A while back, our local godless communist public radio station (KQED) held its regularly scheduled talk show in the 9-10 am slot, Forum. The topic was the appointment of the new "Security Czar" of the intertubes for the Obama administration, and they had a number of "computer security experts" to discuss it. Besides talking about the politics, the show revolved around the issue of the threats faced by pretty much everyone because we are now fully dependent upon the intertubes and computer technology in general for pretty much everything.Being who I am, I just had to capitalize on the opportunity to talk to these experts on this public forum and ask them a couple of questions I had on the subject at hand. Sadly, due to my limitations as a questioner I didn't quite make my point clear in the questions I was allowed to ask.
(Thanks to the wonders of the intertubes, you can find the MP3 of the episode here and I come in at the 33 minute mark)
However, I don't think it was simply my lack of skills that was the source of the misunderstanding. The fundamental issue that the experts were discussing was the security of our networks and the security of our computerized systems in general. The questions over how we protect ourselves in this digital age and why in heaven's name we simple aren't doing so in the 21st century.
The issue I wanted the computer security experts to discuss was
that there is an inherent conflict of interest in the government's position is, in my opinion, the source of why we have been unable to make any
real forward progress in security issues. We pretty much all
understand that the government has to perform surveillance. I doubt
that pretty much anyone who isn't a rabid Libertarian nut job would
understand that there are valid security and law enforcement needs for
surveillance capabilities.
And this need for surveillance and interception as well as the cracking of encrypted contents of suspected terrorists' and criminals' data causes a rather big problem for us, as citizens. Because these needs, this puts the government in direct conflict with the security needs of its citizens who live in the digital wild, wild west. Granted this thought of mine is hardly original, but I would have liked to have these computer security experts discuss this elephant that is taking up all the room on the couch as they discuss the security issues we currently face.
Basically, the government would like to have back doors into everything that they can open at will to do what they need. Now for the moment, leave aside the obvious and quite serious issues with the potential for abuse of these back doors. The issue I was trying to get these experts to discuss was the fact that because of these needs and desires, the government was conflicted in its efforts to help keep our networks and computer systems secure. And this conflict isn't just some theoretical ethical and moral issue... rather it was a fundamental impediment to actually accomplishing the goals of these security experts.
After
all, if we truly had secure networks, communications and computer
systems, then the government would find that itself in a hell of a
pickle as they found themselves locked out and thwarted by these
security systems - there would be no backdoors. Consequently, the best interests of the government -
itself - was working against the very obvious best interests of
its citizens. One hell of a pickle, even for those who consider
themselves on the side of "good." And consequently, an issue that
security experts, themselves, have a hard time dealing with effectively
- or honestly, in my humble opinion. After all, one of the guests on
the program had worked on the Clipper chip, himself.
The reason why I was reminded of this exchange though, was the recent news of the breach of Google by China. In The Great Google Coverup, Douglas Rushkoff ends with a rather entertaining thought about the incident
Part of this perception is undoubtedly due to the fact that I'm a pre-Millennial. Technically a member of the Baby Boomer generation, but only because I slipped under the net by a year. I grew up in the time before the intertubes when physical reality provided what we now know as the illusion of privacy. And given the way the Millennials seem to have adjusted to the new realities of the 21st century, perhaps all I'm talking about here is simply a quaint notion about a world long gone and which never really existed in any true sense of how we understand things.
But regardless of whether we have any meaningful sense of privacy any more, we will obviously always have issues with transactional integrity: in its basest form, I'm simply mean accounting - financial accounting, obviously. Our economy is built on digital transactions and without security protecting those transactions, we simply don't have an economy. The "cloud" and the intertubes in general, are becoming a bigger and bigger piece of that economy - becoming the foundations of that economy. And if those foundations aren't secure, then we're basically fucked. Three ways to Sunday, to coin a phrase.
And it doesn't take a security expert to see this. After all, it doesn't take a civil engineer to see that a bridge is ready to tumble over. Basically security technologies and infrastructure are the manifestation of trust. And without trust, there is no economy - certainly no modern economy. Everything crumbles to dust as soon as everyone realizes that not only does the Emperor have no clothes but they, themselves - the observers and participants - are standing around naked as well. Naked. Exposed. Supremely vulnerable.
A while back, Google's CEO Eric Schmidt ruffled more than a few feathers when he said
In my more cynical moods, I console myself with the fact that at least Google will be one of the first backed against the wall when everything goes pear shaped. Petty, I know. But sometimes pettiness is all we peons have.
And this need for surveillance and interception as well as the cracking of encrypted contents of suspected terrorists' and criminals' data causes a rather big problem for us, as citizens. Because these needs, this puts the government in direct conflict with the security needs of its citizens who live in the digital wild, wild west. Granted this thought of mine is hardly original, but I would have liked to have these computer security experts discuss this elephant that is taking up all the room on the couch as they discuss the security issues we currently face.
Basically, the government would like to have back doors into everything that they can open at will to do what they need. Now for the moment, leave aside the obvious and quite serious issues with the potential for abuse of these back doors. The issue I was trying to get these experts to discuss was the fact that because of these needs and desires, the government was conflicted in its efforts to help keep our networks and computer systems secure. And this conflict isn't just some theoretical ethical and moral issue... rather it was a fundamental impediment to actually accomplishing the goals of these security experts.
After
all, if we truly had secure networks, communications and computer
systems, then the government would find that itself in a hell of a
pickle as they found themselves locked out and thwarted by these
security systems - there would be no backdoors. Consequently, the best interests of the government -
itself - was working against the very obvious best interests of
its citizens. One hell of a pickle, even for those who consider
themselves on the side of "good." And consequently, an issue that
security experts, themselves, have a hard time dealing with effectively
- or honestly, in my humble opinion. After all, one of the guests on
the program had worked on the Clipper chip, himself.The reason why I was reminded of this exchange though, was the recent news of the breach of Google by China. In The Great Google Coverup, Douglas Rushkoff ends with a rather entertaining thought about the incident
At least a conspiracy theory, in which Google willingly gave the Chinese authority over its clients' communications, offers the comfort of there being some human agency in all this. Just as we prefer to find out that a single pilot was drunk than that there's a problem with every plane in the sky, it is easier to contend with the notion that Google's young executives made a stupid decision by engaging with dictators than to consider the alternative: that the cloud being entrusted with an increasing amount of our banking, business, and everything else, is the for the taking.It's incidents like this that always leave me wondering what it must be to live in a world where people actually believe and trust the companies that do this "cloud" shit. No, I'm not ranting about the "cloud" as a concept... rather I'm ranting about the trust that people place in "the cloud."
Part of this perception is undoubtedly due to the fact that I'm a pre-Millennial. Technically a member of the Baby Boomer generation, but only because I slipped under the net by a year. I grew up in the time before the intertubes when physical reality provided what we now know as the illusion of privacy. And given the way the Millennials seem to have adjusted to the new realities of the 21st century, perhaps all I'm talking about here is simply a quaint notion about a world long gone and which never really existed in any true sense of how we understand things.
But regardless of whether we have any meaningful sense of privacy any more, we will obviously always have issues with transactional integrity: in its basest form, I'm simply mean accounting - financial accounting, obviously. Our economy is built on digital transactions and without security protecting those transactions, we simply don't have an economy. The "cloud" and the intertubes in general, are becoming a bigger and bigger piece of that economy - becoming the foundations of that economy. And if those foundations aren't secure, then we're basically fucked. Three ways to Sunday, to coin a phrase.
And it doesn't take a security expert to see this. After all, it doesn't take a civil engineer to see that a bridge is ready to tumble over. Basically security technologies and infrastructure are the manifestation of trust. And without trust, there is no economy - certainly no modern economy. Everything crumbles to dust as soon as everyone realizes that not only does the Emperor have no clothes but they, themselves - the observers and participants - are standing around naked as well. Naked. Exposed. Supremely vulnerable.
A while back, Google's CEO Eric Schmidt ruffled more than a few feathers when he said
"If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."The cynic in me would like to believe in the illusion that Google's action over China is all about trying to regain their image as "the good guys" - the one's who do no evil - and that there isn't something far more fucked up going on. However, like Douglas Rushkoff, I think we're just seeing the reactions on the surface of the water to events far below it. Ugly realities that, like the unnamed surveyor in the H.P. Lovecraft story, we've yet to realize the true horror of.
In my more cynical moods, I console myself with the fact that at least Google will be one of the first backed against the wall when everything goes pear shaped. Petty, I know. But sometimes pettiness is all we peons have.
Your conclusions about security as it applies to financial transactions rest on the assumption that certain financial transactions exist at the heart of the financial structure that must remain secret.
The implication is that an economy cannot exist in which everyone receives equal value from the sum total of transactions (in which case there would be no need for secrecy). Or, in other words, if I produce wheat and you run the mill, I MUST be unhappy with the price you charged me to mill my wheat if I were to find out your true operating costs.
What happens if you challenge this idea and posit an economy in which I'm happy knowing what kind of profit you made because I am not left with the perception that you made out far better in the transaction than I did?
Or, to state it another way, is it possible to model an economy in which no one gets cheated because everyone knows what everyone else is making?
If we CAN model such an economy, the inevitable conclusion is that the inequities that led to the current economic collapse were made possible by over-efficient security (i.e., secrecy) around financial transactions.