Re: [Wikimedia-l] Wikimedia and the politics of encryption
I don’t see precisely how mandatory HTTPS could help spread the knowledge; accordingly if users feel themselves spied and it prevent them to contribute, yes, HTTPS helps; but if others feel cluttered by HTTPS (time load, unfriendly firewalls, various problems), it could also lower the number of editors. On another side HTTPS is quite useless if users click-through any warning (You are spied.: Ok/close me that ad → privacy education); anyway encryption and code breaking is always a cat-and-mouse play, and we sould have to carefully monitor state of the art if we really want to protect the users; but imho it’s not our vision. For HTTPS, I would like to see the users opt-in to the security they want: e.g. if they write about intelligence, they probably know the dangers about being spied and want minimize it as part of other means; if they write about butterflies, perhaps they don’t matter about being spied. For specific-rights editors security could be enforced, but possibly with other means than encryption; e.g. if an oversight has to hide an article, it is primarly needed to be sure the user has oversight rights (authorisation), and it is not really useful to hide what article it is (it was public). Accordingly for checkusers, we want the IPs stay private (encrypted during the transport). This point is: HTTPS is not the solution to all problems. For HTTPS I see some security levels chosed by the users: no HTTPS at all (Chinese users), equal HTTP/HTTPS (butterflies editor), prefered HTTPS (privacy-conscious editor, but travelling to China regularly), always HTTPS or nothing (intelligence editor). And this could be also implemented for readers during their session. This option is politically neutral, it just let the user choose. Sébastien Le Tue, 03 Sep 2013 21:38:36 +0200, Terry Chay tc...@wikimedia.org a écrit: This part of the discussion has strayed a bit far from the politics of encryption. ;-) Not that it doesn't have value, but if I can bring it back on-topic for a moment… The gist of the HTTPS issues is that it's simply not an engineering discussion, it's a political one. The abuses recently revealed in the United States is either orthogonal to the issue of the politics of encryption (in that HTTPS encryption in China, Iran, and the future is in discussion), or is the direct salient (in that it is a prime motivator for accelerating HTTPS rollout which has triggered this issue). I, for one, would like to see the discussion of what to do. I'm of the believe that there is no simple engineering decision without introducing practical, political, legal, and moral complications. I suspect that even the more clever or complex ones also introduce these issues. It's important to outline what our choices are and the consequences of those choices, and derive consensus on what the right choice is going forward, as it is clear what we have now[1] is a temporary band-aid.[2] I'm less sanguine about Erik's suggestion that creating a deadline to HTTP-canonical will actually get us to an adequate resolution. The reason is simply—whatever I think of Google personally—I feel Google has a highly-capable, highly-motivated, engineering-driven staff, and they were unable to come up with a workable solution. Unlike Google, we have a clear sense about what motivates us[3], so we need to figure out how best to get there/interpret it. [1]: http://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/ [2]: Maybe start an RfC or other wiki page on Meta with a summary of the discussion so far? [3]: http://wikimediafoundation.org/wiki/Vision Take care, terry On Sep 3, 2013, at 11:50 AM, Kirill Lokshin kirill.loks...@gmail.com wrote: The thing is, it's kind of a crapshoot anyways. You might see something that you think might be classified and report it; but, unless you actually have the corresponding clearance yourself, you have no way of knowing for certain whether the material is in fact classified in the first place. Conversely, anyone who does have that information is unlikely to confirm it one way or the other, for obvious reasons. To make things even more convoluted, reporting certain kinds of material to the WMF could itself potentially be considered illegal in some circumstances, since not everyone at the WMF is considered a US person for ITAR purposes. Kirill On Sep 3, 2013, at 2:34 PM, Fred Bauder fredb...@fairpoint.net wrote: To be fair, none of the people receiving requests through legal@ or emergency@ have security clearances either. Kirill True, but there are not so many of them. I'm not sure if a request about a major matter has ever been made through any channel. In a way, that is kind of a dumb move. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Theo: They even have a Key recovery service and it's been going on for a long while apparently, to the point that the NSA has been steering the release of encryption standards and tools. I suppose that should make the politics of encryption a bit less relevant? No; with Perfect Forward Security it is still entirely relevant, and PFS has been discussed in the game plan for WMF (I don't recall the status of the long term security roadmap, but it's been widely discussed on technical lists here). It's also entirely relevant with or without PFS for any less-than-NSA-capable agency or third party attempting to watch WMF project users. UK and China may be somewhere up there in capability, for example, but most countries won't be. https://en.wikipedia.org/wiki/Perfect_forward_secrecy On Thu, Sep 5, 2013 at 4:55 PM, Theo10011 de10...@gmail.com wrote: So, does this have any bearing on the discussion? - http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html Or are we just partial to the US surveillance over PRC. The article does mention SSL, VPNs and 4G security. They even have a Key recovery service and it's been going on for a long while apparently, to the point that the NSA has been steering the release of encryption standards and tools. I suppose that should make the politics of encryption a bit less relevant? -Theo On Wed, Sep 4, 2013 at 10:09 PM, Erik Moeller e...@wikimedia.org wrote: On Wed, Sep 4, 2013 at 7:46 AM, Brion Vibber bvib...@wikimedia.org wrote: I would love to see Wikipedia content made available in China on Chinese infrastructure operated by a Chinese organization, with total ability to determine their own security and censorship policies. But that's what Baidu did and we hate them! you say? We could work *with* such an organization to coordinate, share content, etc, without compromising basic web security for our sites or giving up our liberal content policies on Wikipedia proper. I don't buy the argument. Last time I checked, Hudong (now just Baike) and Baidu Baike were the main wiki-like encyclopedias operating out of and serving mainland China. Both use non-free licensing terms, and both are subject to local censorship policies and practices. That may include turning over contributors if they post content that's deemed to be problematic by local authorities. At least on the surface, the projects are successful, with millions of articles and lots of traffic. I have no idea what the quality of the content is, but looking at an article like DNA, I'm guessing it provides useful value to its readers: http://www.baike.com/wiki/DNAprd=button_doc_jinru Where they are failing to do so, they can improve, if necessary by copying Wikipedia content. But the one thing that they _cannot_ provide, and that a neutral encyclopedia _must_ provide, is precisely information of the kind that the Chinese government would censor. Neutral information about people, politics and history, irrespective of whether that information afflicts a comfortable bureaucrat somewhere. I would posit a different argument. The problem of providing basic information about any subject _is_ being solved for by local information providers. China isn't some backwater waiting for us to educate them about physics and disease control. The problem of providing a neutral, uncensored encyclopedia in the Chinese language, on the other hand, isn't being solved for by anyone but us. The answer is not to water down our security or partner with local information providers that allow censorship and are willing to turn over user data. It's to find ways to get that information to people, including the bits they'd rather have people not see. Erik ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe -- -george william herbert george.herb...@gmail.com ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On Tue, Sep 3, 2013 at 12:23 AM, Fred Bauder fredb...@fairpoint.net wrote: Their orders would be classified; disclosure of them would be a crime. Not a problem for us, but a big problem for staff on the ground in China. Indeed, I believe it may even be outright life threatening to have strong connection to WMF China operation. And as a sidenote it's the same in the US and the world in general (and I do not know about the US but isn't it so that WMF can be forced not to tell about data extraction). And let's face it: https is like a 5 mm diameter wire lock against a skilled bike thief. It is there but will not stop skilled adversaries. But, obviously, that'd be also classified, so I haven't mentioned it. Google it around. g ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Hoi, Fred, what is different in your scenario from what happens in the USA ? Thanks, GerardM On 3 September 2013 00:23, Fred Bauder fredb...@fairpoint.net wrote: On 31/08/13 15:17, Erik Moeller wrote: It could be argued that it’s time to draw a line in the sand - if you’re prohibiting the use of encryption, you’re effectively not part of the web. You’re subverting basic web technologies. China is not prohibiting encryption. They're prohibiting specific instances of encryption which facilitate circumvention of censorship. So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. OK, well there's one fairly obvious solution which hasn't been proposed or discussed. It would allow the end-to-end encryption and would allow us to stay as popular in China as we are now. We could open a data centre in China, send frontend requests from clients in China to that data centre, and comply with local censorship and surveillance as required to continue such operation. It would be kind of like the cooperation we give to the US government at the moment, except specific to readers in China instead of imposed on everyone in the world. It would allow WMF to monitor censorship and surveillance by being in the request loop. It would give WMF greater influence over local policy, because our staff would be in direct contact with their staff. We would be able to deliver clear error messages in place of censored content, instead of a connection reset. -- Tim Starling Their orders would be classified; disclosure of them would be a crime. Not a problem for us, but a big problem for staff on the ground in China. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On Mon, Sep 2, 2013 at 10:58 PM, Peter Gervai grin...@gmail.com wrote: illegally collect personal data about them and *monetize it *or use to pressure or threaten selected individuals, companies or agencies. Monetize it? I am in no way going to defend my government on most of this given that I think they are doing much of it unconstitutionally and much of the rest immorally (though I will say that we would/do fight our ass off against inappropriate demands and that the demands that would be placed on us in Europe are actually worse so I really wouldn't agree with this supposition that the US is significantly worse then the rest of the world... though I'd agree that we're less 'better' then we like to claim) but how do you think they will *monetize* it? ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Any censor from the United States or European governments that works directly with us (I have no personal knowledge of this, I just know it has to be) is concerned with classified information, not someone's opinions or factual information about historical events or political personalities. Detailed information about construction of advanced nuclear weapons or the details of military or intelligence operations cannot be on Wikipedia just as child pornography cannot be; on the other hand, a distorted, or devastatingly accurate picture, of the Iraq War, or Obama, can be. So, while the details of material removed for legitimate security reasons cannot be published; in China the identity and any personal information we have gathered such as the ip address of an editor and the content of their edits to the Tiananmen Square protests of 1989 article would be of interest to the security apparatus and classified. Any local employee or volunteer of ours who shared that information with others even within our organization could be prosecuted. It is quite impossible to work with the Chinese government in the manner suggested and maintain a scintilla of integrity. A request by them to remove details about their advanced nuclear weapons or specific details of their military deployments would, of course, be legitimate. The Chinese government has legitimate reason to avoid extensive public attention to past errors and disasters; one has only to look at the history of the Soviet Union to observe the effect of focusing on past outrages on public morale, but that is their burden to bear not ours to share. Fred Hoi, Fred, what is different in your scenario from what happens in the USA ? Thanks, GerardM On 3 September 2013 00:23, Fred Bauder fredb...@fairpoint.net wrote: On 31/08/13 15:17, Erik Moeller wrote: It could be argued that itââ¬â¢s time to draw a line in the sand - if youââ¬â¢re prohibiting the use of encryption, youââ¬â¢re effectively not part of the web. Youââ¬â¢re subverting basic web technologies. China is not prohibiting encryption. They're prohibiting specific instances of encryption which facilitate circumvention of censorship. So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. OK, well there's one fairly obvious solution which hasn't been proposed or discussed. It would allow the end-to-end encryption and would allow us to stay as popular in China as we are now. We could open a data centre in China, send frontend requests from clients in China to that data centre, and comply with local censorship and surveillance as required to continue such operation. It would be kind of like the cooperation we give to the US government at the moment, except specific to readers in China instead of imposed on everyone in the world. It would allow WMF to monitor censorship and surveillance by being in the request loop. It would give WMF greater influence over local policy, because our staff would be in direct contact with their staff. We would be able to deliver clear error messages in place of censored content, instead of a connection reset. -- Tim Starling Their orders would be classified; disclosure of them would be a crime. Not a problem for us, but a big problem for staff on the ground in China. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Fred, Sorry, there is no us. As far as the United States is concerned they allowed themselves to spy on any person who is not one of US to be speid on. Given that our movement is a global movement, the fact that it is based in the US is incidental. Thanks, GerardM On 3 September 2013 14:36, Fred Bauder fredb...@fairpoint.net wrote: Any censor from the United States or European governments that works directly with us (I have no personal knowledge of this, I just know it has to be) is concerned with classified information, not someone's opinions or factual information about historical events or political personalities. Detailed information about construction of advanced nuclear weapons or the details of military or intelligence operations cannot be on Wikipedia just as child pornography cannot be; on the other hand, a distorted, or devastatingly accurate picture, of the Iraq War, or Obama, can be. So, while the details of material removed for legitimate security reasons cannot be published; in China the identity and any personal information we have gathered such as the ip address of an editor and the content of their edits to the Tiananmen Square protests of 1989 article would be of interest to the security apparatus and classified. Any local employee or volunteer of ours who shared that information with others even within our organization could be prosecuted. It is quite impossible to work with the Chinese government in the manner suggested and maintain a scintilla of integrity. A request by them to remove details about their advanced nuclear weapons or specific details of their military deployments would, of course, be legitimate. The Chinese government has legitimate reason to avoid extensive public attention to past errors and disasters; one has only to look at the history of the Soviet Union to observe the effect of focusing on past outrages on public morale, but that is their burden to bear not ours to share. Fred Hoi, Fred, what is different in your scenario from what happens in the USA ? Thanks, GerardM On 3 September 2013 00:23, Fred Bauder fredb...@fairpoint.net wrote: On 31/08/13 15:17, Erik Moeller wrote: It could be argued that it’s time to draw a line in the sand - if you’re prohibiting the use of encryption, you’re effectively not part of the web. You’re subverting basic web technologies. China is not prohibiting encryption. They're prohibiting specific instances of encryption which facilitate circumvention of censorship. So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. OK, well there's one fairly obvious solution which hasn't been proposed or discussed. It would allow the end-to-end encryption and would allow us to stay as popular in China as we are now. We could open a data centre in China, send frontend requests from clients in China to that data centre, and comply with local censorship and surveillance as required to continue such operation. It would be kind of like the cooperation we give to the US government at the moment, except specific to readers in China instead of imposed on everyone in the world. It would allow WMF to monitor censorship and surveillance by being in the request loop. It would give WMF greater influence over local policy, because our staff would be in direct contact with their staff. We would be able to deliver clear error messages in place of censored content, instead of a connection reset. -- Tim Starling Their orders would be classified; disclosure of them would be a crime. Not a problem for us, but a big problem for staff on the ground in China. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
And from that assertion what practical action or policy should follow? Fred Fred, Sorry, there is no us. As far as the United States is concerned they allowed themselves to spy on any person who is not one of US to be speid on. Given that our movement is a global movement, the fact that it is based in the US is incidental. Thanks, GerardM On 3 September 2013 14:36, Fred Bauder fredb...@fairpoint.net wrote: Any censor from the United States or European governments that works directly with us (I have no personal knowledge of this, I just know it has to be) is concerned with classified information, not someone's opinions or factual information about historical events or political personalities. Detailed information about construction of advanced nuclear weapons or the details of military or intelligence operations cannot be on Wikipedia just as child pornography cannot be; on the other hand, a distorted, or devastatingly accurate picture, of the Iraq War, or Obama, can be. So, while the details of material removed for legitimate security reasons cannot be published; in China the identity and any personal information we have gathered such as the ip address of an editor and the content of their edits to the Tiananmen Square protests of 1989 article would be of interest to the security apparatus and classified. Any local employee or volunteer of ours who shared that information with others even within our organization could be prosecuted. It is quite impossible to work with the Chinese government in the manner suggested and maintain a scintilla of integrity. A request by them to remove details about their advanced nuclear weapons or specific details of their military deployments would, of course, be legitimate. The Chinese government has legitimate reason to avoid extensive public attention to past errors and disasters; one has only to look at the history of the Soviet Union to observe the effect of focusing on past outrages on public morale, but that is their burden to bear not ours to share. Fred Hoi, Fred, what is different in your scenario from what happens in the USA ? Thanks, GerardM On 3 September 2013 00:23, Fred Bauder fredb...@fairpoint.net wrote: On 31/08/13 15:17, Erik Moeller wrote: It could be argued that itâââ‰â¢s time to draw a line in the sand - if youâââ‰â¢re prohibiting the use of encryption, youâââ‰â¢re effectively not part of the web. Youâââ‰â¢re subverting basic web technologies. China is not prohibiting encryption. They're prohibiting specific instances of encryption which facilitate circumvention of censorship. So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. OK, well there's one fairly obvious solution which hasn't been proposed or discussed. It would allow the end-to-end encryption and would allow us to stay as popular in China as we are now. We could open a data centre in China, send frontend requests from clients in China to that data centre, and comply with local censorship and surveillance as required to continue such operation. It would be kind of like the cooperation we give to the US government at the moment, except specific to readers in China instead of imposed on everyone in the world. It would allow WMF to monitor censorship and surveillance by being in the request loop. It would give WMF greater influence over local policy, because our staff would be in direct contact with their staff. We would be able to deliver clear error messages in place of censored content, instead of a connection reset. -- Tim Starling Their orders would be classified; disclosure of them would be a crime. Not a problem for us, but a big problem for staff on the ground in China. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On 09/03/2013 08:36 AM, Fred Bauder wrote: Any censor from the United States or European governments that works directly with us (I have no personal knowledge of this, I just know it has to be) is concerned with classified information, not someone's opinions or factual information about historical events or political personalities. You have an optimism and faith in your government(s) that is, sadly, not justified by history (past and recent). The blanket classified (or, more recently national security) has and is being used to cover up embarrassing more often than not. -- Marc ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On 09/02/2013 06:17 PM, Tim Starling wrote: OK, well there's one fairly obvious solution which hasn't been proposed or discussed. [collaborating with the PRC] That's because, ideologically, it would be abhorrent to a very large segment (possibly even the majority) of editors, staff and readers. And because it would set a /horrible/ precedent that other governments who currently feel obligated to tolerate unfettered access to our projects would be quick to demand. The idea of playing along with censors doesn't just not fly, it's a non-starter. -- Marc ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On 09/03/2013 09:45 AM, Fred Bauder wrote: Abusive nonsense does not make that fact go away. Someone, actually, many someones, need to be trusted. Доверяй, но проверяй. I agree with your assessment of the risks of working with the PRC, I simply think that if you think that those risks do not exist in our Western countries, you are ignoring history. The only thing that protects us is transparency and visibility, and maintaining those requires constant vigilance, not blind trust. -- Marc P.S.: I mean, the two things that protect us are transparency, visibility and vigilance. Wait. AMONGST the things that protect us are... ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On 09/03/2013 12:33 PM, Delirium wrote: I certainly agree with learning from history, but when it comes to censoring encyclopedias or similar reference works, are there good examples that might more concretely narrow down the specific type of thing we ought to be learning from history? Not that I know of, but that's because the model of what an encyclopedia /is/ has changed a great deal -- they used to be centralized distribution of knowledge and subject to an unknown number of pressure points (including, most dangerously, self-censorship). Wikipedia, and the Net in general, have changed the landscape substantially and -- accordingly -- the attack vectors. I don't think we have much left to fear from attempts to repress individual bits of data so much as attempts to change the landscape back to top-down control (through legislation, disinformation, and so on). Certainly, the Défence Nationale's attempt to rubber hose information out of the French Wikipedia is a recent and very visible failed attempt. I've no doubt that for every very visible and embarrassing failure like that one, there are a dozen that fly under the radar. Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) I don't disagree that it would be very difficult, perhaps even nearly impossible, to completely censor information in this day and age and under our current political climate -- but that is exactly *because* we reflexively fight authority figures attempting to control information not because there is no longer a desire or attempts to do so have gotten less frequent. Gilmore was already noting in in 1993 while the 'net was still the province of the elite geekdom; there is no reason to believe this has gotten better since (and lots of reasons why it could have gotten worse). -- Marc ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
I guess emergencies should not go to legal as there may be a considerable delay. Fred Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) -- Marc I once suppressed information about a troop movement underway in Iraq after a request. Troop movements are explicitly mentioned in the Espionage Act. Such requests, and other requests regarding obviously illegal material, should go to legal at wikimedia.org or emergency at wikimedia.org at the Foundation rather than to User:Oversight, by the way. There is a whole bunch of people on the oversight committee none of whom are known to have security clearances. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) -- Marc I once suppressed information about a troop movement underway in Iraq after a request. Troop movements are explicitly mentioned in the Espionage Act. Such requests, and other requests regarding obviously illegal material, should go to legal at wikimedia.org or emergency at wikimedia.org at the Foundation rather than to User:Oversight, by the way. There is a whole bunch of people on the oversight committee none of whom are known to have security clearances. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On 9/3/13 4:28 PM, Marc A. Pelletier wrote: On 09/03/2013 09:45 AM, Fred Bauder wrote: Abusive nonsense does not make that fact go away. Someone, actually, many someones, need to be trusted. Доверяй, но проверяй. I agree with your assessment of the risks of working with the PRC, I simply think that if you think that those risks do not exist in our Western countries, you are ignoring history. I certainly agree with learning from history, but when it comes to censoring encyclopedias or similar reference works, are there good examples that might more concretely narrow down the specific type of thing we ought to be learning from history? The best example of which I'm aware is the 1979 attempt by the U.S. Department of Energy to stop the publication of a reconstruction of the Teller-Ulam hydrogen bomb design. But that attempt ended up being unsuccessful, and encyclopedias (including Wikipedia) include that information. Are there more successful attempts? -Mark ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Hi Fred, Emergencies should go to emerge...@wikimedia.org. Any other concerns should be directed to le...@wikimedia.org. Please note that emergency@ should only be used for actual emergencies (i.e. immediate threats to life, limb, or property). Thanks! -Michelle On Tue, Sep 3, 2013 at 10:48 AM, Fred Bauder fredb...@fairpoint.net wrote: I guess emergencies should not go to legal as there may be a considerable delay. Fred Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) -- Marc I once suppressed information about a troop movement underway in Iraq after a request. Troop movements are explicitly mentioned in the Espionage Act. Such requests, and other requests regarding obviously illegal material, should go to legal at wikimedia.org or emergency at wikimedia.org at the Foundation rather than to User:Oversight, by the way. There is a whole bunch of people on the oversight committee none of whom are known to have security clearances. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe -- Michelle Paulson Legal Counsel Wikimedia Foundation 149 New Montgomery Street, 6th Floor San Francisco, CA 94105 mpaul...@wikimedia.org 415.839.6885 ext. 6608 (Office) 415.882.0495 (Fax) NOTICE: *This message might have confidential or legally privileged information in it. If you have received this message by accident, please delete it and let us know about the mistake. For legal reasons, I may only serve as an attorney for the Wikimedia Foundation. This means I may not give legal advice to or serve as a lawyer for community members, volunteers, or staff members in their personal capacity.* ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
To be fair, none of the people receiving requests through legal@ or emergency@ have security clearances either. Kirill On Sep 3, 2013, at 1:44 PM, Fred Bauder fredb...@fairpoint.net wrote: Are there more successful attempts? It would be difficult to enumerate successful attempts since, by definition, they would have been successful at not being known. :-) -- Marc I once suppressed information about a troop movement underway in Iraq after a request. Troop movements are explicitly mentioned in the Espionage Act. Such requests, and other requests regarding obviously illegal material, should go to legal at wikimedia.org or emergency at wikimedia.org at the Foundation rather than to User:Oversight, by the way. There is a whole bunch of people on the oversight committee none of whom are known to have security clearances. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
The thing is, it's kind of a crapshoot anyways. You might see something that you think might be classified and report it; but, unless you actually have the corresponding clearance yourself, you have no way of knowing for certain whether the material is in fact classified in the first place. Conversely, anyone who does have that information is unlikely to confirm it one way or the other, for obvious reasons. To make things even more convoluted, reporting certain kinds of material to the WMF could itself potentially be considered illegal in some circumstances, since not everyone at the WMF is considered a US person for ITAR purposes. Kirill On Sep 3, 2013, at 2:34 PM, Fred Bauder fredb...@fairpoint.net wrote: To be fair, none of the people receiving requests through legal@ or emergency@ have security clearances either. Kirill True, but there are not so many of them. I'm not sure if a request about a major matter has ever been made through any channel. In a way, that is kind of a dumb move. Fred ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Erik Moeller wrote: So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. I think we’re doing the right thing by initially implementing these exemptions -- but I do think this decision needs to finally rest with the Board of the Wikimedia Foundation, based on community input, taking the tradeoffs into account. Thanks for writing out these thoughts. A broad request for comments and input seems reasonable, though there seems to be quite a bit of work needed to get ready to begin such a discussion. My own stance, which I will continue to argue for (and which is my view as an individual -- there are many divergent opinions on this even inside WMF), is clear: I think we should set a deadline for the current approach, and shift to HTTPS for all traffic, for all sites, for all users, by default, after that deadline passes. This will force us to take the consequences of that shift seriously, and to explore alternatives to designing our technical policies around the practices of regimes that undermine web security in order to better censor and monitor their citizens. I think it would help the conversation to have more data. Everybody knows that there are over a billion people in China. However, how many people globally can't use HTTPS (for whatever reason)? What is that breakdown by country? How many users have opted out of HTTPS via user preference? There's merit to the idea of ignoring user-hostile countries such as Iran and China and cutting them off: certainly it's a mess of their own making. But it seems to me that this idea is orthogonal to the idea that Wikimedia needs to make a political point, engage in political advocacy, or take a stand. Wikimedia is in the business of spreading free educational content. It seems to me that getting involved in politics leads down a perilous path that could ultimately destroy Wikimedia. Of course, we've already decided to act by specifically exempting certain countries from the new HTTPS requirement. But there might be a strong contingent of users in the community that feels we should stop exempting countries (i.e., treat everybody the same), but also _not_ be involved in attempting to subvert whichever government monitoring we feel is most egregious. While we can pretend as though it's only China and Iran, many countries are spying on their own people at various levels. And it becomes a question of cost versus benefit, much like everything else that Wikimedia decides to work on. There's a very public trail of any edits that you make. What information, exactly, are we trying to prevent governments from getting ahold of? I think a stronger, clearer case for what benefits Wikimedia will see would help justify (or help eliminate) some of the proposed costs. Both the community and the Board need to think about these questions and their answers and ultimately address how to move forward. MZMcBride ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
There are many very sane comments in this thread. I agree with most of them - - Network encryption is important as one aspect; - Local threats and digging dirt are an important realistic threat (far more people are of interest to *THEIR OWN COMMUNITIES* vs nationally, or open to so many types of harm - defamation, humiliation, Lulz); - Moving to https and forcing a serious look at technical implications and needed workarounds is a strong argument; - Asking those affected is a strong argument; - We are a global presence, so our stance, its strength, its rightness, and the signal we send, are crucial. With all respect to local editors, whose position I wish were better, there is more at stake in Chinese and other affected Wikipedias, than China. There are questions of internet/freedom/privacy-related beliefs, policies, and directions -- what one might describe as the battleground for privacy of thought vs. state right to monitor thought. That is what it comes to, whether now, or in 5 or 15 years. I'm reminded of public reaction years back, to Google, when as a condition of entry to China it agreed to filter its results. Part of the logic was better partial information and presence than none. Did it help Google's efforts in China? It was seen by many outside as a betrayal. Google had to leave eventually. Are there lessons we should consider from others who have tried different approaches in these countries? I see no reason to believe that state oversight and interception will be benevolent institutions - and would disregard assurances that they are designed as such. History teaches over and again that fallibility and expansion of power is the more usual rule, and good intentions easily turn to dark uses. To take a simple scenario and how we are affected, if passage of time and public indifference endorses states being usually able to watch what one studies and writes on, how long before immigration, access to medical or welfare services, legal rights, marginalization, 'staged' crimes, targeting, accusations of sedition or anti-state activity, and so on, become informed by (among other things) a standard government lookup by state authorities and law enforcement, of one's Wikipedia (or other online) accesses, and negative interpretations of what those may mean? Self censorship is a grave possibility, and will encroach from the edges. To give specific examples, take a Western visitor to Russia who once 8 years ago edited a Wikipedia article adding a note on homosexuality policy in a school or a legal case in a county. There is no expectation that a state body would not save all data they can and even in US law a URL is probably metadata and has no right of privacy. When immigration routinely obtains visitors' names 72 hours in advance (as some countries expect and others may demand as a norm) won't they at some time turn around and ask as part of that process, what is known of possible visitors, and annotate their immigration records with Edits pro-jewish topics or Seems to support homosexuality? Perhaps editors on contentious topics (drugs, abortion, religion) will have these noted by immigration and less ethical law enforcement bodies seeking visitors to target, if editing or reading patterns become easily accessible. The same goes double for editors attempting to uphold NPOV in countries where this is a risk, and the act of simply toning down articles that contain inappropriately POV tone in locally controversial articles may put one at risk. Twitter and Facebook may show ones daily life, but Wikipedia editing and page reads show what one sees as areas of interest to inform others, and areas to be informed oneself. There are workarounds but we can't simply say people should know or if they are at risk they shouldn't edit. That's not sustainable. While this isn't explicitly known to happen yet in the US or UK, I suggest that it's likely to be a logical step round the corner, worldwide, where state bodies seek to know in advance more about individuals, and individuals screen and self-censor in response. We need that not to become a habit, or NPOV can be kissed goodbye. The profound and poignant comment appeared in one media report a month ago, that people like Merkel do act as strong advocates of privacy precisely because - *unlike* US and UK citizens - they have actually lived under the Stasi. They know what a file on every person, or state access to innermost and private thoughts for the common good truly means for a country. We probably do need to do what we can to afford a safe ecosphere, as our whole endeavor depends on it and we have the position to make that point. It may be difficult, but we probably have a good call for discussing the possible need to support the ball rolling. FT2 On Mon, Sep 2, 2013 at 11:23 PM, Fred Bauder fredb...@fairpoint.net wrote: On 31/08/13 15:17, Erik Moeller wrote: It could be argued that it’s time to draw a line in the sand
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On 09/02/2013 06:17 PM, Tim Starling wrote: It would allow WMF to monitor censorship and surveillance by being in the request loop. There's no guarantee they would accept HTTPS, even if there were still user surveillance inside the data center. It would be kind of like the cooperation we give to the US government at the moment, except specific to readers in China instead of imposed on everyone in the world. This is apples and oranges, in my opinion. Yes, the U.S. monitors Internet traffic in some circumstances. And I assume they occasionally serve subpoenas and such to Wikimedia. But as far as I know, the U.S. government has never blocked the general public from accessing a Wikipedia article, nor have they sent a takedown that was based on ideology/social harmony/etc. We would be able to deliver clear error messages in place of censored content, instead of a connection reset. Not necessarily. Google was delivering such censorship notes for a while (http://www.theguardian.com/technology/2013/jan/04/google-defeat-china-censorship-battle), but eventually conceded to China in a game of chicken. As mentioned by other people, they also tried this approach of tolerating censorship in China for google.cn, but eventually pulled out. google.cn is now just a picture of their home page that links to google.com.hk I understand the goals of your hypothetical solution. However, pragmatic matters aside, I think it's too far down the road of appeasing censorship. Matt Flaschen ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
On Tue, Sep 3, 2013 at 6:38 AM, Matthew Flaschen matthew.flasc...@gatech.edu wrote: But as far as I know, the U.S. government has never blocked the general public from accessing a Wikipedia article, nor have they sent a takedown that was based on ideology/social harmony/etc. Instead they use terrorism (or really anything they come up with) poilerplate to monitor their and foreign citizens, illegally collect personal data about them and monetize it or use to pressure or threaten selected individuals, companies or agencies. They, additionally, use various ceasedesist processes (which is basically the same as blocking but they let you do the work instead of them). And it's just the same way based on ideology and social harminy as of China, apart from that it's for a slightly different agenda. China does censorship to prevent unwanted content, USA does surveillance and pressure to prevent unwanted content. Not much of a difference. g ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
Re: [Wikimedia-l] Wikimedia and the politics of encryption
Le 31/08/2013 07:17, Erik Moeller a écrit : We can, of course, ask users in the affected countries. Given that this may lead to degradation or loss of access, users are likely to be opposed, and indeed, when plans to expand HTTPS usage were announced, a group of Chinese Wikipedians published an open letter asking for exemptions to be implemented: https://zh.wikipedia.org/wiki/Wikipedia:%E5%BC%BA%E5%88%B6%E5%8A%A0%E5%AF%86%E7%99%BB%E5%BD%95/openletter This was a big part of what drove the decision to implement exemptions. This attitude seems to be, on a first look, the most logical and respectful one. But, I want to be remember, that the risk perception is often not proportional *at all* to the risk itself. In daily life, many risks are suppressed because the imagination of a constant threat would paralyse all activities. So, this feedback from the Chinese community should be handled carefully. I tend myself to think that deploying HTTPS everywhere and force its usage is the best long term approach. However, this is without any doubt, a difficult dilemma. Emmanuel -- Kiwix - Wikipedia Offline more * Web: http://www.kiwix.org * Twitter: https://twitter.com/KiwixOffline * more: http://www.kiwix.org/wiki/Communication ___ Wikimedia-l mailing list Wikimedia-l@lists.wikimedia.org Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, mailto:wikimedia-l-requ...@lists.wikimedia.org?subject=unsubscribe
[Wikimedia-l] Wikimedia and the politics of encryption
Hi folks, As many of you know, this week we enabled HTTPS for logged-in users of Wikimedia projects. See: https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/ We have geographically exempted users geo-located to China or Iran from this [1], because these countries mostly block HTTPS traffic and requiring HTTPS for logged-in users would make it impossible for users in these countries to log in. Long term, we’d like to increase HTTPS coverage further, initially by marking the HTTPS versions of our pages as canonical, which would cause search engines to refer to them instead of the unencrypted content. This would make issues with countries that block HTTPS traffic even more complex to deal with. HTTPS for editors is important because it is otherwise trivial to sniff account credentials, especially when users use unencrypted connections such as open wireless networks. This could potentially enable an attacker to gain access to an account with significant privileges, such as checkuser credentials. Beyond that, HTTPS makes it harder for attackers (individuals, organizations, governments) to monitor user behavior of readers and editors. It’s not perfect by any means, but it’s a step towards more privacy and security. There are many sites on the web now that use HTTPS for all transactions. For example, Twitter and Facebook use HTTPS by default. Both sites are also completely blocked in mainland China. [2] Disabling HTTPS-by-default in regions where HTTPS is blocked for political reasons of course also exposes affected users to monitoring and credentials-theft -- which is likely part of the political motivation for blocking it in the first place. Therefore, our current exemption is an explicit choice to _not_ give users a degree of security that we give to everyone else, for the simple reason that their government would otherwise completely limit their access. If they know how to make HTTPS work in their region, these users will still be able to use it by explicitly visiting the HTTPS URLs or use an extension such as HTTPSEverywhere to enforce HTTPS usage. In the long term, the Wikimedia movement is faced with a choice, which is inherently political: Should we indefinitely sustain security exceptions for regions that prevent the use of encryption, or should we shift to an alternative strategy? How do we answer that question? We can, of course, ask users in the affected countries. Given that this may lead to degradation or loss of access, users are likely to be opposed, and indeed, when plans to expand HTTPS usage were announced, a group of Chinese Wikipedians published an open letter asking for exemptions to be implemented: https://zh.wikipedia.org/wiki/Wikipedia:%E5%BC%BA%E5%88%B6%E5%8A%A0%E5%AF%86%E7%99%BB%E5%BD%95/openletter This was a big part of what drove the decision to implement exemptions. The bigger consideration here, however, is whether any such accommodation achieves positive or negative long term effects. The argument against it goes like this: If we accommodate the PRC’s or Iran’s censorship practices, we are complicit in their attempts to monitor and control their citizenry. If a privileged user’s credentials (e.g. Checkuser) are misused by the government through monitoring of unencrypted traffic, for example, this is an action that would not have been possible without our exemption. This could potentially expose even users not in the affected country to risks. Moreover, Wikimedia is not just any website -- it’s a top 5 web property, and the only non-profit organization among the top sites. Our actions can have signalling effects on the rest of the web. By exempting China and Iran from standard security measures, we are treating them as part of the global web community. It could be argued that it’s time to draw a line in the sand - if you’re prohibiting the use of encryption, you’re effectively not part of the web. You’re subverting basic web technologies. Drawing this hard line clearly has negative near term effects on the citizenry of affected countries. But the more the rest of the world comes together in saying What you are doing is wrong. Stop it. - the harder it will be for outlier countries to continue doing it. Another way to pose the question is: Would we be implementing these exemptions if China had blocked HTTPS traffic well after we switched to HTTPS? Moreover, we’re not helpless against censorship. There _are_ effective tools that can be used to circumvent attempts to censor and control the Internet. Perhaps it is time for WMF to ally with the organizations that develop and promote such tools, rather than looking for ways to guarantee basic site operation in hostile environments even at the expense of user privacy. So, what to do? My main suggestion is to organize a broad request for comments and input on possible paths forward. I think we’re doing the right thing by initially implementing these exemptions -- but I do think this
