Whose Security Is Best?

I woke up this morning to an email from Amazon confirming that I’d just bought Bruce Schneier’s new book, ‘Data and Goliath‘ whilst I was sleeping. Ah, the wonders of forgetting you’d pre-ordered a book way before its release date…

Anyway, there’s obviously little I can say about the book as I’ve still to read it. But I can however recommend another great essay from Schneier which he posted recently on his blog: ‘Everyone wants you to have security, but not from them‘.

As I wrote yesterday, there’s a general confusion about encryption. As Schneier points out in his essay, it’s too simplistic to say that the big tech companies don’t want your data to be secure in some way in order to have their wicked way with your information. Instead, it’s far more accurate to say that companies such as Facebook and Google are constantly striving to become the single place where you deposit all of your valuable data – so that they can then protect it alone.

But of course, move ahead with that ‘single point of failure’ model and we run the very real risk of significant breaches occurring at some point or another in the future, as Lenovo discovered to their (and their customers’) cost last week. Or from secretive actors breaking into such systems and inevitably compromising the system for all participants regardless of what their motives might be, such as the Gemalto break-in whereby the encryption keys for billions of mobile phones were stolen.

It’s a binary choice that we have. Security or surveillance. Privacy or convenience. And until MaidSafe launches, the likely outcome under the current architecture of the internet doesn’t look too appealing.