From: ReadWrite

Online Lord & Vassal

ReadWrite: I read your blog post the other day about Facebook having a “feudal lord” relationship with its users. Tell me what feudal security is.

Bruce Schneier: The notion that as computers and computing becomes more of a utility, we as users, we have to trust vendors. And we have no ability to know how they work – for security. I couldn’t even tell you what operating systems they use, let alone what type of firewalls. We have to blindly trust that they will maintain our security.

RW: Is that lack of transparency between companies and users one of the bigger issues within security today?

BS: I think it’s very important…This is how the world works. When you turn on the tap, you know nothing about why that water is safe – you know nothing about the process that makes that water safe. You know nothing, and yet you trust it. This isn’t rare, this is normal. But in the case of water, for example, there’s a lot of government regulation that goes into making that water safe. There’s a whole lot behind that that we just don’t have with computers. You don’t have the government regulations, you don’t have the intervention that forces companies to take your security seriously. That’s the fundamental problem.

RW: How about digital rights management? That’s part of it too, right?

BS: It’s all part of it. Basically, we are losing control as we give all of our data into the cloud. There’s a whole lot of good reasons to lose control, because other people can do it better than we can. But there are also risks to that. The benefits of the cloud are enormous – in terms of quality, in terms of reliability. Your pictures are much safer on Flickr, but you have to trust their security.

Government Security

RW: With regulation on the way, are we as users, as consumer, are we moving closer to improved privacy, or are we moving away from it?

BS: Unfortunately the United States has such a dysfunctional government right now, I can’t imagine any serious legislation. I just can’t imagine us doing it. I’d love to see it, I think legislation is important. We’re the United States, you can’t have serious legislation – you can’t have a serious policy debate… I think they’re going to start recognizing it, but I think it’s going to take a generation.

RW: What about Obama’s new online sharing strategy? The White House is saying they’re committed to more transparency with the way the Internet works and having less government regulations. Do you believe that?

BS: I think less government regulations will make this worse. And I do believe it. You do need laws to set a playing field, to set boundaries – and we’re not getting that. Unfortunately, I do believe that less regulation, that would not be a good thing. I think lack of regulations has gotten us in this mess in the first place…There’s no reason for companies to take security crimes to seriously. As long as they have them in operation as is, there’s no market reason, even without them operating. As long as the market decides not to compete on it, it’s not going to be something that consumers can choose. You have no choice, really, but to choose a feudal lord. You don’t have the ability to opt out. This is the 21st Century, you can’t opt out of the Internet.

RW: So do you yourself use Facebook and some of these feudal lords as well?

BS: I personally don’t use Facebook, but I certainly use others.

Read Complete Article