Home' Technology Review : March April 2006 Contents Q&A
TECHNOLOGY REVIEW /
Is it possible that a spectacularly pro-
ductive era of Internet-driven in-
novation will soon end, amid new
government and corporate controls
cheered by millions of turned-o con-
sumers? Yes, says Jonathan Zittrain,
professor of Internet gover nance at
the University of Oxford, cofounder of
Har vard Law School s Berkman Cen-
ter for Internet and Society, and au-
thor of "The Generative Internet,"
an upcoming article in the Har vard
Law Review. Machines clogged with
"malware"---the catchall term for code
that in ltrates PCs to steal data, send
out spam, or produce pop-up mes-
sages---are already costing billions
annually and testing everyone s toler-
ance, Zittrain says. And a single de-
structive virus could prompt harsh
regulations and cause millions of
people to seek safe, closed networks.
To help ght back, Zittrain and fel-
low academics have just launched a
new antimalware e ort (www
.stopbadware.org) funded by Google,
Sun Microsystems, and Lenovo (the
Chinese rm that acquired IBM s PC
division). Zittrain describes how this
e ort ts into the Internet s history
and proposes a possible next step in
preëmpting the sti ing of the Net.
TR: What do you feel is at stake here?
Zittrain: The history of the PC and
the unfettered Internet has shown us
just how important amateurs work-
ing in obscure corners can be as a
source of wildly popular and trans-
formative applications. The capacity
for uncoördinated third-party con-
tribution makes the PC and Inter net
highly generative, and we can thank
it for the World Wide Web, instant
messaging, blogging, Wikipedia, and
even online shopping. It s a world
away from the walled-garden proprie-
tary online ser vices like CompuSer ve
and Prodigy of the 1980s, and from
that era s non-PC "information appli-
ances" like LCD-screen digital type-
writers and video-game consoles.
Of course, there s a downside or two.
These generative characteristics
carry with them the seeds of their
own destruction. Generativity can
mean excess and outright disr up-
tion. Publishers have seen this when
a couple teenagers can brilliantly en-
gineer a peer-to-peer network that
enables copyright infringement. So
far, regulators have had a compara-
tively light touch going after such ac-
tivities. I think a watershed in the
security space---for example, a mass-
distributed virus whose payload wipes
out hard drives---could change con-
sumer sentiment so that a controlled
infor mation environment is appeal-
ing to many more people. These
controlled platforms, while great for
what they do, foreclose exactly the
sort of innovation that brought us all
the great applications. And if we lose
people, we won t be as easily able to
include them in the critical mass for
any project that relies on broad-based
adoption. The status quo is not stable.
Many people let companies like
Symantec guard the door 24-7, while
Microsoft and Apple automatically
update their operating systems. Won t
this prevent your "watershed" crisis?
This risks turning PCs into gated
communities that can too easily
become prisons patrolled by a single
warden. Suppose a security vendor or
OS maker, through its success against
badware, starts collecting user prox-
ies to decide what will and won t
r un on nearly everyone s machine
and enforces those decisions through
near-instant automatic updates. This
not only creates an antigenerative
architecture with a gatekeeper like
the days of Prodigy and AOL, but
it also o ers a way for regulators to
demand that such gatekeepers elimi-
nate code deemed socially---rather
than technologically---bad or to insert
new code for individual sur veillance.
To be sure, the actions by the biggest
players so far have been measured.
Microsoft cur rently distinguishes
between critical security updates and
others that are merely suggested.
So what will www.stopbadware.org
do that s so different?
First, we need to deeply under-
stand the problem of bad code---code
that will turn people away from par-
ticipation in the generative Internet---
as something more than technical.
This includes policy and legal issues
that automatic antivir us detectors
are, of course, not built to address.
Second, we want to marshal a solu-
tion that does not cause new prob-
lems of centralized control. We can
do this on both the input and out-
put sides: developing and distill-
ing evaluations of code in ways that
consumers can understand---espe-
cially since there is a variety of
risk tolerance among them---and
in which they can participate.
Surely average PC owners can t
evaluate new code to gauge risks or
even regularly consult a new web-
site. What do you hope to offer them?
Imagine, for example, a simple
display, a networked "dashboard"
where users contemplating code can
contribute to---and then read---sim-
ple demographics like how many
other people are running it, how
many were running it last week,
and whether the computers running
it appear to be better o with it on
board. If enough people participate,
meaningful---and currently unobtain-
able---data can be collected and pack-
aged to keep genuine choice in the
hands of the user. That s a genera-
tive solution to a generative problem.
Preëmpting an Internet clampdown
Links Archive December 2005 January 2006 May June 2006 Navigation Previous Page Next Page