[liberationtech] liberationtech Digest, Vol 34, Issue 1
Joshua Cohen
jcohen57 at stanford.edu
Wed Sep 22 15:19:01 PDT 2010
Andrew: I do not agree with the thrust of your message about what has
happened in the discussion of Haystack.
1. It is true that the the discussion started on an excessively
personal note. Some of us, including me, objected and urged that
contributors keep their eyes on the prize (I have pasted my earlier
message in below). I think participants have subsequently kept their
eyes largely on the prize, and the result is that several important
issues have been debated with great seriousness and in ways that I
have learned a lot from.
2. One issue is the extent to which people in Iran were exposed to
(non-consensual) risks by the distribution of what has been called
Haystack (though perhaps what was distributed was not the real thing).
3. A second issue is about the norms that players in this space should
use: in particular about the importance of Kerckhoff's "no security
through obscurity Law/Principle.
4. A third issue has been about whether the very considerable
attention that was devoted to Haystack.....what some have described as
the triumph of hype over security....tells us something of importance
about the individual players, about the media, and/or about the
government. "Bay of Pigs" is a reach. But considering the very
considerable hype (Guardian, Newsweek, etc.), these strike me as
legitimate and important questions.
5. The fact that most activists in Iran have never heard of Haystack
is VERY good news in terms of their own security but essentially
irrelevant to a discussion of the roots of the hype and how it might
be avoided in the future.
Josh Cohen
I posted this message on September 3
I have been following this discussion as an interested observer with
no knowledge of security software or standard vetting procedures/
stress tests for such software. I see two threads in the discussion:
(1) The first thread is that Haystack has not been subjected to
standard vetting procedures that are really essential to protecting
people.
(2) The second thread is about why (1) is true: with lots of comments
on personality, the complexities of doing good, the demands on
startups, etc etc.
Just wanted to say that I am MUCH less interested in (2) than in (1).
If Haystack has not been properly vetted, it does not much matter (not
for our topic here) whether the failure to follow protocols is well-
or ill-motivated. what matters is that they have not been followed and
that this may impose real dangers.
I hope we can keep the discussion focused on (1). And let me just add—
again as an interested but relatively uninformed observer—that I have
seen some very strong concerns expressed about (1), including in
Jacob's message below (but others in the thread have raised similar
issues), and I have not seen those concerns answered.
Josh Cohen
Stanford University
On Sep 22, 2010, at 1:42 PM, Andrew Ford Lyons wrote:
> While I agree with Jim's points here, I think it would be short
> sighted to rule out every one of Brandon's concerns. While I found
> the technical issues and closed development model and a bit of the
> criticism about how media covers technology useful, a lot of the
> criticism — quite a lot from Evgeny Morozov — to be more personal
> attacks and matters of personal taste about Austin himself.
>
> Morozov is turning his criticism of Haystack into a cottage
> industry. He's using it to further propel his overall thesis that
> internet tools cannot help dissidents, but is actually the tool of
> and for the establishment. It's a false premise, but that's not what
> people who are actually interested in such tools are interested in.
> Now he refers to it as the "the Internet's equivalent of the Bay of
> Pigs Invasion." What next? It's the Web's Holocaust? This mini
> scandal mostly impacts developers interested in bypassing firewalls
> and promoting privacy and like it or not, there were not a lot of
> people using Haystack. I work with people in Iran. I've been able to
> ask around about its use to some limited extent. Most hadn't even
> heard about it. Tor, yes. Haystack not so much.
>
> I found it interesting the number of people employing the "media
> whore" term without any sense of Irony. A whore is one who trades
> her or his services for money. Those doing it for nothing are merely
> enthusiasts. Those who are paid to blog their opinions may want to
> consider that.
>
> So lets not inflate things to ludicrous degrees and have a
> reasonable discussion about it, because on many levels, it's very
> important. More importantly, beyond Haystack, how do we continually
> and independently vet all tools claiming to offer privacy and/or
> uncensored online access under different conditions in repeatable
> ways and compile those results for anyone to look at, question and
> refine? Could there be a sort of Conumer Reports of these things?
>
>
>
> On 21 Sep 2010, at 20:06, liberationtech-request at lists.stanford.edu
> wrote:
>
>> Date: Mon, 20 Sep 2010 11:51:07 -0700
>> From: Jim Youll <jyoull at alum.mit.edu>
>> To: Brandon Wiley <brandon at blanu.net>
>> Cc: liberationtech at mailman.stanford.edu
>> Subject: Re: [liberationtech] openness and transparency Re:
>> Deconstructing the security risks narrative of Haystack
>> Message-ID: <474E3EA6-04C9-401D-8DF2-3EA5B5FF2E27 at alum.mit.edu>
>> Content-Type: text/plain; charset=us-ascii
>>
>> Brandon, you express a number of fears about unknowable possible
>> futures.
>>
>> "Fear" is no basis on which to proceed. It's not a foundation for
>> decision-making. Anyone who's scared off by the prospect of
>> potentially-harsh peer review should not be building life-critical
>> systems, so anyone who wanders off for that reason won't be missed.
>>
>> Haystack is/was created in isolation, and is representative of
>> nothing more than itself. It does offer an example of the dramatic
>> ways in which committees can fail to create or sustain a system
>> that provides an intended outcome - an unfortunate, and unnecessary
>> warning and lesson. These modes of failure aren't new and certainly
>> are well-studied and documented.
>>
>> The best way to not run into the problems you fear is to work
>> openly and to invite criticism rather than to hide from it.
>> Writers, photographers, and other creatives all benefit from the
>> skills of outside editors. Should we be surprised that software
>> creators wouldn't also benefit from the FREE help from qualified,
>> interested experts? Haystack is one of the only viable-seeming
>> security systems to not have been subjected to an open critique
>> during its design and development. On this point alone, and on
>> Austin Heap's and others' insistence that it would be kept
>> "secret," the project was fated to fail from the start.
>>
>> It's not possible to "offer an alternative" to a complex, broken
>> system - other than to design another entire system - and that is
>> NOT a reviewer's duty. It is sufficient in the critique of any new
>> work to ask un-answered questions, and to identify both flaws and
>> strengths. Unfortunately, in this case, the only strong point in
>> the project was its public relations push. Others in every well-
>> meaning technology project SHOULD learn how to communicate more
>> effectively. But the rest of it is an example of what /not/ to do.
>> Fortunately, there are many positive examples for design, critique
>> and deployment of secure systems.
>>
>> On Sep 18, 2010, at 9:43 AM, Brandon Wiley wrote:
>>
>>> I am disappointed by the response to Haystack because I think it
>>> will have a negative effect on young activists. In addition to the
>>> lesson about openness (which is a good lesson, to be sure), there
>>> is an implicit lesson that if you try to do something innovative
>>> the risk of failure is being vilified by bloggers and becoming an
>>> object of hatred and disdain. This is probably a true lesson, but
>>> it's not the sort of thing I think we should teach. If I had
>>> witnessed this exchange back when I was working on Freenet, I
>>> think I would have been scared to death of receiving the same
>>> treatment if I didn't do everything according to some possibly
>>> unknown or misunderstood community norms.
>>>
>>> Haystack had a lot going for it. It had an export license, a
>>> grant, a 501(c)3, plenty of free marketing. the only problem was
>>> that it didn't work at all. It's a shame to throw away all that
>>> infrastructure and all the good people that believed in it and
>>> were working on it. I fear that now people will be very skeptical
>>> of funding, contributing to, or using similar products because of
>>> the bad press that Haystack received. I favor mentorship over
>>> ostracism. Haystack was trying to solve a hard problem, not an
>>> impossible problem. It could have been fixed, or even replaced
>>> under the hood with something that works, even just a rebranded
>>> Tor. I'm not involved with the project, so maybe there are details
>>> of which I'm unaware. Maybe the CRC was uncooperative in fixing
>>> their product. Whatever the situation, I think it's an unfortunate
>>> outcome.
>>>
>>> While I totally agree that secrecy should be discouraged, I'd just
>>> like to advocate the approach of offering an alternative, so that
>>> the message is "Secrecy fails, try openness!" instead of "If you
>>> try secrecy, you will never work in this industry again." Anyway,
>>> what's done is done. I think that one good thing that's come out
>>> of this is some posts by various people clearly articulating
>>> community guidelines. That's good stuff, no matter how you look at
>>> it.
>>
>
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
>
> Should you need to change your subscription options, please go to:
>
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20100922/e3cc20a0/attachment.html>
More information about the liberationtech
mailing list