FUD Clubs and Cookie Clubs
If your physical world – your home and your kids’ schools and your neighborhood etc. – were controlled by large distant organizations, you would assert your right to be free of such manipulation, wouldn't you? After all, our freedom comes from our willingness to assert our right to freedom.
Let's be blunt. Our passive acceptance of what happens in our computers and phones has led to their control by a gang of corrupt organizations.
Are we talking about botnets, those networks built by planting malware in your computer to turn it into a server of spam and more malware?
Sure, that's part of it. But there's more to it.
Why is your computer so receptive to malware? How did such a bad design get so widely accepted by the public?
It all started with the assumption – the correct assumption – that in order to make computers appealing and useful to growing numbers of people, the vendors had to find ways manage the details of their operation from afar. The software that came installed on your computer, and the software you bought and installed, was designed to allow its maker to come in and update the product when needed, without bothering you with a lot of information and choices that you didn’t want to fill your head with anyway.
So far so good.
But that left those who provided the software with a lot of power – power to control your perceptions, power to influence additional purchases, and power to intrude upon your information spaces for purposes that had nothing to do with making your computer a more effective tool for you.
Lord Acton’s famous observation that “Power corrupts; absolute power corrupts absolutely” is ably demonstrated in the behavior of the architects and builders of our information homes, our second homes.
If the resulting design had been somehow subject to participatory due process governance, including a strong and visible set of ordinances to which outside developers were compelled by public authority to adhere to, then that would have offset the tendency of unchecked power to enrich and corrupt. Those who would use the system to go “over the line” to proliferate malware and spam and predation and phishing attacks could have been stopped.
“Over the line” is in quotes because the line between commercial adware and flash cookies on the one hand and fraud and burglary on the other just doesn’t exist. Where does commercial adware become illegal spying? Answer: there is no boundary between the two. Perhaps the plantation owner blesses one with a “partner” designation and withholds it from the other. The questionable activity of both can be identical.
But of course there was nothing participatory about the governance of what was soon to become the plantation, including your part of it, your residence, that is, one of the open shacks out back. Instead, the plantation owner-to-be was free to use that increasingly important window on the world to continuously enhance his position of power and profitability.
To build a plantation, one needs partners. A plantation owner can’t do everything by himself. Just as a 19th century cotton plantation owner depended upon cotton buyers and seed vendors and slave auction houses – what today would be called an “ecosystem” – for services that made the plantation viable, the digital plantation owner depends upon app developers and VARs and certification program participants who prosper by adding value to the plantation and making it viable. A common observation among economic historians is that individual farmers did not choose to employ slavery; rather, the economic infrastructure – the ecosystem – made it the only viable choice for the Southern farmer.
Similarly, if you want to play in the “eyeballs and clicks” ecosystem, you have to accept slavery, that is, participation in ownership of your subject’s information life. The plantation owner’s need for ecosystem partners is made clear in Steve Ballmer’s plaintive chant to his team in the famous “Developers, Developers, Developers” video . What does it take to bring developers into the Windows ecosystem to help build the viability of the Windows plantation? It takes developer-friendly application program interfaces and library services and all sorts of things that help outside parties take advantage of an ecosystem built upon slavery.
Let’s take a look at some of the groups we’ll find in the plantation ecosystem.
FUD Clubs
If you use a computer you've surely been a target of a FUD effort. Most computer industry professionals are very familiar with the use of the FUD Factor: Fear, Uncertainty and Doubt.
FUD tells its practitioners to ensure that behind a facade of simplicity there are enough confusing gotchas in a computer to confirm the user's belief that this stuff is too complicated for him or her to understand. That makes the computer user permanently dependent upon a class of hardware and software vendors and their “VARs,” or dealers and systems integrators; participants in the plantation’s ecosystem. Members of the support staff at the VARs have each been trained on the secrets of a particular piece of software and have been branded with a certification mark of permanent fealty to the plantation owner.
Think of the certified support people as white-coated household servants in the mansion on the software vendor's plantation. That would make us computer users the inhabitants of the shacks out back. You know how it is with those of us who aren't allowed into the mansion – they don't tell us much because they don't want us to know much.
The FUD clubs make sure that what happens in your computer, what you see on the screen, the tools you are given to work with – it all works together to ensure that you stay down on their plantation.
Q: What’s the difference between a FUD attack and a phishing attack?
A: FUD attacks are perpetrated by organizations with corporate charters and brand names. Otherwise there’s no difference.
Cookie Clubs
Cookie clubs are very informal groups whose members share information about you behind the scenes. Members of cookie clubs place innocent cookies in your computer that by themselves only connect a session in their records with your particular machine. Not much information there.
But later those members assemble all those scraps of cookie information and other information about you to get a complete picture of everything you do online. Some of them come to the cookie club table with information gleaned from "adware" that they planted in your computer. Adware is really just a nice name for the nicer versions of spyware. Nothing is off limits to spyware.
Reputable companies don't steal bank account numbers and passwords, of course. Reputable companies simply see to it that your computer's software enables manipulation and spying. Of course when the real crooks come in behind them to steal your money, the companies that had ensured that your computer was open to spyware become suddenly oh so concerned about your security. "Here, our new anti-spyware package will protect you, just click here and enter your credit card number and you can download it right away. Your first month is free. (After that just try to avoid our automatic renewals.)"
The Visible Part of the Cookie Club Iceberg
Companies such as Hitwise and WPP (which purchased Taylor Nelson Sofres which purchased Compete Inc.) pay your ISP five dollars a month for what they of course claim is just your clickstream data. (As an added service they’ll introduce you to someone who will show you how to un-anonymize those anonymized clickstreams by for example overlaying them with MOSAIC profiles from Experian.) According to Kaspersky, “[botnet generated] Personal data sufficient to open bank accounts under false names costs between five and eight dollars for a US citizen, or three times this amount for a EU citizen.” So, similar economics for both the indirect and direct forms of burglary.
The cash transactions in that part of the burglary business make it visible.
The much less visible cookie clubs apparently work on a barter basis. With the cookie clubs there’s no need to maintain the façade of a distinction between the legal and illegal parts of burglary.
Who's To Blame?
If that seems bad, then remember that we invited the FUD clubs and the cookie clubs into this part of our lives by being so passive about the online spaces that we inhabit and the computers which we use to travel to those spaces.
Imagine if your home were managed this way. Imagine if you left your doors open to a variety of builders and construction materials vendors that had some role in the design and construction of your home. Try to picture them assuming that they will be permitted to come in and rewire your house whenever they feel like it, to change the appliances around, move some walls, go into your desks and file cabinets, examine their contents, place a few pieces of paper in there for their own use next time they decide to barge in, etc.
Would you tell them, "you really know more about household management than I do, so I trust you to do whatever needs doing. You don't even need to inform me that you were in there...”?
We gave precisely that degree of latitude to the "reputable" organizations that "manage" the online facilities that we inhabit. In some cases we gave them permission to bring in their “partners” as well.
That would be bad enough. But what we have now is worse than anything that was imagined by the FUD clubs and cookie clubs.
Very simply, what we have in our computers now is organized crime. There's a good chance that your computer is running software that makes it part of a worldwide organized crime network, a botnet. The botnets will inevitably join together because, as we all know, there can only be one mafia ruling a given turf, which in this case is the whole world.
The name I have given to this new über-botnet is Arpanet III. The original Arpanet was the precursor to the Internet, designed specifically by the U.S. Defense Advanced Projects Agency as an experiment to determine whether a network could be designed to survive enemy attacks, to keep moving information moving even after many of its servers had been destroyed or disabled.