Schneier on Security: What I've Been Thinking About

how about "Power Lost", Losing Power,
"Denied Service"

Jaron Lanier's new book "Who Owns The Future" has some interesting hypotheses on the rise of surveillance/exploitation of privacy on the 'net.

He posits that it's got a lot to do with other avenues of making a profit being made difficult by the demonetization of information. That one of the few reliable ways of making money is to learn everything that is possible to learn about people and use that information in extracting money from advertisers.

He also has some thoughts on security and encryption and the assumptions that geeks make (that they can protect their own privacy and aren't really concerned about the privacy of people who don't know how to cover their own tracks)

He also has some suppositions on the future of "network elites".

Might be worth a look while you're researching your book.

You could also consider the whole 3d-printing/intellectual property issues as a section of its own, and not just copyright and the bad laws/regulation as a result of that.

I think the ability for people to easily share, copy and reproduce physical objects will be a bigger game changer than the music/video model change has been to corporations. And look how much bad law/regulation has/is emerging as a result of that.

All business models that depend on physical scarcity (used to be cd's for music) could be at threat if 3d printing keeps improving in the coming years, and the internet is still capable of spreading information (defcad for example) freely.

Will all those kind of businesses adapt quickly to make use of the new technologies, or will they lobby for bad regulation/control etc? i think i know what will come first.

Don't forget the continued blurring of physical space and cyberspace through a variety of channels that once would have been science fiction: self-driving cars, image and facial recognition software for security cameras, autonomous drones (your surveillance essays involve these topics). The ability to exercise internet-supported power is going to continue to grow.

For contrast, you could include North Korea - zero internet, but extreme central control.

Cryptoanarchy is a feature not a bug - all power to the anarchists!

You should also check out 'The End Of Power' by Moises Naim and 'The Future Of Freed' by Fareed Zakaria. Very good books on the issues you point out and where both think the world is likely headed.

Under the "ill-conceived laws" section, don't forget to dig into the massively different timescales of technology versus legislation, and the problems that arise from attempts to micromanage the specific technologies rather than the behavior or effect. A good example is the recent increase in laws against texting while driving. The "behavior" is distracted driving, but the "technology" is texting. By the time the laws get passed, texting is already almost obsolete. What about sending e-mail? Updating a twitter feed? Answering a linkedin request? Uploading a video? What about my phone that allows me to send a text hands-free via bluetooth?

Other examples are the ECPA that decided email is abandoned after 180 days. Or the laws that assume a transient cached image of a passing email counts as a "copy". Or the different handling of telephone calls versus a network packet stream (all calls are packet streams these days).

Laws made over the span of years to regulate technology that changes over the span of days, by people who don't even understand what was in place yesterday, are a disaster.

The irony will not be lost on us if you choose to work with a publisher that only releases a DRM-encumbered e-book.

Consider your audience. It may be worth your while to sell a DRM-free EPUB edition.

When I hear the term "cyberwar", I'm - in a way - amused. It seems like the powers that are need a new field of operation, because the old one has become so boring and unthrilling - war has such a tremenduous (social) cost that it's not perceived anymore as a viable means to "solve" a conflict.

so today, the new playing field is "cyberwar". It's the first "war" that depends on infrastructure staying in place - you need an internet connection to your enemy.

I think, cyberwar - despite all bad things that can happen, like power outages - is not as influential and bad as it is thought of. We already have had goverment independent players in the field - hackers. In military combat, those were called mercenaries, but on the internet they're just ordinary people with a special hobby. We have a third party that can influence people on both sides of a "cyberwar". In some way, it's a sport: who can beat whom?

One solution to the "cyberwar" trend would be to host a cyberwar league - a sports league where the best players can show off their skills, become world famous and show everybody how insecure their system is.

The "applianceification" of computers is one of the ways of achieving and increasing the power imbalance between users and computers.

General purpose computers are reduced to eVending machines for leasing access to bits.

Concepts aren't taught, only how to use $VERSION of $APPLICATION to do $TASK.

Privacy and creativity are devalued to the point of users exchanging them for a few MB of online hosting. Even the humble hand-held games console demands internet access to report back to the mothership.

The end result is the deliberate dumbing down of a generation of powerless users at the mercy of feudal security models, with no understanding or expectation of privacy or security.

There are counter-movements; hackerspaces, Arduino, Raspberry Pi, CoderDojo, etc.,
places and communities that build from scratch rather than buy an app.

To the section on iFeudalism and how it shapes society for the worse you might want to add a what to do about?.

Historical civil societies followed to solve the problems mankind had under feudalism. Why not again? The difference: the law needs to come from contracts, not kings.

Read more about cloud systems based on machine executible contracts:

Great Bruce, would you also maybe care to comment on virtual currencies esp Bitcoin and how some of the public ledger type tools might lead to interesting 'trust' models?

Take a look at Brin's 'Transparent Society'. His premise is that some of these issues would be addressed by a regime of mutual surveillance. e.g. the police have cameras everywhere but they are also always on cameras that other people can watch to see that they are up to

I'd encourage you to discuss algorithmic forms of social control. See predictive policing.
Amazon recommends... a visit from the authorities

I'm trying to figure out myself what the world looks like. One thing that I think is going to happen is that the world is probably not going to look hellish to everyone. If we lived in a dystopian future which was bad for everyone, then people would rebel. What's more likely is that we are going to end up in a world which is "comfortable" for most people. It's terrible to be a political dissident or an unconventional thinker in Singapore or China, but most people aren't dissidents or unconventional thinkers.

Duaine: Laws made over the span of years to regulate technology that changes over the span of days, by people who don't even understand what was in place yesterday, are a disaster.

In fact, if there is uniform consensus on something, you can get very fast changes in the law. The trouble is that for most things there is no uniform consensus and it can take years to get something that has enough support to avoid a "blocking" coalition.

There are ways to get around laws. One is jurisdiction shopping in which you make bureaucracy work for you rather than against you. What you do is to sign your contracts in some part of the world with laws that you like.

There is a big legal problem with "machine executable contracts" which is that how can you "consent" to a contract that no human being has read, and what happens if there is a "bug" in the contract or what constitutes a bug.

It's actually not that hard to write a program that takes a formula in a financial contract and turn that into a legally binding contract. However, people don't do that because they want a human being to be responsible for actually "consenting" to a control.

Also it turns out that most financial transactions don't involve massive interchanges of contractual information. What you end up doing is to have a consortium like ISDA write the "standard master contract." Two people that want to trade sign that master contract once, and then all of the financial trades are technically speaking amendments to that contract. The reason that people want standard contracts is so that you don't get weird interactions. It turns out that to write a master contract takes several years since there are all sorts of bugs that you can run into.

The other thing is that it can be a bad thing for two sides to negotiate a contract. When two banks negotiate a contract, you have two teams of highly paid lawyers work through each clause. When you have a bank or other large corporation interact with some random person, that random person is likely to get screwed badly because they don't have a legal team working for them.

Knowledge (& information) has always been a currency of power. Those who seek to control (amass and retain power) often do so by controlling information. Things that disrupt the preservation of a steep information[-dissemination] gradient can be perceived as threatening by those amassing power in this fashion (e.g. Gutenberg, SMS, internet).
An additional interesting perspective, from Scott Adams: http://www.dilbert.com/blog/entry/...

Also, I think it's important to realize that "we" don't agree and to figure out what it is that "we" disagree about.

The other thing is that if you are in a situation where you are an individual versus "corporations" or "governments" then you are dead. However corporations and governments disagree with each other, and the only chance you have as an individual to make a difference is to weigh in when there is a disagreement.

For example, the MPAA is in favor of strong copyrights. Google and smart phone manufacturers don't have the same interests. On human rights issues, I tend to be on the opposite side of the Chinese government, but the Chinese government could be an extremely useful ally when it comes to weakening IP laws or even in not cracking down too much on hackers.

One thing that I gives me some hope is that in every issue that I can see, it's not A versus B but rather there is a mix of weird coalitions and alliances.

Does it really matter whether the law comes from contracts or kings, as long as kings can shoot the people who write or enforce the contracts? Consider, for example, the Wikileaks payment blocks. I'm sure those arguably violated some contract somewhere, but getting it adjudicated was clearly never going to happen.

Personally, I'm most worried about the proliferation of limited-use computer systems such as smartphones and tablets, where -- in addition to the surveillance issues -- courts and legislatures seem much more willing to countenance the idea that buyers should be prohibited from making any modifications without all the sellers' permissions.

Bruce, here are some additional cold reality bullet points" that you might consider in your book - these issues were being discussed at RSA this year amongst Govt think tanks, security forecasters and predictive analytic researchers -

Humanity is fighting a civil war over privacy but the people who already gave up their privacy don’t know about the war yet.

The battle that looms ahead will be fueled by products like Google Glass and targeted at the companies that bring similar products to market.

Google’s entire ecosystem is based on exploiting its customer and getting their users to “sell out” their friends – google glass extends data capture to a cadre of surveillance soldiers that will be able to data mine anybody who comes within camera shot of them - indoors, outdoors on both private and public property.

All of this data will live in a repository that will be vulnerable (or ripe) for exploitation.

People who are passionate about their privacy will likely fight to protect it. This could lead to civil unrest between strangers, friends and even family members. Brother against fathers, mothers, sisters and friends. Civil wars are ugly and fueled by passionate interests hard-wired into a persons beliefs.

Security professionals are already worried that Google Glass users will be threatened and/or subject to physical violence for capturing a third parties information without their authorization. There is further speculation that privacy fighters will take the battle directly to the corporations that bring these products to market.

Google, Facebook and other data exploitation companies are becoming more aware of their growing risk to both the company and the safety of their employees as their products and services continue to exploit their customers.

Government, Finance and Insurance industries are all aware of this growing risk and each are respectively working (quietly) to protect and insulate themselves from this inevitable conflict.

The reality of privacy erosion is that it results in the loss of the very foundation that the United States was built on - personal freedom. Over the course of the USA's history, citizens have fought hard and died for it.

Your comment "The four tools of Internet oppression -- surveillance, censorship, propaganda, and use control -- ...are interrelated; often building tools to fight one as the side effect of facilitating another." Got me thinking. Will these effects, as with so many things in life mean that the "power players" cancel each other out?

I'm reminded of the time-honored Chinese diplomatic strategy of keeping their enemies fighting. The result is that, while the enemies collectively could have overwhelmed China, the infighting left an often objectively weak China largely independent for nearly 2000 years.

Is this lesson applicable to the world's population as a whole? In relative power to governments and corporations, we may be weak. However, if we can play the corporate interests against the government interests, we may find ourselves largely free.

I wouldn't have started a serious conversation on 4/1, and even though this may well be a prank ...

The internet makes many things easier to do faster. That's neither good or bad, but the power-minded are not stupid - they were sure to notice. Once upon a time, if your basic evil dictator wanted to make sure he was reflected well in the history books, he made the book companies in his country print what he wanted to hear and the schools in his country use the resulting books. Easy, albeit slow.

Sure, there was a risk that somebody else might write an unbiased (or counter-biased) history of his country, but getting a book published poses its own barriers. Even so, the schools wouldn't use it and he could probably keep many bookstores from selling it. This was a manageable problem.

Just add the internet, and the problem gets out of control. Every two-bit dissident, or security expert, has their own blog and it's on the same internet as the dictator's official message. The old-style military response that kept the "bad book" under wraps is a huge amount of work now, the dictator has to go into the firewall business and it's really hard to control Tor sites in other countries.

What's a dictator to do? The obvious response is to launch a "louder" messaging/propaganda campaign. Tell folks they need to "make up their own mind" on the meaning of past events, while publishing a large volume of false information to "spin" the dialog. People buy into the notion that they are important, and their opinion counts, and the special interest dictator with the most money wins.

It all boils down the the old Daniel Patrick Moynihan quote "Everyone is entitled to his own opinion, but not his own facts." On the internet, it turns out that Moynihan was wrong. You can have your own facts, and if you spend enough on SEO your facts can be the facts people hear first and most frequently.

It's not a new power, but it's a new outlet for an old power. The more we depend on the new outlet's version of the truth, the more we select which sources are reliable based on their alignment with our preconceptions, the more that the notion of truth becomes fuzzy. Just the way evil dictators like it.

Your "need for leaks" link is broken. Thank you for writing such great articles and speaking out!

The problem you are going to face is hyperbole.

Most of the comments you see here and the books that are recomended are all based on multiple layers of supposition to the point where they are little different to castles built on clouds.

As we have seen with cyber-crime and cyber-espionage humans actually move their reality a good deal slower than the technology and as such nearly all that is done in the intangible Cyber or information world is actually a re-working of that which is well known tried and tested in the tangible physical world.

Thus you have two predictive paths,

1, That based on what is known in the tangible world.
2, That which is new based on the differences between the intangible and tangible worlds.

To use the second path which is the area I suspect you will want to concentrate on you will need to strip back the Internet into it's two component parts the tangible and intangible asspects.

Some time ago I posted a list to this blog of some of thhe differences between the intangible information world and the tangible physical world.

The first point I made was that information is not constrained by the laws of the physical universse in that it is not comprised of energy/matter or forces.

The second point I made was the only time information became constrained by physical laws was when it was encoded onto matter/energy for the purposes of communication and storage in a way that humans can use.

It can be realised from this that there are issues to do with nonlocality, effectivly zero cost duplication, thus unlimited force multiplication and due to other effects effectivly instantaneous universal action.

Another thing you need to consider is the value of information in terms of monetarisation and thus taxation. Part of this is assessing the value of information in transit.

Then there is the control of information and how it effects people by it's storage and access. Within living memory politicos could make statments within a short duration time context with little fear of comeback from times past. With the Internet no sooner has a politico opened their mouth than somebody is pulling up things they have said in the past that are at variance with their current spoken position. This actually scares the politico's quite badly, because most times they cannot remember past statments and importantly the context they were made in. Thus part of the reasoon we have "sound bite" statments is fear of what is in effect "perfect citizen memory" that can be used to a politicians considerable disadvantage especialy if a slant is put on iit by setting statments in current context not past context. This obviously has a knock on effect of turning poliitics further into a "cult of vacuous image without substance".

Politico's were infact some of the first victims of what we would now call Cyber-stalking where your are in effect forced to continously relive your past, where the only self defence is not to have opinions or substance just vanilla existance. Which is actually likely to produce an even blander non cultural society.

If you realy want to think about the future I would urge you to first study the past and look at the effects oon society of firstly grain cultivation. Then domestication of animals, through the effects of brewing of beer and the effects of increasing population density on specialisation in arts and later pre industrialisation artisan activities that eventually gave rise to tools and machines that allowed "force multiplication" and the realocation of power (think windmills run by just one or two individuals that in efffect replace the work of eight hundred individuals). Through the industrialisation of weaving, book production, cargo transport to cheap reliable mass transportation (trains) the telegraph, telephone and radio.

Each of these events produced a step change in society that society had to become accustomed to and each in turn was actually due to the movment of intangible information that brought the step change to the tangible physical world.

Secondly I would also go and look at the works of the "social thinkers". Which in many ways started with the reformatiion of religion and how the likes of Jeremy Bentham, Karl Marx and George Orwell came about their ideas and predictions.

I agree that we are headed down a dangerous path, very dangerous I'd say-- our fundamental freedoms are being pulled away right under our noses. The question of whether we have the political or social will to face the problem and act is a central one. I think (and hope) that it is an overwhelming yes. But we do need help. Help in crystallizing our understanding of what is happening and unifying as a society because despite how diverse our interests might be, their pursuit is only made possible by a stable foundation freedom and cooperation.

I would like to see you analyze your feudalism concept in a different way. Compare portions of the current environment in an entertaining way to several different political structures. For example Corporate Social Feudalism, Open Source Libertarianism, Social Democracy, Dictatorialism, Firewalled Communism.

After analyzing, I suspect there will be differences in the Internet world vs the political world. I also expect there is a history of government evolution that can be applied to the current struggled for control in the Internet.

@joequant: you might want to read what's there about machine executible contracts. It's all about how to design this in such a way that a) persons can read&audit it b) can express their consent/disagreement c) can close contracts themself d) exclude any central authority e) don't need to trust each other f) don't have to trust their own machine beyond the moment. etc.

There where problem; solved.

who ae actually the 'main' protagonist?

the webward principalities (Google, Apple,...), the classic RL principalities, the merchant guilds of service providers (intervowen into their principalities, of course...).

Actually, the relationship between the Google etc. and the classic states is somewhat similar to the relationship between the hanseatic league and the fractal principalities of the German empire and of nothern Europe. Some hanseatic cities were free cities within the empire with major economic influence etc.
...but maybe the analogy is a bit weak (and I am biased being german ;) )

I grew up with the internet in the mid-90s and it seems to me that the standard then was to use a handle, a nickname or whatever when being "on the net". Using your real name was not common. Adding up to "QnJ1Y2U"'s post, I might add, that today we are forced to use and are using more and more our real names when being online. The names are linked to online services and we form the "outgroup" if we do not agree to this. I think the continuous blending of real world and cyberspace is one of the main features that marks today's internet and that has led to today's imbalanced power situation, i.e. what you describe as feudalism: Give me your real name and identity, and I'll give you anything you want.

A look at how China deals with the internet and its users might be useful: the system of "real name registration" forces users to register for a lot of important services, be it buying train tickets online or using the IM-program QQ. China may reflect an internet vs. power situation vs. users at its best.

On trust and companies that (ab)use it: one of the features, I guess, is that most trust-relationships today are kind of covertly performed: The company offers service X for free (or a small sum) and most normal users do not think about what they actually give away (identities, information, data to be sold), they seem not to be aware that the deal "service in exchange for data/…" is actually a trust relationship. Trust that has been broken is only noticed when data has been leaked.

Often, people are blinded by the fanciness, shininess and practicality of services and do not realise what they actually give away. In addition, services like Facebook and Whatsapp work because of group pressure: Everybody is using it, so I don't care about security and where my data goes. Feudalism works so well because it links up to human's need to be part of an "ingroup" and not the "outgroup".

Bruce - how about you bust open all the FUD surrounding 'cyber'. Call it something like: "Cyberrheoa: the Emperors New Clothes" or something like that.

We all know that 'cyber' is nothing new. Yet, there are a good number of (previously well respected) security professionals falling into the 'cyber' trap, bleating on about 'new' threats, computer based Government backed espionage and the like as if these were new phenomena.

We have a real problem in the security industry at the moment with these idiots with vested interests in shifting more units of the latest 'cyber protection' product. They unfortunately have the ear of Governments the world over and they are damaging the credibility of the industry as a whole with their constant FUD.

If someone well known (such as yourself) doesn't stand up and call 'time' on these muppets soon, all our credibility will be irrecovably damaged.

The security industry is heading for its own Y2K moment and if we don't turn back soon it will take us YEARS to recover any semblance of credibility we once had.

I suggest the title Net Power, which is a pun meaning both internet power and a summary of power.

check out Alex Galloway's The Exploit

"Permission to retrieve your data denied"

Now that will be interesting.

Seconding the recommendation to read Brin's "Transparent Society," for reference if nothing else. I didn't really like the conclusion when I read it years ago, but some of your recent essays about the internet as a surveillance state had me thinking about it again as one of the few possibly acceptable means of maintaining a little freedom or control.

Trust is an information availability problem. Trust underlies all these problematic relationships. Information availability problems can be solved with information technology.

You cannot know what a person will do in the future. They probably don't know that. You can predict it with reasonable certainty though, if you know what they've done in the past in similar situations. That information is usually not recorded. It's available only to those who know the person, which is why trust grows from experience.

Trust (which is a property of a relationship) is also somewhat transferable. If Alice trusts Bob, Carol can probably trust Bob too, if the Carol-Bob relationship is similar to the Alice-Bob relationship. If Carol knows Alice, she could develop trust for Bob without knowing Bob. This is an information transfer: Carol is leveraging Alice's knowledge of Bob.

The whole hierarchy of power is built on this. Power grows over time, not because the powerful become more trustworthy, but because they manage to distribute the knowledge of their trustworthiness (i.e. their reputation: the consequences of interacting with them) more broadly.

Trust information is distributed in a very word-of-mouth manner right now. It doesn't always have to be that way though. One can imagine a vetting service that operates in real-time.

One can also imagine that such a service would be very valuable to subvert. Perhaps too valuable to centralize. It would have to be federated.

The internet has been moving to a progressively more central operations model since the mid-90s. SMTP is a federated protocol, but I would wager that there are fewer than 10 email domains that you interact with on a regular basis at this point. Most domains owners do not operate their own hosts, let alone their own mail servers. This move from federation toward centralization of services is in the interests of the service providers. It fuels information feudalism. And it's about complexity. I gave up running my own mail server when managing the spam filter became too burdensome. Gmail was so much easier, even though I was aware of the privacy implications.

If we are to reverse the move toward feudalism, we need ways to make federation simple and affordable again, especially in the spaces like social networking, where effective federated solutions just don't exist.

My opinion, which probably goes too far afield for your liking, is that a lot of these problems stem from the desire for attractive and friendly interfaces. We have no shortage of secure systems. They're just undesirable, for one reason or another. The major vendors don't have to provide true security because customers can't distinguish true from false, nor are they willing to pay a premium for it or miss out on a sexy feature.

Three solutions spring to mind: devoting resources towards making attractive, compelling solutions that are secure and private; creating a culture that values security and privacy over beauty and easy-of-use; and legislation. Of the three I think the first would result in the "best" world and is correspondingly unlikely, the second seems doomed, and the third seems like probably the best for short-term ROI, although probably a cause for long-term concern.

Looking forward to reading your book and finding out what you have to say about these issues.

I've been thinking about this a lot lately with respect to educational software. The Gates' Foundation in particular is spending considerable amounts of money to fund a project that was previously called The Shared Learning Collaborative and is now called InBloom, Inc. The idea is to create a centralized data-warehouse of student and teacher performance data (test and assignment scores, grades, attendance, behavioral reports, etc.). The goal is to liberate schools from relying solely on their own private data islands, as well as to reduce vendor lock-in with respect to data sharing. Ideally, it will also create a giant database for use by researchers. You can obviously think of the implications of such a centralized database concerning your personal performance from pre-K through your first years of college.

Another angle on this is the attempt by Silicon Valley to take advantage of the K-12 Ed space through their standard model of vertical integration (see getclever.com and learnsprout.com). By offering schools a free, simple, single-point of integration with their LMS systems, these companies hope to exact tolls and fees from providers of services that will want to integrate with those schools. It's great from the school's perspective because they won't have to pay up-front for systems integration.

What I have seen in practice is that teachers are using tools like Google Drive, Drop Box, Quizlet, YouTube and others to create their own virtual class rooms outside of the cumbersome, centralized and expensive LMS systems. The "system" keeps trying to force centralized tools and repositories on individual teachers, but they ultimately fail because they cannot keep up with teacher/student needs/interests and are overly expensive.

As an implementor of educational software, more and more I am trying to think of ways to produce my software in a distributed, flexible manner based on open APIs and data formats, rather than centralized standards and services.

Anyhow, this is just one particular business area, but I think it is one that sits that the center of many of these controversies over power, control, money, freedom and centralization. There are legitimate benefits to centralization (better research data sets, possibly lower costs, etc.), but there are major tradeoffs in terms of vendor independence, state control and the elimination of privacy at even the youngest age.

@russell --- the title "Net Power"

I second that!

@professor rat -- Cryptoanarchy is a feature not a bug - all power to the anarchists!

Professor Rattus - of course, the nice thing about your idea is that it takes the anarchists out of the market, leaving the vast majority of people to live within the feudal structures and unable to do anything about it. You would be far more damaging to the power elites if you acted in ways that ensured changes for everyone, not just the few. You're free to go rant and isolate yourself as much as you wish. Thank you!

Interesting fiction that expands on these concepts to effectively create societal change on a grand scale.

Read Daemon and Freedom (TM) by Daniel Suarez

The feudal model comparison is very interesting, because it can show how we can cope with new structures in our society. I think the main thing should be the establishment of human rights for the internet and related digital and virtual spheres.

History can tell us how we achieved this in the fysical world. Unfortunately, big steps were often only made after big disasters.

Another theme to think about would be whether internet may be a new "world order" - like in the western culture we had the church, the state and nowadays the economy providing the structures and also the values which are leading our behaviour.

joequant, I was caught up in an "e-contract" and lost the rest of my retirement. Thieves and liars take advantage of seniors in this way. I never signed anything by hand.

Re: Machine executable contracts

I happen to work in a field in which large financial transactions are routinely conducted electronically, and I've been seriously underimpressed by what is been written on machine executable contracts. One consistent problem is that if you have a computer programmer write about contracts, they usually know nothing about how contract law or how business practice works, and so what they end up with is just unusable.

The issue with electronic contracts is that if you end up on the wrong side of a trade, you could owe vast sums of money (i.e. billions of dollars) and in that situation you will do everything you can to void the contract. Coming up with a contract that can withstand the efforts of highly paid and motivated lawyers is not easy, and one thing that people do is to minimize the "electronic" parts of it, and to use standardized boiler plate whenever possible.

When two banks want to do electronic trading, what they do is to exchange a standard contract which everyone uses. The electronic transmission simply consists of a price quote that is authorized by the standard contract. Sending an individualized contract just won't work for many reasons. When two banks want to set up a trading agreement, if they don't use a standard contract, then drafting a new contract can take months.

There are also jurisdictional issues. Contract law in different countries can be wildly different. In international business what tends to happen is that people "virtually" do business in certain financial centers whose contract law and judges are predictable.

Also the world financial system is very deliberately designed to make it difficult to impossible for untrusted people to undertake a transactions. What often happens is that A trusts B and B trusts C, so A will pay B to do a transaction with C. However, if A, B, and C don't trust each other, none of this is going to work.

This also means that banks end up being instruments of control. Governments can't monitor financial transactions so they give banks instructions and the banks do the monitoring.

On the 3D-printing angle: Cory Doctorow has been warning for some time now about the coming "war on general-purpose computing" (search youtube for his talks about that). Its his prediction for what will happen as more and more meatspace endeavors have general-purpose computing mixed into them, especially ones that are scary enough that government wants to regulate them, or that will interfere with large established industries, or will offend moralizing legislators in redneck states, etc: the obvious ones right now are software-defined radios and 3D-printing of guns, but what about: implantable medical devices? 3D-printed sex toys? software-controlled cars? camera-equipped RC aircraft? When home synthesis of drugs or other bio-agents is as easy as tapping a few commands into the software that runs your 3D printer, there will be a lot of scope not only for malicious actors to do bad things with it, but for severe accidents too. What happens the first time a hobbyist printing up some chemical compounds hits a typo and accidentally releases nerve gas into his apartment building?

So general-purpose computing is going to come under attack from interests more diverse and much better organized and equipped than the piddling music/movie distribution industries. They are going to want the usefulness of general-purpose computers, but crippled somehow with futuristic DRM so that regulatory goals can try to be met.

We had an interesting take on these themes in our recently published paper:

The end of forgetting: Strategic agency beyond the panopticon New Media & Society 1461444812451565, first published on July 23, 2012 doi:10.1177/1461444812451565

http://alchemicalmusings.org/files/essays/...

We attempt to lay out a generative typology for conceptualizing the relationships between information and power. We would welcome your feedback.

best