30C3 my highlights…

The following talks were my highlights… (in no particular order). I don’t really intend to present much of an opinion here, its just a list of talks that I think were particularly interesting and important. I might go into more detail on what I actually think in individual blog posts later.

Do You Think That’s Funny? by lizvlx. Things have got much harder for anti-establishment artists over the last few years. It would seem that even art isn’t immune to over reaching by anti-terror laws. I found it interesting how artists are grappling to understand the consequences of the Summer of Snowden. Which leads me strange onto the next talk I really enjoyed.

Hello World(video file) by Aram Bartholl. Some really interesting work. The fake Google car was very funny. Something I wished I had managed to go and take part in was the chance to make a shielded mobile phone pouch out of copper material. A good way to ensure that your phone isn’t transmitting when you don’t want it to be.

07KINGSTON25 JAMAICA: MALARIA UPDATE Dispatches from Fort Meade(video file) by Alexa O’Brien. The case of Chelsea Manning is distressing to say the least. Not only was she treated very badly whilst awaiting trial, the court case was then largely held in secret. Most of the evidence used to put her away from 35years was only disclosed to the public 18months into the trial proceedings. The first of the more disturbing presentations.

Sysadmins of the World Unite by Jacob Appelbaum and Julian Assange with surprise guest Sarah Harrison. This didn’t work so well, but it was always going to be a tricky one to pull off. Sarah Harrison essentially opened with a statement from Wikileaks. It was interesting but almost had a polished propaganda feel to it. There was then an attempt for Jacob, Julian and Sarah to have a discussion centred around the role sysadmins have in keeping the activities of agencies and companies in check. It was framed as sysadmins having a moral duty to monitor (and if necessary presumably leak) the activities of the companies they are involved in. While in principle I think whistle-blowers are important, but just because a sysadmin is managing data that doesn’t mean they really understand what they are looking at. So encouraging mass leaks might back fire horribly if people don’t understand the consequences of the information that they release. Problem is, perhaps you don’t understand the consequences of not leaking something. Very tricky, I don’t envy anyone with this type of moral dilemma.

ID Cards in China: Your worst nightmare by Kate Krauss. Very interesting talk about how China is using ID cards to store very detailed information about its population. China’s ID cards store your political views, HIV status, mental health situation, names of your parents… and much more. (Things might be bad in the west, but not this bad.) This data can be used to discriminate against or persecute individuals or groups on mass.

The 30C3 Keynote by Glenn Greenwald. It was always going to be a full house for this talk. Covered the ground you would expect, from the Snowden and the NSA to the complicity of the mass media (Mr Greenwald is not fond of the British media). It should be watched.

EUDataP: The State of the Union by Jan Philipp Albrecht. The EU Data Protection plan is something that EU citizens should be keeping a close eye on but is also detailed and complex and therefore hard to keep an eye on. It is somewhat reassuring that there were a number of people from the European Parliament at the congress. That at least shows that there are people interested in looking beyond the mass media and the normal information channels to get a more complete picture of what it happening.

Through a PRISM Darkly by Kurt Opsahl (Senior Staff Attorney with the Electronic Frontier Foundation). More information one how the NSA goes about spying on, well just about everyone it would seem. Including, how long they keep the information, what they choose to actually look at, and how a target becomes a target. Essential information that helps make sense of what we are hearing in the news.

SOPA NSA and the New Internet Lobby by Elizabeth Stark. Elizabeth was one of the key individuals involved in the stop SOPA campaign and she tried to shed some light onto how you manage a campaign of that nature. Particularly how you capture the imagination of people to get them on-board. I got the impression that she wasn’t exactly sure how you do that, how you create a social Tipping Point. This isn’t a criticism, I study tipping points in society and I’m not sure either. She did say that it probably requires something tangible to rally against. This opens up the interesting possibility that SOPA defeated itself.

No Neutral Ground in a Burning World by Quinn Norton and Eleanor Saitta. A provocative title for a talk that I felt held back a little bit. I was expecting to be told at the time for apathy was over that not intervening (or failing to get involved), was as much an intervention as direct action. That battles for the future of the internet and digital privacy were not some abstract concern of a bunch of geeks, but would directly effect the real lives of everyone on the planet. The talk almost did this, so its worth watching.

The TOR Network by Jacob Appelbaum and Roger Dingledine (The TOR dream teem). An update on TOR; funding, technology and the future. Also dispelled a couple of myths. One being that the NSA have loads of nodes/bridges, and the other being that most of the traffic on TOR was/is generated by child pornography or the Silk Road website.

To Protect and Infect 1 by Claudio Guarnieri and Morgan Marquis-Boire. The start of disclosures around the militarisation of the internet. See part 2.

To Protect and Infect 2 by Jacob Appelbaum. Following on from part 1, Jacob picked up the thread of how and the extent to which we are being watched online. The revelations in these two talks are amazing in many ways. The technology they have is mind blowing, to the point where I started to wonder (wish) if its all some sort of big joke. This talk gave details on what in 2007(ish) was cutting edge technology that was essentially available in a catalogue at the NSA. You can read more at Das Spiegel.


30C3 – Art Has No Answer

To talks from two activist arts, “Do You Think That’s Funny?” by Lizvlx and “Hello World” by Aram Bartholl had beneath them a common message even if the styles of the art presented differ. In light of the “Summer of Snowden” (as it has now been coined) art is left as wanting, as speechless as many of the other speakers. Aram at one point recognised that art is yet to find a way to encapsulate the gravity of what has happened, and that works can seem “funny” but somehow inadequate. A feel shared by many as we try to work out the future holds.

The community as a whole is yet to process what we now know to be true. That, to quote the opening comments, “we have woken from a bad dream and found ourselves in an even worse reality”. Its not simply that we have learnt that the conspiracies were true, or that our privacy may have been lost forever. It is more than that. The internet was supposed to be the great leveller, a global democracy, where everyone would and could be heard. That dream seems to have died, the internet is not free. It is possibly the greatest potential threat to our liberty and piracy. Somewhere, something has gone very badly wrong and many people are looking to the community presented by attendees of 30C3 to put it right. Problem is, we don’t know how to do that yet, and the machine’s gears are still turning.

30C3 Day 1 First Impressions

Getting from Northern England to Hamburg on Boxing day is by no means as easy as it should be. For a start there aren’t any trains. It was was worth it because the first day of 30C3 has lived up to the promise of one of the most eventful years in the history of the internet, digital rights, and privacy. The conference opening talk called it by reminding us all that we have woken up from a bad dream to find we are living a nightmare. A nightmare that goes beyond simply loosing are privacy to mass global surveillance. We have lost control of the internet, and the very technology and protocols that it is built on. Can it be won back or have we lost it forever to a small number of massive multinationals and a growing number of government agencies?

Here comes the two-tier internet?

The government want to control what we do on the internet. They want to make us all safe by controlling what we can see and recording everything that we do. Its for our own good, we need to be kept safe. Think of the children!

Ok, so that’s a rather flippant response to two big issues but I think there is a sinister truth within. Leaving aside the apprent fact that much of our online lives are either accessable to the security services, or being recorded, I want to focus more on David Cameron’s war on pornography. Or rather, the idea and practicalities of filtering the internet. Internet pornography is a particularly difficult subject in a number of ways. Child exploitation and abuse is without question horrible, and its right that every effort should be made to remove it from society and the Internet. Consensual pornography is a less clear cut issue, one that there has been a lot of debate about, and will continue to be debated perhaps forever. Is pornography always exploitative? If all parties are consenting what is the problem with its production and viewing? Should pornography be protected as a form of expression? Where is the line drawn between pornography and art? I want to leave these questions for others and move on instead about filtering the internet.

To me the Internet (or perhaps the whole World Wide Web) is a decentralised, uncontrolled, bastion of freedom. One that seems to be under threat in a number of different ways. More and more of the infrastructure of the Internet is control by a small number of large companies. Google, Facebook, Amazon, Yahoo!, Microsoft, Rackspace and others host, route or provide access to increasing amounts of the content on the Internet. The dream of a truly decentralised Internet of millions of servers providing hosting, mail, or search fertilities seems to be over or at least under threat. Filtering seems to be the next big assault on my bastion of freedom.

Filtering the Internet entails blocking users’ access to certain websites, either via host-name blocking, or perhaps IP blocking. This is what David Cameron is proposing to do, by default he wants UK ISPs to block porn sites and only allow access if people actively choose to opt-out of filtering. The problem with filtering (leaving aside the issues around freedom of expression etc) is that is rubbish and doesn’t work very well. Filtering can operate at the level of Domain Name Servers (DNS). DNS servers are essentially an index, when I try to reach google.co.uk I am requesting the IP address of the computer hosting google.co.uk off a DNS server. If filtering is in place, instead of getting the IP address of the computer I would be redirected to a page telling me that I was trying to reach naughty content that I am not allowed to see.

The other possibility is blocking access to particular IP addresses. I suspect that this would be done at the point of Network Address Translation (NAT), or while routing traffic. Essentially an ISP could keep a list of IP that are banned, and refuse to route you to that computer. This is more problematic because the IP address of a website can change independently of the host name. So even if the IP is blocked you could reach the site, or a ‘safe’ site could be blocked accidentally. Also, it is possible to host a number of websites on one computer, therefore all under the same IP address, block one you block them all. So IP filtering is a very blunt instrument.

These methods of filtering can be circumvented in a number of different ways. DNS filtering for example can easily be sidestepped by changing your DNS server. By default your home router will be set up to use your ISPs DNS servers, filtering and all. Don’t like it? Change it to one of the public DNS servers that are free. This can be done on your router, or just for individual computers or even browsers. You could also use a Virtual Private Network (VPN). This is slightly more difficult but not much. Here you establish an encrypted link between your computer and another one elsewhere (perhaps in a different country). All the network traffic out of your computer is then sent to this other computer that then deals with it, by forwarding it on to DNS servers etc. It looks like you are that other computer, and if that computer is outside of the filtering then you are unfiltered. You could also use TOR. TOR was designed to protect against network surveillance and traffic analysis. How it works is an article (at least) on its own, but needless to say if you use it you wouldn’t be filtered.

So filtering is rubbish… so what next? Perhaps governments will give up on filtering, trusting adults to make there own minds up about what they want to access, and instead focus on catching the people that are breaking the law and leave filtering children’s access to the internet to parents? Not likely. My fear is that in a quest for increasing control (to make us all safe) of what the Internet is they will create a two-tier internet.

What is this two-tier Internet? An island analogy will work here. If you leave on an island you can easily drive around on the island and visit all the shops, people etc. However if you want to go off the island you have to drive down the one bridge to the rest of the world. It could be possible to build an Internet island. By default this is what everyone is given access too and you aren’t allowed to cross the bridge. Under this model all the websites accessible on the island would have to be pre-registered and vetted, if you attempt to access any other website (or indeed computer) you would be blocked. Public DNS wouldn’t work, that would require going down the bridge, same for a VPN that is outside the island. You just can’t get there. Unless, that is, you have requested to be able to cross that bridge. It would be easy then to monitor who wanted to get off the island, and in some cases what they brought back with them. Just asking to get off would make you a person of ‘interest’. Why would any normal, law abiding person want to get off our safe internet island?

How likely is this? Well you would not need to alter the existing infrastructure of the internet. It could be implemented with existing technology, some countries have already attempted to unplug their entire population from the rest of the internet for periods of time. The model changes from one of allow with exceptions, to block with exceptions, ISPs could be forced to connect to what would essentially be a subnet of the of the WWW with a router controlling that bridge to the mainland. The only way round the filtering would then be building your own bridge!

International safe zones could be connected, with some sort of international body acting as oversight, deciding what makes the safe list. How is this different from what we have now? Well currently anyone can setup a DNS server and add hostnames to the index. There is no central control, DNS servers are distributed and hosting servers for websites pop up all the time. Anyone can get an IP address for an internet device and get access to other computers. That could easily change, its already changing.

What troubles me is that these changes could creep up on us. Some people will like the idea of a filtered internet. They would be happy to think that their children can’t get to unsavoury content while they are surfing in their bedrooms, or on their phones. What is more, they a could start getting upset when the filters fail, and start putting pressure on the government to change things, force the ISPs to do it better. Could this lead to vetting and a two-tier internet? I think it could, and it might not look like a bad thing for a while. Those who want to get down the bridge are allowed to do so, and what they do isn’t recorded without good reason. The problem is that good reason today might look very different in 10 years, and future governments might not be so benign (how benign are present day governments?).

The Remote Police Commissioner

So just who are these police and crime commissioners anyway? A scrap of (future recycling) paper dropped through my door that told me how to find out. Go to a website, perhaps even follow them on twitter. Yes, I could go to a website to find out who these people (who are all going to work tirelessly to represent my interests) actually are. It would be better if they came to see me, but a sparse twitter feed and a website of empty platitudes is all you need these days (by the way Kingsley Smith, shouty bold capitals are never good). I suppose I am asking to much that the candidates might actually want to meet the people who’s interests they so earnestly what to represent. Perhaps they look at us down the cameras that seem to have replaced beat bobbies in Durham.

I don’t know if other residents of Durham have noticed but cameras seem to be the way to police these days. Walking through Durham centre cast your eyes skywards in the Market Place, down Silver street, and up Claypath. Large cameras watch us from up high, making sure we aren’t getting up to no good. The pattern is the same in the suburbs. I live in Gilesgate Moor, apart from the odd sighting of a police car scuttling through I have never seen a police person (we don’t discriminate in Gilesgate). We do however feel snug in our homes, comforted by the ever watchful eyes on polls that maintain ‘constant vigilance’. Watching the local children kicking footballs at houses, tipping bins over, and trying to push people of bikes. I’m sure a seat is being kept warm in the ‘control’ room for the new commissioner of crime (and policing).

The problem with cameras is that they become normal and then melt away into the background, we forget that they are watching. This is bad for two reasons. Firstly, being under constant big brother surveillance becomes normal which doesn’t seem like a good thing. Secondly, the criminals forget that they are there too, and then I suspect they stop working as a deterrent and are only useful to pick up the pieces later. Actual real beat bobbies are different, they could turn up randomly, talk to the residences (tell children off for trying to assault cyclists). Actual real police and crime commissioners would be better too. Sadly, its much easier to trick yourself into believing that you are engaged with the public with a twitter feed and a website.

Working to reelect…

Frequently politicians are criticised for being so preoccupied with trying to get re-election that they aren’t really doing their jobs any more. They constantly have one eye on the next election. Obsessed with opinion polls. Reacting and responding to every hyped media driven controversy, crisis, craze or fad (Pasty anyone?). Actually trying to solve the problems of the nation to the benefit of all seems to come in a poor second place. “How can we do anything if they only get one parliament?”, I hear them cry. Well its irrelevant because they don’t ever get round to do anything anyway. Too busy chasing that second parliament, then the third…

Perhaps I am being unfair, after all they do get something done. However, George Osborne’s (current UK chancellor) comments today make me think that I’m not being totally unfair. When talking about the recent budget he said, “When you get close to an election you’re going to be very focused on what tomorrow’s headlines are and what the opinion polls are saying,”. The context was essentially that the next budget was going to be a dull one. You don’t want to do anything to upset any of the electorate, no matter what the country actually needs.

The thing that annoys me is that this statement perhaps revels more about Mr Osborne’s thinking than it at first appears. He is clearly saying that the next budget will be mostly about getting re-election. Either by being boring, so it doesn’t damage the chances of the Conservative party, or perhaps they might have enough money to cut that top rate of tax again…? The other thing that can be assumed is that having the future need for re-election in the back of his mind is shaping his current thinking. In order to have a boring budget next time, what must be done this time? How often then do our elected politicians sit round the cabinet table and rule out a course of action that is possibly the correct one because it would upset their core vote.

Is it too much to ask to have a chancellor that gets up every day and thinks, “What do a need to do today to ensure the prosperity of as many people as possible?”. Oh, and his next thought shouldn’t be, “I need to ensure my re-election of course!”. I know, dream on. What kind of insane utopianist am I? Where would the democratic societies of today be if the people that we entrusted the stewardship of our nations worked only to serve the interests of the majority (who elected them), without a thought to re-election. If they didn’t, and they did a good job, then they might well get re-election anyway.