I agree with Jonathan Zittrain that the generative nature of the Internet and the PC, as he has described it, is one of the keys to the Net’s success. It is integral to the rapid pace of innovation and a philosophy of user empowerment—the users of the network should be able to do what they want without having to ask permission of anyone. So the generative design is a driver of economic growth and a statement about user autonomy.
Zittrain is also right when he explains that, due to the current problems with security, substanial change is needed. The question is what will change, and who (if anyone) can control this process? Nobody is in charge, and the shift will be made up of little decisions taken by many stakeholders positioned in many jurisdictions, with many motivations.
One such stakeholder is the user. We can identify pressures to sustain the generative infrastructure of the Web as well as pressures to erode it, but these are not always to the user’s benefit. Consider, for example, the prevalent extensions to the Web protocols that allow a browser to download bits of code from a Web site and run it on the client machine. That code can then change the way the Web page is displayed to the user and initiate other behaviors on the client machine. The advocates for these capabilities were not thinking about the consumer as exploiting this generative capability, or being empowered by it, but as “benefiting” from it, now able to receive web pages with advertisements that bounce and interactive popup windows. The security community fully recognized that this ability was a security nightmare that would open the door to all sorts of abuse. It was vocal, and it was ignored. We now pay the price.
There are three lessons to be learned from this analysis of dynamic Web pages. First, we should ask the ever-salient question of cui bono loudly and often in the ongoing tussle over the future of the Internet. Second, poor security, like pollution, is a classic example of a negative network externality. It is not the owner of the Web site who pays the price if a consumer’s PC is infested with a virus. This is why schemes such as the Google/StopBadware strategy described by Zittrain are so important: they shift some of the burden for poor security to more appropriate actors in the network. The third lesson is that we must not see poor security as a purely technical problem—a consequence of unthinking design by careless engineers. When features that foster poor security are knowingly added to a system, the problem has to be addressed in the larger socio-economic-regulatory context in which that system—in this case, the Internet—is embedded.
What are the effects of these burgeoning security concerns? Zittrain notes a number of ways in which the generative capabilities of the PC/Internet platform are morphing. We should ask whether these signal a healthy future for the generative experience, or a loss.
Broadly, what he suggests is that generative behavior is moving “up” from the level of programming to that of user interaction. Generativity is no longer just the ability to install new code on a computing platform, but to create mashups of Web content, produce collective content like Wikipedia, and so on. The set of ideas branded as “Web 2.0” are intended to be powerful tools for composition and reuse of building blocks—a characteristic example of generative capabilities. So, is something wrong?
The PC may be the single most insecure component in the whole Internet ecology. We all might be better off if we locked it down to some degree (forbid installing new code in the system kernel, for example), and let the generative behavior occur elsewhere. Of course, in the early days of the Internet, there was no “elsewhere.” There were routers and end-nodes. Those were the only components in the Internet as it was originally conceived. But today we have a rich mix of platforms in the Internet that form the generative infrastructure.
To return to the cui bono question, the loss of the ability to download new programs to a PC will directly harm the commercial innovators who want to write such code. It will thus indirectly harm the user in that he or she is denied the benefits of innovation. But consumers don’t write code. They mess around with Web pages and the like, which they can do quite well today. The new metric for user empowerment is not only whether users can install the code of their choice on their PCs, but whether they have choice in selecting among the various providers of the rich distributed platform for today’s generative behavior.
One of the root causes of poor security on the Internet may be a long-standing dissonance between the old-school computer security community and the real-world experience of the Internet. The old model of computer security was “each machine defends itself,” or possibly “each machine is its own castle, with its own little drawbridge.” This point of view may have arisen because the initial thinking about computer security predated the widespread use of networks, or perhaps because security folks don’t trust anyone. A good aphorism to describe the original approach to computer security might be, “all the world is queer save thee and me, and even thou art a little queer.”
The tradition of security thinking, which arose with the goal of protecting classified information in the intelligence and military communities, stated that only perfect protection was good enough. If you just “make the hurdle higher,” any state-sponsored attacker need only jump higher still. Trust in your neighbor is not a part of any solution that has to be perfect.
In the real world, we use social constructs to create an environment that is “safe enough,” one sufficiently secure and predictable that we are prepared to live in it. It is through participation in a collective social sphere that we achieve this sense of safety. Zittrain points out that to make the Internet a “safe enough” place, we need to put into practice theories of security that allow us to depend on our friends, share insights and observations with others, and establish a socially embedded online experience. This shift is a key part of rethinking security and should be the target of serious consideration.
With all the security problems afflicting us today—zombies and bot-nets, malware with business models and cyber-warfare—it is easy to get depressed. However, I am optimistic about the future as long as the good guys have the energy and commitment to hang in there. I see the plastic nature of the Internet as protecting the generative future, and I consider our more sophisticated view of how the real world and the Internet align as a signal of maturity. The early hacker days of the PC may be gone, but this signals a shift in where the action is, not the end of the Internet as we know it. Or perhaps, it is the end of the Internet as we knew it, but not the Internet as it will constantly regenerate itself.