Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Internet Google Security

'The Internet Needs More Friction' (vice.com) 155

Justin Kosslyn, who leads product management at Jigsaw, a unit within Alphabet that builds technology to address global security challenges, writes: The Internet's lack of friction made it great, but now our devotion to minimizing friction is perhaps the internet's weakest link for security. Friction -- delays and hurdles to speed and growth -- can be a win-win-win for users, companies, and security. It is time to abandon our groupthink bias against friction as a design principle. Highways have speed limits and drugs require prescriptions -- rules that limit how fast you can drive a vehicle or access a controlled substance -- yet digital information moves limitlessly. The same design philosophy that accelerated the flow of correspondence, news, and commerce also accelerates the flow of phishing, ransomware, and disinformation.

In the old days, it took time and work to steal secrets, blackmail people, and meddle across borders. Then came the internet. From the beginning, it was designed as a frictionless communication platform across countries, companies, and computers. Reducing friction is generally considered a good thing: it saves time and effort, and in many genuine ways makes our world smaller. There are also often financial incentives: more engagement, more ads, more dollars. But the internet's lack of friction has been a boon to the dark side, too. Now, in a matter of hours a "bad actor" can steal corporate secrets or use ransomware to blackmail thousands of people. Governments can influence foreign populations remotely and at relatively low cost. Whether the threat is malware, phishing, or disinformation, they all exploit high-velocity networks of computers and people.

This discussion has been archived. No new comments can be posted.

'The Internet Needs More Friction'

Comments Filter:
  • no (Score:2, Insightful)

    by Anonymous Coward

    just no

    • by lgw ( 121541 )

      "We already made it big. There's no need to keep the part of the internet that let that happen. It's just trouble all around if we keep allowing other companies to get big - heck, one of them might compete with us."

      Perhaps we need a new internet, or at least a new web. Of course, there's a tough problem to solve: if there's no way for authoritarians to take down content they don't like, or identify uploaders of such content (e.g. Freenet), how do you deal with spam? P2P is great for popular content, but

      • by thomn8r ( 635504 )
        Perhaps we need a new internet

        With blackjack, and hookers!

      • "We already made it big. There's no need to keep the part of the internet that let that happen. It's just trouble all around if we keep allowing other companies to get big - heck, one of them might compete with us."

        You've got it half-right but you left out a key part; the other half of that conversation. Who are they saying this *to*?

        Corrupt and too-powerful governments and their politicians, that's who. Also missing is the reply.

        "We agree, as now the internet has become a means for those who oppose us and our ideology(ies) & agenda(s) to communicate, organize, and spread their messages to the world. We can't have that. We'll work together as it's in both our interests."

        You'll not solve the problem until and unles

  • by Anonymous Coward on Friday November 16, 2018 @09:06AM (#57654878)

    The true sign /. has jumped the shark when it starts pushing this kind of authoritarian bullshit.

    • by SirSlud ( 67381 ) on Friday November 16, 2018 @09:26AM (#57655000) Homepage

      This is the kind of overreaction porn I come to slashdot for.

      • This is the kind of overreaction porn I come to slashdot for.

        Is this an overreaction though? You could make exactly the same claim about the postal service. It sped up the interaction between people and allowed for mail-order scams etc. too. However, that same service was also used by law enforcement to transmit information about crooks rapidly e.g by sending fingerprints, crime reports and arrest warrants between jurisdictions. The same applied when the telephone came along.

        In all these cases the solution has always been that you use that same reduction in frict

    • by AmiMoJo ( 196126 )

      How is antivirus software and DDOS protection "authoritarian bullshit"?

      Do you read every spam email carefully just to respect the author's freedom of speech? Did you disable the corporate firewall so that information and ideas can be exchanged freely?

      My firewall creates a lot more friction for apps wanting to access the internet. Most of the time when they try I say "no".

      • Because that's not what's being discussed here. Spam filter is something you elect to have. Not being able to buy medication without prescription is something someone else elects for you to have. You don't have a choice in the matter.
    • by Anonymous Coward

      Authoritarian has nothing to do with it. It's an awful idea on a purely utilitarian level.

      Look at credit cards. Say you introduce an artificial 5 minute delay. Might you reduce some types of fraud that way? Sure. But what about the million-fold more legitimate transactions that are unnecessarily delayed? What about uses requiring instant purchases that suddenly become impossible? Paying a toll booth or a bus ticket or any number of on-the-spot purchases becomes impractical.

      Likewise with the inter

      • [With a 5-minute delay on payment cards,] Paying a toll booth or a bus ticket or any number of on-the-spot purchases becomes impractical.

        Not if the cardholder asked the issuing bank to authorize a particular (merchant, maximum amount) pair more than 5 minutes in advance.

        Artificial delays will kill things like media streaming

        Unless it's a live stream of a sporting event or whatever, I don't see how a 5-minute delay to buffer up the start of a stream would hurt.

        gaming

        Video games can be downloaded to a suitable computer in advance of play. Multiplayer video games can run on a split* screen or over a local area network (LAN).

        and VOIP

        Even if a low-latency channel can provide only 2400 bps each way, Codec 2 [rowetel.com] squeeze

    • by e3m4n ( 947977 )

      what exactly does jump the shark mean? Jumping the gun had a real-world image of a false start during the race, where a racer took off before the starting pistol fired. Hence jumping before the gun. Jumping the shark draws some really fucking perverse jack-be-nimble fairy tail images in my head. Do these sharks have freaking laser beams??

      • what exactly does jump the shark mean?

        Are you serious? You don't know that expression, but you know sharks with frickin' leaser beams on their heads?

        smh

        Too damn lazy to give you the link. Just google "jump the shark" and ye shall be educated on where the expression came from, and what it means.

      • by sfcat ( 872532 )

        what exactly does jump the shark mean? Jumping the gun had a real-world image of a false start during the race, where a racer took off before the starting pistol fired. Hence jumping before the gun. Jumping the shark draws some really fucking perverse jack-be-nimble fairy tail images in my head. Do these sharks have freaking laser beams??

        It means you don't understand an old meme from before the Internet. Jumping the shark [wikipedia.org] is a reference to an episode of a TV sitcom called Happy Days [wikipedia.org]. All you need to know is that 'jumping the shark' means doing something 1 time too many and something that worked before no longer will work. Basically, its the end of a meme's effectiveness in a given culture.

    • The true sign /. has jumped the shark when it starts pushing this kind of authoritarian bullshit.

      Um, posting it on /. makes it so /. is pushing it? Um... dude, not to point out the obvious, but it's someone in Alphabet pushing it. They've jumped the shark. I could argue they jumped it as soon as they started selling ads.

  • Crazy.... (Score:5, Insightful)

    by beheaderaswp ( 549877 ) * on Friday November 16, 2018 @09:11AM (#57654904)

    It's not the speed of the internet that is the problem- it's humans adapting to it.

    Whether it's behavior or security practices it is all about adaptation. Adding "friction" is corporate weasel terminology for "I'm an MBA and can't understand this".

    There's nothing like getting a blank stare from an MBA, who is your boss, who either refuses, or cannot, understand technology or it's social consequences.

    • by Sique ( 173459 )
      When spam was coming to every mailbox, there were the first ideas floating to slow down that type of mass mailing. One idea was to introduce some kind of internet stamp which would be priced as low that the normal user will never really feel the cost, but for the mass mailers sending out thousands and millions of mails at once, it would really be expensive, so that response rates of less than say 1 in 10,000 would prohibit such campaigns.

      This would be an example of the type of friction the article talks a

      • by Kjella ( 173770 )

        Of course that kind of rate-limiting was dependent on one of the parties - the recipient - wanting to add cost so they only got "serious" email. It wouldn't do anything to a Twitter flash mob where people want to read each other's posts, unless you want to take Internet response time down from milliseconds to the days a mailman took for a letter. That's not going to happen so I assume this is about control, if you're like an "influencer" with a large number of daily readers we're going to clamp down on your

  • by jfdavis668 ( 1414919 ) on Friday November 16, 2018 @09:11AM (#57654906)
    "For example, a piece of software should not be able to penetrate more than 10 percent of a corporate intranet without its growth being paused and an IT admin explicitly approving any additional installations." How is this going to work? All installations of software need to be actively approved by someone. Unless you are talking about allowing end users install their own software. Then I don't know how you would control it to 10 percent. Anyway, I don't know how that would help stop anything.
  • by SirAstral ( 1349985 ) on Friday November 16, 2018 @09:20AM (#57654956)

    Lets NOW get regulations put it, while WE have a lot of say and clout and while we have a lot of politicians we can buy off to help make sure that regulations benefit US more AND in a way that hurts other startups.

    This business is as wrote as history. When you are small, you hate regs because they cause you pain... when you are BIG, you like regs because you can buy a few of them that help keep your business either directly or at least quasi blessed by one or more of the government agencies. And what is wrong with having the ear of government? And like the TARP bailouts... getting to big to fail is an insurance policy all its own! Government will happily put businesses on welfare too!

  • by Anonymous Coward

    I can't tell if the author is a raging dumb-ass or very, very snarky.

  • ..they want us to revert back from fiber to Bell-202 ?!?
  • Google has a parallel internet twice as fast as the regular Internet. They can move everything they own across the world than we plebs can move stuff through the Internet. They built it using leased optic fibre lines around the world that they bought at a bargain when the dot com bubble burst. Now they are preaching to us that the Internet need to be slower.
  • Fewer bastards (Score:5, Insightful)

    by OneHundredAndTen ( 1523865 ) on Friday November 16, 2018 @09:27AM (#57655004)
    Like Google. That's what the Internet needs.
  • by TuringTest ( 533084 ) on Friday November 16, 2018 @09:35AM (#57655054) Journal

    Everyone with a technical mind here will think that "adding friction" is about inserting delays in transfer protocols, which is a stupid idea.

    But the article is not about technical bandwidth, but about social conventions. It *is* a good idea to reduce the amount of exposure to bad actors, as every security specialist can tell you. Spam filters, white lists and ad blockers add friction to transmission, and we all consider those a good thing, even if sometimes you need to recover false positives from within the filters.

    Similarly, closed group-based social networks like Whatsapp are less prone than Twitter to focusing noise onto a single spot. Twitter is known for destroying the life of people in a few hours, and it happens because of the speed with which information on a topic can propagate through the network and concentrate the discussion of the whole internet on the timeline of a single person or reduced group. If the topic needs to propagate slowly through several closed groups, it is less prone to produce the same burning effect.

    Pursuing those objectives - isolating one from bad content, reducing speed of propagation, distributing replicated info through several smaller channels - is a good use for social friction in the net.

    • by jm007 ( 746228 )
      the argument is purely ideological and does have merit at that level; I believe the main sticking point (for me) is that this friction will always need human intervention -- directly or indirectly -- and so its implementation will fail because humans always bring their failings along like unwanted stepkids
  • Maybe he penned it during last week's walk-out?
  • How to use the internet safely? https://www.susthesurfer.com/h... [susthesurfer.com]
  • That the author is employed is a testament to his ability to sell bull shit.

    That this fluff piece got published is a testament to no one reviews articles before they are published.

    If we take a our way back machine, we would learn that security was an after thought to software design. Largely because computers were non-networked, single user (as opposed to multi-user) machines. Then computers started to be multi user machines, more than one person working on the the same machine and then they started
  • "Content that might contain phishing or malware could be extra-delayed to algorithmically look for patterns in suspicious links or attachments."

    Gee, I wonder where we might get some service to scan, parse, examine, study and commercialize our digital correspondence?

    Hopefully a friction-less computer can do it so I can hurry up and wait for my communications to be approved!
  • China has friction (Score:5, Informative)

    by zedaroca ( 3630525 ) on Friday November 16, 2018 @09:48AM (#57655148)

    This person is pushing towards totalitarianism like they have in China. Someone (or something) checking what you are doing every step of the way.
    This is great for the powerful, bad for the people. Good for the copyright holders, bad for spreading culture. Good for dictators and spies (ie. hacking team), bad for Wikileaks.

    The hackability and "lack of friction" is a feature, it gives the people a fighting chance. Good days when the engineers of the internet had good ideology on their code.

    • Bad for the people? You mean the deplorables? Bad for Wikileaks? You mean the Russian controlled enemy intelligence operation? I don't understand what you're arguing for. Are you a fascist? If not, your positions are indistinguishable from the positions that real live fascists hold.
  • by nospam007 ( 722110 ) * on Friday November 16, 2018 @10:17AM (#57655344)

    "Highways have speed limits and drugs require prescriptions"

    Both are just suggestions that you can ignore whenever you want or need it.

  • I have never driven an automatic, always stick, so i an accustomed to use a friction clutch. Where is the problem? I know that those lazy Americans have some problems to drive a five-speed manual, but we in Europe are accustomed.
    I once have driven a car with a broken clutch for 20 km to reack the nearest car mechanic and was a bit tricky to drive witout friction, especially stating
  • If there's one thing I've learned from the internet, it's that friction is bad and lube is essential.
  • My immediate reaction is that the article is nonsense, but I'm willing to withhold judgement unless there's some concrete proposals. For example, it's not uncommon for people to greylist email or have a timeout after a number of failed login attempts. Both of those could be considered "friction" of the sort the author is talking about, and I don't have a problem with those.

    But I think we should also be thinking about the opposite: What happens if everything is open and virtually frictionless? What if co

    • Got to wonder if this is a modern conundrum, given Moore's law one would expect this to be part of the upgrade cycle... Infrastructure (web servers and client devices, etc.) should be upgraded periodically to improve encryption. 4-5 years has been the standard middle class consumer upgrade cycle, with 8-10 years for the rest.

      However, Moore's law has given a constant and significant increase in speed, it could be that we are starting to notice downsides. Having to move to a 5-year upgrade cycle to maintain
  • So the morons who wanted to move fast and break things suddenly realize they broke everything. No shit. You broke democracy through one social network that is a spying platform and another that has never made a dime.

  • Adding "sleep" statements to my code right away!
  • So this privileged male of European decent (Justin Kosslyn) thinks he or people just like him, should be allowed to take control over tax-payer built internet (Throttle speed) and discriminate based on income, ethnicity, gender, or what ever. So he can feel safer, like In the old days. Maybe like when we had "Jim Crow Laws" those good old days? I mean when you consider context clues like the history of our country. I can't be sure but this sound familiar. as for internet throttling my view is (If it ain't b
  • We should ban all advertisements on the internet, they are the enabler that allows anyone to afford putting up useless content. Without advertisements we wouldn't have the social media sites that are basically the epitome of your claimed 'problems'. Look in the mirror pal.
  • Convenience instead of security, that's why there are so many security issues in, e.g., IoT devices. The goal of the IoT vendors appears to be to make it as easy as possible to get the device online so that data collection can commence. Until that goal changes, security will continue to suffer.
  • First, this does not even identify the right problem: The problem is in the end-points, not the network. Second, "friction" will not solve it. It is the wrong idea in the wrong place. Third, does this person even know how the technology works he is talking about? Apparently not. Next: Even adding minutes of "friction" to software (malware) distribution, that would not help. I did some research in this area about 2 decades ago, you still can saturate the whole net and reach all vulnerable targets with signi

    • Friction is not a blanket time delay.

      Friction is your spam filter. Or your ad-block in your browser. Or noscript. All of these create friction in people getting their message to you. (And yes, most of those people are shitbags).

      What could similar friction look like on social media or the other topics of this article? No idea, and the author doesn't seem to have any good implementation ideas either. But a completely false Facebook post getting in front of a ton of people to influence those people with

      • by gweihir ( 88907 )

        I do understand that. But I somewhat doubt the Google-Person does. It also does not help.

  • Just come and propose that BSD adopt systemd on Slashdot and you'll see just how much friction the internet can generate.

  • but close enough... https://xkcd.com/669/ [xkcd.com]
  • The internet is full of bad stuff. Fake news, lies, ads, identity thieves, scam artists. But I worry when someone else gets to decide what is 'BAD' and what is 'GOOD' and try and eliminate or handicap everything they don't personally agree with. There is plenty of 'friction', but it is in my brain where I prefer it to be. I don't fall for everything that gets posted on social media, or even in mainstream news outlets. I am skeptical of almost everything I see today. You are a fool if you believe a significa
  • Anyone screaming for regulation just thinks they'll be the ones doing the regulating.
  • Especially if you are already big yourself and don't want to face any competition.

  • Comment removed based on user account deletion
  • The same design philosophy that accelerated the flow of correspondence, news, and commerce also accelerates the flow of phishing, ransomware, and disinformation.

    Well, yes. These are called "tradeoffs".

    I don't see anything in the summary (and the stupid hurts, I am not reading the article) about what we would lose with "more friction".

    Anyway, there's plenty of friction on the internet, where it matters. Have to login to any site that matters, have to prove identity to things like tax services and (at least initially) banks, etc.

    What Facebook and Google have proved lately is that the kind of "friction" they want is against people and ideas that they don't like. #%

  • Could a "bad actor" be somebody you don't agree with?

    Maybe that person's views could cause sociality harm, or make you feel that you're not safe.

    For example: maybe somebody could insist that there are only two genders.

  • Dear Vice,

    Go away.

    Thank you.

  • This guy is applying this to just the Internet, whereas I apply it to everything: our technology, in general, has evolved orders of magnitude faster than our species has evolved physiologically, especially our brains. If you use as objective an eye as possible you can see where the comparatively fast development of technology has created problems. In some ways, we, as an overall species, would have benefitted from many technologies developing slower, allowing us time to adapt better. Not that it matters now
  • Want to slow down the internet? Let AT&T handle it. Pay to play. Pay more to play faster. Pay even more to make your competition play slower (not a real option yet). Damn. I love a free market.
  • Comparing the internet to highway speed limits or pharmaceuticals makes no sense. Sometimes a prescription requirement is there for the sole purpose of lining the pockets of drug manufacturers. This is why different countries have different cutoffs for over-the-counter vs prescription only. Comparing drug restrictions to the internet amounts to making restrictions deliberately to make Zuckerfuck even richer. Likewise I am probably one of the few /. members who remember when the federal government capped the

Avoid strange women and temporary variables.

Working...