Pas Parler?

Will the real Internet government please stand up?

Parler in Prison

This weekend, Google, Apple, and Amazon all took steps to remove the right wing conspiracy web site Parler from their services, steps that will cripple the social media site for some some period of time. In many ways, Parler had it coming to them. Amazon in particular alleged that Parler refused to take prompt action to remove abusive content that violated their terms of service.

In response, my right wing friends have gone nearly indiscriminately crazy, complaining that their 1st Amendment rights have been violated. Let’s review that amendment of the U.S. Constitution:

Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.

Amendment I of the U.S. Constitution.

In other words, Congress cannot stop someone from speaking. But these companies are not Congress, nor an arm of the U.S. government. We could, however, say that they are a form of government, in as much as these companies, along with a small number of other ones, such as TikTok control societal discourse. What rules would govern them if they decided that moveon.org was also not to their liking? Could these services exclude content that criticizes them?

Parler is a relative newcomer. Much in the same way that Fox News has lost its conservative gleam to NewsMax, Facebook and Twitter lost their gleam when they started applying editorial control to posts. They did this because they gauged societal harm against whatever short term revenue they were collecting from the likes of Donald Trump. There was seemingly no reason they had to, at least in the United States. U.S. Law says this:

No provider or user of an interactive computer service shall be treated as the publisher or speaker of any information provided by another information content provider.

47 USC § 230

Meddle with this rule at your peril. If we shift the burden of policing to online services, social media sites as we know them will cease to be, GMail and Yahoo! mail would be imperiled, and Amazon could no longer offer customer reviews. If there is a middle ground to be found, then scale factors must be considered. Any middle ground may well increase the risks of starting up new services. If the price of entry for a new Facebook or Twitter competitor is fancy artificial intelligence systems and patents, then we may have done ourselves no service in the long run.

The United Social Networks Nations
The United Social Networks Nations

There are other consequences to Apple and Google removing Parler from their respective phone and tablet stores: I saw one conversation in which someone was describing to her friends how to turn off automatic software updates. Software updates are the means by which developers correct vulnerabilities they have created. By disabling those updates, people leave themselves vulnerable to attack.

Today Parler is losing its voice, arguably for very deserved reasons. Tomorrow, some other site might lose its access. Will those reasons be just as good and who will decide?

I have hope and gratitude, thanks to medical research and the Internet.

I am grateful to medical researchers, those on the front line, and those who are keeping us from going crazy in our homes.

I write this to you today from my house, and you probably read this note from your house or apartment. Our lives are disrupted. We cannot go to the movies or restaurants, we cannot get our hair cut, we cannot go to weddings or baby showers, and many of us cannot go to our offices or to visit our customers or partners. We cannot go to conferences, and our kids cannot go to schools.

We are doing all of this for fear that we or people we love will die of this awful illness. We are reading horror stories from Italy of their healthcare system being overwhelmed. As I write this to you I worry that the same thing will happen in Switzerland and elsewhere. I worry for my family.

This disease spread so quickly across the planet because of the ability of humanity to scale its transportation systems to efficiently move anyone from anywhere to anywhere, whether that’s by train, plain, ship, or automobile. This was largely not the case during the Spanish Flu of 1917. We need to practice “social distancing” even more so now than then, because the world is a lot smaller and more social place than it was, thanks to all of this capability.

That same human desire to innovate is what is going to save us now. It started early on in the medical community, who have been our first responders in this crisis. They have worked to identify the genetic sequence of the virus itself, to understand its transmission vectors, and to provide the world with initial advice on how to cope with this threat. Even as early as January, researchers across the globe were attempting to develop a vaccine. In the last few days, researchers have reported four types of immunity response cells to look for as people begin to recover. There are two studies that detail how Malaria medication may both improve recoveries and reduce the virus’ infectiousness.

By dint of necessity, we are virtualizing a great many of our activities. We are all learning how to use WebEx Teams or Microsoft Teams or Zoom or Google Hangouts. We are using FaceTime and other remote collaboration tools like never before. One of my friends is planning to virtualize his Passover Seder, and asked for advice on how to do this with Webex. He dubbed this SederEx. We are planning a virtual baby shower with a cousin. I have encouraged my old Kabuki-West crowd to have a virtual Wednesday night dinner together.

The first uses of the Internet were envisioned by its funders to have been military. That’s why the Advanced Research Project Agency (ARPA) funded the activity. It was clear from those early days and even before then that electronic communication would continue to reshape how we socialize in the world.

That’s because remote communication didn’t start with the Internet. The invention of the telephone let us “reach out and touch someone”. And that worked great for one-on-one communications. EMail gave us the ability to communicate in near real time with those around us. Instant messaging meant that people could hold several disconnected real time text conversations at once.

Today, however, we can all see each other, present to each other for work, not only hear but also see people’s reactions. In the face of this plague, people are having virtual baby showers, virtual drinks, and even virtual Passover Seders. You have to provide the non-virtual parts yourself, of course, but we are able to still be together, even when circumstances dictate that we be apart.

For those of us who have family who are a great distance away, this also represents a rare opportunity to participate in these sorts of events on an equal footing, without having the phone passed around for brief moments, simply to say hello. We are all in the same boat, this time.

The Internet is helping us remain social, as is in our nature to be. Social networks, which in the last few years could not be spoken of in public without some sort of derision, are a big part of the solution. When all of this is over, we will still need to sift through all of the negativity and nastiness that they engender, but let us give them their due as they help us stay connected to one another, as I am connecting to you today.

While we are not indebted in the same way to Internet engineers as we are to medical first responders and those who have to work through this crisis, like grocery store cashiers and police officers, let us also give Internet engineers a pat on the back for helping people self-isolate physically, without having to self-isolate socially.

And by the way, those medical research results I mentioned earlier are being shared by researchers with other researchers in a very timely fashion thanks to the Internet.

Should I have that IoT device on my home network?

Yesterday I wrote about my cousin’s smart oven, and the risks of having it networked. Does this mean that you should have no IoT devices in your house? If not, how should you decide which ones are worth connecting? Here are three questions you might want to ask.

Does connecting the device to your network offer you any perceptible value?

Sometimes the answer is going to clearly be “yes”. For example, if you are taking a vacation in the middle of the winter in some cold place, you might want to know that your home’s heater broke down before your pipes froze. Having a thermostat configured to alert you to this fact might prove very useful. On the other hand, if you are in a place where such a concern is unwarranted or you would have no reason to worry about such things, maybe that same device does not need connectivity.

Will the device function correctly without connectivity?

Don’t expect an Amazon Echo to function, for instance. There is a reason why a great many IoT manufacturers are requiring Internet connectivity for their devices: the more intelligence they can move into their servers, the less intelligence is needed in the device itself, making it cheaper to build. If you are going to have a function like this in your house, this is actually an environmentally friendly way to go. Fewer parts require fewer resources used to build and to later dispose. But if a device does function properly and fully without Internet connectivy, why plug it in?

Does that device need continuous Internet connectivity?

You are unlikely to connect and reconnect your television every time you want to watch a video, but maybe you only need that thermostat connected while you are on vacation, for instance, or maybe an appliance needs a firmware update via the Internet. Occasionally connecting a device may make sense. However, take care: if you only plug in devices while you are on vacation, someone may be able to notice that and choose that time to break into your home.

Some Internet routers have the ability to block devices at certain times. Typically this is used to limit children’s access. However, one can also use these filters for other purposes. The problem is that this is nearly as annoying as having to deconfigure devices themselves. I’ll discuss this more in the near future.

Think before you buy!

The risk to your home and your privacy is real. Realistically, however, you will have some IoT devices in your house. Think about what value you derive from them, and what can go wrong if they are attacked before you buy.

Would you want your cousin using a connected oven?

Recently my cousin installed a smart oven into her home. It is top of the line. She wrote on social media that it texted her to tell her that it needed to clean itself, which it did before her second cup of coffee. How cool is that?

I immediately feared for her safety. Here is a slightly edited version of what I wrote to her:

IoT is a nice convenience, but there are a few things you should know. First, I guarantee that there are vulnerabilities in the device, even if some have yet to discover them. This is true for *any* connected device. Those vulnerabilities may be exploited at some point. What will happen then?

First, it’s possible that attacker could simply disable the oven. They probably won’t do this unless they are able to communicate with you. But since the oven seems to be sending you messages, it’s possible that they will do this and ransom you to re-enable it. (If that happens, don’t pay.)

Whether or not you can control the oven from the app, don’t think for a moment that hackers won’t be able to gain that level of control. That presents a far more serious risk: a fire, especially if the hackers are able to detect that the cooking temp is supposed to be 350, and turn the thing up to broil or clean.

The other thing that will happen is that the oven will attack other Wifi-enabled devices in your house or elsewhere. If you have a Wifi-enabled thermostat, maybe it will attack that. Some of those devices have cameras and microphones. The attackers aren’t going to be nice about what information they collect. They’re out to make money or worse.

Will any of this happen? Yes – to many people. Am I being paranoid? Maybe a little. Appliance manufacturers may know how to make excellent oven mechanisms, refrigerator compressors, stove top elements, etc, but they generally know very little about Internet security and their risks. Even those who know a lot get it wrong all the time, simply because we’re human.

And so are you gaining any great convenience by having the Wifi turned on, apart from a 5:30am wake up call to let you know that it needs to clean itself? If yes, you have a trade off to make. If not, just disable its darn Wifi.

This is how I feel about technology and the ones I love. Presumably you have some of those. There are definitely times when IoT is necessary, and when convenience is probably worth the risk. But consumers really need to think about this long and hard, and we professionals need to provide them a decent decision framework. I’ll talk about that next.



Internet Balkanization is here already, Mr. Schmidt.


In the technical community we like to say that the Internet is a network of networks, and that each network is independently operated and controlled. That may be true in some technical sense, but it far from the pragmatic truth.

By ProjectManhattan – Own work, CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=39714913

Today’s New York Times contains an editorial that supports former Google CEO Eric Schmidt’s view that the Internet will balkanize into two – one centered around US/Western values and one around values of China, and indeed it goes farther, to state that there will be three large Internets, where Europe has its own center.

The fact is that this is the world in which we already live.  It is well known that China already has its own Internet, in which all applications can be spied by the government.  With the advent of the GDPR, those of us in Europe have been cut off from a number of non-European web sites because they refuse to comply with Europe’s privacy regulations.  For example, I cannot read the Los Angeles Times from Switzerland.  I get this lovely message:

Unfortunately, our website is currently unavailable in most European countries. We are engaged on the issue and committed to looking at options that support our full range of digital offerings to the EU market. We continue to identify technical compliance solutions that will provide all readers with our award-winning journalism.

And then there are other mini-Internets, such as that of Iran, in which they have attempted to establish their own borders, not only to preserve their culture, but also their security, at least in their view, thanks to such attacks as Stuxnet.

If China can make its own rules, and Europe can establish its own rules, and the U.S. has its own rules, and Iran has its own rules, can we really say that there is a single Internet today?  And how many more Internets will there be tomorrow?

The trend is troubling. 

We Internet geeks also like to highlight The Network Effect, in which the value of the network to each individual increases based on the number of network participants, an effect first observed with telephone networks.  There is a risk that it can operate in reverse: each time the network bifurcates, its value to each participant decreases because of the loss of the participants who are now on separate networks.

Ironically, the capabilities found in China’s network may be very appealing to other countries such as Iran and Saudi Arabia, just as shared values around the needs of law enforcement had previously meant that a single set of lawful intercept capabilities exists in most telecommunications equipment.  This latter example reflected shared societal values of the time.

If you believe that the Internet is a good thing on the whole, then a single Internet is therefore preferable to many bifurcated Internets.  But that value is, at least for the moment, losing to the divergent views that we see reflected in the isolationist policies of the United States, the unilateral policies of Europe, BREXIT, and of course China.  Unless and until the economic effects of the Reverse Network Effect are felt, there is no economic incentive for governments to change their direction.

But be careful.  A new consensus may be forming that some might not like: a number of countries seemingly led by Australia are seeking ways to gain access to personal devices such as iPhones for purposes of law enforcement, with or without strong technical protections.  Do you want to be on that Internet, and perhaps as  importantly, will you have a choice?   Perhaps there will eventually be one Internet, and we may not like it.

One thing is certain: I probably won’t be reading the LA Times any time soon.

My views do not necessarily represent those of my employer.