Internet security—who needs it?

Inside the Internet.
Jan. 28 2004 3:40 PM

See You on the Darknet

Why we don't really want Internet security.

Illustration by Mark Alan Stamaty

I have a game I play whenever I read an essay on politics written by a techie: How long until the first reference to George Orwell? Autodesk founder John Walker, in a recent 28,000-word monograph ponderously titled "The Digital Imprimatur," wastes no time: His piece is subtitled "How big brother and big media can put the Internet genie back in the bottle." If your eyes don't glaze over right then, they will as soon as Walker begins to explain how by signing up for cheap broadband service, with its firewalls and dynamic IP addresses, you've already compromised your freedom.

Walker goes on, listing spam filters, antivirus software, even those perennially just-around-the-corner micropayment schemes as further nails in the coffin of liberty. "I have been amazed at how few comprehended how all the pieces fit together in the way I saw them inevitably converging," he says, in the patiently condescending tone of a Bond villain. But Walker's heavy-handed prose would be funnier if he didn't have a point.

Advertisement

True, his final forecast is standard tech-blog fare: Totalitarian governments (you know, like the one in 1984) will clamp down on the Net by instituting a digital Mark of the Beast, a personally assigned crypto-certificate that tags every online transaction, letting authorities track exactly who did what, where, and when. But Walker also argues that the rest of us (the ones who aren't yet peons in Orwellian regimes) will voluntarily sign up for similar surveillance when the certificate system is marketed to us as a cure for spam, fraud, and other Internet annoyances. He's right that we'll be sold this stuff. The question is, will we buy it?

Personal ID certificates are already an essential part of the Next Generation Secure Computing Base, a content-control system for PCs being developed by Microsoft (which owns Slate) and an industry consortium that includes Intel and other chip makers. Together, the alliance hopes to build an uncrackable data vault into future PCs, one that works in tandem with the Windows operating system. Users would need to present the right certificates before being allowed to transfer data into or out of the vault. Those who try to pick the locks may find they've left digital fingerprints all over the place. The system will be opt-in, as noted in the working group's FAQ (See No. 25: "It can be disabled permanently," unlike Orwell's telescreens).

I'm all for that kind of security where it belongs—I sure hope my bank adopts it. But as Walker notes, an always-on ID would take a lot of the fun out of idle Web surfing. Advocates tout secure computing as a way to protect your medical records from hackers. But who are they kidding? The biggest beneficiaries would be music companies and Hollywood studios, whose downloadable songs and movies would be much harder to pull from the vaults of individual computers and trade around the Net.

So why would we opt in to such a restrictive system? The FCC and Congress could mandate it—they're already being lobbied to create a national Internet driver's license on the grounds it'll stop everything from spam to libel to pedophilia to terrorism. Even Howard Dean plugged this proposal in a speech two years ago (he got to Orwell on Page 6). But Walker is right. It's more likely that private companies will begin to require people to present digital IDs in the name of a better customer experience. E-commerce and entertainment sites could require them as antipiracy measures. Corporate networks could insist all inbound messages be digitally signed to minimize spam from outsiders. How would we respond? Walker thinks that with such constant incentives, average users, the people who don't spend every moment obsessing about the potential repercussions of a certificate system, might just leave the ID system on permanently. 

Walker's scenario is credible enough that Newsweek covered his essay in an article that only de-Orwellized it to the extent of changing Big Brother to "Big Government." But Newsweek also added the missing part of the story: a more nuanced sense of how Internet users would react to such a system. Using the Net without the feeling you're being watched, downloading and uploading stuff you'd get in trouble for leaving on your desk—come on, that's a major part of its appeal. Any privacy clampdown would boost outlaw computing as surely as the 55 mph limit did speeding *. "Picture digital freedom fighters huddling in the electronic equivalent of caves, file-swapping and blogging under the radar of censors and copyright cops," Newsweek concluded. They might as well have added: Cooooooooooool.

An ad hoc alliance of techno-rebels covertly transferring unauthorized data in defiance of network authorities—sound familiar, Neo? It's such a popular scenario that the same Microsoft researchers leading the company's secure computing efforts wrote a paper two years ago describing this inevitable backlash, which they dubbed the darknet. The darknet! Jeez, are they trying to make piracy cool? Who'd want to hang out on the boring old Internet when the other kids are on the darknet? The term has been picked up by mainstream publications including Rolling Stone, which defined darknets (plural) as "file-trading networks created by and for small, private groups of people." Instead of relying on KaZaA, these groups use programs like WASTE that let them swap wares on discrete networks without being remotely tracked. Even a cop with a subpoena would be hard-pressed to detect such a network's existence.

Microsoft's paper flatly warns that trying to shut down these networks could backfire:

There is evidence that the darknet will continue to exist and provide low cost, high-quality service to a large group of consumers. This means that in many markets, the darknet will be a competitor to legal commerce. From the point of view of economic theory, this has profound implications for business strategy: for example, increased security may act as a disincentive to legal commerce.

TODAY IN SLATE

The World

The Budget Disaster that Sabotaged the WHO’s Response to Ebola

How Movies Like Contagion and Outbreak Distort Our Response to Real Epidemics

PowerPoint Is the Worst, and Now It’s the Latest Way to Hack Into Your Computer

Everything You Should Know About Today’s Eclipse

An Unscientific Ranking of Really, Really Old German Beers

Education

Welcome to 13th Grade!

Some high schools are offering a fifth year. That’s a great idea.

Culturebox

The Actual World

“Mount Thoreau” and the naming of things in the wilderness.

Want Kids to Delay Sex? Let Planned Parenthood Teach Them Sex Ed.

The Shooting Tragedies That Forged Canada’s Gun Politics

  News & Politics
Politics
Oct. 22 2014 9:42 PM Landslide Landrieu Can the Louisiana Democrat use the powers of incumbency to save herself one more time?
  Business
Continuously Operating
Oct. 22 2014 2:38 PM Crack Open an Old One A highly unscientific evaluation of Germany’s oldest breweries.
  Life
Lexicon Valley
Oct. 23 2014 10:30 AM Which Came First, the Word Chicken or the Word Egg?
  Double X
The XX Factor
Oct. 23 2014 8:51 AM The Male-Dominated Culture of Business in Tech Is Not Great for Women
  Slate Plus
Tv Club
Oct. 22 2014 5:27 PM The Slate Walking Dead Podcast A spoiler-filled discussion of Episodes 1 and 2.
  Arts
Behold
Oct. 23 2014 11:08 AM Seeing the Familiar in Black and White
  Technology
Future Tense
Oct. 22 2014 5:33 PM One More Reason Not to Use PowerPoint: It’s The Gateway for a Serious Windows Vulnerability
  Health & Science
Bad Astronomy
Oct. 23 2014 7:30 AM Our Solar System and Galaxy … Seen by an Astronaut
  Sports
Sports Nut
Oct. 20 2014 5:09 PM Keepaway, on Three. Ready—Break! On his record-breaking touchdown pass, Peyton Manning couldn’t even leave the celebration to chance.