Re: [Wikimedia-l] Wikimedia and the politics of encryption

[George Herbert]

Theo:

> "They even have a "Key
> recovery service" and it's been going on for a long while apparently, to
> the point that the NSA has been steering the release of encryption
> standards and tools. I suppose that should make the "politics of
> encryption" a bit less relevant?"



No; with "Perfect Forward Security" it is still entirely relevant, and PFS
has been discussed in the game plan for WMF (I don't recall the status of
the long term security roadmap, but it's been widely discussed on technical
lists here).

It's also entirely relevant with or without PFS for any
less-than-NSA-capable agency or third party attempting to watch WMF project
users.  UK and China may be somewhere up there in capability, for example,
but most countries won't be.

https://en.wikipedia.org/wiki/Perfect_forward_secrecy




On Thu, Sep 5, 2013 at 4:55 PM, Theo10011  wrote:

> So, does this have any bearing on the discussion? -
>
> http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html
>
> Or are we just partial to the US surveillance over PRC.
>
> The article does mention SSL, VPNs and 4G security. They even have a "Key
> recovery service" and it's been going on for a long while apparently, to
> the point that the NSA has been steering the release of encryption
> standards and tools. I suppose that should make the "politics of
> encryption" a bit less relevant?
>
> -Theo
>
>
> On Wed, Sep 4, 2013 at 10:09 PM, Erik Moeller  wrote:
>
> > On Wed, Sep 4, 2013 at 7:46 AM, Brion Vibber 
> > wrote:
> >
> > > I would love to see Wikipedia content made available in China on
> Chinese
> > > infrastructure operated by a Chinese organization, with total ability
> to
> > > determine their own security and censorship policies.
> > >
> > > "But that's what Baidu did and we hate them!" you say?
> > >
> > > We could work *with* such an organization to coordinate, share content,
> > > etc, without compromising basic web security for our sites or giving up
> > our
> > > liberal content policies on Wikipedia "proper".
> >
> > I don't buy the argument. Last time I checked, Hudong (now just
> > "Baike") and Baidu Baike were the main wiki-like encyclopedias
> > operating out of and serving mainland China. Both use non-free
> > licensing terms, and both are subject to local censorship policies and
> > practices. That may include turning over contributors if they post
> > content that's deemed to be problematic by local authorities.
> >
> > At least on the surface, the projects are successful, with millions of
> > articles and lots of traffic. I have no idea what the quality of the
> > content is, but looking at an article like DNA, I'm guessing it
> > provides useful value to its readers:
> >
> > http://www.baike.com/wiki/DNA&prd=button_doc_jinru
> >
> > Where they are failing to do so, they can improve, if necessary by
> > copying Wikipedia content. But the one thing that they _cannot_
> > provide, and that a neutral encyclopedia _must_ provide, is precisely
> > information of the kind that the Chinese government would censor.
> > Neutral information about people, politics and history, irrespective
> > of whether that information afflicts a comfortable bureaucrat
> > somewhere.
> >
> > I would posit a different argument. The problem of providing basic
> > information about any subject _is_ being solved for by local
> > information providers. China isn't some backwater waiting for us to
> > educate them about physics and disease control. The problem of
> > providing a neutral, uncensored encyclopedia in the Chinese language,
> > on the other hand, isn't being solved for by anyone but us. The answer
> > is not to water down our security or partner with local information
> > providers that allow censorship and are willing to turn over user
> > data. It's to find ways to get that information to people, including
> > the bits they'd rather have people not see.
> >
> > Erik
> >
> > ___
> > Wikimedia-l mailing list
> > Wikimedia-l@lists.wikimedia.org
> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> > 
> >
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
>



-- 
-george william herbert
george.herb...@gmail.com
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Theo10011]

So, does this have any bearing on the discussion? -
http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html

Or are we just partial to the US surveillance over PRC.

The article does mention SSL, VPNs and 4G security. They even have a "Key
recovery service" and it's been going on for a long while apparently, to
the point that the NSA has been steering the release of encryption
standards and tools. I suppose that should make the "politics of
encryption" a bit less relevant?

-Theo


On Wed, Sep 4, 2013 at 10:09 PM, Erik Moeller  wrote:

> On Wed, Sep 4, 2013 at 7:46 AM, Brion Vibber 
> wrote:
>
> > I would love to see Wikipedia content made available in China on Chinese
> > infrastructure operated by a Chinese organization, with total ability to
> > determine their own security and censorship policies.
> >
> > "But that's what Baidu did and we hate them!" you say?
> >
> > We could work *with* such an organization to coordinate, share content,
> > etc, without compromising basic web security for our sites or giving up
> our
> > liberal content policies on Wikipedia "proper".
>
> I don't buy the argument. Last time I checked, Hudong (now just
> "Baike") and Baidu Baike were the main wiki-like encyclopedias
> operating out of and serving mainland China. Both use non-free
> licensing terms, and both are subject to local censorship policies and
> practices. That may include turning over contributors if they post
> content that's deemed to be problematic by local authorities.
>
> At least on the surface, the projects are successful, with millions of
> articles and lots of traffic. I have no idea what the quality of the
> content is, but looking at an article like DNA, I'm guessing it
> provides useful value to its readers:
>
> http://www.baike.com/wiki/DNA&prd=button_doc_jinru
>
> Where they are failing to do so, they can improve, if necessary by
> copying Wikipedia content. But the one thing that they _cannot_
> provide, and that a neutral encyclopedia _must_ provide, is precisely
> information of the kind that the Chinese government would censor.
> Neutral information about people, politics and history, irrespective
> of whether that information afflicts a comfortable bureaucrat
> somewhere.
>
> I would posit a different argument. The problem of providing basic
> information about any subject _is_ being solved for by local
> information providers. China isn't some backwater waiting for us to
> educate them about physics and disease control. The problem of
> providing a neutral, uncensored encyclopedia in the Chinese language,
> on the other hand, isn't being solved for by anyone but us. The answer
> is not to water down our security or partner with local information
> providers that allow censorship and are willing to turn over user
> data. It's to find ways to get that information to people, including
> the bits they'd rather have people not see.
>
> Erik
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
>
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Seb35]

I don’t see precisely how mandatory HTTPS could help spread the knowledge;
accordingly if users feel themselves spied and it prevent them to
contribute, yes, HTTPS helps; but if others feel cluttered by HTTPS (time
load, unfriendly firewalls, various problems), it could also lower the
number of editors.

On another side HTTPS is quite useless if users click-through any warning
("You are spied.": "Ok"/close me that ad → privacy education); anyway
encryption and code breaking is always a cat-and-mouse play, and we sould
have to carefully monitor state of the art if we really want to protect
the users; but imho it’s not our vision.

For HTTPS, I would like to see the users opt-in to the security they want:
e.g. if they write about intelligence, they probably know the dangers
about being spied and want minimize it as part of other means; if they
write about butterflies, perhaps they don’t matter about being spied. For
specific-rights editors security could be enforced, but possibly with
other means than encryption; e.g. if an oversight has to hide an article,
it is primarly needed to be sure the user has oversight rights
(authorisation), and it is not really useful to hide what article it is
(it was public). Accordingly for checkusers, we want the IPs stay private
(encrypted during the transport). This point is: HTTPS is not the solution
to all problems.

For HTTPS I see some security levels chosed by the users: no HTTPS at all
(Chinese users), equal HTTP/HTTPS (butterflies editor), prefered HTTPS
(privacy-conscious editor, but travelling to China regularly), always
HTTPS or nothing (intelligence editor). And this could be also implemented
for readers during their session. This option is politically neutral, it
just let the user choose.

Sébastien


Le Tue, 03 Sep 2013 21:38:36 +0200, Terry Chay  a
écrit:
This part of the discussion has strayed a bit far from the politics of  
encryption. ;-)


Not that it doesn't have value, but if I can bring it back on-topic for  
a moment…


The gist of the HTTPS issues is that it's simply not an engineering  
discussion, it's a political one. The abuses recently revealed in the  
United States is either orthogonal to the issue of the politics of  
encryption (in that HTTPS encryption in China, Iran, and the future is  
in discussion), or is the direct salient (in that it is a prime  
motivator for accelerating HTTPS rollout which has triggered this issue).


I, for one, would like to see the discussion of what to do. I'm of the  
believe that there is no simple engineering decision without introducing  
practical, political, legal, and moral complications. I suspect that  
even the more clever or complex ones also introduce these issues. It's  
important to outline what our choices are and the consequences of those  
choices, and derive consensus on what the right choice is going forward,  
as it is clear what we have now[1] is a temporary band-aid.[2]


I'm less sanguine about Erik's suggestion that creating a deadline to  
HTTP-canonical will actually get us to an adequate resolution. The  
reason is simply—whatever I think of Google personally—I feel Google has  
a highly-capable, highly-motivated, engineering-driven staff, and they  
were unable to come up with a workable solution. Unlike Google, we have  
a clear sense about what motivates us[3], so we need to figure out how  
best to get there/interpret it.


[1]:  
http://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/
[2]: Maybe start an RfC or other wiki page on Meta with a summary of the  
discussion so far?

[3]: http://wikimediafoundation.org/wiki/Vision

Take care,

terry

On Sep 3, 2013, at 11:50 AM, Kirill Lokshin   
wrote:


The thing is, it's kind of a crapshoot anyways.  You might see  
something that you think might be classified and report it; but, unless  
you actually have the corresponding clearance yourself, you have no way  
of knowing for certain whether the material is in fact classified in  
the first place.  Conversely, anyone who does have that information is  
unlikely to confirm it one way or the other, for obvious reasons.


To make things even more convoluted, reporting certain kinds of  
material to the WMF could itself potentially be considered illegal in  
some circumstances, since not everyone at the WMF is considered a "US  
person" for ITAR purposes.


Kirill

On Sep 3, 2013, at 2:34 PM, "Fred Bauder"   
wrote:



To be fair, none of the people receiving requests through legal@ or
emergency@ have security clearances either.

Kirill


True, but there are not so many of them. I'm not sure if a request  
about
a major matter has ever been made through any channel. In a way, that  
is

kind of a dumb move.

Fred





___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,  

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Erik Moeller]

On Wed, Sep 4, 2013 at 7:46 AM, Brion Vibber  wrote:

> I would love to see Wikipedia content made available in China on Chinese
> infrastructure operated by a Chinese organization, with total ability to
> determine their own security and censorship policies.
>
> "But that's what Baidu did and we hate them!" you say?
>
> We could work *with* such an organization to coordinate, share content,
> etc, without compromising basic web security for our sites or giving up our
> liberal content policies on Wikipedia "proper".

I don't buy the argument. Last time I checked, Hudong (now just
"Baike") and Baidu Baike were the main wiki-like encyclopedias
operating out of and serving mainland China. Both use non-free
licensing terms, and both are subject to local censorship policies and
practices. That may include turning over contributors if they post
content that's deemed to be problematic by local authorities.

At least on the surface, the projects are successful, with millions of
articles and lots of traffic. I have no idea what the quality of the
content is, but looking at an article like DNA, I'm guessing it
provides useful value to its readers:

http://www.baike.com/wiki/DNA&prd=button_doc_jinru

Where they are failing to do so, they can improve, if necessary by
copying Wikipedia content. But the one thing that they _cannot_
provide, and that a neutral encyclopedia _must_ provide, is precisely
information of the kind that the Chinese government would censor.
Neutral information about people, politics and history, irrespective
of whether that information afflicts a comfortable bureaucrat
somewhere.

I would posit a different argument. The problem of providing basic
information about any subject _is_ being solved for by local
information providers. China isn't some backwater waiting for us to
educate them about physics and disease control. The problem of
providing a neutral, uncensored encyclopedia in the Chinese language,
on the other hand, isn't being solved for by anyone but us. The answer
is not to water down our security or partner with local information
providers that allow censorship and are willing to turn over user
data. It's to find ways to get that information to people, including
the bits they'd rather have people not see.

Erik

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Federico Leva (Nemo)]

David Gerard, 04/09/2013 16:52:

On 4 September 2013 15:46, Brion Vibber  wrote:


"But that's what Baidu did and we hate them!" you say?




AIUI our quibble with Baidu was that they didn't respect the licenses.
A suitable license on the content and it'd all be fine. Did we ever
get anywhere with that?


The recent comparisons between Baidu and Wikipedia which popped up 
around Wikimania pointed out that Baidu is mainly a parking lot of 
copyright violations and self-promotion copied from all over the web, so 
I doubt they'd be able to use or apply any licensing scheme even if they 
wanted.


Nemo

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[David Gerard]

On 4 September 2013 15:46, Brion Vibber  wrote:

> "But that's what Baidu did and we hate them!" you say?



AIUI our quibble with Baidu was that they didn't respect the licenses.
A suitable license on the content and it'd all be fine. Did we ever
get anywhere with that?


- d.

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Brion Vibber]

Tim sets out some excellent points; in particular it's a good reminder that
there is a continuum of options.

I've tended to advocate on the protest side of things, but I would like to
posit another option: we don't have to operate *everything* under the
auspices of Wikimedia Foundation, Inc (a Florida not-for-profit
corporation).

Our organizational goal is not "make Wikipedia.org a popular web site in
all countries", it's to make knowledge available to everyone in their own
language.

I would love to see Wikipedia content made available in China on Chinese
infrastructure operated by a Chinese organization, with total ability to
determine their own security and censorship policies.

"But that's what Baidu did and we hate them!" you say?

We could work *with* such an organization to coordinate, share content,
etc, without compromising basic web security for our sites or giving up our
liberal content policies on Wikipedia "proper".

I know this runs counter to our group tendency to centralization but we
should remember that Open Content is *meant* to be distributed and
redistributable. Centralization is often convenient but shouldn't be
mandatory.

-- brion
 On Sep 3, 2013 8:22 PM, "Tim Starling"  wrote:

> On 04/09/13 05:38, Terry Chay wrote:
> > This part of the discussion has strayed a bit far from the politics
> > of encryption. ;-)
> >
> > Not that it doesn't have value, but if I can bring it back on-topic
> > for a moment…
> >
> > The gist of the HTTPS issues is that it's simply not an engineering
> > discussion, it's a political one.
>
> Yes, obviously, hence the subject line.
>
> > It's important to outline what our choices are and
> > the consequences of those choices, and derive consensus on what the
> > right choice is going forward, as it is clear what we have now[1]
> > is a temporary band-aid.[2]
>
> I don't think it is clear. We have a variety of options open to us, on
> a spectrum of appeasement versus protest. From the former to the
> latter, we have:
>
> 1. Make ourselves subject to Chinese law and do what they tell us to
> (i.e. open a datacentre in China).
> 2. Use a technical setup which implicitly cooperates with their
> existing system for censorship of foreign content (i.e. use
> unencrypted HTTP).
> 3. Use a technical setup which is inherently incompatible with the
> existing system of censorship, thus forcing the Chinese government to
> block us (i.e. use HTTPS).
>
> I don't see option 2 as a band-aid, I see it as a moderate path
> between appeasement and protest, which allows us to remain popular in
> China without explicitly supporting censorship, with minimal risk to
> our staff. Of course, it has its down sides.
>
> None of the three options are without risk to our users. Probably the
> most risky for our users is option 3, which encourages users to
> circumvent censorship, in violation of Chinese law. It turns our users
> into activists.
>
> There's nothing inherently wrong with activism, but I think we have an
> ethical responsibility to be fully aware of the risks we are
> encouraging our users to take, and also to understand the benefits
> which are likely to come from successful activism, so that we can
> decide whether the action we are inciting is rational and prudent.
>
> -- Tim Starling
>
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Tim Starling]

On 04/09/13 05:38, Terry Chay wrote:
> This part of the discussion has strayed a bit far from the politics
> of encryption. ;-)
> 
> Not that it doesn't have value, but if I can bring it back on-topic
> for a moment…
> 
> The gist of the HTTPS issues is that it's simply not an engineering
> discussion, it's a political one.

Yes, obviously, hence the subject line.

> It's important to outline what our choices are and
> the consequences of those choices, and derive consensus on what the
> right choice is going forward, as it is clear what we have now[1]
> is a temporary band-aid.[2]

I don't think it is clear. We have a variety of options open to us, on
a spectrum of appeasement versus protest. From the former to the
latter, we have:

1. Make ourselves subject to Chinese law and do what they tell us to
(i.e. open a datacentre in China).
2. Use a technical setup which implicitly cooperates with their
existing system for censorship of foreign content (i.e. use
unencrypted HTTP).
3. Use a technical setup which is inherently incompatible with the
existing system of censorship, thus forcing the Chinese government to
block us (i.e. use HTTPS).

I don't see option 2 as a band-aid, I see it as a moderate path
between appeasement and protest, which allows us to remain popular in
China without explicitly supporting censorship, with minimal risk to
our staff. Of course, it has its down sides.

None of the three options are without risk to our users. Probably the
most risky for our users is option 3, which encourages users to
circumvent censorship, in violation of Chinese law. It turns our users
into activists.

There's nothing inherently wrong with activism, but I think we have an
ethical responsibility to be fully aware of the risks we are
encouraging our users to take, and also to understand the benefits
which are likely to come from successful activism, so that we can
decide whether the action we are inciting is rational and prudent.

-- Tim Starling


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[George Herbert]

On Tue, Sep 3, 2013 at 5:36 AM, Fred Bauder  wrote:

> ...
> Detailed information about construction of advanced nuclear weapons or
> ...
>


> So, while the details of material removed for legitimate security reasons
> cannot be published; ...



On point of information -

Thanks to Howard Morland, who as it happens was the same Howard Morland who
wrote the Progressive article on the Teller-Ulam thermonuclear device
concept that sparked the US v Progressive court case, we do have at least
two distinct sets of detailed information on advanced nuclear weapons, the
aforementioned Teller-Ulam information and the Swan device's basic
explosive lens principle/concept.  We had a third regarding another
specific weapon, sufficient for an expert to reconstruct the weapon design
from scratch, but it was removed (by someone else) as anecdotal reporting
by a former weapon maintainer that had no reliable sources published.

As far as I recall, there has not been anything like an organized on-wiki
effort to remove the info, nor has the Foundation done anything that I
noticed pursuant to any secret orders they might have received.

There's more self-restraint among that field's active participating crowd,
things we haven't published yet, than anything else.


We had a little kerfuffle over photos of the former head of the National
Nuclear Security Agency's Q-clearance badge, but that was as close as it
ever came to DoE or others poking their heads in here on any of these
topics...


-george
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Terry Chay]

This part of the discussion has strayed a bit far from the politics of 
encryption. ;-)

Not that it doesn't have value, but if I can bring it back on-topic for a 
moment…

The gist of the HTTPS issues is that it's simply not an engineering discussion, 
it's a political one. The abuses recently revealed in the United States is 
either orthogonal to the issue of the politics of encryption (in that HTTPS 
encryption in China, Iran, and the future is in discussion), or is the direct 
salient (in that it is a prime motivator for accelerating HTTPS rollout which 
has triggered this issue).

I, for one, would like to see the discussion of what to do. I'm of the believe 
that there is no simple engineering decision without introducing practical, 
political, legal, and moral complications. I suspect that even the more clever 
or complex ones also introduce these issues. It's important to outline what our 
choices are and the consequences of those choices, and derive consensus on what 
the right choice is going forward, as it is clear what we have now[1] is a 
temporary band-aid.[2]

I'm less sanguine about Erik's suggestion that creating a deadline to 
HTTP-canonical will actually get us to an adequate resolution. The reason is 
simply—whatever I think of Google personally—I feel Google has a 
highly-capable, highly-motivated, engineering-driven staff, and they were 
unable to come up with a workable solution. Unlike Google, we have a clear 
sense about what motivates us[3], so we need to figure out how best to get 
there/interpret it.

[1]: 
http://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/
[2]: Maybe start an RfC or other wiki page on Meta with a summary of the 
discussion so far?
[3]: http://wikimediafoundation.org/wiki/Vision

Take care,

terry

On Sep 3, 2013, at 11:50 AM, Kirill Lokshin  wrote:

> The thing is, it's kind of a crapshoot anyways.  You might see something that 
> you think might be classified and report it; but, unless you actually have 
> the corresponding clearance yourself, you have no way of knowing for certain 
> whether the material is in fact classified in the first place.  Conversely, 
> anyone who does have that information is unlikely to confirm it one way or 
> the other, for obvious reasons. 
> 
> To make things even more convoluted, reporting certain kinds of material to 
> the WMF could itself potentially be considered illegal in some circumstances, 
> since not everyone at the WMF is considered a "US person" for ITAR purposes. 
> 
> Kirill
> 
> On Sep 3, 2013, at 2:34 PM, "Fred Bauder"  wrote:
> 
>>> To be fair, none of the people receiving requests through legal@ or
>>> emergency@ have security clearances either.
>>> 
>>> Kirill
>> 
>> True, but there are not so many of them. I'm not sure if a request about
>> a major matter has ever been made through any channel. In a way, that is
>> kind of a dumb move.
>> 
>> Fred
> 


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Kirill Lokshin]

The thing is, it's kind of a crapshoot anyways.  You might see something that 
you think might be classified and report it; but, unless you actually have the 
corresponding clearance yourself, you have no way of knowing for certain 
whether the material is in fact classified in the first place.  Conversely, 
anyone who does have that information is unlikely to confirm it one way or the 
other, for obvious reasons. 

To make things even more convoluted, reporting certain kinds of material to the 
WMF could itself potentially be considered illegal in some circumstances, since 
not everyone at the WMF is considered a "US person" for ITAR purposes. 

Kirill

On Sep 3, 2013, at 2:34 PM, "Fred Bauder"  wrote:

>> To be fair, none of the people receiving requests through legal@ or
>> emergency@ have security clearances either.
>> 
>> Kirill
> 
> True, but there are not so many of them. I'm not sure if a request about
> a major matter has ever been made through any channel. In a way, that is
> kind of a dumb move.
> 
> Fred
> 
> 
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 
> 

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

> To be fair, none of the people receiving requests through legal@ or
> emergency@ have security clearances either.
>
> Kirill

True, but there are not so many of them. I'm not sure if a request about
a major matter has ever been made through any channel. In a way, that is
kind of a dumb move.

Fred


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

> To be fair, none of the people receiving requests through legal@ or
> emergency@ have security clearances either.
>
> Kirill

True, but there are not so many of them. I'm not sure if a request about
a major matter has ever been made through any channel. In a way, that is
kind of a dumb move.

Fred


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Kirill Lokshin]

To be fair, none of the people receiving requests through legal@ or emergency@ 
have security clearances either.

Kirill

On Sep 3, 2013, at 1:44 PM, "Fred Bauder"  wrote:

> 
>>> Are there more successful attempts?
>> 
>> It would be difficult to enumerate successful attempts since, by
>> definition, they would have been successful at not being known.  :-)
>> -- Marc
> 
> I once suppressed information about a troop movement underway in Iraq
> after a request. Troop movements are explicitly mentioned in the
> Espionage Act.
> 
> Such requests, and other requests regarding obviously illegal material,
> should go to legal at wikimedia.org or emergency at wikimedia.org at the
> Foundation rather than to User:Oversight, by the way. There is a whole
> bunch of people on the oversight committee none of whom are known to have
> security clearances.
> 
> Fred
> 
> 
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 
> 

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Michelle Paulson]

Hi Fred,

Emergencies should go to emerge...@wikimedia.org.  Any other concerns
should be directed to le...@wikimedia.org.

Please note that emergency@ should only be used for actual emergencies
(i.e. immediate threats to life, limb, or property).

Thanks!

-Michelle


On Tue, Sep 3, 2013 at 10:48 AM, Fred Bauder  wrote:

> I guess emergencies should not go to legal as there may be a considerable
> delay.
>
> Fred
>
> >
> >>> Are there more successful attempts?
> >>
> >> It would be difficult to enumerate successful attempts since, by
> >> definition, they would have been successful at not being known.  :-)
> >> -- Marc
> >
> > I once suppressed information about a troop movement underway in Iraq
> > after a request. Troop movements are explicitly mentioned in the
> > Espionage Act.
> >
> > Such requests, and other requests regarding obviously illegal material,
> > should go to legal at wikimedia.org or emergency at wikimedia.org at the
> > Foundation rather than to User:Oversight, by the way. There is a whole
> > bunch of people on the oversight committee none of whom are known to have
> > security clearances.
> >
> > Fred
> >
> >
> > ___
> > Wikimedia-l mailing list
> > Wikimedia-l@lists.wikimedia.org
> > Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> > 
>
>
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
>



-- 
Michelle Paulson
Legal Counsel
Wikimedia Foundation
149 New Montgomery Street, 6th Floor
San Francisco, CA 94105
mpaul...@wikimedia.org
415.839.6885 ext. 6608 (Office)
415.882.0495 (Fax)




NOTICE: *This message might have confidential or legally privileged
information in it. If you have received this message by accident, please
delete it and let us know about the mistake. For legal reasons, I may only
serve as an attorney for the Wikimedia Foundation. This means I may not
give legal advice to or serve as a lawyer for community members,
volunteers, or staff members in their personal capacity.*
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Delirium]

On 9/3/13 4:28 PM, Marc A. Pelletier wrote:

On 09/03/2013 09:45 AM, Fred Bauder wrote:

Abusive nonsense does not make that fact go away. Someone,
actually, many someones, need to be trusted.

Доверяй, но проверяй.

I agree with your assessment of the risks of working with the PRC, I
simply think that if you think that those risks do not exist in our
"Western" countries, you are ignoring history.

I certainly agree with learning from history, but when it comes to 
censoring encyclopedias or similar reference works, are there good 
examples that might more concretely narrow down the specific type of 
thing we ought to be learning from history?


The best example of which I'm aware is the 1979 attempt by the U.S. 
Department of Energy to stop the publication of a reconstruction of the 
Teller-Ulam hydrogen bomb design. But that attempt ended up being 
unsuccessful, and encyclopedias (including Wikipedia) include that 
information. Are there more successful attempts?


-Mark


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

>> Are there more successful attempts?
>
> It would be difficult to enumerate successful attempts since, by
> definition, they would have been successful at not being known.  :-)
> -- Marc

I once suppressed information about a troop movement underway in Iraq
after a request. Troop movements are explicitly mentioned in the
Espionage Act.

Such requests, and other requests regarding obviously illegal material,
should go to legal at wikimedia.org or emergency at wikimedia.org at the
Foundation rather than to User:Oversight, by the way. There is a whole
bunch of people on the oversight committee none of whom are known to have
security clearances.

Fred


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

I guess emergencies should not go to legal as there may be a considerable
delay.

Fred

>
>>> Are there more successful attempts?
>>
>> It would be difficult to enumerate successful attempts since, by
>> definition, they would have been successful at not being known.  :-)
>> -- Marc
>
> I once suppressed information about a troop movement underway in Iraq
> after a request. Troop movements are explicitly mentioned in the
> Espionage Act.
>
> Such requests, and other requests regarding obviously illegal material,
> should go to legal at wikimedia.org or emergency at wikimedia.org at the
> Foundation rather than to User:Oversight, by the way. There is a whole
> bunch of people on the oversight committee none of whom are known to have
> security clearances.
>
> Fred
>
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 



___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Marc A. Pelletier]

On 09/03/2013 12:33 PM, Delirium wrote:
> I certainly agree with learning from history, but when it comes to
> censoring encyclopedias or similar reference works, are there good
> examples that might more concretely narrow down the specific type of
> thing we ought to be learning from history?

Not that I know of, but that's because the model of what an encyclopedia
/is/ has changed a great deal -- they used to be centralized
distribution of knowledge and subject to an unknown number of pressure
points (including, most dangerously, self-censorship).

Wikipedia, and the Net in general, have changed the landscape
substantially and -- accordingly -- the attack vectors.  I don't think
we have much left to fear from attempts to repress individual bits of
data so much as attempts to change the landscape back to top-down
control (through legislation, disinformation, and so on).

Certainly, the Défence Nationale's attempt to rubber hose information
out of the French Wikipedia is a recent and very visible failed attempt.
 I've no doubt that for every very visible and embarrassing failure like
that one, there are a dozen that fly under the radar.

> Are there more successful attempts?

It would be difficult to enumerate successful attempts since, by
definition, they would have been successful at not being known.  :-)  I
don't disagree that it would be very difficult, perhaps even nearly
impossible, to completely censor information in this day and age and
under our current political climate -- but that is exactly *because* we
reflexively fight authority figures attempting to control information
not because there is no longer a desire or attempts to do so have gotten
less frequent.

Gilmore was already noting in in 1993 while the 'net was still the
province of the elite geekdom; there is no reason to believe this has
gotten better since (and lots of reasons why it could have gotten worse).

-- Marc


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Marc A. Pelletier]

On 09/03/2013 09:45 AM, Fred Bauder wrote:
> Abusive nonsense does not make that fact go away. Someone,
> actually, many someones, need to be trusted.

Доверяй, но проверяй.

I agree with your assessment of the risks of working with the PRC, I
simply think that if you think that those risks do not exist in our
"Western" countries, you are ignoring history.

The only thing that protects us is transparency and visibility, and
maintaining those requires constant vigilance, not blind trust.

-- Marc

P.S.:  I mean, the two things that protect us are transparency,
visibility and vigilance.  Wait.  AMONGST the things that protect us are...



___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

> On 09/03/2013 08:36 AM, Fred Bauder wrote:
>> Any censor from the United States or European governments that works
>> directly with us (I have no personal knowledge of this, I just know it
>> has to be) is concerned with classified information, not someone's
>> opinions or factual information about historical events or political
>> personalities.
>
> You have an optimism and faith in your government(s) that is, sadly, not
> justified by history (past and recent).  The blanket "classified" (or,
> more recently "national security") has and is being used to cover up
> "embarrassing" more often than not.
>
> -- Marc

There is legitimate classified material just as there is child
pornography. Abusive nonsense does not make that fact go away. Someone,
actually, many someones, need to be trusted.

Fred


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Marc A. Pelletier]

On 09/02/2013 06:17 PM, Tim Starling wrote:
> OK, well there's one fairly obvious solution which hasn't been
> proposed or discussed.

[collaborating with the PRC]

That's because, ideologically, it would be abhorrent to a very large
segment (possibly even the majority) of editors, staff and readers.

And because it would set a /horrible/ precedent that other governments
who currently feel obligated to tolerate unfettered access to our
projects would be quick to demand.

The idea of playing along with censors doesn't just not fly, it's a
non-starter.

-- Marc


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Marc A. Pelletier]

On 09/03/2013 08:36 AM, Fred Bauder wrote:
> Any censor from the United States or European governments that works
> directly with us (I have no personal knowledge of this, I just know it
> has to be) is concerned with classified information, not someone's
> opinions or factual information about historical events or political
> personalities.

You have an optimism and faith in your government(s) that is, sadly, not
justified by history (past and recent).  The blanket "classified" (or,
more recently "national security") has and is being used to cover up
"embarrassing" more often than not.

-- Marc


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

And from that assertion what practical action or policy should follow?

Fred

> Fred,
>
> Sorry, there is no us. As far as the United States is concerned they
> allowed themselves to spy on any person who is not one of US to be speid
> on. Given that our movement is a global movement, the fact that it is
> based
> in the US is incidental.
> Thanks,
>   GerardM
>
>
> On 3 September 2013 14:36, Fred Bauder  wrote:
>
>> Any censor from the United States or European governments that works
>> directly with us (I have no personal knowledge of this, I just know it
>> has to be) is concerned with classified information, not someone's
>> opinions or factual information about historical events or political
>> personalities.
>>
>> Detailed information about construction of advanced nuclear weapons or
>> the details of military or intelligence operations cannot be on
>> Wikipedia
>> just as child pornography cannot be; on the other hand, a distorted, or
>> devastatingly accurate picture, of the Iraq War, or Obama, can be.
>>
>> So, while the details of material removed for legitimate security
>> reasons
>> cannot be published; in China the identity and any personal information
>> we have gathered such as the ip address of an editor and the content of
>> their edits to the Tiananmen Square protests of 1989 article would be
>> of
>> interest to the security apparatus and classified. Any local employee
>> or
>> volunteer of ours who shared that information with others even within
>> our
>> organization could be prosecuted. It is quite impossible to work with
>> the
>> Chinese government in the manner suggested and maintain a scintilla of
>> integrity. A request by them to remove details about their advanced
>> nuclear weapons or specific details of their military deployments
>> would,
>> of course, be legitimate.
>>
>> The Chinese government has legitimate reason to avoid extensive public
>> attention to past errors and disasters; one has only to look at the
>> history of the Soviet Union to observe the effect of focusing on past
>> outrages on public morale, but that is their burden to bear not ours to
>> share.
>>
>> Fred
>>
>> > Hoi,
>> >
>> > Fred, what is different in your scenario from what happens in the USA
>> ?
>> >
>> > Thanks,
>> >   GerardM
>> >
>> >
>> > On 3 September 2013 00:23, Fred Bauder 
>> wrote:
>> >
>> >> > On 31/08/13 15:17, Erik Moeller wrote:
>> >> >> It could be argued
>> >> >> that it’s time to draw a line in the sand - if
>> you’re
>> >> prohibiting
>> >> >> the
>> >> >> use of encryption, you’re effectively not part
>> of the web.
>> >> You’re
>> >> >> subverting basic web technologies.
>> >> >
>> >> > China is not prohibiting encryption. They're prohibiting specific
>> >> > instances of encryption which facilitate circumvention of
>> censorship.
>> >> >
>> >> >> So, what to do? My main suggestion is to organize a broad request
>> >> for
>> >> >> comments and input on possible paths forward.
>> >> >
>> >> > OK, well there's one fairly obvious solution which hasn't been
>> >> > proposed or discussed. It would allow the end-to-end encryption
>> and
>> >> > would allow us to stay as popular in China as we are now.
>> >> >
>> >> > We could open a data centre in China, send frontend requests from
>> >> > clients in China to that data centre, and comply with local
>> >> censorship
>> >> > and surveillance as required to continue such operation.
>> >> >
>> >> > It would be kind of like the cooperation we give to the US
>> government
>> >> > at the moment, except specific to readers in China instead of
>> imposed
>> >> > on everyone in the world.
>> >> >
>> >> > It would allow WMF to monitor censorship and surveillance by being
>> in
>> >> > the request loop. It would give WMF greater influence over local
>> >> > policy, because our staff would be in direct contact with their
>> >> staff.
>> >> > We would be able to deliver clear error messages in place of
>> censored
>> >> > content, instead of a connection reset.
>> >> >
>> >> > -- Tim Starling
>> >>
>> >> Their orders would be classified; disclosure of them would be a
>> crime.
>> >> Not a problem for us, but a big problem for staff on the ground in
>> >> China.
>> >>
>> >> Fred
>> >>
>> >>
>> >> ___
>> >> Wikimedia-l mailing list
>> >> Wikimedia-l@lists.wikimedia.org
>> >> Unsubscribe:
>> https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
>> >> 
>> >>
>> >
>>
>>
>>
>> ___
>> Wikimedia-l mailing list
>> Wikimedia-l@lists.wikimedia.org
>> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
>> 
>>
>



___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lis

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Gerard Meijssen]

Fred,

Sorry, there is no us. As far as the United States is concerned they
allowed themselves to spy on any person who is not one of US to be speid
on. Given that our movement is a global movement, the fact that it is based
in the US is incidental.
Thanks,
  GerardM


On 3 September 2013 14:36, Fred Bauder  wrote:

> Any censor from the United States or European governments that works
> directly with us (I have no personal knowledge of this, I just know it
> has to be) is concerned with classified information, not someone's
> opinions or factual information about historical events or political
> personalities.
>
> Detailed information about construction of advanced nuclear weapons or
> the details of military or intelligence operations cannot be on Wikipedia
> just as child pornography cannot be; on the other hand, a distorted, or
> devastatingly accurate picture, of the Iraq War, or Obama, can be.
>
> So, while the details of material removed for legitimate security reasons
> cannot be published; in China the identity and any personal information
> we have gathered such as the ip address of an editor and the content of
> their edits to the Tiananmen Square protests of 1989 article would be of
> interest to the security apparatus and classified. Any local employee or
> volunteer of ours who shared that information with others even within our
> organization could be prosecuted. It is quite impossible to work with the
> Chinese government in the manner suggested and maintain a scintilla of
> integrity. A request by them to remove details about their advanced
> nuclear weapons or specific details of their military deployments would,
> of course, be legitimate.
>
> The Chinese government has legitimate reason to avoid extensive public
> attention to past errors and disasters; one has only to look at the
> history of the Soviet Union to observe the effect of focusing on past
> outrages on public morale, but that is their burden to bear not ours to
> share.
>
> Fred
>
> > Hoi,
> >
> > Fred, what is different in your scenario from what happens in the USA ?
> >
> > Thanks,
> >   GerardM
> >
> >
> > On 3 September 2013 00:23, Fred Bauder  wrote:
> >
> >> > On 31/08/13 15:17, Erik Moeller wrote:
> >> >> It could be argued
> >> >> that it’s time to draw a line in the sand - if you’re
> >> prohibiting
> >> >> the
> >> >> use of encryption, you’re effectively not part of the web.
> >> You’re
> >> >> subverting basic web technologies.
> >> >
> >> > China is not prohibiting encryption. They're prohibiting specific
> >> > instances of encryption which facilitate circumvention of censorship.
> >> >
> >> >> So, what to do? My main suggestion is to organize a broad request
> >> for
> >> >> comments and input on possible paths forward.
> >> >
> >> > OK, well there's one fairly obvious solution which hasn't been
> >> > proposed or discussed. It would allow the end-to-end encryption and
> >> > would allow us to stay as popular in China as we are now.
> >> >
> >> > We could open a data centre in China, send frontend requests from
> >> > clients in China to that data centre, and comply with local
> >> censorship
> >> > and surveillance as required to continue such operation.
> >> >
> >> > It would be kind of like the cooperation we give to the US government
> >> > at the moment, except specific to readers in China instead of imposed
> >> > on everyone in the world.
> >> >
> >> > It would allow WMF to monitor censorship and surveillance by being in
> >> > the request loop. It would give WMF greater influence over local
> >> > policy, because our staff would be in direct contact with their
> >> staff.
> >> > We would be able to deliver clear error messages in place of censored
> >> > content, instead of a connection reset.
> >> >
> >> > -- Tim Starling
> >>
> >> Their orders would be classified; disclosure of them would be a crime.
> >> Not a problem for us, but a big problem for staff on the ground in
> >> China.
> >>
> >> Fred
> >>
> >>
> >> ___
> >> Wikimedia-l mailing list
> >> Wikimedia-l@lists.wikimedia.org
> >> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> >> 
> >>
> >
>
>
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
>
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

Any censor from the United States or European governments that works
directly with us (I have no personal knowledge of this, I just know it
has to be) is concerned with classified information, not someone's
opinions or factual information about historical events or political
personalities.

Detailed information about construction of advanced nuclear weapons or
the details of military or intelligence operations cannot be on Wikipedia
just as child pornography cannot be; on the other hand, a distorted, or
devastatingly accurate picture, of the Iraq War, or Obama, can be.

So, while the details of material removed for legitimate security reasons
cannot be published; in China the identity and any personal information
we have gathered such as the ip address of an editor and the content of
their edits to the Tiananmen Square protests of 1989 article would be of
interest to the security apparatus and classified. Any local employee or
volunteer of ours who shared that information with others even within our
organization could be prosecuted. It is quite impossible to work with the
Chinese government in the manner suggested and maintain a scintilla of
integrity. A request by them to remove details about their advanced
nuclear weapons or specific details of their military deployments would,
of course, be legitimate.

The Chinese government has legitimate reason to avoid extensive public
attention to past errors and disasters; one has only to look at the
history of the Soviet Union to observe the effect of focusing on past
outrages on public morale, but that is their burden to bear not ours to
share.

Fred

> Hoi,
>
> Fred, what is different in your scenario from what happens in the USA ?
>
> Thanks,
>   GerardM
>
>
> On 3 September 2013 00:23, Fred Bauder  wrote:
>
>> > On 31/08/13 15:17, Erik Moeller wrote:
>> >> It could be argued
>> >> that it’s time to draw a line in the sand - if you’re
>> prohibiting
>> >> the
>> >> use of encryption, you’re effectively not part of the web.
>> You’re
>> >> subverting basic web technologies.
>> >
>> > China is not prohibiting encryption. They're prohibiting specific
>> > instances of encryption which facilitate circumvention of censorship.
>> >
>> >> So, what to do? My main suggestion is to organize a broad request
>> for
>> >> comments and input on possible paths forward.
>> >
>> > OK, well there's one fairly obvious solution which hasn't been
>> > proposed or discussed. It would allow the end-to-end encryption and
>> > would allow us to stay as popular in China as we are now.
>> >
>> > We could open a data centre in China, send frontend requests from
>> > clients in China to that data centre, and comply with local
>> censorship
>> > and surveillance as required to continue such operation.
>> >
>> > It would be kind of like the cooperation we give to the US government
>> > at the moment, except specific to readers in China instead of imposed
>> > on everyone in the world.
>> >
>> > It would allow WMF to monitor censorship and surveillance by being in
>> > the request loop. It would give WMF greater influence over local
>> > policy, because our staff would be in direct contact with their
>> staff.
>> > We would be able to deliver clear error messages in place of censored
>> > content, instead of a connection reset.
>> >
>> > -- Tim Starling
>>
>> Their orders would be classified; disclosure of them would be a crime.
>> Not a problem for us, but a big problem for staff on the ground in
>> China.
>>
>> Fred
>>
>>
>> ___
>> Wikimedia-l mailing list
>> Wikimedia-l@lists.wikimedia.org
>> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
>> 
>>
>



___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[James Alexander]

On Mon, Sep 2, 2013 at 10:58 PM, Peter Gervai  wrote:

> illegally collect personal data about them and *monetize it *or use to
> pressure or
> threaten selected individuals, companies or agencies.


Monetize it?

I am in no way going to defend my government on most of this given that I
think they are doing much of it unconstitutionally and much of the rest
immorally (though I will say that we would/do fight our ass off against
inappropriate demands and that the demands that would be placed on us in
Europe are actually worse so I really wouldn't agree with this supposition
that the US is significantly worse then the rest of the world... though I'd
agree that we're less 'better' then we like to claim) but how do you think
they will *monetize* it?
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Gerard Meijssen]

Hoi,

Fred, what is different in your scenario from what happens in the USA ?

Thanks,
  GerardM


On 3 September 2013 00:23, Fred Bauder  wrote:

> > On 31/08/13 15:17, Erik Moeller wrote:
> >> It could be argued
> >> that it’s time to draw a line in the sand - if you’re prohibiting
> >> the
> >> use of encryption, you’re effectively not part of the web. You’re
> >> subverting basic web technologies.
> >
> > China is not prohibiting encryption. They're prohibiting specific
> > instances of encryption which facilitate circumvention of censorship.
> >
> >> So, what to do? My main suggestion is to organize a broad request for
> >> comments and input on possible paths forward.
> >
> > OK, well there's one fairly obvious solution which hasn't been
> > proposed or discussed. It would allow the end-to-end encryption and
> > would allow us to stay as popular in China as we are now.
> >
> > We could open a data centre in China, send frontend requests from
> > clients in China to that data centre, and comply with local censorship
> > and surveillance as required to continue such operation.
> >
> > It would be kind of like the cooperation we give to the US government
> > at the moment, except specific to readers in China instead of imposed
> > on everyone in the world.
> >
> > It would allow WMF to monitor censorship and surveillance by being in
> > the request loop. It would give WMF greater influence over local
> > policy, because our staff would be in direct contact with their staff.
> > We would be able to deliver clear error messages in place of censored
> > content, instead of a connection reset.
> >
> > -- Tim Starling
>
> Their orders would be classified; disclosure of them would be a crime.
> Not a problem for us, but a big problem for staff on the ground in China.
>
> Fred
>
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
>
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Peter Gervai]

On Tue, Sep 3, 2013 at 12:23 AM, Fred Bauder  wrote:

> Their orders would be classified; disclosure of them would be a crime.
> Not a problem for us, but a big problem for staff on the ground in China.

Indeed, I believe it may even be outright life threatening to have
strong connection to WMF China operation.

And as a sidenote it's the same in the US and the world in general
(and I do not know about the US but isn't it so that WMF can be forced
not to tell about data extraction). And let's face it: https is like a
5 mm diameter wire lock against a skilled bike thief. It is there but
will not stop skilled adversaries. But, obviously, that'd be also
classified, so I haven't mentioned it. Google it around.

g

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Peter Gervai]

On Tue, Sep 3, 2013 at 6:38 AM, Matthew Flaschen
 wrote:

> But as far as I know, the U.S. government has never blocked the general
> public from accessing a Wikipedia article, nor have they sent a takedown
> that was based on ideology/"social harmony"/etc.

Instead they use "terrorism" (or really anything they come up with)
poilerplate to monitor their and foreign citizens, illegally collect
personal data about them and monetize it or use to pressure or
threaten selected individuals, companies or agencies. They,
additionally, use various cease&desist processes (which is basically
the same as blocking but they let you do the work instead of them).
And it's just the same way based on ideology and social harminy as of
China, apart from that it's for a slightly different agenda.

China does censorship to prevent unwanted content, USA does
surveillance and pressure to prevent unwanted content. Not much of a
difference.

g

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Matthew Flaschen]

On 09/02/2013 06:17 PM, Tim Starling wrote:

It would allow WMF to monitor censorship and surveillance by being in
the request loop.


There's no guarantee they would accept HTTPS, even if there were still 
user surveillance inside the data center.


> It would be kind of like the cooperation we give to the US government
> at the moment, except specific to readers in China instead of imposed
> on everyone in the world.

This is apples and oranges, in my opinion.  Yes, the U.S. monitors 
Internet traffic in some circumstances.  And I assume they occasionally 
serve subpoenas and such to Wikimedia.


But as far as I know, the U.S. government has never blocked the general 
public from accessing a Wikipedia article, nor have they sent a takedown 
that was based on ideology/"social harmony"/etc.



We would be able to deliver clear error messages in place of censored
content, instead of a connection reset.


Not necessarily.  Google was delivering such censorship notes for a 
while 
(http://www.theguardian.com/technology/2013/jan/04/google-defeat-china-censorship-battle), 
but eventually conceded to China in a game of chicken.


As mentioned by other people, they also tried this approach of 
tolerating censorship in China for google.cn, but eventually pulled out. 
 google.cn is now just a picture of their home page that links to 
google.com.hk


I understand the goals of your hypothetical solution.  However, 
pragmatic matters aside, I think it's too far down the road of appeasing 
censorship.


Matt Flaschen

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[FT2]

There are many very sane comments in this thread.  I agree with most of
them -

   - Network encryption is important as one aspect;
   - "Local" threats and "digging dirt" are an important realistic threat
   (far more people are of interest to *THEIR OWN COMMUNITIES* vs nationally,
   or open to so many types of harm - defamation, humiliation, "Lulz");
   - Moving to https and forcing a serious look at technical implications
   and needed workarounds is a strong argument;
   - Asking those affected is a strong argument;
   - We are a global presence, so our stance, its strength, its
   "rightness", and the signal we send, are crucial.

With all respect to local editors, whose position I wish were better, there
is more at stake in Chinese and other affected Wikipedias, than China.
There are questions of internet/freedom/privacy-related beliefs, policies,
and directions -- what one might describe as the battleground for "privacy
of thought vs. state right to monitor thought". That is what it comes to,
whether now, or in 5 or 15 years.

I'm reminded of public reaction years back, to Google, when as a condition
of entry to China it agreed to filter its results. Part of the logic was
"better partial information and presence than none".  Did it help Google's
efforts in China? It was seen by many outside as a betrayal. Google had to
leave eventually. Are there lessons we should consider from others who have
tried different approaches in these countries?

I see no reason to believe that state oversight and interception will be
benevolent institutions - and would disregard assurances that they are
designed as such. History teaches over and again that fallibility and
expansion of power is the more usual rule, and good intentions easily turn
to dark uses. To take a simple scenario and how we are affected, if passage
of time and public indifference endorses states being "usually" able to
watch what one studies and writes on, how long before immigration, access
to medical or welfare services, legal rights, marginalization, 'staged'
crimes, targeting, accusations of sedition or "anti-state activity", and so
on, become informed by (among other things) a standard government lookup by
state authorities and law enforcement, of one's Wikipedia (or other online)
accesses, and negative interpretations of what those may "mean"? Self
censorship is a grave possibility, and will encroach from the edges.

To give specific examples, take a Western visitor to Russia who once 8
years ago edited a Wikipedia article adding a note on homosexuality policy
in a school or a legal case in a county. There is no expectation that a
state body would not save all data they can and even in US law a URL is
probably metadata and has no right of privacy. When immigration routinely
obtains visitors' names 72 hours in advance (as some countries expect and
others may demand as a norm) won't they at some time turn around and ask as
part of that process, what is known of possible visitors, and annotate
their immigration records with "Edits pro-jewish topics" or "Seems to
support homosexuality"? Perhaps editors on contentious topics (drugs,
abortion, religion) will have these noted by immigration and less ethical
law enforcement bodies seeking visitors to target, if editing or reading
patterns become easily accessible. The same goes double for editors
attempting to uphold NPOV in countries where this is a risk, and the act of
simply toning down articles that contain inappropriately POV tone in
locally controversial articles may put one at risk.

Twitter and Facebook may show ones daily life, but Wikipedia editing and
page reads show what one sees as areas of interest to inform others, and
areas to be informed oneself. There are workarounds but we can't simply say
"people should know" or "if they are at risk they shouldn't edit". That's
not sustainable.

While this isn't explicitly "known" to happen yet in the US or UK, I
suggest that it's likely to be a logical step round the corner, worldwide,
where state bodies seek to know in advance more about individuals, and
individuals screen and self-censor in response. We need that not to become
a habit, or NPOV can be kissed goodbye.

The profound and poignant comment appeared in one media report a month ago,
that people like Merkel do act as strong advocates of privacy precisely
because - *unlike* US and UK citizens - they have actually lived under the
Stasi. They know what a file on every person, or state access to innermost
and private thoughts "for the common good" truly means for a country.
We probably do need to do what we can to afford a safe ecosphere, as our
whole endeavor depends on it and we have the position to make that point.
It may be difficult, but we probably have a good call for discussing the
possible need to support the ball rolling.

FT2


On Mon, Sep 2, 2013 at 11:23 PM, Fred Bauder  wrote:

> > On 31/08/13 15:17, Erik Moeller wrote:
> >> It could be argued
> >> that it’s time to draw a l

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Fred Bauder]

> On 31/08/13 15:17, Erik Moeller wrote:
>> It could be argued
>> that it’s time to draw a line in the sand - if you’re prohibiting
>> the
>> use of encryption, you’re effectively not part of the web. You’re
>> subverting basic web technologies.
>
> China is not prohibiting encryption. They're prohibiting specific
> instances of encryption which facilitate circumvention of censorship.
>
>> So, what to do? My main suggestion is to organize a broad request for
>> comments and input on possible paths forward.
>
> OK, well there's one fairly obvious solution which hasn't been
> proposed or discussed. It would allow the end-to-end encryption and
> would allow us to stay as popular in China as we are now.
>
> We could open a data centre in China, send frontend requests from
> clients in China to that data centre, and comply with local censorship
> and surveillance as required to continue such operation.
>
> It would be kind of like the cooperation we give to the US government
> at the moment, except specific to readers in China instead of imposed
> on everyone in the world.
>
> It would allow WMF to monitor censorship and surveillance by being in
> the request loop. It would give WMF greater influence over local
> policy, because our staff would be in direct contact with their staff.
> We would be able to deliver clear error messages in place of censored
> content, instead of a connection reset.
>
> -- Tim Starling

Their orders would be classified; disclosure of them would be a crime.
Not a problem for us, but a big problem for staff on the ground in China.

Fred


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Gerard Meijssen]

Hoi,

HEAR HEAR !!

Thanks,
 Gerard


On 3 September 2013 00:17, Tim Starling  wrote:

> On 31/08/13 15:17, Erik Moeller wrote:
> > It could be argued
> > that it’s time to draw a line in the sand - if you’re prohibiting the
> > use of encryption, you’re effectively not part of the web. You’re
> > subverting basic web technologies.
>
> China is not prohibiting encryption. They're prohibiting specific
> instances of encryption which facilitate circumvention of censorship.
>
> > So, what to do? My main suggestion is to organize a broad request for
> > comments and input on possible paths forward.
>
> OK, well there's one fairly obvious solution which hasn't been
> proposed or discussed. It would allow the end-to-end encryption and
> would allow us to stay as popular in China as we are now.
>
> We could open a data centre in China, send frontend requests from
> clients in China to that data centre, and comply with local censorship
> and surveillance as required to continue such operation.
>
> It would be kind of like the cooperation we give to the US government
> at the moment, except specific to readers in China instead of imposed
> on everyone in the world.
>
> It would allow WMF to monitor censorship and surveillance by being in
> the request loop. It would give WMF greater influence over local
> policy, because our staff would be in direct contact with their staff.
> We would be able to deliver clear error messages in place of censored
> content, instead of a connection reset.
>
> -- Tim Starling
>
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,
> 
>
___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Tim Starling]

On 31/08/13 15:17, Erik Moeller wrote:
> It could be argued
> that it’s time to draw a line in the sand - if you’re prohibiting the
> use of encryption, you’re effectively not part of the web. You’re
> subverting basic web technologies.

China is not prohibiting encryption. They're prohibiting specific
instances of encryption which facilitate circumvention of censorship.

> So, what to do? My main suggestion is to organize a broad request for
> comments and input on possible paths forward.

OK, well there's one fairly obvious solution which hasn't been
proposed or discussed. It would allow the end-to-end encryption and
would allow us to stay as popular in China as we are now.

We could open a data centre in China, send frontend requests from
clients in China to that data centre, and comply with local censorship
and surveillance as required to continue such operation.

It would be kind of like the cooperation we give to the US government
at the moment, except specific to readers in China instead of imposed
on everyone in the world.

It would allow WMF to monitor censorship and surveillance by being in
the request loop. It would give WMF greater influence over local
policy, because our staff would be in direct contact with their staff.
We would be able to deliver clear error messages in place of censored
content, instead of a connection reset.

-- Tim Starling


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Victor Grigas]

I think that we should make a policy of https by default and grandfather-in
(https://en.wikipedia.org/wiki/Grandfather_clause)  exceptions to Iran and
PRC, reason being that

1. We should not exclude whole groups of existing Wikipedians simply
because of the government they happen to live within the jurisdiction of.

2. Any time anyone else says "wait well *they* have no https! What gives?
Why can't we have that?" We could cite the grandfathered-in nature of the
rule, and how we want to grant access to as many people as possible.

We could also say that grandfathered-in places would lose their status
permanently should the community of Wikipedians in such places decide to
change the http/https status.

On Aug 31, 2013, at 1:07 AM, Emmanuel Engelhart  wrote:

> Le 31/08/2013 07:17, Erik Moeller a écrit :
>> We can, of course, ask users in the affected countries. Given that
>> this may lead to degradation or loss of access, users are likely to be
>> opposed, and indeed, when plans to expand HTTPS usage were announced,
>> a group of Chinese Wikipedians published an open letter asking for
>> exemptions to be implemented:
>>
>>
https://zh.wikipedia.org/wiki/Wikipedia:%E5%BC%BA%E5%88%B6%E5%8A%A0%E5%AF%86%E7%99%BB%E5%BD%95/openletter
>>
>> This was a big part of what drove the decision to implement exemptions.
>
> This attitude seems to be, on a first look, the most logical and
> respectful one.
>
> But, I want to be remember, that the risk perception is often not
> proportional *at all* to the risk itself. In daily life, many risks are
> suppressed because the imagination of a constant threat would paralyse
> all activities. So, this feedback from the Chinese community should be
> handled carefully.
>
> I tend myself to think that deploying HTTPS everywhere and force its
> usage is the best long term approach.
>
> However, this is without any doubt, a difficult dilemma.
>
> Emmanuel
> --
> Kiwix - Wikipedia Offline & more
> * Web: http://www.kiwix.org
> * Twitter: https://twitter.com/KiwixOffline
> * more: http://www.kiwix.org/wiki/Communication
>
> ___
> Wikimedia-l mailing list
> Wikimedia-l@lists.wikimedia.org
> Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l,

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Marc A. Pelletier]

On 09/02/2013 12:08 PM, MZMcBride wrote:
> What information, exactly, are we trying to prevent
> governments from getting ahold of?

There are three such things, in (my personal) order of importance:

1) credentials, especially those of editors that have rights allowing
further privacy encroachments (i.e., checkuser, oversight, even sysop to
some degree);

2) association between user account and person (this one is /especially/
difficult to hide to a determined attacker that can do whole-network
monitoring); and

3) what users are interested in (reading), whether logged in or not.

But I should also add that governments are most certainly not the only
entity we are trying to protect against; anyone in a position of
authority - or who would like to position themselves as such - are
potential attackers that might like to collect information to use
against their targets.  This means employers, schools, parents, and
multitude others.

Governments seem the most salient mostly because they have the capacity
to do so on a massive scale; but to me scenarios like a fellow student
doing a tcpdump in the lab to find "dirt" to use against someone is at
least as important to protect against.

All of those three points are greatly countered with *uniform*
encryption at the network level (ranging from "solved" for the amateur
attackers to "vastly increased cost and complexity of mass monitoring"
for the bigger ones).

-- Marc


___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[MZMcBride]

Erik Moeller wrote:
>So, what to do? My main suggestion is to organize a broad request for
>comments and input on possible paths forward. I think we’re doing the
>right thing by initially implementing these exemptions -- but I do
>think this decision needs to finally rest with the Board of the
>Wikimedia Foundation, based on community input, taking the tradeoffs
>into account.

Thanks for writing out these thoughts. A broad request for comments and
input seems reasonable, though there seems to be quite a bit of work
needed to get ready to begin such a discussion.

>My own stance, which I will continue to argue for (and which is my
>view as an individual -- there are many divergent opinions on this
>even inside WMF), is clear: I think we should set a deadline for the
>current approach, and shift to HTTPS for all traffic, for all sites,
>for all users, by default, after that deadline passes. This will force
>us to take the consequences of that shift seriously, and to explore
>alternatives to designing our technical policies around the practices
>of regimes that undermine web security in order to better censor and
>monitor their citizens.

I think it would help the conversation to have more data. Everybody knows
that there are over a billion people in China. However, how many people
globally can't use HTTPS (for whatever reason)? What is that breakdown by
country? How many users have opted out of HTTPS via user preference?

There's merit to the idea of ignoring user-hostile countries such as Iran
and China and cutting them off: certainly it's a mess of their own making.
But it seems to me that this idea is orthogonal to the idea that Wikimedia
needs to make a political point, engage in political advocacy, or take a
stand. Wikimedia is in the business of spreading free educational content.
It seems to me that getting involved in politics leads down a perilous
path that could ultimately destroy Wikimedia.

Of course, we've already decided to act by specifically exempting certain
countries from the new HTTPS requirement. But there might be a strong
contingent of users in the community that feels we should stop exempting
countries (i.e., treat everybody the same), but also _not_ be involved in
attempting to subvert whichever government monitoring we feel is most
egregious. While we can pretend as though it's only China and Iran, many
countries are spying on their own people at various levels.

And it becomes a question of cost versus benefit, much like everything
else that Wikimedia decides to work on. There's a very public trail of any
edits that you make. What information, exactly, are we trying to prevent
governments from getting ahold of? I think a stronger, clearer case for
what benefits Wikimedia will see would help justify (or help eliminate)
some of the proposed costs.

Both the community and the Board need to think about these questions and
their answers and ultimately address how to move forward.

MZMcBride



___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Denny Vrandečić]

There are three groups to consider, readers, contributors without and
contributors with specific rights that allow them access to data which is
not publicly visible anyway:

For readers: Readers will not have reduced access to knowledge. I think
that runs against our mission. There are a number of possible reactions:
1) nothing, and the readers cannot access this knowledge anymore
2) readers move to alternatives like Baidu Knows
3) an HTTP proxy will be set up by a third party, giving access to readers
without the supervision and guidance of the WMF, and potentially with
technical and even more serious security issues
What is the advantage for readers to not have access to the HTTP version?

For contributors without specific rights:
 1) what they do is publicly visible anyway, and logged. What is in danger
is the connection between them and their login. Would HTTPS help with that?
2) most of these contributors do not touch sensitive issues. Why block them
out? For what advantage?

For contributors with specific rights:
1) HTTPS only. Putting the contributors themselves in risk is bad enough,
but compromising further contributors is not acceptable.
2) How many would be affected by this anyway? I would be pleasantly
surprised if it is more than a handful.

I think this is an important and hard discussion, and I hope for wide
participation. Thank you Erik, for starting it.

Cheers,
Denny



2013/8/31 Erik Moeller 

> Hi folks,
>
> As many of you know, this week we enabled HTTPS for logged-in users of
> Wikimedia projects. See:
>
>
> https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/
>
> We have geographically exempted users geo-located to China or Iran
> from this [1], because these countries mostly block HTTPS traffic and
> requiring HTTPS for logged-in users would make it impossible for users
> in these countries to log in.
>
> Long term, we’d like to increase HTTPS coverage further, initially by
> marking the HTTPS versions of our pages as "canonical", which would
> cause search engines to refer to them instead of the unencrypted
> content. This would make issues with countries that block HTTPS
> traffic even more complex to deal with.
>
> HTTPS for editors is important because it is otherwise trivial to
> sniff account credentials, especially when users use unencrypted
> connections such as open wireless networks. This could potentially
> enable an attacker to gain access to an account with significant
> privileges, such as checkuser credentials. Beyond that, HTTPS makes it
> harder for attackers (individuals, organizations, governments) to
> monitor user behavior of readers and editors. It’s not perfect by any
> means, but it’s a step towards more privacy and security.
>
> There are many sites on the web now that use HTTPS for all
> transactions. For example, Twitter and Facebook use HTTPS by default.
> Both sites are also completely blocked in mainland China. [2]
>
> Disabling HTTPS-by-default in regions where HTTPS is blocked for
> political reasons of course also exposes affected users to monitoring
> and credentials-theft -- which is likely part of the political
> motivation for blocking it in the first place. Therefore, our current
> exemption is an explicit choice to _not_ give users a degree of
> security that we give to everyone else, for the simple reason that
> their government would otherwise completely limit their access.
>
> If they know how to make HTTPS work in their region, these users will
> still be able to use it by explicitly visiting the HTTPS URLs or use
> an extension such as HTTPSEverywhere to enforce HTTPS usage.
>
> In the long term, the Wikimedia movement is faced with a choice, which
> is inherently political: Should we indefinitely sustain security
> exceptions for regions that prevent the use of encryption, or should
> we shift to an alternative strategy? How do we answer that question?
>
> We can, of course, ask users in the affected countries. Given that
> this may lead to degradation or loss of access, users are likely to be
> opposed, and indeed, when plans to expand HTTPS usage were announced,
> a group of Chinese Wikipedians published an open letter asking for
> exemptions to be implemented:
>
>
> https://zh.wikipedia.org/wiki/Wikipedia:%E5%BC%BA%E5%88%B6%E5%8A%A0%E5%AF%86%E7%99%BB%E5%BD%95/openletter
>
> This was a big part of what drove the decision to implement exemptions.
>
> The bigger consideration here, however, is whether any such
> accommodation achieves positive or negative long term effects. The
> argument against it goes like this: If we accommodate the PRC’s or
> Iran’s censorship practices, we are complicit in their attempts to
> monitor and control their citizenry. If a privileged user’s
> credentials (e.g. Checkuser) are misused by the government through
> monitoring of unencrypted traffic, for example, this is an action that
> would not have been possible without our exemption. This could
> potentially expose even user

Re: [Wikimedia-l] Wikimedia and the politics of encryption

[Emmanuel Engelhart]

Le 31/08/2013 07:17, Erik Moeller a écrit :
> We can, of course, ask users in the affected countries. Given that
> this may lead to degradation or loss of access, users are likely to be
> opposed, and indeed, when plans to expand HTTPS usage were announced,
> a group of Chinese Wikipedians published an open letter asking for
> exemptions to be implemented:
> 
> https://zh.wikipedia.org/wiki/Wikipedia:%E5%BC%BA%E5%88%B6%E5%8A%A0%E5%AF%86%E7%99%BB%E5%BD%95/openletter
> 
> This was a big part of what drove the decision to implement exemptions.

This attitude seems to be, on a first look, the most logical and
respectful one.

But, I want to be remember, that the risk perception is often not
proportional *at all* to the risk itself. In daily life, many risks are
suppressed because the imagination of a constant threat would paralyse
all activities. So, this feedback from the Chinese community should be
handled carefully.

I tend myself to think that deploying HTTPS everywhere and force its
usage is the best long term approach.

However, this is without any doubt, a difficult dilemma.

Emmanuel
-- 
Kiwix - Wikipedia Offline & more
* Web: http://www.kiwix.org
* Twitter: https://twitter.com/KiwixOffline
* more: http://www.kiwix.org/wiki/Communication

___
Wikimedia-l mailing list
Wikimedia-l@lists.wikimedia.org
Unsubscribe: https://lists.wikimedia.org/mailman/listinfo/wikimedia-l, 

[Wikimedia-l] Wikimedia and the politics of encryption

[Erik Moeller]

Hi folks,

As many of you know, this week we enabled HTTPS for logged-in users of
Wikimedia projects. See:

https://blog.wikimedia.org/2013/08/28/https-default-logged-in-users-wikimedia-sites/

We have geographically exempted users geo-located to China or Iran
from this [1], because these countries mostly block HTTPS traffic and
requiring HTTPS for logged-in users would make it impossible for users
in these countries to log in.

Long term, we’d like to increase HTTPS coverage further, initially by
marking the HTTPS versions of our pages as "canonical", which would
cause search engines to refer to them instead of the unencrypted
content. This would make issues with countries that block HTTPS
traffic even more complex to deal with.

HTTPS for editors is important because it is otherwise trivial to
sniff account credentials, especially when users use unencrypted
connections such as open wireless networks. This could potentially
enable an attacker to gain access to an account with significant
privileges, such as checkuser credentials. Beyond that, HTTPS makes it
harder for attackers (individuals, organizations, governments) to
monitor user behavior of readers and editors. It’s not perfect by any
means, but it’s a step towards more privacy and security.

There are many sites on the web now that use HTTPS for all
transactions. For example, Twitter and Facebook use HTTPS by default.
Both sites are also completely blocked in mainland China. [2]

Disabling HTTPS-by-default in regions where HTTPS is blocked for
political reasons of course also exposes affected users to monitoring
and credentials-theft -- which is likely part of the political
motivation for blocking it in the first place. Therefore, our current
exemption is an explicit choice to _not_ give users a degree of
security that we give to everyone else, for the simple reason that
their government would otherwise completely limit their access.

If they know how to make HTTPS work in their region, these users will
still be able to use it by explicitly visiting the HTTPS URLs or use
an extension such as HTTPSEverywhere to enforce HTTPS usage.

In the long term, the Wikimedia movement is faced with a choice, which
is inherently political: Should we indefinitely sustain security
exceptions for regions that prevent the use of encryption, or should
we shift to an alternative strategy? How do we answer that question?

We can, of course, ask users in the affected countries. Given that
this may lead to degradation or loss of access, users are likely to be
opposed, and indeed, when plans to expand HTTPS usage were announced,
a group of Chinese Wikipedians published an open letter asking for
exemptions to be implemented:

https://zh.wikipedia.org/wiki/Wikipedia:%E5%BC%BA%E5%88%B6%E5%8A%A0%E5%AF%86%E7%99%BB%E5%BD%95/openletter

This was a big part of what drove the decision to implement exemptions.

The bigger consideration here, however, is whether any such
accommodation achieves positive or negative long term effects. The
argument against it goes like this: If we accommodate the PRC’s or
Iran’s censorship practices, we are complicit in their attempts to
monitor and control their citizenry. If a privileged user’s
credentials (e.g. Checkuser) are misused by the government through
monitoring of unencrypted traffic, for example, this is an action that
would not have been possible without our exemption. This could
potentially expose even users not in the affected country to risks.

Moreover, Wikimedia is not just any website -- it’s a top 5 web
property, and the only non-profit organization among the top sites.
Our actions can have signalling effects on the rest of the web. By
exempting China and Iran from standard security measures, we are
treating them as part of the global web community. It could be argued
that it’s time to draw a line in the sand - if you’re prohibiting the
use of encryption, you’re effectively not part of the web. You’re
subverting basic web technologies.

Drawing this hard line clearly has negative near term effects on the
citizenry of affected countries. But the more the rest of the world
comes together in saying "What you are doing is wrong. Stop it." - the
harder it will be for outlier countries to continue doing it.  Another
way to pose the question is: Would we be implementing these exemptions
if China had blocked HTTPS traffic well after we switched to HTTPS?

Moreover, we’re not helpless against censorship. There _are_ effective
tools that can be used to circumvent attempts to censor and control
the Internet. Perhaps it is time for WMF to ally with the
organizations that develop and promote such tools, rather than looking
for ways to guarantee basic site operation in hostile environments
even at the expense of user privacy.

So, what to do? My main suggestion is to organize a broad request for
comments and input on possible paths forward. I think we’re doing the
right thing by initially implementing these exemptions -- but I do
think this deci