer at the NSA (or FBI) for five years has robust job security. Government employees have some extensive benefits, and these guys get to play with some serious hardware. If they like working there, I would be surprised if they were unable to keep doing so for a Long Time in the future.

Now, if they decided they wanted out, well ... good luck with that in the manner you describe. I suspect that it won't be too hard, though. They deal with "Big Data" problems at a scale that few do, so being an NSA engineer likely is bound to be a similarly prestigious resume line as working for Google. Aside from the working for an evil entity part, that is, but some employers will not care as much about that.

On the flip side of that, maybe you do want ex-NSA staff with the inside knowledge so you can protect yourself against their tactics. Isn't that the same reasoning for hiring ex-black hat hackers?

I would expect Google and similarly enormous companies to have a process in place to keep rogue agents from inserting backdoors and malicious code.