Thursday, January 2, 2014

Recognizing the Need to Blow the Whistle

Listening to the headline summary at the beginning of Democracy Now! this morning, I was particularly struck by the final item. It concerned an editorial published under the title "Edward Snowden, Whistle-blower." In reporting his particular item, Amy Goodman quoted the following text from the editorial:
Considering the enormous value of the information he has revealed, and the abuses he has exposed, Mr. Snowden deserves better than a life of permanent exile, fear and flight. He may have committed a crime to do so, but he has done his country a great service.
For those who have not encountered the details behind this story, the newspaper that ran this editorial was The New York Times.

I wanted to cite this example because yesterday afternoon KGO-TV attributed exactly the same motives behind the hacking of Snapchat. In this case, however, the source they cited was anonymous (lower-case). When the Snapchat story first broke, KGO was there interviewing members of the Silicon Valley technology community, basically making the case that Snapchat management had been informed of security flaws and had been negligent in addressing them.

Anyone who has had to live with the "Patch Tuesday" culture of Microsoft knows that both the reliability and security of software are moving targets. These are not "goals" that one reaches through some sort of hill-climbing technique. They are problems that arise in software not only because of the code but also because of the environment in which the code is embedded, an environment that involves factors that programmers may not know about or cannot control even when they are aware of them. One cannot attribute these flaws to malice; but, if they are not recognized and repaired, they can be used maliciously. The Snowden case provided us with a situation where, because of the "cult of secrecy," recognition itself was problematic, thus leading to exploitation rather than repair. In the case of Snapchat, the consequences have not been as embarrassing as they were for projects like Prism; but those who were embarrassed would probably feel otherwise.

Many of last month's retrospective articles talked about 2013 as "the year when trust died" (or words to that effect). I found those article naïve, to say the least. Swindles are always perpetrated in the name of trust (or, if you prefer, confidence). They were probably with us before history began to be documented, and they were probably remain with us. They succeed under the assumption that suspicion requires too much time and effort, meaning that you might miss out of all the fun. Nevertheless, there will always be individuals determined to prevent the hapless from being victimized; and sometimes that act of prevention requires blowing a very loud whistle.

No comments: