Bruce Schneier: the internet is not doomed, but it is fragmenting

bruce schneierI had the pleasure of en evening with Bruce Schneier last night. Let me re-phrase that: I attended a BT event yesterday entitled “A Private Dinner with Bruce Schneier”.

Schneier, if you haven’t come across him, is BT’s chief security technology officer, author, cryptographer extraordinaire and philosopher-cum-infosecurity out-of-the-box-thinker.

Basically, what he says in info-security circles is usually listened to, although his propensity to tackle the subject more from a socio- or even biological perspective than a mere discussion of bits and bytes can make quotable extracts from a conversation with him pretty thin on the ground.

That said, Schneier was on form last night, focusing on the topic of trust and the notion that all systems, be they sociological, biological and so on, need co-operation to work. These systems also feature, inevitably, ‘defectors’, who don’t obey the rules and require security to keep their activities to manageable levels.

All fine and dandy, but what about the future? Does Schneier think we’re all doomed?

Well he certainly believes that the gap between the bad guys profiting from new technologies and the good guys catching up is greater than at any point in the past thanks to the sheer volume of new tech and the huge social change it is spurring, which is somewhat worrying.

However, there is hope that all is not lost. For one, he declared the bad stuff that happens online still a “tiny percentage” of the whole.

“I’m a short term pessimist but a long-term optimist,” he added.

As the older generation dies out things will gradually change too, he explained, as new norms around things like privacy come into play, and even the music industry is eventually be forced to change.

“The internet is the greatest generational gap since rock n roll,” he declared.

“People stealing music now are doing what will be normal in ten years’ time, they just figured it out first. The business model of scarcity doesn’t work.”

In less reassuring news, he argued that the balkanisation of the internet is likely to continue as national governments seek to establish their own controls – particularly appropriate given we were sitting in the Conrad Hong Kong, just a few miles from mainland China and the Great Firewall.

“It turns out the internet does have boundaries,” Schneier concluded. “Governments are enforcing their rules more and more and it makes for a less stable internet but it is the geopolitical future.”

Advertisements

Meet Huawei, the not so hidden dragon

huawei campus shenzhenI’ve just spent a fascinating two days with Huawei in Shenzhen. If you haven’t heard of the firm you will soon – it’s the world’s number two manufacturer of telecoms kit, powering all the UK mobile operators and BT, Talk Talk and Virgin Media’s fixed line operations.

It’s also number six in the mobile devices market globally, with its eyes on a higher position, and has entered the enterprise IT space where it sees big growth potential.

The trip was a chance to see and be impressed by Huawei HQ, a sprawling campus in a suburb of Shenzhen in the south of China next door to Hong Kong, rather than have an opportunity to quiz senior execs on the firm’s roadmap.

The firm has been spending rather a lot of money to show rather a lot of journalists the same thing – well, it can afford to, having made around $32bn last year.

The reason is that despite its best efforts it’s still not winning a huge amount of enterprise custom, its devices don’t have great brand recognition and, most irritatingly for the firm, it’s the subject of a high profile US Congressional investigation into links with the Chinese government.

The US has regarded Huawei with great suspicion and reckons it may have links to the PLA and the Communist Party (via its founder Ren Zhengfei) which make the firm’s products a potential risk to national security.

Needless to say, Huawei’s PR team were more keen to focus on the less contentious part of its story. And it is a very impressive story. Ren apparently founded the firm with a few thousand pounds and today, 25 years later, it has 140,000 employees, makes billions, operates in 150 countries and the average age of employees is just 29.

Yup, not really the impression many might have of the company. Due to its unique corporate structure which makes it wholly employee-owned, staff can retire at 45 if they’ve spent more than eight years with the firm with their share dividends providing a handsome retirement fund.

The analysts are in agreement that it has great technology, bags of patents and huge potential, so is the US just being protectionist?

Well, yes and no. Huawei may open up some of the source code of its products for investigators to scrutinise but apparently the big sticking point is info on how the firm is run, and past a certain point Huawei will not divulge that, so it may be deadlock for some time yet.

Ren is still a member of the Communist Party and for anyone who’s read the book The Party by Richard McGregor, this will be a cause of concern to some foreign governments – although it must be said not to the UK, which has welcomed the firm’s investment with open arms.

Now, I’m not saying I fully agree with all of the book but McGregor speaks very convincingly of the Party as acting “like a large magnet that makes iron filings suddenly cling together as it moves into position above them”, making them “stand to attention when it focuses its attention on them”.

In the end, both the West and Huawei are learning to cope with one another. We’re just starting to understand the firm a bit better and it is beginning to understand the greater level of media scrutiny, demands for more transparency and need for a more media friendly executive board – all of which are pretty alien to Chinese companies.


RIM’s big differentiator: staying out of China

RIM logoIn a startlingly refreshing display of honesty, RIM CEO Thorsten Heins has come out and said the firm is steering clear of China when it comes to manufacturing to reduce the risk of IP theft which could cripple its business.

It’s a bold statement, given that in my experience most tech firms – and even analysts – are very reluctant to discuss China in anything approaching critical terms, especially when cyber security is mentioned.

It’s certainly a valid point. I’ve reported in the past for The Register how many multinationals are suffering IP loss from their Chinese business units.

As RIM is teetering on the brink financially and seems only to be able to differentiate competitively from its rivals by virtue of the superior security capabilities of its handsets and infrastructure, any breach would be a huge blow.

That’s not to say it is necessarily safer anywhere else, but eliminating China from the supply chain could be a wise move.

Even the Chinese government has indirectly admitted its firms do not innovate enough themselves – the inference I’m drawing here is they nick a lot of IP instead.

Kenny Lee, a forensics expert with Verizon Business, sat down with me on Thursday to explain what hacking activity he’s seeing inside Hong Kong and Chinese firms.

Interestingly, while he did admit there was a fair amount of “low level” IP theft from firms in the region, mainly due to employees looking to set up their own businesses, there is a more insidious data leakage problem – technology transfers.

These agreements are usually foisted on foreign multinationals wanting to expand into China. The deal is that they have to partner up with a local Chinese firm by law to sell into the country’s huge market, and in doing so will usually need to share IP with them.

After a certain point, Lee explained, the Chinese partner usually has enough knowledge to pull out of the venture, having sucked all the IP it needs from its foreign partner.

There’s the rub for foreign firms such as BT, who can’t gain direct access to the market but equally reject the idea of handing over their hard-earned IP.

There’s no chance of things changing from the top anytime soon, so foreign firms will continue to have to weigh the risks and make that judgement.