The Snowden revelations also killed two other illusions:
1. Putting the state-actor threat in the too-hard pile is a viable security plan.
2. If you sell to governments, especially the US government, you can also sell internationally to strategically important customers and not provide a "trust nobody" level of security. "Trust that I have implemented no back doors."
Going dark simply means providing the level of security that was always needed against mafia-connected state-actors and other high-level threats. And it means adapting to the level of trust (i.e. none) required to do business across multiple sovereign nations that want real autonomy of action.
Yes, you are right. This entire NSA thing is bad business for American companies. Even an erstwhile global darling such as Google suffers from this. They are now being viewed with suspicion ...
Around here you'll get a lot of "How dare you say Google isn't doing enough..."
The problem with that is there is a minimum threshold: Web-of-trust for key exchange; open clients; encryption the default, etc.
Google can be lauded for being 5% of the way there while everyone else is dawdling and hoping the toothpaste goes back in the tube. But that's not the same as actually equipping their users to trust nobody as the usual day to day way of working.
1. Putting the state-actor threat in the too-hard pile is a viable security plan.
2. If you sell to governments, especially the US government, you can also sell internationally to strategically important customers and not provide a "trust nobody" level of security. "Trust that I have implemented no back doors."
Going dark simply means providing the level of security that was always needed against mafia-connected state-actors and other high-level threats. And it means adapting to the level of trust (i.e. none) required to do business across multiple sovereign nations that want real autonomy of action.