Jonathan Zittrain and a Cyber September 11

24 MB MP3

“Only if it’s in a safe-deposit box, surrounded by Marines. And it’s unplugged.” This is how Jonathan Zittrain explains how to save your computer from a virus that, he adds, we can’t possibly avoid. When the people who want to destroy the world — we’re talking about terrorists — figure out a way to reward the hackers who actually can, a hundred million people (and some banks, and some airlines) will wake up one morning to computers wiped clean of data that feature, according to Zittrain, a skull and crossbones and the words “you lose.”

He’s describing a virus that is fundamentally more malignant, designed to destroy a good chunk of the capital we have stored up in America as data. It’s nothing that McAfee or Norton can protect you from.

Zittrain is the Jack N. and Lillian R. Berkman Assistant Professor of Entrepreneurial Legal Studies at Harvard Law School, which means that it’s his job to worry not only about the possibility of such a virus, but its consequences. The reaction to a terrorist attack on an open network is likely to mirror that of an attack on an open society: increased suspicion, the possibility of draconian restrictions on coding that may choke innovation and change the value of the Internet.

So Jonathan Zittrain will be in the studio with Chris, but we’re looking for a couple of other people: perhaps Richard Clarke, who made a pet project of cyber security before many people were worried about it, perhaps someone else who specializes in terrorism and the Internet and, we hope, someone who can really outline for us what would happen if we woke up one day without computers.


Jonathan Zittrain

Jack N. and Lillian R. Berkman Assistant Professor of Entrepreneurial Legal Studies, Harvard Law School
From Brendan’s pre-interview notes
The status quo is not tenable. Right now we have a ton of consumers who are clueless, including really powerful computers that are always on and have broadband, this is a recipe for disaster. One tuesday morning we’ll wake up and everything will be wiped, something. Only the forbearance of the virus-writers prevents more virulent attacks.

To prevent more virulent attacks: mostly that we just can’t get enough people to do this, the kind of skill and vigilance needed is not something to be fair to demand of the average pc user.

Vendors won’t improve their products, users won’t improve their habits until there’s a watershed event, a digital 9/11. Aftermath: a public demand for computers to finally act like appliances. “I want the machine that’s not interesting, but reliable.”

Legislation: things are going to be drawn up that would be crude, maybe access should be limited to thtose who can take security seriously, compromise the generative nature of the Internet.

Mark Seiden

A sniffer — looks for flaws in corporate networks — for the Cutter Consortium
From Brendan’s pre-interview notes
Are institutions safe? Of course they’re not safe. they run the same software as the consumers run. They may be better at applying patches, still have the same vulnerability. When the Irish potato famine happened, they all had the same kind of potato. One bug can reach through and kill them all. Basically, it’s all windows. 80 percent windows. If you can get more that fifty percent of the install space infected with a new bug, you can cause a lot of damage.

How do you get in throguh the firewalls. Lots of ways. People have portable machines, connect at home, connect at work. Employees can be induced to download stuff. The perimeter is just too permeable these days.

Judith Perrolle

Professor of Sociology, Northeastern University
From Brendan’s pre-interview notes
The focus on a catastrophic event is sensationalist. It’s so much easier to blame some evil outside person than to make the changes you need to to prevent the smaller events — hard-drive crashes, viruses — that happen much more often. A huge amount of crime is done by insiders, a huge chance that it’s a clerk in a bank than a teenager in Bucharest. We’re vulnerable, to accidents as well as evil people.

The very design of computers, the Internet was fault tolerant, routes around problems. The original Internet is a very nice example of fault-tolerant design.

There’s a trend in our legal system toward reducing product liability. Companies are less and less likely to get sued for product failures if we reverse the trend, make companies more responsible for flaws in computer design.

We need more end-user education, like the seatbelt campaign, and we need safer cars, let’s not have so many ford pintos. You can’t keep bad people from doing things, you can only make the bad things that people do have small consequences.

Will a loss event increase protections? Bubonic plague worked wonders for the survivors, wages went up, really freed up a lot of opportunities. But do we want that? Danger of overreaction. After 9/11, we go to an airport, you have enormously inconvenient, don’t check for contents of containers coming into the country, there are now economic drags in place that don’t slow down terrorists at all.

Tonight’s Music
Gerador Zero of Rio de Janeiro, Brazil.

Related Content