Blue Coat Gets Slammed in Twitter

If you follow any of the proxy vendors in twitter, you can get some interesting results. This past week, Blue Coat in particular (using #bluecoat) has been called out for being a co-conspirator to events in Syria. This happened because Telecomix, a hacking group released 54GB of logs from what appears to be a Blue Coat device handling Syrian traffic, showing that Syria had been using their Blue Coat device to enable blocking of websites, and in particular, tracking of internet usage.

While it's true Blue Coat devices allow blocking of websites (and in particular for most enterprises and ISP's they use it for blocking malware and for corporate compliance), the Blue Coat device is just a tool. It's still the user of the Blue Coat device, in this case apparently the Syrian government, that chose to implement it and use it the fashion that's being claimed. While I fully support freedom and democracy, I think it's little short-sighted to blame what's essentially a tool, for the actions of others.

Especially since the company making the tool doesn't generally have control over how the tool is used after the device has been sold. Note, even Blue Coat has claimed they have a policy against selling directly to Syria, but had no control if it's sold indirectly (through a reseller). It's like blaming the manufacturer of a kitchen knife for a crime committed with the knife.

This of course isn't the first controversy a secure web gateway has seen in the news. Other vendors, like M86 and Blue Coat have seen controversy when their devices have been used in schools to block sites with LGBT (Lesbian, Gay, Bisexual, and Transgender) content. In those cases as well, it was the schools in question that implemented the policy, not the device provider, yet the protest and anger was directed at the hardware vendors, which seems to be a misplaced and misguided blame.