You are on page 1of 15

[This book review article was published in the Winter 2011 issue of The Journal of Social, Political and

Economic Studies, pp. 455-471.] BOOK REVIEW ARTICLE CyberAnarchism, WikiLeaks and Computer Warfare: The Unprecedented Dangers Associated with Information Technology Today Dwight D. Murphey Wichita State University, retired Daniel Domscheit-Berg has written a book Inside WikiLeaks: My Time with Julian Assange at the World¶s Most Dangerous Website that deserves a review in itself. Readers become acquainted with the highly organized and yet freewheeling world community of ³computer hackers,´ a community motivated by what might best be described as ³CyberAnarchism.´ Most especially, Domscheit-Berg tells the story of WikiLeaks and his long involvement with it as its number-two man. As most everyone knows, WikiLeaks has made itself the platform for the electronic publication of vast numbers of confidential or secret documents sent to it from undisclosed sources. The story of the hacker community, and of WikiLeaks as a part of it, is worth knowing in itself, but additional facts tell us that that is just part of a much larger phenomenon, one that regrettably is even more chilling than the threat of nuclear warfare that has hung over the world since 1945. The exploration of that larger aspect is why this is expanded beyond a discussion of Domscheit-Berg¶s book into an article of much broader scope. Key Words: CyberAnarchism, WikiLeaks, Julian Assange, Daniel Domscheit-Berg, Chaos Computer Club, computer hackers, cyber-war, cyber security, botnets, computer exploits, computer rootkits, U.S. Cyber Command.

Daniel Domscheit-Berg¶s recent book Inside WikiLeaks: My Time with Julian Assange at the World¶s Most Dangerous Website (Crown Publishers, 2011) opens a window into the world hacker community and the activities of WikiLeaks itself. To discuss those things in isolation, however, even though they are important, would be to ignore the much broader prospects of computer mayhem that go so far as to raise the distinct possibility of computer warfare, conducted by governments, groups or even individuals, that could shut down entire societies, with all of the implications that would carry. Those implications pose dangers that far exceed the destructive power of any weapons, including the nuclear, that have existed before, both because of the extent of harm they can produce and because the ³mutually assured destruction´ deterrent isn¶t for the most part available or efficacious to checkmate the actions of such enemies, who often are anonymous and untraceable. Accordingly, we will review the DomscheitBerg book and follow it with information about that broader threat. Domscheit-Berg was the number two man, second only to founder Julian Assange, in WikiLeaks from December 2007 until his withdrawal in September 2010 after the two of them had a falling out. WikiLeaks, as most everyone assuredly knows, has since 2007 made itself the platform for the electronic publication of hundreds of thousands of confidential or secret documents sent to it from sources unknown even to itself. These have included, among many others, 391,812 United States military files from the Iraq War; 250,000 communiques, 15,652 of which were classified as secret, between the U.S. State Department and one or more of its 274 embassies; documents purporting to show the corruption of insiders within Iceland¶s largest bank; 10,000 pages of secret contracts between the German government and various firms; Sarah Palin¶s e-mail account (which Domscheit-Berg summarizes as ³hardly scandalous´); and half a million text messages that were sent in connection with the events of 9/11/2001. Though many were massive collections, some of the items published were even so small as fraternities¶ secret ritual handbooks. All of these items were presumed by WikiLeaks to be authentic, subject to occasional later confirmation when an organization would acknowledge that the items were genuine. One would think from all this that WikiLeaks was an organization of substantial size, with a major staff and rare expertise. This was the impression Assange and Domscheit-Berg sought to convey, ³grossly exaggerating,´ our author says, the number of volunteers and assistants and

the extent of its almost non-existent legal ³department.´ We are surprised, then, when Domscheit-Berg reveals that ³WL was just two loudmouthed young men working with an antiquated server.´ That this was so will be seen to be highly significant when, later here, we reflect on the well-nigh limitless capability for mayhem that countless individuals, groups and governments can have in a world that has come to depend upon computers for almost everything, including all that is essential to its civilization and daily life, ranging from the delivery of food supplies, the availability of electricity, the operation of its vehicles ± and even, as we shall see, to the working of pacemakers and heart defibrillators. Who are Assange and Domscheit-Berg? The answer, in short compass, is that they are hippies, committed to a non-bourgeois lifestyle, loosely adhering to anarchist philosophy, relishing the ego-trip that comes with power and fame, and possessing a wide-ranging ability to manipulate the world computer scene. The ideology to which Domscheit-Berg holds is revealed when he says that ³anarchist classics are on my unofficial list of favorite works of world literature´; that ³our battle is against the powerful«, we were out to stir up trouble´ and sought ³to shake up society´; that he and Assange dreamed of a world where ³there would be no more bosses or hierarchies" ± all interpreted by him as seeking to ³change the world for the better.´ The personal details of his life are consistent with his ideology. He tells us that he¶s an occasional pot smoker; that the organic-food grocery store where he shops sports ³small publications« from a queer and/or Marxist perspective´; and that the apartment in which they lived ³looked like an asylum for psychotic slobs,´ with ³half-empty bags of potato chips´ collecting ³amid our dirty laundry.´ (It¶s only fair to point out that, for his part, he would have preferred ³at least a modicum of orderliness.´) We have to realize that the view we receive of Julian Assange is given to us through a Domscheit-Berg lens. It can be argued that it is fair to accept it at face value, since to do so is no more unjust to him than for him (and the others at WikiLeaks) to have so long accepted the bona fides of hundreds of thousands of items sent to them by gosh-knows-who. They published those items without any ability to verify them, so, even though we realize (as they have not) that there should be some suspension of judgment in the absence of a full and balanced investigation, let us allow ourselves license to presume that Domscheit-Berg¶s descriptions are correct. He describes Assange as ³so imaginative. So energetic. So brilliant. So paranoid, so power-hungry, so megalomanic (sic).´ Assange had been a member of the

hacker world, with the pseudonym of Mendax, and had been ³a member of the famous International Subversives,´ in which he was ³one of the greatest hackers in the world.´ His lack of consideration for others is evident in a variety of ways, which include a contempt for other hackers; no sense of obligation to those who donated money to WikiLeaks; and, among other things, the appropriation of other people¶s property. Sexually promiscuous, Assange boasted about how many children he has fathered around the world, children toward whom he apparently feels no responsibility. According to Domscheit-Berg, the falling out that caused Domscheit-Berg to break off from WikiLeaks was mostly caused by Assange¶s paranoia and jealous desire for unshared acclaim and power. The book gives a substantial glimpse into the world community of computer hackers. (Yes, there is such a community, and it is both extensive and well organized as a confederation of loose cannons. It is a community that is at war with everyone who would like to use the Internet with some semblance of normalcy.) We are told about ³the 24th Chaos Communication Congress, the legendary meeting of the hacker and computing scene sponsored by the Chaos Computer Club, a well-respected (sic) organization of technology activists in Germany. The congress takes place every year in Berlin between Christmas and New Year¶s Day.´ Assange and Domscheit-Berg were the keynote speakers at the 26th congress in late 2009. Then there is another ³major hackers¶ conference in the Netherlands,´ conducted by HAR (³Hacking at Random¶). This conference is ³a giant campsite festival that takes place every four years.´ We are told that activists in a group called ³Anonymous´ wear Guy Fawkes masks, and that ³Fawkes was an English revolutionary who tried to blow up the English Parliament in 1605.´ The wearing of the macabre masks is reminiscent of the Dadaist tactics that were so common within the New Left in the late 1960s and early ¶70s, and that had origins as revolutionary theatre going back over several decades before that.1 With WikiLeaks, Assange and Domscheit-Berg in effect appointed themselves as unelected interveners into the privacy of a wide assortment of public and private organizations. On the assumption that those who sent them voluminous electronic material were well-intentioned

Kenneth Coutts-Smith¶s book Dada gives the history of the post-World War I Dadaist movement. ³The most obvious aspect« was a savage anarchism, a deliberate programme designed to undermine the moral and social assumptions of existing middle class society.´ He refers to a ³pattern of childishness and audacity,´ but one of quite serious intent. In his 1934 book Exile¶s Return, Malcolm Cowley traced this method of comical ridicule to a succession of literary schools that began before the middle of the nineteenth century. For more about this, see, item B6, Chapter 14.

³whistleblowers´ exposing those who in their malevolence deserved to be exposed, even though WikiLeaks didn¶t know who its communicants were, they took upon themselves a power that was both vast and irresponsible. They presupposed for themselves a high moral position, but as we read Domscheit-Berg¶s book we can¶t help but be impressed by its vacuity. They didn¶t ponder the deeper questions relating to what they were doing. Here are some of the points that come to mind: y They published, as we¶ve already noted, massive amounts of material without any determination of its veracity. Being unable, as they said, to trace their sources, or even wanting to know who they were, they were taking them at face value. Whether items were accurately transmitted, whether they were complete or taken out of context, whether they were tainted by any deliberately planted disinformation, whether those who would delve into the disclosures and sort out what they think important will be objective mediators of the information ± none of this was seriously thought about. y No consideration was given to the fact that those who were ³exposed´ were not being given ³due process.´ World public opinion was molded on a one-sided basis by finger-pointers, with the other side, in any given case, either unable to respond because of the sensitive nature of the material or able to respond only after-the-fact. y The presumption was that no one is entitled to privacy. Sarah Palin¶s e-mails were fair game (even though their ³relevance´ to anything was, as Domscheit-Berg admits, negligible). Fraternities were presumed not to be entitled to have secret rituals to create a bond and camaraderie among their members. y Governments were thought not to need confidentiality with regard to their internal communications. This flows, of course, from Assange and Domscheit-Berg¶s premise that all authority is illegitimate. Everyone, anarchist or not, can point to egregious abuses and venalities that taint governments of all sorts, but it is only the anarchist who believes that civilization can exist without hierarchy and organization, and that the operation of government does not require much candid interchange among the people who serve within it. Those who are not anarchists will shudder at the thought that ³embarrassing´ messages within the U.S. State Department





were disclosed that revealed (or purported to reveal) unflattering comments about foreign leaders. The reason they will shudder is that they know the revelations to be damaging both to the United States¶ relations with other governments and to the future willingness of personnel within the State Department (or any other organization) to talk freely with each other. But Assange and Domscheit-Berg were among those who did not shudder. These effects were of no consequence to them, but were rather something to be welcomed. It was taken as self-evident that all government covert activity is illegitimate. The premise is that light is to be shined on everything (although it seems, of course, that the ³everything´ is rather selective, since there are a lot of subjects that don¶t seem to be broached by the disclosures). On this basis, the Los Alamos atomic bomb project would have been a proper subject for disclosure during World War II. The irresponsibility lies in the universal nature of the premise. The WikiLeaks folks didn¶t ponder what is justified and valuable, as against what is not. We can see from the preceding point that Assange and Domscheit-Berg, and hackers in general, have indulged an enormous presumption: they set themselves up as moral arbiters and wielders of power, with no foundation for ³legitimacy´ in doing so. Certainly no one has elected them. It¶s not too much to say that they established themselves as an unelected government. The concept of ³fiduciary duty´ is central within many human relationships. There is no hint in the book that any value was being placed on such bonds of fidelity. Those who sent WikiLeaks confidential material were violating their fiduciary duty if they stood in an agency relationship, or were simply stealing the material if they did not. Again, we see a universal: all ³whistleblowers´ are good, and there is no need to evaluate the justification for flying in the face of fiduciary duty. (It relates to our point about Assange and Domscheit-Berg¶s having made themselves an unelected government when we ask by what right they could presume to be the ones to serve as the judge of this. It isn¶t just a matter of what the justification was, but also of who should determine that justification.) So far as someone reading the book can tell, no thought was ever given to whether WikiLeaks could be infiltrated, within its

³hundreds of (eventual) volunteers,´ by persons with purposes of their own. At one point, those hundreds of volunteers were put to work ³redacting´ names from 14,000 ³threat reports´ that were among the Afghan War documents, purportedly out of a rare conscientious effort (insisted upon by WikiLeaks¶ media collaborators) to keep from endangering the lives of Afghans who were working with Americans or other coalition forces. How many of those volunteers might have been agents planted within WikiLeaks? Maybe none; we¶ll never know, and Assange and Domscheit-Berg didn¶t concern themselves with it. y Amazingly, Domscheit-Berg reveals that WikiLeaks itself could be subject to hacking. This means that the material it discloses is subject to manipulation ± has it been done, by whom and for what reason? No one can say. y There is nothing in the book that shows any thought about how immense volumes of materials are to be gone through in any objective, intellectually honest way. If tens and even hundreds of thousands of communications are released en masse, who are the historians or other scholars who will devote their lifetimes to studying them? Where is the funding to come from for that purpose, and how long would it take, in any event? The answer is almost certainly that the materials will be picked over selectively by those who have a particular animus or loyalty, to make a case for sensationalism, incrimination or exculpation. Objective scholarship is a virtual impossibility. On the day this is written, the Associated Press and McClatchy Newspapers have each released reports based on ³files made public by WikiLeaks.´ This tells us that the media are doing the sorting, at least in part. It is for each of us to consider how confident we can be in the media as a pillar of objective truth seeking. y The motivation that is expressed is ³to make the world a better place.´ At the same time, the premise behind massive ³disclosures´ is that governments and public or private groups are inherently corrupt, chronically seeking to hide much that should be revealed. This suggests a question that goes to the heart of the naïve worldview that inspires the hackers: If the suspected venality is so ubiquitous ± i.e., if there are ³abuses in which all connive´ ± what hope is there, exactly, for removing the dross and finding pure gold underneath? It reminds us of

the incredible naiveté of the 19th century Russian nihilist Nechayev, who wanted to tear down all existing society with the idea that starting ab initio would produce a much better world. As we attempt to understand, in a broader context, the type of person who will act with such arrogance, we can find no better explanation than that made by the Spanish philosopher Jose Ortega y Gasset in The Revolt of the Masses some 80 years ago. He wrote of ³a primitive man suddenly risen in the midst of a very old civilisation« They have been given tools for an intenser form of existence, but no feeling for their great historic duties; they have been hurriedly inoculated with the pride and power of modern instruments, but not with their spirit.´ He described this sort of man as one ³who has learned to use much of the machinery of civilisation, but who is characterized by root-ignorance of the very principles of that civilisation.´2 Ortega y Gasset¶s observations about such a ³primitive man´ are certainly apropos in the context of the Chaos Club, Assange and Domscheit-Berg, but today there is more to say in the specific context of the early 21st century. Indisputably, there is a vast and immensely important corpus of ³civilization´ that is to be appreciated, cultivated and protected, just as Ortega y Gasset envisioned so profoundly. What is likely, however, is that the world is entering upon a time that will sorely test the bonds that have held it together. The rapidity of change is such as will challenge all existing ideologies, institutions and orthodoxies. A significant feature of this change will be the displacement of hundreds of millions of people from ³work,´ upon which throughout history people have counted for their living, by the advancing non-labor-intensive technology. That displacement can bring with it an extreme polarity of incomes and wealth, even among populations that have not long been accustomed passively to accept such a dispensation. In the absence of much wisdom and adaptation, it will be a revolutionary situation, simultaneously holding out the prospect of undreamed of improvements in human well-being and the threat of civilizational collapse. The wisdom of Ortega y Gasset, who believed that civilization depends upon the aristocratic principle, will be ill-used if it is taken to oversimplify the polarity that will exist. It will be impossible to say, without overweening presumption, that those in the resulting elite will necessarily, because of their success, qualify as ³the true guardians of civilization,´ while
Jose Ortaga y Gasset, The Revolt of the Masses (New York: W.W.Norton & Company, Inc., 1930, 25th anniversary edition, 1957), pp. 51, 67.

the great mass of others are primitives who deserve their place. This presumption will be an easy one to fall into, as we know from the fact that virtually all aristocracies have seen themselves and their fellow man in that way. While fitting into Ortega y Gasset¶s description, the hackers with their anarchism nevertheless may very well offer, too, an early glimpse into the potential revolutionary chaos. It is no coincidence that Pavel Stroilov, the author of a recent book boasting of his own hacking,3 speaks in a vein very similar to that expressed by Domscheit-Berg: he is able to speak of ³today¶s worldwide cold war between the political class and the public«´ (our italics). He praises WikiLeaks, arguing that ³we cannot say that the Establishment is overreacting. WikiLeaks strikes at the very root of their power: the official versions of events.´ A great many people today sense a growing disparity between the world¶s cosmopolitan elite, with its professional and business world that seems so rife with venality, and the great bulk of the population. There is much simmering anger toward ³the Establishment.´ If by any chance a world class war is in the offing, exacerbated and variegated by the world¶s deep ethnic and religious divisions, the CyberAnarchists we have been talking about will in all likelihood be matched by millions of others. Those others won¶t themselves favor anarchy, but the resulting chaos will be hard to distinguish from it, at least until the forms of revolution begin to harden in some way that cannot yet be foreseen. (At that time the chaos and revolution may, as one of many consequences, if history is any guide, ³devour their own children´). Those who abhor the anarchism that moves the world hacker community will for yet another reason be well advised to look deeper and to see it within today¶s context. There is, indeed, much venality and many abuses to be ³exposed,´ and that purpose can be served, albeit with a heavy hand and with all the imperfections we¶ve noted, by the hacking. Beyond

Pavel Stroilov, Behind the Desert Storm: A Secret Archive Stolen From the Kremlin that Sheds New Light on the Arab Revolution in the Middle East (Price World Publishing, LLC, 2011). Stroilov tells of how he became a trusted research assistant to Mikhail Gorbachev, where ³I played the role of a naïve, shy, and respectful student. Hardly did Gorbachev or the keepers of the archive suspect that I was acting as a spy.´ He says that in the last days of the Soviet Union, ³Gorbachev¶s aides took home top-secret archives of their better days: their notes from Politburo meetings, transcripts of Gorbachev¶s talks with foreign leaders, and countless confidential memos«.´ These came to reside in the computer files of the Gorbachev Foundation, from which Stroilov says he stole them ³one thousand pages after another, as quickly as I could send e-mails.´ His book focuses most particularly on what Stroilov says are the revelations about relationships involving the Middle East. Somewhat oddly for someone who opposes the Establishment ± including presumably that of the United States ±, he ends the book with a ³neoconservative´ call for U.S. intervention throughout the region on the side of the ³pro-democracy forces´ that he hopes are present in meaningful numbers.

that, there is much room for an unmasking of the facts behind the many ³truisms´ that simply aren¶t true, or that at most are only partly true, and that serve as the ³conventional wisdom´ or ³official version´ that is insisted upon by the cosmopolitan elite that governs Western opinion. Much that the public is given to believe, on a variety of subjects, wouldn¶t stand up to serious scrutiny; and although there are voices that call for honest investigations, the main organs of opinion consign them to a memory hole. For the most part, the hacker community hasn¶t gone after these subjects, but has rather selectively made its ³exposures´ in areas that interest the world Left. What could really be earth-shaking would be if similar efforts were turned toward the myths and semi-myths that govern so much conventional wisdom today. ³Hacking,´ however, is only part of a much larger picture. The computer age sets the table for a looming danger that exceeds, even, the danger of nuclear holocaust that hung over the world so ominously during the Cold War (and that, in different form, is still with us today). It is a danger formed out of three major factors: (1) The utter dependency upon electronics that has developed so rapidly in recent decades that makes everyone, especially in advanced societies, count on computers for the successful operation of all of the systems that sustain life and allow it to continue normally ± such things as the transport of food to our supermarkets, the functioning of our waterdelivery and sanitation systems, the intricate interactions of our financial/banking/business economy, our cell phones and personal computers and other means of communication, all of the main means of transportation, the supplying of electricity to homes and businesses, and endless others. If these were to shut down, not only would people starve within a relatively short time, but absolute social chaos would set in. What we need to realize is that, while moving so totally into electronics, modern societies have dismantled the ways in which those services were rendered until the very recent past. (2) The vulnerability of our electronics to interventions that range from something so small as an individual violation of privacy to something so large as the instant and complete shutting down of a society in all of the things just mentioned upon which masses of people are dependent. To the extent that a society¶s computer systems, and the many parts of the economy that depend upon them, are interconnected and there is no redundancy that can, on the spur of the moment, perform essential services, a society stands

naked before the vulnerability. So do individuals, who are susceptible to assassination: medical devices ± such things as insulin pumps, pacemakers, implantable heart defibrillators, intravenous drips, and oxygen systems ± can be hacked remotely. ³A real attack could cause the device¶s battery to drain, rendering it useless, or cause it to administer an inappropriate electric shock to a patient¶s heart.´4 One cybersecurity expert tells us that ³we can split attackers into three main groups: There are the hobbyists« not trying to make money,´ who do the hacking because ³they are trying to send a political message´ or ³do it for fun or the challenge.´ Much worse is the ³problem of organized criminal gangs who« infect home computers, do banking Trojans to steal data, hack credit card details, [or] hijack computers for ransom.´ Then ³the third problem is cyberwar or cybersabotage, things like the Stuxnet virus launched against a nuclear research center in Iran, or countrywide denial of service attacks like we saw hitting Georgia and Estonia.´5 The methods of attack are varied, but include ³botnets,´ ³exploits,´ and ³rootkits.´ Bloomberg Businessweek says ³a botnet is a collection of tens or even hundreds of thousands of computers that have been commandeered without their owners¶ knowledge.´ An exploit ³is a program that takes advantage of vulnerabilities« to break in and insert a worm« The most valuable exploits are those that are unknown to everyone else until the first time they¶re put to use. These are called zero-day exploits.´ Rootkits are ³military-grade hacking systems used to bore into other countries¶ networks.´6 Much attention has already been turned to cyber security, as can be seen from the materials that can be found by a simple search for ³cyber security´ or ³cyber warfare´ on Google. Microsoft, for one, is extremely active in the area. The Council of Foreign Relations has long given it a priority, with papers and conferences. Nevertheless, it would seem that the responses are still primitive compared to the scope and intricacy of the problem. A Microsoft site says that ³each and every day, cyber-attacks against U.S. government computer networks number in the millions. Pentagon systems alone are probed 250,000 times per hour«.´ The U.S. government, along with most if not all other governments, is alive to the challenge, as we see from Defense Secretary Leon Panetta¶s statement that
The Wichita Eagle, August 25, 2011, report from the Minneapolis Star Tribune, ³Medical Device Security Flaws Revealed´; see also Bloomberg Businessweek, July 25/July 31, 2011, p. 53. 5 The expert quoted is Mikko Hypponen, who is the chief research officer at Finland¶s F-Secure Corporation, whose analysis is given on the Microsoft Cybersecurity web site. 6 Bloomberg Businessweek, ³The Code War,´ July 25/July 31, 2011, pp. 53-55.

³We could face a cyber-attack that could be the equivalent of Pearl Harbor.´ Indeed, he is aware it could go far beyond that attack; he says it could ³take down our financial systems in this country, take down our governmental systems, take down our banking systems. They could virtually paralyze this country.´7 The U.S. Cyber Command was established in 2009, following up on initiatives begun under the preceding administration. Nor is the United States alone. China has long been active, with a Washington Post report in August 2011 saying that ³for more than a decade, experts say, China has had a cyber-warfare capability« [W]hen major cyber-attacks have happened ± against Google, Lockheed Martin, the Dalai Lama, the office of the German chancellor ± U.S. analysts and some international authorities have blamed China.´8 (3) The absence of anything akin to the ³mutually assured destruction´ that stood as a deterrent to an attack by a nuclear power during the Cold War. Cybernetic attacks can come from anywhere, and the source of the attack is, at least right now, usually impossible to identify. Julian Assange and Daniel Domscheit-Berg weren¶t able to know who sent them the hundreds of thousands of documents they received; and apparently the organizations and governments whose documents were taken have not been able to locate the sources, either. To this is to be added the fact that even if a source is identified there will often be no punishment that can be even closely proportionate to the amount of damage that might be done. This, too, diminishes the efficacy of deterrence. The question of what can be done about all this is mind-boggling. The literature shows a fair amount of emphasis on deterrence and the associated issue of ³attribution´ ± how cyber-attacks can be traced to a point of origin (perhaps having been launched from multiple sites). This discussion is combined with others relating to the sorts of retaliation that can be launched against an attacker, whether the threat of retaliation is an effective deterrent, what kinds of police work are called for, and the need for international cooperation. Reference is made to ³a continuum of µprotect, detect, respond, and react.¶´ A rough impression a person who is not an expert in the field, such as this reviewer, receives is that the problems far exceed anything that is

Quoted from ³Cyber War Worrywarts,´ blog by Mark Thompson, August 8, 2011, accessed at 8 The Wichita Eagle, August 27, 2011, Washington Post report ³China Provides Glimpse of Ability for Cyberattacks.´

feasible, to provide the needed complete protection, by going after the attackers. The pursuit of attackers may be effective in a patchwork sort of way, with some of the patches being important in themselves. For example, a sort of ³mutually assured destruction´ may work against a government that would launch cyber warfare, if that government were to believe its attack could be traced back to it. And non-cooperating governments, such as some in Africa, might be induced by a variety of incentives not to make themselves havens for hackers. But the difficulties, such as of detecting botnets and exploits in a timely way to prevent harm and/or to retaliate, are immense. It is reassuring that so much expert work is being done to address them, but it is less than reassuring to realize how ineffectual the efforts are in so many other areas ± such as, say, the health of the economy, border control, drug enforcement, winning a war over the Taliban, and countless others --, where massive expenditures and expert attention produce something far short of perfection. It would seem that the answers, if any are to be found, will have to come mainly from making computer systems immune to attack. This is a tall order, if it is even technically possible, because the Age of Computers has come upon the world in so rapid, open, inherently vulnerable a way. The enthusiastic adoption of the Internet and of continuously developing electronic devices has swept all before it, coming at the expense of such things as rampant identity-theft, planting of ³cookies´ inside personal computers, countless scams, international hacking, even (as we¶ve seen) cyber sabotage, cyber espionage and cyber warfare. Against this, firewalls and security systems seem akin to the National Guard troops who are called out to fight the raging forest fires in Arizona. They must do some good, perhaps even considerable good, when we reflect on the figure cited earlier, that the U.S. Pentagon¶s systems are ³probed 250,000 times per hour,´ hopefully without succeeding. But it seems there is wisdom in the call by someone like Mikko Hypponen, quoted earlier, who concludes that ³we have to move responsibility up to higher levels, to operating system manufacturers, to security companies, and to operators and Internet Service Providers (ISPs) that provide the connections.´9 In testimony before a committee of the U.S. House of Representatives, Robert Knake with the Council on Foreign Relations has spoken of ³the underlying architecture of


See Footnote 3 here.

the Internet´ and of the need for ³improvements in the general hygiene of the Internet ecosystem.´ 10 The creation of a cybernetics that is not subject to uninvited entry is not something that can be done without controversy. Knake himself observes that ³we don¶t want to live in a surveillance society« The tools for digital forensics are getting better. We don¶t want them to get too good.´ Although this comment relates to trace-back and retaliation, similar issues of ³civil liberties´ come up in any attempt to tame cyberspace. Major forces exist that will resist such a taming, such as these examples illustrate: international hackers like Julian Assange and Daniel Domscheit-Berg assert a moralistic prerogative compounded out of ideology and hubris; and a great many business interests want to market their wares by planting ³cookies´ and otherwise determining each consumer¶s buying habits. In this context, what the constraints are and how they are introduced will be of considerable importance. Not to be overlooked are the ³cyberskeptics,´ who argue that the problem of cyber-warfare is exaggerated by ³scaremongers,´ perhaps to prompt the building of a gigantic ³military-cyber industrial complex,´ with all of the profit that is to be made from it.11 From all that we know, however, it would seem that the burden of persuasion should be on them to show that the potential is not as serious as Secretary of Defense Panetta, say, believes it to be. More than name-calling and sneering is needed if they are to make their case. When those concerned (as most everyone should be) about ³civil liberties´ or ³personal freedom´ raise their objections to constraints, it will be well for them to consider that today¶s openness already involves egregious violations of individual liberty. Hypponen tells about such a thing as ³key loggers,´ who ³sit silently on your computer and record everything that you type. Everything is saved and sent to the criminals. They are looking for online purchases when you type your name, address, credit card details and security codes.´ Knake speaks of privacy and says that it is ³something that does not currently exist on the web.´ In the case of cyberwarfare, it is easy to speak of a ³society´ as being under attack, but this generalizes too quickly over the fact that it is countless individuals whose
Robert K. Knake, ³Untangling Attribution: Moving to Accountability in Cyberspace,´ prepared statement before the Subcommittee on Technology and Innovation, Committee on Science and Technology, U.S. House of Representatives. 11 For a statement of such skepticism, see the blog ³Cyber War Worrywarts,´ by Mark Thompson,, August 8, 2011.

lives stand to be disrupted, if not ended. That, too, is an ³attack on civil liberties.´ There has perhaps never been a time in history when, for a number of reasons, the world has been so fraught with potential and, simultaneously, with danger. Optimists will say that it is an interesting time in which to live.