Computer Security is Inconvenient
"Years ago," he began, "I read a story about an African tribe; I don't remember their name. They lived in primitive huts made of animal skins over a frame built of sticks — dirt floors. A skin served as the doorway. When a man left his hut or slept, he placed a stick blocking the threshold. That stick served as his lock. It was a secure lock because none of his tribe-mates would cross a doorway blocked by a threshold stick. It was a civilized rule for a civil society."
The four of us stared at him. I glanced at Teena, assuming she had heard the story before. But, I guess not; he had her rapt attention. He had the Nekomata enthralled too. He had us wondering what a primitive tribesman had to do with computers. Alex is a good storyteller.
"We treated our computer security like that tribesman's door stick. A simple password was secure because no one would enter a system protected by a password—civilized rules for civil society, a talisman that served to keep honest people honest.
"Common locks are a talisman no different than that tribesman's threshold stick. Ordinary padlocks and door locks are easy to pick and easy to open. Including quite expensive ones. Little deterrent to those willing to discard the societal contract. A talisman for a civilized society. How often have you seen an elaborate lock on a glass door? Who needs a key when the glass is breakable? Locks do not keep bad people out—they remind decent, honorable folks of the boundaries. They define the demarcations. They are no different in principle than the tribesman's threshold stick."
Teena picked up the narrative. "Our society was once open and relaxed. We had few who would dare violate a civilized code of conduct. People were trusting to a fault. We were like some utopian vision of 1950s middle America; only ours was real. If you dropped your wallet on a street corner with money and your ID, you would find it returned. Odds were that someone would go to great trouble to find you and return it, and your money would be intact. Though unlikely, if one of questionable character kept the money, they would still return the wallet and ID."
Teena continued, "Our network, our version of the Internet, connected everything. There was almost nothing resembling encryption and little security. Indeed, nothing as robust as the complex asymmetrical encryption processes Fitz brags about. Foolish, in hindsight, I know. We had the mathematicians, the theoretical knowledge. We didn't have robust encryption because we didn't believe we needed it. Robust security was too inconvenient.
"Gharlane's malware tore through our world like wildfire, gutting everything. Our world died because we treated computer security as an inconvenience."