Occasionally I read works that simply defy description. This is one of them, an interview with Eben Moglen, general counsel of the Free Software Foundation. It isn't short, but if you read one article referenced from Slashdot this month, this should be the one.
Part 1.
Part 2.
Slashdot Mirror
__
__
Men with no respect for life must never be allowed to control the ultimate instruments of death.
GW Bu
The real point he was getting at is that user-friendly systems often discourage people from exploring the depths of their computers, in the same way that modern high school boys don't tinker with cars the way boys did in the 50s.
Well, there is a good reason for this, a reason which Moglen ignores completely. It is called complexity.
Do I know how Linux works? Kinda. I can get around and even sysadmin a small network. But do I have a clue about the internal workings of the kernel? No. And why? Because it's big and complicated. I cannot dedicate my life to studying it -- there are other interesting things in life to do.
Moglen comes from time when you had 4K of memory and everything had to fit in there. Operating systems were small and simple. You could learn them and know them very, very well without spending months and years studying them.
Look at cars. In the 50s (hell, in the 70s as well) cars were simple mechanical devices. I could (and did) take much of the engine apart with a bunch of wrenches, fix it, and put it back together. It even worked after that. Cars were simple and easy to understand.
Now, there are electronic black boxes all over my car. To adjust ignition I don't turn a screw any more -- I have to plug some electronic thingie into another electronic thingie in my car and adjust something on screen. If a black box breaks, I cannot fix it -- I throw it out and buy a new one.
So, my point is that it's complexity that is the real problem. Complexity discourages people from exploring "the depths of their computers" because it takes too long and you cannot hold the whole thing inside your head like you used to be able to do. Complexity prevent modern high school boys from tinkering with cars because [electronic] tools are expensive, change all the time and you don't really understand the internal workings anyway.
And, no, it doesn't have anything to do with GUIs or user-interface systems.
Kaa
Kaa
Kaa's Law: In any sufficiently large group of people most are idiots.
An interesting an important article. One key point is to invalidate keyword filtering by massive redundant use of encryption.
So when is SlashDot going to do it's bit and make everything HTTPS? Almost all browsers have it, and it's a simple and transparent way to increase encrypted traffic to nullify keyword filters.
If there is one most singularly important lesson to learn from this, it is USE ENCRYPTION CONSTANTLY, WHENEVER YOU CAN, AS MUCH AS POSSIBLE (Pardon the theatrics)
;) ] networked media demense we inhabit, knowing full and well that privacy and anonymity are extremely important issues as society as a whole continues to evolve in it's relation with and reaction to the possibilities of abbundant internetworked end to end communications between private citizens [and don't forget to throw in the presence of rapidly increasing affordable bandwidth].
...Perhaps some sort of extension to sendmail and friends, whereby a simple script configuration could activate a mode wherein outgoing emails [probably only of willing participants, I wouldn't want to be overbearing or myself lessen anyones freedom to use the network as I choose, no matter how foolishly]
...wherin outgoing emails would initially be automatically encrypted [say, as a mime attachment to another, autogenerated email, whose body would inform the recipient that they have recieved an email from so-and-so, but that this person values their privacy and dosen't want anyone with good network or social/political real-estate to be able to read their personal communication to them. It could include perhaps a link to an advocacy site, explaining the whole purpose and ideas behind encryption being a Good Thing, as well as simple and transparent to use backend clients to download for all the major platforms, that could just as transparently decrypt and deliver the message as if it had never been encrypted.
To be honest, if you are the sort who has been reading slashdot for a while, you already know this arguement well, and I see no need to hash it out as if I have anything brilliant to add to it, except for this little nugget of nike-ism. Just DO it. It's one thing to sit around on your buttocks [face it, you generally are when you are at a terminal] and do nothing about it, reveling in the possibilities of this marvelous new [well, sort of
It's easy for many of us to say, yes, encryption is important certainly, not enough people are using it such that resources could concievably be targetted at those few who actually bother, but it's someone elses problem.
It's too much of an inconvienience to use PGP or GPG with any regularly, and besides, what's the point when most people you dialog with in email don't use it? There is a point, and an important one. Either the citizinry will manage to somehow wake up and start taking it's privacy and security into it's own hands, or personal privacy will continue to wither away. Too many other people have some feeling that their interactions on the net are anonymous, when this is so far from the truth.
If the U.S. postal system were to work as the internet, where every letter sent can be readily and [at virtually no cost in human labor] inspected thoruoughly by the government or other bodies, people would be outraged. But they feel that these sorts of things just don't happen, that it won't happen to them. And, frankly, many people are hopelessly confused about how computers or networks work at all. To them a computer is often just a fancy typewriter and info kiosk.
People like us need to start to devote some time to serious personal, grass roots activism, to widen the pool of people using encryption.
Becuase it's only at the grass roots level that their is any liklihood of it actually happening. Perhaps something could be established vaguely [in spirit, certainly not implementation, I'm talking in sweeping generalities about the possible social dynamic] like the RBL. I don't mean a central server or list of people who do/don't use encryption, I mean instead a system whereby people would feel some penalty or disinsintive if they are not using encryption themselves.
For those who chose [probably most, for I probably wouldn't want all of my email to be completely unreadable by those who didn't agree to run software I liked, even if it was free and open], there could be additional details in the email message to allow for the recipient to respond in a certain way and recieve the unencrypted version. Something akin to the process of confirmation from a mail server, for instance.
The inconvinience would be a key aspect, for it would turn the tables; wheras now it is more inconvienient for someone to bother with setting up encryption.
Now I know this is asking a lot, and I don't imagine very many of you have bothered to read this far, but it's something to think about. lesson to be learned from this, it is a l
---
the pen is mightier then the sword. the sword is mightier then the court. the court is mightier then the pen.
So you tell me this now, when half of the month is already over...