The "Flame" worm has been found on thousands of computers throughout the Middle East and especially in Iran. It is, according to the computer security experts, Kaspersky Labs, a hugely sophisticated piece of snooping gear.
How does it work?
Imagine this: you have your laptop on, connected to your wireless Internet. Maybe you're in the kitchen at home. You're not using the laptop and as far as you know, it is just in its usual "waiting" state. Maybe there'll be the ping of an email coming in. You're at home talking to your partner. Maybe you're talking about her high-powered work in some international organisation. Unbeknownst to you, the Flame worm that your laptop has been infected with has switched on your laptop's microphone. It is recording everything you and your partner say, packaging it up, and sending it back to a complicated dark network of "handler" machines.
These machines crunch away, turning speech into text, filing the conversations and associating them with all the files on your computer that Flame has also downloaded for its handler. Flame, of course, picked up all your Internet passwords, so the material you have in the cloud is added to the mix.
And the algorithms whirr away - the same sorts of algorithms that Amazon use to forecast what you might like to buy, given your purchase history - but now the algorithms are producing correlations like: "... talks about the Iranian nuclear program ... buys Amazon books about modern art ... transfers money to Lebanese bank account ... partner works for National Iranian Oil Company ... reads a lot of contemporary Persian poetry ... probability of being a helpful sympathiser: 74.3%"
So what's wrong with this. Snooping will always be with us, and this particular method is not going to spill blood. Isn't it better than the bad old days of cloaks and daggers?
Here's the problem. The technology for "Flame" is advanced, but not rocket science. I imagine that there are already versions of malware like this working for organised crime, nastier regimes than ours etc. One of these days, there'll be a mass emptying of bank accounts by one of these machines. There'll be cyber-racketing, where you'll get an email that some bean or other is about to be spilt to your employer or loved ones if you don't pay some modest protection fee. There'll be threats of setting you up with illegal, even criminal files on your computer unless you submit to the racketeer's demands ...
And how will sensible people react to this? We'll accept restrictions on our online freedoms; we'll ask for secure networks and secure devices; we'll even be happy to have centralised authentication databases. Because the horror of true lawlessness on the wires will just be so great.
Jonathan Zittrain saw this coming. His great fear, in "The Future of the Internet and How to Stop It", was that the key ingredient of generativity of the Internet- the openness of standards and basic protocols - would be jeopardised by exactly this sort of development. He still hoped - the book is now a couple of years old - that liberty could be preserved by returning to the founding (web) fathers' (parents) way of doing things: informal groups that produced technical solutions based on cooperation and consensus.
I have to say that at the time I thought he was exaggerating the danger to generativity - most people don't care enough about security, I thought, and most people are so irresistibly drawn to all the goodies that the generative, open web produces, that there was no real risk.
I've changed my mind, and I'm pessimistic. When this technology is made available to all and sundry with nefarious intent, as opposed to just a few, we will scuttle for safety, and therefore authority.
Get our weekly email