m***@invalid.com
2024-06-25 00:03:13 UTC
Reply
PermalinkThis is only partial excerpts from the great article at the URL above.
===================================================
With respect to actual, real security, most of what happened in the
past decade should be regarded as a mistake. I think now we realise
that division into large social media blocks has fomented insecurity,
polarisation and extremism much more than a heterogeneous, hands-off
Internet ever would have. It made chatter less legible, and handed an
audience to terrorists. It baked vanity and mental insecurity into our
youth. Compared to personal websites, open news (nntp) and email,
Facebook and Twitter are a societal setback, with far more socially
destructive power.
Security is built on trust an mutuality. One narrative about how the
digital world became so insecure focuses on growth. Perhaps a better
explanation is simply the breakdown of trust and fragmentation into
mutually hostile camps, fuelled by power-seeking greed and vanity. The
Internet has provided another canvas on which to paint human division.
In a nutshell, insecurity has become profitable. What Edward Snowden
also called the "Insecurity Industry" can be explained not solely as
malice in lieu of incompetence, but that both may exist side by side
in a world where it's often more profitable to have something be
broken than to fix it.
What I fear we are now seeing is a fault line between informed,
professional computer users with access to knowledge and secure
computer software - a breed educated in the 1970s who are slowly dying
out - and a separate low-grade "consumer" group for whom digital
mastery, security, privacy and autonomy have been completely
surrendered.
The latter have no expectation of security or correctness. They've
grown up in a world where the high ideals of computing that my
generation held, ideas that launched the Voyager probe to go into deep
space using 1970's technology, are gone.
They will be used as farm animals, as products by companies like
Apple, Google and Microsoft. For them, warm feelings, conformance and
assurances of safety and correctness, albeit false but comforting, are
the only real offering, and there will be apparently "no
alternatives".
These victims are becoming ever-less aware of how their cybersecurity
is being taken from them, as data theft, manipulation, lock-in, price
fixing, lost opportunity and so on. If security were a currency, we're
amidst the greatest invisible transfer of wealth to the powerful in
human history.
Despite some forces in Europe working toward greater interoperability
and consumer empowerment, US tech giants are doubling down on
locking-in customers, stripping them of rights, privacy, and mobility.
Europe itself is also struggling with far-right political
undercurrents breeding insane surveillance ideas like "Chat Control".
The issue at the centre of it all is "security". And as always we must
ask:
"Whose security?"
Most of what you'll hear in the media is contradictory. By some
accounts we are already in a full-blown cyber war. Governments are
scrambling desperately to shore up systems, recruit cybersecurity
people and announce how Britain will become the "safest place to be
online". Yet simultaneously governments and corporations work
tirelessly to make computers less secure, because monitoring and
selling your data is their goal. Governments shy from prosecuting
international cybercriminals who sell them products to spy on
journalists and protesters - all while squandering tens of millions on
petty state retaliation against whistle-blowers. An unholy Faustian
pact is at work that makes a mockery of civil computer security.
Rational and technical factors have little to do with this now. The
"technology industry" hasn't had much to do with computer scientists,
engineers, intelligence or technology people in about 20 years. It
feeds off our knowledge and advances, but is run entirely by marketing
people and political lobbyists.
Our problem, as experts and proponents in the civilian space, is that
nobody cares much about technical realities of security, so long as
people keep buying gadgets and posting on social media. "Consumer
Tech" is now mostly a make-believe world of wishful thinking and
leveraging "users" addiction. "AI" now sells convenience and
abdication of agency, creativity, imagination, human relations and
responsibility. When grave security gaffes are revealed, they are
rebranded as "features" or as "necessary".
Although there is a cultural backlash brewing, perhaps in part caused
by the economic and culture effects of "AI", we've still got an
industry that preys on the worst aspects of human greed and laziness.
It's backed by trillions of dollars of marketing power to paint
loneliness, anxiety and mental illness, not merely as "normal" but as
"essential for our modern life". The outcomes are plummeting education
and real productivity, depression, broken relationships, derelict
high-streets, and a mental health crisis.
Some ridiculously dangerous ideas like Microsoft Recall, and cloud
"AI" services are only going to amplify our problems. Nobody is
keeping corporations in check at the level of challenging their
reckless engineering and naive ideas.
Remember that cybersecurity, as practised today in a misaligned world,
is not a tide that raises all ships. It is a fixed sum trade in which
one party's security is another's insecurity. To give security back to
people, we have to take some away from corporations and governments.
That's an eternal balance we have forgotten since Aristotle, Rousseau
and Hobbes.
Because of the mushrooming value of data, many laws now lead to more
insecurity for ordinary people whilst having almost no impact on money
laundering, terrorism or child predators - the Four Horsemen of the
Infopocalypse.
Getting off products like Microsoft Windows, now simply an awful piece
of spyware, and getting away from services like Google is an important
priority for everyone who is conscious about personal information
security. Helping other people to assert digital independence is also
something you can achieve, because everyone who seeks digital
emancipation and security becomes a golden example to others that it's
possible! Alternatives, independence and empowerment is possible.
Habit and thoughtless conformity are much more powerful obstacles to
positive change than any amount of opportunity or education.
Psychologically, we see that in everything from dieting and quitting
smoking, to taking the bike instead of the car.
It's the little things that get us. Today it's not moustached
dictators with columns of tanks that threaten our way of life! Being
too lazy to walk to the counter, or too timid to insist on paying cash
are the little human weaknesses that add up to giant crushing defeat
of free society.
There is a kind of hypnotised enchantment with technology that
bypasses our rational, thoughtful minds. And there is a lack of
widespread education such that people can recognise and politely
refuse premature, unreliable and dangerous technologies pushed at
them.
Behind the push is an intense momentum at the executive managerial and
policy level to drive technologies in the name of theoretical
"efficiency", technology that nobody actually wants, nobody trusts and
society cannot support in the long term. Who is behind that? The
people and companies that sell half-baked digital systems of course.
That, in itself, is a colossal cybersecurity problem! It's just not
one that involves cryptography or traditional hacking. These are Layer
8 (usability) and Layer 9: (politics) cybersecurity problems. They
exist in our culture as giddy, breathless attitudes of incautious
zealotry - often alongside a contempt for "experts and eggheads" who
urge more thoughtful progress.
Victim Blaming
In the UK, when things go wrong we parade the victims on TV. Rip Off
Britain is where sobbing mums robbed of their life savings break down
in interviews and say "I can't believe how stupid I am". It's victim
porn. It frightens people.
The message speaks only of evil fraudsters and victims. Never is the
technology itself, its providers and the reckless everyday practices
and policies we've become accustomed to actually questioned. We do not
hear;
Why did you send your passport in the post to a so-called "employer"?
Did you not know that the Home Office have said themselves that a
passport is not to be used as a casual identity document?
Why did you enter every detail of your life into a form, loyalty
card or device for legally dubious "food discounts" or a competition
to win cosmetics?
Why did you not insist on paying cash or walk out the store
instead of being bullied into using your bank card some place you felt
uncomfortable about it?
"Lazy technology" allows citizens to bully and exploit one another.
That's a stage of casual insecurity that exists long before it
accumulates into something fraudsters, blackmailers and ransomers can
use for graver harms. It weakens our:
self control and boundaries
situational awareness
operational and habitual security
Messages that the media feels comfortable giving to victims tepidly
align with the interests of "the industry". It keeps them subdued,
docile and deferential to technology which is made to appear
authoritative, scary, other-worldly, uncontrollable, and "inevitable".
We say;
It won't happen to me.
The technology must be safe because many people use it.
It must be safe because it's backed by a big company.
I don't really have a choice Technology-X is "essential to
participate in society now" (total rubbish - there is always
a slightly less convenient alternative).
- ALWAYS Check Downloads for Viruses -
Virus Total
Up-to-date browsers; https://www.virustotal.com/gui/home/upload
Old Browsers: https://www.virustotal.com/old-browsers/
Jotti
https://virusscan.jotti.org/