Obama's speech about surveillance last week
featured the following paragraph which gets modern cybersecurity totally backwards:
We cannot prevent terrorist attacks or cyberthreats without some capability to penetrate digital communications, whether it's to unravel a terrorist plot, to intercept malware that targets a stock exchange, to make sure air traffic control systems are not compromised or to ensure that hackers do not empty your bank accounts. We are expected to protect the American people; that requires us to have capabilities in this field.
This train of thought made sense during the cold war. Communication systems built by and used in the Soviet Union were different than those built in the U.S. So if the NSA could simultaneously find and keep secret flaws in a Russian phone system while ensuring security flaws in American phone systems got fixed.
On the Internet, that game doesn't work anymore. Tech companies, open source groups, and standards bodies sell and distribute hardware, software, and protocols globally. Countries and companies throughout the world use the same routers, the same operating systems, and the same secure communications protocols. Every undisclosed security hole and every undetected backdoor that the NSA has at its disposal to "penetrate digital communications" is a tool that attackers have to harm the targets Obama claims the NSA is trying to protect. The stock exchanges and air traffic control systems and banks are using the same networking gear, the same database software, the same VPNs, and the same web browsers as the plotting terrorists, hacking criminals, and enemy governments.
Even if the NSA only uses their powers for good, the more "capabilities in [the digital spying] field" they have the less safe American interests are from foreign spies, criminals, and terrorists. The nation will be more secure if our communications technologies are robustly secure than if we can listen in on all the world's chatter. And by making American communications more secure, the world's communications will be more secure.