Schneier on Security
A blog covering security and security technology.
« Friday Squid Blogging: Bomb Discovered in Squid at Market |
| Sixth Movie-Plot Threat Contest »
April 1, 2013
What I've Been Thinking About
I'm starting to think about my next book, which will be about power and the Internet -- from the perspective of security. My objective will be to describe current trends, explain where those trends are leading us, and discuss alternatives for avoiding that outcome. Many of my recent essays have touched on various facets of this, although I’m still looking for synthesis. These facets include:
- The relationship between the Internet and power: how the Internet affects power, and how power affects the Internet. Increasingly, those in power are using information technology to increase their power.
- A feudal model of security that leaves users with little control over their data or computing platforms, forcing them to trust the companies that sell the hardware, software, and systems -- and allowing those companies to abuse that trust.
- The rise of nationalism on the Internet and a cyberwar arms race, both of which play on our fears and which are resulting in increased military involvement in our information infrastructure.
- Ubiquitous surveillance for both government and corporate purposes -- aided by cloud computing, social networking, and Internet-enabled everything -- resulting in a world without any real privacy.
- The four tools of Internet oppression -- surveillance, censorship, propaganda, and use control -- have both government and corporate uses. And these are interrelated; often building tools to fight one as the side effect of facilitating another.
- Ill-conceived laws and regulations on behalf of either government or corporate power, either to prop up their business models (copyright protections), fight crime (increased police access to data), or control our actions in cyberspace.
- The need for leaks: both whistleblowers and FOIA suits. So much of what the government does to us is shrouded in secrecy, and leaks are the only we know what's going on. This also applies to the corporate algorithms and systems and control much of our lives.
On the one hand, we need new regimes of trust in the information age. (I wrote about the extensively in my most recent book, Liars and Outliers.) On the other hand, the risks associated with increasing technology might mean that the fear of catastrophic attack will make us unable to create those new regimes.
I believe society is headed down a dangerous path, and that we -- as members of society -- need to make some hard choices about what sort of world we want to live in. If we maintain our current trajectory, the future does not look good. It's not clear if we have the social or political will to address the intertwined issues of power, security, and technology, or even have the conversations necessary to understand the decisions we need to make. Writing about topics like this is what I do best, and I hope that a book on this topic will have a positive effect on the discourse.
The working title of the book is Power.com -- although that might be too similar to the book Power, Inc. for the final title.
These thoughts are still in draft, and not yet part of a coherent whole. For me, the writing process is how I understand a topic, and the shape of this book will almost certainly change substantially as I write. I’m very interested in what people think about this, especially in terms of solutions. Please pass this around to interested people, and leave comments to this blog post.
Posted on April 1, 2013 at 6:07 AM
• 75 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
how about "Power Lost", Losing Power,
Jaron Lanier's new book "Who Owns The Future" has some interesting hypotheses on the rise of surveillance/exploitation of privacy on the 'net.
He posits that it's got a lot to do with other avenues of making a profit being made difficult by the demonetization of information. That one of the few reliable ways of making money is to learn everything that is possible to learn about people and use that information in extracting money from advertisers.
He also has some thoughts on security and encryption and the assumptions that geeks make (that they can protect their own privacy and aren't really concerned about the privacy of people who don't know how to cover their own tracks)
He also has some suppositions on the future of "network elites".
Might be worth a look while you're researching your book.
You could also consider the whole 3d-printing/intellectual property issues as a section of its own, and not just copyright and the bad laws/regulation as a result of that.
I think the ability for people to easily share, copy and reproduce physical objects will be a bigger game changer than the music/video model change has been to corporations. And look how much bad law/regulation has/is emerging as a result of that.
All business models that depend on physical scarcity (used to be cd's for music) could be at threat if 3d printing keeps improving in the coming years, and the internet is still capable of spreading information (defcad for example) freely.
Will all those kind of businesses adapt quickly to make use of the new technologies, or will they lobby for bad regulation/control etc? i think i know what will come first.
Don't forget the continued blurring of physical space and cyberspace through a variety of channels that once would have been science fiction: self-driving cars, image and facial recognition software for security cameras, autonomous drones (your surveillance essays involve these topics). The ability to exercise internet-supported power is going to continue to grow.
For contrast, you could include North Korea - zero internet, but extreme central control.
Cryptoanarchy is a feature not a bug - all power to the anarchists!
You should also check out 'The End Of Power' by Moises Naim and 'The Future Of Freed' by Fareed Zakaria. Very good books on the issues you point out and where both think the world is likely headed.
Under the "ill-conceived laws" section, don't forget to dig into the massively different timescales of technology versus legislation, and the problems that arise from attempts to micromanage the specific technologies rather than the behavior or effect. A good example is the recent increase in laws against texting while driving. The "behavior" is distracted driving, but the "technology" is texting. By the time the laws get passed, texting is already almost obsolete. What about sending e-mail? Updating a twitter feed? Answering a linkedin request? Uploading a video? What about my phone that allows me to send a text hands-free via bluetooth?
Other examples are the ECPA that decided email is abandoned after 180 days. Or the laws that assume a transient cached image of a passing email counts as a "copy". Or the different handling of telephone calls versus a network packet stream (all calls are packet streams these days).
Laws made over the span of years to regulate technology that changes over the span of days, by people who don't even understand what was in place yesterday, are a disaster.
The irony will not be lost on us if you choose to work with a publisher that only releases a DRM-encumbered e-book.
Consider your audience. It may be worth your while to sell a DRM-free EPUB edition.
When I hear the term "cyberwar", I'm - in a way - amused. It seems like the powers that are need a new field of operation, because the old one has become so boring and unthrilling - war has such a tremenduous (social) cost that it's not perceived anymore as a viable means to "solve" a conflict.
so today, the new playing field is "cyberwar". It's the first "war" that depends on infrastructure staying in place - you need an internet connection to your enemy.
I think, cyberwar - despite all bad things that can happen, like power outages - is not as influential and bad as it is thought of. We already have had goverment independent players in the field - hackers. In military combat, those were called mercenaries, but on the internet they're just ordinary people with a special hobby. We have a third party that can influence people on both sides of a "cyberwar". In some way, it's a sport: who can beat whom?
One solution to the "cyberwar" trend would be to host a cyberwar league - a sports league where the best players can show off their skills, become world famous and show everybody how insecure their system is.
The "applianceification" of computers is one of the ways of achieving and increasing the power imbalance between users and computers.
General purpose computers are reduced to eVending machines for leasing access to bits.
Concepts aren't taught, only how to use $VERSION of $APPLICATION to do $TASK.
Privacy and creativity are devalued to the point of users exchanging them for a few MB of online hosting. Even the humble hand-held games console demands internet access to report back to the mothership.
The end result is the deliberate dumbing down of a generation of powerless users at the mercy of feudal security models, with no understanding or expectation of privacy or security.
There are counter-movements; hackerspaces, Arduino, Raspberry Pi, CoderDojo, etc.,
places and communities that build from scratch rather than buy an app.
To the section on iFeudalism and how it shapes society for the worse you might want to add a what to do about?.
Historical civil societies followed to solve the problems mankind had under feudalism. Why not again? The difference: the law needs to come from contracts, not kings.
Read more about cloud systems based on machine executible contracts:
Readers who buy into the rules E. Moglen demands in virtual spaces -independence of avatars from individual contracts and contracts in machine-readable form- may skip the philosophy. To readers surprised by the analogy and method we recommend to read B. Schneier's essay on feudal security first. He uses the same analogy to illustrate how technology shapes society today. Assuming that there is an actual advantage in civil societies above "state of nature" we shall apply the recipe to networked security. In essence: create an autonomous system, which can handle contracts.
Great Bruce, would you also maybe care to comment on virtual currencies esp Bitcoin and how some of the public ledger type tools might lead to interesting 'trust' models?
Take a look at Brin's 'Transparent Society'. His premise is that some of these issues would be addressed by a regime of mutual surveillance. e.g. the police have cameras everywhere but they are also always on cameras that other people can watch to see that they are up to
I'd encourage you to discuss algorithmic forms of social control. See predictive policing.
Amazon recommends... a visit from the authorities
I'm trying to figure out myself what the world looks like. One thing that I think is going to happen is that the world is probably not going to look hellish to everyone. If we lived in a dystopian future which was bad for everyone, then people would rebel. What's more likely is that we are going to end up in a world which is "comfortable" for most people. It's terrible to be a political dissident or an unconventional thinker in Singapore or China, but most people aren't dissidents or unconventional thinkers.
Duaine: Laws made over the span of years to regulate technology that changes over the span of days, by people who don't even understand what was in place yesterday, are a disaster.
In fact, if there is uniform consensus on something, you can get very fast changes in the law. The trouble is that for most things there is no uniform consensus and it can take years to get something that has enough support to avoid a "blocking" coalition.
There are ways to get around laws. One is jurisdiction shopping in which you make bureaucracy work for you rather than against you. What you do is to sign your contracts in some part of the world with laws that you like.
There is a big legal problem with "machine executable contracts" which is that how can you "consent" to a contract that no human being has read, and what happens if there is a "bug" in the contract or what constitutes a bug.
It's actually not that hard to write a program that takes a formula in a financial contract and turn that into a legally binding contract. However, people don't do that because they want a human being to be responsible for actually "consenting" to a control.
Also it turns out that most financial transactions don't involve massive interchanges of contractual information. What you end up doing is to have a consortium like ISDA write the "standard master contract." Two people that want to trade sign that master contract once, and then all of the financial trades are technically speaking amendments to that contract. The reason that people want standard contracts is so that you don't get weird interactions. It turns out that to write a master contract takes several years since there are all sorts of bugs that you can run into.
The other thing is that it can be a bad thing for two sides to negotiate a contract. When two banks negotiate a contract, you have two teams of highly paid lawyers work through each clause. When you have a bank or other large corporation interact with some random person, that random person is likely to get screwed badly because they don't have a legal team working for them.
Knowledge (& information) has always been a currency of power. Those who seek to control (amass and retain power) often do so by controlling information. Things that disrupt the preservation of a steep information[-dissemination] gradient can be perceived as threatening by those amassing power in this fashion (e.g. Gutenberg, SMS, internet).
An additional interesting perspective, from Scott Adams: http://www.dilbert.com/blog/entry/...
Also, I think it's important to realize that "we" don't agree and to figure out what it is that "we" disagree about.
The other thing is that if you are in a situation where you are an individual versus "corporations" or "governments" then you are dead. However corporations and governments disagree with each other, and the only chance you have as an individual to make a difference is to weigh in when there is a disagreement.
For example, the MPAA is in favor of strong copyrights. Google and smart phone manufacturers don't have the same interests. On human rights issues, I tend to be on the opposite side of the Chinese government, but the Chinese government could be an extremely useful ally when it comes to weakening IP laws or even in not cracking down too much on hackers.
One thing that I gives me some hope is that in every issue that I can see, it's not A versus B but rather there is a mix of weird coalitions and alliances.
Does it really matter whether the law comes from contracts or kings, as long as kings can shoot the people who write or enforce the contracts? Consider, for example, the Wikileaks payment blocks. I'm sure those arguably violated some contract somewhere, but getting it adjudicated was clearly never going to happen.
Personally, I'm most worried about the proliferation of limited-use computer systems such as smartphones and tablets, where -- in addition to the surveillance issues -- courts and legislatures seem much more willing to countenance the idea that buyers should be prohibited from making any modifications without all the sellers' permissions.
Bruce, here are some additional cold reality bullet points" that you might consider in your book - these issues were being discussed at RSA this year amongst Govt think tanks, security forecasters and predictive analytic researchers -
Humanity is fighting a civil war over privacy but the people who already gave up their privacy don’t know about the war yet.
The battle that looms ahead will be fueled by products like Google Glass and targeted at the companies that bring similar products to market.
Google’s entire ecosystem is based on exploiting its customer and getting their users to “sell out” their friends – google glass extends data capture to a cadre of surveillance soldiers that will be able to data mine anybody who comes within camera shot of them - indoors, outdoors on both private and public property.
All of this data will live in a repository that will be vulnerable (or ripe) for exploitation.
People who are passionate about their privacy will likely fight to protect it. This could lead to civil unrest between strangers, friends and even family members. Brother against fathers, mothers, sisters and friends. Civil wars are ugly and fueled by passionate interests hard-wired into a persons beliefs.
Security professionals are already worried that Google Glass users will be threatened and/or subject to physical violence for capturing a third parties information without their authorization. There is further speculation that privacy fighters will take the battle directly to the corporations that bring these products to market.
Google, Facebook and other data exploitation companies are becoming more aware of their growing risk to both the company and the safety of their employees as their products and services continue to exploit their customers.
Government, Finance and Insurance industries are all aware of this growing risk and each are respectively working (quietly) to protect and insulate themselves from this inevitable conflict.
The reality of privacy erosion is that it results in the loss of the very foundation that the United States was built on - personal freedom. Over the course of the USA's history, citizens have fought hard and died for it.
Your comment "The four tools of Internet oppression -- surveillance, censorship, propaganda, and use control -- ...are interrelated; often building tools to fight one as the side effect of facilitating another." Got me thinking. Will these effects, as with so many things in life mean that the "power players" cancel each other out?
I'm reminded of the time-honored Chinese diplomatic strategy of keeping their enemies fighting. The result is that, while the enemies collectively could have overwhelmed China, the infighting left an often objectively weak China largely independent for nearly 2000 years.
Is this lesson applicable to the world's population as a whole? In relative power to governments and corporations, we may be weak. However, if we can play the corporate interests against the government interests, we may find ourselves largely free.
I wouldn't have started a serious conversation on 4/1, and even though this may well be a prank ...
The internet makes many things easier to do faster. That's neither good or bad, but the power-minded are not stupid - they were sure to notice. Once upon a time, if your basic evil dictator wanted to make sure he was reflected well in the history books, he made the book companies in his country print what he wanted to hear and the schools in his country use the resulting books. Easy, albeit slow.
Sure, there was a risk that somebody else might write an unbiased (or counter-biased) history of his country, but getting a book published poses its own barriers. Even so, the schools wouldn't use it and he could probably keep many bookstores from selling it. This was a manageable problem.
Just add the internet, and the problem gets out of control. Every two-bit dissident, or security expert, has their own blog and it's on the same internet as the dictator's official message. The old-style military response that kept the "bad book" under wraps is a huge amount of work now, the dictator has to go into the firewall business and it's really hard to control Tor sites in other countries.
What's a dictator to do? The obvious response is to launch a "louder" messaging/propaganda campaign. Tell folks they need to "make up their own mind" on the meaning of past events, while publishing a large volume of false information to "spin" the dialog. People buy into the notion that they are important, and their opinion counts, and the special interest dictator with the most money wins.
It all boils down the the old Daniel Patrick Moynihan quote "Everyone is entitled to his own opinion, but not his own facts." On the internet, it turns out that Moynihan was wrong. You can have your own facts, and if you spend enough on SEO your facts can be the facts people hear first and most frequently.
It's not a new power, but it's a new outlet for an old power. The more we depend on the new outlet's version of the truth, the more we select which sources are reliable based on their alignment with our preconceptions, the more that the notion of truth becomes fuzzy. Just the way evil dictators like it.
Your "need for leaks" link is broken. Thank you for writing such great articles and speaking out!
I belong to a part of the population that is psychologically opposed to non-consensual mass-surveillance and mass-control. I know that my awareness that this is happening, is enough in itself to cause me psychological distress and thereby degrade my quality of life, even before I start to think of more tangible consequences.
I identify, broadly, as HSP1 (Highly Sensitive Person), a classification that accounts for about a fifth of the population. For me, and others like me, these developments are psychologically crushing.
But if the remaining eighty percent have these sensitivities, they have them in lesser and more-tolerable degree, and they are therefore presumably the ones who remain more or less blase about these issues. They are in a devil's bargain though.
As Dostoevsky wrote:
No science will feed them while yet they are free. But the time will come when they will come to us and say, "enslave us if you will, but feed us".
So as long as the bread an circuses keep coming, the less sensitive will go along with whatever is required of them. They will start to complain only when the cupboards are bare. And then, they may be forcibly reminded of the bargain's price.
Sadly, if you press me for solutions the only thing that comes to mind, in which I have any faith, is 'history'. And I think it will probably be painful, as usual. Especially for me, and those like me.
1) See: https://en.wikipedia.org/wiki/Highly_sensitive_person
The problem you are going to face is hyperbole.
Most of the comments you see here and the books that are recomended are all based on multiple layers of supposition to the point where they are little different to castles built on clouds.
As we have seen with cyber-crime and cyber-espionage humans actually move their reality a good deal slower than the technology and as such nearly all that is done in the intangible Cyber or information world is actually a re-working of that which is well known tried and tested in the tangible physical world.
Thus you have two predictive paths,
1, That based on what is known in the tangible world.
2, That which is new based on the differences between the intangible and tangible worlds.
To use the second path which is the area I suspect you will want to concentrate on you will need to strip back the Internet into it's two component parts the tangible and intangible asspects.
Some time ago I posted a list to this blog of some of thhe differences between the intangible information world and the tangible physical world.
The first point I made was that information is not constrained by the laws of the physical universse in that it is not comprised of energy/matter or forces.
The second point I made was the only time information became constrained by physical laws was when it was encoded onto matter/energy for the purposes of communication and storage in a way that humans can use.
It can be realised from this that there are issues to do with nonlocality, effectivly zero cost duplication, thus unlimited force multiplication and due to other effects effectivly instantaneous universal action.
Another thing you need to consider is the value of information in terms of monetarisation and thus taxation. Part of this is assessing the value of information in transit.
Then there is the control of information and how it effects people by it's storage and access. Within living memory politicos could make statments within a short duration time context with little fear of comeback from times past. With the Internet no sooner has a politico opened their mouth than somebody is pulling up things they have said in the past that are at variance with their current spoken position. This actually scares the politico's quite badly, because most times they cannot remember past statments and importantly the context they were made in. Thus part of the reasoon we have "sound bite" statments is fear of what is in effect "perfect citizen memory" that can be used to a politicians considerable disadvantage especialy if a slant is put on iit by setting statments in current context not past context. This obviously has a knock on effect of turning poliitics further into a "cult of vacuous image without substance".
Politico's were infact some of the first victims of what we would now call Cyber-stalking where your are in effect forced to continously relive your past, where the only self defence is not to have opinions or substance just vanilla existance. Which is actually likely to produce an even blander non cultural society.
If you realy want to think about the future I would urge you to first study the past and look at the effects oon society of firstly grain cultivation. Then domestication of animals, through the effects of brewing of beer and the effects of increasing population density on specialisation in arts and later pre industrialisation artisan activities that eventually gave rise to tools and machines that allowed "force multiplication" and the realocation of power (think windmills run by just one or two individuals that in efffect replace the work of eight hundred individuals). Through the industrialisation of weaving, book production, cargo transport to cheap reliable mass transportation (trains) the telegraph, telephone and radio.
Each of these events produced a step change in society that society had to become accustomed to and each in turn was actually due to the movment of intangible information that brought the step change to the tangible physical world.
Secondly I would also go and look at the works of the "social thinkers". Which in many ways started with the reformatiion of religion and how the likes of Jeremy Bentham, Karl Marx and George Orwell came about their ideas and predictions.
I agree that we are headed down a dangerous path, very dangerous I'd say-- our fundamental freedoms are being pulled away right under our noses. The question of whether we have the political or social will to face the problem and act is a central one. I think (and hope) that it is an overwhelming yes. But we do need help. Help in crystallizing our understanding of what is happening and unifying as a society because despite how diverse our interests might be, their pursuit is only made possible by a stable foundation freedom and cooperation.
I would like to see you analyze your feudalism concept in a different way. Compare portions of the current environment in an entertaining way to several different political structures. For example Corporate Social Feudalism, Open Source Libertarianism, Social Democracy, Dictatorialism, Firewalled Communism.
After analyzing, I suspect there will be differences in the Internet world vs the political world. I also expect there is a history of government evolution that can be applied to the current struggled for control in the Internet.
@joequant: you might want to read what's there about machine executible contracts. It's all about how to design this in such a way that a) persons can read&audit it b) can express their consent/disagreement c) can close contracts themself d) exclude any central authority e) don't need to trust each other f) don't have to trust their own machine beyond the moment. etc.
There where problem; solved.
who ae actually the 'main' protagonist?
the webward principalities (Google, Apple,...), the classic RL principalities, the merchant guilds of service providers (intervowen into their principalities, of course...).
Actually, the relationship between the Google etc. and the classic states is somewhat similar to the relationship between the hanseatic league and the fractal principalities of the German empire and of nothern Europe. Some hanseatic cities were free cities within the empire with major economic influence etc.
...but maybe the analogy is a bit weak (and I am biased being german ;) )
I grew up with the internet in the mid-90s and it seems to me that the standard then was to use a handle, a nickname or whatever when being "on the net". Using your real name was not common. Adding up to "QnJ1Y2U"'s post, I might add, that today we are forced to use and are using more and more our real names when being online. The names are linked to online services and we form the "outgroup" if we do not agree to this. I think the continuous blending of real world and cyberspace is one of the main features that marks today's internet and that has led to today's imbalanced power situation, i.e. what you describe as feudalism: Give me your real name and identity, and I'll give you anything you want.
A look at how China deals with the internet and its users might be useful: the system of "real name registration" forces users to register for a lot of important services, be it buying train tickets online or using the IM-program QQ. China may reflect an internet vs. power situation vs. users at its best.
On trust and companies that (ab)use it: one of the features, I guess, is that most trust-relationships today are kind of covertly performed: The company offers service X for free (or a small sum) and most normal users do not think about what they actually give away (identities, information, data to be sold), they seem not to be aware that the deal "service in exchange for data/…" is actually a trust relationship. Trust that has been broken is only noticed when data has been leaked.
Often, people are blinded by the fanciness, shininess and practicality of services and do not realise what they actually give away. In addition, services like Facebook and Whatsapp work because of group pressure: Everybody is using it, so I don't care about security and where my data goes. Feudalism works so well because it links up to human's need to be part of an "ingroup" and not the "outgroup".
Bruce - how about you bust open all the FUD surrounding 'cyber'. Call it something like: "Cyberrheoa: the Emperors New Clothes" or something like that.
We all know that 'cyber' is nothing new. Yet, there are a good number of (previously well respected) security professionals falling into the 'cyber' trap, bleating on about 'new' threats, computer based Government backed espionage and the like as if these were new phenomena.
We have a real problem in the security industry at the moment with these idiots with vested interests in shifting more units of the latest 'cyber protection' product. They unfortunately have the ear of Governments the world over and they are damaging the credibility of the industry as a whole with their constant FUD.
If someone well known (such as yourself) doesn't stand up and call 'time' on these muppets soon, all our credibility will be irrecovably damaged.
The security industry is heading for its own Y2K moment and if we don't turn back soon it will take us YEARS to recover any semblance of credibility we once had.
I suggest the title Net Power, which is a pun meaning both internet power and a summary of power.
check out Alex Galloway's The Exploit
"Permission to retrieve your data denied"
Now that will be interesting.
Seconding the recommendation to read Brin's "Transparent Society," for reference if nothing else. I didn't really like the conclusion when I read it years ago, but some of your recent essays about the internet as a surveillance state had me thinking about it again as one of the few possibly acceptable means of maintaining a little freedom or control.
Trust is an information availability problem. Trust underlies all these problematic relationships. Information availability problems can be solved with information technology.
You cannot know what a person will do in the future. They probably don't know that. You can predict it with reasonable certainty though, if you know what they've done in the past in similar situations. That information is usually not recorded. It's available only to those who know the person, which is why trust grows from experience.
Trust (which is a property of a relationship) is also somewhat transferable. If Alice trusts Bob, Carol can probably trust Bob too, if the Carol-Bob relationship is similar to the Alice-Bob relationship. If Carol knows Alice, she could develop trust for Bob without knowing Bob. This is an information transfer: Carol is leveraging Alice's knowledge of Bob.
The whole hierarchy of power is built on this. Power grows over time, not because the powerful become more trustworthy, but because they manage to distribute the knowledge of their trustworthiness (i.e. their reputation: the consequences of interacting with them) more broadly.
Trust information is distributed in a very word-of-mouth manner right now. It doesn't always have to be that way though. One can imagine a vetting service that operates in real-time.
One can also imagine that such a service would be very valuable to subvert. Perhaps too valuable to centralize. It would have to be federated.
The internet has been moving to a progressively more central operations model since the mid-90s. SMTP is a federated protocol, but I would wager that there are fewer than 10 email domains that you interact with on a regular basis at this point. Most domains owners do not operate their own hosts, let alone their own mail servers. This move from federation toward centralization of services is in the interests of the service providers. It fuels information feudalism. And it's about complexity. I gave up running my own mail server when managing the spam filter became too burdensome. Gmail was so much easier, even though I was aware of the privacy implications.
If we are to reverse the move toward feudalism, we need ways to make federation simple and affordable again, especially in the spaces like social networking, where effective federated solutions just don't exist.
My opinion, which probably goes too far afield for your liking, is that a lot of these problems stem from the desire for attractive and friendly interfaces. We have no shortage of secure systems. They're just undesirable, for one reason or another. The major vendors don't have to provide true security because customers can't distinguish true from false, nor are they willing to pay a premium for it or miss out on a sexy feature.
Three solutions spring to mind: devoting resources towards making attractive, compelling solutions that are secure and private; creating a culture that values security and privacy over beauty and easy-of-use; and legislation. Of the three I think the first would result in the "best" world and is correspondingly unlikely, the second seems doomed, and the third seems like probably the best for short-term ROI, although probably a cause for long-term concern.
Looking forward to reading your book and finding out what you have to say about these issues.
I've been thinking about this a lot lately with respect to educational software. The Gates' Foundation in particular is spending considerable amounts of money to fund a project that was previously called The Shared Learning Collaborative and is now called InBloom, Inc. The idea is to create a centralized data-warehouse of student and teacher performance data (test and assignment scores, grades, attendance, behavioral reports, etc.). The goal is to liberate schools from relying solely on their own private data islands, as well as to reduce vendor lock-in with respect to data sharing. Ideally, it will also create a giant database for use by researchers. You can obviously think of the implications of such a centralized database concerning your personal performance from pre-K through your first years of college.
Another angle on this is the attempt by Silicon Valley to take advantage of the K-12 Ed space through their standard model of vertical integration (see getclever.com and learnsprout.com). By offering schools a free, simple, single-point of integration with their LMS systems, these companies hope to exact tolls and fees from providers of services that will want to integrate with those schools. It's great from the school's perspective because they won't have to pay up-front for systems integration.
What I have seen in practice is that teachers are using tools like Google Drive, Drop Box, Quizlet, YouTube and others to create their own virtual class rooms outside of the cumbersome, centralized and expensive LMS systems. The "system" keeps trying to force centralized tools and repositories on individual teachers, but they ultimately fail because they cannot keep up with teacher/student needs/interests and are overly expensive.
As an implementor of educational software, more and more I am trying to think of ways to produce my software in a distributed, flexible manner based on open APIs and data formats, rather than centralized standards and services.
Anyhow, this is just one particular business area, but I think it is one that sits that the center of many of these controversies over power, control, money, freedom and centralization. There are legitimate benefits to centralization (better research data sets, possibly lower costs, etc.), but there are major tradeoffs in terms of vendor independence, state control and the elimination of privacy at even the youngest age.
@russell --- the title "Net Power"
I second that!
@professor rat -- Cryptoanarchy is a feature not a bug - all power to the anarchists!
Professor Rattus - of course, the nice thing about your idea is that it takes the anarchists out of the market, leaving the vast majority of people to live within the feudal structures and unable to do anything about it. You would be far more damaging to the power elites if you acted in ways that ensured changes for everyone, not just the few. You're free to go rant and isolate yourself as much as you wish. Thank you!
Interesting fiction that expands on these concepts to effectively create societal change on a grand scale.
Read Daemon and Freedom (TM) by Daniel Suarez
The feudal model comparison is very interesting, because it can show how we can cope with new structures in our society. I think the main thing should be the establishment of human rights for the internet and related digital and virtual spheres.
History can tell us how we achieved this in the fysical world. Unfortunately, big steps were often only made after big disasters.
Another theme to think about would be whether internet may be a new "world order" - like in the western culture we had the church, the state and nowadays the economy providing the structures and also the values which are leading our behaviour.
joequant, I was caught up in an "e-contract" and lost the rest of my retirement. Thieves and liars take advantage of seniors in this way. I never signed anything by hand.
Re: Machine executable contracts
I happen to work in a field in which large financial transactions are routinely conducted electronically, and I've been seriously underimpressed by what is been written on machine executable contracts. One consistent problem is that if you have a computer programmer write about contracts, they usually know nothing about how contract law or how business practice works, and so what they end up with is just unusable.
The issue with electronic contracts is that if you end up on the wrong side of a trade, you could owe vast sums of money (i.e. billions of dollars) and in that situation you will do everything you can to void the contract. Coming up with a contract that can withstand the efforts of highly paid and motivated lawyers is not easy, and one thing that people do is to minimize the "electronic" parts of it, and to use standardized boiler plate whenever possible.
When two banks want to do electronic trading, what they do is to exchange a standard contract which everyone uses. The electronic transmission simply consists of a price quote that is authorized by the standard contract. Sending an individualized contract just won't work for many reasons. When two banks want to set up a trading agreement, if they don't use a standard contract, then drafting a new contract can take months.
There are also jurisdictional issues. Contract law in different countries can be wildly different. In international business what tends to happen is that people "virtually" do business in certain financial centers whose contract law and judges are predictable.
Also the world financial system is very deliberately designed to make it difficult to impossible for untrusted people to undertake a transactions. What often happens is that A trusts B and B trusts C, so A will pay B to do a transaction with C. However, if A, B, and C don't trust each other, none of this is going to work.
This also means that banks end up being instruments of control. Governments can't monitor financial transactions so they give banks instructions and the banks do the monitoring.
On the 3D-printing angle: Cory Doctorow has been warning for some time now about the coming "war on general-purpose computing" (search youtube for his talks about that). Its his prediction for what will happen as more and more meatspace endeavors have general-purpose computing mixed into them, especially ones that are scary enough that government wants to regulate them, or that will interfere with large established industries, or will offend moralizing legislators in redneck states, etc: the obvious ones right now are software-defined radios and 3D-printing of guns, but what about: implantable medical devices? 3D-printed sex toys? software-controlled cars? camera-equipped RC aircraft? When home synthesis of drugs or other bio-agents is as easy as tapping a few commands into the software that runs your 3D printer, there will be a lot of scope not only for malicious actors to do bad things with it, but for severe accidents too. What happens the first time a hobbyist printing up some chemical compounds hits a typo and accidentally releases nerve gas into his apartment building?
So general-purpose computing is going to come under attack from interests more diverse and much better organized and equipped than the piddling music/movie distribution industries. They are going to want the usefulness of general-purpose computers, but crippled somehow with futuristic DRM so that regulatory goals can try to be met.
We had an interesting take on these themes in our recently published paper:
The end of forgetting: Strategic agency beyond the panopticon New Media & Society 1461444812451565, first published on July 23, 2012 doi:10.1177/1461444812451565
We attempt to lay out a generative typology for conceptualizing the relationships between information and power. We would welcome your feedback.
Also, I disagree that we are in an age where forgetting is impossible. I work in a place that has a data destruction policy in which all e-mails are destroyed after one year. This is for legal reasons (i.e. you are dead if you destroy an e-mail after someone sues you, but if you have a policy in place to destroy e-mails, then when someone sues you and ask for an e-mail, you can truthfully say that policy means that it will be destroyed.)
This is going to make the work of future historians extremely painful.
The other thing is that the fact that we are doing more routine things online means that the face-to-face off the record interactions become even more important.
Chris S: You're free to go rant and isolate yourself as much as you wish.
Also judging from the behavior of the Chinese government, the people in power would prefer if you go "off the grid." If you have a small group of people that complain about the Chinese government but just isolate yourself from the rest of the world, no one is going to care. As long as you are talking among yourself, they don't care what you do since you are not interfering with their power. It's the moment that you try to get the general public on your side, that you become a threat.
Also, the Chinese government can be a weird ally on some of these issues. The reason is that China is a huge manufacturing base, and if you have the Chinese government mandate technology standards on general purpose computing, you'll have a big problem, but for the most part they've stayed away from doing that.
We should not use the word "trust" when we speak about Alice and Bob and Carol. The reason we talk about them is that we do NOT trust them and they do not trust each other. The entire discussion is about how we can keep secrets from them, how to compel them to act as they may or may not wish.
When our brains grew up, Alice and Bob and Carol were siblings or (maybe and) cousins. Maybe they trusted. More likely they knew each what the others would do, and what the mother or the father would enforce.
Anya and Borys and Karen were strangers. They were not trusted. Nobody knew them well enough to risk much to them. If some sort of trade or cooperation was valuable enough, we would gather all our cousins together, and they would gather their cousins, and meet in a field somewhere. We would show each other our clubs and spears, and calculate : If they lie can we hurt them enough? Do they believe we can hurt them?
Just as important, since we don't have the US Marines to beat them up, if things go wrong, how do we renegotiate or end and compensate?
Gmail is not my brother. But he is careful not to bring that fact to my attention. (Is this trustworthy?) He may or may not have the US Marines on his side, but he does have legions of lawyers. In any case he, and my data, are half a continent away. I need to be very careful not to give him anything of significant value to me.
The trouble is my little sister has not learned yet who is not her brother, nor what is of significant value to her. Worse, we have not really tried to teach her. We have abandoned her to television, maybe her own computer, to clever people who seduce her to trust the wrong people, and to disvalue herself.
Alice and Bob and Carol are not to be trusted.
Also, I disagree that we are in an age where forgetting is impossible. I work in a place that has a data destruction policy in which all e-mails are destroyed after one year.
Oh dear the nativity of that statment showes up just one of the failings of peoples knowledge about electronic discovery and the attendent meta and meta-meta data that can be used as retrospective traffic analysis to piece communications back together and recover them from other nodes and leaves in the network.
As Ollie North found out even deleting both leaf end messages did not make the communications or their contents disappear. The meta-meta data of other communications enabled the meta data of the actuall communications to be pieced together and this then enbled sufficient of the message contents to be recovered from intermediate nodes that were not transparent as believed by Ollie&Co but actually "store and forward" caches that were backed up to tape etc.
Implementing a secure e-Comms system is at best difficult in highly regimented organisation bordering on impossible in ordinary commercial environments.
For instance the company policy might be "destroy annually" but how do you know that employees are not copying their e-Comms for their own protection or to use as a future bargaining chip should a regulator come down on the organisation looking for scalps via plea-barganing coercion?
Or more simply employees "cuting-n-pasting" in older message content into newer e-comms?
Releying on a policy that cannot be enforced as a legal defence is not a wise thing to do, due to the extra penalties involved if it can be shown there is a single breach of this policy.
It is this latter point with the likes of Cloud Computing that are going to sink the incautious in a mire both deep and maloderous.
It sounds as though you're working toward a thesis based around the maxim "knowledge is power," and how asymmetries in one create asymmetries in the other, with some consideration of the role that the Internet plays in creating or mitigating these asymmetries (perhaps, on one side, enabling much greater and faster access to information, while simultaneously allowing the formation of walled-communities). I'll look forward to the publication.
For the new book, my first association with 'Power' was http://www.amazon.com/...
And, the section (?) on the need for leaks, might also elucidate a bit on the thin line between totalitarian bureaucracies keeping all sorts of info unduly (!?) 'secret' versus their right and need to do so for some info. E.g., some intelligence info necessarily needs to remain secret otherwise one is naked towards actual enemies. But when is info declared necessarily-secret just out of laziness and activist nagging? If some government (agency) has info it wants to keep secret, shouldn't it keep secret the info that it has such secret info, and keep that secret as well, etc. ad infinitum? What sort of 'democratic' institutions (at various levels?) would have to be informed in order to keep sprawling unwarranted secrecy in check? How would they know of the existence of secret info when the latter can be denied to exist? Who would be in/on those institutions; how to avoid drones (people) in those and also avoid antagonists only in those (democratic choice can also lead to mob rule within such bodies) ...? When not if I'd tell you, I will kill you ...?
Also, very often writers tend to forget that not all of the populace are equal in e.g. their pw0ned-smartphone use. My in-laws, pensioned not even too long ago, don't have a mobile since they don't need one. And they use e-mail sparingly, the internet hardly. Will the hip-and-heppy young crowd succumb before they've learned through experience or insight how they're taken for a ride by.. governments, Big Corp's, lone outlaws, etc...? Society will be a blend; does that guarantee resilience against long-term ailments or does it obfuscate the picture so the bad guys can hide their wrong intentions in plain sight ..?
hey-up! sounds good!
0. Power is good (without power is no internet...mean electric power in the cable 8-)), but if is similar to other titles, then write it in net'form: P0WR and not Inc. but Ing. --> PowerIng is also sound good.
1. other topics, like the use of standards and regulations or best practices (what ISO, NIST, CobIT or SOX helps us)?
2. the need for hackers and media (what kind of advantage we gain from the work of hackers and security hype in media)?
3. the need for errors, so finally what will be if softwares and server configs would have no security holes and misconfigurations? why we should avoid a perfect security and why we shoudl avoid giving up the fight?
You might consider how the Internet's empowerment not just of individuals, but of governments, might result in the balkanization of global networks, as different interest groups build their own walled-off intranets.
Clive: Oh dear the nativity of that statment showes up just one of the failings of peoples knowledge about electronic discovery and the attendent meta and meta-meta data that can be used as retrospective traffic analysis to piece communications back together and recover them from other nodes and leaves in the network.
This is an example of where law trumps technology. Suppose you have a company that has an e-mail destruction policy. Now it may well be technologically possible to reconstruct the e-mails from the scattered bits, but what happens is that when the lawyers come in with subpoena, you say "what data"? Now it could be that the data is backup up on some tape that everyone forgot, but if you have a data destruction policy, then you can reply to the subpoena by saying (truthfully) we have no data since our policy is to destroy it. And the lawyers on the other side don't have enough information to get the data to get the data.
Now if you are dealing with a totalitarian government with total access to everything, this won't work.... But you aren't.
Clive: As Ollie North found out even deleting both leaf end messages did not make the communications or their contents disappear.
And governments have electronic records policies that are different from private companies. Most governments have rules that prevent you from "burning everything." Corporations are not subject to those rules.
Clive: For instance the company policy might be "destroy annually" but how do you know that employees are not copying their e-Comms for their own protection or to use as a future bargaining chip should a regulator come down on the organisation looking for scalps via plea-barganing coercion?
1) Because you have firewalls that monitor connections with the outside and because USB drives are disabled. Sure you can try to work around the firewall and enable the USB drives, but then people start asking why you are working around the firewall and enabling the USB drives.
2) Because it doesn't do any good to keep a separate copy because the we keep a copy of all e-mails for the regulators, and they have full and total access to any internal e-mail. The agreement that we have with the regulators is that we have keep a copy of every internal e-mail for X years during which the government has total access. If they don't start a regulatory action against us in X years, then the e-mail is destroyed. This works out nicely because if they don't start an action in X years, then they can't prosecute because of statute of limitations so the e-mail is useless to them anyway.
Governments don't do this because e-mails are considered historical records.
3) There are good personal incentives to follow policy. If you follow policy and keep on e-mail on corporate machines then if someone tries to mess with you legally, the corporation will back you up. If you have conversations outside the corporate firewall, then if the regulators come after you personally, then the company can say that you were a rogue operation at which point you are on your own.
If a government regulator comes looking for your scalp, then you would prefer if the corporation was on your side, and you'd prefer a clear trail to show that what you were doing was legal. Also, if a regulator looks at you and finds that you've been doing business outside the corporate firewall, then you are in trouble since it makes you look very suspicious.
Clive: Releying on a policy that cannot be enforced as a legal defence is not a wise thing to do, due to the extra penalties involved if it can be shown there is a single breach of this policy.
But it actually can. Part of it is that you have lawyers and computer geeks working with each other to figure out what the policy is and should be. One problem with a lot of computer geek discussions of security is that there often a massive misunderstanding of what the law is or even what the threat is.
One reason I think I might be less bothered by government surveillance is that I work in an industry in which the government has full and total access to my e-mails anyway. The regulators get a copy of my work e-mails, and if there were any work related e-mails in my gmail account, it would take them ten seconds to get access to that.
Personally I don't mind as long as they use them for good government purposes. I don't mind the government checking my e-mail to make sure that I'm not doing anything illegal. The data destruction policies are designed to prevent things like fishing expeditions, nuisance lawsuits, or things that are legal but embarrassing.
Something else to be asks is whether or not surveillance really helps the people doing the surveillance. I'm thinking in particular about Stasi, which as far as I can tell, didn't do a darn thing to keep East Germany from collapsing.
This matters with respect to China. After some early efforts to regulate strong encryption, the Chinese government basically gave up, and they gave up in large part because it turns out that they ending up believing that strong encryption doesn't pose a threat to the Communist Party, and this is because strong encryption does not in fact pose a threat to the Party.
Also the Party allows quite a bit of dissent within limits because it serves the Party's purposes. First of all, online forums lets the Party know what people are annoyed about. It's a Catch-22 situation for dictators. You end up having to go through elaborate spying to find out what people think because you end up throwing people that talk in jail. Rather than monitoring everyone, it turns out to be easier to just not throw people in jail, and then people will tell you what they really think about you.
Also, just giving people a place that they can vent lets people blow off steam in a way that is harmless. If you don't let people complain online, then everything will build up, and things will eventually explode.
Finally, law and social conventions matter. Strong encryption turns out to be nearly useless in China, because if the police want your password they'll beat it out of you, and if they can't get it, then merely having a disk full of encrypted material is going to be used as evidence against you.
One other interesting thing is how surveillance affects the geography of finance. Finance tends to be concentrated in a few cities, because there are some transactions that require face to face interaction, so it becomes extremely efficient to have a situation where someone can have a private face to face meeting with a subway ride.
Something else that I've seen is when a doctor, lawyer, or accountant will tell you one thing face to face, but the official e-mail or document describing the conversation says something completely different.
Social conventions also matter. It would be trivial to take a tape recorder and record everything, but there are massive social sanctions against doing so. There are also some clear boundaries between recorded lines and non-recorded lines. In most financial institutions, there are phones which are recorded and phones which aren't. There are situations in which both parties in a conversation want the conversation recorded (i.e. sell X stock at Y price) and those in which people don't.
One time I was assisting a social scientist who was doing a study on a subculture. There was part of an interview in which was tape recorded. After about two hours, the scientist quite visibly turned off the tape and the interview continued and the subject of the interview started talking about the things that they didn't want recorded.
@Peter: Correct! To have a model in parallel to human rights was the central achievment enabling Askemos dev in the first place.
@joequant: The programmer was only one of the creators. More importanr roles where played by a philosopher and an ethics Professor. (I did software architecture and programming in banking envt too - and was seriously underimpressed by the state of the art as seen there.)
And governments have electronic records policies that are different from private companies.
True for what are seen as "good and proper reasons" by those who make the rules. Have a look back to some laws passed in the US back in 1974 and why when GWB was US presiident hiis vice president had an office outside of 1600.
Most governments have rules that prevent you from"burning everything." Corporations are not subjec to those rules.
Actually most governments don't have rules in the way you would think that is they work more on "custom and practice with exceptions" than by legislation.
As for Corporations unlike a government they are free to locate their records etc in any juresdiction they see fit, and many jurisdictions actually have stronger laws with regards record keeping for corporations than they do for government departments (see relevant parts of company and tax law for all jurisdictions as well as any e-comms legislation that many jurisdictions are now bringing onto their statute books by either primary or secondary legislation).
In this respect it does matter where the "leaf nodes" are of any e-comm, which from your other posts you have made with regards to contracts I would have assumed you would be aware of....
Further some jurisdictions such as the UK have legislation with regards to "connection and transportation". Some UK legislation regards any network with a connection to the UK or going through UK territorial waters and airspace as falling compleatly under UK jurisdiction. Now when associated with other legislation this means in effect a warrant issued via a UK court has validity in many other jurisdictions. For instance some communications between Japan and South Korea because of where the communications nodes go are in effect within UK jurisdictional control.
The US has similar legislation (HIPPA SabOx etc) the only real question is if the other jurisdictions have reason to "play ball" with a US court or not. In some cases such as the UK and by extension many parts of Europe they will due to other legal agreements (brought in supposadly for Anti-terror but mainly used for financial and computer crime).
And in one or two cases your assumption of,
If a government regulator comes looking for your scalp, then you would prefer if the corporation was on your side, and you'd prefer a clear trail to show that what you were doing was legal
Has proved incorrect. In the UK we don't have "plea barganing" just "Turning Queens Evidence".
So many investigations of financial "sharp practice" fail to get to court in the UK because of the "birds of a feather" behaviour of protecting their own. At one point the UK Gov used the Companies Act which had a provision forcing a person to answer questions to a DTI inspector to great effect. However this was challenged in the ECHR and they justifiably said this was against a defendants human rights. Ii suspect that the first time the UK Gov use other "compelling powers" in the likes of RIPA etc it will end up in the ECHR and get struck down.
On the other hand in the US plea barganing has proved rather usefull at cracking open companies and getting at seniors and executives. Which is why in the US certain large financial organisations have opted for paying fines to keep execs out of jail. However sooner rather than later a scalp or two will have to be collected and time served because the fines will be to large or the crime so significant a fine would not be politicaly acceptable. Thus a company may well go for the "least damage" option of the supposed "rouge operator". We have started to see this with the LIBOR fixing where people at the bottom of the stack who were basicaly "following verbal orders" have been publicaly named.
Thus people who currently fall into either the "chancers or grafters" buckets will realise that the chancers will probably sell them out. So the smarter ones will put things into a traceable format in some way and ensure they keep a personal copy to "wallpaper their A55".
Which brings me around to,
1) Because you have firewalls that monitor connections with the outside and because USB drives are disabled
I will for pleasantries sake assume you are fairly new to this blog and thus have not read older comments that show how easy it is to copy and duplicate information without the network being in any way aware that such duplication is being made.
Have a search on Google etc for my name, Nick P and the term "end run".
The way I'd sum up the problem of intelligence agencies creating huge unmanageable piles of data is that there's confusion between knowledge and expertise. The premise behind the data collection is that expertise is an emergent property which will materialize if you can collect a suitably large pile, whereas what really happens is that the pile crowds expertise out.
In his book "Hacking Capitalism: The Free and Open Source Software Movement," Johan Söderberg makes some sobering conclusions about what the internet has become. This ties in closely to what you are exploring, Bruce.
The architecture of the Internet is rebuilt with three main purposes in mind. To protect the commodity form (obstruct infinite reproducibility and identify violations), to speed up commodity circulation, and to prevent users from acquiring technical know-how.
The infrastructure of the Internet is currently being rebuilt to respond better to the needs of law authorities. The computer network has the same strategic importance as the central squares of the chessboard. All activities have to pass through them.
Söderberg mostly concentrates on the role of Free Software and play, but I would love to see Bruce explore how "security" is used to advance the consolidation of power and the development of the surveillance state.
very late comment here, but a thought
some writers suggested, as early as the 90s that I can recall, that the nation-state concept would be replaced by the corporate state concept in a hyper-capitalist future.
in that system, serfs are rewarded for their loyalty, making it far less like feudal times. some will even rise to "comfortable" levels of freedom and income, working for their chosen brand.
i don't know if any of the futurists are spot on, but since democracy is such hard work (even in the world of IT) we will slip. that's for sure.
There is a recent book on the use of secrecy and classification in UK Government since the early 1900s. One of the points it makes is that one of the uses of classification is the prevention of political embarrassment, and that this is somewhat arbitrary since it depends on who is affected.
This observation fits nicely into your analysis of power in points (1) and (7). One of the points Chapman Pincher made in interviews for the book is that well-informed journalists often knew much more about what was going on than they actually published. (Pincher was a well-known British journalist with a reputation for well-sourced stories in the defence and intelligence arena).
"Classified: Secrecy and the State in Modern Britain", Christopher Moran, Cambridge University Press, 2012.
One angle that you might want to explore is the economic aspects of this problem. This works in two ways.
First, what is the economic cost of the infrastructure required to implement anything-as-a-service? You don't get a Google without spending well over USD 15 Billion (Google's SEC filings have the details). I think this will tend to mean that "cloud" power will become relatively concentrated as it requires both economic capital and intellectual capital.
Second, what is the economic cost of surveillance? One of the points here is that developments in technology mean that capabilities which were once the preserve of the NSA, with US legal oversight, are now available to any dictator, with oversight being unlikely. The Wall Street Journal and Wired both carried articles on how internet and communications surveillance were sold to Qaddafi's Libya.
One of the differences of your "feudal internet" model from the original conception of the internet, is that there are relatively fewer control points in the everything-as-a-service model. (Because of the concentration that is required of both economic and intellectual capital).
I suggest that this means the major cloud service providers will evolve to become like banks or insurance companies. The relationships between individual citizens and these institutions is asymmetric. The relationships between governments and these institutions is less clear.
There is an emormous gap between corporate/governmental securiyand consumer security practices and it hasn't been well treated...
my new TV is stealing the internet connection of my neighbor's iMac (thank you LG) ...unwittingly
my new cable modem has a default passphrase with zero bit entropy (thank you TWCNYC for broadcasting the default PSK, while disallowing your customers to change the defaults.)
my slingbox... it goes on....
I'm not sure how you would fit in the consumer device gap with what you want to espouse- but the inability to lock down one's home network devices contributes big-time to end-point vulnerability scenarios.
Second, what is the economic cost of surveillance.
How do you want to measure it?
At worst it's like the cost of fitting locks to your front door, which might have a "personal cost" but overall a net profit for the overall economy.
Whilst the direct cost of surveilance may appear eye wateringly large, in most cases the ROI is short and profit starts to role in in a very short period of time.
We've lost the battle simply because surveillance at just about all levels now can be used for revenue generation that exceeds capital expenditure fairly rapidly.
And this is not just in the private virtualy unregulated sector but the (barely) regulated public sector as well.
It noticably started in the UK when the previous Government (Labour under leader Tony Blair) got into power. The cost of winning the election had bankrupted the labour party in all but name and due to the way it is set up party officers were liable so there were numerous vacancies.
So how to get money into the party coffers? Basicaly they came up with grandiose high tech schemes that whilst paid for out of the public purse raised by taxes etc, caused a significant "kick backs" into the Labour party coffers from the directors of companies who had won some if not many of these contracts despite totally awful performance (see doners from the likes of Capiter for instance).
Also Labour party coffers got significant kick back from companies biding for this sort of work by the simple trick of getting these companies to sponsor events. They also went on to "sublet venue space" that is the party would bookup all the space at a venue such as the party conferance then re-sell /sub-let the space at very high prices. The resulting profit was then off-set against hidden costs ssuch as delligate accomidation and hospitality etc. etc. etc. But it got worse, even though most of the above was very questionable it was technicaly (just) legal. But it was not enough so the party crossed the line and started breaking the law to raise funds and worse even got caught doing it. However the Met Police investigated and the issue fizzeled. However we are now finding out that senior Met Officers were on the take in various ways...
One of the points here is that developments in technology mean that capabilities which were once the preserve of the NSA, with US legal oversight, are now available to any dictator, with oversight being unlikely.
Firstly as we now know the oversight on the NSA and other US government surveillance organisations was at best woefully inadiquate. It kind of worked on the "honour system" of "We won't tell if you don't ask". Basicaly the accountability was as close to zero as makes no practical difference.
Secondly, the technical difference that made it of interest to dictators was by and large not cost but usability. The problem most dictators have is their "food chain" is based on brutality not being smart. Thus any kind of technical system that required some kind of technical ability to use was not going to be an easy sell. Dictators generaly did not trust intelligence in those bellow them as it was a threat to their possition, thus they needed some kind of hold over them. As few intelligent people want to live at the equivalent of "under the point of a gun" by either the current dictator or the next wannaby who comes along they tend to find other countries to work in.
I agree that as you say, "Society is headed down a dangerous path, and that we -- as members of society -- need to make some hard choices about what sort of world we want to live in."
However I think you are being quite limited in your thinking along these lines because you talk about what sort of world "We want to live in."
What about future generations? It's highly likely that choices we make now will have less of an effect on us while we're alive than on future generations. But of course man is a selfish, self-serving animal by nature, so we don't really consider the unknown consequences of our short-sighted policies based on current views which will likely prove to be a rudimentary understanding of potentially profound effects over the course of eons.
In my opinion we have begun building The Matrix, and Google is leading the way...
"Society is headed down a dangerous path, and that we -- as members of society -- need to make some hard choices about what sort of world we want to live in."
And perhaps we need to realize that we, as consumers of culture, have already gone beyond the point at which we had the ability to make those choices in any meaningful way.
Look around you, Bruce. Those 6.9+ billion people could change the world if they all picked up a rock and started throwing them in the right directions.
Instead we pick up the gadget du jour and whinge about the state of play, or pick up a rifle and follow orders, or pick up a sickle and harvest some corn to feed our kids.
The vast majority of the human race simply doesn't give a shit about collective futures, because we aren't wired for it.
Those who have the time, resources, knowledge, and power to shape the future aren't wired any differently, and certainly aren't inherently any smarter.
Willingly giving up personal freedom in exchange for comfort isn't a modern aberration of of the human psyche in an industrialized society, it's the basis of human nature.
You run faster naked, but you're cold. You move slower with a bear pelt wrapped around you, but you don't freeze to death.
I know that Google has their fingers in my pie whenever I send or receive an email, just as I know that all my phone calls are inherently insecure, because anything networked IS insecure, by definition.
But it's far more comfortable to make a call than to walk a thousand miles to talk to my mother. More comfortable to use Gmail than to run my own mail server, attempt to secure it, and then try to convince everyone I communicate with to use my server also.
And even if I rolled my own communications channels, the people I communicated with would then have to trust ME implicitly with their data. Not comforting for either party, because then I'm responsible for maintaining security when I know perfectly well that that's an impossible task.
It's all about comfort, Bruce. If your goal is to make "average" readers (of which I suspect you will have very few, unfortunately) uncomfortable enough with the status quo that they effect a change in their behavior and propagate that change into their own trust networks, what you need to do is scare the fuck out of them, and present a working alternative.
Everybody familiar with modern technology already knows, on some level, that the sky has fallen. What they need are directions on how to put it back together, and an idea of what it's supposed to look like when they're finished.
Write a practical book about how we could be using our tech to do something other than leverage each other into oblivion, not another lamentation on how quickly oblivion approaches.
I think it's hard to make some of these issues seem important without pushing Godwin's law.
Perhaps one approach would be to start with the ways some older forms of the same principles have been used throughout history, in government and private forms, and connect those trends to the current scenarios.
In areas of social networking and ad targeting it comes across the strongest.
It sounds like the evolution of Information Warfare of the 1990s, except that now every player will automatically be everyone's adversary: corporations, governments, users, criminals, script kiddies, perhaps whole platforms and technologies... and we cannot run away from them or turn off the service, because we want it or need it to exist. Looking forward to the book.
Its always useful to take the other view and see what happens. I use Marx's "All that's solid melts into air" as in Marshal Berman's book of that title.
So just as at present money, the thing we think is most solid as a bottom line, is melting into air in front of our eyes, so corporate power will melt too. The trick is to imagine what this might look like when you rightly point to many of the self-reinforcing facets. I suppose a different metaphor is the singularity that must be reached when corporate power becomes complete.
To go back to finance, Andy Haldane's paper in Nature shows that derivatives become destabilising once there are more in circulation than things to hedge. So corporate power becomes self-destroying when our behaviour as citizens is over-determined.
I think the model for your synthesis has to be Odysseus and his blinding of the Cyclops the core story.
Seeing how much discussion has already happened just on this page gives me hope for the future.
Some notes on OP.
1. The relationship between internet and power lies in the fact that power comes from knowledge and the means to act upon it optimally. The best way to empower someone today is to give them access to the internet. It should be a basic human right.
2. Users should learn how the systems work that they use, and if needed rebuild them to suit their needs. If you don't like your data being used by a system in some way, the only alternative is to learn to program.
3. Rise in globalism. People across the planet are showing compassion and love towards one another across borders/race/class and helping one another in every way they can. This is happening faster and more efficiently every day, through instant realtime messaging to large communities and the growth of those communities in terms of number and their shared knowledge.
4/5. The reverse is also true. Civilian technology is quickly catching up. It is now possible to combine arduino/raspi/webcams for surveillance/journalistic purposes which will make any government/corporate entity legitimately concerned.
6. Perhaps also add the huge economic weight that keeps the whole judicial/regulatory system going and the immense complexities and pressures it is facing. What happens if the system collapses or becomes ineffective.
7. The need for leaks. It would be nice to discuss ways of aiding and increasing the spread of knowledge that affect the greater community, or in other words reveal the fog of war. Perhaps it would be good to discuss policy on transparency of gov/corp entities.
8. Financial/trade. Discussing the ideas of global currency such as bitcoin and how it could affect gov/banking/communities and even compitition vs collaboration.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.