[p2p-research] Trust, crypto, and social change (was Re: Google gets into the DNS business)
Paul D. Fernhout
pdfernhout at kurtz-fernhout.com
Mon Dec 7 18:40:47 CET 2009
Eugen Leitl wrote:
> On Sun, Dec 06, 2009 at 10:43:54AM -0500, Paul D. Fernhout wrote:
>
>> This may reflect a deeper shift in our society. For most people, the Google
>> corporation is now effectively the de-facto government that structures
>> their lives online. So, how can we make Google a good government? :-)
>
> You can't. Neither a corporate nor a government entity can be trusted.
Other people like Ted and Patrick have replied in different ways on that.
I'm going to reply including saying some things and providing some links to
things you obviously already know, just to make this a broader response.
One big issue is that there are degrees of trust, areas of trust, and
directions of trust. One does not have to make it an all or nothing thing.
One can trust the US Postal Service to deliver certified letters with almost
100% certainty, even if one might not trust the US post office to not look
inside them with bright lights and image processing software. One might
trust the US government to quickly stop local armed feuds within a US town
even if one might not trust the US government to stop feuds in another
country (like Iraq, where it help create many).
A funny video about how "trust" can mean different things to different people:
"Trusted Computing"
http://www.lafkon.net/tc/
I'll trot out this again (even as the American Conservative article ignores
the value of community being fostered by good governance):
http://www.amconmag.com/article/2005/mar/14/00017/
"If Marxism is the delusion that one can run society purely on altruism and
collectivism, then libertarianism is the mirror-image delusion that one can
run it purely on selfishness and individualism. Society in fact requires
both individualism and collectivism, both selfishness and altruism, to
function. ... The most fundamental problem with libertarianism is very
simple: freedom, though a good thing, is simply not the only good thing in
life. Simple physical security, which even a prisoner can possess, is not
freedom, but one cannot live without it. Prosperity is connected to freedom,
in that it makes us free to consume, but it is not the same thing, in that
one can be rich but as unfree as a Victorian tycoon’s wife. A family is in
fact one of the least free things imaginable, as the emotional satisfactions
of it derive from relations that we are either born into without choice or,
once they are chosen, entail obligations that we cannot walk away from with
ease or justice. But security, prosperity, and family are in fact the bulk
of happiness for most real people and the principal issues that concern
governments."
People have had governments of various sorts for thousands of years. And
they have also collapsed periodically, as Daniel Quinn talks about. But, to
thing holistically about this, we have to see governments as just one aspect
of a bigger issue of meshworks, hierarchies, and interfaces.
From Manuel de Landa:
"Meshworks, Hierarchies, Interfaces"
http://www.t0.or.at/delanda/meshwork.htm
"Indeed, one must resist the temptation to make hierarchies into villains
and meshworks into heroes, not only because, as I said, they are constantly
turning into one another, but because in real life we find only mixtures and
hybrids, and the properties of these cannot be established through theory
alone but demand concrete experimentation. Certain standardizations, say, of
electric outlet designs or of data-structures traveling through the
Internet, may actually turn out to promote heterogenization at another
level, in terms of the appliances that may be designed around the standard
outlet, or of the services that a common data-structure may make possible.
On the other hand, the mere presence of increased heterogeneity is no
guarantee that a better state for society has been achieved. After all, the
territory occupied by former Yugoslavia is more heterogeneous now than it
was ten years ago, but the lack of uniformity at one level simply hides an
increase of homogeneity at the level of the warring ethnic communities. But
even if we managed to promote not only heterogeneity, but diversity
articulated into a meshwork, that still would not be a perfect solution.
After all, meshworks grow by drift and they may drift to places where we do
not want to go. The goal-directedness of hierarchies is the kind of property
that we may desire to keep at least for certain institutions. Hence,
demonizing centralization and glorifying decentralization as the solution to
all our problems would be wrong. An open and experimental attitude towards
the question of different hybrids and mixtures is what the complexity of
reality itself seems to call for."
I think this issue is in play here as Google grows as a strong hierarchy.
There are other factors as well, since it is not just meshwork vs. hierarchy
but it is also meshwork vs. meshwork and hierarchy vs. hierarchy, with all
these organizations interacting, both cooperating and competing, and
trusting each other in different ways. And one also needs to see beyond the
organization chart and self-descriptions to see that even in the most
hierarchical organizations there are social meshworks, and in the most
meshworked grass roots movements there may be shared ideological hierarchies
(like Greens may value the environment or free market actors may value
profits within a currency system).
The fact is, you *can* and in fact *must* trust governments and other
hierarchies to some degree to function in our current society (TCP/IP is,
for example, a form of hierarchical governance that I assume you trust to
some degree to move data around :-). We do so all the time -- to an extent,
a healthy government is reflecting the needs of the people. The point of the
US Constitution and other similar things was to create some sort of healthy
balance. That does not always mean hierarchies are always right, or that
there are not areas they are less worthy of trust than others, or that they
can't become dysfunctional (even if just to subsets of the population), or
that they don't need to be renewed someway from time to time.
Just because one current government is dysfunctional does not mean the idea
of some form of collective governance itself is dysfunctional:
http://en.wikipedia.org/wiki/Dark_Age_Ahead
"""
Dark Age Ahead is a 2004 book by Jane Jacobs describing what she sees as the
decay of five key "pillars" in the U.S. and Canada. She argues that this
decay threatens to create a dark age unless the trends are reversed. Jacobs
characterizes a dark age as a "mass amnesia"[1] where even the memory of
what was lost is lost. The pillars Jacobs lists as under threat are:[2]
* community and family
* higher education
* science and technology
* taxes and government responsive to citizen's needs
* self-policing by the learned professions
"""
Government can be responsive to people's needs. Government is more
responsive in some ways in Western Europe. Not all ways, and I'm sure people
here from this list could point out many failings as could I (though some of
those failings have directly to do with dealing with the USA as essentially
a failing state).
There are different sorts of problems possible when you look at a balance of
meshworks and hierarchies. When you have too much strong hierarchical
government at one end you have things like global wars and police states,
but when you have too little government you can have endless local feuding.
When you have too little meshwork it may cost too much to get anything done,
but when you have too much meshwork it may be impossible to get anything
done and have it stay done. And then, as Manuel de Landa suggests, there are
layers built on interfaces between levels (where a strong standard may
support immense diversity, or excessive diversity may encourage the response
of a strong standard at a new level).
Are you against TCP/IP as a standard? :-)
http://en.wikipedia.org/wiki/Transmission_Control_Protocol
There may be good reasons we could have something better (and some work
towards that), but it works OK right now for billions of users. One might
say, what does TCP/IP have to do with governments, and what I mean here is,
TCP/IP represents a collective agreement by billions of people about how to
move digital data around, where you can *trust* other people to honor it (in
99.99999%+ of the cases). Without that level of trust, our global
communications network would break down. Ah, but you might say, nobody
"voted" for TCP/IP on the global level. It just sort of emerged from a lot
of other possible standards (in part through support by parts of the US
government and some influential big corporations). OK, but that is still an
example of governance in action to create a hierarchy that governs most of
our online activities at one level.
Part of moving beyond our current stuck state IMHO is to see this broader
issue Manuel de Landa raises of meshworks, hierarchies, and interfaces, and
think about how they apply to all sorts of infrastructure.
We have no choice but to trust hierarchies to some degree (whether formal
governments, ideological consensus, technical standards, aspects of the
scientific community process, key web sites, key corporations, etc.), so
again my question, how can we make governments for the information age that
are more trustworthy, however they are organized at the moment?
Transparency seems to be part of that, for example. But so might be other
things.
> You can trust other end users a lot more if safeguarded against snooping
> and tampering precisely because their capabilities do not differ markedly
> from your own. Cryptography is a key way to achieve that. Cryptography is
> also a key technology to keep track of trust and reputation.
Socially, just because you have an encrypted connection to someone does not
mean necessarily that you can "trust" them in every way. What will that
person or service do with the information you supply? That is part of the
whole Google DNS issue -- even if you have an encrypted session with Google,
what will Google do with the information you supply it? Why should a
discussion with an individual be any different?
Again, from the trusted computing video mentioned above, some text:
http://dailycupoftech.com/2007/09/25/who-chooses-whom-you-trust/
"Trust. Trust is the personal belief in correctness of something. It is the
deep conviction of truth and rightness, and cannot be enforced. If you gain
someone’s trust, you have established an interpersonal relationship, based
on communication, shared values and experiences. Trust always depends on
mutuality."
(Found via the "evil"? :-) Google cache:
http://74.125.93.132/search?q=cache:TVvBFijSqhIJ:dailycupoftech.com/2007/09/25/who-chooses-whom-you-trust/
)
I'll agree with a limited version of your point at the end, where you wrote:
"I prefer technology forms leading to empowerment of individuals, not more
control for superpersonal organisation forms. Encryption as a means for
privacy, strong authentication, trust and tamper-hardening are key parts of
that of that technology box."
That limited version is that such technologies can have an important role in
providing a healthy balance among meshworks and hierarchies. But, I also
think such technologies can only play that role when the system overall
social is working somewhat well (and so, as above, there is some degree of
trust about shared values and experiences and a history of communication
across the network). I'll outline below in response to other points you made
why I think that and why I don't think encryption by itself addresses all
those issues.
>> Well, one could also put a willingness to use Google for convenience or
>> free-of-direct cost down to "digital fatalism" in just assuming you have no
>> privacy online.
>
> I find declaring defeat a priori both unwise and dangerous. Also for other people,
> not just you. Especially since you cannot solve social/political problems
> technically.
Well, sometimes it is better to accept defeat in one area and then move onto
other strategies for social change. :-) If you assume all your
communications are archived and monitored, you can structure them in
different ways to have a different effect.
Still, to the extent I agree with you, I think one can talk about a healthy
balance, accepting both social and technological limits.
I also think the two interact -- technology changes the nature of
social/political problems sometimes, and social/political issues affect the
nature of technical problems sometimes.
>> Here is how I see it, probably having an even higher level of paranoia than
>
> Paranoia is the wrong term, since we do not have to guess under
> which level of scrutiny we are living. We know. It's mostly a matter of
> public record. Very little if at all has to be extrapolated to fill
> in the blanks.
Sure. Slashdot's "Your Rights Online" feed provides plenty of public
information about these things, for example.
http://yro.slashdot.org/
Example:
"Woman Filming Sister's Birthday Party Gets Charged With Felony Movie
Piracy"
http://yro.slashdot.org/story/09/12/04/1918206/Woman-Filming-Sisters-Birthday-Party-Gets-Charged-With-Felony-Movie-Piracy
But also, for broad searches:
http://yro.slashdot.org/index2.pl?fhfilter=yro+carnivore
http://yro.slashdot.org/index2.pl?fhfilter=yro+echelon
>> you. :-) Vitamins like D3 and B12 can help supposedly. :-)
>> http://www.brainnutritionfacts.com/tag/paranoia
>> "We recently had a patient at the hospital where I work who became
>> psychotic, or lost touch with reality, believing that the CIA wanted to
>> assasinate him, and hearing voices whispering death threats through the
>> hallways. The only cause that could be found was vitamin B12 deficiency.
>> Once we gave him injections of vitamin B12, he slowly improved and could
>> once again tell the difference between reality and what only existed in his
>> mind."
>>
>> So, here is some extreme paranoia for your discomforting. :-)
>
> The first time I've run into security problems in regards to military
> cryptography and was disciplined for it was 1988. Since then, I very
> much doubt my profile has gotten any less conspicuous. Or so a little
> bird told me a few years ago.
Think about it. Whatever kind of crypto you were using in 1988 has most
likely either been broken or can be brute forced with computers literally a
million times more powerful now than then for the same price. Whatever you
sent then is now decryptable. Has someone archived it? Who knows. But, to be
prudent, you can assume the answer is yes.
>> The fact is, any ISP can log and decrypt all the data anyone sends through
>> it from a specific location if they really want to. One can assume the
>
> Log yes, decrypt no. TLAs can do a lot more, but they have their limitations.
How many things like this are there out there?
"Debian Bug Leaves Private SSL/SSH Keys Guessable"
http://it.slashdot.org/article.pl?sid=08/05/13/1533212
>> decryption can be done now either at high cost by supercomputers or in a
>
> Nobody does brute-force decryption of modern cryptosystems. Brute-force
> attack on the passphrase, yes. Sigint and system compromise, yes. Brute-force
> the cryptosystem, no.
You mention but then seem to handwave away critical issues of security. A
chain is only as strong as its weakest link. If people pick poor passwords,
or if they are informers or on the payroll of someone you don't know about,
or if they are just confused, then all your communications are at risk.
"Admins warned of brute-force SSH attacks"
http://www.securityfocus.com/news/11518
"Defending against brute force ssh attacks"
http://la-samhna.de/library/brutessh.html
Rhetorically (I don't want to know), how secure are the systems you talk to,
even via Tor? Do you really know for sure? Who really implemented Tor? For
what purpose? Can you trust them?
Rhetorically (I don't want to know), how secure are the humans you talk to
out there on the internet via secure channels in terms of password choice?
Even if someone is trustworthy now, even a blood relative you've know from
birth, how will they be next year after being tortured or brainwashed or
recruited by a cult?
Did you write the crypto routines yourself based on a perfect understanding
of advanced mathematics? If not, why do you chose to trust certain
"disciplined minds" with PhDs to do it when they have been subjected to
cult-like indoctrination? http://www.disciplined-minds.com/
It is fairly straightforward to monitor home wireless networks. Many people
have them. So, a common weak link, especially for techy people.
Did you make all the circuitry yourself from sand? If not, what is in there?
Who knows? This trick has been played against the USSR by the USA during the
cold war.
Do you really know what your hard disk is doing? Does it have a remote data
dump mode you don't know about it via local radio or other means?
More than that, as you imply, people can put keyloggers or rootkits on your
computers even if you make all the circuitry yourself from sand. How secure
is the average home from intrusion by skilled professionals?
Do you have a printer on your network? How secure is it?
"Have Hackers Hacked Your Office Printer?"
http://printscan.about.com/b/2009/09/28/have-hackers-hacked-your-office-printer.htm
How secure is you bluetooth-enabled phone so it cannot crack into your
system if left on by your computer?
Do you use a CRT monitor? Well, anyone nearby can see what is on your
monitor by RF emissions. Probably can as well for LCDs. Maybe the LCD panel
has been designed somehow to make it easier.
Link after link on the chain. And it's not even a chain -- that would be
easier -- it is an ever expanding network, with things like printers or
attached storage or video game consoles on your network that could
compromise all your other efforts. One of them is bound to be weak. Some
people specialize in finding them.
Even if your chain (or network) is very strong at every possible link, then
what about the future? Even if what you said were true about not
brute-forcing cryptosystems, how certain are you that quantum computers for
decryption won't be cheap and powerful in a decade or two? How sure are you
that the Googleplex or the Cloud won't spend its idle time in twenty years
decrypting everything you've ever transmitted as a "person of interest"?
Also, how certain are you about the future the people you have talked to in
the past won't ever shift alliances or beliefs for whatever reason (even
torture or blackmail)? Even if you use one time pads produced from true
random numbers like produced by radioactive decay (the only really good
crypto), then you still rely on trusting the other people with the pads not
to turn them over to someone else.
http://en.wikipedia.org/wiki/One-time_pad
Although, even then, with one time pads, you give away who you talk to and
for how long.
In general, security needs to be woven throughout a system end-to-end from
every stage of design. How many systems that people really use have had that
kind of design? And even then, how many have been designed as a system? And
then how fallable are the people who use them?
By the time you add all that up, one can ask, is using crypto really
someplace the average person wants to spend their time worrying about
compared to working in the clear? It is always an issue of costs to whom vs.
benefits to whom?
Of course, one may argue that if everyone used crypto for everything it
would make it that much harder for anyone else to understand all the network
traffic, and depending on your other beliefs, that might be a good thing (or
a bad thing).
>> few years at low cost by newer computers -- maybe even quantum ones. That
>> assumes the encryption algorithms are any good and don't have backdoors
>> making it trivial to decrypt stuff. Historically, countries have kept
>
> Regardless of potential weaknesses, if the only alternative is cleartext
> whether to do or not to do encryption is a no-brainer.
As above, it may all be compromiseable fairly easily. In the end, like a gun
for personal defense or a lock to keep out intruders, crypto doesn't get you
anywhere by itself (or that much security against a determined adversary
with resources on a vastly larger scale than you). And the adversary might
not care who *else* gets hurt in the process; example:
http://en.wikipedia.org/wiki/Waco_Siege
"The Waco Siege[11] began on February 28, 1993 when the United States Bureau
of Alcohol, Tobacco, and Firearms (ATF) attempted to execute a search
warrant at the Branch Davidian ranch at Mount Carmel, a property located
nine miles (14 km) east-northeast of Waco, Texas. An exchange of gunfire
resulted in the deaths of four agents and six followers of David Koresh. A
subsequent 51-day siege by the Federal Bureau of Investigation ended on
April 19 when fire destroyed the compound. Seventy-six people (24 of them
British nationals)[12] died in the fire, including more than 20 children and
two pregnant women and then-Davidian leader Vernon Wayne Howell, better
known as David Koresh."
What will be the Waco equivalent for encryption?
I'd suggest any idea worth talking about to save our civilization from
itself is worth talking about in the clear, at least given what still
remains of our democracy, which in not insubstantial. Ultimately, we won't
see social change unless a lot of people begin to imagine new possibilities
(based on human values) and talk about them, and in turn change our
collective governance system to reflect those new ideas.
If you work in the clear, you have a chance to influence even the hearts and
minds of government bureaucrats. :-) Maybe some are irredeemable, but most
are likely sincerely trying to do as good a job as they can under difficult
circumstances.
Sure, if everyone in the USA were to use encryption, the government would
have a harder time looking at every message. But we'd also have vast social
change if everyone in the USA were to vote for, say, Ralph Nader, Dennis
Kuncinich, and Ron Paul (some sort of Triumvirate? :-)
So, a decision to focus on encryption over other social change is
potentially challengeable as "fatalism" of a political kind. :-)
>> copies of intercepted messages from other countries in wartime and maybe
>> years later could then decrypt them and find out a lot about the past that
>> may be useful in the present day. Maybe what you outline with VPN might
>> keep stuff private now, but would it keep it private ten years from now
>> with decryption computers 1000 times faster or cheaper (Moore's law) than
>> what we have now?
>
> Not my threat model. You're wrong about systems getting faster, this is
> not what cooks your goose. Without advances in cryptoattacks faster hardware
> is meaningless.
As above, Debian was compromised for years. What about Microsoft? How good
are algorithmic random number generators anyway? What else is compromised
unintentionally or intentionally to make analysis tractable to those with
computers a million times faster than average? And everyone will have such
computers in two decades or so. So, you are making other assumptions here.
Also, what sort of things will computers a million times faster be able to
do in terms of AI applied to pure mathematics and breaking old crypto? Also
quantum computers break most current crypto (short of one time pads from
true random sources). Again, the safe assumption from a political activist
point of view is that access to information will be at best delayed, or at
worse possibly accelerated.
>> Let's say someone unintentionally but illegally downloads just *one*
>> copyrighted song now (2009) using VPN technology (say, a background tune on
>
> Hey, they can log those few TByte/month that passes through my system.
> Be my guest, I have no idea what's in there. Please store it, please burn
> resources on it, that's precisely the point. Sufficiently widespread
> nonclear traffic is indistinguishable from lots of honeypots.
A bright side of all the logging is that in a few decades there will be a
wonderful official archive of this period of time for people to explore. And
maybe even resurrect digital beings from it, if that is ethical and
desireable. :-)
http://www.simulation-argument.com/
Whatever one can say about other aspects of it, the release of the 9/11
pager data is a fantastic resource for future historians.
"Mobile: Wikileaks Publishes 500,000 9/11 Pager Messages"
http://mobile.slashdot.org/story/09/11/25/1320215/Wikileaks-Publishes-500000-911-Pager-Messages?from=rss
Anyway, I'm going to avoid commenting on other issues there.
>> a youtube video they look at for other reasons), out of all their other
>> endless legal activities. Ten years later, in 2019, that logged data gets
>> decrypted routinely, and the government knows that person broke a copyright
>
> You have a strange model on how cryptoanalysis advances.
I guess so. :-)
But who really knows what exactly to make of something like this:
"First 'Quantum Computer Chips' Demonstrated "
http://science.slashdot.org/article.pl?sid=07/09/27/1337242
>> law ten years ago. Well, is that a prosecutable crime in 2019?
>
> Let's say you're organizing a strike or a demonstration today. Of what
> interest to you is that somebody *might* (I consider it unlikely, session
> keys are ephemeral) break a given OpenVPN session log two decades hence?
First off, one can organize many sorts of legal demonstrations in the USA.
Many strikes are legal. So, encryption is not essential to social change in
that sense. Ideally, protest organizers want the police and justice system
on their side as much as possible. One way to do that is to be as
transparent as possible. We do still have a democracy of some sort in the
USA, battered and wilting such as it is.
As for breaking the crypo. First, it may be broken now, because you don't
know who is an informant and who is not, even if the crypto itself was any
good. As for breaking crypto in twenty years, that may still be enough to
put people in jail if illegal acts happened.
Anyway, I'm suggesting that in a way, crypto is a sign of fear. It is a
dismissal of social strength in the context of social organization (at least
in the USA). There are other approaches to social organizing. A focus on
crypto may be misleading in that sense.
This is not to disagree entirely with your point, or even the value of
digital signatures right now to minimize "agent provacateurs", and so on.
http://en.wikipedia.org/wiki/Agent_provocateur
But using crypto to keep everyone in a movement honest and acting legally is
a different emphasis than most people might suggest who encourage it.
>> "Legislative history -- Copyright felony act"
>> http://www.cybercrime.gov/CFAleghist.htm
>> It may depend on the interpretation of the "statute of limitations" as well
>> as other laws passed over the next decade. But, even if the statute of
>> limitations has passed, evidence of a past crime might seem like at least
>> "probable cause" to investigate further in the then present day (2020) by
>> seizing all of that person's computing systems. That might even be painful
>
> Use encryption today to make sure this doesn't happen tomorrow.
Not necessarily. Can you outline a plausible scenario that allows for
broken-by-design crypto, quantum computing, or human informers?
>> for a cyborg, to rip out any brain implants. So, even today's laws can all
>> become a way of doing selective enforcement against people in the future if
>
> There's no guessing about that. It is routine today. You're right now in
> violation of probably a dozen laws at least, and can be persecuted for it.
I say something similar below.
"Incarceration in the United States"
http://en.wikipedia.org/wiki/Incarceration_in_the_United_States
"""
The United States has the highest documented incarceration rate in the
world.[3][4] It also has the highest total documented prison population in
the world.[3][5][6] As of year-end 2007, a record 7.2 million people were
behind bars, on probation, or on parole, with 2.3 million of those actually
incarcerated.[7] More than 1 in 100 American adults were incarcerated at the
start of 2008. The People's Republic of China ranks second with 1.5 million,
while having four times the population, thus having only about 18% of the US
incarceration rate.[8][9]
"""
>> the government does not like (even to the point of doing forcible brain
>> surgery on them). This sort of issue outlined in this slashdot article may
>> become all too common as law enforcement can look back on data recorded ten
>> years ago and decrypt it:
>> ""Accidental" Download Sending 22-Year-Old Man To Prison"
>> http://yro.slashdot.org/story/09/12/05/1511258/Accidental-Download-Sending-22-Year-Old-Man-To-Prison
>
> I'm missing the part where they traced his Tor session and cracked his
> Truecrypt system partition which was secured by a strong passphrase.
>
> Oh wait, because that never happened. He unwittingly ran into a honeypot,
> and submitted to have his unhardened machine to be analyzed forensically,
> then pleaded guilty in a fishy bargain in a modern equivalent of a Malleus
> maleficarum case.
Sure.
Still, right now, anyone in the USA becomes a felon just for receiving spam
email with questionable content. So, how does encryption prevent that? It
does not. It may even give people a false sense of security.
Still, in twenty years, we don't know how much of today's crypto will be
compromised. So, it is possible that logs of Tor sessions and copies of hard
drives made today can be decrypted easily in 2029, or even 2019 if there are
backdoors and other unknowns. So, there is a whole possible positioning
going on to entrap people down the road
>> After September 11, 2001, examining cell phone calls was a big thing --
>> showing how they are routinely recorded (a fact not widely know at the
>> time, but obvious after).
>
> Much more interestingly is that in many countries service providers
> must log your location info with time (which is a movement profile)
> and record connection info. Plans to log your complete online trail
> are in the works, at least in UK. Plans to only allow going online
> when authenticated with personal ID smartcards ditto. One wonders
> what plans are in the drawers we haven't heard about yet.
Sure.
>> Even now people are working to crack GSM phone encryption. Related:
>
> GSM "encryption" was deliberately designed to be weak. Realtime
> GSM cracks are over a decade old now. Try the same with another
> cryptosystem considered deprecated, such as 3DES. Not so easy now, eh.
How much other encryption is weak by design? How do you know you can trust
the "disciplined minds" that created it?
http://www.disciplined-minds.com/
"""
“I have been waiting a long time for someone to write this book, and Jeff
Schmidt has done it. He exposes, in crystal-clear prose, the inevitably
political nature of the professional in our society, and, most importantly,
suggests a strategy for resistance. This is an extraordinary and valuable
piece of writing.”
"""
>> "Open Source Attempt To Crack GSM Encryption"
>> http://it.slashdot.org/story/09/12/05/1958251/Open-Source-Attempt-To-Crack-GSM-Encryption
>> "The intended approach is to create an open source project to spread the
>> computation of a giant look-up table across more than 80 machines.
>> Interestingly, they've openly stated that nVidia's CUDA technology will be
>> used to execute parallel elements of the problem on GPUs as well.""
>>
>> So, for anyone who archives all encrypted phone communications around them
>> (would take a lot of storage space obviously), they would be able in ten
>> years or so probably to listen to everything anyone around them said now on
>
> Not my SIP session over OpenVPN they won't.
http://www.ubuntu.com/usn/usn-612-6
"""
Original advisory details: A weakness has been discovered in the random
number generator used by OpenSSL on Debian and Ubuntu systems. As a result
of this weakness, certain encryption keys are much more common than they
should be, such that an attacker could guess the key through a brute-force
attack given minimal knowledge of the system. This particularly affects the
use of encryption keys in OpenSSH, OpenVPN and SSL certificates.
"""
Sorry.
>> a cellular phone; recording even encrypted conversations may be illegal for
>> individuals, but I would expect at least any government would find out some
>> way to justify it. Certainly a foreign government could probably record
>> cell phone calls in the USA, decrypt them, and then pass the data back to
>> the US under various agreements.
>
> You're describing an existing arrangement.
Yes, that is why I thought is safe to suggest it could happen. :-)
>> So, while encryption may be useful in delaying people's access to your
>> communications, don't assume it does any more than *delay* access.
>
> It depends on your threat model. For most cases you're wrong.
OK, sure, we are always talking priorities, degrees of security, tradeoffs
of convenience and usability for privacy, and so on. Tradeoffs. Not an all
powerful magic wand or cloak of perfect invisibility.
But, the issue with digital data is that if it is recorded, even if
encrypted, you don't know what future threats might be.
As is see it, we are in a race between the internet as wings to fly up in
some transcendent way as a society and the internet as chains to drag us
down into the depths. But, I think a focus on encryption may be misleading
in that sense.
>> And it also won't delay access under certain legal situations in some
>> countries:
>
> Now you know why I no longer travel to UK.
Sure.
>> "UK jails schizophrenic for refusal to decrypt files: Terror squad arrest
>> over model rocket"
>> http://www.theregister.co.uk/2009/11/24/ripa_jfl/
>> """
>> So, I suggest we should assume everything we do is monitored and everyone
>> on this p2p list works for the CIA. Now what? :-) Well, one can start
>
> That is not a very useful assumption. A much better assumption that
> everything in cleartext passes through tapping points which can do
> nontrivial filtering, and can destil down interesting traffic for further
> scrutiny and possible storage, including human analyst eye time.
>
> Already trivial encryption will very effectively disrupt this
> large scale passive scrutiny of cleartext. Active MITM takes a lot
> more sophistication and can be detected in principle, so it can't
> be done on a wide scale.
Yes, a social argument that if everyone does it it will produce herd
immunity somehow.
But the issue is, what does this really get you? What is the deeper point?
If it is to keep government more accountable, can this be done in other ways
more directly than playing "hide and seek" with paid professionals?
Also, again, you assume (maybe rightly, maybe wrongly) that existing crypto
really works even now, with all the other issues.
Also, as long as the core social dysfunction you are implicitly worrying
about (excessive government power) is not dealt with in other ways, what is
to keep the USA from just adopting UK style laws (to hand over passwords) on
this next year? Nothing.
At the very least, the laws (from government) and the technology need to
work together. Let's say you are right about the value of this. Then should
it be enshrined in the constitution? Is it already?
What does this mean in the digital age?
http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution
"The right of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures, shall not be violated,
and no Warrants shall issue, but upon probable cause, supported by Oath or
affirmation, and particularly describing the place to be searched, and the
persons or things to be seized."
>> working to change the nature of society in a peaceful, non-violent, and
>> legal way that works for everyone using P2P and other technologies. :-) And
>
> If you think it will be peaceful, legal and non-violent you're bullshitting
> yourself. The current developments are not sustainable. Either the current
> trend will reverse, or we'll see considerable mayhem ahead. (We already know
> that the current national administrations are deploying this technology to
> early identify and isolate trouble hot spots -- any trouble hot spots).
I disagree. If it is not for the most part peaceful and not-violent it is
all over.
One of these could be put on every street corner in the USA for about the
cost of a traffic light soon as costs drop:
""Samsung develops machine gun sentry robot costs $200k"
http://www.newlaunches.com/archives/samsung_develops_machine_gun_sentry_robot_costs_200k.php
"Samsung has partnered with Korea university and developed the machine-gun
equipped robotic sentry. It is equipped with two cameras with zooming
capabilities one for day time and one for infrared night vision. It has a
sophisticated pattern recognition which can detect the difference between
humans and trees, and a 5.5mm machine-gun. The robot also has a speaker to
warn the intruder to surrender or get a perfect headshot. The robots will go
on sale by 2007 for $ 200,000 and will be deployed on the border between
North and South Korea."
Lots of stuff here:
http://en.wikipedia.org/wiki/Military_robot
I just doubt "the people" will win that one. And even if they could, the
casualties would be enormous.
From:
http://sociology.ucsc.edu/whorulesamerica/change/science_nonviolence.html
"Studies of social movements in the United States also show that the
necessary social disruption has to be created through the principled use of
strategic nonviolence. Any form of violence, whether property damage or
physical battles with opponents and police, will turn off the great majority
of Americans and bring down overwhelming police and military repression."
What better way to show a peaceful intent than by operating in the clear in
a slow and obvious way? Sure, there are some obvious disruptions that would
be illegal and shut down. But, frankly, there is nothing that keeps anyone
legally from organizing a hundred million people attending a conference in
Washington DC on single payer health care, or keeps people from getting a
hundred million people to make free music.
Like owning a handgun, crypto, in that sense, is just an easy out to think
one is doing something about true intrinsic mutual security, when one might
really not be doing that much (or might even be making things go backwards).
Still, I half-agree. Digital signatures can be a good thing. Crypto deters
some casual identity theft. Crypto in the form of digital signatures might
be useful in preventing agent provocateurs from the government or big
businesses messing up peaceful protests or peer production on free digital
commons.
But sure, if we *had* a progressive trascendent society (like in James P.
Hogan's Voyage for Yesteryear") then crypto might be a great default, on the
argument locks keep honest people honest. What I'm suggesting here is that
it realistically can't do much more than that. If you are seriously worried
about the US government taking action on clear text messages (as in relation
to social organizing) then you might just as well be worried about being
imprisoned or killed for using crypto by a future government even less
accountable than what we have now.
Can you give many plausible scenarios where crypto would make a big positive
difference in social organizing in the USA?
And if you can, then how can we more directly address whatever issues about
trust and governance that are raised by that?
>> one could also work peacefully and legally to changing the laws about
>> copyrights and so on.
>>
>> See also:
>> "Four Horsemen of the Infocalypse"
>> http://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalypse
>>
>> But we seem way past that infocalypse already in some ways, like the guy
>> above arrested for a model rocket still in the package. In a way, the
>> "think of the children" Infocalypse (like is putting that 22 year old in
>> prison for years) has already come and gone, and we are living in the world
>> on the other side (everything logged, broad and vague laws on all sorts of
>> things that taken together that make *everyone* criminals, selective
>> enforcement of that, children being imprisoned for their own "protection"
>> for sending pictures of themselves, a generated climate of fear and
>> mistrust, etc.).
>
> Precisely. So what are you doing about it?
Writing things like this reply? :-)
In general, I'm trying to help people see a way to move beyond scarcity
assumptions. Even the assumption of a scarcity of good governance? :-)
>> Still, even assuming the worst, we can work towards something better with
>> what we have, our imaginations, our community, our technology, and so on.
>> Even within the USSR and repressive government, it transformed eventually.
>
> If you want to assume the worst, you should consider us becoming the
> Emergents, in Vernor Vinge's A Deepness In The Sky novel.
I'm more focused on the next decade or two. :-)
Besides, we already have that kind of "mindrot" technology the Emergents use
in that story to "focus" people. It is called "graduate school": :-)
"Review of Jeff Schmidt's Disciplined Minds: A Critical Look at Salaried
Professionals and the Soul-Battering System that Shapes their Lives"
http://www.uow.edu.au/~bmartin/pubs/01BRrt.html
"Where the book most obviously goes beyond usual critical analyses of
professions is in the final part, "Resistance." Schmidt begins by drawing an
analogy between professional training and ideological indoctrination in
cults. He recognizes that students have many more opportunities to organize
and resist than typical cult members. Nevertheless, he argues that "life in
graduate or professional school can be very much like life in a cult - and
that for students who aren’t careful, it will be." (p. 218). He then looks
at the characteristic features of totalistic organizations, such as big
promises, control of the milieu, no questioning of authority, and shaming.
He gives examples from professional training reflecting each of these
features."
> I do not see how we can recover from that once we're there. This isn't
> your grandfather's Evil Empire.
The pendulum swings -- sometimes slowly.
Or as Manuel de Landa might suggest, another level of diversity might get
built on a level of uniformity.
>> Things like humor were part of that transformation. So was optimism (one
>> can be paranoid as well as humorous & optimistic at the same time. :-)
>
> [...]
>
>> So, welcome to my paranoid world. :-) Google *is* the government already.
>> Encryption only at best delays access to anything you do online by a few
>> years and at worse makes people investigate you immediately. Everyone is a
>
> Oh, the horror. The horror of it. Imagine if this was the rule. Imagine
> the number of data you would have collect, and how many human analysts
> you would tie up listening to pillow talk or academic treatises. If
> you've read your Bamford, you'll know that this is not a theoretical scenario.
Ah, but see, I worked with the IBM Speech group. :-)
Speech recognition software is not that useful for replacing keyboards, but
it is great for indexing audio and video data at this point. (Not what I
worked on there, but the defense department supports a lot of that work --
all part of the public record.)
Besides, Google sells to the formal government.
>> criminal because of vague and broad laws that are selectively enforced. Any
>> obvious defiance will get you put away for twenty years in a place without
>> sunlight that may destroy your health and sanity (and that's if you are
>
> If you are in that situation, it is your civic and human duty to organize
> underground resistance. If you don't, you will eventually find yourself at
> the receiving end of the system.
Except that why does "resistance" have to be "underground" in a democracy
such as we still have?
And where does "resistance" get you, except to slow things down?
We need progression in some good direction, not resistance to getting worse.
We need public movements that are very visible.
Positive psychology. Take what is good an amplify it in a very open an
public way.
http://en.wikipedia.org/wiki/Positive_psychology
>> lucky and not just taken out in an "accident"). Now what? How do we build a
>> better world within those constraints? Perhaps by using humor, optimism,
>> and imagination? :-) As well as free-to-the-user Google services? :-)
>
> Paranoia works best if titrated to functional levels. And paranoia and
> naivete don't really mix well.
Sure.
>> I'm really a tremendously conformist person in most ways -- you don't get a
>> stamp on your forehead that says "Princeton" unless you are willing to jump
>> through endless hoops on command. :-( My idea of a happy work life at this
>> point is just going to a research lab everyday (an IBM Research like in the
>> 1970s when people like Gerry O'Neill came to give talks about space
>> settlemest?) doing something worthwhile and having a nice meal for lunch
>
> Not many people are that lucky, these days.
True. Not even now. When I was at IBM Research a decade ago, I was told it
was a pale shadow of what it had been like in the freewheeling 1970s.
IBM then had many of the best mechanical engineers in the nation from
working on the IBM Selectric typewriter and printer. Then they all got told
to become programmers, and it was not what most of them wanted to do. So, we
a planet took all those great mechanical engineers (what robots they could
have made, but IBM ditched that division) and turned them into a bunch of
mediocre unmotivated unhappy programmers pining away for the good old days.
Imagine what solar collectors those mechanical engineers could have made.
Very little basic research goes on anymore anywhere as a percentage of
funding. But even a little still makes a big difference.
>> talking to colleagues. I would not have spent decades outside the system
>> trying to make changes if I did not think they were essential to our very
>> survival (especially because of the risk of nuclear war). Frankly, I
>> probably would have preferred to be a "loser" earning US$200K with the rest
>> of my class (even Michelle); see this humorous item to understand that
>> comment:
>
> [...]
>
>> A "technological fix" with encryption like you suggest does not really
>> address the core issues of a changing society. The core problem IMHO is
>
> If the society does not use the tools for privacy, the society might find
> itself in a failure mode quite difficult to impossible to recover from.
I don't see that. We are already in that failure mode. We need alternatives,
but I just don't see why they need to be secret. Debian GNU/Linux and
Wikipedia and much other free stuff are changing the landscape of things.
I'm not saying encryption can not be useful -- just that overemphasizing it
seems to me to be problematical. And linking back to the initial topic of
Google having too much power, that is not as big of an issue if Google is
restricted by other ways. Europe has stronger privacy laws, for example. If
I had to choose between strong privacy laws and encryption, which is really
better? Still, ideally, they would go together.
> "We have no privacy anyway, so we can give up already" is exactly the
> unconstructive attitude to take. History tends to take a dim view on quislings.
I think my points are a bit more nuanced than that. :-)
>> scarcity-based assumptions at the core of the current political process (as
>> well as economic processes like around even Google), but politicians and
>> business people increasing having to make decisions about using and
>> improving an infrastructure that can produce vast abundance.
>
> Right now the current political and business process is directed towards
> surveillance and control of uprisings in the coming scarcity scenarios.
Sure. But does encryption really do much about that other than feed the
paranoia on the government and business side?
There's this scene in Voyage from Yesteryear where a main character,
Sergeant Steve Colman, has his platoon walk out into the open with guns
lowered, rather than make a foolish direct assault against some point they
would have been sure to lose, as a way of getting the other people they were
advancing on to switch sides. A huge risk. But the option otherwise would be
certain death.
>> Consider, as one example:
>> http://en.wikipedia.org/wiki/Pirate_Party
>
> I am an active member of the Pirate Party and so should you.
Except, as I said, not everyone agrees with their entire platform (Marshall
Brain's system disagrees on "privacy").
But in general, yes, they are heading in a good direction.
But overall, I'd suggest they lack some positive vision of the future (at
least I have not seen one, maybe you can point me at one).
http://docs.piratpartiet.se/Principles%203.2.pdf
"We wish to change global legislation to facilitate the emerging information
society, which is characterized by diversity and openness. We do this by
requiring an increased level of respect for the citizens and their right to
privacy, as well as reforms to copyright and patent law."
That sounds nice, but it doesn't really deal directly with the scarcity
assumptions. Stuff like a basic income or a gift economy or improved local
subsistence or better organizations that do better planning or sustainable
equitable production. They get the digital issues, but miss the larger link
in their position statement.
>> More on jury nullification:
>> http://en.wikipedia.org/wiki/Jury_nullification
>
> Jury is specific to anglosaxon law, IIRC.
Sure, but important to the USA which in turn affects the world.
>> Guns are like encryption in a sense. Like locks, maybe they help keep
>> honest people honest, but they are not going to do much against organized
>> efforts by government to do something to you. I've tried a few times with
>
> I happen to disagree about that too.
Not surprising. :-)
>> conservatives to take them step by step through the idea of how guns may
>> protect their rights realistically in our society and have never gotten a
>> good answer; history in the USA shows the now-despicable internment of
>> Japanese-Americans went relatively smoothly even with a lot of guns around.
>
> The difference between US and EU is that EU does not even have guns to take
> away first.
Misses the point. Were Japanese Americans in the USA imprisoned with ease
even with guns all around? All it took was issuing letters and so on. Would
you not report to a detention camp if requested? Seriously? Let's say you
get a certified letter in the mail saying you need to report for temporary
detention somewhere based on, say, using Tor (if made illegal), or you will
be arrested an imprisoned. Would you not go? You going to start shooting? Who?
"Motive probed in Fort Hood shooting rampage"
http://www.reuters.com/article/idUSTRE5A454F20091106
What's the point? Did that army psychiatrist gain any sympathy by his
actions? What would it accomplish? It will only give the SWAT teams more
practice:
"Mayor wants federal probe after SWAT raids house, kills dogs"
http://www.cnn.com/2008/CRIME/08/07/mayor.warrant/
and, if anything, get the rest of the public to say that they know people
who use encryption are up to no good and should all be locked up.
Guns are a false sense of security for most people. Maybe that is why
Western Europe is not a more democratic place? Because the people don't have
the crutch of guns and so take the ballot box more seriously than the ammo box?
>> One problem is that the fifth box (ammo box -- which I question the
>> effectiveness and morality of, especially just compared to non-cooperation)
>
> Who's interested in morality when you have a civil war in your hands?
There are many degrees of intensity of civil war.
There is a civil war ongoing right now in a sense, about issues of scarcity
and abundance, like the Pirate Party begins to talk about. Let's try to keep
it from getting too bloody.
>> "Social Movements and Strategic Nonviolence"
>> http://sociology.ucsc.edu/whorulesamerica/change/science_nonviolence.html
>> seems to have made many people complacent about all the others. Like the
>> encrypted box, the ammo box does not make anything better by itself. Iraq
>> showed how easy it is to tear apart a society in a way that may take
>> decades to heal. You can hide all the transactions you want behind
>> encryption for a time until society falls down around you, too.
>
> Some severe cognitive dissonance here.
Not sure which parts you mean? From:
http://sociology.ucsc.edu/whorulesamerica/change/science_nonviolence.html
"""
For current-day egalitarians, a commitment to the freedoms and democratic
procedures won by past egalitarians can provide the primary foundation for
the practice of nonviolence, although some of them also draw upon their
religious values as well. This democratic commitment has the added virtue of
narrowing the gap between egalitarians and mainstream liberals. In addition,
a nonviolence orientation can be sustained by the knowledge that it helps to
keep the egalitarian movement itself more democratic; it ensures that
violence-prone dominators will not take over the movement and subvert its
democratic aims. As many historical cases suggest, the most violent people
soon rise to the top once the possibility of violence is introduced, and
they often use their loyal followers to intimidate or kill rivals.
Most of the people who advocate strategic nonviolence are aware that it
cannot work outside of what are at least quasi-democratic contexts. It is
hard to imagine that strategic nonviolence would work for slaves in ancient
empires, Jews in Nazi Germany, or critics in Saddam Hussein's Iraq. It did,
however, play a role in the abolition of slavery in England and the United
States, and the courageous activists did have a hand in the transformation
of the Soviet Union. Still, dictatorships of any kind usually only fall when
there are disagreements among those at or near the top, or if external
challenges to the power structure give the oppressed some new openings.
There are few instances where dictatorships have been overcome internally by
the oppressed majority.
But given the freedoms, civil liberties, and voting rights achieved by a
long line of American egalitarians and liberals, there is no end that could
be justified by violence, property destruction, or armed struggle in this
country. Such actions undercut the democratic rights won by past
egalitarians and play into the hands of the government, which has the power
to isolate and defeat any violent movement. Furthermore, property damage and
armed struggle of any kind are overwhelmingly rejected by the vast majority
of the American people. Due to their appreciation of the freedoms they do
enjoy, and despite the economic unfairness they recognize and experience,
average Americans are repelled by violent political acts, whether by right
wingers or left wingers. If the goal is to build a larger movement that
connects to a strategy to take over and transform the Democratic Party, not
just to force the authorities to react to one or another provocation with
slight reforms, then violence makes no sense. It is therefore both immoral
and counterproductive for American egalitarians to employ violent
strategies. Or, as Cesar Chavez used to say about violence when he was
leading the farm worker's movement, it's wrong and it's stupid.
"""
But with that said, people in such a movement may have to be willing to give
up their lives for what they believe (e.g. Martin Luther King), but that is
not the same as being willing to take a life.
>> So, rather than focus on encryption, one might focus on making more free
>> content of hight quality, or more free (or even non-free, sadly, like
>> Konarka) designs for technology that produces abundance. Like guns,
>
> What if this is against the law and will land you in jail?
> What if perpetuation of scarcity is exactly the appropriate
> control paradigm, and you're the square peg that is in the way?
Sure. But it is not yet against the law to give away stuff for free. And
even if it was, is charging a penny enough? :-) But yes, the paradigm is in
play. There will be resistance to such changes; there has been lots of it
already. I'd suggest the great sweep of history will move beyond RIAA and
MPAA and so on at some point. There might well be terrible crackdowns and
mass imprisonment in the USA. Ultimately, I can hope we will move beyond it
-- the issue is only how long it takes. It's like the US civil right
movement -- now we have reached the point where it doesn't matter what color
your skin is to become president, as long as the content of your character
shows you will play ball with the scarcity elite -- so, that's a bit of
progress. :-)
Probably not quite what Martin Luther King, Jr. had in mind though:
http://en.wikipedia.org/wiki/Martin_Luther_King,_Jr
http://www.usconstitution.net/dream.html
"I have a dream that my four little children will one day live in a nation
where they will not be judged by the color of their skin but by the content
of their character."
Or maybe it was? But ultimately, to have political equality, there must be
some sort of economic equality. We don't have that yet in the USA. Not a
basic income. Not a gift economy. Not local subsistence with 3D printing.
Not comprehensive planning for public needs (like preventing the next New
Orleans Katrina-like disaster). Not yet. So, to me, those things may make a
bigger difference than encryption. Is encryption really central to achieving
any of those things?
Still, obviously, Google having information for every site someone visits
could no doubt be used for selective enforcement or harassment. Ralph Nader
advises activists to be squeaky clean, from his own experiences. But I'm not
sure how much encryption will really change that overall in someone's life.
But the fact is, even for someone who is squeaky clean, things can just be
made up. Ultimately, these are difficult waters no navigate, how to change a
society while keeping it running. From Alan Kay:
http://www.wired.com/wired/archive/2.01/kay.hillis_pr.html
"I was thinking about ecological computing. When I was working with
computers in the late '60s, all of the computer power on Earth could fit
into a bacterium. The bacterium is only 1/500th of a mammalian cell, and we
have 10 trillion of those cells in our bodies. Nothing that we have
fashioned directly is even close to that in power. Pretty soon we're going
to have to grow software, and we should start learning how to do that. We
should have software that won't break when something is wrong with it. As a
friend of mine once said, if you try to make a Boeing 747 six inches longer,
you have a problem; but a baby gets six inches longer ten or more times
during its life, and you never have to take it down for maintenance. "
Well, we don't have the option of taking our global society "down for
maintenance" without a lot of people getting very hurt -- like in Iraq that
the USA took down for maintenance and has long been a disaster. Now the USA
is going to take Afghanistan and Pakistan "down for maintenance" and we will
see how well that goes. :-(
We need a better model for social change. I think encryption is a
distraction in that sense. Would Martin Luther King, Jr. have been more
successful if he could have encrypted his "Letter from a Birmingham jail"?
http://en.wikipedia.org/wiki/Letter_from_Birmingham_Jail
http://abacus.bates.edu/admin/offices/dos/mlk/letter.html
"""
MY DEAR FELLOW CLERGYMEN:
While confined here in the Birmingham city jail, I came across your recent
statement calling my present activities "unwise and untimely." Seldom do I
pause to answer criticism of my work and ideas. If I sought to answer all
the criticisms that cross my desk, my secretaries would have little time for
anything other than such correspondence in the course of the day, and I
would have no time for constructive work. But since I feel that you are men
of genuine good will and that your criticisms are sincerely set forth, I
want to try to answer your statements in what I hope will be patient and
reasonable terms. ...
Moreover, I am cognizant of the interrelatedness of all communities and
states. I cannot sit idly by in Atlanta and not be concerned about what
happens in Birmingham. Injustice anywhere is a threat to justice everywhere.
We are caught in an inescapable network of mutuality, tied in a single
garment of destiny. Whatever affects one directly, affects all indirectly.
Never again can we afford to live with the narrow, provincial "outside
agitator" idea. Anyone who lives inside the United States can never be
considered an outsider anywhere within its bounds.
You deplore the demonstrations taking place in Birmingham. But your
statement, I am sorry to say, fails to express a similar concern for the
conditions that brought about the demonstrations. I am sure that none of you
would want to rest content with the superficial kind of social analysis that
deals merely with effects and does not grapple with underlying causes. It is
unfortunate that demonstrations are taking place in Birmingham, but it is
even more unfortunate that the city's white power structure left the Negro
community with no alternative.
In any nonviolent campaign there are four basic steps: collection of the
facts to determine whether injustices exist; negotiation; self-purification;
and direct action. We have gone through all of these steps in Birmingham.
There can be no gainsaying the fact that racial injustice engulfs this
community. Birmingham is probably the most thoroughly segregated city in the
United States. Its ugly record of brutality is widely known. Negroes have
experienced grossly unjust treatment in the courts. There have been more
unsolved bombings of Negro homes and churches in Birmingham than in any
other city in the nation. These are the hard, brutal facts of the case. On
the basis of these conditions, Negro leaders sought to negotiate with the
city fathers. But the latter consistently refused to engage in good-faith
negotiation.
Then, last September, came the opportunity to talk with leaders of
Birmingham's economic community. In the course of the negotiations, certain
promises were made by the merchants --- for example, to remove the stores
humiliating racial signs. On the basis of these promises, the Reverend Fred
Shuttlesworth and the leaders of the Alabama Christian Movement for Human
Rights agreed to a moratorium on all demonstrations. As the weeks and months
went by, we realized that we were the victims of a broken promise. A few
signs, briefly removed, returned; the others remained.
As in so many past experiences, our hopes had been blasted, and the
shadow of deep disappointment settled upon us. We had no alternative except
to prepare for direct action, whereby we would present our very bodies as a
means of laying our case before the conscience of the local and the national
community. Mindful of the difficulties involved, we decided to undertake a
process of self-purification. We began a series of workshops on nonviolence,
and we repeatedly asked ourselves : "Are you able to accept blows without
retaliating?" "Are you able to endure the ordeal of jail?" We decided to
schedule our direct-action program for the Easter season, realizing that
except for Christmas, this is the main shopping period of the year. Knowing
that a strong economic withdrawal program would be the by-product of direct
action, we felt that this would be the best time to bring pressure to bear
on the merchants for the needed change. ...
"""
>> encryption may be useful if you want to keep some information away from
>> thieves (who won't try too hard to grab any one person's credit card
>> numbers), but it won't protect anything in the long term from a determined
>> government. Following Manuel de Landa's idea, I suggest we always will have
>> some sort of one, as we have a healthy balance of meshworks and
>> hierarchies. You are trying to deny hierarchies some power with encryption,
>> but they can still get it in other ways. The bigger issue is how do we keep
>> the hierarchies accountable for the health of society?
>>
>> So, the deeper issue is, what kind of government do we want? And what kind
>
> I prefer technology forms leading to empowerment of individuals, not more
> control for superpersonal organisation forms. Encryption as a means for
> privacy, strong authentication, trust and tamper-hardening are key parts
> of that of that technology box.
As above, I half-agree. :-)
>> of society to go with it? And then how do we act to build that society
>> within the possibilities that seem reasonable?
All the best.
--Paul Fernhout
http://www.pdfernhout.net/
http://www.beyondajoblessrecovery.org/
More information about the p2presearch
mailing list