The Blog

Why Technology Has Doomed Us

2:01 PM, Jun 6, 2014 • By JONATHAN V. LAST
Widget tooltip
Single Page Print Larger Text Smaller Text Alerts

A buddy of mine who works in tech has been telling me for years that we're all doomed. The problem, he says, is that there are too many systems that are too unsecure. When Stuxnet hit, the only aspect of the hack that surprised him was that the American security establishment was willing to show the rest of the world what was possible. The only rate limiting point with hacks, he explained, is intersection of imagination and resources.

He's not alone. Last week tech writer Quinn Norton published a magnum opus on security making essentially the same argument. She called it, "Everything Is Broken," and to read it is to despair about the technology that is driving our future.

Here's Norton's lede:

Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and started playing with it. In the process, he figured out how to get total administration access over a network. He put it in a script, and ran it to see what would happen, then went to bed for about four hours. Next morning on the way to work he checked on it, and discovered he was now lord and master of about 50,000 computers. After nearly vomiting in fear he killed the whole thing and deleted all the files associated with it. In the end he said he threw the hard drive into a bonfire. I can't tell you who he is because he doesn't want to go to Federal prison, which is what could have happened if he'd told anyone that could do anything about the bug he'd found. Did that bug get fixed? Probably eventually, but not by my friend. This story isn't extraordinary at all. Spend much time in the hacker and security scene, you'll hear stories like this and worse.

What Norton is getting at is that our lives are run by computers and that computers are run by software and that "software" is more complicated than you or I or any of us really understand. It's not just an operating system or an app:

Software is so bad because it's so complex, and because it's trying to talk to other programs on the same computer, or over connections to other computers. Even your computer is kind of more than one computer, boxes within boxes, and each one of those computers is full of little programs trying to coordinate their actions and talk to each other. . . .

Your average [pos] Windows desktop is so complex that no one person on Earth really knows what all of it is doing, or how.

Now imagine billions of little unknowable boxes within boxes constantly trying to talk and coordinate tasks at around the same time, sharing bits of data and passing commands around from the smallest little program to something huge, like a browser - that's the internet. All of that has to happen nearly simultaneously and smoothly, or you throw a hissy fit because the shopping cart forgot about your movie tickets.

We often point out that the phone you mostly play casual games on and keep dropping in the toilet at bars is more powerful than all the computing we used to go to space for decades.

NASA had a huge staff of geniuses to understand and care for their software. Your phone has you.

Plus a system of automatic updates you keep putting off because you're in the middle of Candy Crush Saga every time it asks.

Because of all this, security is terrible.

The pessimist's case is overwhelming.

And the only thing the optimists have to say for themselves is this: The real world is often held together with duct tape and gum wrappers more often than we'd like to know. It's not like the electrical grid is some well-planned master design. Or the system that gets water into your kitchen tap is as secure as Fort Knox. The real world has all of the vulnerabilities and weaknesses that occur any time legacy systems last long enough to get new infrastructure built on top of them. And the real world has managed to limp along well enough, because most people are good folks.

Yet with computers, there is a difference: Someone who wanted to sabotage, say, the reservoir in Washington, D.C. would have to physically be there. Proximity and familiarity help to keep people on their best behavior. Computers and the Internet create immediacy and anonymity.

And those are two situations that do not generally lead to pleasant outcomes.

Recent Blog Posts

The Weekly Standard Archives

Browse 18 Years of the Weekly Standard

Old covers