Wednesday, June 8, 2011

Fear is the enemy of Love

Why are you all so afraid?

Today I heard someone talking about the dangers of posting your phone number and address on facebook, as if the yellow pages had never existed, as if the internet had invented the concept of public personal information. I was also informed that placing your birthday on Facebook was too dangerous, as people might be able to infer a significant portion of your SSN with it. I am struck, almost constantly, by conversations of this type in an enormous variety of contexts. I feel like I am perhaps being punished by some cruel set of tricksters, intent on stealing the dignity from human relations by the twin tactics of fear-mongering and protectionism. 

Here's the message in a nutshell: We must all be gravely afraid of allowing anyone access to any of our information, lest it be used against us, and we must all submit all of our information to the benevolent government, lest someone among us is hiding his evil intent. Nevermind that fearful self-suppression is an excellent tactic for reducing freedom and convenience, and gives service providers the excellent excuse of “they should have protected their information better” when confronted with the incredible stupidity of their security mechanisms. Never mind that governments have been known to abuse their powers from time to time. Let's talk about practical examples:

  1. I need a password for every damn website I go to. This is insane. I understand that they want a username... it helps them to identify me repeatedly. Some transactions do indeed need to be secure, like payment, bank management, and social things like email and Facebook. There are glorious third party providers for payments---paypal springs readily to mind with googlecheckout in close pursuit---so I should basically never have to give some random website my own payment information. If credit card companies were smart, they'd build similar services for visa, mastercard, discover &c. Right, so that eliminates the need for 90% of legitimate passwords. Now let's look at some truly hilarious ones. Hulu, Netflix, Pandora... what possible reason do I have for protecting these accounts? What can anyone learn from the fact that I watched yojimbo yesterday? What horrible vandalism can occur? The reorganization of one of my queues, the destruction of one of my stations? Who would profit from that? The plain fact of the matter is that banks, payment services, and communication services should have passwords and everything else should be username only. This would have the glorious secondary effect of preventing me from having to worry when one of those services was compromised. PSN springs immediately to mind. What possible value is it to me to password authenticate my GAME PLAYING with them? And yet, due to their shoddy security, I am now obliged to change many actually sensitive accounts. This is madness.
  1. Personal information. I have been asked to be terrified of Facebook, Myspace, and every other social networking thingy known to man. I have been instructed to obfuscate my identity to the maximum extent, to permit only my closest, most vetted comrades into the deep waters of knowing how to contact me, and what movies I like. I'm baffled by the idea that someone who was willing to put their name address and phone number into a yellow book passed out to every person with the same area code would have any qualms at all about having the same information available in the convenient modern equivalent. I'm even more troubled by the idea that something that you're willing to share with your 500+ acquaintances on the great book of faces should be of concern to your employers. I understand the desire to know your employees better, but frankly I think there are good ethical reasons to restrict the scope of an employers hiring information gathering to your previous work experience and current work performance. Reputation is a thing that requires scope to be meaningful. 24 hour news coverage and the glories of the internet seem to have conspired to give us the impression that my decision to imbibe in college, has any bearing whatsoever on my ability to write excellent code, show up to work on time, and get things done. These are careful attempts to restrict free expression in the name of pragmatism. As if it is somehow okay for there to be mass campaigns encouraging censorship because some employers are scurrilous enough to believe they have a right to pry into our personal lives.

  2. Social Security Numbers. I hope to God that someone manages to steal the entire Social Security database and posts it straight to Wikileaks, drops it onto Bittorrent, and links it from every forum on the internet. Social Security Numbers are just names. Think of them as your second middle name, the one the government uses because not everyone's parents are creative enough to dodge “John Smith”. Why in hell would anyone consider a 9-digit numeric code to be anything even remotely approaching a secure identifier. If it was a password, it would be the weakest kind on earth. The fact that any institution at all has ever even once considered the knowledge of that number to be a valid means of establishing someones credentials is deeply disturbing. The sooner they are paradropped into the public sphere the sooner we can acknowledge this obvious truth and move on with our lives. Good, now that I've solved identity theft for you let's talk about security and terror.

  3. Airport security. I have so little to say about this that hasn't been said. Go read some Bruce Schnier. We keep accepting bad security solutions to make us feel better (in the short run), to make us feel like we're doing something, even if they cost us piles of money. Then, when the bad solutions are inevitably circumvented we get more scared and add more bad solutions, instead of recognizing the dumbness of the last ones and rolling them away. By this process do we erode our liberties and dignity while improving our safety not at all.  Gross.

  4. But of course airports aren't the only places where this shit happens. We are being taught constantly to be afraid, as if the world we live in has grown insanely dangerous now. What, tell me, has changed in the dangers of our day to day life from 20 or 30 years ago? It's not like we just invented firearms. It's not as if there were no murderers in those distant past years.  Look:

    There were plenty of drugs, and there was plenty of booze... (Note the peak in murders under prohibition... looks like booze is probably a good thing to have legal) There were school bullies then too. Why is it that we are only now confronted with metal-detectors in elementary schools, lawsuits against name-callers, and an urgent warning never to allow our addresses to be known? 

1 comment:

  1. I love the kinds of things we are afraid of. I remember hearing that women should check under their cars before unlocking the door, because sometimes rapists hide under cars and slash their victims' achilles tendons to prevent tendons from running.


    And the whole "needles in Halloween candy" thing makes me laugh every time.

    My friend's dad is a well respected, successful, intelligent lawyer and an overall great guy. I once saw him drunk and he wouldn't shut up about how the government is monitoring our activities via orbiting satellites, and that their resolution is so good that they can identify who you are and what you're doing. Suddenly I understood why his son was always going on about securing his Linux box and using a GPG Firefox Add-on to encrypt his GMail.

    I wonder where this crap comes from sometimes. Then again, I don't. I mean, I'm terrified of spiders. We have dangerous spiders in this part of the country, but it's not like the incidence of spider-related injuries is particularly high. It's just part of our physiology, I think. You find a situation that COULD happen and you become afraid of it.