One Billion Hearts, Bleeding as One

As fewer companies rule the Web, your security is put at greater risk

by Tim Wu | April 9, 2014

photo credit: Shutterstock

Over the last 5 years, the Web has witnessed a dramatic degree of centralization and standardization. That mostly has made life simpler and easier. With accounts at just, say, Apple, Google, Amazon and Facebook, you can now do almost anything you might like.

But convenience, as alluring as it may be, comes with costs that are not always obvious at first. Heartbleed, the vulnerability in SSL encryption discovered yesterday, makes this clear, as did the NSA spying revelations last year. Once upon a time, having an account compromised might only mean so much. But as we centralize more, and put more of our lives online and into consolidated accounts, the damage from being compromised is greater.

The standard advice is just to change your passwords more often. But what would actually make the web ecosystem less vulnerable is not just better security, but more diversity and more competition at every level, even among encryption standards. As annoying as it may seem, we’re safer when we have more accounts, with different types of encryption, spread across multiple companies. Otherwise, as the analogy goes, if all the gold is stored at Fort Knox, a thief knows where to go.

We’ve been here before: the point was first made in the early 2000s, when computing was dominated by a single software platform, Microsoft Windows. The resulting monoculture, as many experts pointed out, was vulnerable. John Quarterman, made a memorable analogy between Windows and the monocultural cotton crop, which, in the early 20th century, suffered ruin when infested by a beetle known as the boll weevil. And you may remember that computer viruses were at their worst when Microsoft Windows was the uncontested champion of operating systems. Nowadays, there’s more variety, particularly if you include tablets and smartphones, and the virus problem has seemed to recede slightly.

The Web isn’t yet as consolidated as operating systems were in the early 2000s. But we trust more to the web than we ever did to our computers in days past. And we need to remember that while big, centralized systems have their advantages, that size also yields an inherent fragility.

Image via Shutterstock.

Source URL: http://www.newrepublic.com//article/117325/heartbleed-openssl-bug-reveals-dangers-web-centralization