Wednesday, November 20, 2013

Should the 99% Harbor Resentment Against the Tech Elite?

An eye-catching story from the front page of The Economist grabbed my attention this afternoon. Adrian Wooldridge writes that there's a coming "peasants' revolt against the sovereigns of cyberspace". He argues that people's love of iPhones and other popular gadets has thus far largely exempted the tech-elite from Occupy Wall Street-style protests against the plutocracy, but that it inevitably can't last.

Is there indeed a fundamental concentration of power worthy of concern? Consider the question in relative terms to other industries. Wooldridge raises the example that Mark Zuckerberg owns 29.3% of Facebook and Larry Ellison owns 24% of Oracle. By contrast, the largest single investor in Exxon Mobil controls only 0.04% of the stock.

A few years ago the new economy was a wide-open frontier. Today it is dominated by a handful of tightly held oligopolies. Google and Apple provide over 90% of the operating systems for smartphones. Facebook counts more than half of North Americans and Europeans as its customers. The lords of cyberspace have done everything possible to reduce their earthly costs. They employ remarkably few people: with a market cap of $290 billion Google is about six times bigger than GM but employs only around a fifth as many workers. At the same time the tech tycoons have displayed a banker-like enthusiasm for hoovering up public subsidies and then avoiding taxes. The American government laid the foundations of the tech revolution by investing heavily in the creation of everything from the internet to digital personal assistants. But tech giants have structured their businesses so that they give as little back as possible...

Growing political involvement will inevitably make these plutocrats powerful enemies. Right-wingers are furious with their stand on immigration. Others are furious with them for getting into bed with the national-security state. Everyone with any nous is beginning to finger them as hypocrites: happy to endorse “progressive politics” such as tighter labour and environmental regulations (and to impose the consequences of that acceptance on small business) just so long as they can export the few manufacturing jobs that they create to China.

Without placing a value judgment on whether public resentment towards the wealthiest 1% is a positive or negative social characteristic, a different question beckons... What, if anything, sets the tech-elite apart from those wealthiest of plutocrats in other sectors?

Wednesday, November 13, 2013

Is Bitcoin a Form of Hacktivist Protest Software?

Just brainstorming a few ideas for a conference paper and thinking of last week's demonizing of the Bitcoin virtual currency in Time magazine's cover story, linking it to the Deep Web...

Hacktivism is a phenomenon that has been around for some years now, but what's increasingly attention-worthy is that the idea of computer hacking for political purposes is gradually evolving away from hackers writing code and, instead, is now centered on the advent of social protest software. Whereas, in the past, a hacker or group of hackers would, for example, utilize their knowledge of code to launch a distributed denial of service (DDOS) attack against a website, what is becoming more common is for hackers to develop user-friendly software that anyone in the mainstream public can then download and use to launch their own DDOS attacks by simply stepping through a wizard, clicking a button, and not having to understand any code at all.

Some quick examples of such social protest software include Tor, PHProxy, Cain and Abel, NetTools, WireShark, AngryIP, and dozens of others found on sites like SourceForge:DDOS or AstaLaVista.

Of course, most of these software applications have very legitimate uses and are in no way illegal or, for that matter, should necessarily even be deemed suspicious. But what is a handy network monitoring tool for one person may be, well, a network monitoring tool serving a very different purpose for another.

First question - To what extent can this debate be framed in terms of the "Code As Speech" literature? In other words, does the very existence of such software constitute a form of political speech or protest, or is such software merely a delivery vehicle, or forum, for political speech or protest? To put it yet another way, is the software a tool or is it an end in and of itself.

Second question - In terms of cybersecurity, what policy responses to the rise of hacktivist software can we uncover? At quick glance, it seems the only notable responses have involved high-profile arrests or enhanced sentencing. But, again, most of the software is legal and has very legitimate uses, so perhaps that shouldn't be surprising.

Third question - How can we draw a categorical distinction among the various software applications between those that are tools for hackers versus those that are hacker tools for ordinary people?

Fourth question - Why have such hacktivist software tools thus far largely failed to go mainstream viral? Are the tools not good enough? Are people simply unaware of their existence? Or is it that people just aren't that interested in enagaging in hacktivist activities?

In order to shed light onto some of these questions, it would be interesting to perform a detailed case study on Bitcoins. As a virtual P2P currency - decentralized, "mined" through computational processes, and traded on cyber exchanges - one could argue that the Bitcoin system's very existence constitutes a direct challenge, or protest action, against established institutional currency regimes. As such, the Bitcoin system is, by design and by definition, a form of hacktivist software. Perhaps we can even label it a "protest currency".

Or not :-)


Tuesday, November 05, 2013

The Public Outcry Over N.S.A. Surveillance Isn't Going Away...

In September, when it was reported that the N.S.A. had been engaged in mass surveillance of virtually all Internet traffic, there followed a public outcry that has yet to subside. However, to many individuals working within the intelligence community, and the larger national security complex in general, the reaction was more ho-hum; something of a shrugging of the shoulders. Indeed, the surprise was that so many people were so surprised.

With the passage of a few weeks, we all, by now, have had the chance to process these events and should now start giving this issue some meaningful perspective.

First of all, and let's not beat around the bush, yes, the government is monitoring all Internet traffic. And while that's a potentially frightening proposition, two things need to be kept in mind before people take an alarmist position - 1) this is nothing new; the federal government has been trying, for many years, to perform such all-encompassing surveillance of cyberspace, and doing so in full public view, as is the case with Clipper Chip proposal in the 1990s; 2) it must be understood that there is no individual in the N.S.A. or any other agency sitting at a desk and reading your emails. The entire program is implemented using data mining - which means that a software algorithm seeks out specific patterns and raises a flag when it finds one. That's a beast of a completely different sort.

Second, and let's be clear about something else, private businesses and corporations have been monitoring all of your Internet traffic for years too. Whether it's Google or Verizon or Apple or Facebook, every single e-focused corporation in existence monitors the content of your emails, your search queries, your browsing history, and your social networking behavior to the largest extent they can technically achieve. AND you have given them your explicit permission to do so by signing their Terms of Service agreement when you first began using their service.

So Big Brother clearly exists, and has for quite a while, in the form of both the government and private corporations. So why the discrimination in public outcry?

Third, on the technical side, intentionally creating backdoors into the hardware and software components of virtually every product on the global market, which is what the government has reportedly attempted, is a horrific mistake. It's the false logic that, "in order to make everything more secure, we need to make them less secure". Or we can use the analogy that it's as if the government mandated that every house have a key left under the front doormat, just in case they ever needed to look inside without your permission, and the whole system being dependent on no one ever discovering that every other house has their key under their doormat too. To say this is counterintuitive gives it too much credit. As a matter of fact, this strategy diminishes the security of the nation's critical infrastructure and cyber assets.

Fourth, it's important to remember the stated purpose of the surveillance efforts which is to keep Americans safe from terrorist attacks. Certainly, that's not to argue that the ends always justify the means, and that any and all actions taken towards that goal must be always permissible. However, what it ought to do is emphasize the point that this is an issue between two competing core values - privacy and security. Both are positive values in the American political system, thus neither side warrants being disregarded or demonized. Rather, this is a case where two core positive values have come into conflict with each other and we each have to decide at what point on the spectrum we believe the most prudent strategy rests.

Finally, from a prescriptive point of view, there is a way forward that can continue enhancing our security while still assuaging people's concerns over privacy rights - more transparency. Based on the public outcry over the N.S.A.'s surveillance efforts, but not Google's, I would argue that the issue is less about the surveillance itself and more about the intense secrecy behind the program. Secrecy and covert actions taken by clandestine government agencies, with virtually no oversight nor check on their power, is the absolute enemy of liberal democracy. Period. More transparency about general strategic policy, while still keeping technical implementation measures classified, would go a long way towards striking that critical necessary balance, allaying the public's fears, and keeping the government accountable to the People. After all, let us never forget, the government is not only meant to serve the people; it is meant to be BY the People.