[liberationtech] FW: The security and ethics

[Jacob Appelbaum]

On 02/09/2011 10:15 AM, David Rizk wrote:
>> Additionally, just as literary illiteracy and innumeracy are
>> serious education problems, so is technological illiteracy. So
>> while I agree we should be accessible, I reject the notion that the
>> ideal is to not understand the way that the world works. We reject
>> it for other important topics and we should reject it here too. We
>> should embrace understanding for this very important topic; most
>> people actually get the big picture and most of the little details
>> when they stop discouraging themselves.
> 
> Paul -- agreed. I think the points you've made are often lost on this
> list.

I don't think it's _lost_ but I think that this attitude is part of the
difficulty with changing the status-quo.

> 
> @Jacob, Jim: I understand that your points are directed mostly at
> users who place themselves in harm's way, but I believe they lose
> validity as universal tenets. Most people express their curiosity and
> find happiness by learning about, and doing things, other than
> implementing advanced privacy and security protocols. Expecting users
> to want to learn more about our particular field misses the greater
> point.
> 

I am not a Kantian - I am closer to a preference based utilitarian and
thus a consequentialist. I don't think that we need a universal tenet to
have a reasonable way forward. Largely, I firmly disagree that what I
argue is for people to learn how to implement a protocol - rather I
argue that they should understand the high level details of how someone
claims something to be "secure" or not. The low level details of why I
think Skype is a disaster is of course aimed at the rather technical
people who asked for specific details.

> Consider the alternative: ideally, users should need to know less,
> rather than more, about the way networks and security protocols work.
> Ideally, users should be able to spend cycles on the things they care
> about -- pursuing happiness, fomenting revolutions -- without
> worrying about technical details. You may think hacking is happiness,
> but plainly, most do not. If network and software engineers (and
> governments and lawyers) were really successful at their jobs,
> ordinary users wouldn't be threatened by any of this. We strive to
> realize this vision in the law, and I would submit that the same
> should be true of code. For example, Yale's Robert Ellickson points
> out that the law is irrelevant for most people most of the time --
> and this is regarded as a great thing!

Lessig puts it best when he says "Code is law" and I generally agree
with him.

I do however really disagree with you when you talk about how the ideal
is for users to know less. Hacking? Sure, I agree that users should have
a smooth UX experience - I also think that a high level understanding
should be enough. But sometimes something like checking a cryptographic
fingerprint is the highest level of abstraction possible without
creating a security compromise that throws the baby out with the bath water.

Red Phone is a great example of how to accomplish this with the Short
Authentication String. I think that's a reasonable compromise - if the
SaS doesn't match, all bets are off. That's a two minute lesson and it
properly sets expectations.

However, the road to getting Red Phone from Skype is related to all the
technical criticisms that I've made on this list. That road means that
people wishing to debate the topic will need to at least reasonably
understand the topic.

> 
> Relatedly, I would also reject your analogy to basic literacy. Of
> course, *some* basic level of computer literacy is going to be
> essential for generations to come. But implementing advancing privacy
> and security protocols is not really analogous to the basic ability
> to read. To say that you can write, is not to say that you can write
> a competent and persuasive brief to a judge. You (wisely) hire a
> lawyer. Are you contending that, ideally, you would mount your own
> defense? Or would you prefer to get professional help?
> 

This is a funny rejection of my analogy. As someone who works with
lawyers on a daily basis, I'd like to think that I listen to those who
know but I also don't blindly believe everything. I ask for case law, I
ask for reasoning behind choices, I try to understand *why* and *how*
things work to the best of my ability.

I am a thinking monkey and I use all of the tools at my disposal. What's
the point of hiring a lawyer if you don't rationally examine the things
they offer as reasons or arguments? How would you ever make a solid
informed decision?

I trust but I also verify. I don't just listen - I really seek to
understand what is going on around me. Perhaps I am unique, I doubt it
though.

> On the margins, I think we can agree, expertise is always going to be
> necessary. And just as lawyers help their clients comply with the
> law, and fend off attempts at enforcement, technologists should
> strive to make life as uncomplicated as possible for users -- while
> upholding their expectations and social norms (e.g., protecting their
> privacy, etc.).

Yes. Expertise will always be a useful component when it is necessary. I
argue that for most choices, we should normalize the best possible
practices until we no longer need expertise for day to day things.

I think we agree that users should have it be as uncomplicated as
possible. I perhaps think the level possible is a bit more technical
than others...

All the best,
Jacob