I'm a security engineer with a lot of side projects, most of which find their way here. I like to center my research around computer security, cryptography, Python, math, hard problems with simple answers, and systems that uphold their users' values.
You can also find me on Twitter.
16 January 2016
Politics in Software
This is the start of a two-month series of posts on the intersection of politics and technology. The series consists of two bookend posts, with a number of focused topic discussions in between; this is the first bookend post. Now that the series is concluded, this post has been lightly edited to add links to the later posts.
Near my family's house in Seattle are two major construction projects. The first is building a new, refurbished waste transfer station; the second, a new corporate headquarters. In spite of the differences in these buildings' purposes, I'm willing to bet that the labor crews for each have pretty similar feelings towards their work. What difference does it make, being a bricklayer for the state or a bricklayer for private industry? Perhaps not much. It's understandable how most people tend to view their work as apolitical.
And yet, in building something that other people are going to use, you are in some sense helping those people, and so perhaps we should give serious thought to who it is we help. In some domains it might not matter much -- certainly there's no shortage of people who can lay down bricks -- but in other domains, very real political shifts can take place without anyone caring or even noticing.
This probably sounds pretty abstract. The goal of the series I'm writing here is to bring this discussion down to earth. I'm going to try to illustrate, through concrete examples, the real and serious political consequences of the choices people make on what projects to support and what projects to ignore.
I'm focusing on software issues. There's a reason for this. A lot of people see software development as "digital bricklaying", and not without good reason: both have the potential to be menial, repetitive, borderline rote tasks with little reward aside from wages. It would be a mistake, though, to let this comparison lead us to assume that software is no more political than other menial crafts. As soon as we get into social issues, the comparison breaks down.
There can be deep political ramifications to software design decisions. Most people turn a blind eye here, or take only a superficial interest, caring about the politics just long enough to let someone convince them they're on the right side, then wandering off in a happy haze to implement some new half-baked idea. Half a year later, that idea is raining down all sorts of unintended consequences. This is the sort of thing we would call naïveté, if it were harmless. But when it impacts people's lives, we don't have the luxury of being so kind.
It's not all bad. Yes, we have lots of people out there with vested interests in ensuring copyright law continues to lag behind the digital age because they profit by abusing its archaisms. But we also have people like Cory Doctorow and Parker Higgins and Sarah Jeong and many more like them, people sincerely committed to tracking the issues, fighting the good fight, and making sure the rest of us can keep up with them, too.
Yes, we have the NSA and its allies actively working to undermine the technologies that keep us all safe and secure online, and recruiting as much talent as they can into their closed ecosystems, indirectly hamstringing public-domain research into technologies that grow more important with each passing month. But we also have the likes of Bruce Schneier and Phil Rogaway, the latter of whose linked paper is far and away one of the best publications in recent memory. These people are at the forefront of the modern issues in security and cryptography, and seem to be doing everything in their power to help advance the public good.
With so many intelligent, articulate, well-educated, well-connected, and well-respected voices on these issues, it almost feels arrogant or presumptuous to add my own. What do I have to say that our current luminaries haven't already said better?
I don't have a good answer to that question. The fact is, in order to pass my major's senior sequence I need to write a seven-part series of blog posts connected by some central theme, and I couldn't find any other theme that sat as well with me as this one.
I strongly encourage the reader to spend whatever time they can on the works of the people I listed above, and others like them. But just in case you decide to spend some time with me as well, here's a bird's-eye view of the topics I'm going to be taking on in the next installments.
- UEFI "Secure Boot", its consequences for open source, and the dangers of letting moneyed interests write the standards we're all going to use. (link)
- The sharing economy, how it's cool in some ways, and how in other ways it's really not. Due to the economic and regulatory angles, this is one of the most rich and nuanced examples of technology's political dimension. (link)
- The problem with media platforms refusing to pick sides in issues involving harassment. It is commonly believed that non-involvement is a neutral stance. This could not be more wrong. (link)
- The trend towards, and ramifications of, trying to legislate reality, where lawmakers demand technologies that simply do not -- and often cannot -- exist. (link)
These topics may move around a bit as I realize how much or how little I may have to say on the different points here. The first one should be up some time next week!