RFC 1984
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
Title |
| |
Subtitle |
| |
Title of Series | ||
Number of Parts | 490 | |
Author | ||
License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
Identifiers | 10.5446/47475 (DOI) | |
Publisher | ||
Release Date | ||
Language |
Content Metadata
Subject Area | ||
Genre | ||
Abstract |
|
FOSDEM 2020328 / 490
4
7
9
10
14
15
16
25
26
29
31
33
34
35
37
40
41
42
43
45
46
47
50
51
52
53
54
58
60
64
65
66
67
70
71
72
74
75
76
77
78
82
83
84
86
89
90
93
94
95
96
98
100
101
105
106
109
110
116
118
123
124
130
135
137
141
142
144
146
151
154
157
159
164
166
167
169
172
174
178
182
184
185
186
187
189
190
191
192
193
194
195
200
202
203
204
205
206
207
208
211
212
214
218
222
225
228
230
232
233
235
236
240
242
244
249
250
251
253
254
258
261
262
266
267
268
271
273
274
275
278
280
281
282
283
284
285
286
288
289
290
291
293
295
296
297
298
301
302
303
305
306
307
310
311
315
317
318
319
328
333
350
353
354
356
359
360
361
370
372
373
374
375
379
380
381
383
385
386
387
388
391
393
394
395
397
398
399
401
409
410
411
414
420
421
422
423
424
425
427
429
430
434
438
439
444
449
450
454
457
458
459
460
461
464
465
466
468
469
470
471
472
480
484
486
487
489
490
00:00
EncryptionMassendatenHacker (term)InternetworkingInformation privacyWater vaporComputer animation
00:20
Water vaporInformation privacyStatement (computer science)
00:48
Information privacyInformation securityPoint (geometry)Digital mediaVideo gameFacebookFamilyInformation securityLogicSoftwareSpeciesInformation privacyComputer animation
01:35
Water vaporSpacetimeArithmetic progressionCategory of beingCivil engineeringSieve of EratosthenesMultiplication signSocial classComputer animation
02:15
Social classQuicksortMultiplication signPrice indexLatin squareFamilyGodWordSound effectInterpreter (computing)Metropolitan area networkPower (physics)Drop (liquid)Moving averageVideo gameMortality rateTransformation (genetics)1 (number)Order (biology)Goodness of fitExecution unitComputer animation
04:31
Process (computing)Error messageCovering spacePosition operatorMoment (mathematics)Power (physics)BitPoint cloudComputer clusterComputer animation
05:34
Social engineering (security)Touch typingQuicksortBitOrder (biology)Game theoryMultiplication signStreaming mediaComplete metric spaceOptical disc driveWeb serviceGodPoint (geometry)Computer clusterLogical constantoutput
07:56
Computer clusterOpen setPhysical systemTowerOffice suitePrisoner's dilemma2 (number)Arithmetic meanState observerCapability Maturity ModelPlanningInformation securityFactory (trading post)Machine visionCellular automatonFamilyRight angleReduction of orderComputer animation
09:19
Point (geometry)Cellular automatonRight angleMultiplication signTower1 (number)Prisoner's dilemmaMathematics
10:06
Symbol tableElement (mathematics)BitArithmetic meanDifferent (Kate Ryan album)Computer clusterAdditionRevision controlMetropolitan area networkComputer animation
11:39
Ring (mathematics)Focus (optics)CryptographyInternetworkingStatement (computer science)Information privacyView (database)Term (mathematics)CryptographyPoint (geometry)InternetworkingProcedural programmingWeb serviceEmailPower (physics)Multiplication signArithmetic meanSemaphore lineComputer animation
13:27
Execution unitGoogolVideo gameRule of inferenceStandard deviationEncryptionKey (cryptography)Physical lawComputer animation
13:49
InternetworkingStatement (computer science)CryptographyInformation privacyEmbargoDatabase transactionArchitectureWhiteboardLocal GroupGUI widgetMechanism designKey (cryptography)EncryptionGoogolComputer networkFacebookWeb serviceTelecommunicationNon-standard analysisVotingFormal verificationIn-System-ProgrammierungLattice (order)Physical lawInternetworkingMetadataVotingExtension (kinesiology)Mechanism designState of matterBitCASE <Informatik>Multiplication signPrice indexCodeEncryptionInformation privacyEmbargoChemical equationPay televisionFamilyPattern recognitionMobile appPoint (geometry)PlastikkarteRevision controlRight angleDatabase transactionBiostatisticsConnectivity (graph theory)Process (computing)DialectOnline helpDirection (geometry)Key (cryptography)IP addressComputer animation
19:40
Server (computing)LeakVideo gameMereologyDesign by contractInformationWater vaporLevel (video gaming)Web serviceIntegrated development environmentLocal ringOffice suiteMarginal distributionArithmetic meanFamilyMultiplication signLeakWeb pageSpacetimeWave packetPlastikkarteInsertion lossThumbnailRight angleVotingLaptopComputer animation
22:40
Roundness (object)UsabilitySocial classFamilyRing (mathematics)Computer animation
23:27
Pattern recognitionFamilyBuildingMultiplication signComputer clusterComputer animation
24:07
Point cloudOpen source
Transcript: English(auto-generated)
00:05
Bonjour à tout. Excellent. Alright then, so before we begin, I'd like you to consider this frog here.
00:25
He's quite a cute little frog, we had him just in our driveway. And the frog illustrates a very simple metaphor in English where you put that cute guy in some water and then you gradually heat up that water until you cook it
00:41
and he doesn't realise what's going on. So I want you to think about froggy here while I say a few statements about privacy to you. So do we actually need privacy? All our family and friends are using social media. Our grandparents, our parents, they're using Facebook. They're listening to their friends, posting on social media and agreeing with everything that they say, whether or not there's logic to it.
01:11
And teenagers, they've been on Myspace, they've been on Bebo, they've got their own networks, they've got TikTok and VSCO. So privacy, what's the point of it? It's dead, throw it away.
01:26
Everybody's worried about the bad people, the terrorists, people coming in to change your way of life. So we need to give that up for our own personal security. So yeah, how's that water feeling?
01:42
I have a problem space that it's very hard to explain to people. But luckily for us, back in ancient Greece, before that, civilisations were trying to tell people how to interact with each other in a civilised way so that we weren't constantly at war. And the way they did that were things like simple stories, like Aseps fables.
02:04
We look at them nowadays and we're like, that's children's stories. But at the time, civilisation was in the progress of reprogramming human beings to interact. So with that, I'd like to introduce you to this guy. This is Ovid.
02:21
He was a poet during the late reign of Augustus. And he was kind of like considered a kind of cool new kid because he'd followed on from Virgil. He was considered a mate of the emperor. And he was writing during a time when Augustus was hoodwinking the Roman Senate into thinking they were still a democracy.
02:41
And he wasn't a dictator, honest. And what Ovid wrote about were the gods and how they interacted with mortals and with people lower down the pecking order, like nymphs, like demigods. And Ovid often took Greek myths and he'd adjust those Greek myths to write about transformation and the effect of imperial power.
03:06
Of course, the sad thing for Ovid was because he was writing about this sort of thing, he ended up exiled to the Black Sea in Constanza in modern Romania. And no one's quite sure why he got sent there.
03:22
But a good indication might be in the affair that he may have been having with Augustus's granddaughter, Julia. And he also made the huge mistake of writing a piece of work called the Ars Armata, which pick up artists like God. This is brilliant because in it, he takes the piss out of other scientific treaties at the time,
03:46
what he details the way you can go and pick a woman's interest, pick her up and then when you're bored, just get rid of her. Classic scholars do not like that interpretation of it. So don't ever do that to them. So the reason why this wasn't a good thing and he got exiled was at the time,
04:04
Augustus was trying to bring in a new philosophy to Roman public life, which was traditional family values. The family unit is a man and his wife. And if you study the Cambridge Latin course, there's some children as well. So Ovid fell foul of that. Now, why am I mentioning Ovid?
04:25
Well, there's a very good reason why I mention Ovid, because in his work, The Metamorphosis, he wrote about Io and Argus. So Io was a beautiful, lovely, gorgeous nymph just tiptoeing around in the countryside.
04:41
And Zeus, who never could resist having a me too moment whenever he could, decided he'd like her to be his next squeeze. She said, no, me too moment. And Zeus realising that very soon he'd be in a little bit of trouble with Hera, who was a little bit jealous and prone to victim blaming, decided to go and cover it up by covering the land in a cloud all over it.
05:07
Now, as what happens when people in power try and cover things up, someone's eventually going to notice the process of covering things up. And Hera was up there in Olympus going, there's a big, massive cloud down there.
05:21
Zeus isn't around. I'm going to go see what Zeus is up to. So she goes down, finds Zeus there. She goes, hey, what are you up to? And what she found was Zeus standing there with a cow, because what he'd gone and done to cover it up was turn poor Io into a cow.
05:43
And she went, hey, hey Zeus, that's a pretty cow. Can I have the cow? And Zeus, because he was an absolute coward, went, yeah, yeah, yeah, have the cow. She's pretty. Just you do it. Slopes off, leaving poor Io behind in the hands of a vengeful, angry goddess.
06:03
So what she then does is decide to put poor Io under constant surveillance using her tool, who was a hundred-eyed giant called Argus Panoptes. And it was constant surveillance because he didn't actually need to close all of his eyes in order to get sleep.
06:22
So poor Io's wondering about, with this giant keeping an eye on her, she managed to get to a stream and speak to her father, who was a river god. So he started making a fuss, but she couldn't get away from the surveillance. Eventually, Zeus felt just a tiny, tiny little bit guilty that he'd done this and she was in the situation.
06:43
So what he did was go to the god Hermes and go, can you just sort this for me? Because, you know, I'm getting a lot of flack about this and I'd kind of just like it to go away. And so Hermes decided to do an exploit where he did a little bit of social engineering on Argus and told him a long and boring story. Argus fell completely asleep, all the eyes completely closed.
07:05
And then Hermes pretty much just murdered him, surveillance disabled. Of course, the trouble is Io was still a cow at this point, but she manages to get away. She gets all the way to the to the river Nile.
07:22
And then while she was trying to get away, Hera, still being a tiny bit vengeful, pursued her with a gadfly. I'm sure that you can think about many whistleblowers in our industry that have been pursued quite a bit for whistleblowing or for bringing up allegations.
07:41
Eventually, though, she turned back into a nymph again and all was well, and she had children. Yay! So what did Ovid add to the story? Because Ovid would take the basic Greek myth and he'd add a little touch. And what he added was peacocks. Hera felt just really quite sad that her tool of surveillance was dead and she couldn't use him anymore.
08:05
So what she did was take all of his eyes and put them on the peacock. Now, what exactly does this have to do with nowadays? I mean, it's Greek mythology. People don't turn into cows. Well, if you're a security firm, if you're into, say, CCTV systems, security, you go, I'm going to call myself Argus Vision.
08:29
And you'll stick a big eye right in the middle of that logo. And it's also inspired philosophical thought. Jeremy Benton, a philosopher in the 18th century, came up with a way to monitor
08:49
patients in things like pandemics and for quarantine purposes and also to reduce prison observation and work observation as well in factories.
09:03
Because he got the idea for the panopticon from his brother, who'd sat in the middle of an office and arranged a bunch of desks around him in Russia. So we've got Benton's brother to thank for the open plan office, but we have Jeremy Benton to thank for this, the panopticon.
09:22
It's a very simple idea. You have a tower right in the centre there and around that tower you have cells in the tower centre. You have one person observing and they have a light and they shine that light into a cell.
09:40
So the person in the cell knows they're being observed, but they don't know who's doing it. And the philosophical idea behind this is that, you know, you could get surveilled at any point in time and you have no idea who's doing it. So this actually changes how you think about the world. This changes how you interact with the world.
10:00
And this one's from an old ruined prison in Cuba. So but there's one trouble with this whole idea of the panopticon. Everybody thinks about the cool thing with the hundred eyed giant. They think about the surveillance. They think about the technology. They don't think about what it means to be that person being surveilled.
10:27
So is this myth still appropriate? I mean, perhaps, perhaps not. The trouble is you have the additional elements of peacocks and that means different things in different religions.
10:41
It's a bit of a myth. It's a simplified version of the story. So what can we use to illustrate that feeling being surveilled instead? We'll go a bit more modern. We'll go for George Orwell. One of his most famous books after our animal farm was 1984.
11:01
How many people in the room have read it? OK, well, that's good. Some of you have got an idea. In the idea of that, there's a very unsympathetic protagonist. And around him, he describes the various means of surveillance and brainwashing of the population. But again, the protagonist isn't sympathetic.
11:23
So everybody always thinks about things like Ingsoc and changing what the news is about, changing facts. And again, we've actually just forgotten about IO. We've forgotten about the cow.
11:41
We're focusing on the surveillance. So it's quite a simple phrase to get behind 1984 because of what that book means. But we need to think about deeper than just it's someone who wants to stay in power.
12:04
We have to think about what it means in terms of that data. And I'm not the only person concerned about this. The IETF in 1996 was noticing as the Internet took off. And they were very concerned about it because at that point in time, the US was putting a ban on escrow cryptography effectively.
12:30
They were restricting the sale of it. But who here knows what an RFC is? OK, that's good. That's most of you.
12:41
Briefly, the request for comment. They helped to define how we run our services, email, Internet. And it's not just the IETF that creates these RFCs. If you're outside the IETF, there's a separate process that you go through with a review, a submission.
13:01
And then it goes through the normal procedure for discussing it. The fun thing is, is that anyone can submit to April Fool's RFC. And I know at least someone in the room that's actually implemented IP over semaphore. But that's the thing.
13:20
There are requests for comments and sometimes they'll get upgraded to best practices. But does everybody on the Internet follow these best practices? They're not hard and fast rule. There is no law enforcing this. So the larger firms like Microsoft, like Google, like Apple, don't always follow the rules.
13:42
And occasionally new standards get submitted and there should be more scrutiny. Anyway, back to the RFC. In particular, there was an anecdotal case where a firm in the US had to strip out its escrow code,
14:01
ship the code over to Europe, and then had to tell people how to put the encryption back in. And the IETF went, this is insane. We have got to say something. Because they have a very difficult balance between trying to serve the needs of governments around the world, and at the same time ensuring that the rest of us have a working Internet that we can consider the privacy of our netizens.
14:28
So it was published in 1996 during the anecdote that I told you about, and it got upgraded to best practice in 2015. And you can Google the meeting about this because the notes say that they felt people had been referring to this RFC as best practice anyway,
14:49
so they might as well just make it official. So yeah, that's the RFC there. It's fairly clear.
15:01
Everybody is entitled to privacy. We are entitled to our bank transactions being private. We are entitled to what we buy, what we're looking at. So they were very worried about governments trying to interfere with the very idea of what the Internet is meant to be about.
15:23
So point A is covered by the US's embargo on that. And there's still an embargo on some escrow technologies. And sadly, back in 96, back in 2001, and recently in 2015 after the Boston bombers,
15:41
and this very year with AG bar yet again trying to put back doors within apps like WhatsApp and other things. They actually have other mechanisms by which they can get to data. They just want to make it easier for themselves to go on a fishing trip.
16:02
And of course, occasionally what they say is fine, have the encryption. Can we have a key as well? Can we just unlock that data and just take a look? We'll be good. We'll be fine. We won't do anything to it. We promise. And in some regimes around the world, only the government's allowed to have encryption. It's not a public right.
16:24
So I've already detailed a few versions of the threat. And of course, commercial firms, that's their whole business, collecting our data, gaslighting us into thinking that our data is not worth a lot.
16:41
But it is worth a lot. You're all here in this room, but we've got a massive problem because we know this, but our friends and family do not understand that this is the entirety of themselves that they are feeding into these large firms. And it gets worse and worse because there is a trust that's starting to happen with the idea of our biometric data,
17:08
fingerprinting, DNA, facial recognition. And our family will think nothing of, say, having an iPhone using facial recognition to unlock it without thinking, well, what's going on with that data?
17:21
It's still stored somewhere. We're not entirely sure where it's being stored or what it will be used for in the future. And there are a lot of political threats within the UK, the US, and to some extent within Europe with regimes like Germany and France.
17:43
And we've had government leaders state in their parliament or to the news that they don't like the idea of encryption. They don't like the idea of something that they can't read. And if you have a government where they're wanting to know what you read, I think that's a very good indication that they are scared of the populace.
18:05
We also have governments that will think nothing of forcing ISPs to effectively act as agents against you because we have metadata laws in the UK and Australia where they will suck up metadata like IP addresses, what you're browsing with.
18:23
In the UK, we actually have a filter and they're trying to re-bring in age verification where you have to have put in credit card details to prove your age. And it's a bit like a hydra.
18:41
Every now and then, governments will try and have another attempt to break encryption. And once we've lost that ability, it's going to be very hard to have our privacy back. And it's ridiculous for the US. Obama gave the NSA access to the private data of American citizens and the UK will soon have access to that as well.
19:12
And of course, with the Cambridge Analytica revelations, we also know that political parties have been collecting data about the demographics of their voters.
19:24
And this does include things like in the US magazine subscriptions and what the components of their family are. Because they see it as the more data they have of their constituents to manipulate a vote, the better.
19:42
And I mean, what happens once that data is collected? We have even more threats from the bodies that we think should be looking after us. There's a trust there because the issue that we have is we have all of these national health
20:03
services, governmental agencies, and they've not really had the proper training yet to consider how dangerous that data is. And if I was the European Union, I certainly would not consider trusting the UK government with any more data than it has.
20:22
The revelations last year about the Schengen information leaks by UK government officials. And by government officials, what I actually mean is third party contractors like IBM who are domiciled in the US. So we can expect that that data has ended up in US hands.
20:46
And of course, third party contractors, the Republican Party, they've taken that voter data that I'd mentioned earlier. Once they were alerted to the leak, they took it back down again. But the thing is that data was leaked. If data is leaked, it stays leaked.
21:02
There is nothing you can do about that. And in a very Orwellian move, Theresa May, when she was the Home Office Minister, deliberately, as part of the hostile environment, deleted the landing cards of the Windrush boat,
21:21
which took people from the West Indies, people who were part of the British Empire at the time, and deliberately destroyed evidence that they had a right to stay in the UK. And all of this data can be collected, can be analyzed, and is actively
21:41
being used against immigrants in the US who have not entered the country legally. And you have to think about the vulnerable and the margins in society, because if you don't, that technology that's being used against them will be used against your family and your friends.
22:00
It doesn't take much to be on the wrong side of a government. And in general, goodness, I don't know what it's like in Europe, but on the Wikipedia page for the UK government's data loss, there are about 30 odd entries of all levels of government from your local municipal council all the way up to ministers at the top just losing data,
22:28
leaving a secure laptop in a taxi, thumb drive being handed into a local council office. Officials do not understand the problem space.
22:43
And they're also very keen on things like CCTV. You go around here in Brussels, you can see them everywhere. They're in restaurants, they're in your door entries, and people just want to buy them to feel secure at home.
23:03
I mean, the Amazon ring in particular is a very concerning thing because Amazon bought ring to solve its own problem, which was porch stealers. But people, middle class families buy them because they're upset about their packages being bought.
23:25
Oh, sorry. But regardless, you have to think very carefully about that data. The issue that we have is how do we communicate this to our family and friends?
23:41
And the simple answer to that might be with stories. Start small. Build that trust again with your families, because it's not enough to harangue them all the time. Tell them they're doing things wrong. They won't listen to you. You have to build that trust and that friendship with them again and start getting them to realize that they're the cow.