New Media Knowledge
Christmas Lecture, 9 December 2002
Duh! Of course it
is - at least, it's killing one way of building a public network, the
one that is inherent in the Transmission Control Protocol and the Internet
Protocol, the one I grew up with. The one I value.
Thank you, suckers
But let's not forget
that we'd be nowhere without business, without the commercialisation
of the academic Internet. By 1990, when work started to turn what was
still a university research network into something that could be used
by business and even individuals, the original Net had run out of steam.
We tend to forget this,
but at the time it was only being used by a few hundred thousand people
around the world to exchange email, copy data files and experiment with
distributed processing projects. We were talking about how networks
would change the world, but the Net itself was not really seen as the
long term future of networking or the basis for the 'information superhighway'.
The telcos had their
own network services, called VANS (for Value Added Network Services)
based around the X.25 protocol; governments and major corporations had
signed up to OSI, the Open Systems Interoperability network protocols,
a heavyweight architecture for serious networking. Nobody expected TCP/IP
- more properly called the Internet Protocol Suite - to depose all comers
and establish itself as the glue for the network world.
Even as late as 1994
we were debating whether the Internet would be able to evolve into a
network for the world or whether it made more sense to start with something
new and implement Al Gore's vision from scratch.
If it hadn't been for
the greed of the first few commercial Internet Service Providers, who
realised that they could get hold of leased lines from telcos, put a
router at each end, get a class C address for free and start offering
TCP/IP service a lot faster and cheaper than X.25, OSI or any of the
others, then none of this would have happened.
At the time I was working
for a Cambridge-based ISP called PIPEX - the Public IP Exchange - and
although it was selling lots of connections customers often didn't know
what they were supposed to do with them.
Then the first dialup
providers found they could take a quick and dirty implementation of
TCP/IP - Demon users may remember K9Q, WinSock was the first I used
- a bank of modems and a Sun box and offer a halfway acceptable service
to home users. They could even make money out of it.
And in late 1993 the
World Wide Web got the <IMG> tag, the Mosaic browser became moderately
stable, and the whole thing exploded.
the early 1990's turned the Net into a viable global system. And four
years later the stupidity, greed and technical illiteracy of the venture
capital community, coupled with the duplicitousness of the banks and
financial institutions who channelled billions of dollars from private
investors to dotcom startups, fuelled the explosion in Internet infrastructure
that we see around us today.
When we look at the
scale, complexity and sheer beauty of today's Internet, one of the most
complex machines we have ever constructed, we should thank the people
who spent so much on it all -and think of the millions who made so little
Far from 'killing'
the net, I think we should acknowledge just how much we owe big business.
If the people behind the large corporations had had a little more sense,
if they hadn't been duped by the cheerleaders of the dotcom revolution,
and fallen for the flawed analyses of the marketistas, then we would
not have today's Network.
I think we should say
thank you to them all - and especially to George Gilder and Nicholas
Negroponte, the two men whose mistakes made it all possible. Thank
you, guys - and thank you, suckers, for the infrastructure your money
This is not to claim
that the Net is perfect, or that it's evolution is guaranteed to take
us to the sun-filled uplands of the information society. Far from it:
the network today faces major threats from many sides, and is close
to falling apart under the weight of its own contradictions. Unless,
like capitalism, it can reinvent itself.
IP vs. IP
The network we built
with the foolish people's money has an architecture which expresses
certain liberal values, to do with lack of centralised control, support
for freedom of speech, openness to innovation, and resistance to monopoly
- either cultural, economic or technological.
These values are implicit
in TCP/IP and the way the net's protocols interact - anyone can write
an application that uses IP datagrams to communicate across the Internet,
and the stack has no way of knowing or caring what application is creating
or assembling the packets it moves from node to node. This is what the
end-to-end principle really means: it is not an abstract philosophical
issue but a case of what facilities are available to programmers.
Now this is not, in
itself, enough to guarantee that the Net will be a force for social
good. After all, the lack of any real control over content or applications
makes today's Net extremely porous, and subject to colonisation by a
dominant culture. US hegemony over the Net is clear today, and is most
apparent in the blind acceptance of what Richard Barbrook terms the
'California ideology' in almost any discussion of network regulation
I don't accept that
ideology; I don't accept US hegemony. But the real problem facing the
Net today is not caused by the assertion of US cultural value over an
essentially open network - it is caused by the concerted efforts of
governments, corporations and communities to take the open network away
and leave us with something which has those same values hard-wired into
the network architecture.
This is possible because
what programmers have built, programmers can take away. The businesses
who want to make use of the network which they - or their now bankrupt
former competitors - so expensively built have realised that they would
like more control than this architecture allows, and they are putting
the technologies in place to make this possible.
complex that currently dominates US policy making and drives the government's
agenda has realised that the operation of the Internet Protocol - my
favourite form of IP - is potentially very damaging to its ability to
control its own favourite IP - intellectual property.
The result is that
the network is being redesigned to allow greater control, with such
innovations as trusted computers, signed code and content, digital rights
management and protected systems.
There are good reasons
for building trusted systems - I'll come to them later - but there are
also bad ones. An architecture of control is only as good as those
who implement it, and the people who want to be in charge of tomorrow's
network are not interested in freedom, truth or justice.
Yet these people are
asserting control over technology and legislation. In the USA and Europe
laws are being written (or have already been passed) to provide a degree
of protection for the control mechanisms implemented on top of these
technologies, and the freedoms which IP once offered are being stripped
The driving force behind
this is not an attempt to make the Net safer or more secure for users
- for the five and a half billion people who have yet to use the Net.
It is an attempt to assert control.
are seeing the beginning of a clampdown on how we use the Net that resembles
the restrictions on freedom of movement last seen in this country during
the1939-45 war - only this time the restrictions are being imposed in
the interests of Disney, AOL Time Warner, Sony, BMG and the rest of
the entertainment companies.
are seeing the dot.commons being destroyed as our freedom to play, experiment,
share and seek inspiration from the creative works of others is impeded
so that large companies can lock our culture down.
We are seeing the destruction of the public spaces defined by the Net
As often happens, common goals create unlikely alliances. Monroe Price,
in his recent book <> argues that the Western countries are looking
with interest at the way the Net is regulated and controlled in China,
Singapore and other undemocratic regimes. Not because they oppose their
actions, but because they are looking for inspiration
This is a tragedy for those of us who operate in those public spaces.
It is the equivalent of the enclosure of common land in the 18th
century, depriving the people of space to graze their animals and grow
I fought the law
We must fight back
The starting point
is a restatement of the principle that copyright is not an inalienable
property right as claimed by the music, movie and publishing industry.
While moral rights are - or should be - absolute, so that no-one has
the right to change my work, publish it without attribution or force
me to publish it, the monopoly on commercial exploitation of the work
is a state-granted license intended to promote creativity.
It can - and should
- be modified if it ceases to serve the public good. We have allowed
the entertainment cartel to seize control of the means of reproduction:
it is time to take them back into our hands.
means fighting for fair use, for the right to take bits of other people's
work and use it creatively, to comment on it, and to build on it. It
means resisting the Digital Millennium Copyright Act and the European
Union Copyright Directive and the precedence they give to technological
copy protection measures over copyright as a bargain between the creator
and the public.
Fortunately those of
us who believe in these freedoms have some powerful friends. The IT
industry is vastly larger than the music and movie industries put together,
and it does not want to see systems crippled by the need to build in
limitations on their use. Not being able to play CDs in a computer
may be an irritation at home, but having to get AOL Time Warner's permission
to burn a DVD of an advert you're creating for a client, or get Microsoft
to sign the code you're writing for a mission-critical accounts system
is just unacceptable.
The entertainment industry
has had decades in which to establish its influence over US and EU politicians
- and they are the ones who matter most because they give the lead to
the rest of the world. The IT industry has not tried so hard, because
by and large it has not been regulated or legislated for separately
from other large industries. There is no Federal Software Commission
or OfSoft, no British Hardware Corporation or Public Processing Service.
Once the laws start
to have an impact then the IT industry will fight back, and its pockets
are deep and its voice will be loud. I do not think we need to worry
about the entertainment industry and its copyright theft nearly as much
as we have been worrying, because the gains they have made in the last
five years are temporary and will be rolled back by Apple, Sun, Intel,
AMD and even - yes, even - Microsoft and Sony, who will prefer the money
to made in the real world to the small change of the content business.
What will that do to
movie-making, music production and writing? I have absolutely no idea,
but I do know that we seem to want to create stuff, and that making
money out has rarely been the motivation for great art. If the world
never saw another Arnold Schwarzenegger movie, Tom Clancy novel or Robbie
Williams album I really don't think we'd be missing much - do you?
So I don't think we
should worry about attempts to introduce digital rights management,
or be paranoid about every trusted computing initiative. I want secure
processors, trustworthy system and signed code - and I don't think it
has to be resisted just because of our exaggerated fears of the copyright
Being able to use,
copy and adapt other people's work - within limits, of course - is vital.
But there is more to freedom online than just being able to rip CDs,
exchange MP3s or cut and paste from ebooks.
We also need to ensure
that we have the same rights to freedom of expression online as we do
offline. I've been criticised in the past for saying that regulation
of the Net is not only inevitable but desirable - but that does not
mean we should accept harsher controls over what we say or do online
than we would expect in the street or in our homes.
I want us to think
differently about the Internet, to acknowledge that it has to be regulated
and controlled if it is to serve the interests of the many rather than
the few; that freedom from viruses and worms and spam is important too.
We need a new settlement for the online sphere, one that acknowledges
the needs of all users and not just the cyberlibertarians and the netheads.
We need compromise, and recognition that the net is not just an online
extension of a particular anti-government US approach to personal liberty.
A regulated network
does not have to be some sort of online police state: the tools of repression
exist in this country already but we are resisting their deployment
in the real world. I have campaigned and demonstrated and resisted
for almost a quarter of a century - I may not have done much good, but
I fought for what I believed in, and I was willing to break bad laws
to do that.
We do not need to naively
claim that government always gets it right. Things do go wrong - look
at the damage done to civil liberties and the constitutional settlement
by the President and Congress of the United States in the USA PATRIOT
Act. However I do think we should retain a belief in government and
the power of the state to do good as well as harm.
A big problem for anyone
who proposes changes to the way we think about the Net is that it is
too easy to see it as a new world, a separate space, a place where old
ways do not apply. There is a great temptation to take the idea of
'cyberspace' - William Gibson's word for the space defined by all the
connected computers in the world - and treat it as if it was really
But it isn't. It is
an abstract concept, a useful catchall for describing all the many ways
we interact with each other over the Network, a concise and valuable
way of thinking about the whole range of activities which we carry out
It is not real. In
philosophy we call this process of taking something abstract and treating
is as real 'reification'. We must not reify cyberspace the way many
mathematicians reify numbers, treating them as if they exist in some
separate Platonic world of ideas, waiting our patient efforts to uncover
Treating the Internet
as a place - as Clay Shirky argues we should - rather than just a communications
channel is a useful way of conceptualising it. Acting as if it is a
separate universe is just foolish: the space defined by the Net is an
extension of our real world, and it inherits many characteristics from
that real world.
It is also dangerous
to fall for the idea that the Net has any essential qualities. Again,
this is a common philosophical position, and not one I have very much
sympathy with. Essentialism is attractive - we all think we know what
makes something a table, or what counts as human.
But once you look closely
you find that none of the supposedly 'essential' qualities is really
necessary: a comatose victim of a road accident lacks consciousness
(and perhaps even a cortex) but we do not therefore treat them as we
do other animals; a step can be a table for someone picnicking in town.
Lawrence Lessig and
I agree that networks have no essential qualities and can be reshaped
in whatever ways we, their creators and regulators, choose.
I suppose in my more
romantic periods I would like to reserve the word 'Internet' for the
network that existed between January 1st 1983 and next month
- the twenty years of the free network - and find another word to describe
the corporately controlled, monitored, surveilled, regulated, bordered,
signed and certified network that we are now building.
Perhaps we need to
do a search and replace on the Web and USENET on January 1st
what? What should we
call it? Neal Stephenson named it the Spew, and the space it defined
the Metaverse, but neither of these captures the spirit of control that
defines it now. In Terminator we had SkyNet, but that was not doing
the same thing at all - looking after nuclear missiles is not the same
as censoring Websites. I think we should look elsewhere, to Orwell
and Big Brother, Zamyatin and his glass houses, Bentham and his Panopticon.
Perhaps we should just call it The Matrix.
Working for the Clampdown
But whatever we call
it - I am open to suggestions here, so get texting - we need to recognise
its qualities and work with them. And the fundamental quality of tomorrow's
network will be that it is regulable and controllable in ways that the
old Internet was not.
WinXP, MacOS, Linux, IPv4 and the current generation of routers do not
allow the control that the Net needs if it is to become embedded in
our lives. At the moment most of us think this is a good thing, because
it does not allow corporate control, government interference or excessive
regulation. Anonymity is possible, even if it is hard to achieve. Obfuscation
We need to accept that
this unregulated network is going to disappear over the next five years.
It will be killed by business, by government and by the freely made
choices of millions of people who will select 'trustworthy' systems
over promiscuous ones, regulated ISPs over libertarian ones and 'safe'
applications over ones that can be compromised.
There will always be
ways to break the security of even the most secure processor as long
as Ross Anderson can get his hands on a tunnelling electron microscope.
There will always be
ways to subvert the code signing protocol and get unlicensed code running
on your secure processor.
There will always be
people who play with the technologies and do stuff that is unethical,
illegal and cool.
But most of the people,
most of the time will be using systems that are secured, signed and
regulated. And they will be happy to do so because the benefits will
be great: they will have online access to government services, banks,
shops, schools and other facilities. They will be able to block spam,
viruses and content they find disagreeable. They will feel safe letting
their children surf.
We should not be so
arrogant as to dismiss these many benefits or to despise those who don't
care about running their own code, having secret correspondence or changing
the world. It is the mistake that revolutionaries on the left have made
for generations - it is not one that we should make now.
However, if we are going to have a regulated network then we need to
ask one major question now: who rules? Will the network be run by the
corporations or by governments.
However imperfect governments may be, I know which I'd rather have.
If we want to see how
bad things could get if we let the corporations run the show, then we
have a very recent example: the failed revolution that is P2P
When Shawn Fanning
wrote Napster he took a step backwards and started people thinking again
about ideas that were common currency in 1990, ideas that would have
been widespread had it not been for the computer science disaster that
was the World Wide Web.
People had been working
in distributed systems, object-based programming with communicating
services and peered network topologies for many years before Tim Berners-Lee
came along with his stateless protocols and brain-damaged markup language
and destroyed the dream.
strange names and acronyms like ANSA, CORBA, and the ill-fated OSF were
working on ways to have build peer to peer networks in which nodes would
advertise services and make them available to other nodes, each capable
of being both supplier and user of these services.
But it took ten years
- a decade of wasted opportunities - and a 19 year old kid who was fed
up having to look so hard for ripped off content on his college network
to make the whole thing sexy enough for his peer group to use and public
enough for the lawyers to pay attention and shut it down.
It was about time.
Anyone who has ever tried to get their Website to work with user sessions
will know just how restricted HTTP is, and while Tim may argue that
it was the simplicity of the protocol that allowed the Web to develop,
I still feel that we lost more than we could have gained if we'd had
proper distributed processing for the last ten years.
For one thing we'd
have lost Microsoft along the way: they were incapable of keeping up
with the real work going on in 1992 in computer companies like Sun,
IBM, HP and DEC and only managed to take over the Web because it was
stupid enough for them to understand and based on standards so broken
that nobody really minded if you extended them.
The Web was lost when
Eric Bina and Marc Andreesen added the <IMG> tag and NCSA released
the early source code of Mosaic. It's been downhill all the way since
then for anyone who knows or cares anything about computing.
Still, when Napster
exploded over the Net it looked like the fight back had begun. Unfortunately
Gnutella was the highpoint: an open source, properly engineered, infinitely
subversible attempt to build a proper distributed environment on top
of the existing net - and it even used HTTP's port 80 to get through
corporate firewalls. My, how we laughed.
It was a mistake: we
laughed too soon. Within months, and notwithstanding the sterling efforts
of Tim O'Reilly to be Engels to Fanning's Marx and keep the revolution
on track, it was lost - derailed by the lawyers (Napster) and corporate
accountants (Gnutella) and then sold by the rentier class of net advertisers
and spammers who bundled spyware and adware with every application (Gator),
snuck their own commercial P2P software into the package (KaZaA and
Alter.net) and generally tried to screw money out of anyone and anything
associated with P2P.
The worthwhile stuff
got buried, the cool stuff got written up on NTK and then disappeared,
and the real potential of the system got lost. They didn't even bother
to steal our revolution - they just stole the clickstreams and eyeballs
and that was enough.
Now, like Marat in
the bath, P2P lies bleeding on the floor thanks to the greed of stupid
Americans and gullible users and we must look elsewhere for our salvation.
P2P died in the killing zone between the free market radicals who wanted
to spam the world with ads for penis enlargement and get-rich-quick
schemes and the established players who wanted to keep making money
from their shiny silver discs.
If a government had
stepped in - any government, anywhere - and introduced compulsory licensing
of music product, full compliance with data protection laws and full
disclosure of installed software, then who knows where we'd be now.
Because markets don't work: regulated markets work, and this market
was left to the spammers and the entertainment industry, two of the
smallest-brained dinosaur species in the entire network ecosystem.
Building the Hidden
But there is hope.
To Orwell, in Nineteen
Eighty-Four, hope lay with the proles. To me it lies with the coders.
Like the diggers in the seventeenth century, these are the people who,
with keyboards in their hands, will shape the land to serve the interests
of the many.
These are the people
who weild the only weapon that matters - running code. Like Neo in the
Matrix, but without the cool leather coats and guns (apart from Eric
Raymond, natch) these are the people who will seize the network and
give it back to the people.
I've spoken in favour
of a regulated, controlled and zoned network. I still believe that such
a network is desirable, and that putting control in the hands of democratically
elected governments is far better than putting it in the hands of corporations.
But not all governments are good; not all governments are wise and sensible;
and not all governments listen to reason.
It is therefore necessary
to ensure that, whatever the architectures of control on tomorrow's
network, there is space for subversion, for activism, for stuff that
is not approved, not countenanced by the state, not strictly legal.
And even if we accept
that trusted processors, Palladium-style operating systems, signed code
and authorised content will define the online experience for most people,
most of the time - and that they will accept and even benefit from that
- there needs to be more.
If the Net is a city
then let it have its office blocks, children's parks, schools, tourist
areas and suburbia. But I want seedy dives, places to buy recreational
drugs, smoky meeting rooms in which to plot the overthrow of the state,
and hotels that rent rooms by the hour too.
Let me end my jaunt
through the history of tomorrow's network by telling you how we can
On tomorrow's network
every processor will have a hardware security function that allows it
to check the digital signature on every piece of code it runs.
Every signed application
will enforce a system of control that permits it to check the digital
identifier on every piece of content it is given.
Every physical device
will advertise its real-world location.
Every router will filter
traffic according to type, content and jurisdiction.
This network will have
borders and boundaries. It will be controllable - and controlled. It
will benefit billions of people by giving them simple, safe access to
services, content and tools that will help them live longer, healthier
and happier lives. It will support filtering, censorship and regulation
just as the printing industry or broadcasting supports it.
It will be subject
to political control - and will suffer as a function of that control.
In repressive regimes like China, Saudi Arabia and the United States
of America it will be monitored and subject to state interference. In
the liberal states of Europe then government surveillance will be limited
by statute, freedom of speech will be protected and personal privacy
It will not be today's
network, but inside it we can, if we wish, construct another net, one
which looks and acts like today's Internet.
First, any sufficiently
complicated system can be subverted.
For example, my ISP
is NTL - I have a cable modem - and I am not allowed to run a server
from my network as it uses their precious bandwidth.
However a friend with
a corporate leased line for his small business will let me use his network,
and I can run a Linux box at home which uses SSH to tunnel IP over my
cable modem to one of his routers and out onto the network.
Suppose that all code
that runs on trusted processors has to be signed. Why not write a program
which does for Linux what the Java Virtual Machine does for Java programs
- creates a safe and restricted execution environment for the code.
This Linux Virtual
Machine (LVM) would be certified and safe: it would have limited and
controlled access to the hardware, storage and network interface of
the system running it.
It would read and write
only from 'files' of the registered type 'Linux File System'.
It would have access
to the display through a terminal window or through an X server.
It would talk to the
network but only be able to send traffic via a specified port to other
machines which were willing to accept incoming traffic on that port.
And when it ran it
would read a specified LFS file - and then treat that file as a Linux
filesystem, look for a kernel, load it and execute it. It would be Linux
within a sandbox.
the 'approved' channel would be to other sandboxed Linux systems, and
the traffic sent would be IP datagrams, tunnelled over whatever text-based
protocol was deemed safest or simplest.
The result would be
that all the currently executing LVM-hosted systems would form a virtual
network, hosted within the trusted, controlled and regulated network
but outside the sphere of control.
Within this network
there would be the same freedoms we see on today's Internet - it would
be using IPv4, our existing routing protocols and our existing tools
The network would be
open, and even if it initially required a degree of technical sophistication
to get an LVM running and register it with the virtual DNS which ran
on the newNet, it would not take long before the tools became simpler
and usable by non-geeks.
The community would
be open to all. Of course, the agents of the state would be there too,
but they would find it remarkably hard to monitor, control or close
down - and unless particularly draconian laws on the use of the network
were passed by an authoritarian government, it would not be illegal.
It would be a hidden
city, created in the gaps between the packets on the corporate network.
If we want a networked
future, and we want the network to serve the interests of the whole
world and not just one class or other - neither the geeks or the corporations
- then we have to embrace the regulated net and abandon today's Internet.
Unless we recognise
this and start thinking about how we will exert democratic control over
that new network then we will, by default, leave it to the corporations.
Because the new network will not be a self-organising system, it will
not be some anarchist paradise or even a libertarian cyberstate. If
we do not ensure that the new network is properly incorporated into
existing political systems of control, so that our governments can pass
laws which are effective online and we can use our strength as citizens
to fight for good laws, then we will give up control to the corporations.
We have an opportunity
now that is rarely given: we can see the future, see the shape of the
network in 2010, and start now to build political structures and even
laws that will ensure that the coming network preserves the principles
that we value and is able to serve the real interests of the world's
six billion people. Surely that is worth fighting for?