English subtitles for clip: File:Free software for freedom, surveillance and you.webm

From Wikimedia Commons, the free media repository
Jump to navigation Jump to search 
1
00:00:00,593 --> 00:00:07,507
It's really awkward to talk directly into a camera. I spend most of my life trying to avoid surveillance, so...

2
00:00:07,507 --> 00:00:12,292
I'm sorry to say I can't be with you in person, so we'll have to do with this video feed.

3
00:00:12,292 --> 00:00:17,590
Basically, I guess if John has given a good intro, and I suspect that he has,

4
00:00:17,609 --> 00:00:21,314
then you understand that the situation is a little precarious for me,

5
00:00:21,314 --> 00:00:26,621
and returning to the U.S. at the moment for me due to my journalistic work with Der Spiegel is a little difficult.

6
00:00:26,621 --> 00:00:29,422
So I split my life into two basic parts.

7
00:00:29,445 --> 00:00:35,845
One is that I work as a free software developer, and generally as a free software advocate, with the Tor project.

8
00:00:35,870 --> 00:00:40,584
It's also the case that I work with Der Spiegel, and also as a freelance journalist with several other

9
00:00:40,600 --> 00:00:45,035
publications, and lately I've spent my time doing research into the NSA's surveillance.

10
00:00:45,045 --> 00:00:49,825
I've interviewed Edward Snowden, and I've published basically a bunch of information.

11
00:00:49,836 --> 00:00:55,774
Stuff that previously we used to think was paranoid crazy-talk, and now we learned that the paranoid crazy-talkers

12
00:00:55,774 --> 00:01:03,980
were not paranoid enough. So I guess for me the goal of this conversation, if we could call it that

13
00:01:03,990 --> 00:01:10,690
when I'm just talking directly into a camera awkwardly, is that I wanted to say that the people that are writing free software

14
00:01:10,709 --> 00:01:16,379
are actually writing the future. It's a little awkward to say that, but it's true.

15
00:01:16,407 --> 00:01:21,352
As an example, I use a free software laptop. It's an X60

16
00:01:21,371 --> 00:01:26,903
and this laptop is, as far as I can tell, about as free as you can get a laptop.

17
00:01:26,934 --> 00:01:32,830
It has coreboot, it has Debian GNU/Linux, it is not using any binary blobs,

18
00:01:32,844 --> 00:01:38,049
it is, to the best of my ability, liberated from proprietary software.

19
00:01:38,063 --> 00:01:44,260
It's pretty good, but it's also many years old, and it's also the case that it's very difficult to

20
00:01:44,265 --> 00:01:48,873
do forensics on a machine like this to know if it has been compromised.

21
00:01:48,891 --> 00:01:52,361
It is the case, though, that I can do that at all because of free software.

22
00:01:52,409 --> 00:01:57,691
It's possible to begin to build something secure with free software, where I can verify

23
00:01:57,692 --> 00:02:03,213
and build things from source, where I can look at the source to see exactly what an attacker might try to do

24
00:02:03,268 --> 00:02:05,682
with the programs that are running on my computer.

25
00:02:05,703 --> 00:02:10,320
So the Four Freedoms here are incredibly important, especially for the work that I'm doing.

26
00:02:10,366 --> 00:02:14,910
Now, given the difficulty of setting up this webstream, I think it's clear that I've done a pretty good

27
00:02:14,910 --> 00:02:19,065
job of making sure there's no microphones. I removed the microphone from this laptop for example,

28
00:02:19,072 --> 00:02:23,637
until I plugged another one in. I've done a pretty good job of that. But it turns out that

29
00:02:23,710 --> 00:02:28,771
this is actually really hard for people who have never programmed in C,

30
00:02:28,792 --> 00:02:33,102
or for people that do not really understand how to program their home computer

31
00:02:33,179 --> 00:02:39,980
and beam themselves into the future. So, part of what I wanted to do was to inspire some people today to think about

32
00:02:39,980 --> 00:02:46,780
what they can do to make this problem of mass surveillance, for example, something that

33
00:02:46,798 --> 00:02:50,939
is different. That is, something where there isn't so much hopelessness.

34
00:02:50,939 --> 00:03:02,265
It's a little strange, because I feel like, for many years, the free software community is the only one that has really cared about privacy.

35
00:03:02,281 --> 00:03:08,575
The free software community builds decentralized or federated solutions and works really on

36
00:03:08,575 --> 00:03:14,004
solving problems of the Four Freedoms, but how those Four Freedoms touch the rest of our lives.

37
00:03:14,004 --> 00:03:21,390
And so, when I think about what's possible, I think the main problem right now is usability.

38
00:03:21,390 --> 00:03:27,737
So, in this regard, to set up this stream, which is broadcasting over Tor, or if you connect to the Tor hidden service

39
00:03:27,753 --> 00:03:34,040
which I've also set up, you can watch this video directly, without knowing my location.

40
00:03:34,040 --> 00:03:42,296
That was so difficult to set up that it took me the better part of the day to actually accomplish that.

41
00:03:42,346 --> 00:03:47,056
It's not that GStreamer is a bad piece of software, it's just that it's extremely complicated.

42
00:03:47,065 --> 00:03:54,001
A simple user interface, for example, would have made a world of difference, such that people who are using other

43
00:03:54,009 --> 00:03:58,841
video streaming solutions, such as proprietary solutions like the NSA PRISM partner Skype,

44
00:03:58,879 --> 00:04:03,630
those people might choose something else. If this was integrated into Debian GNU/Linux,

45
00:04:03,635 --> 00:04:10,469
and all you needed to do was download Tails or to install Debian, then it would be the case that you could very easily

46
00:04:10,504 --> 00:04:15,606
convince people to do it securely, in a decentralized fashion. That's something that at the moment,

47
00:04:15,634 --> 00:04:22,704
I think, is very far away. If it takes me the better part of the day, that means that it will take Glenn Greenwald an infinite amount of time.

48
00:04:22,704 --> 00:04:29,242
It will probably never happen, actually, with all due respect to Glenn. When the software is so complicated, it turns out

49
00:04:29,262 --> 00:04:34,642
that he'll choose something that's less complicated. And so usability is a fundamentally important way

50
00:04:34,722 --> 00:04:39,767
that we can ensure that users will basically care about the Four Freedoms, because once everything

51
00:04:39,767 --> 00:04:44,231
they do is working well in free software, why would they choose proprietary software?

52
00:04:44,269 --> 00:04:50,840
Usually it is the case that they won't. In fact, there are many people who are Tails users, but they have to switch to

53
00:04:50,909 --> 00:04:54,942
proprietary systems, they feel, for the usability of something like Skype.

54
00:04:54,965 --> 00:05:00,687
So, I mean, why? What's going on that all of these things are necessary?

55
00:05:00,687 --> 00:05:04,119
I suppose you've all heard the bad news.

56
00:05:04,133 --> 00:05:10,223
And the bad news is that the Internet is under, essentially, total surveillance.

57
00:05:10,244 --> 00:05:15,136
And what I mean by that is not, let's say, the traditional version of surveillance,

58
00:05:15,144 --> 00:05:19,431
where you have a person, and the person is inspecting things, it's looking at things, it's taking notes.

59
00:05:19,462 --> 00:05:25,772
Rather, the mass surveillance that is happening now is in the form of deep packet inspection.

60
00:05:25,817 --> 00:05:31,372
Now, all around the world, there exists a series of systems that are run by the National Security Agency,

61
00:05:31,372 --> 00:05:38,273
GCHQ, CSE, DSD, and other agencies. Those are just the ones we could call "friendly" agencies,

62
00:05:38,278 --> 00:05:43,184
if you can call mass surveillance friendly, but you could say it's a kind of social concern, so let's say

63
00:05:43,184 --> 00:05:48,758
that they're friendly. Then there's the rest of the world, and what's happening with those systems.

64
00:05:48,758 --> 00:05:52,883
We don't know a lot about the rest of the world's systems, but thanks to the courage of Edward Snowden,

65
00:05:52,883 --> 00:05:56,418
we do, for example, understand a great deal about the NSA's surveillance.

66
00:05:56,418 --> 00:06:00,014
And one of the things that we understand is that it violates the Fourth Amendment.

67
00:06:00,016 --> 00:06:05,346
At least on its face it seems clear that it is an unreasonable search and a seizure.

68
00:06:05,346 --> 00:06:11,018
That is, it takes data from the Internet, sometimes through fiber optic splitters, things like Glimmerglass-related devices,

69
00:06:11,018 --> 00:06:16,952
where they copy information from fiber optic lines onto another line. It then inspects the data,

70
00:06:16,952 --> 00:06:22,711
that is, it has seized the data and then it, I believe, unreasonably searches through the data.

71
00:06:22,711 --> 00:06:29,702
It does this looking for selectors. So, for example, if you happen to be Chancellor Merkel, that is the German Chancellor,

72
00:06:29,702 --> 00:06:36,091
you would have had your phone number as one of those selectors, and anytime any flow of traffic passed by one of these

73
00:06:36,091 --> 00:06:44,311
sensors—that is the TURBINE, TURMOIL, Turbulence architecture of sensors—your data would be selected,

74
00:06:44,311 --> 00:06:50,572
and that selection would ensure that your data flows that are associated with that would be recorded forever.

75
00:06:50,572 --> 00:06:54,983
So if you know about the Bluffdale, Utah complex, you'll know for example that

76
00:06:54,983 --> 00:07:00,560
the NSA is building very large computation centers, not just for attacking cryptographic systems,

77
00:07:00,560 --> 00:07:06,833
but also for recording data that they cannot currently attack, in hopes that when that encrypted data

78
00:07:06,833 --> 00:07:12,934
is interesting to them, or when they have a cryptographic breakthrough, they'll be able to do something

79
00:07:12,939 --> 00:07:17,195
with data that previously was just noise to them. So this tells us a couple things.

80
00:07:17,195 --> 00:07:20,947
One of the things that it tells us is that we are in a lot of trouble.

81
00:07:20,947 --> 00:07:26,640
There are proprietary software solutions which, according to some of the documents leaked by Edward Snowden

82
00:07:26,640 --> 00:07:30,532
and published by Glenn Greenwald, there are proprietary software companies that are

83
00:07:30,560 --> 00:07:36,132
what are called SIGINT enabled. That is to say that they believe that when they sell you a security product

84
00:07:36,132 --> 00:07:40,324
that it's somehow not false advertising to have willingly broken the system.

85
00:07:40,324 --> 00:07:46,722
So that's a really serious problem. It tells us, for example, that proprietary software definitely has backdoors.

86
00:07:46,746 --> 00:07:51,932
Unfortunately Glenn did not release the name of that company, or the companies that are involved,

87
00:07:51,956 --> 00:07:58,432
but it should be extremely obvious that, if you were to guess, you probably wouldn't guess incorrectly.

88
00:07:58,442 --> 00:08:03,070
And if you were to guess, you would probably understand that it's not a free software product.

89
00:08:03,076 --> 00:08:09,215
That is, if you look at free software, you can find the problems. If someone were to add a backdoor,

90
00:08:09,215 --> 00:08:14,675
while it might not always be obvious if they're very sneaky about it, it is significantly more difficult

91
00:08:14,675 --> 00:08:20,900
to add a backdoor to a free software project than it is to add one to a proprietary hardware or software device.

92
00:08:20,900 --> 00:08:28,230
So, when we start to see that our security solutions are actually not security solutions overall,

93
00:08:28,230 --> 00:08:34,174
one of the things we'll notice is that it's not just the NSA or GCHQ that will be exploiting these systems.

94
00:08:34,174 --> 00:08:41,160
It's actually lots of different people. So for example, now that you guys know about the Dual EC DRBG backdoor,

95
00:08:41,160 --> 00:08:46,000
there is a very good chance that someone in the audience is working on attacking it and breaking it.

96
00:08:46,003 --> 00:08:53,732
And if you happen to have, for example, copies of traffic that were encrypted with that, as the seed for

97
00:08:53,762 --> 00:08:57,064
the random number generator, you may be able to exploit it.

98
00:08:57,070 --> 00:09:02,454
So this is ultimately a kind of security by obscurity, in hopes that by adding this backdoor, only the good guys,

99
00:09:02,454 --> 00:09:08,440
allegedly, they will be the only ones to break it. In reality, it doesn't work that way.

100
00:09:08,440 --> 00:09:12,990
So we have a sort of tension here between signals intelligence and communication security.

101
00:09:12,990 --> 00:09:17,580
On the one hand, we have signals intelligence collecting as much data as we can

102
00:09:17,580 --> 00:09:21,865
from those aforementioned deep packet inspection systems. And on the other side, we have

103
00:09:21,865 --> 00:09:27,894
communications security tools which allegedly are protecting us, but it turns out some of them are SIGINT-enabled.

104
00:09:27,894 --> 00:09:34,540
So what is there to be done about this? It seems quite clear to me that free software and free hardware,

105
00:09:34,540 --> 00:09:40,679
that is free and open hardware, where things are freely specified, where it's possible for you to fab your own hardware

106
00:09:40,679 --> 00:09:45,102
in a factory of your choosing, in a country of your choosing, with parts of your choosing,

107
00:09:45,102 --> 00:09:49,624
where you can verify them, that is clearly the right direction to go.

108
00:09:49,624 --> 00:09:55,151
Because it is not just, let's say, again, so-called legitimate authorities that are doing this.

109
00:09:55,151 --> 00:10:02,000
It's probably a lot of other people as well. We just happen to know there is absolutely, for certain, one set of people

110
00:10:02,000 --> 00:10:08,264
that are doing it. And so free software in particular has given, I would say, some leverage.

111
00:10:08,264 --> 00:10:13,510
That is, it has allowed regular people to be able to communicate securely in a time of

112
00:10:13,510 --> 00:10:19,900
complete and total mass surveillance. So, for example, things that work: cryptography does

113
00:10:19,900 --> 00:10:24,765
actually work. If it is not signals intelligence-enabled, that is SIGINT-enabled,

114
00:10:24,765 --> 00:10:33,432
it is the case that the mathematics behind DSA, RSA, Diffie–Hellman, those seem to not be broken when you

115
00:10:33,432 --> 00:10:38,231
use appropriate key sizes. That's very good news, because in an age of mass surveillance,

116
00:10:38,231 --> 00:10:46,971
the only thing that stops the surveillance is making the surveillance worthwhile. That is, if it's extremely

117
00:10:46,971 --> 00:10:54,033
valuable for everyone to spy, they will spy. If it's a lot of noise, if the searching for selectors doesn't work,

118
00:10:54,033 --> 00:11:01,764
it changes the game significantly. At the moment, not every single byte of data is recorded forever.

119
00:11:01,764 --> 00:11:07,633
There is clearly some attempts to do that, and that is something that we need to cope with.

120
00:11:07,633 --> 00:11:12,366
From a cryptographic perspective, we need to think about it, I think, on the hundred-year crypto timeline.

121
00:11:12,366 --> 00:11:16,232
This is something that Zooko has been working on and I think is a really good idea.

122
00:11:16,307 --> 00:11:23,732
But we have to imagine that all of the things we do are being recorded for all time, and with that, we need to react appropriately.

123
00:11:23,732 --> 00:11:29,501
So if you, for example, work on a free software chat client, it should have Off-the-Record Messaging built into it.

124
00:11:29,501 --> 00:11:34,931
If, for example, you build a web browser, it should be compatible with the Tor network. It should not be

125
00:11:34,931 --> 00:11:41,100
compatible, for example, with the proprietary Flash Player first. Unfortunately, on balance, what we see

126
00:11:41,100 --> 00:11:46,600
is that people are often more concerned with making things work with Flash than with allegedly

127
00:11:46,600 --> 00:11:53,133
paranoic tools like the Tor project and all of its software, like the Tor network. This, I think, is

128
00:11:53,133 --> 00:11:58,332
kind of sad, but I think that we can turn this around and change it, and we need to look at the crypto

129
00:11:58,332 --> 00:12:03,900
that we actually use. So, for example, for a Jabber server, it should be using forward secret crypto.

130
00:12:03,900 --> 00:12:09,300
So, if you have TLS, it should be used in a forward secret mode. Because it isn't just passive surveillance,

131
00:12:09,300 --> 00:12:15,463
though that is a very core and serious thing, it's also active surveillance. The Turbulence architecture that

132
00:12:15,463 --> 00:12:21,500
I mentioned, I detailed a little bit in my reporting at the 30C3 and also in Der Spiegel at the end of last year.

133
00:12:21,500 --> 00:12:27,000
And what we see is those selectors that I mentioned before, let's say your phone number or your email

134
00:12:27,000 --> 00:12:31,095
address... I wish I could see the audience because I'd ask you to raise your hand, and say "how many

135
00:12:31,095 --> 00:12:37,732
of you are sysadmins?" Obviously some of you are, someone raised their hand. So the NSA is probably

136
00:12:37,732 --> 00:12:41,634
targeting you, if you're a system administrator for any system that is interesting.

137
00:12:41,634 --> 00:12:48,887
And it is the case that if you were to have some credentials for an interesting network, and you are

138
00:12:48,887 --> 00:12:55,037
being targeted, one of the ways that you will be targeted is that you will be targeted by an analyst who looks

139
00:12:55,037 --> 00:12:59,900
for selectors. They look for your federated logins, they look for your centralized logins, they look for

140
00:12:59,900 --> 00:13:06,133
all kinds of information, and it is the case that they program this, essentially, into a targeting system.

141
00:13:06,133 --> 00:13:10,133
And that targeting system will automatically attack you. It will do man-in-the-middle attacks,

142
00:13:10,133 --> 00:13:15,132
it will do man-on-the-side attacks. It appears that they have certificate authority resources so that

143
00:13:15,132 --> 00:13:19,332
they can do man-in-the-middle attacks on SSL, which tells us that we really need to work on things like

144
00:13:19,332 --> 00:13:27,600
TACK and SSL cert pinning, that's very important. If, for example, we notice though, crypto changes

145
00:13:27,600 --> 00:13:32,733
the way the selector-based surveillance can even function. If, for example, you note that all of my traffic

146
00:13:32,733 --> 00:13:37,970
right now is going through the Tor network, and in many cases people, three people at the moment, are connected

147
00:13:37,970 --> 00:13:43,900
to the Tor hidden service for this video feed, there is no possibility for selector-based injection.

148
00:13:43,900 --> 00:13:50,000
That is, it's just TLS traffic, the network distinguisher is pretty close to normalized across

149
00:13:50,000 --> 00:13:55,097
all Debian Tor users that are doing what I'm doing, which I admit, there's probably five of us in the world,

150
00:13:55,097 --> 00:14:02,401
but, you know, that changes the fundamental trade-off. That is, doing the selector-based surveillance

151
00:14:02,401 --> 00:14:08,200
will have less of a return than it previously did, or will require more targeting. And this is where anonymity comes into play.

152
00:14:08,200 --> 00:14:13,264
If you have anonymity, it becomes significantly more difficult for someone to target you.

153
00:14:13,264 --> 00:14:18,832
It's not impossible, of course, but it's... Well okay, maybe it's more than five people.

154
00:14:18,832 --> 00:14:23,966
I've got a little lag here from the IRC channel, but apparently there are a few Debian users that route

155
00:14:23,966 --> 00:14:34,665
their traffic over Tor in the audience, I hope? But if we see the anonymity benefit there, there's of course

156
00:14:34,665 --> 00:14:42,265
a downside, you know? When you have these systems, they're laggy sometimes, they're not always really seamless to work together,

157
00:14:42,265 --> 00:14:48,666
it takes a lot of specialized knowledge, again. And this returns me sort of to the key point, which is about usability.

158
00:14:48,666 --> 00:14:54,201
So one of the things that I've seen when looking through documents for this research is that

159
00:14:54,201 --> 00:14:59,865
usability and security is the worst nightmare of a signals intelligence agency. So for example,

160
00:14:59,882 --> 00:15:07,931
TextSecure and RedPhone, by Moxie Marlinspike, those pieces of software really make the life of

161
00:15:07,931 --> 00:15:14,500
someone doing these kinds of attacks hell. At the very least, it means that they have to take what was once a passive thing,

162
00:15:14,500 --> 00:15:20,433
where they could silently record data on everyone, and they can essentially now no longer do that.

163
00:15:20,433 --> 00:15:24,601
They have to either attack his systems, which they probably will at some point, if they haven't already,

164
00:15:24,601 --> 00:15:31,000
or they have to attack each end user's system. So this means that once we start to deploy this widely,

165
00:15:31,000 --> 00:15:38,532
for everyone, it changes the balance, where mass surveillance becomes less and less economically useful for these attackers.

166
00:15:38,532 --> 00:15:44,500
And that's important, because again, even if you think the NSA is sent from heaven, if you believe in heaven,

167
00:15:44,500 --> 00:15:49,864
you have to understand that they're not the only people out there, doing these kinds of things.

168
00:15:49,933 --> 00:15:55,813
So every time, for example, an American businessman or -woman goes traveling somewhere,

169
00:15:55,813 --> 00:16:02,600
that person is effectively targeted for signals intelligence collection. Now sometimes it's not always

170
00:16:02,600 --> 00:16:07,132
targeted in the literal selector sense, but they're using systems that are SIGINT-enabled.

171
00:16:07,132 --> 00:16:12,420
Now whether or not the phone companies know is an interesting discussion. Most of them do. Most of them

172
00:16:12,420 --> 00:16:19,726
go along willingly, but the key thing is that, on balance, when you travel abroad, you basically are

173
00:16:19,832 --> 00:16:23,501
subject to the whims of all the countries where you are traveling, obviously.

174
00:16:23,501 --> 00:16:27,644
Those whims may be significantly more harsh, they may have different economic interests,

175
00:16:27,644 --> 00:16:33,431
they almost certainly have different political and legal and economic interests than what you might like.

176
00:16:33,431 --> 00:16:39,833
If you're a free software developer, and you're not an American citizen, for example, you are a target, almost certainly.

177
00:16:39,833 --> 00:16:43,564
If you are a system administrator, you are a target, almost certainly.

178
00:16:43,564 --> 00:16:48,622
And it doesn't even matter if you're an American citizen, really, though there is a slight distinction about that.

179
00:16:48,622 --> 00:16:53,715
I think that in the near future, we'll learn that that distinction is largely bogus.

180
00:16:53,715 --> 00:17:00,034
Sorry for the bad news, but... I guess it's sort of important to tie these things together.

181
00:17:00,034 --> 00:17:06,233
So, free software and free hardware, they can potentially bring some solutions into play, but it's

182
00:17:06,233 --> 00:17:11,932
not exactly clear how we get there. So for example, if you're a system administrator, you probably have a SIM card in your phone.

183
00:17:11,932 --> 00:17:16,764
This SIM card is, without a doubt, a piece of proprietary software and proprietary hardware

184
00:17:16,764 --> 00:17:24,238
that then plugs into another piece of proprietary hardware, almost always, and that runs proprietary software.

185
00:17:24,238 --> 00:17:30,300
And those are actually described, some of those cell phone systems are actually described as master and slave systems,

186
00:17:30,300 --> 00:17:37,700
where the master CPU is in fact the proprietary one and it enslaves the free software CPU, which is often Android, which is not always

187
00:17:37,700 --> 00:17:42,233
free to begin with. But if we were to say that in an ideal world you had the most free cell phone,

188
00:17:42,233 --> 00:17:48,865
you'll probably still have a baseband, which is proprietary software, with a SIM card that is proprietary software and proprietary hardware.

189
00:17:48,865 --> 00:17:55,933
So as you're doing your job, even if you have all free software for your laptop, for example, you have this

190
00:17:55,933 --> 00:18:02,133
unfortunate conundrum where, to do the basic work that you need to do, you are completely surrounded

191
00:18:02,133 --> 00:18:07,332
by proprietary hardware and proprietary software. Now, the NSA has toolkits that they can deploy

192
00:18:07,332 --> 00:18:14,115
into those SIM cards, and into the basebands, not just as a matter of exploitation but actually in some cases by design.

193
00:18:14,115 --> 00:18:19,100
Some SIM cards, for example, allow you to add an app to the SIM card without even having

194
00:18:19,100 --> 00:18:25,000
a cryptographic key or even exploiting the device, just sending a well-formed message will actually do this.

195
00:18:25,000 --> 00:18:30,133
Carson Noll, without realizing it, rediscovered this and he showed this at the CCC.

196
00:18:30,133 --> 00:18:38,632
It's almost identical to things that we showed in the Der Spiegel reporting from last year that I discussed at the 30C3.

197
00:18:38,632 --> 00:18:44,832
I gave a talk there that was called "To Protect and Infect, Part 2," and I don't want to rehash too much

198
00:18:44,832 --> 00:18:50,200
of that talk, but I would really encourage all of you to watch it, because I basically talk about the technical details.

199
00:18:50,200 --> 00:18:55,400
And the technical details are important, because in a democracy, for us to be able to understand what it is

200
00:18:55,400 --> 00:18:59,400
that we're consenting to, we need to have some concept of what it is we're talking about.

201
00:18:59,400 --> 00:19:05,367
Unfortunately the laws are not so great, and from what I can tell, some people have even called

202
00:19:05,367 --> 00:19:08,800
for my prosecution as a result of showing and discussing these things.

203
00:19:08,800 --> 00:19:13,364
Now, that went through very careful editorial control at Der Spiegel, so I don't feel too threatened by it,

204
00:19:13,394 --> 00:19:18,134
but it's an important point that people don't want you to understand how the machines that control you and

205
00:19:18,143 --> 00:19:22,465
surveil you work. They don't want you to be able to change the way that those things work,

206
00:19:22,465 --> 00:19:27,933
because it is about power. It's about controlling you, it's about controlling your machines, and it's about

207
00:19:27,933 --> 00:19:32,832
ensuring that those people stay in control over you and your devices, should they wish it.

208
00:19:32,832 --> 00:19:37,931
So, in a democracy I think it's fundamentally important for us to understand how the machines work,

209
00:19:37,931 --> 00:19:43,766
to understand how the power works, to understand what the dynamics are, to make sure that these

210
00:19:43,766 --> 00:19:47,366
devices, for example, how they're being subverted, that we understand it.

211
00:19:47,366 --> 00:19:54,300
For example, when we understand that exploitation often leads to hoarding of bugs, that means we understand

212
00:19:54,300 --> 00:20:00,534
that people are letting us stay in a vulnerable state so as to be able to exploit us.

213
00:20:00,534 --> 00:20:06,633
But many people may find those bugs and exploit us, so it is not nearly a simple thing where we say

214
00:20:06,633 --> 00:20:13,965
we cede some of our autonomy so that people will be able to do their job. You know, the local policeman needs

215
00:20:13,965 --> 00:20:18,600
to do their job, cooperate with them, for example. Because it is every local policeman on the planet.

216
00:20:18,600 --> 00:20:22,800
It is every intelligence officer on the planet, with enough of a budget or the technical know-how,

217
00:20:22,800 --> 00:20:28,833
who will be able to exploit those things. So on balance, it seems very clear that we want to build secure systems

218
00:20:28,833 --> 00:20:35,133
and not make that trade-off, because we can never actually ensure that the people who are doing this

219
00:20:35,133 --> 00:20:40,566
are acting in our best interest, are democratically in a position of authority that is legitimate,

220
00:20:40,566 --> 00:20:46,368
if, you know, you bear with me here and we say there is some authority that is legitimate...

221
00:20:46,368 --> 00:20:51,632
I know it's a free software crowd, so I like to think that some of you there apt-get install anarchism

222
00:20:51,632 --> 00:20:56,800
from time to time. But it's very important to understand that that balance is something which is not

223
00:20:56,800 --> 00:21:02,769
a part of the discussion, and a big part of ensuring that it's not a part of the discussion is to try to hide the details.

224
00:21:02,769 --> 00:21:07,932
And so for me, I think it's very important to bring out the details. It's very important to show that they use

225
00:21:07,932 --> 00:21:13,532
continuous wave generators bounced against reflectors that they've installed after stealing your mail.

226
00:21:13,532 --> 00:21:19,333
Do we want to live in a world where these people steal our mail? And where they take our laptops

227
00:21:19,333 --> 00:21:24,493
when we buy them online and add devices to them? I don't want to live in that world.

228
00:21:24,493 --> 00:21:29,532
I like to think that people that work on free software not only don't want to live in that world, they are actively

229
00:21:29,532 --> 00:21:34,090
working to ensure that everyone on the planet can choose to live in a different world.

230
00:21:34,090 --> 00:21:46,365
To get back to the point, things like the Milkymist, Novena, coreboot, these are on a spectrum of free

231
00:21:46,365 --> 00:21:53,368
hardware to, as we go down the line, free software-enabled proprietary hardware.

232
00:21:53,368 --> 00:21:59,815
Now, I use an X60 with coreboot and I removed almost all of the hardware I don't need.

233
00:21:59,815 --> 00:22:04,700
I try, for example, to get rid of anything that would need a binary blob. I think I've done that.

234
00:22:04,700 --> 00:22:10,866
This laptop, I think, only has one binary blob left, and that's in the embedded controller for the keyboard.

235
00:22:10,866 --> 00:22:15,964
I sometimes use an external keyboard that doesn't have that, although obviously that keyboard has some

236
00:22:15,964 --> 00:22:23,115
binary firmware device inside of it. Hopefully not remotely flashable. As far as I can tell, that's the case.

237
00:22:23,115 --> 00:22:31,030
Systems like the Novena, made by Bunnie, I think, are the future. That is, he has built almost entirely,

238
00:22:31,030 --> 00:22:37,100
as much as is possible at the moment, an open hardware device based on an ARM CPU, where you can fab this

239
00:22:37,100 --> 00:22:45,880
device, where you can very easily, if you are a hardware person, modify it, and you can fab this

240
00:22:45,880 --> 00:22:52,332
changed device. So that, I think, is critical. There's still a proprietary CPU, but there's a trade-off to be

241
00:22:52,332 --> 00:22:59,567
made here. So in this case, the Freescale CPU that he included is pretty fast, it's a quad-core CPU, and it

242
00:22:59,567 --> 00:23:03,684
has a hardware random number generator. Who knows if it's SIGINT-enabled, hopefully not.

243
00:23:03,684 --> 00:23:09,232
If we see this, we see that it is significantly better than, for example, the ThinkPad that's sitting in front

244
00:23:09,232 --> 00:23:13,000
of me where we don't know the designer, we don't know their intentions, we don't know for example if

245
00:23:13,000 --> 00:23:19,801
the Intel microcode, if it can be updated remotely by someone who has the key that isn't Intel.

246
00:23:19,801 --> 00:23:25,164
Probably, would be my guess, if they understand the format, if they can add backdoors, which, if they understand

247
00:23:25,164 --> 00:23:29,601
the way the microcode works and they have the key, then of course they can do all of those things.

248
00:23:29,601 --> 00:23:35,033
So there are some architectural changes in the Novena which I think are pretty spectacular for that.

249
00:23:35,033 --> 00:23:41,166
If we go all the way, I see something like the Milkymist, which for a time I used instead of as a video mixer

250
00:23:41,166 --> 00:23:52,767
but as a machine for running screen and irssi. And it actually is a FPGA device where the CPU itself is

251
00:23:52,767 --> 00:24:03,034
free software. Unfortunately the tools for synthesizing the FPGA, those are not free. We lack free software tools

252
00:24:03,034 --> 00:24:08,900
for those things, as well. And we really, really, really need free software tools for all of these things,

253
00:24:08,900 --> 00:24:16,721
and we need free hardware platforms to build on top of. Without that, it's very difficult for us to secure our systems.

254
00:24:16,721 --> 00:24:21,801
I think that it's critical to do that. And there are some people that are doing that.

255
00:24:21,801 --> 00:24:27,064
So lekernel, the guy who's working on the Milkymist, and some of these other free hardware devices,

256
00:24:27,064 --> 00:24:32,600
I think he really needs support, and I think it would be great, because his devices are the kinds of devices

257
00:24:32,600 --> 00:24:37,135
where you can do forensics on it, but you can also prevent adversarial forensics.

258
00:24:37,135 --> 00:24:42,400
That is, you can program your device to self-destruct, but you can also check to see if someone has changed

259
00:24:42,400 --> 00:24:49,201
the bootloader, if someone has changed the VHDL output, you can actually verify these things.

260
00:24:49,201 --> 00:24:55,133
Novena is much the same. I've been working on making Debian GNU/Linux run really well on it.

261
00:24:55,133 --> 00:25:05,166
I actually have a Novena here in front of me, with the little helpful Intel sticker, but that's just as a joke,

262
00:25:05,166 --> 00:25:11,485
because there's no intel inside with free hardware and free software, if we do our jobs correctly.

263
00:25:11,485 --> 00:25:19,500
So, I'd like to think that this is a good start, but the only thing that makes this useful is, of course, the free software on top of it.

264
00:25:19,500 --> 00:25:25,931
So in this sense, I think that Debian GNU/Linux is very important. I think lots of things, like Trisquel, for example,

265
00:25:25,931 --> 00:25:31,565
are very important. And we need to work on making those systems usable. I think the GNOME project

266
00:25:31,565 --> 00:25:37,300
has done a very excellent job with that. There are a few things about it that drive me crazy, but mostly

267
00:25:37,300 --> 00:25:44,832
just because I've been using computers long enough to have bad habits, so I think that that's a sort of humbling experience.

268
00:25:44,832 --> 00:25:52,600
The Tails operating system, which is a derivative of Debian, is set up in such a way that you don't

269
00:25:52,600 --> 00:25:57,633
need to understand anything about anonymity, you don't need to understand anything about security and privacy.

270
00:25:57,633 --> 00:26:02,701
It comes with a chat client that has Off-the-Record Messaging by default. Everything is configured

271
00:26:02,701 --> 00:26:11,133
to work over Tor by default. This is great. This helps us with this paradigm shift of privacy by policy to privacy by design.

272
00:26:11,133 --> 00:26:16,100
Now, there are a couple of problems that still exist. Even if you have Tails, even if you find it usable,

273
00:26:16,113 --> 00:26:21,500
which it isn't, in my opinion... It's much more usable than all of these things were before Tails, but it's

274
00:26:21,500 --> 00:26:28,565
a progression. If we take a step and we go further and further down the line, one of the things we'll note

275
00:26:28,565 --> 00:26:34,165
is that there isn't an easy wizard for setting up, for example, a chat account that just works.

276
00:26:34,165 --> 00:26:42,300
Where you can just easily send a message. Where it's not hard. As an example, I installed Jitsi on this laptop,

277
00:26:42,300 --> 00:26:47,963
and at the bottom of the screen you see "surveillance_target@jit.si". You can, of course,

278
00:26:47,963 --> 00:26:55,971
ask me questions via OTR if you want here, and if you'd like to, you'll note that it is, of course,

279
00:26:55,971 --> 00:27:03,880
using OTR, it is also using SSL/TLS... well, it's TLS 1.0, I think, to connect there.

280
00:27:03,880 --> 00:27:12,400
You'll note that it's essentially... it's like an email address. That is pretty good, and I think we may have

281
00:27:12,400 --> 00:27:17,280
to sit with that for a while, while we work on coming up with different naming systems.

282
00:27:17,280 --> 00:27:22,003
Zooko's triangle, if you haven't heard of it, I would recommend you look it up on the Wikipedia,

283
00:27:22,003 --> 00:27:27,400
it's definitely the case that we have some hard problems to try to tackle.

284
00:27:27,400 --> 00:27:35,000
Skype, for example, is really easy for people to use, and they do use it because they have probably purchased

285
00:27:35,000 --> 00:27:40,165
every webcam in the world, and then they've made it work with every piece of software and hardware

286
00:27:40,165 --> 00:27:46,301
combination that they could get their hands on. And they also solved the problem of making it as simple

287
00:27:46,301 --> 00:27:59,732
as adding, for example, one username and password, and then forever just keeping that identifier.

288
00:27:59,732 --> 00:28:06,264
And then you just have to simply say, "Hey, I'm Alice at, I'm Bob at" and it's really easy to use.

289
00:28:06,264 --> 00:28:12,500
For example, if Jitsi had a setup wizard, where it automatically generated your OTR keys and it

290
00:28:12,500 --> 00:28:17,367
automatically did everything that needed to be done and it added you to their server, but it also allowed

291
00:28:17,367 --> 00:28:23,263
you to configure a secondary server, that would be fantastic. It would mean that you could just download

292
00:28:23,263 --> 00:28:29,500
Jitsi and it would work. If it forced OTR, even better. Those kinds of things are really simple changes

293
00:28:29,500 --> 00:28:35,165
that really would make a world of difference. And since Jitsi works on other platforms other than pure

294
00:28:35,165 --> 00:28:39,800
free software platforms, it can even be used as a kind of gateway crypto system.

295
00:28:39,800 --> 00:28:45,700
So, I think that kind of stuff becomes very important, because once you have something like Tails

296
00:28:45,700 --> 00:28:50,001
and you have something like Jitsi and you put them together, you still have that last step.

297
00:28:50,001 --> 00:28:57,784
And that last step is a hard one. But we're really close. In looking through and understanding some of

298
00:28:57,784 --> 00:29:03,482
the things that I've been looking at and studying with regard to the technology, and I said this before,

299
00:29:03,482 --> 00:29:09,998
usability and security are absolutely critical. But I also mentioned before the active attackers.

300
00:29:09,998 --> 00:29:19,332
So one of the issues that we see is that these active attackers are actually pretty good, right?

301
00:29:19,332 --> 00:29:24,300
So if you have a longterm cryptographic key but you don't use it correctly, that is, you encrypt all your

302
00:29:24,300 --> 00:29:29,883
traffic in a non-forward secret way, you have a pretty serious problem, which is that these people will

303
00:29:29,883 --> 00:29:36,000
break into the computer and actually take the key so that they can decrypt traffic, or to impersonate you.

304
00:29:36,000 --> 00:29:40,364
So we do need to come up with some notions about, for example, ratcheting.

305
00:29:40,364 --> 00:29:45,965
So TextSecure, which Moxie Marlinspike has been working on for many years now, it has this notion

306
00:29:45,965 --> 00:29:52,239
of forward secrecy as well as future secrecy. I think that we need to think about some of the stuff that he's

307
00:29:52,239 --> 00:30:00,000
been working on to make this kind of system usable. Adam Langley, who is probably, I would say, one of the

308
00:30:00,000 --> 00:30:06,032
great living cypherpunks right now, he has written a system called Pond. I've worked a little bit on the key

309
00:30:06,032 --> 00:30:11,113
agreement system PANDA, where we dynamically meet by using a shared secret.

310
00:30:11,113 --> 00:30:16,932
That kind of a system is really important. It changes the game from "you're totally surveilled, but maybe

311
00:30:16,932 --> 00:30:21,631
you have PGP email if you're lucky," or "you're totally surveilled, but maybe you have OTR if you've had

312
00:30:21,631 --> 00:30:32,032
a proper chat client for it." And basically it switches it, so everything goes over Tor, everything goes to a server,

313
00:30:32,032 --> 00:30:39,965
that server only sees a delayed set of messages. That kind of system is really a significantly different way of

314
00:30:39,965 --> 00:30:45,120
doing communications, and it's not so different from email in some ways. But it's different in the ways that

315
00:30:45,120 --> 00:30:50,900
are really important. So that, however, is completely useless without a usable interface,

316
00:30:50,900 --> 00:30:57,573
without having it be deployed, without teaching people things. So as an example, when you teach

317
00:30:57,573 --> 00:31:02,132
a journalist something—one of the things that I've found is almost impossible to do is to teach journalists—

318
00:31:02,132 --> 00:31:07,333
but if you teach journalists something, you want to teach them one or two things that you absolutely

319
00:31:07,333 --> 00:31:12,500
impress on them that they must do. So for example, verifying an OTR fingerprint is one of the things

320
00:31:12,500 --> 00:31:16,765
that I impress on every journalist that I work with. And that's actually my litmus test.

321
00:31:16,765 --> 00:31:23,600
If they cannot use Tor and OTR and Jabber together, I don't work with them, because they can't maintain

322
00:31:23,600 --> 00:31:33,232
confidentiality, authenticity, any kind of integrity in a digital sense. And that, for me, is important.

323
00:31:33,232 --> 00:31:37,933
But it's also the case that I spend a lot of time teaching people how to build Tails disks, or building

324
00:31:37,933 --> 00:31:43,833
Tails disks for them, or getting a special laptop and then setting that up for them and then adding Tails to

325
00:31:43,833 --> 00:31:51,732
that system, or a Debian GNU/Linux setup. And it would be nice if it was as simple as "just use Trisquel."

326
00:31:51,732 --> 00:31:58,566
If it was as simple as "buy a laptop from this vendor and it's all free software enabled."

327
00:31:58,566 --> 00:32:02,231
Now there are some vendors that do it, and the problem of interdiction, which I mentioned before,

328
00:32:02,231 --> 00:32:07,100
where they steal mail and change things, that's a serious problem. So we really need to make sure

329
00:32:07,100 --> 00:32:14,373
that these things are available in regular stores where regular people go. That makes targeting, again, much harder.

330
00:32:14,373 --> 00:32:22,100
I have a couple of other things before I start to take questions, but I think that the real key stuff that

331
00:32:22,100 --> 00:32:28,400
we need to consider is that we need verifiability. So for example, reproducible builds, things like Gitian,

332
00:32:28,400 --> 00:32:34,400
which is what we're doing for the Tor browser, that's very critical because anytime you build software for

333
00:32:34,400 --> 00:32:40,432
anyone, you are a target. Especially if the person you build software for is themselves a target.

334
00:32:40,432 --> 00:32:48,065
So, for example, we can imagine that with this three- or two-hop-out idea of targeting, we know that it's possible

335
00:32:48,065 --> 00:32:53,200
for someone to target a sysadmin because the sysadmin is interesting, but it follows that if the

336
00:32:53,200 --> 00:32:57,833
sysadmin is really good, and a lot of people in the free software community are really good with securing

337
00:32:57,833 --> 00:33:03,000
their systems, those people will be targeted by targeting their operating system vendor.

338
00:33:03,000 --> 00:33:09,132
So, for example, we know that Debian has been compromised in the past. We have to make it so that

339
00:33:09,132 --> 00:33:15,200
compromising Debian is not only detected, but that it doesn't make sense to do that.

340
00:33:15,200 --> 00:33:22,265
So if, for example, you were to think about this from the Gitian perspective, if we have anonymized

341
00:33:22,265 --> 00:33:28,964
builders that are regularly building packages and reporting those results, it will allow us to see if

342
00:33:28,964 --> 00:33:35,032
someone has changed a package on the server, it'll allow us to tell if that piece of software has been tampered with.

343
00:33:35,032 --> 00:33:39,632
We need to have a kind of binary verification process which, at the moment, we don't really have a

344
00:33:39,632 --> 00:33:45,465
binary verification process. Some people use proprietary software like IDA Pro to reverse engineer

345
00:33:45,465 --> 00:33:52,400
this, some people try to disassemble or decompile the software to see if it matches what they thought,

346
00:33:52,400 --> 00:33:57,031
but that's usually a hand process. We need to automate some of those things, and we need to

347
00:33:57,031 --> 00:34:01,870
do it in a way where people are able to report back to the community anything that they see, basically in

348
00:34:01,870 --> 00:34:08,364
real time, that is problematic. So for the Tor browser, I actually have a machine that builds with Gitian,

349
00:34:08,364 --> 00:34:14,664
and if it ever builds a hash that doesn't match what I would expect, then it alerts me.

350
00:34:14,664 --> 00:34:20,000
And it alerts me in a way such that it just looks like any other person downloading the source code,

351
00:34:20,000 --> 00:34:26,830
so it's harder to target, and it is the case that it verifies signatures where I've verified the keys in person.

352
00:34:26,830 --> 00:34:33,032
So I think that's pretty good, I think it works relatively well, but that doesn't scale.

353
00:34:33,032 --> 00:34:40,064
And right now, it's a one-off. So we really, really need to consider this as a reality.

354
00:34:40,064 --> 00:34:47,365
We need that also for devices. For example, if I buy a hardware device and the NSA adds something to it,

355
00:34:47,365 --> 00:34:54,333
what has happened? Right? Well, usually, they've won. That's a really serious problem.

356
00:34:54,333 --> 00:35:00,100
And it's not just the NSA, it's anybody who can steal mail, and especially at scale. Right?

357
00:35:00,100 --> 00:35:04,800
Computers go through customs. Free software might not always go through customs, but computers do.

358
00:35:04,800 --> 00:35:09,340
And that's where the state's advantage is often used against people in a way that they don't understand

359
00:35:09,340 --> 00:35:16,266
and certainly wouldn't consent to. And so we need to have a way, really, and this sounds kind of outlandish,

360
00:35:16,266 --> 00:35:20,132
but let's go for outlandish. We need a way to be able to X-ray our hardware and compare it with

361
00:35:20,132 --> 00:35:27,732
a known good state. And with no binary blobs, it becomes a little bit possible. A little more possible for

362
00:35:27,732 --> 00:35:32,365
us to make sure that the systems we're carrying around are not just bugs for an oppressor.

363
00:35:32,365 --> 00:35:39,436
They're not just systems to be used against us. Now, I know that that's a tall order, but the GNU project itself

364
00:35:39,436 --> 00:35:46,364
is a tall order. And so we need to move towards free systems: free hardware and free software systems for freedom.

365
00:35:46,364 --> 00:35:50,600
Because really, it would be very difficult to maintain freedom and liberty in the future,

366
00:35:50,600 --> 00:35:56,590
and even, I think, to keep our democracies in a world of mass surveillance. Especially if all of our devices

367
00:35:56,590 --> 00:36:01,500
are the thing that is oppressing us, or that are acting as an oppressor.

368
00:36:01,500 --> 00:36:05,533
In the past it was the case that you had a neighbor, and the neighbor maybe received some benefits.

369
00:36:05,533 --> 00:36:10,533
Now the changes are different. Now people report on each other as a matter of, you know, fun.

370
00:36:10,533 --> 00:36:15,800
For society. With Facebook, for example. Well, what happens when the Philip K. Dick nightmare is not

371
00:36:15,800 --> 00:36:22,632
just worrying about every person spying on you, but what if it becomes every thing that's spying on you?

372
00:36:22,632 --> 00:36:27,164
Part of the way that I deal with this is I literally remove the physical microphones from my computers,

373
00:36:27,164 --> 00:36:33,364
because I know that it is almost impossible to secure machines such that a really powerful, well-funded

374
00:36:33,364 --> 00:36:39,364
adversary could enable them again. So that is not really something that scales.

375
00:36:39,364 --> 00:36:43,900
But we can think about it when we build free software laptops, we should make sure that there is an LED

376
00:36:43,900 --> 00:36:49,500
that if the microphone is powered up, the LED is on. Just the same way with a camera, but not as badly-designed

377
00:36:49,500 --> 00:37:00,000
as most cameras. I guess probably now, we should probably take some questions, given the timing.

378
00:37:00,000 --> 00:37:09,133
Is there anybody that wants to ask a question? If so, we're in #libreplanet on OFTC, because OFTC allows

379
00:37:09,133 --> 00:37:12,533
me to use Tor to connect to their IRC network, which I'm very thankful for.

380
00:37:12,533 --> 00:37:17,466
I would be happy to take some questions, and I know that some of you have contacted me on Jabber.

381
00:37:17,466 --> 00:37:26,733
So you can of course, you can of course ask me questions. The first question says, "What is, in your opinion,

382
00:37:26,733 --> 00:37:33,766
the most important technology for journalists to learn?" You know, it depends on what kind of journalist.

383
00:37:33,766 --> 00:37:39,564
I tend to think that the key technology for people to understand is not a specific technology,

384
00:37:39,564 --> 00:37:47,335
but rather the philosophy of free software. I mean, Richard Stallman, who is one of the most brilliant people to have ever lived,

385
00:37:47,335 --> 00:37:53,500
really hit the nail on the head when he talks about free software not as a matter of cost but as a matter of freedom.

386
00:37:53,500 --> 00:38:00,033
And I think that when people understand that power dynamic, when they understand the tradeoffs they're really making,

387
00:38:00,033 --> 00:38:05,132
they'll change the pieces of software that they use. And hopefully, by the time they make that choice,

388
00:38:05,132 --> 00:38:12,000
that software will be usable, so that when you use Jitsi, for example, it does not allow non-OTR conversations.

389
00:38:12,000 --> 00:38:18,566
Or when you make a video call, it doesn't allow the user, basically, to make an unencrypted stream

390
00:38:18,566 --> 00:38:22,900
without jumping through hoops. By default it is secure. By default is privacy by design.

391
00:38:22,900 --> 00:38:29,600
And so, if people are going to learn one specific tool, I feel like we're sort of failing.

392
00:38:29,600 --> 00:38:37,232
I think, as Schneier is often quoted as saying, privacy and security is a process, not a product.

393
00:38:37,232 --> 00:38:43,600
Maybe he only said that about security, but let's modify it a little bit. Right? Liberty is also a process,

394
00:38:43,600 --> 00:38:50,201
it's not a product. So journalists need to learn about the world around them, but that's for every person as well.

395
00:38:50,201 --> 00:38:54,433
And so when we want every person to have this, we need to make sure that the devices and the software that we use

396
00:38:54,533 --> 00:39:00,664
actually enable that by default. The next question is, "How useful is a SHA-256 sum

397
00:39:00,664 --> 00:39:10,870
for checking software binary zip integrity checking?" My feeling is that hash functions are not going to be the weakest point.

398
00:39:10,870 --> 00:39:19,766
But if you would like, you can take the approach that Debian takes. When you upload a package, it has MD5, SHA-1, and SHA-256,

399
00:39:19,766 --> 00:39:26,500
and then you do a GnuPG signature over that. Now I use, because of the fact that I'm certain there are

400
00:39:26,500 --> 00:39:34,766
people that are trying to attack my systems, I use this, which is unfortunately not completely free. But it is a GnuPG smart card.

401
00:39:34,766 --> 00:39:42,266
And that GnuPG smart card, I also don't leave it plugged into my system very often, and I usually use it on an offline machine

402
00:39:42,266 --> 00:39:46,400
so someone has to break into my house to be able to even begin to mount an attack on the smart card.

403
00:39:46,400 --> 00:39:53,764
But that, I think, is really the way to go about it. It's not just about hashing, it's also about ensuring that you compose

404
00:39:53,764 --> 00:39:58,800
those hashes into a system that makes some kind of sense. But again, in this case with Debian,

405
00:39:58,800 --> 00:40:04,365
when you hash the files and you upload them, the binaries I built on my system are the ones that Debian gives out to users.

406
00:40:04,365 --> 00:40:10,565
Is that really what we want? I think that's a bad idea. What if my system has been compromised, right?

407
00:40:10,565 --> 00:40:16,800
We don't want that binary going out. And there's some work on changing that. But if we think about it just in terms of hash functions,

408
00:40:16,800 --> 00:40:22,400
I think we'll rarely find the hash function is the issue. Obviously there are some things, like MD5, that are just hopelessly broken,

409
00:40:22,400 --> 00:40:29,346
so we should be moving towards things that are not hopelessly broken, but it's difficult, because a lot of our standardization agencies,

410
00:40:29,346 --> 00:40:37,732
they're not very good at their job, in my opinion. Right? When NIST collaborates with the NSA willingly or unwillingly,

411
00:40:37,732 --> 00:40:44,700
wittingly or unwittingly, I think we have a problem. So we should look for diversity in this, and not just choose one thing,

412
00:40:44,700 --> 00:40:48,866
but choose a few things that make it significantly harder for someone to attack any single thing.

413
00:40:48,866 --> 00:40:56,800
And as far as average users being able to verify software, I think this is a really tough problem.

414
00:40:56,800 --> 00:41:04,141
Basically, the real issue is a bootstrapping problem. We need to make sure that operating systems have some notion

415
00:41:04,141 --> 00:41:10,800
about actual integrity of packages. And that's a really difficult problem to solve because many people start with a

416
00:41:10,800 --> 00:41:17,732
proprietary software platform, like Microsoft Windows or Mac OSX, and those platforms, they do not respect peoples' liberty.

417
00:41:17,732 --> 00:41:22,631
And naturally, they don't want to help you to move to a new platform that respects your liberty.

418
00:41:22,631 --> 00:41:31,232
So, in a free software world though, we should be able to have packages that do have verifiability in the operating system,

419
00:41:31,232 --> 00:41:36,533
as well as in the packages. That is, that are signed, that are hashed properly, that have some notion of the web of trust,

420
00:41:36,533 --> 00:41:43,400
or something that replaces it, plus a user interface that makes sense. And that's a really difficult one.

421
00:41:43,400 --> 00:41:51,454
Snowden calls it the "Greenwald test". And I think that that's a good test, actually. As someone who actually

422
00:41:51,454 --> 00:41:58,200
asked Glenn to use a bash shell on Tails and showed him how to use a bunch of command line tools,

423
00:41:58,201 --> 00:42:06,801
allow me to elucidate how important that test is. Jesus Christ, that is a serious test. It's really, really, really hard to get

424
00:42:06,801 --> 00:42:13,200
Glenn to use those tools securely. But it shouldn't be. In fact, every time that a user can't figure something out,

425
00:42:13,200 --> 00:42:19,000
we should say to ourselves that we have failed. Not seriously, but we should say to ourselves that we have failed,

426
00:42:19,000 --> 00:42:22,000
and we should try to succeed where we have failed before.

427
00:42:22,000 --> 00:42:27,501
I have another question here: "What are the bare minimum fundamentals we should teach the general public

428
00:42:27,501 --> 00:42:35,133
when advocating privacy?" Well, I tend to think that the bare fundamental is that we're not talking about privacy, actually.

429
00:42:35,133 --> 00:42:39,538
We're talking about autonomy, we're talking about dignity, and we're talking about our liberty.

430
00:42:39,538 --> 00:42:45,933
Privacy is merely one of the manifestations of this. So, for example, when people say that they don't have anything to hide,

431
00:42:45,933 --> 00:42:53,333
it's not about hiding things. It's about having a private sphere in which to think about things before you reveal what you have decided.

432
00:42:53,333 --> 00:42:58,666
Where you don't have to reveal the process by which you make a decision. But also, where you get to choose.

433
00:42:58,666 --> 00:43:04,400
It's not that, for example, I have nothing to hide underneath this great Cyberpeace t-shirt,

434
00:43:04,400 --> 00:43:10,065
but it should be me that actually chooses if I should take it off. And so, for example, right now since I understand

435
00:43:10,065 --> 00:43:15,511
there are sixty people watching this webstream, I'm going to keep it on. And that is, when we talk about privacy,

436
00:43:15,511 --> 00:43:23,100
in a sense when we say that privacy is dead, what we're hearing is our modern generation saying that liberty is dead.

437
00:43:23,100 --> 00:43:28,100
And I don't like that. So I refuse to say that privacy is dead when people really mean liberty.

438
00:43:28,100 --> 00:43:32,764
And I think it is important that we reject that notion, and we should talk about how we should have a right to autonomy,

439
00:43:32,764 --> 00:43:39,600
we should have a right to express solidarity, we should have the ability to be able to, in the case of free software and free hardware,

440
00:43:39,600 --> 00:43:46,233
have devices that actually empower us and that we understand how they work. And we should be able to be secure, end-to-end secure.

441
00:43:46,233 --> 00:43:57,500
So, I've got a couple other ones. Oh, wow, joeyh! One of my favorite Debian developers of all time, that's incredible.

442
00:43:57,500 --> 00:44:01,933
I feel honored that you're asking me a question. "Should Debian work towards integrating Tor more?"

443
00:44:01,933 --> 00:44:09,732
Yes. So I'm a new Debian developer, it took me ten years, because I'm slow at becoming a Debian developer.

444
00:44:09,732 --> 00:44:18,332
But I'm error@debian.org, and I'm super happy to help anybody to be able to integrate Tor and anonymity software

445
00:44:18,332 --> 00:44:26,264
by default into Debian. As an example, I have a transparent Tor network that I use to be able to ensure that I can

446
00:44:26,264 --> 00:44:31,864
install Debian on new machines without my Internet service provider being targeted by the NSA or other people.

447
00:44:31,864 --> 00:44:38,932
I also run a Tor mirror on the Tor hidden service, as well, and a Debian mirror on the Tor hidden service as well,

448
00:44:38,932 --> 00:44:44,300
so that I can install packages on these systems without having to worry about basically being attacked.

449
00:44:44,300 --> 00:44:51,332
Even if a Debian developer FTP Master's key is compromised. So that a targeted attack is significantly harder.

450
00:44:51,332 --> 00:44:57,600
As you can imagine, that's not very usable for regular people, and as you can also imagine, it probably doesn't work very well.

451
00:44:57,600 --> 00:45:05,265
So yeah, we should make it so that a Debian user can say, "help! I'm a target of surveillance, and I'd like to be

452
00:45:05,265 --> 00:45:09,495
able to use free software without being tampered with." And that would be great if we could make Debian,

453
00:45:09,535 --> 00:45:16,135
if we could make Debian more friendly to that. Because basically we, for a long time, have lived in a world of privilege,

454
00:45:16,234 --> 00:45:21,866
where we thought we were exempt from the power dynamics of the world. And I think one of the things we will learn,

455
00:45:21,866 --> 00:45:27,266
especially with Debian, is that that isn't the case. And the more international a team is, the more the legal authorities

456
00:45:27,266 --> 00:45:35,031
of intelligence agencies suggest that they are fair targets. So, that also extends to the users. So I'd love to make that happen.

457
00:45:35,031 --> 00:45:46,032
And, yeah, wow. It's incredible to be able to talk to you guys here. Probably the only group of people that really can make these changes, right?

458
00:45:46,032 --> 00:45:51,732
I mean, there are other free software people around the world other than the ones in this room, but it's really critical to understand the role

459
00:45:51,732 --> 00:45:55,135
that you guys play. And that all of us play, together.

460
00:45:55,135 --> 00:46:13,832
I have a couple of other questions here. Helican asks, "Do you think the time is right for a free hardware FreedomBox

461
00:46:13,832 --> 00:46:22,032
with Tor built in, and do you have any news on the FreedomBox front?" Well, I was very depressed about some of the discussions

462
00:46:22,032 --> 00:46:31,300
around FreedomBox for a while, where I felt like people were taking anonymity as a sort of, like a luxury good.

463
00:46:31,300 --> 00:46:37,100
And they felt like we didn't need Tor, or something like that. Now, obviously, I work on Tor and I'm paid to work on Tor,

464
00:46:37,100 --> 00:46:43,401
so I feel like it's a conflict of interest for me to say this, but yeah, I think we of course need to do that.

465
00:46:43,401 --> 00:46:49,213
At the same time, the reason that I work on Tor is because I really believe it. I think Tor has probably saved my life a couple of times

466
00:46:49,243 --> 00:46:55,765
every month for the last several years, from military dictatorships to other places where I've traveled.

467
00:46:55,800 --> 00:47:02,432
So I think it's critical to make that possible. So as an example, this device I held up here, this Novena board,

468
00:47:02,432 --> 00:47:15,032
well, as you can tell, the basic idea is to have a device that is free hardware and free software that, you know, gives you

469
00:47:15,032 --> 00:47:21,266
exactly what you've just asked for. And that's in fact what I have. That device, when I plug it in, it sets up a wireless network

470
00:47:21,266 --> 00:47:30,865
that transparently routes people through Tor, and it also sets up a Tor relay so that it will relay traffic for the rest of the network.

471
00:47:30,865 --> 00:47:38,032
And it's entirely powered by free software with no proprietary software at all. I think that that is, yeah,

472
00:47:38,032 --> 00:47:42,134
I think that's a good thing to do, and that's what I've been spending my time doing lately. If you want to help with that, it would be great.

473
00:47:42,134 --> 00:47:47,300
And if we can get the FreedomBox to adopt the Novena board, I think that that is great. I think we should try to raise

474
00:47:47,300 --> 00:47:55,300
a million dollars for Bunnie so that we have a free hardware solution, or open hardware solution, that actually is usable,

475
00:47:55,300 --> 00:48:00,266
that's fast, that doesn't support a company that doesn't care about our liberty, but instead supports a developer

476
00:48:00,266 --> 00:48:03,500
who really does care about our liberty and about our freedom.

477
00:48:03,500 --> 00:48:11,900
The next question from Malapart is, "Is .onion today what SSL was in the mid-90s?"

478
00:48:11,900 --> 00:48:26,400
I really hope not for a whole bunch of reasons. So the next question... ah. So someone in the audience wants me to elucidate

479
00:48:26,400 --> 00:48:32,633
on the link between anarchism and free software ideology and goals. I think that it's important

480
00:48:32,633 --> 00:48:39,278
to not focus too much on that, in particular because I think that sometimes talking about anarchist philosophy alienates people,

481
00:48:39,278 --> 00:48:45,532
because they think that anarchism is the same as complete chaos, or synonymous with violence.

482
00:48:45,532 --> 00:48:50,700
And so I'd like to sidestep that and say if you apt-get install anarchism, literally, that's the Debian package,

483
00:48:50,700 --> 00:48:56,332
you can read about the philosophical texts of anarchism. But the basic idea of anarchism is about mutual aid,

484
00:48:56,332 --> 00:49:02,533
it's about solidarity, it's about respect for human rights, it's about the same things that the free software movement are about.

485
00:49:02,533 --> 00:49:08,368
But there's a lot of propaganda out there about the notion of democracy, in fact, in the form of anarchy.

486
00:49:08,368 --> 00:49:15,234
And that's unfortunate, actually. And I think we can change that. One of the ways that we can change that

487
00:49:15,234 --> 00:49:21,431
is to actually have propaganda of the deed. In this case, making free software and free software available

488
00:49:21,431 --> 00:49:25,601
to everyone means that people understand the fundamental tenets of anarchist philosophy

489
00:49:25,601 --> 00:49:29,265
in their everyday life, and they don't have to learn about the philosophy too much

490
00:49:29,265 --> 00:49:34,432
to be enabled by it. And if they want to, they can learn about it. I think that's a very powerful way

491
00:49:34,432 --> 00:49:38,832
to make that happen, because it's very easy, for example, to talk about it philosophically,

492
00:49:38,832 --> 00:49:44,540
but until you have a tangible thing, it's not really clear. That is, when we didn't have an anonymity network,

493
00:49:44,540 --> 00:49:49,733
and people said, "Well, do you really need anonymity?" you would make a different choice than

494
00:49:49,733 --> 00:49:54,866
if you have an anonymity network and it will be taken away from you if someone says "do you need anonymity?"

495
00:49:54,866 --> 00:50:00,370
and you say no. So when you say yes, and it's there, and it's tangible, it changes it.

496
00:50:00,370 --> 00:50:05,533
And the same is true for anarchist philosophy, and the same is true, I think, for free software and free hardware.

497
00:50:05,533 --> 00:50:10,165
And especially when these things work together, they actually help us to build autonomous communities,

498
00:50:10,165 --> 00:50:16,100
they help us to build secure systems across hostile networks. I think that that's very powerful,

499
00:50:16,100 --> 00:50:20,700
and I think that the way to get people to care about that is actually to show them that.

500
00:50:20,700 --> 00:50:25,673
People care a lot more about connecting now that it's easy to do. It wouldn't have been a relevant question

501
00:50:25,673 --> 00:50:29,967
thirty years ago in the way that it is a relevant question now. So the freedom to connect,

502
00:50:29,967 --> 00:50:33,600
the freedom of free hardware and free software, these tie fundamentally into anarchist goals.

503
00:50:33,600 --> 00:50:37,400
I'd really encourage people to look up the works of Emma Goldman, for example.

504
00:50:37,400 --> 00:50:42,763
I think she's one of the greatest feminists to have ever lived, though most people don't know who she is.

505
00:50:42,763 --> 00:50:49,600
And if you looked at the Wikipedia page, for a time there was no mention of her on "Important feminists of the twentieth century",

506
00:50:49,600 --> 00:50:55,933
I think is the page I was looking at. I think that is a bit of a shame, but I also think that that's, you know,

507
00:50:55,933 --> 00:51:01,064
an easy thing to reconcile with reality if people go and they look it up and they study about it.

508
00:51:01,064 --> 00:51:08,033
So hopefully people will install that Debian package and otherwise learn about that if they are interested in it,

509
00:51:08,033 --> 00:51:14,133
but really, I think, getting people to have the values that are embodied in that is just as important if not more important.

510
00:51:14,133 --> 00:51:20,101
The next question is "What about those countries that are completely blocking projects like Tor?

511
00:51:20,101 --> 00:51:27,065
What should we do to help people in those countries?" I tend to think not in terms of charity,

512
00:51:27,065 --> 00:51:32,447
or helping people, but rather in terms of solidarity. So, the Tor project, for example,

513
00:51:32,447 --> 00:51:38,600
is not having a war with China, right? China often does not respect its citizens' autonomy,

514
00:51:38,600 --> 00:51:42,832
and blocks its access to the Tor network. One thing that would be helpful would be to

515
00:51:42,832 --> 00:51:49,000
make it so that, by default, a lot of applications use Tor so that the so-called collateral damage,

516
00:51:49,000 --> 00:51:52,801
though I'm loathe to use that term, becomes higher and higher, becomes more difficult.

517
00:51:52,801 --> 00:51:58,600
And also, such that people start to use what are called pluggable transports, like the obfuscated proxy obfs3.

518
00:51:58,600 --> 00:52:04,900
The proxy actually, right now, is not blocked in China. It becomes a sort of cat and mouse game,

519
00:52:04,900 --> 00:52:11,032
but it may be the case that as we build more difficult-to-classify protocols, as applications understand

520
00:52:11,032 --> 00:52:14,700
that sometimes the Internet does not respect your autonomy and wants to tamper with it,

521
00:52:14,700 --> 00:52:21,733
that will be something that will change the dynamic about how that blocking and that arms race works.

522
00:52:21,733 --> 00:52:29,732
We have another project, ooni.torproject.org, that's the Open Observatory of Network Interference,

523
00:52:29,732 --> 00:52:35,500
or we used to call it Open Open Net. That is a free software tool that we've been working on

524
00:52:35,500 --> 00:52:39,964
for several years now, to be able to look at censorship and surveillance. You know,

525
00:52:39,964 --> 00:52:45,700
censorship is a second-order effect of surveillance, so this tool, while at the moment not the most usable tool,

526
00:52:45,700 --> 00:52:51,200
it actually allows you to diagnose, understand, and share the data. So one thing that can really make a big difference

527
00:52:51,200 --> 00:52:58,034
in these topics is to actually share the data. Right? Once we start to study and understand these things,

528
00:52:58,034 --> 00:53:03,100
especially the techniques of censorship and surveillance, it allows us to change not only how the networks work,

529
00:53:03,100 --> 00:53:08,300
but how societies work around those networks. So, I think studying that can be useful.

530
00:53:08,300 --> 00:53:12,533
If you want to be a Google Summer of Code, I know that's kind of ironic, but if you want to be a

531
00:53:12,533 --> 00:53:15,569
Google Summer of Code student to work on one of these projects with the Tor project,

532
00:53:15,569 --> 00:53:21,533
I think we still have another day to apply for that, though I'm not totally sure about that deadline.

533
00:53:21,533 --> 00:53:27,632
If you just want to come hack on free software with us at the Tor project, we have a bunch of projects that are like that.

534
00:53:27,632 --> 00:53:37,965
Some other questions. It looks like... Yes, the Novena router does not have AMT, that's right,

535
00:53:37,965 --> 00:53:43,862
so it does not have a built-in backdoor, which is, I think, nice. At least not one that we know about.

536
00:53:50,572 --> 00:53:57,997
Any other questions here? Ah, I see, there's like twenty. Alright.

537
00:54:01,027 --> 00:54:06,466
"Could you please elaborate on the idea or concept that it is required a critical mass of privacy-minded users

538
00:54:06,466 --> 00:54:12,371
to create enough obfuscation for making discovery schemes like Tor network node spying to be unlikely?"

539
00:54:12,371 --> 00:54:17,932
I don't think we're going to make it unlikely for spying to take place. What we need to do is change

540
00:54:17,932 --> 00:54:25,800
the economic balance, and that may allow us to move into a world where mass surveillance of our intentional communications

541
00:54:25,800 --> 00:54:33,500
are much too expensive to do for everyone. And this is important, because if you have a phone,

542
00:54:33,500 --> 00:54:41,333
and you make a phone call, people think of surveillance and conceptualize surveillance as surveilling your call,

543
00:54:41,333 --> 00:54:45,133
but there's all the unintentional data that you leave behind. All the towers you visit, and so on.

544
00:54:45,133 --> 00:54:52,464
That stuff is also, unfortunately, a huge target of mass surveillance. So even if everyone's using

545
00:54:52,464 --> 00:54:56,500
something like RedPhone, we still have these little spy devices in our pockets.

546
00:54:56,500 --> 00:54:59,932
Even if it's free software enabled, the networks themselves are harmful to privacy.

547
00:54:59,932 --> 00:55:05,364
That said, we do need a lot of people using this stuff, because the more people that are using it,

548
00:55:05,364 --> 00:55:10,732
the more likely it is that it will stick around. If it's just people like Edward Snowden, Julian Assange,

549
00:55:10,732 --> 00:55:15,432
Glenn Greenwald, Laura Poitras, or myself using it, yeah, I mean, that's a problem.

550
00:55:15,432 --> 00:55:21,665
Not only do we stick out on the network, we have, well, basically it makes it much easier to target,

551
00:55:21,665 --> 00:55:28,633
and it also makes it possible for people to try to ban that technology, whether that's by DPI or by legal methods.

552
00:55:28,633 --> 00:55:39,265
That is a really serious problem. Okay, I think that we should wrap up here soon, it sounds like.

553
00:55:39,265 --> 00:55:48,532
If there are any other questions, I will take them, but otherwise I think I'm going to end the stream.

554
00:55:48,532 --> 00:55:55,236
If you'd like to hack on free software with us, and anonymity-related stuff, I'd be happy to talk with you.

555
00:55:55,236 --> 00:56:01,864
I will never use this Jabber address again, so that your social graph is not tainted by mine.

556
00:56:01,864 --> 00:56:07,664
If anybody wants to send me an email, you can send a mail to jacob@torproject.org,

557
00:56:07,664 --> 00:56:14,732
or if you'd like to, for example, chat with me on IRC, I'm ioerror in #libreplanet for now.

558
00:56:14,732 --> 00:56:20,333
Thank you so much for the honor and privilege of speaking with you, I'm really sorry that I cannot

559
00:56:20,333 --> 00:56:24,300
set foot in my own country right now, to be able to speak with you in person. But thanks to

560
00:56:24,300 --> 00:56:29,900
free software, I am able to speak with you. So, thank you so much for making that possible,

561
00:56:29,900 --> 00:56:33,714
especially to all of the free software developers in the room that actually made that possible.

562
00:56:33,714 --> 00:56:40,332
Thank you very much for your time, and I hope to meet some of you again, someday, in real life.

563
00:56:40,332 --> 00:56:42,652
And remember: if not, it was murder.
Retrieved from "https://commons.wikimedia.org/w/index.php?title=TimedText:Free_software_for_freedom,_surveillance_and_you.webm.en.srt&oldid=120795771"