I met someone through this very blog. We have been emailing back and forth, and eventually the question arised why I’m so interested in IT security.
My response was, that there’s no particular reason and I guess it’s just “obvious” to me. To which he replied seemingly perplexed, that I do seem to be particularly interested in IT security and that he was curious how it came to be historically speaking. He said it would be fine if I don’t want to talk about any particular topic. I think he might have gotten the impression that I was withholding something. Which is why I’m writing this open letter as response, and hopefully, it will explain things to future readers too.
You see, I wasn’t trying to withhold anything. IT security these days is a required base for privacy. So, while I cannot explain why, I can share some thoughts on the matter and some uncomfortable truths that I think it’s time to talk about.
Why IT security is “obvious” to me. The response:
I wasn’t trying to withhold anything, I do believe it’s just me being me.
I always had an interest in IT and I do believe privacy is a right we should all have, but don’t in practice. If we don’t actively fight for it, we’ll be surveilled by companies that like to mine and sell data which then is used to manipulate us emotionally based on our beliefs and fears.
It can go from as simple as showing a relevant ad to you, to as bad as state interference and fake news to get you to vote for a bad guy, as the US has shown us. Those people don’t want a bad guy, they just don’t know he’s a bad guy. They get bombarded with fake information on Facebook 24/7. Facebook knows who can be manipulated in what way and this can in turn not only be used by ad-agencies but also governments and political parties looking to buy votes, and not just in the USA.
And surely, you must have seen the Snowden leaks (around 2013?) which showed us all at what scale we’re being surveilled from the NSA. Before this, people like me would have probably been called crazy, with the usual argument of “I have nothing to hide” or “they can’t spy on all of us!”
The thing is, it’s not us that decides whether we have something to hide or not, it’s whoever is in charge that decides how to interpret or use the information.
Let me give you an example: There’s a Linux magazine in the USA. Nothing too bad, we have Linux magazines here in Germany/Switzerland too. However, the NSA seems to have thought whoever subscribes to a Linux magazine “knows too much” or “is dangerous” so they were all put on a list. Which, quite frankly, is nuts.
That’s what I mean with “it’s not us that decide” whether we have something to hide, or rather, it’s not us that decide whether we’re put into a drawer of “bad person” or “good person”, based on seemingly random things.
We don’t decide whether a thing is good or bad anymore.
I would say, a Linux magazine is harmless. The NSA would say it makes you dangerous and a target.
So it’s not just about “I have nothing to hide” but rather, “I don’t want to be put into a drawer of supposedly bad people for seemingly random things”.
I don’t want social media and companies to know me better than my mother does, to then try to manipulate me.
I don’t want selective news that shape my opinion the way whoever is in charge wants it to be shaped.
I don’t want to be a sheep.
I want to be free.
This is why I insist on secure communication and data storage with end-to-end encryption. This is why I don’t use Facebook. This is why I don’t use WhatsApp or anything that is owned by Facebook. This is why I don’t use Google or Android phones with Google. This is why I encrypt all my drives. This is why I used hardware security keys. This is why I don’t trust people. This is why I’m seemingly paranoid.
We need strong IT security as foundation for privacy. Without strong IT security, and being aware of things, we can’t have privacy.
And it’s not just the aspect of privacy. Our lives these days are surrounded by IT and technology, and most of us depend on it. There are many bad actors, not just on a state level but simply criminals that would be more than happy to break into your systems, deploy ransomware or steal your identity and ruin your life for a quick buck.
This is why security is “obvious” to me.
It is tied to our right to privacy and our personal safety.
We need it. Now more than ever.
If I wasn’t before, now surely I am on a list. And this is the problem.