Sunday, January 18, 2004

Telirati Newsletter #37

For four years now our privacy has been hanging in the balance, and there it remains. The next major developments of PC technology could turn personal computers into tools of mass surveillance. Microsoft could, still, do for Linux what Linux has failed to do so far: provide a compelling reason to use Linux on the desktop.

Telirati Newsletter #37: How not to win friends and influence people

Intel recently attracted a lot of bad publicity for the Pentium III processor. They managed to take a fairly innocuous feature, a processor serial number, and turn it into a scary public relations monster that will be very hard to kill. A boycott was called by several privacy advocate groups, which Intel’s waffling response has so far failed to lift. Intel’s mistakes stem from a recent trend in the industry to forget what the letters “PC” stand for. They stand for “personal computer,” of course. And that implies a number of things that, if not properly attended to, can lead to ruptures in public trust deep enough to jeopardize a serious percentage of market share for the Pentium III.

A personal computer is personal, more personal than a car – more like one’s toothbrush, or underwear. Let’s see how our personal effects can be improved through technology: One could create a product that would detect and report body odor, tag the data with a unique ID, and ship it out over the Internet, whereon your Internet service provider could do you a substantial favor by sending you an e-mail suggesting a fresh change of knickers, with suggestions based on the weather report, perhaps. With on-chip sensors and a bit of radio technology, such a product could be built cheaply and pay for itself by optimizing the use of deodorant and laundry detergent. And we have all known cases in the high tech industry where better underwear management is needed. The low-cost technology both Intel and Microsoft have developed for interactive toys could be applied here.

Expressed in these terms it should be easy to see why technology that invites the wider world to pry into our personal communications and works, and in our choices of entertainment and diversion are soundly and broadly rejected. Yet, for some reason, people who should know better cave in to government spooks and entertainment industry rent-seekers and end up kissing the hot stove of visceral public rejection.

As computing technology creeps ever further into consumer electronics, similar faux pas follow, and with just as much success. Remember the V-chip? The TV makers are trucking their V-chip equipped sets to the landfills after they blighted store shelves for longer than retailers could stand. Space in the dump has also been reserved for DIVX, a video disk technology that reports your viewing habits to a license authority, via modem, while you are sleeping. Too few customers see the charm in this.

Intel’s blunder does not end with serial numbers, unfortunately. The same entertainment industry wizards that spawned the V-chip and DIVX have put some truly awful stuff into Intel’s hardware plans. According to Intel’s Dan Russell, as reported in IT Week, "Other security primitives that will be built into future PCs will support random number generation, digital signatures, secure storage, hidden execution, smartcard access and biometrics.” Very nice: your computer can execute code you cannot detect, it can store stuff you cannot get at, and if you get busted for making an illegal copy of Zardoz, it will pick you out of a police lineup. This is supposedly for the purpose of “content protection” but there is nothing to prevent really nasty invasions of privacy, much worse than could be caused by the processor serial number, through the same facilities. Personally, I’d rather have the underwear monitor.

Microsoft has so far avoided this mess. But perhaps not for long. Microsoft is attempting to create operating system facilities for content protection. One wonders how this is to be accomplished. Will it become illegal or against license provisions to write multimedia device drivers that spoof the system into thinking it is playing to a device, when actually the software is recording an unprotected copy of a work? Preventing this from happening implies mechanisms that would assault the freedom of peripherals makers, ISVs, and customers so deeply as to invite a stampede for the exits. Microsoft has a knee-jerk reaction to Intel’s serial adventures in promulgating standards. “Leave it to us. We do the software.” This is the canned response Microsoft puts up in every case. For content protection, however, Microsoft would do well to leave this public relations Afghanistan to the hardware guys.

Many of the most tantalizing possibilities for computer and communications technology are in areas that can make customers uncomfortable if handled incorrectly. Speaker recognition, transcription of casual speech, intelligent video and machine vision, even voice stress analysis, all hold opportunities to create systems that can amplify our productivity. Systems that know what we said, who we said it to, on which topics, and that can automatically link this information with documents, schedules, and Web searches can actually make us seem smarter than we are. Unless customers are certain these technologies will not be used to amplify the power of surveillance as well, they will go unused. If you develop these technologies, make certain you use strong cryptography in conjunction with them. The result could be systems that enhance human powers in unimaginable ways, and, simultaneously, protect us from unwelcome prying, and make us more secure in our documents and effects. This is a future people will readily pay you to provide.

Copyright 1999 Zigurd Mednieks.