Saturday, January 19, 2008

Open Environments and their Discontents

Perhaps the most impressive thing about wisdom-of-crowds ideology is its robustness in the face of all efforts at refutation. Whether it involves the academic intricacies of James Coleman's efforts to analyze the "micro-to-macro problem" or blatant examples of abuse, such as the ease with which the CIA was able to edit Wikipedia entries to propagate their particular version of "truth," there is a dogged persistence to what I now call the "we-are-smarter-than-me crowd," which is nothing is not admirable. Indeed, my epithet is the title of a book that purports to embody its philosophy as a result of having been written through a wiki. This week, however, we were confronted with a new genre of refutation, which has less to do with the nature of the content that arises from wisdom-of-crowds practices and more to do with flaws in the technologies that enable those practices.

The problem, which I read about on Net News Publisher, is that "on Wednesday, January 16, 2008, two users, one anonymous and the other only known as MODX added code onto Wikipedia for a computer virus known as the LoveLetter virus or the ILOVEYOU virus." My immediate reaction was, "Why didn't I think of that?" I did not mean, "Why did I not make my point by using the openness of a wiki to infiltrate it with malware?" Rather, I was kicking myself for assuming that any environment used as heavily as Wikipedia would have some combination of technologies and practices to insure its technical integrity, whatever horror stories I may have read about its content. In retrospect, given my personal experience with how electronic mail systems "protect" me from spam, I now realize how naive I was. I had forgotten Udi Manber's precept (formulated back when he was at Yahoo!) that spam protection is like an arms race: Every new strategy for protection begets one or more new strategies for attack. So it is with the infrastructure of an open environment, such as a wiki; and the reason the hyperlink in this paragraph points to Net News Publisher is that I am now feeling a bit paranoid about the Wiki News site, from which the Net News Publisher admin acquired the story. (For those who share my paranoia, the above quotation was not typed in by hand. I did use cut-and-paste; but I pasted it into FrontPage and then selected the Text Only option. I am sure this is not foolproof, but I shall then be doing a text-only copy into my Create Post Blogger page. All this makes me reasonably confident that I am not spreading any malware by writing this post.)

The consequence is a reminder that those of us who try to use the Internet as an information resource have to worry about more than whether we are receiving signal or noise. We also have to worry about whether or not we are interacting with a resource that may be infecting us with malware. It is not just a matter of caveat lector but one of caveat utilitor: We have to be wary users, equipped with the most up-to-date tools that ensure the integrity of the computer we are using. Meanwhile, we find ourselves in an environment in which the very act of sharing, however beneficial it may be under a micro-to-macro analysis, is potentially dangerous. For my money this means that, whoever pulled off this Wikipedia infection has perpetrated an act of terrorism as successful at the 9/11 attacks. Even if we were not personally damaged by the act, we are left wondering what will come next and whether it will be coming for us.

At this point I have to be as pragmatic as I have suggested we need to be about the caveat lector precept. I suspect that my own pragmatism in this case goes back to my reading of Rashomon, slightly modified to, "These things happen, but life goes on." I shall continue to keep my machine maintained with up-to-date protection software; and I shall continue to be wary about "where I choose to click." I shall also continue to contribute to sharing practices in good faith, as I am doing by writing this. I refuse to crawl under a rock and wait for the passing of all once and future threats!

1 comment:

Anonymous said...

Call me paranoid or careful but I have always tried to use 'copy and paste' in text format mode therefore avoiding most problems associated with HTML. When I need to use HTML paste I will check the code produced to see if there is anything suspicious.I run Netscape with a script blocker for editing. I have enough coding experience to find most things such as hidden redirects but I certainly am not perfect and run on the premise that one day a problem may slip through. Hence my backups and backups of backups etc.

Terry
NetNewsPublisher