Skip to main content

The Maginot Line

Originally the title was "Hubris, Meet Nemesis" but I decided that was probably a bit muchI’m sorry to say that I have succumbed to something like schadenfreude. It’s not that I really enjoy what is happening these days, what with institutions of the web shutting down, basic civil rights being ignored, and all the rest. It’s just that it’s all a little poetic.
The technocracy, hoisted by its  petard – out-technocracied! We’ve been lionizing the Internet full-time for two decades (with good reason, of course) while clucking at the government’s failure to understand or adopt it. We’ve circumvented laws both just and unjust with it, hidden ourselves in its obscurity, reveled in its ubiquity, and laughed at the poor, benighted functionaries we presumed were still toiling over carbon copies and rooms full of file folders. Yet somehow with their ostensibly outdated tools and notions they were in fact subverting our little utopia at its most foundational levels.
Did you know the Greeks had a god specifically for this type of situation? Nemesis, in charge of punishing hubris, often in especially apropos ways (Narcissus, for instance). The FISA court probably set up a temple in her honor. Please fill out form 617-B, allocation for a fatted thigh, the scent of which riseth to heaven and pleaseth the gods.
But let’s cast our eye instead on more recent and confirmed history: the 1930s, on the eastern border of France. An impenetrable series of bunkers, tunnels, and garrisons built with the object of preventing a German assault. It worked wonderfully, of course — so wonderfully that the Germans decided they should go around it.
The Maginot Line is what I think of when I hear about efforts to secure electronic communications, generally via increasingly complex encryption schemes. The battle is over, everyone. Believe it or not, we lost! In fact, we were completely routed, so to speak. And yet it seems like all anyone can think of doing is shoring up defenses which hardly came into play in the first place!
PGP? People can barely manage the privacy settings on Facebook, much less a stable of random numbers and the means to deploy them. Zero-knowledge storage? Great until a court orders you to decrypt your own data (in violation of the 5th amendment, likely, but how long until a friendly precedent on that account?). Self-destructing messages? Print screen says hello, at least until someone finds a nice exploit. End to end encryption? Lovely, so you get flagged as suspicious by the NSA and all your data is stored for five years — plenty of time for them to squeeze the keys out of you or a friend (identified by metadata), at which point they breach a whole network of trust. Tor? The feds are watching exit nodes like prohibition gangbusters outside a speakeasy. 256-bit WPA2 keys? If the password isn’t “password,” “admin,” or “123456,” it’s probably written on a post-it note stuck to the goddamn router! Come on!
It’s not that these methods are technically insufficient for the their own purposes — it’s that they’re simply not practical given the actual threat: ubiquitous, flexible, and resourceful. Each one is arrayed against an idealized attack vector, and even if someone were to adopt each and every one of these worthy measures, they’re still going to get flanked.
Of course, perfect security is just a dream. But when a burglar comes through the window, do you put more locks on the door?
Better to just acknowledge that we chose to live in a dangerous neighborhood. The existing infrastructure of the Internet, from the routers and switches to the browsers and apps we use, was simply not designed with privacy or anonymity in mind.
That wasn’t a problem until the volume and importance of our electronic communications hit some crucial tipping point, at which they ceased being yet another way to get data from here to there, and became an indispensable and historically unparalleled tool for free expression. Gradually, the dissonance of these two ideas — a tool built for shouting that must be used to whisper — has become clear. This whole surveillance debacle is only the latest revelation to disturb our cozy ignorance.
We will have to live with the fact that our data is not secure for a while. Considering the towering privilege that is the Internet in the first place, it’s not too much to ask that we cope with a few cracks in the foundation. People for whom anonymity is critical, such as whistleblowers and activists, will be at risk, as they always were. Don’t forget that while the Internet is a powerful tool, it’s also a new one, and while we should value its contributions and the people whom it enabled, it is by no means an essential tool for confidential communication, or, for that matter, revolution.
But we may also have to face the idea that the savior Perfect Security may never appear to rapture us into a world of true anonymity, fountains of bitcoins, and desiccated surveillance apparati, lovingly tended by weeping spooks. I was told yesterday (by Bruce Schneier, so I trust it) that the noise pattern from a device’s antenna can be used to fingerprint it, a side effect of high-precision wireless transceivers. Metadata is leaking at the seams because our communications must be quick and precise. Our faces are registered on cameras dozens of times a day because the demand for imaging devices has made the cost of capturing and recording less than the cost of not doing so. Every defense we raise is a Maginot Line, and every sword we forge cuts both ways.
We’ve opened box after box from Pandora’s collection, and generally speaking the shrieking demons which emerged have quickly sunk their unholy teeth into industries and institutions whose devourment was long overdue. But sometimes we look down and notice bite marks on ourselves, as when we found that the Internet enables a culture of inhumanityuniversal surveillance, or anarchic proliferation.
Clearly, this is one of those times. It does no good for us to pretend that the way we have crafted our world is without consequences unfavorable to ourselves, perhaps permanent ones. The rule of history is two steps forward and one step back. We have just taken a step back. Hubris, meet Nemesis.


Popular posts from this blog

how to share all group facebook one click and very easy

Facebook Starts Letting Teens Post Publicly

Like a cautious parent,Facebook is giving teen users new freedom despite risks. For the first time, users under 18 can post publicly. The logic is that other sites don’t restrict kids, teens are getting more web savvy, and young celebrities want a voice. This could let minors publicly share things they’ll regret, so they must manually opt in to public sharing and confirm they understand the risks. Somewhat disingenuously, Facebook frames its blog post about the change as being about adding more protection for teens. It starts off saying that now when people age 13 to 17 sign up, their posts to the News Feed are defaulted to “friends only” instead of “friends of friends (fof)” as they were before. That is important because many people don’t change their default settings, and if you have thousands of friends with thousands of friends, the fof setting would share your posts to more than a million people. But considering there are 1.15 billion people on Facebook already, and its growth has…

Instagram surges past 700M users, fueled by algorithmic feed

Instagram has gone through a whirlwind of changes the past few months. Between bookmarks, likable comments, live video, tags, zoom, drafts, Stories and of course the controversial algorithmic feed – no one can argue that the Facebook-owned photo sharing app hasn’t been innovating at a rapid pace. But the real question is what effect are these product enhancements having on the bottom line – which in the case of Instagram is measured in user growth. And the answers seems to be that it’s working. The app just announced that they have grown to over 600 million monthly active users. This is almost 10% of the world population – and 100 million more than the company had 6 months ago when they announced a milestone of 500M monthly actives. As a comparison, it took about 9 months to get from 400M to 500M monthly actives – so their growth is still accelerating, even with such a large user base.
While the growth over the past 6 months was still broad-based, the company noted that they were doing p…