— Herinnering aan Holland, by Hendrik Marsman
…en in alle gewesten
wordt de stem van het water
met zijn eeuwige rampen
gevreesd en gehoord.
…and in all quarters
is the voice of the water
with its eternal disasters
feared and obeyed.
Russel Shorto, the New York Times’ go-to Batavophile, has an interesting article up right now: How to Think Like the Dutch in a Post-Sandy World. It discusses the work of Henk Ovink, a Dutch water manager and senior advisor to Obama’s Secretary of Housing and Urban Development. Ovink, who appears to have taken on the role because he was bored out of his skull by how controlled water is back home, is helping HUD to create water policies and to plan for future flooding.
Obviously, there are culture clashes.
Dutch battles against water led his country to develop a communal society. To this day, Water Boards, which date to the Middle Ages, are a feature of every region, and they guide long-term infrastructural planning. American individualism, on the other hand, has yielded a system in which each municipality has a great deal of autonomy, making regional cooperation difficult. “The vulnerabilities are regional,” said Judith Rodin, the president of the Rockefeller Foundation, which is the main funding organization working with Donovan’s team. “Yet we have individual community rule, and very little incentive to get out of that.”
Shorto brings out the deep historical roots of the Dutch communal approach to water management. But he only briefly waves at another important element of the culture’s relationship with the discipline: the memory of past catastrophes, particularly the 1953 Watersnoodramp, the great flood that displaced tens of thousands of people and covered nearly a tenth of the Netherlands’ agricultural land. The disaster occurred when the North Sea, whipped up by storm winds and swollen with spring tide, overtopped the coastal dikes and ate them out from the vulnerable landward side. They hadn’t been built to resist water from the land. It was a critical vulnerability, the sort of thing that happens when there’s more risk than there is money to meet it.
In the aftermath of the disaster came some of the country’s most dramatic water engineering: the Delta Works, which shortened coastlines, moved the fresh/saltwater lines, and culminated with the massive Oosterscheldekering. It was a terrifically difficult and expensive project: people not only had to adapt to some substantial changes to the landscape, but also pay for their neighbors’ safety. If you live below sea level, the security of the dikes is everyone’s business in the end.
But while we’re clicking around, reading about Ovink and musing about 1953, the internet’s shared defenses have themselves been eaten out from the landward side. Four days ago, a critical vulnerability in OpenSSL, the open-source implementation of the web’s basic security protocols, was announced: Heartbleed.
OpenSSL is one element of the enormous body of open source and free software that keeps the internet going. Its failure is a big problem. Encryption and security matter, not only to keep our private business private and our finances under our control, but also to run our infrastructure. Heartbleed jeopardizes all of these things.
When I put the problem like that, it sounds like the solution is to move away from open source software. But the stuff is pervasive because it works; it’s robust, generally secure, and does what people need done. (And closed source software is not notably better.) OSS is as much a part of the internet as dikes are of the Netherlands. Likewise, online insecurity, like water in these times of climate change, is not going away. We’re going to have to learn to live with both.
I’ve been reading Heartbleed articles by techies as well as journalists, and they’ve been writing about it the way that Ovink talks about water engineering. This article by Dan Kaminsky is the one that really got me thinking about the parallels between the two.
There’s a lot of rigamarole around defense in depth, other languages that OpenSSL could be written in, “provable software”, etc. Everyone, myself included, has some toy that would have fixed this. But you know, word from the Wall Street Journal is that there have been all of $841 in donations to the OpenSSL project to address this matter. We are building the most important technologies for the global economy on shockingly underfunded infrastructure…
And so, finally, we end up with what to learn from Heartbleed. First, we need a new model of Critical Infrastructure protection, one that dedicates real financial resources to the safety and stability of the code our global economy depends on—without attempting to regulate that code to death. And second, we need to actually identify that code.
It’s a good read, even if you don’t know the technologies he discusses. And I think Kaminsky’s thesis is sound: this is critical stuff, and we need to treat it like critical stuff without breaking what put it into that position in the first place (the OSS culture). Which brings me round to Ovink again, in another way: resistance to the cultural foundation upon which the tools to protect us are built.
Samuel Carter, an associate director at the Rockefeller Foundation, underscored that the very concept of regional planning is still a work in progress in the U.S. “A lot of people feel that it goes against the American character,” he said. Ovink experiences that pushback on a regular basis. He told me that not long ago he was in New Jersey talking with residents hit by Sandy who were raising their houses on stilts. He laid out for them a future situation in which, rather than have each homeowner undertake such difficult and expensive work, the community would embrace measures to protect an entire region from flooding. The response, he said, was, “That would be a socialistic approach.”
OSS culture doesn’t get called ‘socialistic’, but it’s self-organizing and anti-capitalist in its own way. Creating a bridge between that and the businesses and regulators who are tasked with managing critical infrastructure is going to require an Ovinkian charm offensive. Patrick McKenzie’s article on What Heartbleed Can Teach The OSS Community About Marketing looks like a useful start. And I’m sure there’s much more smart writing that I haven’t stumbled across; I’m just skimming the community.
The final quote in Shorto’s article seems like a good way to end this one, too:
“It’s a long shot,” Eric Klinenberg said. “The only reason to think it will work is that we know if it fails, we’re essentially doomed.”
(As for Heartbleed? Take it seriously. Test your key sites, and change your passwords when they’re patched. Don’t share passwords across sites. Watch your bank statements and your email notifications of purchases and registrations.)
Thanks to Laura Mixon for the Shorto link and Jan Lehnardt for the Kaminsky and McKenzie ones. Eclectic Twitterfeed is definitely the name of my next band.