Occasionally I read works that simply defy description. This is one of them, an interview with Eben Moglen, general counsel of the Free Software Foundation. It isn't short, but if you read one article referenced from Slashdot this month, this should be the one.
Part 1.
Part 2.
Slashdot Mirror
Occasionally I read works that simply defy description. This is one of them, an interview with Eben Moglen, general counsel of the Free Software Foundation
Wow, this may be the first time in history that a slashdot editor actually read an article befor posting it.
The apocalypse is near.
Seriously though, Moglen's objection to the mac gui is amazing:
In 1979, when I was working at IBM, I wrote an internal memo lambasting the Apple Lisa, which was Apple's first attempt to adapt Xerox PARC technology, the graphical user interface, into a desktop PC. I was then working on the development of APL2, a nested array, algorithmic, symbolic language, and I was committed to the idea that what we were doing with computers was making languages that were better than natural languages for procedural thought. The idea was to do for whole ranges of human thinking what mathematics has been doing for thousands of years in the quantitative arrangement of knowledge, and to help people think in more precise and clear ways. What I saw in the Xerox PARC technology was the caveman interface, you point and you grunt. A massive winding down, regressing away from language, in order to address the technological nervousness of the user. Users wanted to be infantilized, to return to a pre-linguistic condition in the using of computers, and the Xerox PARC technology's primary advantage was that it allowed users to address computers in a pre-linguistic way. This was to my mind a terribly socially retrograde thing to do, and I have not changed my mind about that.
I've been trying to express this thought for years and haven't been able to phrase it half as well. The mac gui really does emotionally and intellectually regress those that use it.
--Shoeboy
Bruce Sterling was talking about individual privacy, not the larger issue here of a kind of 'civil disobedience'. If everyone were to use encryption all the time, ECHELON and its ilk would become useless.
On a personal level, it's not really relevant. If someone wants to know all about you, they'll put in keyboard sniffers, or use the radiation emission from your monitor (can't remember the name of it right now) or any number of other social engineering techniques. Shredding your trash only stops your neighbor. Anybody serious can just call up the credit bureaus, phone companies, utilities and own you.
Short of living in a shack in the woods or having bazillions and living your life through the screen of lawyers and accountants, any ordinary shmoe, on an individual level, is pretty much unable to safeguard their privacy. It wouldn't take much of a 'black bag' operation to break into your doctor's office and copy your medical records, either. On an individual level, you're screwed.
On a large level, everyone using encryption would put a serious crimp on the NSA, CIA, and corporate espionage. Of course, right now, using encryption in all your communications makes you stick out like a sore thumb.
So it's OK to participate in this civil disobedience if you have nothing to hide (ooh, a catch-22) and you only communicate with people who are willing to deal with the pain and bother of encryption. There you go.
--
Has anyone considered the cost of encrypting the majority of Internet traffic? I always encrypt terminal sessions, but the cost of servers encrypting web traffic would be very high. I wouldn't mind; my PC has enough power to encrypt all MY traffic, but how about a busy web server? How much new hardware would slashdot need to support encrypting everything? If slashdot is going to blow that stupid smoke, then slashdot should encrypt all its traffic.
Second, is his explicit assumption that Linux is the best thing available, and that free software is always better than proprietary software in quality. Linux does have a lot of good points, and in some cases is the best solution. MS Windows has strengths also. Sometimes Microsoft solutions solve a problem better. Sometimes one of the other systems he ignores is better.
Another thing he guessed wrongly about is the interest of people who grow up with computers in hacking. Maybe I'll be proved wrong, but I haven't been yet. People who grow up with computers don't gain any magical insight or understanding of them. Nor do they desire such. They use them as familiar tools, just like adults at work. The difference is how familiar and what they do. Some people will become hackers; probably more. Definitely not everybody.
So, I think the article is nonsense, but if Michael thinks this is the most significant article of the year, then he should put slashdot on the same track by encrypting all its traffic.
If you are modding me down because you disagree with me, use the "Flamebait" category, not the "Troll" one.
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
An interesting an important article. One key point is to invalidate keyword filtering by massive redundant use of encryption.
So when is SlashDot going to do it's bit and make everything HTTPS? Almost all browsers have it, and it's a simple and transparent way to increase encrypted traffic to nullify keyword filters.
If there is one most singularly important lesson to learn from this, it is USE ENCRYPTION CONSTANTLY, WHENEVER YOU CAN, AS MUCH AS POSSIBLE (Pardon the theatrics)
;) ] networked media demense we inhabit, knowing full and well that privacy and anonymity are extremely important issues as society as a whole continues to evolve in it's relation with and reaction to the possibilities of abbundant internetworked end to end communications between private citizens [and don't forget to throw in the presence of rapidly increasing affordable bandwidth].
...Perhaps some sort of extension to sendmail and friends, whereby a simple script configuration could activate a mode wherein outgoing emails [probably only of willing participants, I wouldn't want to be overbearing or myself lessen anyones freedom to use the network as I choose, no matter how foolishly]
...wherin outgoing emails would initially be automatically encrypted [say, as a mime attachment to another, autogenerated email, whose body would inform the recipient that they have recieved an email from so-and-so, but that this person values their privacy and dosen't want anyone with good network or social/political real-estate to be able to read their personal communication to them. It could include perhaps a link to an advocacy site, explaining the whole purpose and ideas behind encryption being a Good Thing, as well as simple and transparent to use backend clients to download for all the major platforms, that could just as transparently decrypt and deliver the message as if it had never been encrypted.
To be honest, if you are the sort who has been reading slashdot for a while, you already know this arguement well, and I see no need to hash it out as if I have anything brilliant to add to it, except for this little nugget of nike-ism. Just DO it. It's one thing to sit around on your buttocks [face it, you generally are when you are at a terminal] and do nothing about it, reveling in the possibilities of this marvelous new [well, sort of
It's easy for many of us to say, yes, encryption is important certainly, not enough people are using it such that resources could concievably be targetted at those few who actually bother, but it's someone elses problem.
It's too much of an inconvienience to use PGP or GPG with any regularly, and besides, what's the point when most people you dialog with in email don't use it? There is a point, and an important one. Either the citizinry will manage to somehow wake up and start taking it's privacy and security into it's own hands, or personal privacy will continue to wither away. Too many other people have some feeling that their interactions on the net are anonymous, when this is so far from the truth.
If the U.S. postal system were to work as the internet, where every letter sent can be readily and [at virtually no cost in human labor] inspected thoruoughly by the government or other bodies, people would be outraged. But they feel that these sorts of things just don't happen, that it won't happen to them. And, frankly, many people are hopelessly confused about how computers or networks work at all. To them a computer is often just a fancy typewriter and info kiosk.
People like us need to start to devote some time to serious personal, grass roots activism, to widen the pool of people using encryption.
Becuase it's only at the grass roots level that their is any liklihood of it actually happening. Perhaps something could be established vaguely [in spirit, certainly not implementation, I'm talking in sweeping generalities about the possible social dynamic] like the RBL. I don't mean a central server or list of people who do/don't use encryption, I mean instead a system whereby people would feel some penalty or disinsintive if they are not using encryption themselves.
For those who chose [probably most, for I probably wouldn't want all of my email to be completely unreadable by those who didn't agree to run software I liked, even if it was free and open], there could be additional details in the email message to allow for the recipient to respond in a certain way and recieve the unencrypted version. Something akin to the process of confirmation from a mail server, for instance.
The inconvinience would be a key aspect, for it would turn the tables; wheras now it is more inconvienient for someone to bother with setting up encryption.
Now I know this is asking a lot, and I don't imagine very many of you have bothered to read this far, but it's something to think about. lesson to be learned from this, it is a l
---
the pen is mightier then the sword. the sword is mightier then the court. the court is mightier then the pen.
So you tell me this now, when half of the month is already over...