Tag Archives: Cory Doctorow

Doctorow, Cory - Apple vs FBI: The privacy disaster is inevitable, but we can prevent the catastrophe - Boing Boing 20160304

Doctorow, Cory - Apple vs FBI: The privacy disaster is inevitable, but we can prevent the catastrophe - Boing Boing 20160304

My new Guardian column, Forget Apple\'s fight with the FBI – our privacy catastrophe has only just begun, explains how surveillance advocates have changed their arguments: 20 years ago, they argued that the lack of commercial success for privacy tools showed that the public didn't mind surveillance; today, they dismiss Apple's use of cryptographic tools as a "marketing stunt" and treat the proportionality of surveillance as a settled question.

The privacy disaster is inevitable. Personal information is the CO2 of the surveillance economy, and we've pumped so much of it into giant, leaky, immortal databases that huge, life-destroying breaches are a given. The fight over Apple and the FBI, over privacy versus surveillance (not "privacy vs security," thank you very much) is about what happens after the coming privacy tsunamis make landfall: will we continue to pump out privacy-smog that turn the storm-of-the-century disasters into storm-of-the-millennium catastrophes?

Or will these privacy disasters prompt us to take action? Will the FBI let us decarbonize the Interet's surveillance economy, or will they demand that we build surveillance coal power-plants into every phone, computer, and Internet of Things gadget from now on?

Companies started to sell the idea of privacy. Apple and Microsoft sought to differentiate themselves from Facebook and Google by touting the importance of not data-mining to their bottom lines. Google started warning users when it looked like governments were trying to hack into their emails. Facebook set up a hidden service on Tor’s darknet. Everybody jumped on the two-factor authentication bandwagon, then the SSL bandwagon, then the full-disk encryption bandwagon.

The social proof of privacy’s irrelevance vanished, just like that. If Apple – the second most profitable company in the world – thinks that customers will buy its products because no one, not even Apple, can break into the data stored on them, what does it say about the privacy zeitgeist?

Seamlessly, the US Department of Justice switched tacks: Apple’s encryption is a “marketing stunt”. The company has an obligation to backdoor its products to assist law enforcement. Please, let’s not dredge up the old argument about whether it’s OK to spy on everyone – we settled that argument already, by pointing out the fact that no one was making any money by making privacy promises. Now that someone is making money from privacy tech, they’re clearly up to no good.

Doctorow, Cory - Forget Apple's fight with the FBI – our privacy catastrophe has only just begun - The Guardian 20160304

Doctorow, Cory - Forget Apple's fight with the FBI – our privacy catastrophe has only just begun - The Guardian 20160304

The privacy crisis is a disaster of our own making – and now the tech firms who gathered our data are trying to make money out of privacy

The smog of personal data is the carbon dioxide of privacy. We’ve emitted far too much of it over the past decades, refusing to contemplate the consequences.

For privacy advocates, the Apple-FBI standoff over encryption is deja vu all over again.

In the early 1990s, they fought and won a pitched battle with the Clinton administration over the Clipper chip, a proposal to add mandatory backdoors to the encryption in telecommunications devices.

Soon after that battle was won, it moved overseas: in the UK, the Blair government brought in the Regulatory of Investigatory Powers Act (RIPA). Privacy advocates lost that fight: the bill passed in 2000, enabling the government to imprison people who refused to reveal their cryptographic keys.

The privacy fight never stopped. In the years since, a bewildering array of new fronts have opened up on the battlefield: social media, third-party cookies, NSA/GCHQ mass surveillance, corporate espionage, mass-scale breaches, the trade in zero-day vulnerabilities that governments weaponise to attack their adversaries, and Bullrun and Edgehill, the secret programmes of security sabotage revealed by whistleblower Edward Snowden.

Who really cares about surveillance?

The first line of defense for surveillance advocates – whether private sector or governmental – is to point out just how few people seem to care about privacy. What can it matter that the government is harvesting so much of our data through the backdoor, when so many of us are handing over all that and more through the front door, uploading it to Facebook and Google and Amazon and anyone who cares to set a third-party cookie on the pages we visit?

Why is it so hard to convince people to care about privacy?

Painting the pro-privacy side as out-of-step loonies, tinfoil-hatted throwbacks in the post-privacy era was a cheap and effective tactic. It made the pro-surveillance argument into a *pro-progress* one: “Society has moved on. Our data can do more good in big, aggregated piles than it can in atomized fragments on your device and mine. The private data we exhaust when we move through the digital world is a precious resource, not pollution.”

It’s a powerful argument. When companies that promise to monetize your surveillance beat companies that promise to protect your privacy, when people can’t even be bothered to tick the box to block tracking cookies, let alone install full-disk encryption and GPG to protect their email, the pro-surveillance camp can always argue that they’re doing something that no one minds very much.

From the perennial fights over national ID cards to the fights over data retention orders, the lack of any commercial success for privacy tech was a great way to shorthand: “Nothing to see here – just mountains being made from molehills.”

And then ... companies started selling privacy

But a funny thing happened on the way to the 21st century: we disclosed more and more of our information, or it was taken from us.

As that data could be used in ever-greater frauds, the giant databases storing our personal details became irresistible targets. Pranksters, criminals and spies broke the databases wide open and dumped them: the IRS, the Office of Personnel Management, Target and, of course, Ashley Madison. Then the full impact of the Snowden revelations set in, and people started to feel funny when they texted something intimate to a lover or typed a potentially embarrassing query into a search box.

Companies started to sell the idea of privacy. Apple and Microsoft sought to differentiate themselves from Facebook and Google by touting the importance of not data-mining to their bottom lines. Google started warning users when it looked like governments were trying to hack into their emails. Facebook set up a hidden service on Tor’s darknet. Everybody jumped on the two-factor authentication bandwagon, then the SSL bandwagon, then the full-disk encryption bandwagon.

The social proof of privacy’s irrelevance vanished, just like that. If Apple – the second most profitable company in the world – thinks that customers will buy its products because no one, not even Apple, can break into the data stored on them, what does it say about the privacy zeitgeist?

The privacy catastrophe has only just begun

Seamlessly, the US Department of Justice switched tacks: Apple’s encryption is a “marketing stunt”. The company has an obligation to backdoor its products to assist law enforcement. Please, let’s not dredge up the old argument about whether it’s OK to spy on everyone – we settled that argument already, by pointing out the fact that no one was making any money by making privacy promises. Now that someone is making money from privacy tech, they’re clearly up to no good.

The smog of personal data is the carbon dioxide of privacy. We’ve emitted far too much of it over the past decades, refusing to contemplate the consequences until the storms came. Now they’ve arrived, and they’ll only get worse, because the databases that haven’t breached yet are far bigger, and more sensitive than those that have.

Like climate change, the privacy catastrophes of the next two decades are already inevitable. The problem we face is preventing the much worse catastrophes of the following the decades.

And as computers are integrated into the buildings and vehicles and cities we inhabit, as they penetrate our bodies, the potential harms from breaches will become worse.

Doctorow, Cory - The FBI wants a backdoor only it can use – but wanting it doesn’t make it possible - The Guardian 20160301

Doctorow, Cory - The FBI wants a backdoor only it can use – but wanting it doesn’t make it possible - The Guardian 20160301

Much like climate change denialists, politicians continue to debate encryption – ignoring the consensus of experts that it must not be compromised

There is a precedent for when something urgent is considered a settled matter in expert circles, but is still a political football in policy circles: climate change. Denialism is a deadly feature of 21st-century life.

The FBI’s demand that Apple create a defeat device for decrypting a phone that belonged to a mass murderer has all the ingredients for a disastrous public conversation.

Combine a highly technical debate about information security with an emotionally charged subject matter, then confuse the whole issue with a 24-hour news cycle tick-tock about who did what, when, and you end up bogged down in questions like, “Does it matter if the FBI directed the local cops to try to change the phone’s password, inadvertently creating the lockout?”

The questions raised by this court order are deliberately the wrong ones: questions whose answers don’t get us any closer to a lasting peace in the crypto wars. After all, the order emanates from a lowly magistrate judge, meaning that no matter how the ruling comes down, it will be appealed, possibly all the way to the supreme court, given the seriousness of the issue. It could be years before we even get a final ruling.

That final ruling will have very limited applicability, since the court’s order directs Apple to build a defeat device that wouldn’t work on its latest phones, nor will it work on its future devices, no matter how the judgment goes. This is the title sequence for Crypto Wars II, not the closing credits.

The first Crypto War was fought in the 1990s when the NSA insisted on a ban on strong crypto in civilian hands, and the US classed the underlying mathematics as munitions.

The Clinton administration lobbied for mandatory backdoors, insisting that it was possible to make a backdoor that only the good guys could walk through – precisely the same argument raised by the Obama administration in 2016 (see also: 2015, 2014, 2013, 2012, etc).

The thing about this controversy is that it isn’t one. Independent cryptographers are virtually unanimous in their view that you can’t properly secure a system while simultaneously ensuring that it ships with a pre-broken mode that police can exploit.

The fact that this would be useful doesn’t make it possible: as security experts Meredith Whittaker and Ben Laurie recently wrote: “Wanting it badly isn’t enough.”

Another urgent issue considered settled in expert circles, but still debated in policy circles: climate change
Law enforcement would also be assisted by anti-gravity devices, time machines, psychic powers, and the ability to selectively reverse entropy, but that doesn’t make them possible. Likewise uncontroversial is the gravity of the cybersecurity question. Cybersecurity isn’t just about protecting your location data and your private emails: it’s about making sure randos aren’t spying on your children through your baby monitor, or driving your car off the road, or killing you where you stand by wirelessly hacking your insulin pump – or stealing entire hospitals.

If you’re not worried about this stuff, you’re not paying close enough attention.

There’s precedent for this kind of contradiction, where something urgent is considered a settled matter in expert circles, but is still a political football in policy circles: climate change. Denialism is a deadly feature of 21st-century life.

The people who deny climate change have a range of motivations, from good-faith (but ill-founded) scientific disagreements to self-delusion to self-interest (and self-delusion driven by self-interest, of course). Many tactics have been tried in the denialism battles, but there have been few successes.

A notable exception is solar power and energy independence. This decade’s massive investment in solar power, driven by state subsidies, has bridged the gap between climate change denial and renewal energy advocacy. As the saying goes, “solar is a technology, not a fuel,” so it gets better (and cheaper) with investment and scale. The combination of better energy, good solar industry jobs and energy independence (with the promise of fewer disastrous foreign wars) has won over many climate deniers, who still think the Earth isn’t getting hotter, or that humans aren’t responsible for it, but nevertheless are some of solar’s biggest fans.

The rallying cry of economics is “incentives matter”. Given the right incentives, denial’s effects can be overcome, even if the underlying mistaken beliefs remain intact. Vaccine denial is another matter. While vaccination denial is deadly and urgent, the most successful strategy for combatting it has been all stick, no carrot. In California, SB277 simply prohibits children from attending school unless their parents get them vaccinated.

As a parent in a California school district, I can tell you that it’s working: the bus-shelter outside our local pharmacy may sport a nutty anti-flu-jab ad, and I still hear parents fretting about canards like mercury and “too many vaccinations in one shot”, but all the kids in our local school are vaccinated, full stop.

When we missed a doctor’s appointment for a Hep B shot, we got a note from the school nurse with a firm deadline to make it up, after which our daughter would no longer be welcomed on the premises. Measles, whooping cough and other preventable diseases are receding into the background. We hear stories about home-schooled, unvaccinated friends being disinvited from birthday parties because it’s simply ceased to be socially acceptable for someone to let their unfounded beliefs endanger their neighbors and their kids.

The difference between the carrot approach (climate) and stick approach (vaccines) can be explained by looking at the social power of each denial movement.

Vaccine denial makes a small number of unscrupulous celebrity alternative medicine advocates rich, but they’re small potatoes next to the Koch brothers. Their supporters can be pushed around in state legislatures with relative impunity.

Denial by the powerful has been addressed with bribes; denial by the powerless has been addressed with coercion.

Math denial – the belief that cryptographers are nefariously keeping all the cool stuff under wraps – is an idea with some powerful backers. One form of math denial is the belief in the ability to make computers that prevent copyright infringement.

Computers only ever work by making copies: restricting copying on the internet is like restricting wetness in water. Nevertheless, big corporations with hawk-eyed activist investors get away with buying “digital rights management” technologies that purport to prevent unauthorized copying.

Cryptographers (who don’t work for DRM companies) think this is ridiculous, the alternative medicine of computer science. But just as the NHS funds homeopathic “medicine” in public hospitals, legislatures continue to treat digital locks as going concerns, because orthodoxy and political expedience demands it. The entertainment industry is a powerful adversary, the security services are more powerful still.

It’s tempting to play along with them here, offer them more magic beans in the form of backdoors that we pretend only the good guys can fit through, or in the form of purportedly copy-proof bits, but the stakes are awfully high, and climbing steadily.

This is What Tor Supporters Look Like: Cory Doctorow and Ben Wizner


Cory Doctorow and family

I've been using Tor for more than a decade. I travel all the time, and often find myself connected to manifestly untrustworthy networks -- from the nets at hacker conferences to the one the Chinese government provided for our use at a World Economic Forum event in Dalian. Tor is my assurance that I'm browsing safely, privately and anonymously. When I do investigative journalism work on national security subjects, my go-to first line of defense is Torbrowser.

That why we at Boing Boing operate a high speed, high quality exit node. By the way, just this year we received two law enforcement requests for records relating to that node, and despite all the doomsaying about how the cops would punish you for operating an anonymizing tool, in both cases, we sent polite letters explaining that we don't keep logs, and in both cases, the cops returned a polite thanks and went away.

I donate to Tor, and I trust Tor, but even if I didn't trust 'em, I'd still use it. The great thing about free/open projects like Tor is that they're designed to work even if the people who make them don't agree with you or want what's best for you.

Ben Wizner
Ben Wizner, in thinking about the ways that Tor facilitates his work, is very clear: “It’s not an overstatement to say that secure technology such as Tor has made the ACLU’s work with Edward Snowden possible, “ he says.

Like Laura Poitras, using encryption was a learning process for Wizner, facilitated by key teachers, the first of whom was Laura herself.

“I was someone who went through most of my life unaware of these tools,” he says. “Laura (Poitras) came to my office in 2011 and installed Adium for me. `This is how we are going to communicate,” she said. “And this will help you communicate with the rest of the world as well.”

Jacob Appelbaum, Chris Soghoian, Renata Avila and Daniel Kahn Gillmor were all instrumental to Wizner as a he followed a similar learning curve to Poitras, quickly becoming familiar with Tor, PGP, Tails and Signal for many aspects of his work as Director of the ACLU’s Speech, Privacy and Technology project. It was his next teacher that, as he says, “gets us to the heart of the story. Starting in July 2013 I had a need to be able to communicate securely with Edward Snowden.”

From the start, as Ben aided Snowden with legal advice, he learned from him as well.

“[I was…] dealing with someone who is a world-class security technologist and also an excellent and very patient teacher,” he says. “I was entering a mode of communication where he felt extremely at home and I did not. This was going to be the only means of communication for an unknown length of time and we needed to exchange critical information, get to know each other and build trust, all while I am hunting and pecking on this tiny burner keyboard. And I have learned over the months and years how profound and intimate a chat conversation can be.”

Somehow it worked, and worked so well in fact, that meeting Snowden in person was a different experience for Wizner that he had expected.

“That was the surprising thing,” he says. “Even though we had gotten to know each other so well over so many hours of online conversation, I still had the expectation that our real relationship would begin when we met face to face. And yet it turned out to be a continuation rather than a new chapter.”

Wizner thinks often about the role that secure technology continues to play in both providing the foundation for their work together, and more broadly, in Ed’s continued participation in the larger dialogue around encryption.

“On one level, secure technology like Tor and Tails, has allowed Ed to defeat exile in a really profound way. Physical isolation has been imposed, but Ed is able to continue communicating to larger audiences from wherever he is. All of the legal and strategic advice,” he adds, “that goes into making these opportunities available and accessible for him would not be possible without using secure communications tools like Tor.”