Click Here to Kill Everybody by Bruce Schneier

Author:Bruce Schneier
Language: eng
Format: epub
Publisher: W. W. Norton & Company
Published: 2018-08-20T16:00:00+00:00

THE US WILL DO NOTHING SOON

As you read the previous four chapters, you might have found it easy to accuse me of painting a nightmare and responding with daydreams—that while my recommendations might be a good list of what we should do, they bear no resemblance to what we actually will do.

Partly, I agree. I don’t foresee Congress taking on the powerful computer and Internet industries and imposing enforceable security standards. I don’t foresee any increase in spending on our cyberspace infrastructure. I don’t foresee the creation of any new federal regulatory agencies. And I don’t foresee either the military or the police forgoing the offensive uses of cyberspace in order to improve the defensive.

Let me talk about the psychology of this for a minute. Just as the CEOs of companies tend to underspend on security, politicians tend to underplay threats that aren’t immediately salient. Imagine a politician looking at a large budget allocation for mitigating a hypothetical, long-term, strategic risk. She could designate funds for that purpose, or for more immediate political priorities. If she does the latter, she’s a hero with her constituents, or at least the constituents from her party. If she sticks with spending on security, she risks being criticized by her opponents for wasting money or ignoring those immediate priorities. This is worse if the threat doesn’t materialize (even if it’s the spending that causes that). It’s even worse if the threat materializes when the other party is in power: they’ll take the credit for keeping people secure.

In all the years I’ve been writing about these issues, I have seen very little serious policy progress. I have seen the ever-more-powerful IT industry digging in its heels and opposing any governmental limits on its behavior, and legislators without the stomach to take it on. I have seen law enforcement groups in multiple countries propose technical changes that weaken security, painting anyone who opposes them as weak on crime and terrorism. I have seen government get accused of over-and under-regulating at the same time. And I have seen new technologies become mainstream without any thought about security or regulation.

Meanwhile, the risks have grown more dire, the consequences more catastrophic, and the policy issues more intractable. The Internet has become critical infrastructure; now it’s becoming physical. Our data has moved onto computers managed by other companies. Our networks have become global.

Governments regulate things that kill people, and when the Internet starts killing people it will be regulated. It’s true that fear is a powerful motivator, and can overcome the psychological bias towards doing nothing and the political bias towards smaller government.

What would such an event look like?

That depends on the time frame. Some observers have noted parallels between today’s Internet+ and the pre-1970s automobile industry. Free from regulation, manufacturers were building and selling unsafe cars, and people were dying. It was the 1965 publication of Ralph Nader’s Unsafe at Any Speed that spurred the government into action, resulting in a slew of safety laws covering seat belts, headrests, and so on.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.