To the common public and security pros alike, as well as the two people that were kind enough to consider a rational dialogue about cryptography and boundaries and concepts with me for the first time so far this week, I have some changing views that I’m pushing boundaries on and trying to find rational, forward-looking answers to. So thanks for taking the time with me here. It’s vital.
We’re here to talk numbers, code, access, privacy and security and I’m all out of bubbleGum. But I can describe more about where I’m coming from so you can know who’s asking these questions and why. What follows was written coffee fueled and late into the night (for me anyway ‘cuz I’m old…). And, my only setback is that I can’t specifically talk specs. Numbers and code are totally foreign to me anymore (if I ever even could get past long division). But that shouldn’t keep us from talking about concepts though right?
I’m not coming at this out of complete ignorance, but some. And I’m completely willing to learn more and admit when I’m wrong. Are you? We’ll see.
“*sigh* …where to begin?”
Is how one answer to my last Encryption post began. Right before I got an unnecessary lesson in modern cryptographic concepts.
“Privacy licenses!? What’s next Orwell? Money = speech!? Trading your freedoms for promises of security is the surest way to lose both.”, from another.
Sigh, is right.
So, I feel I must clear the air about who I am and what I do and don’t know. At least little bit. Because not only am I aware of these reasonings and memes, but this is very important for the world right now and me personally, at this very moment in time. And, I’m grateful for your patient cooperation in this necessary conversation. I’m trying to get some answers to and simply even address some as of yet, unasked questions and concepts concerning crypto. Questions I’ve never read about or seen asked anywhere else yet. Even if from from my odd, yet relatively *uncommon perspective.
It is my fault for not being more ‘transparent’ in my previous post(s) about what I know and what I don’t, as well as some of my life experience which may help you to understand that although I’m not a crypto-pro, I’m far from a crypto-rookie as well. Hopefully, if you’re willing, we can move forward on discussing some boundaries, right after you learn about where I’m coming from.
I sure didn’t mean to appear to come out of a vacuum, completely ignorant on the issues surrounding cryptography. Or, sound like your friend’s Republican Dad who wants 1984 style oppression without knowing what he’s even talking about, concerning privacy and security. Though recently, I have had a rather dramatic and somewhat related paradigm shift in my thinking concerning a lot of colliding aspects and issues, please bear with me here as I try my best at attempting to address cryptography for the first time since that occurred.
Despite my proposal seeming to be a simple and clear-cut case of “No”, for so many of you in the tech world (and conspiracy world), I don’t have to remind you how common this struggle is for so many of us around you, with neither the time, nor the common expectations of even having to know about cryptography. I must admit, It has been a rather looming, philosophical, moral and lengthy hurdle for me, for some time and I am not coming at this out of simple reactionary reasoning. I, we need to be able to push boundaries with ideas between the general public and the tech world somehow and I hope this proposal helps to do that a little.
I also feel that after very little internal debate, the more we disagree, the more we need to talk, or at least listen to each other. We must examine areas as close as we can get to the fine line between too much and too little ‘surveillance’ before worse is pushed on us.
I don’t have to tell any geeks that ‘you can’t fight technology’, or the heights we’re willing to go with it as Human Beings.
I’m functional in ‘some’ ways and not in others, just like most of you. However now, both physically and educationally to some rather extreme degrees. On top of coming out of both the 80’s LA punk scene and then back home to the NW for the 90’s (I won’t say it’s name) scene. I was a ‘Seattle 90’s sensitive guy‘. I’ve also been a professional photo assistant (lots of fast maths), a Chef (there too), a sponsored Skater ‘Brand-X’, a Surfer, I’ve worked on custom-classic-cars (tons of maths there as well) and much more. But most of all I’m a passionate learner of just about any subject under the Sun, (other than numbers anyway… despite my fascination with them and watching nearly every ‘Numberphile’ and similar kind of show I can find… I’ve even watched the entire Rodin Math series… ooh Rodin-Coils… :/ )
I once got in trouble for being a percussion prodigy at the age of 12. Halfway through my very first paid lesson ever (from simple striking gestures to what I didn’t know at the time were called ‘flamadiddles’), the teacher brought me down and said to my single, overworked Mother: ‘there’s nothing I can teach him here’. Exited by it’s meaning, I began looking around the store and overheard them say something about New-York. That’s when Momma-bear pulled me out of the store by the wrist, faster than quantum tunneling, before he ever got to the point of ‘scholarships’. And since then (and prior for that matter), I’ve been a Mathematical failure until this moment.
Yet, I have read hundreds of articles and some dozens of books and listened to tons of podcasts and actually seen hundreds of online conferences, seminars, talks and ‘hangouts’ over the last 10 years, about concepts ranging from Liberty, Justice, Math, Physics, Astronomy, Chemistry and Cryptography. I’ve listened to Professors and Students alike talk for years about concepts, issues, devices and capabilities for crypto, like Elliptic Curve Cryptography ECC, access like Blackphone, big data-speeches and slideshows (and ‘Ted’s ugh), even ‘sit-ins’ (like with Appelbaum & Binney) with everyone on the floor, staring up with eyes as wide as my eyes were -at the time, after learning Big-Brother had been a reality (via Snowden). When in actual reality it’s been since before most of you reading this were born (AT&T / telegrams etc) and older.
I’ve read and learned about crypto, privacy and security by following, watching and listening to folks like Matthew Green, Mikko Hypponen, Christopher Soghoian, Jacob Appelbaum, Julian Assange, Roger Dingledine, Lawrence Lessig, Bruce Schneier, Richard Stallman, Moxie Marlinspike, Glenn Greenwald (I was reading him for years before Snowden made a name for himself by personally deciding to mold the nature of our country’s discourse and protection practices because he found the means of protecting society offensive, and I’ve read Glenn in the years since….but until just recently, not realistically any more) and Seth Lloyd (Seth’s pushing the real, relative boundaries, in quantum computing). I know about the distances their pushing in quantum teleportation. I know the layered, historical and personal reasoning behind Alan Turing’s choice to eat the poisoned Apple. And, I am rather close to thinking that Max Tegmark might just be right about ‘Our Mathematical Universe‘
As you rightly know, the name list is much longer and of course I’m aware that beyond Vera Rubin (superstar!), Ada Lovelace, Marie Curie, and other ‘famous’ Women’s names in technology. I failed to mention them because they aren’t as common. There’s always folks like Birgitta Jonsdottir and Snowden’s attorney Jesselyn Radack and I forget the Woman who helped him escape justice. I really just don’t know many other Women, crypto-warriors by name beyond the wonderful folks behind Adafruit, who I’m sure hope to shit their (seemingly innocent) products don’t keep coming back to haunt them in the future.
What’s upsetting, is not that I’ll be mocked as some old ‘whiner’ in the comment section or something (that’ll be expected), but that someone with ill intent could get a jump start with a post like this. Couldn’t they? It sucks and I don’t want my writing to come back to haunt me either for trying to get somewhere instead of waiting for a disaster to have something worse, forced on us before we’re even willing to approach new concepts like Tiered–Responsible-Access. I know I need to push at this, not only for myself, but for others who might not know a single person mentioned yet. It is they who are the most common victims and the least informed about concepts and people like this, who shouldn’t be expected to know them anyways.
I’m a complete failure at Maths (I literally got an F-minus one year in high school). I got my GED at 18 and that’s it. Except for some failed attempts at a night, Math course and some community (training) college., I’m now 44, live in poverty and am disabled (bad genes as the discs between my vertebrae are ‘turning to graham-cracker’). I’ve been a Mathematical failure all my life, until this very moment.
I know a little about a lot. Instead of a lot about a little. For example, since I’ve been disabled and have the time to learn, I’ve actually watched this entire video series of Alan Guth’s lectures on ‘The Early Universe‘ at MIT, just for fun, twice. I can grasp the concepts (plank time, frame-dragging, entanglement and quantum tunneling), just not the numbers. I was also writing graphics code in BASIC back in the 80’s with a modem the size of a shoebox. It was a lot of fun. But, I’ve neither been to college, nor acquired a degree of any kind so far. Just lots of surface experience.
So now that the caveats are all out of the way, I know all the arguments you want to make for free and open access and I understand a lot more about these concepts than the average person does. I just don’t know as much as you probably do, or as I ‘should’. I’m trying to be a go-between. Between those like my Mom who want and need security, and that 14 year-old kid who should be outside Skating or Surfing once in awhile (if able), but instead is inside all day using every-day, accessible and free software in an attempt to ruin a couple thousand (or millions of) people’s lives or more, all at once, just for fun.
These bored, sadistic dregs shouldn’t be so easily able to do that. And empowering the majority of child-porongraphers, terrorists and snoops in the name of free-speech has to come to an end somehow. Because I, you, we can’t have it anymore! I’ve seen what happens to a loved one when they have their identity stolen. I risk having mine stolen (or worse), just for presenting my new views in writing this (perhaps by sadistic people like yourself!). It’s almost as dangerous as if I were to draw the wrong cartoon or something.
To be clear, when I say “tiers”, I don’t mean tiers of strength. I want all crypto strong. What I failed to clarify are ‘Tiers Of Access’. I don’t know how it could, or even if it can be policed. But were completely sick and tired of having bored, 14 year old fuck-chops, having access to algorithms, protocols or even Maths online, or in public schools etc. without having to have an ID related to their work, at least sign a responsibility contract. Just like you and I do when we sign a lease for an apartment, or when we reveal all our everything for the DMV/MVD, or just to get one of those stupid, thieving, little ‘savings cards’, where you have to reveal all your private information just to get the price back down to where it should be in the first place so they can surveil all your purchases.
I now feel that anyone that wants access to information and procedures that can help them learn and grow, but can also destroy the lives of millions with a keystroke and entire lists of names of people trying to do little more than save their hard earned money in a fucking Bank should have a traceable route back to them if they do attack us somehow..
Perhaps they should (perhaps we all should) have to have a tracing number applied to their (our) access to the entire web if that’s what it takes. Heavy, I know. But why in the world would the concept of something like a ‘licence’ or contract to access the web at all, sound like such a crazy idea in the face of all we must accept within other aspects of our daily lives?
The only kinds of people (again, in a public setting like schools or cafe’s), who need access to these kind of Maths, are Scholars, Students, Business people, Lawyers, Doctors and Pilots etc (and if we want it we should have to sign in too). I understand how accessible Maths and programs are just available online to anyone, just like a DIY chem set is (don’t belittle these… CISPR etc) and the entire industry of Microcontrollers like at Adafruit etc sold as harmless teaching toys, when ‘some’ of them are, but, as I’m sure you know by watching all the thousands of videos by all the Hacker Cons out there, that if you just get $300-$400 worth of these things that can “tell you the surfing conditions on your phone”, because you placed a device at the Beach that can give you all the pertinent weather conditions, you can also*remotely* take down an entire fucking neighborhood… electricity and all, with your phone, from thousands of miles away. I’m sure you’ve done the research too.
These aren’t actually ‘toys’ and I bet the government thinks the same thing, whether you care about what they think or not. They want access to all your IOT devices and they’ll get it one way or another too. Just like USB chargers that can be hacked and used to spy on you. I feel like I have to keep explaining this to some people though: Your Ninja ain’t shit. Why? Because they own the wires and the whole fucking system, that’s why.
Your Tor node is not Anonymity either. They own all the global cables! And, for the better I think. Because I doubt the concept of Tiers will even be approachable in the near future. It’ll be something worse. Mandated by a government you likely don’t want doing so. So consider licensing access for Lawyers, Professors, Scholars, Doctors and students who are willing to sign on the dotted line. Or what we’ll wind up getting forced on us could likely be something much worse.
The internet and technology in general is reaching a point of no return. We either govern it (and preserve it’s power), or hand it over to enemies of progress like bored, young hackers and terrorists who want you and me dead. Or at least access to our money and computers. Anonymous itself shuts down website after website in the name of free speech (like the Scientology sites I despise as well, yet have just as much right to exist as Black Lives Matter and the Klan do). If this isn’t self evidence of hypocrisy, I don’t know what is. Yes, it’s more intricate than that, I know… but not by much. They wouldn’t have to shut all those down to begin with (for justice & fun) if we had a system of Tiered, responsibility claiming access to the internet by everyone to begin with. Where those who *must* have access, may have access, to certain powerful algorithms / programs like Tor, if necessary.
I’m sure I sound like the enemy. I just don’t care anymore. I care about people and their right to live a normal life over your ‘right’ to access the most powerful, deadly programs and Maths available on the Planet, freely online that a child can likely find and use. It’s insane that my concept of Tiered access receives so much rejection in the face of so much carnage and abuse. You wouldn’t give Car keys to a teenager without a license (and training first), so why do we allow access to the deadliest algorithms available without one (or more specifically do we)? But that’s just an uneducated question from my uneducated opinion I guess, isn’t it?
Well, we must find an answer to the online, techno-carnage that’s been happening over the years and how it’s only getting worse, more malicious and more damaging. Not just within my own family, but along with Tens of millions of others. We’re totally sick of it. Many of us have no access to pros or they’re opinions and can’t be expected to have to learn crypto just to do online banking or research. But we can’t keep reading about your Ninja skillz in the news either. What’s the answer? Are Licences or even ID’s or just a contract to ‘Practice Programming’ completely off the table in schools and other public settings? If so, why?
And please, don’t give me the creeping-government BS standard line, or quotes from George Orwell, because we passed that milestone long ago when we accepted having tracking devices with cameras and mics in our pockets all the time. Something on the left must give to reason before someone inflicts something on us beyond our current imagination. Perhaps after a successful dirty-bomb attack or DIY chem-set disaster (that you can belittle until it actually, eventually occurs) and they shut it all down. Or, you can start thinking now about how far you are willing to go to defend your free right to access the world’s most potentially dangerous information.
Thank you so much again for taking the time to read this. I’d really like to hear from you. You can respond here or you can follow me and yell at me for sounding like ‘the man’ on Twitter (I’m @sparhopper).
P.S. If I’m completely wrong for conceiving of something like this, fine. Got any better ideas?