First-Hand:Computer Security
Submitted by A. Michael Noll, March 12, 2024
© Copyright 2024 AMN
From mid 1971 to mid 1973, I was employed as a Technical Assistant at the Office of Science and Technology (OST) in the Executive Office of the President. We at the OST were, in effect, the staff for the White House Science Advisor, then Dr. Edward E. David, Jr. My major area of responsibility was computer security and privacy. I also worked on other topics, such as recommending increased support for the Smithsonian’s National Zoo.
I worked closely with experts at the National Security Agency (NSA) at Fort Meade in Maryland. This was a natural collaboration for me, since, from my past work at Bell Labs in speech technology, I knew some of the research people at NSA with their interests in speech encryption.
We visited many computer installations within the government at various agencies, and we also attended many academic research facilities and meetings. I was impressed with the knowledge and expertise of the NSA – the briefings they prepared for me at my request on various intelligence topics were professional and thorough. My engineering background insisted on objective analysis and data, rather than subjective conclusions. We all knew that computer security and the protection of civilian data would soon be very important.
The NSA folks visited me at my office in the Executive Office Building in Washington; I traveled up the Baltimore-Washington Expressway to visit their large facility at Fort Meade, with armed guards at checkpoints in their buildings. Even with all my security clearances, whenever I visited various spook works, there would be black cloths covering things I had no need to see. However, drawers and doors were sometimes opened for me.
I realized that the civilian economy would soon need encryption to safeguard communications and computerized data. One of NSA’s major areas of expertise was encryption – providing and breaking. However, NSA was prohibited from “spying” on Americans domestically.
The “solution” that we proposed was for the National Bureau of Standards (then headed by Dr. Ruth Davis) to take on encryption, with the NSA providing the expertise. Encryption was under very high security, with its own security system. The NSA’s management (most likely Dr. Lou Tordella) wanted new funding for this work, but the NSA was told by the Office of Management and Budget (OMB) to reprioritize. Ultimately, a NSA employee was loaned (or transferred) to the NBS to handle encryption, and that area of responsibility has continued over the decades.
The NSA is the Nation’s “code breakers.” There was concern that if industry developed its own codes, the codes would escape to foreign countries, and take resources from the NSA to break them. We felt that it was best to keep control of codes and encryption technology. The involvement of the NBS would do this. However, there also was acknowledgment that the NSA might create “back doors” to ease its code breaking. This controversy continues.
I had no need to know the intricacies of encryption, and thus did not have the unique security clearances used at the NSA. Although I had an “alphabet soup” of many clearances, I avoided security material as being “hot potatoes.” My philosophy was that he best way to hide secrets was to place them in the open. If anybody could interpret them, then I wished they would tell me, since I usually had little idea of what was really happening in the Washington bureaucracies.
Washington was much political shenanigans and posturing. I remember being shown a large room in the attic of the Old Executive Office building that containing many end tables and lamps that were used as bargaining gifts for favors to benefit the OST. Apparently, end table and lamps were not routinely or easily available, and were status symbols.
I left Washington in mid 1973, and that ended my involvement with computer security – and with end tables and lamps. I always trusted those at the NSA to be honest and do what was best for the United States – and still do.