Bruce Schneier speaks at Google on the nascent feudalism in computer security:


Highlights of the talk (some paraphrased and elaborated):

  • There is major inequality in the ability to provide security. Most individual users cannot provide it for themselves. But some big companies can. In fact, the companies are so good that they can provide it for others and bring individuals up to at least a minimal level of security.
  • This is the feudal model of security. Lords provided a minimal living standard in return for labor. They guaranteed that their peasants would survive, and the peasants worked a set number of days or provided a share of their crops as rent.
  • Typically we think of paying for security, but can we stretch the feudal model a bit further? What if users computers (while in screensaver mode or whatever) were used to help with security?
  • When people are afraid they are willing to make interesting bargains.
  • Everyone predicted that automobiles would make transportation faster. No one predicted the suburbs. Second-order social changes are hard to predict.