Institute For The Future

Cory Doctorow: Redesigning a Broken Internet

Powered by Ten-Year Forecast

Building and maintaining a global communications network is a tremendous accomplishment. Unfortunately, our internet is broken in relation to the laws and norms of today.   

The Institute for the Future's Second Curve Internet Series explores vulnerabilities and solutions for an internet that is better suited for our current condition. Last week, science fiction writer, journalist, activist and blogger, Cory Doctorow,  joined us as part of the speaker series to share his thoughts. In his talk, Doctorow described a wide range of forces that are shaping the internet.

 

 

The embedded audio above is a full recording of the event, and below are a few highlights from the night. 

 

Peer Review, Alchemy, and Your Smartphone

We live in a world of devices that are increasingly connected to the internet. The printing press has turned into a networked printer, phones have become smart, now some automobiles are self-driving, and even your home’s thermostat can go online. All of these devices are useful in their own way, but if the software running them is insecure, then they present serious security risks to the user. 

Doctorow pointed out that we have a reliable method for creating secure software systems through openly sharing and peer reviewing the software that is running on our devices. In his presentation, Doctorow provided a great description of how modern encryption works, making it clear that the most powerful cryptography in the world is fully open, and accessible to anyone because everyone who uses it has a mutual interest in the reliability of that system.

Unfortunately, open publishing and peer review and critique are not encouraged when it comes to much of the software running on your smartphone. In fact, the publishing of exploitable software bugs has been made illegal under the Digital Millennium Copyright Act. The spirit of this law is to help protect media companies from copyright infringement (which is a different story, see this previous post on Kopimism). However, the darker side of this law is that it criminalizes any collaboration amongst software communities, creating an environment where multiple parties often independently discover exploitable bugs, but there is no incentive to disclose them. A system full of bugs is not a secure system. 

Last year, a document was leaked at the 30th annual Chaos Communication Congress, showing that the NSA had discovered and weaponized bugs in smartphone software. These exploits allowed the NSA to take control of cameras and microphones in people’s cellphones. The act of keeping these software bugs secret may have been done in the name of national security, but it opened up every cellphone user to attacks from any other party who may have independently discovered the bugs, and in fact several other parties exploited this. 

When vulnerabilities are discovered and left unpublished — whether by independent security researchers afraid of illegally publish bugs, or the NSA keeping bugs secret for spying — the security of everyone’s electronic devices is compromised. Doctorow compares this situation to alchemy.  

“Everything that an alchemist learned on his way to figuring out how to turn lead into gold, he made sure that no one else knew about. That is why for 500 years, each alchemist discovered for himself, the hardest way possible, that drinking mercury is a bad idea."

In the short term, treating information as secrets compromises everyone's security. Some people may not care about this, saying they have nothing to hide. In the long term though, secrecy limits our understanding of the world. When alchemists stopped drinking mercury and started openly publishing their findings in the 17th century, a period of time now known as the Age of Enlightenment began. 

  

Exploitation of Public Infrastructure

As we saw with the Digital Millennium Copyright Act, laws are sometimes used to enforce copyright monopolies and inadvertently weaken the infrastructure of the internet. In other instances, we are seeing a serious lack of regulation when it comes to public infrastructure. Doctorow proposed an interesting perspective on the relationship between telecom companies and our national infrastructure. 

“Telecom companies only exist because of huge public subsidies. If AT&T or Comcast or any other telecoms company wanted to wire up all of San Francisco and they had to pay for every square foot of real-estate to get the wires in there, they would pay an ungodly amount of money that they would never recoup. And so they get this public subsidy thats worth effectively trillions of dollars. All of those poles, all of those punchdowns into basements, all of those conduits under the ground. If you want to do that private sector, you never would. 

“When [telecoms] go to the FCC and say that they want to practice network discrimination, their argument is, “It's our network, we built it and we want to be able to manage it however we want.”  

“The right answer to that, is [Doctorow thinks] if you want a private enterprise network, build one. But once you take the king’s schilling, you’re beholden. If you take a trillion dollars in public vale, you deliver public value. [Doctorow thinks] the FCC’s position in any sane world would be, “You’ve got 60 days to get your copper out of our dirt or we’ll buy it from you for the scrappage cost and find someone who’s willing to take a 10% smaller dividend for their shareholders this quarter in order to operate their networks on the principals that their customers want and that are manifestly in the public interest.”

 

Second Curve Internet

The internet is a complex system; it takes many people and organizations working together to keep it going and when industries, organizations, or individuals, exploit the network for their own personal gain, it compromises the integrity of the entire network.  

Doctorow suggests several actions that we can take today to strengthen the integrity of the internet. You can support organizations such as the EFF, ACLU, Public Knowledge, Demand Progress or the Fight for the Future Coalition. You can start a crypto party at your local hackerspace and help make warrantless blanket surveillance more difficult. There isn't a silver bullet solution to address all of these problems, but we can recognize issues that exist in the current version of the internet, and the IFTF is working with organizations and people like yourself to address these issues and build a better internet. This is not an easy, but it is important. 

Join us as we continue to grow this discussion. The next event in the Second Curve Internet Series series features P. Reed on December 15th at the IFTF offices in Palo Alto.