No Free Lunch From the Hackers

Recently by Paul Rosenberg: The State Versus the Internet


I recently wrote an article posted here at on The State Versus The Internet. In it, I outlined the current (and very serious) threats to the Internet. Along with a few "thank you" comments, I got several that said, "yeah, but surely the hackers will bring this down."

I'm here to tell you that this is a vain hope, and that it is not the hackers' fault.


The hacker mystique dates back to the late 80s and early 90s, when they won the first crypto war. And while the hackers deserve enduring credit for that victory, it is important to remember two things:

  1. That was a much easier situation than the one we now face.
  2. The community that really changed things consisted of only about 200 people.

That 200 number is obviously just our guess – there was no register to sign, after all – but it should be fairly close to the number of people who actually did something, as opposed to the much larger group who never did more than talk, or who worked on ineffective things, wasting their time and resources.

As for the battle we face now, I outlined it fairly well in the article linked above: We are facing-off against the biggest intel agencies, the biggest tech companies and some of the biggest crooks in the world.

The Web Application Ha... Dafydd Stuttard, Marcu... Best Price: $2.61 Buy New $98.54 (as of 03:50 UTC - Details)


Today, if we were to count all of the people who are actually working on Tor, I2P, privacy-oriented VPNs, and other anonymization technologies, we still have a few hundred core people, surrounded by perhaps 5000 support people. These people do things and they change things, but you would expect there to be many more of them at this point, 20-some years after their initial appearance. The reason for this lack of growth is simple: They are not rewarded.

Even with all the technology we now have for avoiding surveillance, we estimate that there are between 4 and 5 million people worldwide that use it, maximum. That equates to less than one percent. There are roughly 2 billion Internet users in the world (266 million in North America, 475 million in Europe, 825 million in Asia, 205 million in Latin America), but only 5 million using the things that hackers provide.

Hackers have families to feed too, and whatever they do, they cannot be successful without paying customers. People simply do not use crypto and the hackers simply have not been rewarded. If privacy requires payment, or if it requires an extra step, or if it slows them down just a little bit… they don't line up for it. And if no one uses their products, what benefit can come from them?

It would also have been nice if people would have helped the hackers when their homes and offices were raided and when they had their computers stolen by the police. At least some help with legal costs would have been nice.

The truth is that a lot of people think they can piggy-back on a bunch of guys who are internally driven to protect the Internet. They are wrong; the hackers have bills to pay, and if customers won't pay them, they can't make a living hacking crypto. Markets are what they are, and people will not continue to provide unrewarded services.

For example, an associate of ours runs an open node for a mesh network. It can reach about 5 thousand people, but only about 10 people use it, and mostly for worthless things like file sharing.

Hackers are good at building hardware and software, but the problems we face now involve cables and core routers. In order to counter these attacks, we need alternate networks, not alternate endpoints. And for that, a LOT of capital is required. The hackers don't have enough money to do that, and they don't have the political connections required to get the requisite free pass. Those systems are physical, expensive, and easy to attack and close.

One Nation, Under Surv... Kenneth W. Royce Best Price: $3.80 (as of 06:20 UTC - Details)

If a few hackers had been made billionaires like the social network guys, we might have had a chance to keep the Internet free, but that never happened.

Can you see why the hackers get bent out of shape over this? People don't want to know that they are surfing an Internet where their every action and thought are recorded "for their protection."

If there is a new device or new free service, they'll plug right in. Mention crypto and they say "That costs money and degrades the operation of the gadget everyone on TV is using!"

And yet, they expect the hackers to ride in to the rescue.

We have been documenting the construction of an electronic police state for several years and working to protect people from it. Our business is doing well, but we should be orders of magnitude busier than we are (as should others). People who don't give up their PGP passphrases are sitting in jail as we speak. Non-compliant ISP operators have spent time in jail and years under gag orders, mass surveillance grows daily, hundreds of hackers and providers have had their computers seized by the police, and no one knows how many people have disappeared world-wide over Internet posts that offended one boss or another.

If the Internet completes its conversion into the greatest surveillance tool of all time, it will not be the fault of the hackers.

No one is riding in and save us. Either we save ourselves or we shall not be saved.

October 28, 2010