Learn from the mistakes of others

Bruce Schneier is well regarded in IT security circles. Reading one of his recent(ish) posts has helped crystalise a few thoughts I've been circling around lately.

He argues that there is a battle for ownership over your personal computer - between you, who paid for it, and organisations and people who'd like to control what you can do with it ...

He argues that the actions and efforts of a variety of vested interests are significantly undermining the security of our property in pursuit of their interests - in particular efforts such as DRM and similar technologies [A couple of his examples have been cogently criticised but his main argument is still sound]:

There is an inherent insecurity to technologies that try to own people's computers: They allow individuals other than the computers' legitimate owners to enforce policy on those machines. These systems invite attackers to assume the role of the third party and turn a user's device against him.

Remember the Sony story: The most insecure feature in that DRM system was a cloaking mechanism that gave the rootkit control over whether you could see it executing or spot its files on your hard disk. By taking ownership away from you, it reduced your security.

This short discussion piece, which was originally published in WIRED, has helped me formulate my thesis proposal. I agree with him, and perhaps might even go further - self-determination is a human right. I see nothing to suggest that abrogating that because "it is too hard to bother to produce informed, independent adults" has anything but ugly consequences - for us all.

Schneier is concerned that [in] the hacker sense of the term, your computer is "owned" by other people and that those other people are not interested in us at all. I'd go further and argue that they are interested in us - as sheeple.