In today's digital age, where much of our lives such as pictures, social life, addresses, banking information and other valuable information is online, it's easy to take for granted the vast web of technology that powers our internet experience. From social media platforms like TikTok and Instagram to e-commerce sites and beyond, behind the scenes lies a complex network of software code that routes data and secures our online transactions. The code behind the intent has been constantly built upon and remodeled, some of the code 60 years ago is still on the platform. At the heart of this digital infrastructure are the efforts of a community of volunteers who are only about 12 people who contribute to maintaining and securing the internet's “plumbing,” this term is very broad; however for example it is taking users from page to page or accepting transactions as they click and interact through the internet. The code is totally open sourced which was established in the beginning to help rid of bugs and flaws in the code however just about anyone can alter the code if they have the knowledge and tools.
The internet, as we know it, has always been decentralized, with a delicate balance maintained between state-backed enterprises, commercial businesses, academics, and hobbyists (the 12 volunteers). While major corporations have capitalized on the internet's success, it is the academics and hobbyists who often play a crucial role in keeping the underlying code and infrastructure running smoothly. However, relying solely on volunteers to uphold the integrity and security of the internet poses significant challenges, as their contributions are driven by passion rather than financial compensation.
So, how do these hobbyists contribute to keeping the internet's plumbing operational? The answer lies in open source software development, where individuals freely share their code with the public, allowing others to scrutinize, improve, and maintain it collaboratively. This approach fosters transparency, innovation, and community-driven problem-solving, as users collectively work to identify and address vulnerabilities to ensure the internet remains secure and resilient.
Despite the contributions of volunteer developers, the pressure on them to maintain critical internet infrastructure can be overwhelming. Many open source projects are maintained by small teams or even individuals, who juggle their responsibilities alongside other commitments and challenges. As a result, issues such as burnout, competing priorities, and limited resources can impede the timely maintenance and security of vital software tools.
The consequences of neglecting internet security are dire, as evidenced by the prevalence of vulnerabilities and exploits that threaten the integrity of online transactions and personal data. Vulnerabilities in encryption software like OpenSSL, which is one of the main pathways used on the internet to make purchases, was hacked by the Heartbleed bug, and exposed millions of users to the risk of data breaches and identity theft, exposing millions of users to passwords, credit card numbers, addresses, phone numbers and more. Google, Meta and other big names were affected. Later Google and others put in capital to help the hobists keep things under control, but have since neglected it. Synopsis which is a cyber security company analyzed that ¾ of the Internets’s code is vulnerable or has been hacked in the past. Similarly, recent incidents involving malware injected into essential software tools further the ongoing battle to safeguard the internet.
While efforts to improve internet security are underway, challenges persist in securing sustained funding and attention from tech companies and governments. While initiatives like the Open Source Security Foundation aim to bolster internet security, they face an uphill battle in garnering support and resources from industry leaders more focused on innovation and profit, and less on the security of their customers. We have seen a bit of anti tech regulation and this is a good step forward to bridge the gap between the tech giants' pursuit of profit and more on the essential maintenance of internet infrastructure. It requires collective action and advocacy for sustained investment and oversight.
The internet's resilience and security rely on the collective efforts of a diverse community of developers, volunteers, and stakeholders. While open source software development has been instrumental in fostering innovation and collaboration for 60 years, ensuring the long-term security and stability of the internet requires a concerted commitment from tech companies, governments, and society as a whole. By recognizing the vital role of internet infrastructure and prioritizing investment and regulation accordingly, we can safeguard the digital landscape for generations to come.