A few weeks ago Internet security firm McAfee released an update to its Windows PC customers designed to protect them against a newly detected virus threat. Instead, for some, the update destroyed a legitimate, and crucial, system file. Uncountable numbers of PCs – likely hundreds of thousands, even millions – were rendered unusable. The University of Michigan medical school lost the use of 8,000 of 25,000 PCs. State troopers in Kentucky abandoned their cruisers’ mobile PCs and resorted to writing reports by hand. Some hospitals in Rhode Island turned away non-trauma patients from their ERs.
The issue is larger than one firm’s unfortunate misstep. It echoes across the entire Internet. Call it the Fort Knox problem.
Fort Knox represents the ideal of security through centralization: gunships, tanks, and 30,000 soldiers surround a vault containing over $700 billion in American government gold. It’s not a crazy idea for a nation’s bullion; after all, the sole goal is to convincingly hoard it. But Fort Knox is an awful model for Internet security.
Our IT environment has traditionally been immune from many Fort Knox issues, because its architecture has encouraged decentralization. One PC might be compromised, or Web site might fall, but others stand. Bad guys on one side of the spectrum, and well-intentioned regulators on the other, each had to sweat to have an impact on Internet activities.
But the bad guys were clever and industrious. Their digital robots came to costlessly crawl the Web looking for computers and sites to compromise, leveraging their reach. Operators of well-financed Web sites have dealt with rising anxieties about security by spending enormous amounts of money on digital bunkers and backups for their data, while littler ones have hunkered down and simply hoped they wouldn’t be hit.
The public sector has been confused about how to help. Governments know how to maintain and defend their roads and waterways, but have been stymied in cyberspace: so much of it is rightly privatized that there’s no obvious place to station a guard and no way to fill a digital pothole. Worse, since identifying those behind intentional attacks online is exquisitely difficult, the traditional state tools of deterrence and punishment are ineffective.
That’s why we now see centralization under a few major corporate umbrellas under which disparate activities can be gathered. The lures of security, interoperability and economies of scale have propelled much of the Web from a vibrant ecosystem of different, and differently managed, PCs and sites to one where a handful of private Fort Knoxes take responsibility for security.
But we can’t simply put our precious data into a single well-protected vault and peek in every few years. We need to guard our PCs and data, but we also need them to be part of a worldwide network. When we’re not masking our digital trail, we’re eagerly sharing it. If we try to centralize its protection, it’s not a one-time transaction: rather, we need a constant gatekeeper who signs our data in and out every time we want to make use of it. That’s a thread that runs from the McAfee debacle, where millions of people and firms turned the keys to their computers over to a third party to handle, through to cloud-based platforms like Facebook, where the company’s assent is increasingly needed to run unrelated applications on its platform or to log in to unaffiliated Web sites that no longer care to maintain their own digital borders.
If McAfee makes a mistake, many people pay at once. If Facebook’s computers go down or are compromised, thousands of otherwise-independent applications and sites suddenly go down with it. It’s not just our own data and transactions at risk, but our collective memory: the flip side of a centralized defense against bad guys is vulnerability to well-meaning good guys. For example, if the generally laudable Google Books project is a spectacular success, we’ll see libraries give up their moldering, isolated archives of regular books in exchange for PC terminals where patrons can peer at an ephemeral digital copy drawn from Google’s central archive. It makes sense – and no doubt Google has near-impregnable backups – but it’s also an opportunity for a government to intervene in worrisome ways.
For example, if one book in the system contains copyright infringing, or defamatory, or obscene material, those aggrieved can get a court order requiring the infringing pages of the book to be deleted from the central server. This vulnerability affects every book that is distributed and maintained through a centralized platform. Anyone who does not own a physical copy of the book – and a means to search it to verify its integrity – will now lack access to that material. By centralizing (and to be sure, making more efficient) the storage of content, we are building a world in which, as a practical matter, all copies of once-censored books like Candide, The Call of the Wild, and Ulysses could have been permanently destroyed at the time of the censoring, and could not be studied or enjoyed even after subsequent decision-makers lifted the ban.
So what do we do? We have two things going for us that the real Fort Knox doesn’t: we can make copies of our digital gold, and there are lots of us, each with our own stake in security and autonomy.
First, so long as there aren’t undue barriers to extracting our own data from cloud platforms or our own PCs, backups can become more seamless, and made in a variety of ways, making a McAfee misstep or anything like it less costly. Then we have our cake and eat it too. The same principle applies to projects like Google Books, where participating libraries can arrange to securely maintain their own gold copies of Google’s precious trove – kept to compare against others’ copies, so omissions and changes can be detected and appropriately challenged, not leaving Google with the sole burden of holding off government speech regulation.
Second, we need to reinvigorate the Internet’s principle of open, distributed architecture that has sparked so much growth and innovation. Our choices for security aren’t simply among government soldiers, corporate mercenaries, or our own personal barricades – though each has a valuable role to play. Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence. Security shouldn’t have to be purchased like a personal bodyguard. Far more flexible than Fort Knox are people, each with their own pocketed gold and machinery, empowered to look out for one another.
A version of this appeared in the Financial Times on June 3rd, 2010.
In the last paragraph, Proffessor Zittrain, you mention reinvigorating the Internet’s principle of open, distributed architecture. However, there are no provided examples. I believe I discovered the Web of Trust addon for firefox (and now chrome) through one of the posts here, and it would serve as a decent enough example of how to use open, distributed processes _for_ security.
Hi Jonathan. It’s easy to agree that anti-virus is a broken model, for all kinds of reasons. And we certainly need to think creatively about what the right model may be. I rather suspect that it will involve ‘whitelisting’ rather than blacklisting. Most of the current whitelists arise as vendor control in app stores and similar places – but there’s no reason why we shouldn’t have a much more generative approach to this.
Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence.
My fear is that such a solution would create more problems than it solves. Adding complexity to a security problem usually gives the attacker additional points to hit: it very seldom (in the long run) gives a net improvement. Or am I missing something?
I use Linux and Mac OS X, I don’t know what you are talking about 🙂
But seriously, why do my tax dollars go towards Windows and McAfee licenses when there are perfectly acceptable free alternatives? I’d rather they put that money to good use in something important like hospital *equipment* for example.
That is the problem with the cloud, what you get back from the cloud is not necessarily what you put in to the cloud, you are at the mercy of the hosting company. The best way around it must distributed cloud services such as torrents, I can get the .torrent file from any number of sites so censorship is practically non-existent (Just find the torrent somewhere else) and multiple trackers and seeds makes the system pretty robust.
Just to be clear, since the article doesn’t mention it, the academic libraries participating in the Google Book project _are_ maintaining independent backups. Among other projects, the Hathi Trust stands out as a large, well-supported (technically and infrastructurally) independent digital library. It contains mostly things scanned for Google, but also independently-scanned stuff. http://www.hathitrust.org
And some of the participating libraries are also independently keeping copies.
(I’m a librarian at one of the Hathi Trust partners, but not speaking on behalf of anyone but myself.)
It seems to me that centralization and decentralization are two poles, and most of the examples listed are somewhere in between them. Take the Fort Knox example: the government doesn’t hold the only stock of gold, and we therefore don’t lose all of our nation’s wealth if its security is compromised.
I’m not perfectly well versed in security technology, but I imagine the same is true with respect to McAfee. It’s true that as more of our lives are tethered to data and internet connected devices, we’re going to take a few risk-neutral, or even risk-seeking, security shortcuts for the sake of sanity. We’re going to concentrate our security expertise so the benefits of a few brilliant techies can be spread across a wider array of clients for cheaper. That means well-meaning good guys have our lives in their hands. The same might be said to represent the pitfalls of our current financial problems. Everyone placed their retirement funds in the hands of a few seemingly trustworthy mortgage brokers who were connected to financial technologists who were actually way over their heads.
I think we also need to be careful about giving up the cost-saving measures of centralization. From your perspective, it seems we need to stand athwart history screaming “non-proprietary protocols and standards!” =) I remember the poignant imagery on the cover of The Future of the Internet: railroad tracks going off a cliff. There is a reason, though that this shift is happening. Small and medium sized businesses are outsourcing their IT in order to achieve better cost controls for consumers and shareholders. Profit margins are a powerful force to be curbing, of course. So perhaps capitalist interests can protect themselves. Still, it’s worth keeping in mind that Joe and Jane Taxpayer might actually be on the other side of this debate when times are tough, (perhaps even if their government’s computers go down and they need to cart their loved ones to the hospital down the street in an emergency).
As always, this was a great, thought-provoking post. Looking forward to the next one!
“Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence. Security shouldn’t have to be purchased like a personal bodyguard. Far more flexible than Fort Knox are people, each with their own pocketed gold and machinery, empowered to look out for one another.”
This isn’t an unexamined problem! In fact, as you know, a big problem is that most people *don’t* even know how to look out for themselves, much less each other.
[…] see also Christian Sandvig, The Television Cannot be Revolutionized (multicast) and Jonathan Zittrain, The Internet’s Fort Knox Problem (The Future of the Internet and How to Stop […]
“Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence. Security shouldn’t have to be purchased like a personal bodyguard. Far more flexible than Fort Knox are people, each with their own pocketed gold and machinery, empowered to look out for one another.”
The first thing there looks like reputation based antimalware software. If one person reports “malfunction” or there’s reasons to believe something are wrong, anything that’s not normal is checked. Everything is reported too. The more negative reports about a certain file, the more likely it is that it’s bad.
It can be used in many other ways too. that WOT thing mentioned above is similiar.
The second thing you mentioned reminds me of Freenet, a distributed and anonymous data store system. There are also lots of other ways to dezentralize data storage (and downloading of it).
Now when there’s talk about implementing “resource packages” (http://limi.net/articles/resource-packages-spec-ready-for-prototyping), we could go so far as using torrents (with DHT) and all to distribute all images, videos and other embedded data.
The issue here is then this: How do we decentralize the downloading of the index.html file? We can’t really do that in a sane way with dynamic sites.
We need some kind of browser plugin that creates a bittorrent like network parallell with the normal http-based internet connections to servers. It would simple share the cache with others for various sites, and when those sites are down, a custom static version of the index.html file (predefined by the server) would be shared too.
AI is getting better at performing mass categorization of photos and text. A developer can scrape a bunch of photos from, say, Facebook — either directly, likely violating the terms of service, or through offering an app by which people consent to the access — and then use a well-trained categorizer to automatically discern ethnicity, gender, or even identity.
Some defenses can be built in against abuse, starting with a technical parlor trick and ending with support from the law. There’s been promisingresearch on “image perturbation” that adjusts a photo in a way that is unnoticeable to a human, but that completely confuses standard image recognition tools that might otherwise make it easy to categorize a photo. (There’s a helpful video summary of some of the research by Nguyen, Yosinski, and Clune available here.)
I’m part of a team at MIT and Harvard within the Assembly program — Dhaval Adjodah, Francisco, Daniel Pedraza, Gretchen Greene, and Josh Joseph — that’s working on tools so that users can upload invisibly-modified photos of themselves to social media without making them so readily identifiable.
Those modifications won’t thwart AI tools forever — but they’ll represent an unmistakable indication about user preference, and the law can then demand that those preferences be respected.
There is already a model for this: photos taken with a smartphone are invisibly labeled with time, date, and location. Facebook and Twitter for years have automatically stripped this information out before they show those photos on their services, avoiding a privacy nightmare by which a single photo could instantly locate someone. (There would no doubt have been Congressional hearings had they failed to do this.)
They can and should similarly undertake, on behalf of their users, to perturb images with the latest technology to prevent widescale AI-assisted identification by others, and to provide an anchor similar to “do not track” to make user preferences about bulk downstream use abundantly clear.
And these defense need not only apply to photos. An insurance company had an opt-in plan for Facebook users to have the nature of their posts influence their car insurance rates. As the Guardian described it:
Facebook users who write in short, concise sentences, use lists, and arrange to meet friends at a set time and place, rather than just “tonight”, would be identified as conscientious. In contrast, those who frequently use exclamation marks and phrases such as “always” or “never” rather than “maybe” could be overconfident.
There are also techniques that have moved from academia to industry like “differential privacy” and its precursors, where decoy data — a few new random stray likes in a profile — can be introduced to allow for helpful generalizations from bulk data across lots of people while protecting individual privacy by preventing easy generalizations about a single person.
As you can see, most people said yes. I count myself among good company among the noes, including Dan Kaminsky and Dan Geer. My answer:
“I’m saying ‘no’ not because I don’t believe in accountability, but because I think the question obscures the problem. The breach is the result of, sadly, quite common security practices. The head of an agency is surely responsible for what that agency does (or fails to do), but let us not confuse that legal and cultural fiction with an actual belief that most leaders in Katherine Archuleta’s position have an easy way of knowing what’s going on in IT security and improving the situation — the failure here is systemic and all too common.”
Here’s what the Dans said:
“It’s important not to punish people for looking to identify and solve their problems. This could have been actively ignored, and upon discovery, this could have been swept under the rug. That’s not what happened. There’s no question there’s some deep issues at OPM. I stand concerned about disincentivizing the next cleanup. What, you think OPM’s the only hacked agency?” – Dan Kaminsky, White Ops
“Changing a person will not help – it is purely symbolic, and such symbolic gestures are precisely, totally, and without debate what happens in political hierarchies (read, Washington) whenever there is bad news to handle. Even talking about whether to fire someone is a criminally profligate waste of the citizenry’s attention span. What is neither a waste nor a diversion is the question that matters: When data is scarce or precious, there may be compelling reason to centralize it, but if and only if that centralization is risk cognizant. When data is either plentiful or of marginal value, then centralizing it can only create risk, never value. Therefore, what is to be asked of those to whom OPM reports is what, exactly, was their raison d’etre for assigning the OPM its role as centralizer (scarcity or preciousness of what, exactly), and whether they delegated to OPM their own duty of risk cognizance on purpose or by accident. If wanting prediction, then the supposed reforms embodied in the Dodd-Frank law massively removed resilience from the financial system by forcing the centralization of functions previously widely dispersed into what now can only be described as freshly minted single points of failure waiting to happen. It is the urge to centralize that is what political hierarchies do. It is apologists for, and hucksters of, centralization that should lose their jobs.” – Dan Geer, In-Q-Tel
The most persuasive “yes” answer seems to me to be less of the reflexive “captain pays if the ship runs aground” approach and more grounded in the specifics of unheeded warnings:
“The OPM was repeatedly warned by the Inspector General of significant security lapses dating back to 2012. OPM leadership repeatedly failed to take the OIG’s warnings seriously. The potential consequences of this breach may be devastating for military and government personnel who hold clearances due to the highly personal data contained in SF-86 forms stored on OPM’s network. The White House, Congress, and the American people should hold OPM responsible and accountable for this breach due to negligence.” – Jeffrey Carr, Taia Global
Overall, as Dan G. says, it’s the wrong question to ask.
Jonathan Zittrain: This is Jonathan Zittrain speaking. I’m on the line, wherever that is, with one Eric Kaplan, author of “Does Santa Exist? A Philosophical Investigation,” a book that I had the pleasure of reading and that Eric had the burden of writing—and we thought we would talk about it for a little bit. So, hello, Eric.
Eric Kaplan: Hi. How are you?
JZ: I am very well, thank you. It would be interesting if I weren’t and we then proceeded into a lengthy discussion of my various complaints—
EK: Of your ailments, sure.
JZ: I’d be tempted to do it because one of the interesting features of the book is that it is wonderfully dialectical for a monograph, for something that really is just a number of pages of you speaking, as basically any book with a single author is. But it has this quality of you anticipating your audience as the book is reading, and there are even some wonderful footnotes there that you basically are counting on developing a relationship with the reader as you go on.
And that leads to two questions. One, anything else we should know about you before we jump in? And second, what kind of reader were you envisioning as you put your pen to paper?
EK: I don’t think you need to know anything more about me. I think you know plenty about me. I think it’s a strange relationship you enter into when you write. And in the same way, it’s almost like—Let me give you an analogy. Sometimes people are like, “Is there a voice in your head that talks when you think?” And some people say yes and some people say no. And it’s kind of a weird voice if you say yes. Does it sound like you? I don’t know what I sound like, but sometimes I do have a sense that when I’m thinking, I’m overhearing myself thinking.
And I think in the same way that whatever kind of ontological entity that voice is, I think the hearer is in the same mental space. In the same sense that when I’m talking I’m hearing myself talking, the person I’m imagining reading is like that, which is like it is me, or it’s not me, or it’s an alternative version of me, or it’s an alternative version of what I like someone else to be. I guess, I’d like someone to be understanding, but then I’d also like someone—
Sometimes I imagine the person reading my book is quite annoyed with me for some reason having to do with me, I suppose. I’ll think like, “Wow, I bet they’re just getting pretty mad about this. This all seems stupid.” But then sometimes I’ll calm down a little bit and think, “Maybe they like it or maybe it’s helping explore something for them.”
I like the idea that it could be something for someone that hits them in a way that’s quite unanticipated. And that’s a relationship that I like with people, that sometimes you just sit down next to someone on the bus and you don’t know what kind of person they’re going to be, and you can have a commonality with them. But the way in which they’re different from you is something you’re not even prepared to think about that’s quite surprising, it’s like they’re especially interested in—I was on a plane trip with somebody and she was especially involved in prison chaplaincy. And I wasn’t even thinking about prison chaplaincy, even a little bit. It’s so interesting. Did that answer your question?
JZ: Yes, it factually was an answer to the question. It made me more curious than before. In that sense, it may not have been a conclusory kind of answer.
EK: Right, right.
JZ: Given the sort of branching dialogue you have in mind with this stuff, that might be exactly the right kind of thing. How much in writing the book did you find your own view evolving? Was this basically a bunch of stuff that had been simmering for a while, which the act of writing the book was a great way of cathartically clearing out the pipeline, versus actually rethinking a bunch of stuff that had been on your mind but the act of writing the book transformed your own perception?
EK: It was a little bit more the first. It was a little bit more because I had been kind of worrying about this issue of contradiction and I had been always—I started off in philosophy and then I got into comedy and I’d been bouncing back and forth between comedy and philosophy. So I had been formulating to myself, although I had never said it, the idea that there is something that comedy and philosophy have in common about being able to simultaneously look at the same issue from two different ways. And that was something that I wanted to get off my chest, that’s that cathartic idea that you mentioned.
But then as I wrote, I found that…there was almost like a tone which I liked and there were certain things I liked—I was holding them with the tips of my fingertips and I didn’t quite know if they were real. And once I put them down on paper, I thought, “Okay, that’s a thing someone could say because I said it.” While before, I was always sort of, oh, that’s just some kind of weird problem that I have or some weird confusion that I’m. Or it’s not even a thought. It just looks like a thought. But it won’t be one when I take a look at it. So some of that stuff crystallized. So that was fun.
JZ: It certainly makes the book a great exercise in the tension between the virtue of being unfiltered and actually really baring oneself without worrying about what might sound embarrassing. It’s a very intimate book and at the same time, given that it’s trying to anticipate where the reader’s at, it’s one that is very sensitive to who might be reading it and listening, and what doubts that person might be having. It’s interesting to see you plumbing both sides of that tension.
EK: Well, that is a weird thing. That is a weird thing I found, which is—and I’m not the first one to say this, but I do think it’s true. Those times when you say something that seems so weird you don’t even know if you look like an idiot for saying it, or so personal that it feels very, very painful to disclose it, those are the times that people say, “Oh, it’s just like that with me.” I don’t know quite why that is. Why do you think?
JZ: I don’t know, but it reminds me of something else that has a monologic quality, like we go and watch a play together or we’re at a conference and somebody makes a presentation and pre-Twitter and pre-everything being wired, you might have a room of 1000 people but no one is communicating with anybody else and your reaction to it—the entire room may be feeling a certain way, but unless they literally brought jars of mayonnaise with them and they’re hurling it at the podium, you may not even know where the audience is at on it.
And today, to be experiencing a presentation from somebody and be able to react sentence by sentence in the back channel, say a Twitter channel, has completely changed that experience. I certainly have had the same experience you had on the presenting side of things where the more directly and authentically one can speak, often the more people respect that and resonate with it because maybe it’s bizarrely rare for people to share the stuff that is most in front of them.
EK: Yeah, I think that’s true. One theory I have is just that we do like to hear things that are really coming from people and are for real. Take even, like, a diet book. If somebody says, “Oh, I ate nothing but bean sprouts and I did it for 30 days and now I’m sexier and I’m younger and I’m stronger and I can run faster. I’m healthy.” I’m like, “Okay, that’s very interesting.” And then you say, “Well, did you really do that?” “Oh no, I didn’t do it. It’s just a story.” Like, “Well, I don’t care then.” I really don’t care.
I don’t think that all philosophy is an advice book. But I think it’s a lot closer to the advice book genre maybe than one might think in academia. Because like, “Hey, here’s a theory about how to run a country.” “Well, has anyone ever done it?” “Oh, no.” Well, that’s less interesting than people did it and it worked great. Here’s a theory about how to live your life. Here’s a theory about how to think about what’s important.
And I do think about it that way. And it helped. That to me is interesting. So if I say, “Oh, man, I feel really embarrassed about such and such and I really do and here’s what I did about it.” Then I think that just inherently makes it more interesting because it actually worked. It’s not just a fanciful walk through my ability to put words together.
JZ: And I don’t know if your hypothesis about what works and what doesn’t, what sticks to the wall and what doesn’t in a philosophical vein carries over to your craft of comedy. I’ve got to say in reading the book, I felt like the sections that felt to me like they were written with the surest, most passionate hand were some of the passages and reflections on under what circumstances should we take offense at something rather than find it funny.
I don’t know if it’s possible to do both. And it was one of the times where it felt like you really tipped the hand of your own very strongly held views about when it’s okay to make a joke. And I don’t know if there’s something that you want to say about that now about when is it too soon, when is it not too soon, that kind of thing.
EK: Well, it’s funny. I mean, I congenitally don’t have sympathy for people who are offended. It just seems to me like an oddly bullying move. That is, supposing something tragic happened to me—God forbid, a child died and you make a joke about it. I don’t care. Make your joke about my dead child. It’s not going to make my child deader. It’s not going to make him back to life if you don’t. That’s kind of an unthinking not terribly reflective gut feeling I have, that people who take offense are trying to push everybody else around and they should just cut it out and it’s not helpful.
Now, when I question that, I think like, “Well, okay.” I mean, if somebody was murdered and you’re making some joke and the premise was that they killed themselves and we all know that it’s not true and the reason why you make that joke is because you’re the one who killed them. Then it’s like, “Well, fuck you, buddy. That’s not cool.”
JZ: That’s a funny joke. Why is that funny?
EK: Why is it funny? I mean, I guess—
JZ: Joke about the person making the joke is, in fact, the killer.
EK: They are actually the killer. That’s not cool. I don’t think that’s cool.
JZ: Yeah.
EK: No. I mean, I don’t know. I hope not to offend the pro-murder people listening on the internet. That’s the weird thing about the internet. We don’t know who is going to be listening.
JZ: Yeah.
EK: And then I’m always questioning if I’m just wrong or coming at something from my own perspective. I do think that comedy is probably often in my own case and maybe everybody’s case a defense against painful emotion. So, I think, if there’s a situation where you should be feeling the painful emotion, then probably, to make a joke about it is offensive. Like in my example of the person who murdered somebody, then they should be feeling the painful emotion because they did something bad and by golly they should feel bad about it.
So them cracking jokes, then I think that’s wrong and, I guess, offensive. I mean, offensive is a weird word. I’m actually thinking about that. Because, I think, an offense in the Victorian way, it’s a bit like a slap in the face. You’re showing that you can hurt someone else with impunity. And I think people don’t like that. If I go up to you and I pull your nose, then you’re like, “That’s offensive.” Because you’re acting as if I’m so much more powerful than you are that I can abuse your rights and I don’t need to worry about it.
And, I think, when you look at victim politics, what they don’t like is let’s make up an ethnic group and they’re called “Poes” but sometimes other people call them “Boes” or something. And they say, “It’s so offensive when you call as “Boes”.” And I’m like, “Why? They’re basically the same word.” But what their argument is, “We don’t want to be called “Boes”. You know we don’t want to be called “Boes” and you’re doing it anyway, and that’s offensive because you are exerting your power and your privilege over us.” I get that.
JZ: Like when the Republicans had the insight two or three years ago to use “Democrat” as the adjective for Democrats, instead of “democratic.” Like, “We don’t agree with the Democrat policies.” That just sounds much harsher on the ear than, “We don’t agree with the democratic policies of the president.” And, I guess, you’re saying “whatevs,” if they just want to say that.
EK: I guess. But if we’re in the schoolyard and I start calling you Zoottrain, and you’re like, “My name is not Zoottrain,” and I’m like, “Shut up, Zoottrain,” it’s pretty clear that I’m using the fact that I can do something wrong just to annoy you and see if you have the guts to be annoyed. But it’s also a clever thing, because if you get up and you say, “Hey, why are we fighting?” “Well, he called me Zoottrain.” The teacher is going to say, “Well, why don’t you call him Koplon or something?”
The teacher will take a higher standard, and you’ll feel foolish for being upset about it. And now I’ll have won, because I’ve deliberately come up with something that’s annoying, but it’s so sneaky that it’s so hard for you to articulate why it’s annoying. So, I think “Democrat” is maybe something like that. Well, it’s “democratic,” don’t they mean the same thing? Yeah, I guess it means the same thing. But then they kind of win that one.
JZ: So, I guess, the case I could imagine being made on the other side, if we wind back just a little bit to humor and offensiveness and such, would maybe come back to the dichotomy I hear some time between punching up and punching down. And it says comedy is maybe at its best when it’s punching up, which is to say the way that South Park tends to satirize the powerful and the complacent, although they’re pretty much an equal-opportunity satirizer. And that’s different from a kind of humor that I gather is that of the French anti-Semite who has a whole comedy show around making fun of Jews using stereotypes. Is that a distinction that has any meaning for you?
EK: I wish it could work better.
JZ: Yeah.
EK: Because I can’t help but think like, well, I don’t know. We’re in Germany in 1920 and I’m a heroin addict—or whatever it was, a morphine addict. And I’m Hermann Goring. I’m pretty much on the shitty end of the stick of a lot of people, and some of them were gays. The Nazis were profoundly at the bottom of the social heap, but they were still profoundly horrible people. So I don’t think you can give a task to people just because they’ve been horribly victimized.
In other words, I think you can punch up in a horrific way, and you can punch down in a funny way, and I don’t think there’s clear ranking of all humans in terms of who is up and who is down. Somebody could be in the 19th century a wealthy snobbish gay man and then he could make fun of some poor heterosexual guy in the snobby and hilarious way. He’s sort of punching diagonally, you know what I mean?
JZ: Who is the more privileged, you’d have to sort out first before—
EK: Yeah. And that’s not to say that there couldn’t be—Look, I haven’t listened to this anti-Semitic thing in French. Maybe it’s funny. I don’t know. I’m not going to say a priori it’s not funny just because people making the jokes are objectionable and the people who are the victims of the jokes are nice.
JZ: Yes. And is part of the reason you then include comedy as part of the four-legged stool that is the structure of your book, is it because there’s a certain atomic inability to further deconstruct “funny” at a certain point, and/or is it that comedy rests, in fact, if you analyze it, in contradiction, in being able to embrace the contradiction or say something that you wouldn’t normally say but understand a certain truth with it?
EK: It’s kind of the second one. I mean, I believe in the hermeneutic circle and, I think you can explain everything by connecting it to other things. So I’m sure you could explain comedy by connecting it to a bunch of other things. But I do think it’s interesting that—Lately, I’ve been reading Metaphysics Gamma, which is when Aristotle comes out against contradicting yourself. He says it’s very terrible to contradict yourself.
But I think he is wrong. And one of the arguments that he makes is he says, “Well, if you contradict yourself, you’re no better than a vegetable.” And so, basically, he is interested in this language game where people assert things and it’s systematic and you can kind of play this game of debating and you can beat people down if they haven’t come up with a good reason for believing what they have to say.
And one of the ways you do that is through the elenchus that you point out that they’re contradicting themselves. And I think there’s all kinds of other ways people can relate to the truth and that they can relate to each other, other than this sort of debate school model where you put forward an assertion and it better not be self-contradictory. And, I think, comedy is one of them and, I guess, poetry is probably another one.
But I think it’s interesting because I think it’s like a form of non-Aristotelian or non-rational thinking. But it is thinking. I’m not being a pumpkin. I’m not being a mindless vegetable when I’m responding to a joke or I’m laughing at a joke. And yet I’m able to embrace contradictions, which according to Aristotle is sort of like a necessary condition of being a confident participant in our collective intellectual life. So that’s why I think it’s interesting.
JZ: I don’t want to end up telegraphing too much about where the book goes, because it really does have the character of a journey and there’s pieces that you introduce precisely because you introduced earlier pieces. But there’s this wonderful counterpart you’ve done online where people can kind of choose their own adventure as you’re narrating on 14 YouTube videos on how much choice they might want to make.
But it’s probably not tipping hand too much to say you examine logic, you examine mysticism, you examine comedy—which is to say trying not to be contradictory at all costs, embracing contradiction, and then looking for a way that can tolerate contradiction without making everything equally true.
By the time you get to what you have found right now that works for you, which I should say was a really interesting kind of 30-degree turn for the book to take, are you thinking more as in, “This is just what happened to add up for me given the path I personally have experienced and taken?” Or are you thinking, “I’m really on to something, and somebody reading this book might well join me literally in the place I end up on what counts for figuring out things like whether Santa exists?”
EK: Well, the second one. I think it could be helpful if people could literally like the way I put things together and put things together for them. But I think in a weird way, what I’ve come up with is almost like a method of mapping from where you are to where you want to go. I think like, wow, what I end up doing is having this kind of—I wouldn’t say a mismatch but I kind of lived synthesis of a bunch of different things that I’ve gone through in my life and it involved looking at my emotions and what it is that drove me to think about stuff and doubling back and looking at it from an emotional point of view.
And I think that that could be helpful for somebody else. But they could be different. They could be some Marxist Chinese person who is somehow getting more interested in the Daoist tradition of their grandpa. They could have different stuff going into the cauldron, into the witch’s brew, so to speak. But I do think it’s not just a memoir. I mean, I do think I’m talking about my life deliberately in an abstract enough way that could be helpful to other people.
JZ: And what would be the ideal reaction to this book? What’s your highest hope for it other than, of course, it ends up by the cash register at—I think they still have bookstores—that it ends up by the cash register there and flies out the door and you make a lot of money.
EK: Well, one of the things I feel is a kind of a tragic thing right now is a way that religious people and atheists talk past each other. And I see that in our national life in the United States. And I also see it globally. I wish the book could help people from both sides lower the heat and increase the light of those conversations. Because I do think that they’re not as different as they think and there’s an ignorant, hectoring quality that I see both in atheists talking about how stupid religious people are, and religious people talking about how wicked and shallow atheist people are.
And I would like it if people could just put those cudgels down and start appreciating each other. So that’s my highest hope. And then also my highest hope is that people who are internally tormented by these issues might be able to put their internal cudgeling down and be just like, “Oh, I like logic and mysticism too and that’s okay.” And if somebody could have a more free, easy relationship with themselves from reading my book, that’s another hope.
JZ: That’s funny. As I thought about what you’re describing as a problem of public discourse, I thought that maybe part of that problem is that people too often think of joining a discourse about something as a team sport in which they’re a member of a team and they measure success of the conversation by how many goals they’ve scored, rather than as a joint pursuit of truth or enlightenment. Or you’d measure success by how much your view has changed, because wow, that’s productive conversation.
And I wonder how much the team sports/entertainment view of discourse — I think of the debate, the Creation Museum between Ken Ham and Bill Nye, the Science Guy. I mean, that was surely “get out your popcorn and watch the sparks fly.” The studio-wrestling view. Do you figure that’s kind of a big part of the problem? Or when you look at comedy, and comedy is form of entertainment, so it’s weird to blame a desire for entertainment over truth seeking as the issue.
EK: Well, I guess, I think I’m more concerned on maybe with a slightly more intractable phenomenon which is that people—Let’s say you’re an anti-abortion activist. And you’re just like, “Wow, there are these people killing babies.” And I just feel like, “Well, why did you decide that those were babies and how did you decide that those people were murderers? Why don’t you think about that a little bit more and maybe talk to some of them?”
And then on the other side of the aisle, people are just like, “Oh, there are these people, there are these morons saying the world is 6,000 years old.” Then just kind of like, “Why do they think that? What are they expressing when they say that? How do you want to talk to people like that? Maybe they are worried that there’s kind of hegemonic quality to your discourse and how do you put yourself in their shoes?”
So, I think, it’s something that—Even if people are going into these debates not trying to entertain, I think they still can run into just this sort of failure of moral imagination of what it would be like to grow up and honestly be a Pentecostal Christian or honestly be an atheist. I just think people don’t know what’s going on in the minds of other people and I wish they would take more of an interest.
JZ: Which is to say then that a big part of the book and the question posed by the book whether asked between adults or between kids is, “Are you ready to be in a place where you might find yourself changing your minds sufficiently or changing your identity? Are you okay with that? Are you ready to examine almost anything, no matter how nailed down you consider it to be?”
EK: I think so. I think there’s a kind of an emotional angle also. The thinking is almost like a form of psychotherapy, or self-psychotherapy. I used to be worried that the world is changing too fast, and I’m speaking autobiographically now. It’s like, “Oh, no, Disney channel is going to be teaching my children, and they are this heartless capitalist enterprise, and the world is getting away from me.”
And then I started to think, like, “What am I holding onto? What am I afraid of? Why am I afraid that my children won’t have the moral compass or the imaginative compass to find a way in the world just as I did? Why do I feel like I’m a child who can’t defend myself?” That’s what I find interesting. Realizing maybe the things that scare me—what did it tell me about me that certain things scare me or horrify me?
I would sometimes have this mood, these last few days where I look at it and be like, “Oh, people are callous and shallow, and I’m sensitive.” And then I thought, “Well, how do I know they’re callous and shallow? I mean, do I share what I’m sensitive about with people every day? No, I kind of hide it. Well, maybe they’re doing the same thing.” To me, that’s kind of an exciting journey and that’s maybe because I’m self-obsessed. But to me, it’s interesting just to be like, wow, they are these interesting intellectual questions. But they’re motivated by these emotional questions and those emotional questions are motivated by a very deep sense of who I am and what I’m vulnerable to and what I’m afraid of and what I hope.
JZ: Which is why what otherwise could be a highly analytic book, rigorous in the traditional sense, is so wonderfully tempered by, I think, what you called earlier the aspects of memoir that really put yourself into it even as you are curious about what the self is and whether there even is one.
EK: Right. Personally, maybe I’m just gossipy, but I’m interested in, “what was Thomas Jefferson thinking when he was sleeping with that slave?” Was he just not thinking about it? Did he think he was just being an animal and then feel sorry the next morning? I would like to know. And I don’t know if he knew. I don’t know if asking him, presuming we have a time machine, if we would get a straight answer from him or an illuminating answer. But I think it’s really important. So I just wonder about those things. And I think if there was an honest memoir by Immanuel Kant, it’s like, “Hey, Immanuel Kant, how did you decide that freedom was the most important thing?” And like, “Well, look, when I was 11 years old in Prussia, I ran into all these people who were pushing other people around and it really made me sick.” “Oh, okay, that’s interesting.”
I don’t think it detracts from his achievement to know where it came from. And sometimes it may give you more appreciation for his courage to think like, wow, this guy, he didn’t decide to go and work for the monarchy and he didn’t decide to go and be a religious guy even though he sort of was. He didn’t even get married. And he hardly ate anything! And he just kind of lived his life of trying to spread some knowledge. I think that’s cool and I would like to sit him down and have coffee, if he drank it, and then ask him why and what motivated him.
JZ: And that’s why I’m really grateful for the chance to have sat down over the virtual phone line and had a chance to talk to you about this book. Perhaps it will be one of a series as this filters in. Is there a prospect that you’d write another? Or does this feel again so cathartic like…
EK: I’m interested in writing a book called “Other People: What are They Good For?” Just from the perspective of a lone person. Like what are other people for? Are they just to give me pleasure? Should I just put up a wall against them and keep them from hurting me? Or is there some more fundamental use for them? I just find it interesting.
I mean, I’m pro-other people, but I think that’s something that people so easily fall into sanctimoniousness about, where people are just like, “Well, you know what it is? You should love everyone else as much as you love yourself.” But sort of deep down, no one really does that, or very few. Why do people say that if they don’t really think it? It’s just kind of like they’re trying to get their hand in their pocket by telling you that your money and their money are the same thing. I just find it interesting.
I suspect it will be, like, it’s a little scary to me. I feel like it’s, “Oh, I hope I don’t come out of it more selfish than I was to begin with. I hope I come out writing it less selfish and a better person. But maybe I’ll change my mind about what it means to be a better person.” I don’t know. I’m puzzled by it. I’m interested by it.
JZ: It might be the kind of book, given the title, to co-author, crowdsource, or otherwise write from multiple points of view.
EK: Yeah, that’s so interesting. I’m so interested in collaboration. And I think it’s tricky because sometimes when we enter into collaboration, we protect vulnerable parts of ourselves and we put forward a social self. And that’s going to make it less interesting. But if you have people who are really not doing that, then it’s very exciting because you get something amazing, like Coleridge and Wordsworth and Lennon and McCartney, people like that.
JZ: Yeah. EK, thank you so much for this kaleidoscopic chat around a book that really does divide into so many directions. I feel lucky to have read it and will be eager to hear from others who have, and to carry on that conversation.
EK: Well, thank you for the opportunity. I’ve enjoyed talking about it and talking with you.
Eric Kaplan is a writer and producer of the Big Bang Theory. He’s also a student and teacher of philosophy. Put the two together and you get Does Santa Exist?, an exploration of metaphysics, life, and ethics, from the point of view of a dangerously smart comedian. Eric and I recorded a conversation about his book, below. (Spoiler non-alert: we do not declare whether Santa exists.)
“CANÁRIO-DA-TERRA-VERDADEIRO (Sicalis flaveola)” by Dario Sanches on Flickr. Licensed under Creative Commons Attribution-ShareAlike 2.0
Guest post by Naomi Gilens, J.D. Candidate, Harvard Law School
[I’m pleased to feature on the blog some of the best work undertaken by HLS students on Internet-related topics. –JZ]
In 2002, the FBI used the newly-passed Patriot Act to demand that libraries secretly turn over records of patrons’ reading materials and Internet use. The libraries had to comply – even though such secret requests go against the entire ethos of a professional librarian. To get around the government’s mandate not to disclose the orders, some libraries came up with a potential workaround: they hung signs on their entrances stating, “The FBI has not been here (watch very closely for the removal of this sign).” The idea was that, like a canary in a coal mine, the presence of the sign would reassure the public, and its removal would signal to those watching closely that all was no longer well. An order not to disclose something may differ legally from an order compelling continued, false notices that no national security request has been served, and warrant canary notices work by exploiting that difference.
Warrant canaries have been discussed in some Internet policy and privacy circles since the initial deployments, and recently some major companies appear to have adopted the libraries’ approach in order to send signals about the digital data the companies hold on their customers. For example, last November, Apple made headlines for including a warrant canary in its biannual transparency report, declaring:
Recently, observers noted that Apple removed that text from its last few transparency reports, prompting speculation that the company may have actually been served with a 215 order for records on Apple users.
Apple isn’t the only one to have adopted a canary. Since the Snowden disclosures began last summer, the public has become increasingly sensitive to privacy concerns and tech companies have come under commensurate pressure to disclose how they share user information with governments. As a result, many companies have begun experimenting with warrant canaries in an effort to increase transparency. Encryption and information security providers like Silent Circle and Wickr have been leading the trend:
And even popular social networking sites like Tumblr have picked up on the approach:
Up until recently, these canaries have all remained alive and well. It’s possible that this is still the case, as it’s not entirely clear yet whether Apple actually intended to kill its canary and signal that it had received a 215 order. Though Apple’s transparency report no longer includes the statement that “Apple has never received an order under Section 215 of the USA Patriot Act,” it now says that “Apple has not received any orders for bulk data.” Section 215, which allows the government to collect business records related to national security investigations, is an authority under which the government carries out the bulk collection of Americans’ phone record metadata for foreign intelligence purposes.
Nonetheless, the fact that Apple removed its canary language from its most recent transparency reports has provoked a spate of speculation as to what the change signifies. Mike Masnick at TechDirt, for example, has suggested that the Justice Department may have pressured Apple to change the language. Another possibility is that Apple just never intended to adopt a warrant canary to begin with. In telling the public it had never received a national security order under Section 215, Apple may have simply failed to think through what would happen if it ever did receive a 215 order. If that is the case, the company would have been surprised by the press coverage lauding it for adopting a canary. Changing its language may have been a strategic move to remain generally transparent, while making it clear that the statement is not a canary that can be relied on to communicate the fact of a national security request.
As Chris Soghoian of the ACLU pointed out, “There is a lesson to be learned here: once you post a warrant canary, it needs to stay in the same place and use the same language.” Indeed, warrant canaries could be at their most effective if companies work together to adopt standardized language and publication cycles, making it crystal clear to the public that they are intentionally publishing canaries. Then, should the canaries disappear, observers can be confident that the company did actually receive a national security order.
What if Apple really is signaling that it has been served with a 215 order? If it did receive such an order, it would likely have felt obliged to remove its canary statement whether or not it actually wanted to communicate the fact of the order to the public. After all, leaving it in the transparency reports would be a direct lie to the public (and to Apple’s shareholders). Replacing it with a statement that the company had never received an order for bulk data may have been an intentional attempt to avoid liability for violating the gag order by confusing the message that killing the canary would have otherwise sent.
Apple has so succeeded in confusing its message (see: this blog post) that it is surely in no danger of prosecution for violating the gag order. But as canaries become increasingly common, it seems inevitable that such a scenario will take place in the near future. When it does, it’s possible that the government will prosecute the company that killed its canary, arguing that the company has violated the gag order by communicating the fact of the national security order to the public. The company is likely to respond with a First Amendment defense that, while the government can prohibit a company from speaking about an order, it cannot compel the company to publish an untrue canary statement. Essentially, this argument turns on the idea that compelling a person to be silent is categorically different than compelling a person to lie.
The question whether the government can force someone to lie appears to be a novel one. As EFF has explained, the outcome of a case is likely to depend heavily on the actual facts before the court. Apple’s might be an ideal test case—the broad language of its canary, combined with the company’s huge customer base, ensures that even if Apple did kill its canary, no individual user would have reason to suspect that his or her own personal data was requested. As a result, killing the canary would cause only minimal harm to national security, and the interest in preventing that harm is easily outweighed by Apple’s First Amendment interest.
Other companies publish more granular canaries, which provide individual customers with more specific information about the security of their own personal information. CloudFlare, for example, publishes a series of different canary statements tailored to specific services it provides—among others, it states:
If CloudFlare killed this canary, it would alert users that their encrypted communications may no longer be secure, and at least some of those users would be likely to close their accounts and move their information to another provider. Theoretically, a company could even create individual canaries for each user and email them to the user every day, alerting the user that no requests for his or her information has been received. Killing this canary would provide highly useful information to the subject of a national security investigation, and one can imagine that the government would vigorously oppose it.
The hypothetical canary that provides individualized notices to each user illustrates the extent to which canaries are essentially end-runs around lawful gag orders. Companies exploit the potential legal loophole in the difference between compelled silence and compelled lies in order to communicate information that they would otherwise be prohibited from sharing. The fact that so many companies are adopting canaries, even at the risk of exposing themselves to litigation and—at the outside—potential criminal liability, highlights how out of step even routine national security requests have become with the companies’ willingness to turn over information on their users. Like Apple’s recent embrace of automatic encryption, canaries are a symptom of the growing public desire to maintain control over personal data. In the end, then, canaries do not only signal information about national security requests that companies couldn’t otherwise communicate; they also signal the dissonance between the government’s emphasis on secrecy and industry’s willingness to cooperate. The era of companies sharing data with the government in the name of patriotism with just a shake of the hand is now over.
To read more, see Naomi’s paper on the subject, available at SSRN, and EFF’s FAQ here.
About Jonathan Zittrain
Archived blog for Jonathan Zittrain, Author of The Future of the Internet
June 3rd, 2010 at 4:07 pm (#)
In the last paragraph, Proffessor Zittrain, you mention reinvigorating the Internet’s principle of open, distributed architecture. However, there are no provided examples. I believe I discovered the Web of Trust addon for firefox (and now chrome) through one of the posts here, and it would serve as a decent enough example of how to use open, distributed processes _for_ security.
-Ben
June 3rd, 2010 at 4:44 pm (#)
Hi Jonathan. It’s easy to agree that anti-virus is a broken model, for all kinds of reasons. And we certainly need to think creatively about what the right model may be. I rather suspect that it will involve ‘whitelisting’ rather than blacklisting. Most of the current whitelists arise as vendor control in app stores and similar places – but there’s no reason why we shouldn’t have a much more generative approach to this.
Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence.
My fear is that such a solution would create more problems than it solves. Adding complexity to a security problem usually gives the attacker additional points to hit: it very seldom (in the long run) gives a net improvement. Or am I missing something?
June 3rd, 2010 at 5:04 pm (#)
Ahn-tie-virus?
I use Linux and Mac OS X, I don’t know what you are talking about 🙂
But seriously, why do my tax dollars go towards Windows and McAfee licenses when there are perfectly acceptable free alternatives? I’d rather they put that money to good use in something important like hospital *equipment* for example.
That is the problem with the cloud, what you get back from the cloud is not necessarily what you put in to the cloud, you are at the mercy of the hosting company. The best way around it must distributed cloud services such as torrents, I can get the .torrent file from any number of sites so censorship is practically non-existent (Just find the torrent somewhere else) and multiple trackers and seeds makes the system pretty robust.
June 3rd, 2010 at 6:42 pm (#)
Just to be clear, since the article doesn’t mention it, the academic libraries participating in the Google Book project _are_ maintaining independent backups. Among other projects, the Hathi Trust stands out as a large, well-supported (technically and infrastructurally) independent digital library. It contains mostly things scanned for Google, but also independently-scanned stuff. http://www.hathitrust.org
And some of the participating libraries are also independently keeping copies.
(I’m a librarian at one of the Hathi Trust partners, but not speaking on behalf of anyone but myself.)
June 3rd, 2010 at 7:23 pm (#)
[…] Read this article: The Internet's Fort Knox Problem :: The Future of the Internet … […]
June 3rd, 2010 at 8:27 pm (#)
Simple is good — and I’m not sure a distributed solution need be more complex than something centralized.
June 4th, 2010 at 4:45 pm (#)
It seems to me that centralization and decentralization are two poles, and most of the examples listed are somewhere in between them. Take the Fort Knox example: the government doesn’t hold the only stock of gold, and we therefore don’t lose all of our nation’s wealth if its security is compromised.
I’m not perfectly well versed in security technology, but I imagine the same is true with respect to McAfee. It’s true that as more of our lives are tethered to data and internet connected devices, we’re going to take a few risk-neutral, or even risk-seeking, security shortcuts for the sake of sanity. We’re going to concentrate our security expertise so the benefits of a few brilliant techies can be spread across a wider array of clients for cheaper. That means well-meaning good guys have our lives in their hands. The same might be said to represent the pitfalls of our current financial problems. Everyone placed their retirement funds in the hands of a few seemingly trustworthy mortgage brokers who were connected to financial technologists who were actually way over their heads.
I think we also need to be careful about giving up the cost-saving measures of centralization. From your perspective, it seems we need to stand athwart history screaming “non-proprietary protocols and standards!” =) I remember the poignant imagery on the cover of The Future of the Internet: railroad tracks going off a cliff. There is a reason, though that this shift is happening. Small and medium sized businesses are outsourcing their IT in order to achieve better cost controls for consumers and shareholders. Profit margins are a powerful force to be curbing, of course. So perhaps capitalist interests can protect themselves. Still, it’s worth keeping in mind that Joe and Jane Taxpayer might actually be on the other side of this debate when times are tough, (perhaps even if their government’s computers go down and they need to cart their loved ones to the hospital down the street in an emergency).
As always, this was a great, thought-provoking post. Looking forward to the next one!
June 4th, 2010 at 6:37 pm (#)
Me too, regarding having problems with:
“Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence. Security shouldn’t have to be purchased like a personal bodyguard. Far more flexible than Fort Knox are people, each with their own pocketed gold and machinery, empowered to look out for one another.”
This isn’t an unexamined problem! In fact, as you know, a big problem is that most people *don’t* even know how to look out for themselves, much less each other.
June 6th, 2010 at 6:57 am (#)
[…] see also Christian Sandvig, The Television Cannot be Revolutionized (multicast) and Jonathan Zittrain, The Internet’s Fort Knox Problem (The Future of the Internet and How to Stop […]
June 6th, 2010 at 9:12 am (#)
Here’s another comment about this paragraph:
“Rather, we can reinforce open, shared early warning systems to enumerate and deal with security threats, whether against PCs, Web sites, or Internet connectivity. With a few technical tweaks, we can all further help relay data from Web sites that are under attack, stabilizing their presence. Security shouldn’t have to be purchased like a personal bodyguard. Far more flexible than Fort Knox are people, each with their own pocketed gold and machinery, empowered to look out for one another.”
The first thing there looks like reputation based antimalware software. If one person reports “malfunction” or there’s reasons to believe something are wrong, anything that’s not normal is checked. Everything is reported too. The more negative reports about a certain file, the more likely it is that it’s bad.
It can be used in many other ways too. that WOT thing mentioned above is similiar.
The second thing you mentioned reminds me of Freenet, a distributed and anonymous data store system. There are also lots of other ways to dezentralize data storage (and downloading of it).
Now when there’s talk about implementing “resource packages” (http://limi.net/articles/resource-packages-spec-ready-for-prototyping), we could go so far as using torrents (with DHT) and all to distribute all images, videos and other embedded data.
The issue here is then this: How do we decentralize the downloading of the index.html file? We can’t really do that in a sane way with dynamic sites.
We need some kind of browser plugin that creates a bittorrent like network parallell with the normal http-based internet connections to servers. It would simple share the cache with others for various sites, and when those sites are down, a custom static version of the index.html file (predefined by the server) would be shared too.
I think that can work.