What Happens Next Will Amaze You
(Talk by Maciej Ceg??owski on September 14, 2015, at the FREMTIDENS INTERNET conference in Copenhagen, Denmark.) Good morning! Today's talk is being filmed, recorded and transcribed, and everything I say today will leave an indelible trace online. In other words, it's just a normal day on the Internet. For people like me, who go around giving talks about the dystopian future, it's been an incredible year. Let me review the highlights so far: We learned that AT&T has been cooperating with the NSA for over ten years, voluntarily sharing data far beyond anything that the law required them to give. The infamous dating site for married people Ashley Madison was hacked, revealing personal information and and easily-cracked passwords for millions of users. Some of these users are already the subject of active extortion. Australia passed an incoherent and sweeping data retention law, while the UK is racing to pass a law of its own. The horrible Hacking Team got hacked, giving us a window into a sordid market for vulnerabilities and surveillance technology. The 2014 Sony Pictures hack exposed highly sensitive (and amusing) emails and employee data. And finally, highly sensitive and intrusive security questionnaires for at least 18 million Federal job applicants were stolen from the US Office of Personnel Management. Given this list, let me ask a trick question. What was the most damaging data breach in the last 12 months? The trick answer is: it's likely something we don't even know about. When the Snowden revelations first came to light, it felt like we might be heading towards an Orwellian dystopia. Now we know that the situation is much worse. If you go back and read Orwell, you'll notice that Oceania was actually quite good at data security. Our own Thought Police is a clown car operation with no checks or oversight, no ability to keep the most sensitive information safe, and no one behind the steering wheel. The proximate reasons for the culture of total surveillance are clear. Storage is cheap enough that we can keep everything. Computers are fast enough to examine this information, both in real time and retrospectively. Our daily activities are mediated with software that can easily be configured to record and report everything it sees upstream. But to fix surveillance, we have to address the underlying reasons that it exists. These are no mystery either. State surveillance is driven by fear. And corporate surveillance is driven by money. The two kinds of surveillance are as intimately connected as tango partners. They move in lockstep, eyes rapt, searching each other's souls. The information they collect is complementary. By defending its own worst practices, each side enables the other. Today I want to talk about the corporate side of this partnership. In his excellent book on surveillance, Bruce Schneier has pointed out we would never agree to carry tracking devices and report all our most intimate conversations if the government made us do it. But under such a scheme, we would enjoy more legal protections than we have now. By letting ourselves be tracked voluntarily, we forfeit all protection against how that information is used. Those who control the data gain enormous power over those who don't. The power is not overt, but implicit in the algorithms they write, the queries they run, and the kind of world they feel entitled to build. In this world, privacy becomes a luxury good. Mark Zuckerberg buys the four houses around his house in Palo Alto, to keep hidden what the rest of us must share with him. It used to be celebrities and rich people who were the ones denied a private life, now it's the other way around. Let's talk about how to fix it. There's a wonderful quote from a fellow named Martin McNulty, CEO of an ad company called Forward 3D: ???I never thought the politics of privacy would come close to my day-to-day work of advertising. I think there???s a concern that this could get whipped up into a paranoia that could harm the advertising industry,??? I am certainly here to whip up paranoia that I hope will harm the advertising industry. But his point is a good one. There's nothing about advertising that is inherently privacy-destroying. It used to be a fairly innocuous business model. The phenomenon whereby ads are tied to the complete invasion of privacy is a recent one. In the beginning, there was advertising. It was a simple trinity of publisher, viewer, and advertiser. Publishers wrote what they wanted and left empty white rectangles for ads to fill. Advertisers bought the right to put things in those rectangles. Viewers occasionally looked at the rectangles by accident and bought the products and services they saw pictured there. Life was simple. There were ad agencies to help match publishers with advertisers, figure out what should go in the rectangles, and attempt to measure how well the
Re: VW
Jaromil, I agree with much of what you say, so I'll try to find a focused place where a response might actually get somewhere. On 2 Oct 2015, at 10:31, Jaromil wrote: Relying on open-source metaphor-mantras ('Would you buy a car with the hood welded shut?') to analyze peculiar dynamics of the car industry this is NOT a peculiar dynamic of the car industry. This is how the current necrotizing capitalist regime of patents works in every sector of industrial production, thriving wherever no open source business model is embraced, let alone the free software ethic. There are different degrees of responsibility <...> This 'curatorial' approach to quoting turned what I said into its opposite, the better to rail against. Here's what I actually wrote: Jaromil, I think it's a bit premature to counter claims that this is 'just about Volkswagen,' because no one said anything like that. Obviously there are many ways in which this is symptomatic of broader structures. But Lehman Brothers and Fukushima were symptomatic as well, and would you really argue that 'there was nothing to be learned there' either? *And* hold hold up Android's OEMs cheating on benchmarks as a more illuminating example? I don't think so. Relying on open-source metaphor-mantras ('Would you buy a car with the hood welded shut?') to analyze peculiar dynamics of the car industry is like relying on Godwin's Law to understand neo-nazis. :^) My point isn't that VW -- or Fukushima or Lehman Brothers (or Hackingteam or Greece) -- is sui generis, and that we should flit from one spectacle to another without connecting the dots. On the contrary, they're all *symptomatic* of structural problems; and they're also (not 'but...instead of') edge cases that we, and various publics, can learn from. Unless you're hoping for some apocalyptic total transformation from the 'necrotizing capitalist regime of patents works in every sector of industrial production' to a garden of open-source delights, progress will be happenstance and incremental. As you yourself point out: wake up to these news: there is an actual dark market for software like the one VW used to counterfeit their autos http://www.independent.co.uk/news/business/news/volkswagen-wasnt-the-only-company-rigging-emission-levels-says-expert-a6668611.html If the VW fiasco (which, like 'Greece,' is far from over) ends up shedding more light on the complicity at the heart of environmental regulatory regimes, so much the better. But my first mail on the subject was aimed at pointing out the *many* ways in which the fiasco might unfold. If you think that waving aside the knock-on effects in every context except for IP fights is the best strategy, then do that. I don't think it is. And while I can't speak for Florian, I think he was pointing out different ways in which VW and the issues *as reported* (not as they 'are' according to a reductive and universalizing ideological conflict) are embedded in larger social and political orders -- which move at different speeds. VW's place in the particular postwar order of Saxony unfolds according to one logic, and the ways in which trade secrecy obfuscate systemic problems unfold according to another. Their coincidence -- when a break in the smooth functioning of trade secrecy invites us to think about political orders at different scales -- is akin to what Mako called 'revealing errors.' Thinking about them isn't opposed to what you're advocating. <...> for software, sure, and there could be various degrees of attention on different parts of software, as Florian mentions, sure, but then with open access at least we'd have infinite possibilities for researchers to choose their independent code analysis MA project, etc. etc. instead of isolated scandals popping up here and there. We need to switch to such a condition as tech is becoming more pervasive and entrenched with life-critical functions, there is no way out of this and I hope we can thrive in the open system picture that John gives us with a numerous enough population, rather than after a total desaster. Again, I agree with much of what you say, but it's also pretty much the same message that we hear when crypto advocates tell us to 'trust the math' and hobble along on antiquated proposals that everyone should review the source code themselves. I don't 'trust the math' because the math has to be implemented in concrete contexts -- and there are countless ways in which those implementations can introduce subtle biases and weaknesses. The power to do that, to analyze it, and to the review the source code, may be here but it's unevenly distributed. People with a disproportionate share of those power can wear whatever color hat they want -- black, white, gray, transparent, whatever. But as the Hackingteam fiasco you mention shows, the shared 'interests' of the people wearing those hats draws many of them together; and their more or less a
Re: VW
dear Ted, On Sun, 27 Sep 2015, t byfield wrote: > On 27 Sep 2015, at 5:02, Jaromil wrote: > > >to debate this thing as if it would be just about Volkswagen is so > >naive! srsly. There is nothing to be learned there. > > Jaromil, I think it's a bit premature to counter claims that this is > 'just about Volkswagen,' because no one said anything like that. > Obviously there are many ways in which this is symptomatic of broader > structures. But Lehman Brothers and Fukushima were symptomatic as > well, and would you really argue that 'there was nothing to be learned > there' either? *And* hold hold up Android's OEMs cheating on > benchmarks as a more illuminating example? I don't think so. I believe that in 2015 and on top of all the literature we have been imbued there is no point for us to engage blaming VW as the evil manufacturer, or take political correctsy postures about institutional funding one or the other takes, FWIW. do you think the VW is any different than the hackingteam affair? its not. HT was allegedly buying and reselling scriptkiddoz 0days available for anyone on the oh-so-sexy "dark-market" to spray holes in the mobile phones of their classmates, until some sharks got their rich and berlusconi-looking friends to VC boost them to-the-moon by putting such ridicolous digital hairballs in quarantine before selling them for thousands of euros to the booming security industry - which is by the vast majority populated by clueless and militarized people in uniforms collecting certifications and verifications to hide their idiocy behind a soon-to-be-academic title in every cyber-crime 5star catered conference they go, because sure! these kids are s dangerous! this is a sketch of how the industry works today. the automotive is not different and as I said in my previous email on HT the problem is not hackingteam per se, as much as now the problem is not VW per se. wake up to these news: there is an actual dark market for software like the one VW used to counterfeit their autos http://www.independent.co.uk/news/business/news/volkswagen-wasnt-the-only-company-rigging-emission-levels-says-expert-a6668611.html > Relying on open-source metaphor-mantras ('Would you buy a car with the > hood welded shut?') to analyze peculiar dynamics of the car industry this is NOT a peculiar dynamic of the car industry. This is how the current necrotizing capitalist regime of patents works in every sector of industrial production, thriving wherever no open source business model is embraced, let alone the free software ethic. There are different degrees of responsibility for software, sure, and there could be various degrees of attention on different parts of software, as Florian mentions, sure, but then with open access at least we'd have infinite possibilities for researchers to choose their independent code analysis MA project, etc. etc. instead of isolated scandals popping up here and there. We need to switch to such a condition as tech is becoming more pervasive and entrenched with life-critical functions, there is no way out of this and I hope we can thrive in the open system picture that John gives us with a numerous enough population, rather than after a total desaster. anyway ok, today the trend is to blame german car manufacturers, to me sounds just like that "blaming german people for the greek crisis" fart a month ago. ciao -- Denis Roio aka Jaromil http://Dyne.org think &do tank CTO and co-founder free/open source developer 加密 6113 D89C A825 C5CE DD02 C872 73B3 5DA5 4ACB 7D10 # distributed via : no commercial use without permission #is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: http://mx.kein.org/mailman/listinfo/nettime-l # archive: http://www.nettime.org contact: nett...@kein.org