[TeMPOraL]

How would that empower democracies more than authoritative regimes? The technologies you mention are means of control, and are used as such. Secure computing doesn't help you when the regime owns the keys (or can coerce them out of the vendor).

I may very much be wrong about it, but intuition and experience tells me that means of control usually empower authoritarian parties first and foremost, unless fully owned and operated by individuals - which, in computing, is very much counter the trend and the zeitgeist.

[acje]

Good question and I don’t have a good answer. My intuition is that democracies are more dependent on transparency and that lower complexity and higher security would enable more distribution in control.

[TeMPOraL]

I intuitively agree on transparency being important for democracies, but then I see "lower complexity" and "transparency" as both being opposed to "higher security". Taking for example the secure enclave you mention, its whole point is to bolster security through removing transparency via a complex hardware and software system.

[Dalewyn]

You (and probably a lot of tech nerds) need to remember democracy is a social challenge, not a technological challenge. What applies to technology does not necessarily apply to society.

The more opaque and complicated you make so-called "democracy", the less the electorate have faith that it is fair and representative. Simplicity and transparency is security, security that democracy is working in a way everyone can and must agree with even if they don't necessarily like it.

[TeMPOraL]

I don't think it's technology vs society issue (and I do honestly maintain that social problems are supposed to be solved by technology, because that's literally what technology is for by definition). It's an issue of framing security.

Cybersecurity mostly assumes the vendor is the trusted party - the users are the sheep the vendor is shepherding[0]. Security is designed to pretend first and foremost the vendor, and secondly its flock of users, against attacks from outside parties and other users. The users are untrusted parties here.

Democracy, in contrast, is an unusual relationship in which it's the organization - the government - that's the untrusted party. Transparency is crucial to security of this system, because the very party that organizes it is the one most incentivized to subvert it. It's a special case where opaqueness is not accepted. This is why it's hard to port ideas from cybersecurity to democracy - the assumptions underpinning the two are opposite to each other. Most of what infosec considers good practice would immediately violate the electorate's faith you refer to.

Exercise for the reader: how would our computer systems look if the security field emphasized end users as trusted, and vendors as malicious parties?

--

[0] - I love how the ubiquitous analogies to good shepherds, including biblical ones, conveniently omit the fact that the very reason shepherd cares for their sheep is so they can be fleeced for wool and/or slaughtered for meat.

[baq]

AI slop is perfect for reducing usefulness of transparency: you can generate so much bullshit nobody will ever be able to discern what is worth looking at even if you can have access to everything. We aren't there... yet (but perhaps ask Google how is their search product doing in the past couple years). I'd love to hear what Shannon would have to say about this situation.