Mike Arrington on Virtru (an encryption startup):

Which is great except that the founders are ex-NSA guys who used to be paid to do things like collect emails and phone call information from hundreds of millions of terrorist suspects Americans.

That’s a really tough problem we are going to be facing. The people who are likely best qualified to build secure and robust encryption systems, are also the people who work at, or have worked at, places like the NSA, CIA, DOD, etc. That’s not to say these agencies are the only source of the talent, but they are certainly the largest talent pool of people.

On the one hand, Virtru can be seen as shady because there are ex-NSA people involved. On the other, every person would jump all over a Snowden backed startup — and the same argument about his former employer can be made as can be made of Virtru.

Which is why independent security audits are going to become a larger part of these narratives. We are basically at a point where we now know, and act, as though we cannot take people at their word. So now we need to start hiring people and asking them to please find where someone has fucked up the encryption.

Posted by Ben Brooks