[liberationtech] The missing component: Mobile to Web interoperability (in Internet Freedom Technologies)

Jonathan Wilkes jancsika at yahoo.com
Wed Sep 25 13:34:10 PDT 2013 

On 09/24/2013 09:56 AM, Michael Rogers wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 24/09/13 05:21, Jonathan Wilkes wrote:
>> Is Briar able to hide metadata that describes who is messaging
>> whom within the network from an attacker with a splitter on the
>> internet and a $50+ billion budget?
> We'll see. :-) Briar moves communication off the internet wherever
> possible, and when communicating across the internet it uses Tor
> hidden services to conceal social relationships. So it may justify the
> attacker's budget more than current systems do.
>
> But I take your point that all digital communication is vulnerable to
> surveillance, and that our individual choices to communicate digitally
> may threaten our collective freedom. The question is, what should we
> do about that? Even the postal service is digitally surveilled these
> days - should we restrict ourselves to face-to-face conversations?
> What about hidden microphones - should we have all our conversations
> naked, inside Faraday cages?
>
> It's clear that we can't stay sane and guarantee that we're free from
> surveillance. So we have to make tradeoffs. I believe that P2P social
> networks offer a better privacy/convenience tradeoff than centralised
> social networks. They don't guarantee absolute privacy against an
> adversary with unlimited powers - nothing can. But they're less bad
> than current systems.
>
>> It's probably better to say that goodwill does not address such
>> moral hazards.  People can develop and maintain friendships over
>> the internet, but currently doing so creates a toxic waste that
>> silently eats away at our collective freedom.
> Thanks, I understand better now what you mean by moral hazard. I don't
> have an answer to your question of how communication tools should
> explain that moral hazard to their users. I'm not sure it's even a
> matter of explanation - informed individual choices may still lead to
> collectively detrimental outcomes.
>
> Surveillance is a collective problem, and as such it requires a
> collective solution, which is to say a political solution. But that
> doesn't mean technology is irrelevant - it can contribute to a
> political solution in two ways. First, it can raise the cost and lower
> the effectiveness of surveillance, making surveillance harder to
> justify politically. Second, it can support political action by
> enabling people to speak, associate and organise, in private and in
> public.

Are you saying that your social network
could give activists a private communication channel over the
internet, at least at some time in the near future?
It may make sense for someone like me who has an
aversion to advertisers and site admins hurling nested
Russian dolls of javascript at my head to say that I can
attain some semblance of privacy by leveraging Tor.  But
for anything beyond local political organizing, NSA level
spying is a real threat.

Roger Dingledine has said that his biggest fear is that the
NSA has found a way to break Tor, and they whisper what
they know to other agencies only in those cases where
doing so wouldn't risk letting the cat out of the bag.  We
don't have enough information at present to judge how big
a threat something like that is, but if I took as gospel the
biggest fears from respected cryptographers of the
past decade I'd probably have a damn good track record
so far.

I'm not saying don't work on systems that are better than
centralized ones, I'm just saying we should be very realistic
and skeptical in claiming what such software can achieve.
It could certainly improve things, but if mid- to large-scale
political organizers need privacy in certain situations they
should not be using the internet.  That doesn't mean
"don't ever use the internet," it just means know their limits
and probably using different tactics (like ensuring there's not
a small group of organizers who are a central point of
surveillance and failure).

Btw, I don't think we've done a very good job on the flip
side-- that is, making tools to let people know what inferences
can already be made based on the data they've put into
centralized databases.  Facebook knowing you're gay is
one thing, but that they and Google probably know the
sexual preferences of teens who don't even know it themselves
is a way bigger market for abuse.

Does anyone have a tool where a Facebook user can
mine their own data and guess what inferences are being
made about them?  I know there are some apps, but I mean
the user accessing only their own data.

Best,
Jonathan

More information about the liberationtech mailing list