John McAfee is one of the most influential commentators on cybersecurity anywhere in the world. His new venture — Future Tense Central — focuses on security and personal privacy-related products. McAfee provides regular insight on global hacking scandals and internet surveillance, and has become a hugely controversial figure following his time in Belize, where he claims to have exposed corruption at the highest level before fleeing the country amid accusations of murder (the Belize government is currently not pursuing any accusations against him).
In the U.S., domestic security is handled by the Department of Homeland Security. Homeland Security was formed shortly after the 2001 attacks on the World Trade Center and the Pentagon — at a time when the Internet was still in its infancy and the concepts of cyber warfare had not been seriously considered.
“The world has subtly circumvented Homeland Security and its focus on ancient security paradigms.”
I am 100-percent confident that Homeland Security is well positioned to counter the above threat, and would detect any attempts at such theft well before enough files could be accessed that would significantly damage the U.S. The problem is, we will never again see such a threat.
The world has subtly circumvented Homeland Security and its focus on ancient security paradigms. Earlier this year, the Chinese walked off with more than 14 million files of every person who has worked for the U.S. government for the past 30 years, including every person with a top secret clearance — our covert agents. This would have been beyond the realm of imagination 15 years ago, but now, we know that a pre-teen with a few weeks of time on their hands could have pulled off the same heist, in spite of Homeland Security spending billions on counter cyber surveillance tools. Why? Because America is clueless when it comes to cyber science.
Any good programming manager, with sufficient experience, will verify what I am about to say.
Cyber science is unique in the history of sciences in that man-hour requirements for any given task do not map linearly to individual programmers. I first learned this in a gig way when I managed a group of programmers while I worked at Lockheed. One of the tasks assigned to my group was the development of a very complex algorithm (my clearance at the time prevents me from giving specifics). I made a few attempts at an efficient design and concluded that half a man year would be required to implement it. I assigned it to one of my top programmers, who came back and said that it would take at least a year to implement. Something that I couldn’t put my finger on kept nagging me, though. I had two consecutive nights of dreaming about the issue and finally went to a programmer who seldom talked named Ed Hatch. Ed was quiet and didn’t join in on group discussions, but the few times I had heard him speak the eloquence was impressive.
I discussed the algorithm with Ed, who said little. I left his office still thoughtful and troubled. At noon Ed walked into my office and handed me a program consisting of less than 100 lines of code. It was the completed algorithm. I perused the code. It consisted of nested recursive subroutines arranged in such an exquisitely beautiful pattern that, in spite of my embarrassment, brought tears to my eyes. That began a lifelong relationship with Ed that has included a book on physics and numerous programming projects.
Later, when I founded McAfee Antivirus, I came across a programmer named Dennis Yelle. Dennis had no social life and would be classified by most people as sociopathic. We first met when I was running the Home base bulletin board in Silicon Valley. He was a user of the board. He had complained about the accuracy of my system clock, which gained a few seconds over a matter of months. The clock was not used for processing — just for telling time — so I didn’t consider it an issue. It was Dennis, however, who showed up at my house one morning with a new system click chip — insisting I allow him inside to change out the clock. I did not object, so he came in, shut the system down, changed out the clock, re-assembled my computer, restarted it, and left without a word.
“America is clueless when it comes to cyber science.”
The first programming job I assigned Dennis, which I judged would take an excellent programmer a couple of months to complete, was returned to me, finished, in three hours. He improved from there. For the first 18 months of the existence of McAfee Antivirus I had one programmer: Dennis. Symantec, my closest competitor at the time, employed over 200 programmers that were assigned full time to working on their antivirus product. Symantec had 10 percent of the world antivirus marketplace at the time. I had 87 percent. I have met hundreds of similar talents in my years, most recently Eijah, the architect and programmer of Demonsaw and lead AI programmer for GTA — and my good friend.
What I need to point out is the following: No matter how good an assembly line worker, bus driver, airline pilot, or ship captain may be, they cannot be more productive than their co-workers by a wide margin. You can’t push an oil tanker to make a voyage across the Pacific 200 times faster than the tanker that it left port with. But cyber science does not adhere to this constraint.
Programmers like Ed Hatch and Dennis Yelle go off, and with their reputation, are paid 10 times what an average programmer makes. The U S. government has guidelines for salaries that account for time spent at the desk only. If someone walks through the door who could save them in short order, where thousands of others have failed, and even asks for twice what others are making, they will be sent home.
We will remain a third-rate nation, measured on our cyberwar acumen, until we as a country and as a society understand the position our ossified government has placed us in.