Thursday, 9 July 2015

How to be powerful and why you are not

I would like to bring to the reader’s attention a long con. This isn’t any con. This is the con at the bottom of every debate about internet security.

A report posted on July 6 discusses a report by Massachusetts Institute of Technology (MIT) which warns government interference with internet communications will contribute to “extreme economic harm” for online security.

British Prime Minister David Cameron and FBI director James Comey are reported to be encouraging tech companies not to use end-to-end encryption, such as WhatsApp or iMessage, because it makes it harder for law enforcement and intelligence agencies to spy on the communications passing over those networks. The MIT report, written by leading computing experts, says this encouragement will “open doors through which criminals and malicious nation states can attack the very individuals law enforcement seeks to defend.”

FBI director James Comey
These dastardly government plans are sure to “raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm,” say the experts. In case you weren’t sure, it’s the “economic” bit which is responsible for the shiver running down your spine. It’s almost as if these experts, on behalf of the business owners of internet apps and software, actually care for people’s livelihoods. In fact, that’s exactly how this reads. The government will make it more dangerous for normal people to be on the internet, and real people in the real world are going to be hurt by this overreach. Something must be done about this!

Yet it pays to remember that no one cares about our digital privacy or security. Least of all the people who actually own the software. Internet security makes people want to be more private, and from the viewpoint of the business people in charge (i.e. not you) digital privacy of individuals is bad. People must be online for companies to make money. Governments are now creating a barrier to this new consumer system, so all the intel guys have to go.

Initially, it’s a bit difficult to understand how the report’s authors are thinking. After all, there already are backdoors in most software programs. US intelligence agencies worked closely with Microsoft on most operating systems to build in tailored backdoors for access. NSA contractor Edward Snowden’s stolen files also exposed almost every other major internet corporation was cooperating with governments to do exactly the same thing.

It’s now clear those companies didn’t appreciate having to cooperate with government, and they’ve always wanted out of that deal. Snowden’s leaks gave them all a chance to see how much power the internet industry has accrued over the government and they took it without hesitating. Good thing the media and the public was willing to channel this message without question. Hence reports like this.

Besides, “criminals and malicious nation states” already have access to most computer programs, and if they don’t, they’re working on getting through right now. And don’t kid yourself, there’s no such thing as a “malicious nation state”. Everybody spies, get used to it. Everyone in the cyber community loves it when people think a computer program is “unbreakable”. They just giggle as they gather all the vulnerabilities they can find. For every politician trying to curb cybercrime there's a cyber-pirate who’ll come up with a workaround, and only one of them knows how to code.

On top of this, telling people not to use end-to-end encryption is probably a funnelling tactic. I don’t need to have a complete picture for this to be true. After all, there's no power in abolishing cybercrime. The power is in giving everyone the pretence of security while secretly retaining the PGP keys to the kingdom. It’s first-grade stuff really.

The easy criticism is bashing the claim that cyber-crime is doing “extreme economic harm”. I’ve written elsewhere about the existence of cyber insurance. That alone seems to prove businesses are choosing to live with the problem of cyber-attacks rather than fix them. When insurance packages are introduced to cover a new risk, this is essentially an admission of a limit in power. Since no one can stop a hurricane, we create new insurance policy for storms instead. The same thing happened with the Somali pirates a few years ago: countries can dispatch a few destroyers to the Gulf of Aden, but just make sure the premiums don’t rise too much because businesses will still send the container ships anyway.

And despite what the MIT report claims, businesses aren’t losing money from cyber-attacks. Whenever an attack occurs, banks simply call their own insurers and someone in prints a few more notes or types in a few extra zeros on the right balance sheets and poof, everybody wins. Simple. Sure, that’s a little cartoonish, but it’s true nonetheless.

The business community has learned to live with cyber parasites, because it can’t stop them. In fact, it’s worse than that. The existence of cyber-pirates is integral to the new economic system. How else is the government expected to make money? People don’t pay enough taxes anymore and seigniorage is one of the best ways to increase the revenue of any government. That is, until they realise how Bitcoin opens the door for incredible wealth accumulation.

These kinds of reports always have a base argument which is never explicit: it assumes people will continue to use the internet, no matter what. Whenever you read/hear about internet security, understand that the dominant narrative assumes you have accepted the form of this argument. The default position, for everybody, in this modern age is to use the internet. You are not allowed to ask whether this is a good thing, it is simply expected.

These reports serve the purpose of distracting attention away from the incredibly worrying reality of internet domination by largely incompetent and amoral corporations. It forces the public to fight on exactly the wrong battlefield (against government intelligence agencies) while the real battlefield for power (corporates duelling over who controls cyberspace) is framed as either non-existent or without concern for your mortal eyes. The whole game is to exorcise the government from the internet so corporations can leverage greater control over the communications and privacy of individual internet users. Knowledge is power, and corporations are consolidating control over all knowledge. I’m not saying this is a bad thing, I’m just explaining what’s happening.

This is why we read these reports: if you’re seeing it, it’s for you. As an internet user, a click on this study (widely reported in international media) is a tick in the right box for greater corporate control over the internet. Whenever you hear the words “security” coupled with names of bad people, you must look for a power struggle in the margins. It’s there, believe me.

This is a direct quote from the report: “In the wake of the growing economic and social cost of the fundamental insecurity of today’s Internet environment, any proposals that alter the security dynamics online should be approached with caution.” Notice how the insecurity of the internet has arrived because of “changes” to the “environment”. Notice how this suggests a fall-from-grace mythos. It’s framed as if the internet was perfect until sin entered the world. And this, as written by the world’s leading technology experts!

This is how you spot a lie. Because guess who’ll be there to save you in the end? God of course. But only in the form of benevolent internet corporations wishing simply to provide the average internet user with safe-harbour from the spread of evil government overreach. The internet security message is just a story, it is not the truth. It is the sublimated reality according to the dominant narrative which portrays government as bad and internet corporations as good.

“But I have my whole life on the internet. Why aren’t people worrying about this?” Good question, pity it’s irrelevant. The better question would be, why is this the narrative? Because when you ask it like that, it’s possible to see the scaffolding holding up the story. As the author Phillip Bobbitt explains in his book The Shield of Achilles: War, Peace and the Course of History (2002), the developed world is currently transitioning from a nation-state system into the early days of what might be called a “market-state” system. No one knows what this new system will look like until it’s at least partially mature. And it’ll take a few more decades to flesh this one out.

But some important pieces are already becoming clear. The internet is the vehicle to this new reality and whomever controls its gateways will be in command of potentially the last great power transition in human history. If you’re not involved in this transition right now, you will never have another chance. It’s actually kind of funny how we all thought this was about our personal security and privacy. Perhaps Shakespeare was right: in a false quarrel there is no true valour.

No comments: