What Happens Next Will Amaze You

2015-10-02 Thread agent humble 
(Talk by Maciej Ceg??owski on September 14, 2015, at the FREMTIDENS
INTERNET conference in Copenhagen, Denmark.)


Good morning!

Today's talk is being filmed, recorded and transcribed, and everything I
say today will leave an indelible trace online. In other words, it's
just a normal day on the Internet.

For people like me, who go around giving talks about the dystopian
future, it's been an incredible year. Let me review the highlights so far:


We learned that AT&T has been cooperating with the NSA for over ten
years, voluntarily sharing data far beyond anything that the law
required them to give.

The infamous dating site for married people Ashley Madison was hacked,
revealing personal information and and easily-cracked passwords for
millions of users. Some of these users are already the subject of active
extortion.

Australia passed an incoherent and sweeping data retention law, while
the UK is racing to pass a law of its own.

The horrible Hacking Team got hacked, giving us a window into a sordid
market for vulnerabilities and surveillance technology.

The 2014 Sony Pictures hack exposed highly sensitive (and amusing)
emails and employee data.

And finally, highly sensitive and intrusive security questionnaires for
at least 18 million Federal job applicants were stolen from the US
Office of Personnel Management.


Given this list, let me ask a trick question. What was the most damaging
data breach in the last 12 months?

The trick answer is: it's likely something we don't even know about.

When the Snowden revelations first came to light, it felt like we might
be heading towards an Orwellian dystopia. Now we know that the situation
is much worse.

If you go back and read Orwell, you'll notice that Oceania was actually
quite good at data security. Our own Thought Police is a clown car
operation with no checks or oversight, no ability to keep the most
sensitive information safe, and no one behind the steering wheel.


The proximate reasons for the culture of total surveillance are clear.

Storage is cheap enough that we can keep everything.

Computers are fast enough to examine this information, both in real time
and retrospectively.

Our daily activities are mediated with software that can easily be
configured to record and report everything it sees upstream.

But to fix surveillance, we have to address the underlying reasons that
it exists. These are no mystery either.

State surveillance is driven by fear.


And corporate surveillance is driven by money.


The two kinds of surveillance are as intimately connected as tango
partners. They move in lockstep, eyes rapt, searching each other's
souls. The information they collect is complementary. By defending its
own worst practices, each side enables the other.

Today I want to talk about the corporate side of this partnership.

In his excellent book on surveillance, Bruce Schneier has pointed out we
would never agree to carry tracking devices and report all our most
intimate conversations if the government made us do it.

But under such a scheme, we would enjoy more legal protections than we
have now. By letting ourselves be tracked voluntarily, we forfeit all
protection against how that information is used.

Those who control the data gain enormous power over those who don't. The
power is not overt, but implicit in the algorithms they write, the
queries they run, and the kind of world they feel entitled to build.

In this world, privacy becomes a luxury good. Mark Zuckerberg buys the
four houses around his house in Palo Alto, to keep hidden what the rest
of us must share with him. It used to be celebrities and rich people who
were the ones denied a private life, now it's the other way around.

Let's talk about how to fix it.


There's a wonderful quote from a fellow named Martin McNulty, CEO of an
ad company called Forward 3D:

???I never thought the politics of privacy would come close to my
day-to-day work of advertising. I think there???s a concern that this
could get whipped up into a paranoia that could harm the advertising
industry,???

I am certainly here to whip up paranoia that I hope will harm the
advertising industry.

But his point is a good one. There's nothing about advertising that is
inherently privacy-destroying. It used to be a fairly innocuous business
model.

The phenomenon whereby ads are tied to the complete invasion of privacy
is a recent one.


In the beginning, there was advertising. It was a simple trinity of
publisher, viewer, and advertiser.

Publishers wrote what they wanted and left empty white rectangles for
ads to fill. Advertisers bought the right to put things in those
rectangles. Viewers occasionally looked at the rectangles by accident
and bought the products and services they saw pictured there. Life was
simple.

There were ad agencies to help match publishers with advertisers, figure
out what should go in the rectangles, and attempt to measure how well
the

Re: VW

2015-10-02 Thread t byfield 
Jaromil, I agree with much of what you say, so I'll try to find a 
focused place where a response might actually get somewhere.


On 2 Oct 2015, at 10:31, Jaromil wrote:

Relying on open-source metaphor-mantras ('Would you buy a car with 
the

hood welded shut?') to analyze peculiar dynamics of the car industry


this is NOT a peculiar dynamic of the car industry. This is how the 
current
necrotizing capitalist regime of patents works in every sector of 
industrial
production, thriving wherever no open source business model is 
embraced, let
alone the free software ethic. There are different degrees of 
responsibility

 <...>

This 'curatorial' approach to quoting turned what I said into its 
opposite, the better to rail against. Here's what I actually wrote:


Jaromil, I think it's a bit premature to counter claims that this is 
'just about Volkswagen,' because no one said anything like that. 
Obviously there are many ways in which this is symptomatic of broader 
structures. But Lehman Brothers and Fukushima were symptomatic as 
well, and would you really argue that 'there was nothing to be learned 
there' either? *And* hold hold up Android's OEMs cheating on 
benchmarks as a more illuminating example? I don't think so. Relying 
on open-source metaphor-mantras ('Would you buy a car with the hood 
welded shut?') to analyze peculiar dynamics of the car industry is 
like relying on Godwin's Law to understand neo-nazis. :^)


My point isn't that VW -- or Fukushima or Lehman Brothers (or 
Hackingteam or Greece) -- is sui generis, and that we should flit from 
one spectacle to another without connecting the dots. On the contrary, 
they're all *symptomatic* of structural problems; and they're also (not 
'but...instead of') edge cases that we, and various publics, can learn 
from. Unless you're hoping for some apocalyptic total transformation 
from the 'necrotizing capitalist regime of patents works in every sector 
of industrial production' to a garden of open-source delights, progress 
will be happenstance and incremental. As you yourself point out:


wake up to these news: there is an actual dark market for software 
like the one VW used to counterfeit their autos 
http://www.independent.co.uk/news/business/news/volkswagen-wasnt-the-only-company-rigging-emission-levels-says-expert-a6668611.html


If the VW fiasco (which, like 'Greece,' is far from over) ends up 
shedding more light on the complicity at the heart of environmental 
regulatory regimes, so much the better. But my first mail on the subject 
was aimed at pointing out the *many* ways in which the fiasco might 
unfold. If you think that waving aside the knock-on effects in every 
context except for IP fights is the best strategy, then do that. I don't 
think it is. And while I can't speak for Florian, I think he was 
pointing out different ways in which VW and the issues *as reported* 
(not as they 'are' according to a reductive and universalizing 
ideological conflict) are embedded in larger social and political orders 
-- which move at different speeds. VW's place in the particular postwar 
order of Saxony unfolds according to one logic, and the ways in which 
trade secrecy obfuscate systemic problems unfold according to another. 
Their coincidence -- when a break in the smooth functioning of trade 
secrecy invites us to think about political orders at different scales 
-- is akin to what Mako called 'revealing errors.' Thinking about them 
isn't opposed to what you're advocating.


 <...>

for software, sure, and there could be various degrees of attention on
different parts of software, as Florian mentions, sure, but then with 
open
access at least we'd have infinite possibilities for researchers to 
choose
their independent code analysis MA project, etc. etc. instead of 
isolated
scandals popping up here and there. We need to switch to such a 
condition as
tech is becoming more pervasive and entrenched with life-critical 
functions,
there is no way out of this and I hope we can thrive in the open 
system picture
that John gives us with a numerous enough population, rather than 
after a total

desaster.


Again, I agree with much of what you say, but it's also pretty much the 
same message that we hear when crypto advocates tell us to 'trust the 
math' and hobble along on antiquated proposals that everyone should 
review the source code themselves. I don't 'trust the math' because the 
math has to be implemented in concrete contexts -- and there are 
countless ways in which those implementations can introduce subtle 
biases and weaknesses. The power to do that, to analyze it, and to the 
review the source code, may be here but it's unevenly distributed. 
People with a disproportionate share of those power can wear whatever 
color hat they want -- black, white, gray, transparent, whatever. But as 
the Hackingteam fiasco you mention shows, the shared 'interests' of the 
people wearing those hats draws many of them together; and their more or 
less a

Re: VW

2015-10-02 Thread Jaromil 
dear Ted,

On Sun, 27 Sep 2015, t byfield wrote:

> On 27 Sep 2015, at 5:02, Jaromil wrote:
> 
> >to debate this thing as if it would be just about Volkswagen is so
> >naive! srsly. There is nothing to be learned there.
> 
> Jaromil, I think it's a bit premature to counter claims that this is
> 'just about Volkswagen,' because no one said anything like that.
> Obviously there are many ways in which this is symptomatic of broader
> structures. But Lehman Brothers and Fukushima were symptomatic as
> well, and would you really argue that 'there was nothing to be learned
> there' either? *And* hold hold up Android's OEMs cheating on
> benchmarks as a more illuminating example? I don't think so.

I believe that in 2015 and on top of all the literature we have been imbued
there is no point for us to engage blaming VW as the evil manufacturer, or take
political correctsy postures about institutional funding one or the other
takes, FWIW.

do you think the VW is any different than the hackingteam affair? its not.

HT was allegedly buying and reselling scriptkiddoz 0days available for anyone
on the oh-so-sexy "dark-market" to spray holes in the mobile phones of their
classmates, until some sharks got their rich and berlusconi-looking friends to
VC boost them to-the-moon by putting such ridicolous digital hairballs in
quarantine before selling them for thousands of euros to the booming security
industry - which is by the vast majority populated by clueless and militarized
people in uniforms collecting certifications and verifications to hide their
idiocy behind a soon-to-be-academic title in every cyber-crime 5star catered
conference they go, because sure! these kids are s dangerous!

this is a sketch of how the industry works today. the automotive is not
different and as I said in my previous email on HT the problem is not
hackingteam per se, as much as now the problem is not VW per se.

wake up to these news: there is an actual dark market for software like the one
VW used to counterfeit their autos
http://www.independent.co.uk/news/business/news/volkswagen-wasnt-the-only-company-rigging-emission-levels-says-expert-a6668611.html

> Relying on open-source metaphor-mantras ('Would you buy a car with the
> hood welded shut?') to analyze peculiar dynamics of the car industry

this is NOT a peculiar dynamic of the car industry. This is how the current
necrotizing capitalist regime of patents works in every sector of industrial
production, thriving wherever no open source business model is embraced, let
alone the free software ethic. There are different degrees of responsibility
for software, sure, and there could be various degrees of attention on
different parts of software, as Florian mentions, sure, but then with open
access at least we'd have infinite possibilities for researchers to choose
their independent code analysis MA project, etc. etc. instead of isolated
scandals popping up here and there. We need to switch to such a condition as
tech is becoming more pervasive and entrenched with life-critical functions,
there is no way out of this and I hope we can thrive in the open system picture
that John gives us with a numerous enough population, rather than after a total
desaster.

anyway ok, today the trend is to blame german car manufacturers, to me sounds
just like that "blaming german people for the greek crisis" fart a month ago.


ciao

-- 
Denis Roio aka Jaromil   http://Dyne.org think &do tank
  CTO and co-founder  free/open source developer
加密  6113 D89C A825 C5CE DD02 C872 73B3 5DA5 4ACB 7D10



#  distributed via : no commercial use without permission
#is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nett...@kein.org