Welcome to European Tribune. It's gone a bit quiet around here these days, but it's still going.
Display:
There are so many good ideas that could allow broad information access, spam-free and secure.
But my perhaps paranoid cast of mind pushes me to remind everyone of an aspect of net--no,communications- reality that gets discussed, acknowledged, then ignored on most forums.

Collective behavior is communications. No Com, no action.

The wheels of the neo-stazi security machine grind slowly, but exceedingly fine. Julian Assange has given it the push it needed- the clear warning of the need to regain control, to grind a far wider range of grist.
All over the world there are happy android-like functionaries, secure in their authoritarian cocoons, (I'm with the High Command! ) who apply serious brainpower to anticipating all those great ideas, and rendering them impotent to disturb the slumber of the masses of once-happy wage slaves.

For example, (recent lessons):
Innovation occurs first, at speeds that far exceed the process of restriction. At first.
Then app development, (more time needed, while the stazi-mill begins to stir, to scratch it's threat-detecting head).
Then we get to the distribution, and the need for a financing structure---whoops! There's the point where the ponderous wheels begin to really gain momentum, and regain control.

It's not just the authoritarians, the guvmint control freaks and paranoid banks who really own all the others who are a threat to a free net, it's the nature of the entire range of business models that work in a capitalist market free-for-all that structures how such stories play out.

 The above example can be easily picked apart, but I suggest that for any process you can imagine, the following will be true:
The net is fragile. All the iterations, all the innovations I've seen so far have a choke point, a place where control can be applied, or a kill switch installed. And the rule of law is impotent to guarantee any redress. Because we as a species seem to have discarded the rule of law, we cannot now seek it's protection.

Look at what Bank of America is doing today. It has declared Assange a non-person and wikileaks the enemy, and will be supported by the rest of the financial community. Utterly outside any legal structure, with overt contempt for such anachronisms, it wields immense power to protect it's hegemony.

The net is indeed a net-a collection of cobwebs that can and is likely to evaporate when the aristocracy feels real fear.
The real task is to devise a secure system without a point where either a cutoff or a cutout can be installed by people with a million times your political and financial power.

Very tall order.

 

Capitalism searches out the darkest corners of human potential, and mainlines them.

by geezer in Paris (risico at wanadoo(flypoop)fr) on Sat Dec 18th, 2010 at 10:44:35 PM EST
[ Parent ]
It's not just the authoritarians, the guvmint control freaks and paranoid banks who really own all the others who are a threat to a free net, it's the nature of the entire range of business models that work in a capitalist market free-for-all that structures how such stories play out.

And there is a proper term for it: Market Discipline. Instead of being beaten bloody with a piece of wet cane you get to see your family fall apart, loose your house, your self respect and your credibility in the world. It can be survived by some, but not all.

"It is not necessary to have hope in order to persevere."
by ARGeezer (ARGeezer a in a circle eurotrib daught com) on Sun Dec 19th, 2010 at 01:41:07 AM EST
[ Parent ]
That's a pretty pessimistic world view, geezer.

In my 'Utopian' view, the Internet is a lot more resilient than you think. As Gilmore puts it the Internet treats Bank of America as damage and routes around it.

Skype carries almost 10% of global voice communications, and there are plenty of 'sons-of-skype' out there which are able to do more, and better, if Skype becomes unusable. Money is mainly messaging and accounting, and I don't think we are far at all from a very simple generic money messaging skype-like 'client'. The key to the viral spread of such a client, and to the routing around of the Bank of America and all the rest, is to understand that the community - which is a consensual agreement between individuals with a common purpose - IS the currency.

In the same way that BoA and its mates may consent among themselves to flout the 'law' so may anyone simply agree - consensually, within a suitable framework of trust - to accept each other's credit in settlement of obligations, or to accept other currency objects they find acceptable - which in my view will be Units redeemable in payment for energy or rental value.

There is no need to create an alternative system which 'they' may resist and clamp down on. What is emerging - as what I seen described as the 'adjacent possible' - are complementary systems which people adopt consensually because 'they work'.

The reason it is in banks' interests to migrate to the sort of credit service provision I envisage within a 'Peer to Peer' architecture is that capital requirements are minimal compared to the existing terminally broken system of credit intermediation by banks as middlemen. Those banks who do not take the service provider road will be at a disadvantage to those who do - classic Darwinism.

If Assange etc is stamped upon, it really will not matter - other than as a human tragedy - because he's just a visible flower: the root system is still there and it's spreading.

The more I have seen of the response of the 'powers that be' to the knowledge revolution going on the more I am convinced that they have totally and irrevocably (short of nuclear etc apocalypse) lost control. They are completely overwhelmed, and have no idea what is going on.

The steering wheel has come off in their hands and the more realistic - like Brzezinski - understand that there are gazillions more of us than there are of the elite. The really savvy ones will realise that a small %age of a lot is better than a large %age of not much, and they are the ones who will lead the charge, I think.

BoA and all the rest are dinosaurs - in fact they are in solvency terms already dead -  and will be pretty much extinct within two to five years, in my view.


"The future is already here -- it's just not very evenly distributed" William Gibson

by ChrisCook (cojockathotmaildotcom) on Sun Dec 19th, 2010 at 05:41:35 AM EST
[ Parent ]
I understand and support your vision, Chris, as you know.
But all too often the fact that an idea or system is superior to it's predecessor has little to do with it's survival chances, in a world where communications is highly controlled.
What is emerging - as what I seen described as the 'adjacent possible' - are complementary systems which people adopt consensually because 'they work'.

Perhaps I'm too far removed from the field of play, but I see many excellent ideas that are effectively rfendered invisible to wenough of the population that they are stillborn.

If you can't see it's there, it's not.

And I fail to see social media as a solution. It's an oxymoron.

Capitalism searches out the darkest corners of human potential, and mainlines them.

by geezer in Paris (risico at wanadoo(flypoop)fr) on Thu Dec 23rd, 2010 at 12:06:56 PM EST
[ Parent ]
It's the ideas you don't see that will change the game, I think.

As Bismarck said, you don't need to know how the sausage is made.

But you do prefer a sausage that won't make you sick.

"The future is already here -- it's just not very evenly distributed" William Gibson

by ChrisCook (cojockathotmaildotcom) on Thu Dec 23rd, 2010 at 03:39:44 PM EST
[ Parent ]
The lack of penetration of linux into the mainstream pretty much disproves this mode of change.  There we have a technically superior system routed around by just enough marketing and change from the mainstream to hold the status quo.  Why would it be any different anytech else?
by njh on Fri Dec 24th, 2010 at 02:43:59 AM EST
[ Parent ]
geezer in Paris:

The real task is to devise a secure system without a point where either a cutoff or a cutout can be installed by people with a million times your political and financial power.

Unless you count stopping you from having a computer, that already exists:

Freenet - Wikipedia, the free encyclopedia

While Freenet provides an HTTP interface for browsing freesites, it is not a proxy for the World Wide Web; Freenet can only be used to access content that has been previously inserted into the Freenet network. In this way, it is more similar to filesharing applications than to proxy software like Tor.

Many of the differences in how Freenet behaves at a user level are direct or indirect consequences of its strong focus on free speech and anonymity. Freenet attempts to protect the anonymity of both people inserting data into the network (uploading) and those retrieving data from the network (downloading). Unlike file sharing systems, there is no need for the uploader to remain on the network after uploading a file or group of files. Instead, during the upload process, the files are broken into chunks and stored on a variety of other computers on the network. When downloading, those chunks are found and reassembled. Every node on the Freenet network contributes storage space to hold files, and bandwidth that it uses to route requests from its peers.

But as long as censorship on the web is slight, so will usage of such technologies be, so there is not much point in publishing the wikileaks documents on Freenet. If censorship is ramped up and every kid that wants access to culture without paying installs Freenet (or something similar) usage will go up, and it will go up as a channel of information.

Sweden's finest (and perhaps only) collaborative, leftist e-newspaper Synapze.se

by A swedish kind of death on Sun Dec 19th, 2010 at 07:34:28 AM EST
[ Parent ]
what's to stop any gvt privately insisting that any encryption co. wants to survive as a legal business has to provide a back door to lawnforcement? seems such an obvious way to harvest the eebuldoers, after trapping their naive asses conveniently into a few traps.

maybe there's something i don't fundamentally understand here, please enlighten me!

are we going to end up in our basements with little wind up surf-mobiles, like illicit partisan radios in WW2?

will ET be our BBC?

'The history of public debt is full of irony. It rarely follows our ideas of order and justice.' Thomas Piketty

by melo (melometa4(at)gmail.com) on Sun Dec 19th, 2010 at 01:31:40 PM EST
[ Parent ]
melo:
what's to stop any gvt privately insisting that any encryption co. wants to survive as a legal business has to provide a back door to lawnforcement? seems such an obvious way to harvest the eebuldoers, after trapping their naive asses conveniently into a few traps.

Nothing, which is why you should not put your faith in proprietary code delivered by a company. Even if you do not code yourself, or even read code, it is safer to use free software (or open source) where the source code is available for anyone to tinker with. This way the odds are high that if there is a backdoor some programmer will discover it and holler about it and/or create a similar program without the backdoor.

The Freenet Project - /whatis

Freenet is free software

The Freenet Project - /developer

Source Code

We are using git as our source code management system, hosted on github. We have many different git repositories for the website, freenet itself (fred), official plugins, the two installers, libraries and so on; for the list, see our page on github.

We strongly recommend that you use the official command-line git client, or the Windows port. If you want to use the Eclipse git integration, see the tutorial here.

And free software are often developed without having a company, so the only line to pressure is individuals.

Of course, there has been attempts to shoot down free software as such. IPRED2 included in early drafts to criminalise patent incursions, including jail terms. And since everything is covered by a patent, that means being able to throw free-coders in jail. But there are companies around free software, some government agencies prefer software without backdoors and so on, so this far free software is alive.

Sweden's finest (and perhaps only) collaborative, leftist e-newspaper Synapze.se

by A swedish kind of death on Mon Dec 20th, 2010 at 04:23:26 AM EST
[ Parent ]
it is safer to use free software (or open source) where the source code is available for anyone to tinker with.

And make sure you compile it yourself and trust the compiler. See Ken Thompson's Turing Award lecture for why.

by gk (gk (gk quattro due due sette @gmail.com)) on Mon Dec 20th, 2010 at 04:30:07 AM EST
[ Parent ]
by njh on Tue Dec 21st, 2010 at 12:04:50 AM EST
[ Parent ]
Well, yes, malicious code can be planted in open source too (though as some commentators on that list has stated, it would be as easy to just pose as a developer and try to hide backdoors when submitting new code). But open source is better at handling it.

May Contain Traces of Bolts: OpenBSD IPSec backdoor allegations: triple $100 bounty

OpenBSD IPSec backdoor allegations: triple $100 bounty

In case you hadn't heard: Gregory Perry alleges that the FBI paid OpenBSD contributors to insert backdoors into OpenBSD's IPSec stack, with his (Perry's) knowledge and collaboration.

If that were true, it would also be a concern for FreeBSD, since some of our IPSec code comes from OpenBSD.

I'm having a hard time swallowing this story, though. In fact, I think it's preposterous. Rather than go into further detail, I'll refer you to Jason Dixon's summary, which links to other opinions, and add only one additional objection: if this were true, there would be no "recently expired NDA"; it would be a matter of national security.

I'll put my money where my mouth is, and post a triple bounty:

  1. I pledge USD 100 to the first person to present convincing evidence showing:

    • that the OpenBSD Crypto Framework contains vulnerabilities which can be exploited by an eavesdropper to recover plaintext from an IPSec stream,
    • that these vulnerabilities can be traced directly to code submitted by Jason Wright and / or other developers linked to Perry, and
    • that the nature of these vulnerabilities is such that there is reason to suspect, independently of Perry's allegations, that they were inserted intentionally--for instance, if the surrounding code is unnecessarily awkward or obfuscated and the obvious and straightforward alternative would either not be vulnerable or be immediately recognizable as vulnerable.
  2. I pledge an additional USD 100 to the first person to present convincing evidence showing that the same vulnerability exists in FreeBSD.

  3. Finally, I pledge USD 100 to the first person to present convincing evidence showing that a government agency successfully planted a backdoor in a security-critical portion of the Linux kernel.

Checking the comments there, there are some organisations and persons matching the bounty. So the programmer that finds such a backdoor (if it exists) gets some money and more importantly fame.

The reaction when actual backdoors are in commercial code is often to scream bloody murder in the press, accuse the one that found it for hacking their safe system, and so on.

Sweden's finest (and perhaps only) collaborative, leftist e-newspaper Synapze.se

by A swedish kind of death on Tue Dec 21st, 2010 at 03:41:42 AM EST
[ Parent ]
Uh-huh. The guy is able to speak now because his NDA on NSA black ops expired. WTF?
by Colman (colman at eurotrib.com) on Tue Dec 21st, 2010 at 03:54:19 AM EST
[ Parent ]
My NDA with the FBI has recently expired, and I wanted to make you
aware of the fact that the FBI implemented a number of backdoors and
side channel key leaking mechanisms into the OCF, for the express
purpose of monitoring the site to site VPN encryption system
implemented by EOUSA, the parent organization to the FBI.  Jason
Wright and several other developers were responsible for those
backdoors, and you would be well advised to review any and all code
commits by Wright as well as the other developers he worked with
originating from NETSEC.

Seriously?

by Colman (colman at eurotrib.com) on Tue Dec 21st, 2010 at 03:55:06 AM EST
[ Parent ]
Uh, I thought they used to give people security clearances, not NDAs...

Some guy at the FBI must have an MBA...

Of all the ways of organizing banking, the worst is the one we have today — Mervyn King, 25 October 2010

by Migeru (migeru at eurotrib dot com) on Tue Dec 21st, 2010 at 03:58:47 AM EST
[ Parent ]
Jason Wright denies it on the same list (about 10 posts "next"), but lists his contributions to make it easier to check for those thus inclined.

Sweden's finest (and perhaps only) collaborative, leftist e-newspaper Synapze.se
by A swedish kind of death on Tue Dec 21st, 2010 at 04:03:26 AM EST
[ Parent ]
What's to stop the geeks/nerds working in the bowels of the government/corporate structure from inserting back doors allowing circumvention of government surveillance?

My vision of the "shadow internet" is based on that: the fact that the ethos of the people who maintain the infrastructure is surversive, and they have superior knowledge of the infrastructure.

Then again, that only works during the time period when the technology is new. Once it becomes commoditised, the technicians don't have a hacker culture.

On which, see The Jargon File: hacker

A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular.
cracker
One who breaks security on a system. Coined ca. 1985 by hackers in defense against journalistic misuse of hacker (q.v., sense 8). An earlier attempt to establish worm in this sense around 1981--82 on Usenet was largely a failure.


Of all the ways of organizing banking, the worst is the one we have today — Mervyn King, 25 October 2010
by Migeru (migeru at eurotrib dot com) on Tue Dec 21st, 2010 at 04:48:48 AM EST
[ Parent ]
Well the main thing that prevents something like this occurring is  that If a backdoor is inserted into the software then at some point it will leak that this has happened. At that point people stop trusting any encryption software, and Internet business spirals down the tubes. The world economy doesn't need Internet sales extracting from it. And thats the most positive view. The worst case is that it leaks to hackers and scammers rather than in general, at which point crime and junk goes through the celing, with everything flagged as being properly encrypted and so legitimate.

So do  you want to bet your entire economy, (and everyone elses) on that backdoor not leaking? on a purely economic view, any possible damage that a group of terrorists and activists can do is small potatoes compared to the damage that can be done by the leak of the backdoor.

Any idiot can face a crisis - it's day to day living that wears you out.

by ceebs (ceebs (at) eurotrib (dot) com) on Tue Dec 21st, 2010 at 11:22:43 AM EST
[ Parent ]
It's the Stazi mentality that enables the security apparatchiks to do things that morph into fundamentally irrational- even self-destructive.  The story of Phil Zimmerman and PGP is a good one to illustrate a pretty rational attempt to counter encryption that became positively insane.
I am endlessly amazed at the capacity of smart people who do and defend progressive or creative actions to assume that those who counter them have the brains of neanderthals.  

Capitalism searches out the darkest corners of human potential, and mainlines them.
by geezer in Paris (risico at wanadoo(flypoop)fr) on Thu Dec 23rd, 2010 at 12:24:04 PM EST
[ Parent ]
Well the main thing that prevents something like this occurring is  that If a backdoor is inserted into the software then at some point it will leak that this has happened. At that point people stop trusting any encryption software, and Internet business spirals down the tubes.

Also, every major transnational corporation will spontaneously agree to join the lynch mobs, since the primary use of those backdoors will be industrial espionage. Transnats are normally opposed to making industrial espionage easy (or rather, they're normally opposed to making industrial espionage against themselves easy).

- Jake

Friends come and go. Enemies accumulate.

by JakeS (JangoSierra 'at' gmail 'dot' com) on Sun Dec 26th, 2010 at 07:07:21 PM EST
[ Parent ]
One word: steganography.

Even if back doors were to be "required" for encrypted systems, you can still send encrypted messages. For example, suppose the real message I want to send you is "tonight." So I send you an email with the text "The Old Neighbor Is Getting Horribly Terrified" (or something more suitably poetic), but since I'm forced to encrypt my mail, you get a string of digits. You can decrypt it using our mutually agreed encryption-decryption system, and the back door enables somebody else to decrypt back to the text message--but the real message is still hidden in the text.

This is a crude example, but sending secret messages is pretty easy nowadays. That's not the problem...

by asdf on Sun Dec 26th, 2010 at 06:37:04 PM EST
[ Parent ]
Is there any real way to block protocol encapsulation/tunneling?

Of all the ways of organizing banking, the worst is the one we have today — Mervyn King, 25 October 2010
by Migeru (migeru at eurotrib dot com) on Mon Dec 27th, 2010 at 05:48:38 AM EST
[ Parent ]
I thought one of the protections that such a 'freenet' offers is exactly the distributed storage. The decentralization of information means that it is harder to suppress or capture, and the 'whole picture' can only be seen when the system is working harmoniously.

Incidentally, it looks like that next 1 Tb outboard is going dramatically up in price, in Finland, soon. There's always been a tax on any kind of consumer-available memory or file storage - from hard drives, tape and digital players,  and media such as CD, DVD blanks. The tax receipts do not go into general tax coffers, but are reserved for redistribution to content creators through independent funding organizations (who channel the tax income).  So in Finland there are specialist organizations, each dealing with funding for different projects in music, theatre, film, TV, dance etc.

The organizations I know  generally have civil service people in admin tasks, but the front line people, and the people who decide where the funding goes, come from the ranks of the creators themselves. They tend to be with a funding organization for 2 - 3 years and then get back to their own projects. So there's good churn and changes of views.

There have been accusations of favouritism, but on the whole it's a good system. At least I don't mind paying for extra gigas because I know where the tax is going.

You can't be me, I'm taken

by Sven Triloqvist on Sun Dec 19th, 2010 at 02:40:40 PM EST
[ Parent ]

Display:

Occasional Series