Thursday, March 01, 2007

The Security-Industrial Complex

Had a good swim this morning. Slightly disheartening to notice that the woman in the lane next to be was swimming better and faster than I was. The issue wasn't that she was a woman, it was that she only had one leg.

In the afternoon I wrote the following for a newspaper in London:

What does the HP printer on my desk have in common with the war on abstract nouns, your neighbourhood watch scheme and ID cards? The answer is, the "Security-Industrial Complex", 9/11's grown-up version of the Cold War's military-industrial complex. Instead of western economies and jobs being dependent on huge government contracts to produce nuclear missiles, tanks, military uniforms and port-a-loos for soldiers, western economies and jobs are becoming largely dependent on fear-fuelled obsession with "security", whatever that may mean.(gotta love those abstract nouns!)

The examples are all around us: the CCTV that just about every neighbourhood watch scheme is trying to get hold of (usually with help from the National Lottery), the little bits of plastic whose embedded computers will keep our biometric data safe in our pockets, not to mention prisoner tags, RFID shirt collars, number-plate recognition systems, security guards outside supermarkets and metal detectors at public buildings. Which just leaves my HP printer...

At the recent Netevents European Press Summit, held in Evian, France, many of the big names in networking and computing were making a fuss about the changing nature of IT and communication, and the demands that the police state are putting on it. A police state requires that data about everything is held until the end of time, the public, however, expect to be able to surf the Web and check their email while out and about, buy stuff by credit card on eBay and generally take advantage of wireless networking coupled with cheap broadband. The problem is that secure computing and mass surveillance don't exactly go hand-in-hand.

For computer systems to be secure, they must hold the minimum amount of data possible, and the data they do hold should be hard to access. For computer systems to be useful in the context of fighting imaginary enemies in the war on terror, they must hold records of every transaction they carry out, and must be able to provide those records to the very select group of government agencies and tens of thousands of companies across the globe who may have "legitimate" needs to access it.

Fortunately, help is at hand from the security industry. According to companies such as HP, trust is at the heart of the problem. By buying hardware that is "trustworthy", and buying computers and software which will only work with such hardware, we can sleep safely in our beds. For readers unfamiliar with this use of the term "trustworthy", here's a possible definition: "US-made, certified by Microsoft and Intel. Certainly not cheap hardware from Asia."

As for printers, many will reject refilled ink cartridges, or ink cartridges made by third-party companies. Such cartridges, we are told, are interpreted as counterfeit by the printer. Counterfeit goods, from ink cartridges and pirated DVD's to perfumes and fake Gucci handbags fund terrorism, or rather the security-industrial complex. Which is what allows us to have the money to buy the printer in the first place.

No comments: