Notes on security

We are on a constant quest for security. Whether it is a safe home or a secure allocation of our private assets, humans crave security for ourselves and our community.

So it makes sense that it would be the central topic for all of the top news stories of 2018. In a world of growing confusion, security is an easy narrative to follow. Border walls. GDPR privacy acts. Facebook data breaches. Migrant crossings in Central America and Europe. Equifax. Hacked electoral ballots. We know the gut-wrenching feeling that comes with insecurity.

And whether it’s digital or physical, security is about defining your enemy. It is about determining who should be left out and who should be granted access.

We can easily understand the paradox between security and freedom (start talking about The Patriot Acts and such a debate is sure to follow). But we rarely talk about the other strange reality: security, by nature, is retrospective.

We patch and fix after finding a security flaw. We beef up physical security when we learn of failures in other schools, airports, or public places. We find companies culpable of digital malfeasance only after they have access to our credit card information, social security numbers, or our browsing history. We are always trying to keep up with the next big attack.

And with the advent of IoT and cloud-based services, more of our physical security is determined by digital security measures. But as Edward Lucas points out in Cyberphobia, the internet was designed with open-sourced collaboration, research and iteration in mind; it was not, however, created to secure our national or personal interests.

The last few months have been an inflection point for our definition of digital security. We’ve seen undetected ransomware can shut down a city. We’ve had to face the reality that a security flaw could take down a power grid. And now 3D-printed guns is just the latest sign that physical security is directly tied to our use of digital spaces.

And this tight connection between digital and physical worlds is made even more complicated by the retrospective nature of security measures. Even though federal judges blocked downloadable 3D guns at the beginning of August, the damage to our security was done long before that. No injunction or act of legislation can overcome the basic premise of the Internet. As a network built on collaboration and sharing, one download in the past is enough to pass along that information indefinitely. So long as a 3D printed gun has been downloaded once, it may as well have been downloaded one thousand times. Because if the print was available in some digital capacity before, it will be possible to spread the information in some other digital form in the future.

We will only ever be as secure as our most vulnerable part. In the digital space, we are constantly fixing vulnerabilities, searching in vain to control the interconnected web of collaborative information we call the Internet. It is the harsh reality of our digital world – the free flow of information creates an impossible funnel of misinformation and dangerous information to which our definition of security will always be chasing and reacting to.  

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s