Haystack vs How The Internet Works»
There’s been a lot of alarming but rather brief statements in the past few days about Haystack, the anti-censorship software connected with the Iranian Green Movement. Austin Heap, the co-creator of Haystack and co-founder of parent non-profit, the Censorship Research Center, stated that the CRC had “halted ongoing testing of Haystack in Iran”; EFF made a short announcement urging people to stop using the client software; the Washington Post wrote about unnamed “engineers” who said that “lax security in the Haystack program could hurt users in Iran”.
A few smart people asked the obvious, unanswered question: What exactly happened? Between all those stern statements, there is little public information about why the public view of Haystack switched from it being a “step forward for activists working in repressive environments” that provides “completely uncensored access to the internet from Iran while simultaneously protecting the user’s identity” to being something that no-one should ever consider using.
Obviously, some security flaw in Haystack had become apparent. But why was the flaw not more widely documented? And why now?
As someone who knows a bit of the back story, I’ll give as much information as I can. Firstly, let me say I am frustrated that I cannot provide all the details. After all, I believe the problem with Haystack all along has been due to explanations denied: either because its creators avoided them, or because those who publicized Haystack failed to demand them. I hope I can convey why we still have one more incomplete explanation to attach to Haystack’s name.
(Those who’d like to read the broader context for what follows should look to the discussions on the Liberation Technology mailing list. It’s an open and public mailing list, but it with moderated subscriptions and with the archives locked for subscribers only. I’m hoping to get permission to publish the core of the Haystack discussion more publicly.)
First, the question that I get asked most often: why make such a fuss, when the word on the street is that a year on from its original announcement, the Haystack service was almost completely nonexistent, a beta product restricted to only a few test users, all of whom were in continuous contact with its creators?
One of the many new facts about Haystack that the large team of external investigators, led by Jacob Appelbaum and Evgeny Morozov, have learned in the past few days is that there were more users of Haystack software than Haystack’s creators knew. Despite the lack of a “public” executable for examination, versions of the Haystack binary were being passed around, just like “unofficial” copies of Windows (or videos of Iranian political violence) get passed around. Copying: it’s how the Internet works.
But the understood structure of Haystack included a centralized, server-based model for providing the final leg of censorship circumvention. We were assured that Haystack had a high granularity of control over usage. Surely those servers blocked rogue copies, and ensured that bootleg Haystacks were excluded from the service?
Apparently not. Last Friday, Jacob Appelbaum approached me with some preliminary concerns about the security of the Haystack system. I brokered a conversation between him, Austin Heap, Haystack developer Dan Colascione and the CEO of CRC CRC’s Director of Development, Babak Siavoshy. Concerned by what Jacob had deduced about the system, Austin announced that he was shutting down Haystack’s central servers, and would keep Haystack down until the problems were resolved.
Shortly after, Jacob obtained a Haystack client binary. On Sunday evening, Jacob was able to conclusively demonstrate to me that he could still use Haystack using this client via Austin’s servers.
When I confronted Austin with proof of this act, on the phone, he denied it was possible. He repeated his statement that Haystack was shut down. He also said that Jacob’s client had been “permanently disabled”. This was all said as I watched Jacob using Haystack, with his supposedly “disabled” client, using the same Haystack servers Austin claimed were no longer operational.
It appeared that Haystack’s administrator did not or could not effectively track his users and that the methods he believed would lock them out were ineffective. More brutally, it also demonstrated that the CRC did not seem able to adequately monitor nor administrate their half of the live Haystack service.
Rogue clients; no apparent control. This is why I and others decided to make a big noise on Monday: it was not a matter of letting just CRC’s official Haystack testers quietly know of problems; we feared there was a potentially wider and vulnerable pool of users who were background users of Haystack that none of us, including CRC, knew how to directly reach.
Which brings us to the next question: why reach out and tell people to stop using Haystack?
As you might imagine from the above description of Haystack’s system management, on close and independent examination the Haystack system as a whole, including these untracked binaries, turn out to have very little protection from a high number of potential attacks — including attacks that do not need Haystack server availability. I can’t tell you the details; you’ll have to take it on my word that everyone who learns about them is shocked by their extent. When I spelled them out to Haystack’s core developer, Dan Colascione late on Sunday, he was shocked too (he resigned from Haystack’s parent non-profit the Censorship Research Center last night, which I believe effectively kills Haystack as a going concern. CRC’s advisory board have also resigned.)
Deciding whether publishing further details of these flaws put Haystack users in danger is not just a technical question. Does the Iranian government have sufficient motivation to hurt Haystack users, even if they’re just curious kids who passed a strange and exotic binary around? There’s no evidence the Iranian government has gone after the users of other censorship circumvention systems. The original branding of Haystack as “Green Movement” software may increase the apparent value of constructing an attack against Haystack, but Haystack client owners do not have any connection with the sort of high-value targets a government might take an interest in. The average Haystack client owner is probably some bright mischievous kid who snagged it to access Facebook.
Lessons? Well, as many have noted, reporters do need to ask more questions about too-good-to-be-true technology stories. Coders and architects need to realize (as most do) that you simply can’t build a safe, secure, reliable system without consulting with other people in the field, especially when your real adversary is a powerful and resourceful state-sized actor, and this is your first major project. The Haystack designers lived in deliberate isolation from a large community that repeatedly reached out to try and help them. That too is a very bad idea. Open and closed systems alike need independent security audits.
These are old lessons, repeatedly taught.
New lessons? Well, I’ve learned that even apparent vaporware can have damaging consequences (I originally got re-involved in investigating Haystack because I was worried the lack of a real Haystack behind the hype might encourage Iranian-government fake Haystack malware — as though such things were even needed!).
Should one be a good cop or a bad cop? I remember sitting in a dark bar in San Francisco back in July of 2009, trying to persuade a blasé Heap to submit Haystack for an independent security audit. I spoke honestly to anyone who contacted me at EFF or CPJ about my concerns, and would prod other human rights activists to share what we knew about Haystack whenever I met them (most of us were skeptical of his operation, but without sufficient evidence to make a public case). I encouraged journalists to investigate the back story to Haystack. I kept a channel open to Austin throughout all of this, which I used to occasionally nudge him toward obtaining an audit of his system, and, finally, get a demonstration that answered some of our questions (and raised many more). Perhaps I should have acted more directly and publicly and sooner?
And I think about Austin Heaps’ own end quote from his Newsweek article in August, surely the height of his fame.”A mischievous kid will show you how the Internet works”, he warns. The Internet is mischievous kids; you try and work around them at your peril. And theirs.
the secret history of ntk»
I know that this blog (and probably me as a person) are firmly categorised with the “where_are_they_now” nostalgia tag in most people’s RSS feeds: it behooves me, therefore, to point you to this fantastic interview with me and Dave on the only podcast I ever regularly download and listen to while doing the washing-up, Shift Run Stop. Roo and Leila got to ask all the questions that I (and I’m sure you) rhetorically ask late at night, including “Will NTK be returning for a second series?” and “How can marketing ruin a perfectly nice mascarpone and pineapple confectionery snack?”
Even without me in it, Shift Run Stop is one of the best-edited and hilarious geek podcasts out there. If you really are jonesing for an NTK-like fix in your modern 21st century life, you should subscribe, donate, floss, whatever to it. There will be no regrets.
I don’t know why but from the age of eight to I think fifteen, I just assumed every drawing of a bearded man in or on Personal Computer World was meant to be Guy Kewney. He was the model journalist to me– why wouldn’t he also be the model for all those techies PCW’s graphic editors had to draw?
As a pre-teen, I was a Personal Computer World kid. I loved the binding, the glossy cover, the thick tall pages, the sprawling reviews, the narrow columns of crazy computer classifieds that would stand like columns over pages and pages and pages of dot-matrix printed listings at the back, the love-hate relationship with the dull business business that would dog it into the grey IBM years, the arty covers, the bearded pundits. But most of all I loved reading Guy Kewney, the beardyist pundit of all.
Cromemco and Nascom, Siriuses and Osbornes. They seemed like far-off planets, and Kewney seemed like some pipe-smoking Dan Dare, giving a jocular downbeat debriefing in the mess, of his latest voyages with the Osborne or the COSMAC ELF, even when the most exciting software they did was inventory management. Kewney made even dull corporate machinations the stuff of high drama.
Aged 10 or 11, I would run around the house playing these elaborate fantasy games, muttering under my breath stage directions, and leaping from chair to chair in our living room. My adventures were set — and I am not joking here — in a 21st century where Apple-IBM and Sinclair-Acorn would heroically battle as giant zaibatsu corporations flying amazing robot battalions around in space. The dramatic climax would always involve me, as the captain of the flagship of the corporate fleet, controller of the inventory, master of the Science of Cambridge, shouting some secret password that would override all the command centers of the opposing army. My favourite Words Of Power in these fantasies was Angelo Zgorelec!, the mystical founder of PCW, whose name appeared on every issue’s masthead, and who I imagined to be a Tharg-like being of supreme wisdom (and great aural resonance).
But the person from whose writing I drew the strategies and the battles and the drama of those corporate tussles was Kewney.
Also not Guy.
I still remember one of his columns. In it, Kewney, boggling at the effort to which software publisher Acornsoft had gone to copy-protect software , published the one-line command for rendering its primitive DRM completely useless. I don’t remember the details, but I do recall just stopping and staring and then laughing and rocking in glee at the audacity of it, and wondering why no-one ever said all those other hidden incantations that I was sure existed out loud in other newspapers and magazines. Then I watched him defend his decision after a barrage of outraged readers (swamped by those who cheered him on) chastised him the next month. It really stuck in my mind as this example of the power of words to unwind elaborate but unsustainable practices.
John Lettice says in his obituary that PCW had to pay Acorn for that Kewney column. They shouldn’t have. And if they had to because of the law, well then, the law was wrong: spelling out these magical words of power, causing corporate battalions to flash out of existence at a single, carefully-researched command, really was Kewney’s job, and he did it masterfully.
I met him once. I’d just started writing for PCW myself, in about 1990, only to discover that my rapid promotion to the flagship of the British tech mag fleet was because they’d sacked all the old guard in a labour dispute and were desperate to fill those gaping pages with cheap young new writers. I tagged along to some press conference and actually overhearing David Tebbutt or Christopher Bidmead or some other Elder God complaining loudly about the wide-eyed children who had stolen everyone’s jobs, yet wouldn’t stop babbling about how honoured they were to meet them.
After that, I always averted my eyes and ceased to bother the titans. When I finally met Kewney, I think I just stood awkwardly by his side, surely making him even more uncomfortable than he must have been.
Or looked. To me, some idiot kid, he did not look well. When I said this to equally squeaky kid co-worker, they told me he had always looked ill, a boney, pale man who was constantly being stabbed with allergies and posture problems, aches and pains and deadlines and all-nighters, triumphing over the all to file his copy mere hours before printers might knock down his door and wring his neck.
I found this hard to believe, because he always looked so erect and noble in his byline pictures. Also in all those cover paintings of him. And in those games where he flew across the corporate landscape, making the world change with a word or two. It just made him seem all the braver.
Now Guy Kewney is gone, and I have this beard, but the words of power are all gone too. And frankly, I do not feel too well myself. Timor mortis conturbat me.
brother against brother»
Oh, but I hate it when the Internets fight! The argument rending my family — and you are all family, to me — it seems so unnecessary. Right now, it is broadly missummarised as: a) you hate my iPad because you’re old geeks who can’t get hep and want all my family to struggle with the command line, and b) you love your iPad because you HATE FREEDOM and are TOO DUMB to OPERATE a PROPER MANUAL LOOM and are Steve Job’s LITTLE CONSUMERIST POODLE THE SIZE OF WILLIAM GIBSON’S BABY HIPPO.
Here’s how to end this pain. Imagine an iPad. It’s the same iPad, built by Jobs and Ives and the rest of Apple in absolute secrecy, beholden to no-one, built on proprietary MacOS and unicorns and last Xerox Silmaril’s gleaming. It has the same Apple App store, same SDK, same no filing system, same no multitasking, same whatever. Only buried deep in the Settings, buried under “Battery Percentage”, “Factory Reset”, there’s an option that says “Allow Third-Party Applications”. Its default is not to allow that. But you can flip it to say “yes”.
Apple doesn’t have to put that option in. But if they did, I think most of us who are discomfited by the iPad would feel a lot less weirded out. And I guess the question is: are those who are angered by the negative iPad response think that one concession would instantly sink it, in terms of usability and being “the future of technology”, and so on? After all, both Cory Doctorow and John Gruber want Hypercard. Right now, Hypercard would violate Apple’s ban on interpreted content on the iPhone OS. What would happen if Apple changed its policy just a little, to allow us to have one fewer gatekeepers again? Would that be okay? Could we all learn to love one another again?
cd-roms and ipads»
Watching that $14 Elements demo for the iPad reminded me again of the throwaway line that geeks of a certain age make of the iPad — that it all seems a bit CD-ROM.
For those of you blessed with senile amnesia or youth, CD-ROMs were the first wave of “interactive media” in the mid-eighties, and the great hope for publishing houses struggling to understand what they might be doing in the 21st century. Companies from Dorling-Kindersley to News Corp threw millions into CD-ROM publishing, with very little ultimate return. They’d do some fancy-schmancy David Bowie joint project, or an incredibly complex animated re-working of their existing bestsellers. Each one won more awards than it sold copies, and eventually those “interactive divisions” were rolled into the “online media” departments, where their designers would get drunk and bitter, until one night they were sacked after uploading 640MB Adobe Director files onto the website front page.
look before you jump
Back then, geeks were unused to other industry sectors barging into our little rustic byte farmyards with their fancy suits and corporate expense accounts, braying triumphantly about digital convergence, and then, seconds later, striding into the business-model threshing machine that thrummed in the corner. We did not know then that there was a queue of people like this, waiting to dance past us into the bloody knives. We watched their cockiness with alarm, not with the disdain that would come later (and definitely not with own brand of hubristic Internet rockstar smugness, the smugness that tempts us all to look a bit less closely at ourselves, and a bit more closely at that thresher).
No, back then it was all a bit shocking. We assumed these people knew what they were doing. God knows we knew we didn’t have a clue. The only way we knew how to fill a CD-ROM was burning a complete archive of Fred Fish Amiga Freeware on it. Seven hundred megabytes just seemed an insanely large amount to want to fill with professional product.
Subsequent to the threshing, people muttered about how it was the Internet that killed the CD-ROM, but I think that, as ever, the real murderer was economics. A “professional” CD-ROM was just too expensive to produce, relative to the format it was generally parasitical upon.
The classic example for me was the brief phase of magazines including a free CD-ROM on the front of their mag. Dave and I would marvel at the incredible lopsided nature of this venture. The CD-ROM could hold close to a gigabyte of data, including programs, movies and graphics; all of which had to be commissioned, collated, edited, integrated together, checked for viruses, cleared for copyright, tested, mastered, and burned. If done welll, a front-mounted CD-ROM was clearly a far more complex and expensive venture than actually putting out a magazine — and yet they usually paid a single person to do it all, didn’t charge for the CD, and probably got little advertising revenue from it.
The ultimate portrayal of this problem was when, in a desperate attempt to include some unique content, they’d include on the CD-ROM a PDF file of the magazine it was sellotaped to. The PDF would usually take 50MB, if they were lucky. All that unique content that it had taken the rest of the editorial team a month to create — and there was still 650MB to go.
Most started attempting to bridge that gap with incredibly fancy interactive environments that would quickly consumer their annual budget. The ones that survived would ultimately collapse into padding the CD-ROM out with… well, the Fred Fish Amiga Archive, generally. Professional product got thrown out of the window in an attempt to feed the ever-hungry maw of interactive content.
This, to me, is the flipside of the “digital technology makes everything cheaper” argument. It makes a lot of work cheaper, but it can also professional media fantastically more expensive than its analogue equivalents.
In some ways, the equivalent to a newspaper is just a README HTML file, full of plaintext with a few images — but no-one is going to pay a quid for a README file. So what will you pay a quid for? Maybe some other super-awesome interactive newspaper with 3D pictures and audio interviews and in-depth statistical analysis and a 30 minute vodcast with the most famous writers, and, and, and… how much editorial budget do you want to throw on this again?
Elements is going to do fantastically, because it benefits from that “fresh platform” smell that exudes from the iPad. But can you re-gear a newspaper or a publishing house to produce the level of interactive complexity that a $5 app is going to demand, when it is competing with games and films in the same app niche?
Honestly, it might be possible. We’re not in the age of CD-ROMs now. Our price-points are all over the shop, and a sealed environment like the iPad permits all kinds of unnatural pricing inversions. We’ll pay more for a ringtone than a full MP3. We pay $10 for a README file on our Amazon Kindle, and a dollar for a pocket application that plays farts.
But if you want to play that game, you’re running against the clock. Other applications are going to make yours look ridiculously clumsy in a matter of months (honestly, in a year people will be amazed anyone paid $14 for a bunch of text, a rotating picture of a rock, and a quick Wolfram Alpha search). Plus the seals on that environment get corroded by open competition every day.
Often the solution to this problem really is to run away and hide. Don’t listen to those “interactive media” gurus: stick with what you know. No-one demands now to know why their magazines don’t have DVDs on the cover. When books have CD-ROMs or allied websites these days, they’re usually buried at the back, hardly updated, and just contained the original text and some errata. We don’t really care. It’s okay. We just wanted a book. We love you as you are.
I know that publishing companies will be tempted to go for the all-singing, all-dancing iPad application. But what they’re doing that, my suspicion is that what they’re aiming for is a product which exudes credibility, status — an aura of a professional media product. And when you’re spending the kind of money that a professional application requires, solely to improves your status in the world, you’re not selling a product, you’re buying the love of your audience. That may be an investment in credibility, but it’s not an incoming revenue stream.
The goldrush economics of the iPad will hide this for a little while, because everything will be briefly profitable. But to be sustainable, you need to either be producing something that consistently costs you less than it earns, or will produce regular super-hits among a string of drabber products, or just makes you so much money in its first few months that you never need work again. You can’t just make some single wonderful shiny demo product. You need to keep producing them; you need some way of economizing that process. And you need to stop others from making their shiny thing cheaper than, yet interchangeable with, yours. Otherwise you’re just throwing nice fancy gee-gaws into the thresher’s hungry mouth.
en vacance, and a seafailing race»
I’m halfway through my time between jobs. (“Oh,” said King, “so when you say you’re between jobs, you really mean you’re between jobs”). It turns out that my idea of a holiday is pretty much the same as my normal life, only with more naps, greater daughter indulgence, less guilt and more Doctor Who. The Doctor Who is driven by my indulgence in the publicly-funded brand-frenzy that is the build up to the new series (he’s going to be all right!), augmented by a recent dive through Russell T. Davies and Benjamin Cook’s brilliant Writers’ Tale, which makes you feel if only you stayed up and agonized all night, you too could write a cyberman episode or three. I never actually wrote any screenplays in the long nights reading this book, but it did make me rewatch some of the wobblier RTD episodes and feel a little more sympathetic to the man. He, too, had a lot of email to answer.
The rest of the time has been messed about with upon boats. Let me say this: I am very badly engineered for seafaring. My average interval between boat trips is about a decade. I am bad at knots. Even my proportions are unshipshapelike. My head is Irishman-large compared to my Puckoon-thin legs, giving me an unusually high center of gravity. I can capsize craft by nodding enthusiastically within them.
That said, my life has taken a watery bent recently and I greatly appreciate it. I spend a lot of my time living in a houseboat on the shores of Silicon Valley, where I stare out of a bedroom window filled with a water-level view of neighbourly riggings, sterns and curious ducks. I bought a cheap sixties dinghy hand-designed by a retiring Alameda sailmaker, Donald Goring, a man who, he said, kept his Nazi surname until the day he discovered his family was actually jewish, and then named his company after both halves.
In which the author does everything wrong.
Donald Goring-Bogart (or Bogart-Goring) designed Daisy to be a hard-chined 8 ft lifeboat that could survive a sinking in the Alaskan Pacific. She has handmade sails, custom-fitted oars and a 1983 2.5hp motor. The motor doesn’t run, I can’t sail her yet, and I row those oars like my arms are caught in a threshing machine, but she’s mine.
More practically than my Daisy-flails, Ada and I have been kayaking. My first kayak trip was sort of sales-pitch, I think, but unless they were selling me on the idea of paying protection money to keep me from future kayaks, it wasn’t successful. Somehow I agreed to be crammed into a sporting model about the width of my ankle and, while struggling to escape, kick-launched into a river. They did this to me at sundown, and within minutes it was pitch black. I swung around like a metronome in a moccasin until I could find a quay to clutch onto. Whoever the race of Kayaks are, they failed to either sell me on their device or drown me in their bloody rituals, but I had learned a lesson.
I finally unlearned it this weekend, when Ada and I merrily day-kayaked around the harbour. We bumped around together and gradually learned the subtleties together, such as which way the paddles don’t go, and how to get out of the thing without firing both feet from underneath you like a torpedo. Ada reassured me that in all her seven years, she had never seen a father sink beneath the waves yet. She also quietly sung “Ponyo, ponyo, fishy in the sea” as she paddled around the neighbours. A very good vacation.
My real Ada Lovelace day piece goes out this Friday, in my Irish Times column. Honestly, it’s more an introduction to the idea (and why identifying diverse role models in tech is important) than a real story about a technologist I know, though it does mention a few.
I sort of sabotaged myself last year by listing forty women in tech who have inspired me, not realising I could have padded that out for an entire lifetime of ALDs. This year, I was going to salute the women of the EFF (without looking like I was just sucking up to my bosses), but Cory beat me to it with his profile of Cindy Cohn, EFF’s legal director.
(Then again, he didn’t mention EFF’s executive director, Shari Steele, who led the EFF to its current amazing successes; Jennifer Granick, its senior criminal lawyer (you want to watch this video to get an idea of Granick’s work); Marcia Hofmann who has leads many of EFF’s FOIA-related scoops, Gwen Hinze who steers EFF’s work at WIPO, against ACTA and beyond; Corynne McSherry who mends free speech when it runs into the DMCA; Eva Galperin who is your first responder when your digital rights catch on fire, Rebecca Jeschke who keeps obscure tech issues in the headlines where they belong; Alyssa Ralston who brings the money in, Katina Bishop who masterminds EFF’s awesome events and more awesome major donors; Leticia Perez and Andrea Chiang who make sure the briefs get filed and the bills get paid — and I sabotaged myself again, didn’t I?)
what i did next»
For a moment, climbing out of the too-fresh sunshine and with the taste of a farewell Guinness still on my tongue, slumping into the creaky old couch in the slightly grimy, Noisebridge to write something from scratch, San Francisco felt like Edinburgh in August, a day before the Festival.
Edinburgh for me was always the randomizer, the place I hitched to every year, camped out in, and came out in some other country, six weeks later, with hungover and overdrawn, with a new skill or passion or someone sadder or more famous or just more fuddled and dumber than ever.
Today was my last day at EFF. Just before our (their? Our.) 20th birthday party in February, where I had the profoundly fannish pleasure to write and barely rehearse a 30 minute sketch starring Adam Savage, Steve Jackson, John Gilmore, me in my underpants, and Barney the Dinosaur, I callously told them I was leaving them all for another non-profit. We commiserated on Thursday, in our dorky way, by playing Settlers of Catan and Set and Hungry Hippos together. They bought me money to buy a new hat. I logged off the intranet, had a drink, and wandered off into a vacation.
In April, after a couple of weeks of … well, catching up on my TV-watching, realistically … I’ll be kickstarting a new position at the Committee to Protect Journalists as Internet Advocacy Coordinator.
I’ve known the CPJ people for a few years now, talking airily to them about the networked world as they grimly recorded the rising numbers of arrested, imprisoned, tortured, threatened and murdered Internet journalists in the world. Bloggers, online editors, uploading videographers. Jail, dead, chased into exile. As newsgathering has gone digital, it’s led to a boom in unmediated expression. But those changes have also disintermediated away the few institutional protections free speech’s front line ever had.
CPJ has incredible resources for dealing with attacks on the free press on every continent: their team assists individuals, lobbies governments at the highest levels, documents and publicizes, names and shames. They were quick to recognize and reconfigure for a digital environment (you have to admire an NGO that knew enough to snag a three letter domain in ’95). Creating a position for tackling the tech, policy and immediate needs of online journalism was the next obvious step.
The question I had for them in my interview was the same that almost everybody I’ve spoken to about this job has asked me so far. On the Internet, how do you (they? We.) define who a journalist is?
The answer made immediate sense. While “journalism” or “newsgathering” or “reportage” as an abstract idea might seem problematic when cut from its familiar institutions, and pasted into the Internet… nonetheless, you know it when you see it. When someone is arrested or threatened or tortured for what they’ve written, if you can pull up what they said in a mailreader or a browser, it really doesn’t take long to identify whether it’s journalism or not.
What’s harder is untangling the slippery facts of the case — whether the journalist was targeted because of their work, or other reasons; whether it was the government or a criminal enterprise that did the deed; where the leverage points are to seek justice or freedom.
In those fuzzier areas, in the same way as EFF uses its legal staff to map the unclear world of the frontier into clear legal lines, CPJ uses its staff’s investigative journalist expertise to uncover what really happened, and then uses the clout of that reinforced and unassailable truth to lobby and expose.
Honestly, I’m still only beginning to map out how I might help in all this. I spent a week last month in New York where CPJ is based, listening to their regional experts talk about every continent, all the dictators, torturers, censors and thugs, all the bloggers and web publishers and whistleblowers.
I know I am starting on that ignorance rollercoaster you get when striking out into new territory. I can tell these people about proxies, AES encryption and SMS security, but I still can’t pronounce Novaya Gazeta, or remember what countries border Kenya. You surprise yourself with how much old knowledge becomes freshly useful, at the same time as you feel stupid for every dumbly obvious fact you fail to grasp.
I think part of my usefulness will come from writing more, and engaging more with the communities here I know well to explain and explore the opportunities and threats their incredible creations are creating today. At the same tie, I’m already resigned to taking a hit in my reputational IQ as I publicly demonstrate my ignorance (my friends in Africa and Russia are already facepalming, I can tell). Hope you’ll forgive me.
In the mean time, I’ll be setting up my monthly donation to EFF. I’ve said it before and I’ll bore you again, EFF are an incredible organization, made up of some of the smartest and most dedicated people I’ve ever met. I smugly joined in 2005 thinking I understood tech policy, and spent the next few years amazed at what it was like to live as the only person who didn’t have an EFF to help me understand what I was looking at and what to do about it. I guess I finally got the hang of juggling five hundred daily emails, a dozen issues refracted through dozens of cultures across the world. And I guess that’s aways the cue to switch tracks and reset to being dumb and ready to learn again.
Incidentally, EFF is looking for an IP attorney right now. I don’t know how many lawyers read this blog, but if you know a smart IP legal person who wants to randomize their life for the opportunity to become even smarter for a good cause, get them to apply. They won’t regret it, not for a minute.
jet plane emotions; ipad cycles»
Does anyone else get weepy on long haul flights? I’m currently on a Virgin America flight (hello gogo wi-fi, hello deucing my carbon credits for another decade), watching a House marathon (which is protecting me somewhat from emotional liability), but I still get a little tearful after the fifth hour. Maybe it’s oxygen dep, maybe it’s sheer boredom, maybe it’s NOT JUST ME. One time I burst into tears at an inflight showing of Mission to Mars. I hope it’s not just me.
Anyway, it means I have time for you. I have a little less time for Virgin’s chairback entertainment system. Watching the Linux boot-up errors scroll back used to give me a wriggle of delight, but now the wonder of that has worn off, it’s just constantly irritating. There’s latency issues, especially with fast-forwarding in movies, which is like trying to tap-dance on black ice. There’s pages full of “this service isn’t ready yet”, terrible anti-aliasing on the branding. Oh, and my main credit card doesn’t work on purchases, coming up with a “Credit values of $9999 not allowed” error. The same card gives the same error on my neighbour’s machine. Another card that has a variant of my name works fine. My main credit card has an apostrophe in the surname. I do hope Little Bobby Tables doesn’t take a flight on VIrgin any time soon.
Here’s the question that is gripping plenty of my friends in fear tonight. Do open systems inevitably suck at UI, compared to closed systems run by control freaks? Will the iPad (sorry, that is “iPad”) mean our children will not code, and Stallman will die alone, the last free programmer strangled with the DRMed guts of the last Macmillan author?
I think the guilt is exacerbated by all of our concerned essays being interleaved by admissions that we, too, will be getting one. It’s like a “Just Say No” ad recorded by people conspicuously tapping their upper arms.
But, you know, I’m optimistic. I’ve had these chills before. The first time, actually, was Windows 3.1, back when I was six or something. Okay, twenty-one. Windows was amazing, and unprogrammable to anyone who didn’t have a proper programming job, and thus couldn’t justify the expense of the dev environment, the Petzold, and the fancy 486 to run it all on. To people accustomed to working with a $50 copy of Turbo Pascal and a 80×25 Hercules card, this was a horror show. In the space between DOS’s QBASIC and Visual Basic, the Windows platform was closed to amateurs.
As was the Mac, compared to the Apple II ecosystem. I remember in 1992, in a run-down London flat, having somehow managed to beg a Mac from a local dealer, sitting and dolefully staring at it because outside of playing MacWrite and admiring the screen resolution, there was damn all you could do with it.
As for the risks to interactivity and creativity: I remember when the WebTV was announced, and we huddled in corners and worried for the future of the Internet. Unlike Windows and the Mac, the WebTV may well have died because it sucked: but I notice that it has no descendants on the technology family tree. No-one makes a web browser at arm’s length, for watching. Even the supposedly sealed iPad sits close enough to our laps for us want to make something, even if it’s just finger paintings.
Of course, the iPad (sorry, just “iPad”) is different because of the lockdown. Even if we had the resources to write something for it, we can’t without Apple’s whim. But I remain confident that the same forces that wash away proprietariness in general purpose computers in the past will eat away at the iPad. Maybe it will be like Windows, where the system itself becomes more open just by virtue of a disinterest in its owners in keeping it closed. My own, perhaps overgenerous feeling is the App Store is not an artifact of Jobs’ control-freak mentality, but a paranoid reaction to iPhone OS’s lack of decent sandboxing; that paranoia may be whittled away slowly.
Or it could be like the Mac, which became more open out of competition with more other open systems. Closed costs money to maintain, and open has more features. It may be that the iPad gives up its closed nature when faced with competitors that take its lead, and run faster and more alluringly than even Apple can keep up with. That seems less likely, to me: Apple knows its strengths, and the open world is so far struggling to emulate its aesthetic integrity and hardware integration. Closed costs money, but also lets Apple create new revenue streams for it and its partners. Open has more features, so Apple concentrates and creating a few features very well. Well, shrug: we have competition. That’s good. It’s not like the other proprietary behemoths are doing a good job mimicking Apple either.
Or it could be that we have to become outlaws. The problem with a closed system in our post-DMCA world is not that it exists, but that it’s a criminal act to open it. Some prosecutors claim it’s a criminal act to even talk about how how to open it. It’s certain criminal to sell other people ways to open it.
Despite that, open is still so important than thousands of people do it to their iPhones. Millions of people buy Android systems in preference to iPhone partly because of that power. And if the iPad is successful, surely millions will either jailbreak them, or buy open alternatives out of a wish to reach for something that Apple isn’t offering them.
It’s easy to see the iPad as the final tragedy in a long history of openness and tinkerability in general purpose computing. But the truth is, the cyclical fight against locked-in systems has been the recurring theme of computing since the mainframes. Our open systems are as wonderful as they are because they had to set themselves up against the shiny proprietary wonders of a previous age. The iPad isn’t a threat; it’s an inspiration. They’re always trying to steal the revolution; we always have to steal it back.
my diseased mind; ephemerisle»
I’ve been laid low by illness. It’s not amenable to naming: I have a fever, but no coughs or sneezes. Headaches, otheraches. I’ve mostly been sleeping, and when I’m not asleep, I’ve been restless and yet exhausted, stuck in my apartment. A lot of my friends caught something similar, and it’s mostly taken them a week to shake it off. I didn’t even have the energy to make it to tonight’s EFF Pioneer Awards ceremony (boo! I wanted to see Limor “Adafruit” Fried and Carl Malamud win!).
What have I been doing, when not being ill? Well, possibly the maximally interesting thing for you, dear vicarious reader, was attending Ephemerisle, a sort-of-Burning-Man-like event for people who, instead of frying in deserts, prefer to drown in rivers.
There’s plenty of pictures and coverage of Ephemerisle now, I think perhaps because the event pulled 10% of the “novel strange east coast geek culture” press pool (me, Declan McCullough, Brian Doherty), and 60% of the “sympathetic portrayals of weird libertarianism” press pool (Declan McCullough, Brian Doherty, me).
My favourite review was from “postmodern conservative” Will Wilson, who said “most of the participants could best be described as left-libertarian… Curiously, most of the people I interviewed were under the impression that everybody else was a right-libertarian.” He also complained that it was “creepily non-political”, which must indeed look very suspicious indeed to DC conservatives visiting California. First they don’t talk about politics, and the next thing you know they are offering to re-orient your chakra.
Far more interesting to me, who has attended several Burning Men, but never actually got around to visiting a 1970s L5 Society meetup was the conference before the island. I’m afraid I’m weakening from the ague far too much to tell you about that now, though, so I’ll leave you with this footage of my daughter riding around in a bubble. To the future!
Read the rest of this entry »
My employer has enough opinions of its own, without having to have mine too.