The end is nigh… and nobody cares
Truth by Duncan Bell
The World Wide Web: born 1991, died 2014. That’s a headline you won’t have read elsewhere but you have to wonder why. Last year, we discovered that various security services might well have been merrily monitoring all our online communications, so that we can be safe and free. Then, in April, it turned out that thanks to something dubbed “Heartbleed”, online security as we thought we’d known it up to that point basically didn’t work.
The public reaction? I wouldn’t say there was none, but it was on about the level of mild peeved-ness. But surely this is insane f**kery of the first order, which should leave everyone gibbering with rage?
It’s like discovering your front door has actually not been locking properly when you closed it behind you every day, because the people who made the door forgot to include a lock. It’s like finding out your bank has been storing your cash in a skip on a bypass rather than, as you’d assumed, in a vault with a door on it made of metal the width of a shot-putter.
Heartbleed wasn’t a virus. It wasn’t designed by cunning master-crims of the type sketched two-dimensionally in a particularly dull episode of Elementary. It was a failing in SSL encryption, a bug or exploit. We know this because the first we heard of it was when a fix was announced.
Now, I’m sorry to keep spelling this out to those of you already well aware, but what Heartbleed meant was that every time you thought you were doing something secure online – buying teacups from Amazon or communicating with your Al-Qaeda handlers over instant messager – you quite possibly weren’t secure. Passwords, keys and session cookies were all up for grabs.
This is catastrophic. But did we care? Nope. Have you changed all your passwords since Heartbleed was revealed? Nope. Have I changed mine? Of course not. Can’t be bothered, mate. After all, there’s been no report of a sudden increase in online crime off the back of the Heartbleed revelations, has there?
As humans, we tend to react to what we can see more than what we’re told. We stop drinking when the doctor explains he’ll be removing our liver shortly, not when killjoys tell us drinking Jägerbombs for breakfast is not a good lifestyle choice.
That analogy leads me to a good way to think of the web: it’s a drug. We ignore anything ruinously bad about it because we love how it makes us feel so very, very much. But that doesn’t mean we won’t one day wake up to find our money’s all gone and we’ve willingly given away all our darkest secrets, just for one more fix.