The coming Global War on Hacking?

I’ve got a suspicion that 2013 could very well go down as a fulcrum point in contemporary history, as well as in my own meager part in it. Julian Assange’s pinprick has now become Edward Snowden’s stab to the jugular vein, and meanwhile, I’ve had to provisionally decide how I’m going to steer the imminent deluge.

Here’s my thought process, and I’ll put it frankly to my audience: we should all be expecting in the near future the replacement of the GWOT (Global War on Terrorism) with the GWOH (Global War on Hacking). Consider: all it would take would be one massive power grid failure or some other similar immense infrastructural disruption, and then a logical but ultimately evidence-independent speculation (“we have reason to believe hackers were behind it”) to roll out new Patriot Act-like powers that effectively render criminal any technological attempt to maintain individual or collective privacy, much less to peer into the secrets of power.

The idea is not strictly-speaking mine. I heard it mumbled about in some quarters at the recent OHM2013 convention. However, other than an obscure comment to a 2011 editorial (copied in the post-script of this post), there’s nothing about in on the public web. So, let me spell it out a bit here, and then explain my own position, which I hope is moderate. And if not moderate, then at least independent…

 

I

“Hacking”, like “terrorism”, is an indefinable concept. Just as we cannot draw a universally satisfying intellectual line between a freedom-fighter and a terrorist, we cannot draw a sufficient line between malicious violation of technological systems (in subculture parlance, “black hat” hacking) and the innocent or well-intentioned exploration of technical possibilities (“white hat”).

From the perspective of power and profit, then, the GWOH would be a very useful enterprise — especially given its technological dynamic, which is perfect for intrepid start-ups and requires technical innovation, prowess, and industry, all of which can keep an economy charging along in lieu of civilian prosperity. Moreover, military-industrial/security complexes (or whatever one deems them) tend to love wars against concepts precisely because of their open-endedness with respect to the definition of “victory”. The GWOH, like the GWOT, is self-perpetuating and self-justifying: insofar that victory possesses any substance, it lies in invisibility rather than visibility. After all, a successful GWOH campaign is per definition one that a civilian or a senator never hears about.

However, it would also be a very self-destructive enterprise, even more so than the GWOT has been. (a) The conceptual and psychological ambivalences latent within the very act of trying to successfully define what is and isn’t hacking, not to mention (b) the phenomenological inevitability that the only real difference is the power structure in which the definer is ensconced, would eventually make it legally untenable and psychologically unsustainable — especially because the government actors in this war would sincerely believe they are defending democracy.

Most of all, unlike the GWOT, which saw vast asymmetry between governments and terrorists (UAVs versus pressure-cooker bombs!), the GWOH would be fought on a more level playing field. I mean this both technologically and in terms of the contested space, namely, the citizenry itself, the collective consciousness of society and the bedrock of the state. Consciousness itself would be the main battleground.

Yes, the GWOH would still be asymmetrical and favoring governments, in that they can muster the technical and social resources to outmaneuver and crush their hacker opponents (e.g., rumor has it that the NSA is coming close to achieving end-to-end correlation of PGP encryption, something which no snot-nosed group of radical teenagers could ever in their wildest dreams hope to accomplish). However, the governments would not perceive the situation to be this way; they would very much feel on edge.

And there would be some objective justification for this anxiety, too. Remember, some hackers are in fact bad. Governments tend toward a leviathan character, and it becomes difficult for them to distinguish between friend from foe, innocent from guilty. Bad hackers can exploit this to their advantage, hiding behind all of the good hackers and generally causing real suffering, precisely by luring governments into oppression they would not normally have resorted to. It certainly doesn’t help that many of the governments’ own tools in the GWOH would be at least in principle engineerable by the bad hackers themselves.

Moreover, governments can often lose track of themselves in the pursuit of what they believe to be the interests of their citizenries. In such moments of over-step, publics may react very angrily, and the governments, mis-interpreting the intentions of the protest actions, over-step further. There then emerges a real risk of a destruction spiral. At some unconscious level, governments do “know” or sense this; that’s one of the key reasons they labor to keep their over-steps hidden, and justify it to themselves as “for the good of the people”.

With respect to mass protest actions, the more nefarious elements within governments also have reason to fear. Simply put, the truly fearsome, supercomputer-driven tools in the GWOH would be futile if enormous amounts of the general public began to react. Not even a weaponized Facebook could stop them. At best, an angry public can only be slowed down, and when repression becomes empirical and out in the open, the days of the repressor are numbered. That’s simple logic that anyone can figure out.

Worst of all, the “weapons” at the disposal of the hackers, both the bad ones trying to cover their tracks and the good ones who have been unfairly swept up into the conflict, would often be quite quotidien. As such, these weapons would be much more effective than all the mass media and surveillance that could be mustered against them. Imagine the sheer symbolic impact if a million citizens suddenly sent a protest sms (“No more Patriot Act!”) at the same exact moment to all of their contacts with instructions to pass the sms forward. For the psychology of many of those inside the government, this would be a devastating blow (don’t underestimate St. Augustine’s notion of the privatio boni: no one ever does evil for evil’s sake; they believe, or make themselves believe, that they’re doing good — until contrary evidence compels them to re-consider or turn inward).

 

II

Of course, I’m not saying the GWOH is certainly going to happen, nor that it’s somehow in the nature of a government (American or otherwise) to pursue what would inevitably be a war on its own citizens. Conversely, there are those who would argue that GWOH’s already happening with the Bush and Obama Administrations’ criminalization of whistleblowing. Others of a more macrocosmic mindset argue that the struggle between secrecy and transparency, the dark and the light, has been going on since the dawn of the state; if the GWOH happens, it would just be the latest pitched battle in a perennial conflict.

These positions are sound, but I feel that when and if the GWOH comes, we’ll be dealing with something qualitatively different — consistent with established patterns and previous cycles, yes, but with a unique texture, problem set, and ethical implications. Certainly, the GWOH would be an important moment in humanity’s ongoing technologization; perhaps it might bring to large-scale awareness some of the techno-spiritual issues which only remained subtextual in previous conflicts, including the GWOT.

I’ve also heard the argument that the whole clash over security and privacy is in fact the most important issue facing humanity at the moment, even more so than global warming, over population, and the like. The reasoning is that the security industry and the “deep state”-like forces that undermine democracy are what gobble up our resources, human and natural. Personally, I have doubts about this argument. However, I do certainly agree that these forces condition the very cognition of society, and it’s clear if one watches Fox News, CNN, etc., and their counterparts in other nations, that something is actively preventing citizenries from being able to properly focus on the things we really need to solve. The GWOH might just cast this problem into stark relief, even if the so-called “deep state” may not be the sole cause.

Finally, in our era of nearly-universalized liberalism and democracy, the GWOH may also prove to be a key moment to consciously decide what we want from society and government — indeed, what we want, and want to be, as citizens. In the specific context of the United States, given the Constitutional hermeneutics that have developed around the right to privacy (which was first articulated in Griswold v. Connecticut and to my knowledge is considered an implicit rather than explicit right), a GWOH would really go to the heart of our society.

The irony is the GWOH would probably in the long run have very good but unintended results, as citizenries would wisen up and de-securitize their societies. That’s because no one wants to live in paranoia forever, and rather than reduce that sensation, the GWOH would ratchet it up. Moreover, a certain common sense can prevail among the grassroots when they have time and headspace enough to breathe and think. However, in the short run it would be a nasty series of skirmishes between governments and their hacker opponents, with the public veering left and right in its feelings and opinions. Lives would be crushed and lost, and more than a few societies would compromise on the values they hold most dear.

So, on which side will I stand?

 

III

As explained in my last post, I’ve got personal stakes in either side of the coming GWOH. Moreover, as I deepen my faith as a Bahá’í, I lose my stomach for radicalism and confrontationalism, whether those who war for absolute transparency from above or those who inflict omniscient transparency upon those below. Bahá’u’lláh sets the conceptual-ethical framework for me, writing,

“Liberty must, in the end, lead to sedition, whose flames none can quench.”

“Take heed that ye enter no house in the absence of its owner, except with his permission.”

“Comport yourselves with propriety under all conditions, and be not numbered with the wayward.”

I’ll leave it to the reader to interpret these passages as they see fit, but for me, it’s clearly a call for moderation that errs on the side of privacy. That moderation extends very far, and as elsewhere in the Bahá’í Writings, is motivated by the principle that we cannot create positive change — much less fight for it — until we ourselves are in some way embodiments of that positive change.

I don’t believe the solution to our problems is more aggression, despair, and paranoia, turning liberty into either a weapon or a shield. Trying a tit-for-tat, eye-for-an-eye, as Gandhi rightly said, makes the whole world blind — morally blind. So, for example, all this business of WikiLeaks as the “first people’s intelligence agency” is ultimately wrongheaded. Such aggressive attitudes both fail to understand the true scale of what’s at stake, and risk tipping the United States over into the GWOH. That’s because sooner or later, someone is going to blunder — or an intelligence agent goes rogue and blames a terrible incident on a hacker.

At the same time, because I’m a journalist and an American (an Eagle Scout, no less!), I take seriously, almost religiously, what the Bill of Rights is supposed to signify about civilization and the course of history. Thus, I’m deeply dismayed by the corrosive effects of secrecy and surveillance in the world today. From this perspective, I still have a strong and instinctive appreciation and support for Assange et al., i.e., when they are wearing their white hats, as opposed to their grey or black hats.

So, how to resolve my dilemma, especially considering that it could come at great cost to some or all? In the preface to the 2011 edition of Underground, Sue Dreyfus notes the risk to her sources from ever-present law enforcement and surveillance — a risk I feel that in a coming GWOH could also come from hacktivists and the like on the other side of the conflict. She asks herself,

“I had worked as an investigative journalist but never in a situation where information I possessed could result in people going to jail. Despite the romantic image that journalists sometimes have of themselves, few real journalists that I know would truly be willing to go to prison to protect a source. Some have admitted as much to me over quiet drinks in empty bars. […] After some soul-searching, I decided the answer was yes, I was ready to make that commitment to my sources; I was prepared to be imprisoned to defend a source.”

When I think about this question for myself, I find that deep within, underneath the sediment of personality, the dust of anxieties and the detritus of ambition, I find a tiny ember in the dim foundations of character that also shines with the resiliency of “Yes”.

Only until I’m in an actual desperate situation will I know whether this spark can be a flame or quenched by fear. Yet, be that as it may, somehow I sense that Dreyfus’ answer is the answer for the dilemma posed by the GWOH. It’s the journalist’s answer, not the hacker’s nor the intelligence agent’s; it’s the answer, I dare consider, of the divine.

 

(Post-script)

While preparing for this post, I found this really interesting comment to a 2011 editorial by one “DCX2”. It’s one of only two Google query results for the exact phrase “global war on hacking” (“global war on hackers” turns up more results).

Re: Law of unintended consequences — The coming Global War on Hacking will probably be much like the Global War on Terror. In the GWOT, the US proceeds to drop bombs on Afghanistan, Iraq, Pakistan, Libya, Yemen, etc etc. Sometimes, these bombs kill bad guys. They also kill a lot of innocent people. Thus, in the pursuit of killing all the bad guys, their collateral damage will create still further bad guys in a positive feedback loop.

In the GWOH, it will be even more difficult. The few really good hackers will surround themselves with thousands of “innocents” – not that they’re really innocent, but they’re not the real hackers. They’re just the script kiddies who download LOIC. Then the FBI will proceed to arrest script kiddies who didn’t really do much damage, because they’re more visible and easier to track than real hackers. And the Internetz will feel like it is under attack, and the feds will merely spawn more script kiddies and motivate some to learn how real hacking is done.

Once we have a digital Pearl Harbor, there will be a digital Patriot Act. The white hats, who are probably more easily identified, will likely be targeted despite the fact that they’re not dangerous. This will undoubtedly chase them underground, and many will likely change to gray hats, or even black hats. Once again, the very actions taken to stop the “enemy” will instead make that enemy stronger

[The attached image is by the brilliant Croatian late modernist painter Miroslav Šutej. For those new to my blog, I’m working on the philosophy of journalism (e.g., “Transcendental Journalism”), and I’ve been covering the transparency movement since 2010. Maybe there’s finally some minute influence coming from my end: at OHM2013, Julian Assange gave some remarks that sounded as though they were inspired by my paper, “Totemism and Panopticon”, although I doubt he read it.]