

Diffie: Don't secure the internet, it needs crime - matan_a
http://www.zdnet.com/dont-secure-the-internet-it-needs-crime-diffie-7000005958/

======
unicornporn
These ideas sound a lot like one of the more amusing texts by Marx that I
rediscovered just the other day. In Swedish it's called "brottets
produktivitet" which roughly translates to "the productivity of the criminal".

With every crime a chain of business emerge where only first link is in itself
criminal. For the internet security companies, graffiti removal services,
security consultants, lawyers, anti-theft system resellers, locksmiths,
insurance company and so on – it's business as usual.

I've found a part of text here:
[http://www2.cddc.vt.edu/marxists/archive/deleon/pdf/1905/apr...](http://www2.cddc.vt.edu/marxists/archive/deleon/pdf/1905/apr14_1905.pdf)

 _“A philosopher ‘produces’ ideas, a poet poems, a preacher sermons, a
professor text-books, and so forth. A criminal ‘produces’ crimes. If we look
more closely at the relation in which this branch of industry stands to
society, not a few prejudices will drop. “It is not crimes alone that the
criminal ‘produces’; he also ‘produces’ criminal legislation, and, as a
consequence, he is also the first mover in the ‘production’ of the professors
who ‘produce’ lectures thereon, along with the inevitable text-books in which
these professors cast their lectures as ‘goods’ on the markets of the world. .
. . “Furthermore, the criminal ‘produces’ all the criminal and correctionary
branches of society—police, judges, hangmen, juries, etc., besides all the
several branches of industry demanded by these, and all of which constitute
just so many categories in the scale of social labor, develop different
faculties of the human mind, create new wants and new means whereby to satisfy
them. . . . “The criminal ‘produces’ an impression—good or bad, as the case
may be. He thereby ‘renders a service’ to the moral and aesthetic sentiments
of the public. It is not only text-books on criminal legislation that the
criminal ‘produces’; he ‘produces’ not merely the penal law itself, and
consequently the legislators of that law. He also ‘produces’ art, literature,
novels, even tragedies as shown by the appearance of Mullner’s Tanjte,
Schiller’s Robbers, the Oedipus, and Richard III. The criminal breaks the
monotony and humdrum security of bourgeois life, he thereby insures it against
stagnation, and he arouses that excitement and restlessness without which even
the spur of competition would be blunted. Thus the criminal furnishes the
stimulants to the productive forces.”_

~~~
smanek
<http://en.wikipedia.org/wiki/Parable_of_the_broken_window>

~~~
kokey
The fact that several people commenting here spotted that error, and still
managed to frame the useful part of the argument properly, has given me
renewed appreciation for the HN community.

------
zb
It's unfortunate that he invoked the ridiculous broken window fallacy
(<http://en.wikipedia.org/wiki/Broken_window_fallacy>) in the course of making
his real point, which was that making the internet secure or reliable from the
bottom up is prohibitively expensive and that security and reliability should
be layered on top only where required.

~~~
lostnet
His "broken window fallacy" like point is an important one, but he poorly
justified it. Stopping one rogue window breaker is admirable, stopping them
universally has its disadvantages.

The proposals for a secure network usually include avoiding the security
confrontation through vetting users, extreme legal protection, etc. These
solutions prevents us from maintaining 'glaziers' at all, which in turn leads
to catastrophe when our global security solution fails.

For example, if the FBI virtually eliminated viruses by chasing individual
virus writers internationally with extreme laws and international agreement we
would be even more vulnerable to the threat of state backed cyber attacks.

It is really a "War of the Worlds" analogy.

~~~
mseebach2
So, the argument is that you _can't_ stop all the criminal, rather than that
it's undesirable to do so. As you wind down the population of criminals (at
increasing marginal cost), you wind down the incentive to protect against
crime, making the lives of the remaining criminals easier (further increasing
the cost of apprehending them).

------
qq66
Ignoring the nonsense logic quoted here, the Internet _does_ need crime
because any medium that does not have crime does not have true freedom of
expression.

A street where it's impossible to be mugged is also a street that you cannot
freely walk down with no restrictions. Something fundamental about the act of
walking down the street would have to be removed for it to be completely free
from crime.

Similarly, a computer that can't get malware isn't a truly general-purpose
computer -- it cannot run an arbitrary program.

~~~
michaelfeathers
Yes, I was surprised that this was not his argument.

------
qznc
Somewhat related link: [http://thisorthat.com/blog/why-the-joker-and-not-
batman-is-t...](http://thisorthat.com/blog/why-the-joker-and-not-batman-is-
the-savior-of-us-all)

"What if I told you that Batman is not the true hero in the Dark Knight saga?
What if I told you instead that if The Joker did not exist, Gotham would be
overrun by organized crime families and the corrupt politicians that live in
their pockets? And what if I told you that there is mathematical proof of this
argument's validity?"

~~~
wisty
These Jokers, would they be the equivalent of "Hacker Manifesto" type hackers
/ groups like Anonymous?

------
fiveliterstang
Silly notion, this is the same logic we use when we bomb a country then send
people in to fix it up again.

~~~
alan_cx
Very good :)

..... And as we know, that could never happen...

------
jiggy2011
I think you will always have cyber-crime or any type of crime for that matter.
One thing that keeps a limit on the number of things that are considered
criminal is that there is only so much that can be enforced. If people stopped
doing things like murders it would free up enforcement resources to go after
smaller perceived wrongs.

This article is quite vague, I don't see how it would be possible to make a
truly secure internet without figuring out how to develop 100% non exploitable
software.

The article also doesn't seem to draw a strong distinction between security
and cryptography, this is something I have to explain to people _all the
time_.

------
trotsky
The comments on this article, including Marx and an indirect link to a journal
article about game theory in a biology journal are a great example of the "je
ne sais quoi" that keeps me coming back to hn.

