by Julie Lavoie <jlv@alcor.concordia.ca>
On the first day of the tenth Computers, Freedom and Privacy conference, workshop organiser Lenny Foner sports a t-shirt showing the classic OSI 7-layer model topped by two additional layers: legal and political. An arrow points to the political layer. "You are here", the t-shirt reads.
"You are here", indeed. At CFP, hackers, privacy activists, lawyers, cypherpunks and spooks meet to discuss technology policy and politics. This is no low-level technical conference. There are few nitty-gritty technical issues, and a lot of policy, design, and planning for the future.
This is the conference that Bruce Sterling praises in the closing chapter of "The Hacker Crackdown". With good reason: my week at CFP was an exciting one. The people were interesting and intelligent, the parties good, and the talks and workshops thought-provoking. The conference gave me a much broader social and political context for technology, and drove home to me the importance of taking an active role in shaping its future.
This workshop brought together implementors and policy makers to discuss design issues. The call for participation for the workshop stated:
"Our exploration of technology includes (a) implemented, fielded systems, and (b) what principles and architectures should be developed, including which open problems must be solved, to implement and field novel systems that can be inherently protective of civil liberties."
The three topics under discussion were:
This workshop was really cool and generative; both the panel and the audience threw around lots of interesting ideas. Not a lot of actual conclusions were reached, though. If the goal is to come up with prototypes and designs, it might be better served by limiting the list of topics for next year. A highly promising and interesting workshop, still.
Steve Talbott cautionned us about the evils of technology, noting that more and faster technology is not always better. While I agree that we need to question and be aware of what we do with technology, most of Steve's points were obvious to anyone thinking about the topic for more than 5 minutes, and he failed to offer any interesting and viable alternatives to our current "better, faster, more" run for technological progress. Simson Garfinkel's resulting comment that Steve's over-generalisation weakened his good points sums up this talk well.
High-speed Internet access means that more and more home users are leaving PCs online 24 hours a day. This leads to non-trivial security problems, as manifest in the latest DDOS attacks; home users often have little or no security knowledge, and their machines are easily compromised.
I had noticed this problem a year ago with new users on Linux-Quebec, and gave some talks on basic Unix security to educate those users about protecting their systems. This panel dealt with the issue on a higher level, asking what could be done at the ISP, telco or legal level. Some suggestions were to throw out certain traffic at the router level, to provide consumers with hardware firewalls-in-a-box and to provide user education to the masses. Simson Garfinkel disagreed with the idea of user education and noted that we don't rely on user education for drugs, or what does into the food, and shouldn't rely on it for computer security.
Another question that I would liked to see discussed is, where is the legal liability of software vendors? All the Unix flavors I've worked with ship with a horribly insecure default configuration, and other OSes are hardly better (can you say "Microsoft"?) Should vendors be held legally liable for shipping defective or blatantly insecure products? I expect to see more interest in this issue now that big money has arrived on the Internet, and security no longer only has implications for computers geeks, but also for J. Random Consumer who wants to bank online and buy online and whose medical and school records will be kept online.
Neal is brilliant in writing, and did not disappoint in person. His talk roamed from Sherlock Holmes to the game of Go, the works of Christian pacifist author Walter Wink, and a toxic whistle-blower's real life encounter with Big Brother. About 3/4s thru his talk he managed to tie all these seemingly disparate threads together into some kind of magnificent -voila!- moment where it all fell dazzlingly into place, kind of like a really cool math proof.
His talk gave me the eerie feeling that while those present were discussing today and tomorrow, Neal suddenly turned around and framed the discussion in terms of 10 years from now. He challenged the idea of a monolithic Big Brother, and introduced the model of smaller, less-omnipotent systems of domination. He noted that humans like to pick something and worry about it while completing forgetting other threats and suggested that a more balanced view might be optimal. He gives the example of the probable threat model for your everyday caveman, 1000s of years ago, showing large pie chart with two slices: one very large slice taking up most of the graph, labelled "Hyenas", and a tiny slice labelled "Other". He then presents a pie chart for the threat model of your modern-day crypto/privacy geek: a large slice labelled "Big Brother", and a tiny slice labelled "Other". Gavin de Becker in his excellent book on self-defence "The Gift of Fear" advanced a similar idea, noting that the same people who refuse to fly for fear of terrorists or crashes will often be the same ones who chain-smoke while speeding down the highway, seat-belt unbuckled.
While praising those present for their excellent work in preserving freedom, he questioned relying only on the old cypherpunk wisdom of protecting freedom thru mathematics, not laws. He noted that what one isolated person can do to resist domination is limited compared to what a group, a city, or large community can do, and noted that the preservation of our freedom might lie less in a lone person writing crypto in her basement than in our ability to form networks and alliances with others.
The EFF awards kicked off with a prize being awarded to the team which had recently found the world's largest known prime: a 2 million digits number. Some mathematicians (names?) came on to talk about the history of the search for larger and larger primes, and how the search for such numbers drove advances in computation and mathematics. One of the team members (name?) accepted the check and mentioned that as a consequence of his discovery he received a lot of mail from kids having to find the greatest known prime as part of their homework. He noted that thru the biggest prime search, a whole new generation of kids were becoming interested in mathematics. Being a math geek, I found this so awesome that tears came to my eyes. Whoa.
The EFF Pioneer awards honors people who had contributed a lot to computer science. This year's winners were:
This last award was the most unexpected and the most cool. So cool, in fact, that Whitfield Diffie, (of 'Diffie-Hellman' fame (ah, the awesome coolness of living in a world where people don't have a clue about what's on TV but recognise who crypto algorithms are named for. Life is good. ) spontaneously came up to the podium to kfell about the award. He said that when he was first researching and working on DH, everyone he asked for information would say (cue ominous voice) "Why do you want to know?" Everyone except librarians, who always freely gave him information and were very helpful to his research.
The presenter spoke movingly about the importance of libraries and librarians in his early life and noted that many people there probably shared that experience. You can be a kid in some dorky small town where no one is as smart as you, and the day you discover libraries, an entire world of knowledge beyond anything in your immediate surroundings opens up to you.
I have long considered learning to read one of the most significant blessings and saving graces of my lifetime, so this rang true with me. If I ever acquire software millions, I think that I shall donate some of them to libraries.
Karen G. Schneider accepted the award on behalf of librarians everywhere. They could not have chosen a better spokesperson. Schneider is highly active in fighting against censorware in libraries. (She relates that someone recently said to her: "When I think of pornography and the Internet, I think of you." "Not really what I would choose for my 15 minutes", she says, "but I'll take it.")
She enumerates 5 different cases where librarians have been active and successful in fighting censorship, including the recent one in Holland, MI, much talked about on the Peacefire list.
Cryptorights promotes cryptography as a way of protecting human rights, and does cool things like help human rights workers in the field figure out how to use PGP to protect their communications. I long wondered if my choice to become a computer scientist was a selfish one in a social sense; I kept having this feeling that if I really cared about the world I would be chaining myself to trees, or doing some other radical activist activity. When I first read about Cryptorights I realized that there was a lot of room to fight for freedom and do good for the world simply by doing what I loved.
Dave Del Torto generated the root key, which will be used as a meta-introducer to sign new keys for Cryptorights. He explained the steps that he took with a fair bit of detail, and Phil Zimmerman was in attendance to field any additional questions, so the BOF also proved to be a good intro to PGP for newbies. DDT then encouraged those present to sign the key.
After discovering that City Hall was closed and chaotically relocating to the University of Toronto Library, not much happened at the cypherpunks meeting. Robert Guerra spoke about compiling PGP from source, a topic that surprised me for a second until I realised that not everyone is an anal-retentive Unix geek that *always* compiles from source, especially things like PGP.
People introduced themselves and talked about their interests and work. Other meeting topics:
The best quote of the entire week came from a UofT
student sitting nearby who had no doubt been listening to the ongoing
conversation for a while. He leaned over to the CP table and asked "Are you
guys from some kind of weird X-Files convention?", sending the table into fits
of laughter. "Yes", replied a meeting-goer.
| jlv@alcor.concordia.ca | Back to my home page. |