Merit argument: the real issue

In for a penny, in for a pound, I guess. In any case, the local Usenet warriors are gonna have a lot of fun with this one... :O

It is a tradition as old as the history of mankind that one of the essential requirements of adulthood is the ability to judge whatever is relevant to one's survival. In practice, this includes other people as a primary example, but it also includes anything that might have an impact on one's daily life. For guys, this means whatever turns out to be a requirement for the possibility of thriving, however that is measured.

Examples well understood are tools, equipment, means of transportation, shelter, food supplies, etc. In the third case, some part of the ethos of western male ego-boo is the ability to "get it done" whenever such is required. Centuries ago, that meant a man had to be a good judge of horses. More recently, that meant a man had to be able to keep the automobile operational, whether that meant doing the work directly, or overseeing the quality of work done by others. It meant, in any case, a certain degree of knowledgeability about such things.

A sea change in all this has apparently occured. Most products now available upon which such survival considerations hinge are of a quality that knowledgeability of the older sort appears no longer necessary. This is an illusion, however.

In fact, no such sea change has taken place. What has happened is that we are not easily able to identify what sort of things require the older kind of judgment. There is a rule of thumb here that always works: identify that which is new in kind, instead of that which is new in degree. Obviously, the matter of computers satisfies that rule of thumb, even though that fact is not generally recognized. I suspect that it will become so, and probably sooner than many people will find comfortable.

In order to understand this new phenomenon, it is necessary to look more closely at that to which we are accustomed. The historical tradition is clear: the worth of a thing resides ultimately in its quality, which is testable by inspection. We can test a device or system and determine whether it has value, but only if we know what we can or should expect. For physical devices, a physical inspection is relevant, even if complete deconstruction is ultimately required. It's not necessary that we all know the details of all of these, only that we can (or believe we can) acquire such knowledge at need. In the meantime, we can discover whose expertise in these regards is reliable, who can we trust to tell the truth of the matter in any given issue.

The historical tradition is equally clear about those issues that are not tractable to such inspection. Such issues become subjects of myth and acquire much mbutt and inertia accordingly. Matters relegated to religion, politics, psychology, etc. fall in this category. In short, there are things we deem knowable, and there are things we deem unknowable. And there is customarily a clear division between the two.

What has now happened is that we have the first example of an issue that is neither clearly knowable, nor clearly unknowable. That example is proprietary computer software. By extension, that also means modern home computers. In essence, home computers are clearly known by their creators, but are ultimately unknowable by anyone else, most importantly those who purchase them and are their end users.

The point is that we are very clearly informed that we cannot ever know what proprietary software actually does and does not do, unless we have some very sophisticated monitoring equipment to observe same in action. And even then, there are aspects of computer function that are virtually impossible to monitor, and for reasons somewhat akin to the quantum dilemma: take a look and you risk destroying what you observe!

The result is that computer science has taken over the place of rocket science as the sine qua non of arcane knowledge. All because the actual operation of the machine is extremely difficult, if not impossible, to determine. In the parlance of the technically literate: binaries cannot be deconstructed (decompiled?) into source code, and so the original intent can never be determined.

So here we are, with our home PCs becoming an ever more important part of our daily lives, and we have no way of knowing what they are actually doing. Unless we limit ourselves to open source software, that is. And we all agree that few people so limit themselves. Which leaves the public, by and large, completely vulnerable to insidious abuse and misuse at the hands of the computer software manufacturers, whose products control the function of said computers.

So what's my point? Just this: What other kind of product is granted such tolerant and trusting regard? The answer, in general, is none!! Indeed, we have consumer advocacy insbreastutions that claim to represent our interests in these regards, and what they cannot adequately inspect either by test or deconstruction gets the stamp of their disqualification, their refusal of recommendation.

In general, for every issue or matter that we regard as knowable, we require the opportunity to exercise such inspections, either by ourselves or by those with the expertise to do so, whom we pay to represent us.

The single exception is computer software, and by functional extension, the computers themselves.

The fact is, I submit, that we have been cozened into regarding our computers as virtually unknowable, and the folk who buy into that are those who haven't the skill and-or opportunity to discover the fallacy of that belief. Those folk are the majority of computer users, of course. And those of us who understand that computers need not be unknowable seem reluctant to address these issues except for our own purposes, our own best interests.

I could ask: Why is that?

I could, but I know the answers already. We don't because we fear the ridicule of those who have bought into either a) the myth of the appropriateness of computer inscrutability, or b) the ethics and goals of those who promote that myth. The first lot are the "digitally ignorant", and the second are the minions of the purveyors of the myth. And the FUD it creates, of course.

So why is this such a big deal? Need anyone elaborate? What with the malware industry that continues to outstrip the best efforts of those who make big bux by "guaranteeing" to protect us therefrom, the danger is clear, present, and very evident. But that's only the tip of the iceberg, as it were.

Ask yourself this: With all the available operating software that is freely available for proprietary use (BSD license), M$ steadfastly refuses to countenance the option of marketing a truly secure operating software suite. Why? Issues of backward compatibility are trivial and illusory, as are all others they raise.

The fact is that M$ deliberately markets totally open and vulnerable operating software because they intend it to be thus. Arguments of "trusted computing environments" are obscenely ridiculous. We all know that such things exist only to the extent human nature would allow, and human nature definitely does not allow any sort of "trusted environment" of any kind. No one with any sense would argue for such a proposition.

In short, M$'s "trusted environment" is a cynical sop to the credulous public already well trained to accept such things with a complete lack of critical regard. The reality must be that M$ intends that their operating software be vulnerable! The question then is: why?!?

Absent any published explanation, we can reasonably ask: who is the intended beneficiary of such vulnerability? To put it bluntly, who has the keys to the back door(s)? And why do they have them? To what purpose are they put? Can we ever know? If we can, then how?

More questions: why did the NSA publish a really secure operating system based on GNU-Linux? Why did they think one such was of value? Why do some number of countries have issues with the use of M$ products in government venues? Anyone need some more examples of this? If so, where have you been?

The point of this post, you see, is that the issue of M$ vs *nix is much more than one of technical merit, it's about the possibility of knowing what a M$ driven machine is really doing. Yes, the technically knowledgeable and well equipped can monitor such a machine to some extent, but not completely, and the average user cannot to any useful extent at all. The home computer is no longer a discretionary toy, it is becoming a vital and important part of our daily lives, and we have no guaranteed control over its function whatever. All we can do is unplug the thing if we want to keep it from being exploited, at which point it has the value of a door-stop or large paper-weight. We certainly cannot maintain guaranteed control of it when it is not only left on 24-7, but connected to the Internet thus as well!

What is said here of computers can also be said generally of most of the new digital communication devices, though the particulars in each case differ. Cell phones are quite obviously vulnerable; whether and to what extent they remain so is yet to be known, of course. Where the government has purview, as in the use of radio frequencies, the issue is somewhat different from that of networked computers. The government as yet has little purview over the Internet, for good or ill, and so has little incentive to be involved with the potential abuse of home computers via network accessible back doors and such.

In that regard, we have the choice of freedom or security. Government intervention takes away that choice and gives us security, whether we wish it or no. Many of us are satisfied with the current status of government non-involvment. The down side of that, for the common user, is that there is no one to protect him-her. And if we believe the current AOL ads, all too many users haven't a clue about the vulnerability of their machines. AOL is probably correct, I think. Of course, if AOL follows what is expected of other such insbreastutions, that protection will be limited at best, though they will be at pains to conceal the fact.

Which leaves the arena open to the predators, amongst which we must recognize the quite probable presence of Microsoft itself, unfortunately.

Linux folk know about these things. So do the butterflyheads, but it's one of the surest bets in the world that they will go to any extent to avoid admitting same. In fact, I expect those who have the intellectual wherewithal to have read this post to perform predictably with all the usual crap responses so eloquently enumerated in a recent post.

Let's see if they act as expected. It's one rather elegant way of verifying these arguments, I think.

Longfellow -- Email is wtallman at olypen dot com