I think both your and Roger's point is well taken... bigger picture,
greater good, all that.
Just as adding deadbolts to my doors at home or putting a lo-jack in
my vehicle, or keeping a loaded gun in my bedstand would feel like
inviting in the bad things they are supposed to keep out.
I look at it not that differently from how I hope a legislator looks
at a problem like this.
A legislator creates systems of rules which aim to serve his or her
constituency and the country in general. From this, at least in
principle, products need to be reviewed for safety, health care
providers are held to a standard of performance, buildings are built
to code, people are entitled to see their credit reports, privacy is
ensured, and so on.
Putting aside the secret law that allows for opportunistic use of
intercepts, here, in the United States, there is the public law that
search and seizure requires a warrant, and for that warrant there
needs to be probable cause. It's reasonable to be concerned about
what probable cause means in the case of large scale data mining.
It's appropriate to be skeptical about statistical integrity of
conclusions drawn from a mechanism that's only useful purpose is to
generate hypotheses -- the definition of data mining. If an analyst
does not need to test the hypothesis from other independent
observables, and argue to their case to critical ears, then it is
just guesswork. The might as well type in a record in their database
with the "50.001% suspicion" and begin their target intercepts.
Assuming they even need to do that, it's not good enough. It's
especially not good enough if some half-cocked search and seizure
occurs without any strong technical system in place to record that it
occurred, or any recourse to complain. This is a recipe for abuse.
I think the overriding, long-standing public law needs to have some
technical teeth to make sure it is enforced.
That pesky little 4th amendment? It seems pretty fundamental to our
culture (as well as our system and rules of law). It must really gripe
the asses of myriad small-time law-enforcement (and maybe big time ones
too) who have had (in their minds ) their "hands tied" by this little
bit of forefather forethought over and over only to have it completely
disregarded at the highest levels?
I don't expect my non-technical friends and family to armor their
systems. At this point I wouldn't bother myself, except as an
intellectual exercise and as a bit of open source activism. But
people do have the right to have systems that are armored, and that
there is no reason to have bad juju about it.
I am on the fence about this one. I agree that securing your private
electronic communications should be no more a threat to national
security than choosing to talk with someone in private or keep your
documents in a safe or safety deposit box. The bad juju *I* think of
is the one that has people (or more common, their kids) wearing crash
helmets to walk down the street or moto-cross armor to ride their
bicycle on a bike path.
While I suppose that the widespread adoption of car alarms might have
done something to reduce the number of car thefts, it mostly just
irritated the shit out of the rest of us when nobody could park their
car without making their horn "chirp", leading everyone else in the
parking lot to swivel their head if not jump, thinking they were being
"honked" out of the way. Or the days when alarms would go off in the
middle of the night and run on until the battery got too weak, or until
an irate neighbor jacked the hood and unhooked the battery cable.
The way I would imagine it working at scale is that customers would
create demand for hardware and services to show (say, by an automated
process to bootstrap the appliance from source code and then run
related open test suites to vindicate it) that the e-mail appliance
they purchased was in secure to the best known practices. That, for
example, a single byte would never hit disk/SSD or be sent over a wire
that was unencrypted. The bar for how secure is secure can be an
ongoing discussion. One could imagine the RAM buffers and caches
holding the unencrypted data even need to have physical protection,
like a TPM module does.
I agree that such should probably be(come) the standard just as firearms
all come with a safety mechanism to prevent accidental discharge and
perhaps "soon" they will come with something like trigger locks.
The bad guys planning their jihad over open e-mail or cloud services
are a dumb and dying breed. It should be clear now that it is
irresponsible for the U.S. to count on that working in the future.
Arms race... red queen gambit...
============================================================
FRIAM Applied Complexity Group listserv
Meets Fridays 9a-11:30 at cafe at St. John's College
to unsubscribe http://redfish.com/mailman/listinfo/friam_redfish.com
