QuestionsAndDiscussion 11 - 25 Feb 2009 - Main.RickSchwartz
|
|
META TOPICPARENT | name="WebHome" |
Questions and Discussion | | -- AndreiVoinigescu - 17 Feb 2009 | |
< < | My problem with this proposal is that it promotes the misconception of "the Internet" as some physical thing that can be used or changed, when I think we all understand by now that "the Internet" merely stands for the set of social conditions whereby instantaneous communication between any two computers is possible without intermediation, made possible by the universality of communication via TCP/IP and other protocols. There is simply no way to discard this set of social conditions now that the tools exist to implement them somewhere. What might occur is simply a permutation of the trend of consumers conceding freedom in exchange for of perceived security, which will take the form of closed and opaque protocols, kept secret and proprietary so that people will be "safe" from malware. It will likely be an inferior product, collect untold amounts of private data, and further lock consumers into whatever service offers it first. | > > | My problem with this proposal is that it promotes the misconception of "the Internet" as some physical thing that can be used or changed, when I think we all understand by now that "the Internet" merely stands for the set of social conditions whereby instantaneous communication between any two computers is possible without intermediation, made possible by the universality of communication via TCP/IP and other protocols. There is simply no way to discard this set of social conditions now that the tools exist to implement them somewhere. What might occur is simply a permutation of the trend of consumers conceding freedom in exchange for perceived security, which will take the form of closed and opaque protocols, kept secret and proprietary so that people will be "safe" from malware. It will likely be an inferior product, collect untold amounts of private data, and further lock consumers into whatever service offers it first. | | -- RickSchwartz - 17 Feb 2009 |
|
QuestionsAndDiscussion 10 - 24 Feb 2009 - Main.TheodoreSmith
|
|
META TOPICPARENT | name="WebHome" |
Questions and Discussion | | -- RickSchwartz - 16 Feb 2009 | |
< < | | > > | | |
A New National Security Exclusionary Rule? | | For example, how can we effectively communicate that the quantity of American lives lost to terrorism (3,000 lives lost on 9/11 + 400 in Afghanistan + 4,300 in Iraq averages out to about 1,000 per year) pales in comparison to the 750,000+ deaths per year caused by conventional medicine (of which around 100,000 are the results of drugs which may have been misprescribed because of our permissive attitude toward privacy)? Can we ever convince America to accept terrorism as an acceptable cost of freedom as we do with, to take a slightly more benign example, the the 40,000 deaths per year resulting from automobile accidents? The national security cost-benefit analysis seems to be horrendously misperceived compared to policy areas like automobiles, where we easily accept these mortalities as an acceptable cost of the gained freedom and autonomy to go from point to point more efficiently. We could, but don't, eradicate this autonomy by banning cars and having a totally public transportation system created at incredible cost for the sake of saving lives and "increasing security." Freedom and autonomy both require accepting certain losses, and Americans lack either the desire or ability to comprehend the bargain in the case of national security.
-- RickSchwartz - 22 Feb 2009 | |
< < | | > > | | |
Do We Need a New Internet? | | It's interesting that the terms of the debate is always put in all-or-nothing trade-offs. Either we keep the problem-laden, insecure, and ill-conceived "Internet" or we trade off open platforms, anonymity and privacy for "something better". There seems to be a bit of a disconnect in Markoff's piece. He moves from challenges to network security (like the Conficker story) and, in an unusual non-sequitor, concludes that the libertarian ethos of anonymity and privacy built into the Internet's code is a big obstacle to addressing security concerns. But really, the problem posed by Conficker and the other anecdotes about botnets and malware have nothing to do with privacy and anonymity. They're the result of network software and operating systems badly written by people who care little about end-user security concerns. Sure, isolated incidents of hacking or informational espionage are network and national security challenges, but this happens not because of any inherent TCP/IP vulnerability or weakness, but network administrators not doing their diligence; or industry coders getting programs out on the market for consumption without properly locking things down for security purposes.
-- JonPenney - 23 Feb 2009 | |
> > |
It's true. I think the all or nothing comes in when they look at the distributed anarchic network and try to figure out how to solve problems like security - it seems impossible, so they turn to the tried and true solution of making the whole thing "belong" to someone. It reminds me of a recent article about the prosecution in the Pirate Bay lawsuit trying to understand the structure of authority. The problem is that the question doesn't really even make sense, but when you have a cultural predicated on ownership and hierarchy, the only way to solve these problems is to conceptually impose structure on the anarchic system.
Which I guess why Rick is totally right about the language thing: using "internet" in terms of the physical and non-physical entities that make up the network gives it a concrete conceptual identity and makes it possible to ask questions like "who owns the internet." I mean, this question would still come up, even if we made up some other random term for the specific extant network ("who owns the 'puppyweb'"), but it might be less confusing? Maybe it would be more confusing, as I think most people don't use the term 'internet' to refer to a social condition ("the internet is down" is usually not making a statement about human communications). Maybe it would be more clear to abandon "internet" to the ravages of common usage and develop a new term for interconnectedness?
-- TheodoreSmith - 24 Feb 2009 | | |
|
QuestionsAndDiscussion 9 - 23 Feb 2009 - Main.JonPenney
|
|
META TOPICPARENT | name="WebHome" |
Questions and Discussion | | Rick - I don't know if the terminology point is so important though. It is very useful to talk about the Internet as a social condition, as Eben does; however, this article is using "the Internet" to refer to the physical structures and protocols that make the social condition of the Internet possible. I don't think this is wrong, though it is confusing. We really need two different terms; however, until we come up with better language, I don't feel like it is useful to say that the word can only mean one thing. We clearly need a word for the latter, and that word is currently "Internet," which is unfortunately the same as the common word "Internet."
-- TheodoreSmith - 22 Feb 2009 | |
> > |
It's interesting that the terms of the debate is always put in all-or-nothing trade-offs. Either we keep the problem-laden, insecure, and ill-conceived "Internet" or we trade off open platforms, anonymity and privacy for "something better". There seems to be a bit of a disconnect in Markoff's piece. He moves from challenges to network security (like the Conficker story) and, in an unusual non-sequitor, concludes that the libertarian ethos of anonymity and privacy built into the Internet's code is a big obstacle to addressing security concerns. But really, the problem posed by Conficker and the other anecdotes about botnets and malware have nothing to do with privacy and anonymity. They're the result of network software and operating systems badly written by people who care little about end-user security concerns. Sure, isolated incidents of hacking or informational espionage are network and national security challenges, but this happens not because of any inherent TCP/IP vulnerability or weakness, but network administrators not doing their diligence; or industry coders getting programs out on the market for consumption without properly locking things down for security purposes.
-- JonPenney - 23 Feb 2009 | | |
|
QuestionsAndDiscussion 8 - 22 Feb 2009 - Main.RickSchwartz
|
|
META TOPICPARENT | name="WebHome" |
Questions and Discussion | | I wouldn't be so quick to jump to the conclusion that the government's failure to possess and coordinate citizenship information on everyone currently or potentially within U.S. borders is such a bad thing, even if you were to grant a lot of leeway in accomplishing the professed security objectives. | |
< < | For one thing, by assuming a valid need for access to information on everyone by any part of the state at any time, you necessarily justify unlimited increases in surveillance used to monitor the people who either intentionally or unintentionally avoid interaction with the government (e.g., illegal immigrants or people born within the U.S. and feel no need to get passports, who amount to something around 70% of the population based on my back-of-the-envelope calculations). This is the equivalent of switching from an opt-in to an opt-out (even though you can't really opt-out, so maybe a better term would be "you're-in") system of information collection and handling, which you might think is appropriate for "homeland security" purposes, but imposes huge costs on privacy because all of this information possession can be used to limit individual autonomy through whatever form of intimidation a cop or prosecutor or federal agent wants to apply, if given access to a you're-in system. An opt-in system, of course, could still exist and satisfy most homeland security objectives if the opting-in were merely some kind of activity that actually implicated some kind of security threat, rather than just sweeping everyone into the surveillance system at once. While the immense practical and logistical implications of collecting those amounts of data used to be prohibitively costly, today those costs are trivial, and consequently the state now has no natural backstop to prevent total information collection. | > > | For one thing, by assuming a valid need for access to information on everyone by any part of the state at any time, you necessarily justify unlimited increases in surveillance used to monitor the people who either intentionally or unintentionally avoid interaction with the government (e.g., illegal immigrants or people born within the U.S. who feel no need to get passports, who amount to something around 70% of the population based on my back-of-the-envelope calculations). This is the equivalent of switching from an opt-in to an opt-out (even though you can't really opt-out, so maybe a better term would be "you're-in") system of information collection and handling, which you might think is appropriate for "homeland security" purposes, but imposes huge costs on privacy because all of this information possession can be used to limit individual autonomy through whatever form of intimidation a cop or prosecutor or federal agent wants to apply, if given access to a you're-in system. An opt-in system, of course, could still exist and satisfy most homeland security objectives if the opting-in were merely some kind of activity that actually implicated some kind of security threat, rather than just sweeping everyone into the surveillance system at once. While the immense practical and logistical implications of collecting those amounts of data used to be prohibitively costly, today those costs are trivial, and consequently the state now has no natural backstop to prevent total information collection. | | All this being said, as Kate's father's experience indicates, we are in the midst of that very transition from opt-in to you're-in, and are in a position to determine what happens in that transition. Regardless of whether or not the homeland security hawks get their way and the state is directly collecting all this information, the information collection will happen as it is already being done by private entities subject to subpoena. Our job is to figure out how it will be used. As I suggested, one way to keep the system limited in some respect might well be to impose these "Chinese Walls" and prevent information sharing that would enable the state's use of information beyond the "concededly valid" goals of homeland security. | | -- TheodoreSmith - 22 Feb 2009 | |
> > | I apologize if I gave the impression that I thought information sharing wouldn't increase the efficacy of government (and sometimes in desirable ways); I absolutely agree that such is the case. I was merely pointing out that enhancing government efficacy is something to caution against because of the floodgates such a rationale opens, though such a position seems to lack political power these days. Perhaps that lack of political or rhetorical persuasiveness indicates that this the lever we ought to be pulling.
For example, how can we effectively communicate that the quantity of American lives lost to terrorism (3,000 lives lost on 9/11 + 400 in Afghanistan + 4,300 in Iraq averages out to about 1,000 per year) pales in comparison to the 750,000+ deaths per year caused by conventional medicine (of which around 100,000 are the results of drugs which may have been misprescribed because of our permissive attitude toward privacy)? Can we ever convince America to accept terrorism as an acceptable cost of freedom as we do with, to take a slightly more benign example, the the 40,000 deaths per year resulting from automobile accidents? The national security cost-benefit analysis seems to be horrendously misperceived compared to policy areas like automobiles, where we easily accept these mortalities as an acceptable cost of the gained freedom and autonomy to go from point to point more efficiently. We could, but don't, eradicate this autonomy by banning cars and having a totally public transportation system created at incredible cost for the sake of saving lives and "increasing security." Freedom and autonomy both require accepting certain losses, and Americans lack either the desire or ability to comprehend the bargain in the case of national security.
-- RickSchwartz - 22 Feb 2009 | |
Do We Need a New Internet? |
|
QuestionsAndDiscussion 7 - 22 Feb 2009 - Main.TheodoreSmith
|
|
META TOPICPARENT | name="WebHome" |
Questions and Discussion | | -- RickSchwartz - 22 Feb 2009 | |
> > | I don't think Kate's point was that less than perfect coordination of data was a problem per se, but just that some data sharing is going to be necessary, particularly in the kind of state we are becoming. (forgive me Kate if I got your point wrong.) The failure to have citizenship records is an excellent example of a place where you might want data sharing - this doesn't rule out chinese walls, but it certainly indicates, as you note, that there are places where having centralized information may be important.
I think Kate's other point is right on. Politically, what you are asking law enforcement, etc. to do is to become less effective for the sake of people's privacy. You can argue that the trade-off is too great, or that the agencies forced behind the screen would not actually lose effectiveness, but all it takes for a counter-argument is a single publicized event that could have been avoided by information sharing. I think it is too easy for the powers that be to point to a murder or child abduction and say, "we would have been able to stop this if we had access to more information." The dangers of the slow erosion of privacy are difficult to paint in such concrete and effective terms.
-- TheodoreSmith - 22 Feb 2009 | |
|
|
|
|
This site is powered by the TWiki collaboration platform. All material on this collaboration platform is the property of the contributing authors. All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
|
|