Bruce Schneier: The US government is coming for YOUR code, techies

Open source has won, but victory may be fleeting

OSLS The Open Source Leadership Summit began on Tuesday amid roads closed by a landslide: held in The Resort at Squaw Creek near Lake Tahoe, California, it was not easily accessible to attendees traveling Highway 80 from the San Francisco Bay Area.

During his opening keynote, Jim Zemlin, executive director of the Linux Foundation, made light of the mudslides that brought traffic to a crawl near Donner Pass on Monday evening. The trip at least was less arduous than it was last year, he said.

Zemlin's remarks amounted to an open-source victory lap. Some 99.4 per cent of the world's high performance computing systems, 90 per cent of the world's stock exchanges, and 64 per cent of mobile devices run on Linux, he said, adding that the foundation's projects have created $14.5 billion worth of value, as measured in cost per line of code.

The foundation's mission, to create the largest shared technology resource in the world, is accomplished, more or less. Open source has won.

But the road ahead for open source, and for software development in general, looks much like it was for conference attendees: if not closed then littered with obstacles.

Security expert and doomsayer Bruce Schneier – speaking by video owing to RSA Conference commitments in San Francisco and perhaps prescience with regard to seasonal travel challenges – predicted that the government is coming to handcuff coders.

"We all had this special right to code the world as we saw fit," said Schneier. "My guess is we're going to lose that right, because it's too dangerous to give to a bunch of techies."

'What we're going to see is increased government involvement'

Schneier's argument follows from accepting Marc Andreessen's observation in 2011 that software is eating the world. "As everything turns into a computer, computer security becomes everything security," said Schneier.

Schneier likened the internet to a giant robot, one capable of affecting not just the virtual world but the physical world, too. "As our internet affects the world, the threats become much more real," he said.

Software flaws that may once have been capable of crashing applications have the potential to crash cars, planes, medical devices, appliances, and other connected infrastructure. As a result, Schneier contends, the restrictions and regulations that attempt to defend against real world risks will be placed on the tech world.

"What we're going to see is increased government involvement," Schneier said. "Because that's what happens in the world of dangerous things."

The physical threats arising from connected things will spur regulators to act, not to mention actual robots walking down the street, Schneier said. "Nothing motivates the US government like fear," he added, pointing to 9/11 and creation of the Department of Homeland Security.

Schneier said at the RSA Conference he plans to call for the creation of a new US government agency to sort through the issues arising from putting software in everything. It's not good enough to leave these decisions to the Federal Trade Commission, or those regulating cars or medicine, he said.

The choice is between smart and stupid government involvement, Schneier insisted, warning that it would be easy to imagine a liability regime that would kill open source software.

"We're in the process of screwing a lot of this up," said Schneier, who urged technologists to get involved in government and the legislative process in order to shape the debate. "We need to start making more ethical and political decisions about how technology should work." ®


Biting the hand that feeds IT © 1998–2017