I’m getting ready to write my first near-future novel and as research and inspiration, I’m reading and re-reading some tech books. One of the books I’ve been reading is Bruce Schneier’s Click Here To Kill Everybody. Something that I found compelling about it was the idea of the Internet of Trust.
What’s there to trust?
While Schneier doesn’t ever explicitly use the term Internet of Trust, he does talk a lot about the role trust plays on the internet. And even more about the ways that trust has been exploited by malicious individuals and nations. And since everything is now a computer, that trust is more important than ever.
Our IRL society is completely built on trust. We encode that trust into manners and conventions. If someone breaks that trust, there are mechanisms to make sure that others do not follow that example. Laws in extreme cases, shunning and other social reprimands more commonly. But so far the internet doesn’t really have such a mechanism. And a lot of people are taking advantage of that. Including governments.
Yes, but why?
Technology makes things easier. One of my favorite things about my day job is that I get to change people’s lives. And I’m not talking about those huge ways like building affordable housing or making wells happen and stuff like that. This one time I worked on a thing that made reports etc. One of the clients had a woman whose job, for two weeks twice a year, was to create a specific report by copying and pasting all the information and formatting it to look pretty. Once we were done with the software, she got the bulk of that work done in less than half a day, reclaiming her time for almost a full month of the year to do something more meaningful.
The trouble with that ease is that it’s easy to forget just how hard it is to make it happen. Schedules and scope creep often make sure there are plenty of bugs. It doesn’t help that the internet architecture was never designed with malicious actors in mind. Since then, all kinds of actors have started to make use of this fact. Some, such as the FBI and the CIA, have even gone as far as demanding technology companies create backdoors into computers in order to make their spying easier. And that attack-first policy that pretty much all nation-states prefer has had many consequences. We are all less secure because of it. Seriously, Schneier’s books, but especially Click Here to Kill Everyone go into great detail about those things. It makes for terrifying reading.
Where do we go from here?
I think the changing of the internet has already begun. These days there are already people who know you’re a dog. Not all comment sections are trash fires. Major social networks are de-platforming lying hatemongers, reducing their options for getting paid. Software developers are starting to understand just how important security is to build in to the software from the ground up. Schneier advocates for – and I agree with him – hardened security as an opt-out feature rather than an opt-in feature. He talks about his friend who found the password protection of their phone too onerous and turned it off. They started using it again once fingerprint identification made it easy. And that is as much the point as anything else. Security needs to be easy to use and out of the box for any user as much as possible.
That ease of security is something that people who want the internet to remain attack-first oppose with every measure at their disposal. And that brings us to the last thing that needs to happen. Governments that hoard attack capabilities instead of notifying the people responsible for them make us all less secure. If a government actor can find a vulnerability, so can a criminal. A backdoor created for a government actor can just as easily be used by a criminal. Vote out anyone and everyone who even talks about reducing internet security for any reason whatsoever. Make sure the people in charge of our safety make it a priority to make sure no one, including them, gets access to your private data. Get away from social networks and services that use you as a product. Encrypt everything you can.
It’s all hard work, but in the end, we can maybe have a an internet where the trust we put into it is justified.