Created
July 28, 2012 16:07
-
-
Save anonymous/3193854 to your computer and use it in GitHub Desktop.
28c3: The coming war on general computation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0:00:09.099,0:00:09.700 | |
| Introducer: | |
| 0:00:09.700,0:00:16.250 | |
| Anyway, I believe I've killed enough time | |
| ... so, ladies and gentlemen, a person who | |
| 0:00:16.250,0:00:22.169 | |
| in this crowd needs absolutely no introduction, | |
| Cory Doctorow! | |
| 0:00:22.169,0:00:24.660 | |
| [Audience applauds.] | |
| 0:00:24.660,0:00:25.910 | |
| Doctorow: | |
| 0:00:25.910,0:00:29.640 | |
| Thank you. | |
| 0:00:29.640,0:00:36.640 | |
| So, when I speak in places where | |
| the first language of the nation is not English, | |
| 0:00:37.640,0:00:44.269 | |
| there is a disclaimer and an apology, because | |
| I'm one of nature's fast talkers. When I was | |
| 0:00:44.269,0:00:49.679 | |
| at the United Nations at the World Intellectual | |
| Property Organization, I was known as the | |
| 0:00:49.679,0:00:55.550 | |
| "scourge" of the simultaneous translation | |
| corps; I would stand up and speak, and turn | |
| 0:00:55.550,0:00:59.679 | |
| around, and there would be window after window | |
| of translator, and every one of them would | |
| 0:00:59.679,0:01:06.520 | |
| be doing this [Doctorow facepalms]. [Audience | |
| laughs] So in advance, I give you permission | |
| 0:01:06.520,0:01:11.350 | |
| when I start talking quickly to do this [Doctorow | |
| makes SOS motion] and I will slow down. | |
| 0:01:11.350,0:01:17.060 | |
| So, tonight's talk -- wah, wah, waaah | |
| [Doctorow makes 'fail horn' sound, apparently | |
| 0:01:17.060,0:01:22.060 | |
| in response to audience making SOS motion; | |
| audience laughs]] -- tonight's talk is not | |
| 0:01:22.060,0:01:28.600 | |
| a copyright talk. I do copyright talks all | |
| the time; questions about culture and creativity | |
| 0:01:28.600,0:01:33.909 | |
| are interesting enough, but to be honest, | |
| I'm quite sick of them. If you want to hear | |
| 0:01:33.909,0:01:39.210 | |
| freelancer writers like me bang on about what's | |
| happening to the way we earn our living, by | |
| 0:01:39.210,0:01:45.020 | |
| all means, go and find one of the many talks | |
| I've done on this subject on YouTube. But, | |
| 0:01:45.020,0:01:49.990 | |
| tonight, I want to talk about something more | |
| important -- I want talk to talk about general | |
| 0:01:49.990,0:01:52.689 | |
| purpose computers. | |
| 0:01:52.689,0:01:57.689 | |
| Because general purpose computers are, in | |
| fact, astounding -- so astounding that our | |
| 0:01:57.689,0:02:03.189 | |
| society is still struggling to come to grips | |
| with them: to figure out what they're for, | |
| 0:02:03.189,0:02:09.729 | |
| to figure out how to accommodate them, and | |
| how to cope with them. Which, unfortunately, | |
| 0:02:09.729,0:02:12.319 | |
| brings me back to copyright. | |
| 0:02:12.319,0:02:17.800 | |
| Because the general shape of the | |
| copyright wars and the lessons they can teach | |
| 0:02:17.800,0:02:23.310 | |
| us about the upcoming fights over the destiny | |
| of the general purpose computer are important. | |
| 0:02:23.310,0:02:30.310 | |
| In the beginning, we had packaged software, | |
| and the attendant industry, and we had sneakernet. | |
| 0:02:31.690,0:02:38.100 | |
| So, we had floppy disks in ziplock bags, or | |
| in cardboard boxes, hung on pegs in shops, | |
| 0:02:38.100,0:02:43.780 | |
| and sold like candy bars and magazines. And | |
| they were eminently susceptible to duplication, | |
| 0:02:43.780,0:02:49.500 | |
| and so they were duplicated quickly, and widely, | |
| and this was to the great chagrin of people | |
| 0:02:49.500,0:02:51.680 | |
| who made and sold software. | |
| 0:02:51.680,0:02:58.680 | |
| Enter DRM 0.96. They started to | |
| introduce physical defects to the disks or | |
| 0:02:59.430,0:03:05.770 | |
| started to insist on other physical indicia | |
| which the software could check for -- dongles, | |
| 0:03:05.770,0:03:10.660 | |
| hidden sectors, challenge/response protocols | |
| that required that you had physical possession | |
| 0:03:10.660,0:03:17.330 | |
| of large, unwieldy manuals that were difficult | |
| to copy, and of course these failed, for two | |
| 0:03:17.330,0:03:23.090 | |
| reasons. First, they were commercially unpopular, | |
| of course, because they reduced the usefulness | |
| 0:03:23.090,0:03:27.600 | |
| of the software to the legitimate purchasers, | |
| while leaving the people who took the software | |
| 0:03:27.600,0:03:32.790 | |
| without paying for it untouched. The legitimate | |
| purchasers resented the non-functionality | |
| 0:03:32.790,0:03:38.240 | |
| of their backups, they hated the loss of scarce | |
| ports to the authentication dongles, and they | |
| 0:03:38.240,0:03:43.620 | |
| resented the inconvenience of having to transport | |
| large manuals when they wanted to run their | |
| 0:03:43.620,0:03:49.260 | |
| software. And second, these didn't stop pirates, | |
| who found it trivial to patch the software | |
| 0:03:49.260,0:03:55.080 | |
| and bypass authentication. Typically, the | |
| way that happened is some expert who had possession | |
| 0:03:55.080,0:04:00.680 | |
| of technology and expertise of equivalent | |
| sophistication to the software vendor itself, | |
| 0:04:00.680,0:04:05.820 | |
| would reverse engineer the software and release | |
| cracked versions that quickly became widely | |
| 0:04:05.820,0:04:11.630 | |
| circulated. While this kind of expertise and | |
| technology sounded highly specialized, it | |
| 0:04:11.630,0:04:16.750 | |
| really wasn't; figuring out what recalcitrant | |
| programs were doing, and routing around the | |
| 0:04:16.750,0:04:22.639 | |
| defects in shitty floppy disk media were both | |
| core skills for computer programmers, and | |
| 0:04:22.639,0:04:27.300 | |
| were even more so in the era of fragile floppy | |
| disks and the rough-and-ready early days of | |
| 0:04:27.300,0:04:33.660 | |
| software development. Anti-copying strategies | |
| only became more fraught as networks spread; | |
| 0:04:33.660,0:04:38.840 | |
| once we had BBSes, online services, USENET | |
| newsgroups, and mailing lists, the expertise | |
| 0:04:38.840,0:04:43.240 | |
| of people who figured out how to defeat these | |
| authentication systems could be packaged up | |
| 0:04:43.240,0:04:49.640 | |
| in software as little crack files, or, as | |
| the network capacity increased, the cracked | |
| 0:04:49.640,0:04:53.420 | |
| disk images or executables themselves could | |
| be spread on their own. | |
| 0:04:53.420,0:05:00.420 | |
| Which gave us DRM 1.0. By 1996, | |
| it became clear to everyone in the halls of | |
| 0:05:00.480,0:05:06.130 | |
| power that there was something important about | |
| to happen. We were about to have an information | |
| 0:05:06.130,0:05:13.070 | |
| economy, whatever the hell that was. They | |
| assumed it meant an economy where we bought | |
| 0:05:13.070,0:05:19.960 | |
| and sold information. Now, information technology | |
| makes things efficient, so imagine the markets | |
| 0:05:19.960,0:05:25.150 | |
| that an information economy would have. You | |
| could buy a book for a day, you could sell | |
| 0:05:25.150,0:05:29.740 | |
| the right to watch the movie for one Euro, | |
| and then you could rent out the pause button | |
| 0:05:29.740,0:05:35.210 | |
| at one penny per second. You could sell movies | |
| for one price in one country, and another | |
| 0:05:35.210,0:05:41.230 | |
| price in another, and so on, and so on; the | |
| fantasies of those days were a little like | |
| 0:05:41.230,0:05:46.880 | |
| a boring science fiction adaptation of the | |
| Old Testament book of Numbers, a kind of tedious | |
| 0:05:46.880,0:05:52.080 | |
| enumeration of every permutation of things | |
| people do with information and the ways we | |
| 0:05:52.080,0:05:54.020 | |
| could charge them for it. | |
| 0:05:54.020,0:05:58.870 | |
| But none of this would be possible | |
| unless we could control how people use their | |
| 0:05:58.870,0:06:04.419 | |
| computers and the files we transfer to them. | |
| After all, it was well and good to talk about | |
| 0:06:04.419,0:06:10.090 | |
| selling someone the 24 hour right to a video, | |
| or the right to move music onto an iPod, but | |
| 0:06:10.090,0:06:15.220 | |
| not the right to move music from the iPod | |
| onto another device, but how the Hell could | |
| 0:06:15.220,0:06:19.850 | |
| you do that once you'd given them the file? | |
| In order to do that, to make this work, you | |
| 0:06:19.850,0:06:24.340 | |
| needed to figure out how to stop computers | |
| from running certain programs and inspecting | |
| 0:06:24.340,0:06:29.669 | |
| certain files and processes. For example, | |
| you could encrypt the file, and then require | |
| 0:06:29.669,0:06:34.000 | |
| the user to run a program that only unlocked | |
| the file under certain circumstances. | |
| 0:06:34.000,0:06:40.990 | |
| But as they say on the Internet, | |
| "now you have two problems". You also, now, | |
| 0:06:40.990,0:06:45.050 | |
| have to stop the user from saving the file | |
| while it's in the clear, and you have to stop | |
| 0:06:45.050,0:06:49.639 | |
| the user from figuring out where the unlocking | |
| program stores its keys, because if the user | |
| 0:06:49.639,0:06:53.820 | |
| finds the keys, she'll just decrypt the file | |
| and throw away that stupid player app. | |
| 0:06:53.820,0:06:58.370 | |
| And now you have three problems | |
| [audience laughs], because now you have to | |
| 0:06:58.370,0:07:02.020 | |
| stop the users who figure out how to render | |
| the file in the clear from sharing it with | |
| 0:07:02.020,0:07:07.060 | |
| other users, and now you've got four! problems, | |
| because now you have to stop the users who | |
| 0:07:07.060,0:07:11.710 | |
| figure out how to extract secrets from unlocking | |
| programs from telling other users how to do | |
| 0:07:11.710,0:07:16.830 | |
| it too, and now you've got five! problems, | |
| because now you have to stop users who figure | |
| 0:07:16.830,0:07:20.680 | |
| out how to extract secrets from unlocking | |
| programs from telling other users what the | |
| 0:07:20.680,0:07:22.070 | |
| secrets were! | |
| 0:07:22.070,0:07:28.910 | |
| That's a lot of problems. But by | |
| 1996, we had a solution. We had the WIPO Copyright | |
| 0:07:28.910,0:07:32.990 | |
| Treaty, passed by the United Nations World | |
| Intellectual Property Organization, which | |
| 0:07:32.990,0:07:37.930 | |
| created laws that made it illegal to extract | |
| secrets from unlocking programs, and it created | |
| 0:07:37.930,0:07:42.250 | |
| laws that made it illegal to extract media | |
| cleartexts from the unlocking programs while | |
| 0:07:42.250,0:07:46.580 | |
| they were running, and it created laws that | |
| made it illegal to tell people how to extract | |
| 0:07:46.580,0:07:51.720 | |
| secrets from unlocking programs, and created | |
| laws that made it illegal to host copyrighted | |
| 0:07:51.720,0:07:58.120 | |
| works and secrets and all with a handy streamlined | |
| process that let you remove stuff from the | |
| 0:07:58.120,0:08:02.729 | |
| internet without having to screw around with | |
| lawyers, and judges, and all that crap. And | |
| 0:08:02.729,0:08:09.729 | |
| with that, illegal copying ended forever [audience | |
| laughs very hard, applauds], the information | |
| 0:08:18.710,0:08:23.490 | |
| economy blossomed into a beautiful flower | |
| that brought prosperity to the whole wide | |
| 0:08:23.490,0:08:29.630 | |
| world; as they say on the aircraft carriers, | |
| "Mission Accomplished". [audience laughs] | |
| 0:08:29.630,0:08:34.490 | |
| Well, of course that's not how the | |
| story ends because pretty much anyone who | |
| 0:08:34.490,0:08:39.630 | |
| understood computers and networks understood | |
| that while these laws would create more problems | |
| 0:08:39.630,0:08:44.180 | |
| than they could possibly solve; after all, | |
| these were laws that made it illegal to look | |
| 0:08:44.180,0:08:49.149 | |
| inside your computer when it was running certain | |
| programs, they made it illegal to tell people | |
| 0:08:49.149,0:08:53.550 | |
| what you found when you looked inside your | |
| computer, they made it easy to censor material | |
| 0:08:53.550,0:08:57.769 | |
| on the internet without having to prove that | |
| anything wrong had happened; in short, they | |
| 0:08:57.769,0:09:04.420 | |
| made unrealistic demands on reality and reality | |
| did not oblige them. After all, copying only | |
| 0:09:04.420,0:09:09.050 | |
| got easier following the passage of these | |
| laws -- copying will only ever get easier! | |
| 0:09:09.050,0:09:14.329 | |
| Here, 2011, this is as hard as copying will | |
| get! Your grandchildren will turn to you around | |
| 0:09:14.329,0:09:18.420 | |
| the Christmas table and say "Tell me again, | |
| Grandpa, tell me again, Grandma, about when | |
| 0:09:18.420,0:09:23.550 | |
| it was hard to copy things in 2011, when you | |
| couldn't get a drive the size of your fingernail | |
| 0:09:23.550,0:09:27.860 | |
| that could hold every song ever recorded, | |
| every movie ever made, every word ever spoken, | |
| 0:09:27.860,0:09:31.920 | |
| every picture ever taken, everything, and | |
| transfer it in such a short period of time | |
| 0:09:31.920,0:09:36.300 | |
| you didn't even notice it was doing it, tell | |
| us again when it was so stupidly hard to copy | |
| 0:09:36.300,0:09:43.300 | |
| things back in 2011". And so, reality asserted | |
| itself, and everyone had a good laugh over | |
| 0:09:43.490,0:09:47.970 | |
| how funny our misconceptions were when we | |
| entered the 21st century, and then a lasting | |
| 0:09:47.970,0:09:52.759 | |
| peace was reached with freedom and prosperity | |
| for all. [audience chuckles] | |
| 0:09:52.759,0:09:57.949 | |
| Well, not really. Because, like | |
| the nursery rhyme lady who swallows a spider | |
| 0:09:57.949,0:10:02.329 | |
| to catch a fly, and has to swallow a bird | |
| to catch the spider, and a cat to catch the | |
| 0:10:02.329,0:10:08.850 | |
| bird, and so on, so must a regulation that | |
| has broad general appeal but is disastrous | |
| 0:10:08.850,0:10:13.929 | |
| in its implementation beget a new regulation | |
| aimed at shoring up the failure of the old | |
| 0:10:13.929,0:10:18.110 | |
| one. Now, it's tempting to stop the story | |
| here and conclude that the problem is that | |
| 0:10:18.110,0:10:23.470 | |
| lawmakers are either clueless or evil, or | |
| possibly evilly clueless, and just leave it | |
| 0:10:23.470,0:10:28.730 | |
| there, which is not a very satisfying place | |
| to go, because it's fundamentally a council | |
| 0:10:28.730,0:10:33.350 | |
| of despair; it suggests that our problems | |
| cannot be solved for so long as stupidity | |
| 0:10:33.350,0:10:38.660 | |
| and evilness are present in the halls of power, | |
| which is to say they will never be solved. | |
| 0:10:38.660,0:10:41.100 | |
| But I have another theory about what's happened. | |
| 0:10:41.100,0:10:46.220 | |
| It's not that regulators don't understand | |
| information technology, because it should | |
| 0:10:46.220,0:10:52.819 | |
| be possible to be a non-expert and still make | |
| a good law! M.P.s and Congressmen and so on | |
| 0:10:52.819,0:10:58.129 | |
| are elected to represent districts and people, | |
| not disciplines and issues. We don't have | |
| 0:10:58.129,0:11:02.490 | |
| a Member of Parliament for biochemistry, and | |
| we don't have a Senator from the great state | |
| 0:11:02.490,0:11:09.240 | |
| of urban planning, and we don't have an M.E.P. | |
| from child welfare. (But perhaps we should.) | |
| 0:11:09.240,0:11:14.610 | |
| And yet those people who are experts in policy | |
| and politics, not technical disciplines, nevertheless, | |
| 0:11:14.610,0:11:20.029 | |
| often do manage to pass good rules that make | |
| sense, and that's because government relies | |
| 0:11:20.029,0:11:24.850 | |
| on heuristics -- rules of thumbs about how | |
| to balance expert input from different sides | |
| 0:11:24.850,0:11:25.790 | |
| of an issue. | |
| 0:11:25.790,0:11:30.269 | |
| But information technology confounds | |
| these heuristics -- it kicks the crap out | |
| 0:11:30.269,0:11:36.170 | |
| of them -- in one important way, and this | |
| is it. One important test of whether or not | |
| 0:11:36.170,0:11:40.540 | |
| a regulation is fit for a purpose is first, | |
| of course, whether it will work, but second | |
| 0:11:40.540,0:11:45.249 | |
| of all, whether or not in the course of doing | |
| its work, it will have lots of effects on | |
| 0:11:45.249,0:11:51.619 | |
| everything else. If I wanted Congress to write, | |
| or Parliament to write, or the E.U. to regulate | |
| 0:11:51.619,0:11:56.769 | |
| a wheel, it's unlikely I'd succeed. If I turned | |
| up and said "well, everyone knows that wheels | |
| 0:11:56.769,0:12:01.980 | |
| are good and right, but have you noticed that | |
| every single bank robber has four wheels on | |
| 0:12:01.980,0:12:06.449 | |
| his car when he drives away from the bank | |
| robbery? Can't we do something about this?", | |
| 0:12:06.449,0:12:11.189 | |
| the answer would of course be "no". Because | |
| we don't know how to make a wheel that is | |
| 0:12:11.189,0:12:16.800 | |
| still generally useful for legitimate wheel | |
| applications but useless to bad guys. And | |
| 0:12:16.800,0:12:20.959 | |
| we can all see that the general benefits of | |
| wheels are so profound that we'd be foolish | |
| 0:12:20.959,0:12:26.470 | |
| to risk them in a foolish errand to stop bank | |
| robberies by changing wheels. Even if there | |
| 0:12:26.470,0:12:31.050 | |
| were an /epidemic/ of bank robberies, even | |
| if society were on the verge of collapse thanks | |
| 0:12:31.050,0:12:34.999 | |
| to bank robberies, no-one would think that | |
| wheels were the right place to start solving | |
| 0:12:34.999,0:12:36.149 | |
| our problems. | |
| 0:12:36.149,0:12:42.470 | |
| But. If I were to show up in that | |
| same body to say that I had absolute proof | |
| 0:12:42.470,0:12:48.300 | |
| that hands-free phones were making cars dangerous, | |
| and I said, "I would like you to pass a law | |
| 0:12:48.300,0:12:52.619 | |
| that says it's illegal to put a hands-free | |
| phone in a car", the regulator might say "Yeah, | |
| 0:12:52.619,0:12:56.499 | |
| I'd take your point, we'd do that". And we | |
| might disagree about whether or not this is | |
| 0:12:56.499,0:13:00.809 | |
| a good idea, or whether or not my evidence | |
| made sense, but very few of us would say "well, | |
| 0:13:00.809,0:13:06.519 | |
| once you take the hands-free phones out of | |
| the car, they stop being cars". We understand | |
| 0:13:06.519,0:13:12.100 | |
| that we can keep cars cars even if we remove | |
| features from them. Cars are special purpose, | |
| 0:13:12.100,0:13:16.860 | |
| at least in comparison to wheels, and all | |
| that the addition of a hands-free phone does | |
| 0:13:16.860,0:13:22.829 | |
| is add one more feature to an already-specialized | |
| technology. In fact, there's that heuristic | |
| 0:13:22.829,0:13:27.480 | |
| that we can apply here -- special-purpose | |
| technologies are complex. And you can remove | |
| 0:13:27.480,0:13:32.569 | |
| features from them without doing fundamental | |
| disfiguring violence to their underlying utility. | |
| 0:13:32.569,0:13:38.309 | |
| This rule of thumb serves regulators | |
| well, by and large, but it is rendered null | |
| 0:13:38.309,0:13:42.869 | |
| and void by the general-purpose computer and | |
| the general-purpose network -- the PC and | |
| 0:13:42.869,0:13:48.230 | |
| the Internet. Because if you think of computer | |
| software as a feature, that is a computer | |
| 0:13:48.230,0:13:52.649 | |
| with spreadsheets running on it has a spreadsheet | |
| feature, and one that's running World of Warcraft | |
| 0:13:52.649,0:13:57.899 | |
| has an MMORPG feature, then this heuristic | |
| leads you to think that you could reasonably | |
| 0:13:57.899,0:14:02.319 | |
| say, "make me a computer that doesn't run | |
| spreadsheets", and that it would be no more | |
| 0:14:02.319,0:14:07.029 | |
| of an attack on computing than "make me a | |
| car without a hands-free phone" is an attack | |
| 0:14:07.029,0:14:12.610 | |
| on cars. And if you think of protocols and | |
| sites as features of the network, then saying | |
| 0:14:12.610,0:14:18.939 | |
| "fix the Internet so that it doesn't run BitTorrent", | |
| or "fix the Internet so that thepiratebay.org | |
| 0:14:18.939,0:14:23.709 | |
| no longer resolves", then it sounds a lot | |
| like "change the sound of busy signals", or | |
| 0:14:23.709,0:14:28.439 | |
| "take that pizzeria on the corner off the | |
| phone network", and not like an attack on | |
| 0:14:28.439,0:14:30.899 | |
| the fundamental principles of internetworking. | |
| 0:14:30.899,0:14:36.420 | |
| Not realizing that this rule of | |
| thumb that works for cars and for houses and | |
| 0:14:36.420,0:14:41.189 | |
| for every other substantial area of technological | |
| regulation fails for the Internet does not | |
| 0:14:41.189,0:14:45.059 | |
| make you evil and it does not make you an | |
| ignoramus. It just makes you part of that | |
| 0:14:45.059,0:14:50.679 | |
| vast majority of the world for whom ideas | |
| like "Turing complete" and "end-to-end" are | |
| 0:14:50.679,0:14:56.839 | |
| meaningless. So, our regulators go off, and | |
| they blithely pass these laws, and they become | |
| 0:14:56.839,0:15:01.439 | |
| part of the reality of our technological world. | |
| There are suddenly numbers that we aren't | |
| 0:15:01.439,0:15:06.290 | |
| allowed to write down on the Internet, programs | |
| we're not allowed to publish, and all it takes | |
| 0:15:06.290,0:15:11.489 | |
| to make legitimate material disappear from | |
| the Internet is to say "that? That infringes | |
| 0:15:11.489,0:15:15.809 | |
| copyright.". It fails to attain the actual | |
| goal of the regulation; it doesn't stop people | |
| 0:15:15.809,0:15:21.119 | |
| from violating copyright, but it bears a kind | |
| of superficial resemblance to copyright enforcement | |
| 0:15:21.119,0:15:26.959 | |
| -- it satisfies the security syllogism: "something | |
| must be done, I am doing something, something | |
| 0:15:26.959,0:15:32.790 | |
| has been done." And thus any failures that | |
| arise can be blamed on the idea that the regulation | |
| 0:15:32.790,0:15:37.859 | |
| doesn't go far enough, rather than the idea | |
| that it was flawed from the outset. | |
| 0:15:37.859,0:15:42.399 | |
| This kind of superficial resemblance | |
| and underlying divergence happens in other | |
| 0:15:42.399,0:15:46.999 | |
| engineering contexts. I've a friend who was | |
| once a senior executive at a big consumer | |
| 0:15:46.999,0:15:50.929 | |
| packaged goods company who told me about what | |
| happened when the marketing department told | |
| 0:15:50.929,0:15:55.199 | |
| the engineers that they'd thought up a great | |
| idea for detergent: from now on, they were | |
| 0:15:55.199,0:16:00.059 | |
| going to make detergent that made your clothes | |
| newer every time you washed them! Well after | |
| 0:16:00.059,0:16:04.869 | |
| the engineers had tried unsuccessfully to | |
| convey the concept of "entropy" to the marketing | |
| 0:16:04.869,0:16:10.100 | |
| department [audience laughs], they arrived | |
| at another solution -- "solution" -- they'd | |
| 0:16:10.100,0:16:15.959 | |
| develop a detergent that used enzymes that | |
| attacked loose fiber ends, the kind that you | |
| 0:16:15.959,0:16:20.259 | |
| get with broken fibers that make your clothes | |
| look old. So every time you washed your clothes | |
| 0:16:20.259,0:16:25.100 | |
| in the detergent, they would look newer. But | |
| that was because the detergent was literally | |
| 0:16:25.100,0:16:31.100 | |
| digesting your clothes! Using it would literally | |
| cause your clothes to dissolve in the washing | |
| 0:16:31.100,0:16:36.949 | |
| machine! This was the opposite of making clothes | |
| newer; instead, you were artificially aging | |
| 0:16:36.949,0:16:42.829 | |
| your clothes every time you washed them, and | |
| as the user, the more you deployed the "solution", | |
| 0:16:42.829,0:16:47.489 | |
| the more drastic your measures had to be to | |
| keep your clothes up to date -- you actually | |
| 0:16:47.489,0:16:50.720 | |
| had to go buy new clothes because the old | |
| ones fell apart. | |
| 0:16:50.720,0:16:55.129 | |
| So today we have marketing departments | |
| who say things like "we don't need computers, | |
| 0:16:55.129,0:17:00.540 | |
| we need... appliances. Make me a computer | |
| that doesn't run every program, just a program | |
| 0:17:00.540,0:17:05.920 | |
| that does this specialized task, like streaming | |
| audio, or routing packets, or playing Xbox | |
| 0:17:05.920,0:17:10.429 | |
| games, and make sure it doesn't run programs | |
| that I haven't authorized that might undermine | |
| 0:17:10.429,0:17:16.019 | |
| our profits". And on the surface, this seems | |
| like a reasonable idea -- just a program that | |
| 0:17:16.019,0:17:22.679 | |
| does one specialized task -- after all, we | |
| can put an electric motor in a blender, and | |
| 0:17:22.679,0:17:27.059 | |
| we can install a motor in a dishwasher, and | |
| we don't worry if it's still possible to run | |
| 0:17:27.059,0:17:33.490 | |
| a dishwashing program in a blender. But that's | |
| not what we do when we turn a computer into | |
| 0:17:33.490,0:17:38.380 | |
| an appliance. We're not making a computer | |
| that runs only the "appliance" app; we're | |
| 0:17:38.380,0:17:43.870 | |
| making a computer that can run every program, | |
| but which uses some combination of rootkits, | |
| 0:17:43.870,0:17:48.409 | |
| spyware, and code-signing to prevent the user | |
| from knowing which processes are running, | |
| 0:17:48.409,0:17:53.049 | |
| from installing her own software, and from | |
| terminating processes that she doesn't want. | |
| 0:17:53.049,0:17:58.870 | |
| In other words, an appliance is not a stripped-down | |
| computer -- it is a fully functional computer | |
| 0:17:58.870,0:18:02.299 | |
| with spyware on it out of the box. | |
| 0:18:02.299,0:18:08.750 | |
| [audience applauds loudly] Thanks. | |
| 0:18:08.750,0:18:14.190 | |
| Because we don't know how to build | |
| the general purpose computer that is capable | |
| 0:18:14.190,0:18:18.539 | |
| of running any program we can compile except | |
| for some program that we don't like, or that | |
| 0:18:18.539,0:18:23.549 | |
| we prohibit by law, or that loses us money. | |
| The closest approximation that we have to | |
| 0:18:23.549,0:18:29.220 | |
| this is a computer with spyware -- a computer | |
| on which remote parties set policies without | |
| 0:18:29.220,0:18:34.220 | |
| the computer user's knowledge, over the objection | |
| of the computer's owner. And so it is that | |
| 0:18:34.220,0:18:37.450 | |
| digital rights management always converges | |
| on malware. | |
| 0:18:37.450,0:18:41.200 | |
| There was, of course, this famous | |
| incident, a kind of gift to people who have | |
| 0:18:41.200,0:18:47.130 | |
| this hypothesis, in which Sony loaded covert | |
| rootkit installers on 6 million audio CDs, | |
| 0:18:47.130,0:18:52.399 | |
| which secretly executed programs that watched | |
| for attempts to read the sound files on CDs, | |
| 0:18:52.399,0:18:56.269 | |
| and terminated them, and which also hid the | |
| rootkit's existence by causing the kernel | |
| 0:18:56.269,0:19:00.820 | |
| to lie about which processes were running, | |
| and which files were present on the drive. | |
| 0:19:00.820,0:19:05.960 | |
| But it's not the only example; just recently, | |
| Nintendo shipped the 3DS, which opportunistically | |
| 0:19:05.960,0:19:10.130 | |
| updates its firmware, and does an integrity | |
| check to make sure that you haven't altered | |
| 0:19:10.130,0:19:15.299 | |
| the old firmware in any way, and if it detects | |
| signs of tampering, it bricks itself. | |
| 0:19:15.299,0:19:20.389 | |
| Human rights activists have raised | |
| alarms over U-EFI, the new PC bootloader, | |
| 0:19:20.389,0:19:25.179 | |
| which restricts your computer so it runs signed | |
| operating systems, noting that repressive | |
| 0:19:25.179,0:19:30.279 | |
| governments will likely withhold signatures | |
| from OSes unless they have covert surveillance | |
| 0:19:30.279,0:19:30.850 | |
| operations. | |
| 0:19:30.850,0:19:35.179 | |
| And on the network side, attempts | |
| to make a network that can't be used for copyright | |
| 0:19:35.179,0:19:40.710 | |
| infringement always converges with the surveillance | |
| measures that we know from repressive governments. | |
| 0:19:40.710,0:19:47.700 | |
| So, SOPA, the U.S. Stop Online Piracy Act, | |
| bans tools like DNSSec because they can be | |
| 0:19:47.700,0:19:52.519 | |
| used to defeat DNS blocking measures. And | |
| it blocks tools like Tor, because they can | |
| 0:19:52.519,0:19:57.760 | |
| be used to circumvent IP blocking measures. | |
| In fact, the proponents of SOPA, the Motion | |
| 0:19:57.760,0:20:03.120 | |
| Picture Association of America, circulated | |
| a memo, citing research that SOPA would probably | |
| 0:20:03.120,0:20:08.600 | |
| work, because it uses the same measures as | |
| are used in Syria, China, and Uzbekistan, | |
| 0:20:08.600,0:20:12.389 | |
| and they argued that these measures are effective | |
| in those countries, and so they would work | |
| 0:20:12.389,0:20:13.880 | |
| in America, too! | |
| 0:20:13.880,0:20:20.279 | |
| [audience laughs and applauds] Don't applaud | |
| me, applaud the MPAA! | |
| 0:20:20.279,0:20:26.039 | |
| Now, it may seem like SOPA is the | |
| end game in a long fight over copyright, and | |
| 0:20:26.039,0:20:30.639 | |
| the internet, and it may seem like if we defeat | |
| SOPA, we'll be well on our way to securing | |
| 0:20:30.639,0:20:36.320 | |
| the freedom of PCs and networks. But as I | |
| said at the beginning of this talk, this isn't | |
| 0:20:36.320,0:20:42.649 | |
| about copyright, because the copyright wars | |
| are just the 0.9 beta version of the long | |
| 0:20:42.649,0:20:47.490 | |
| coming war on computation. The entertainment | |
| industry were just the first belligerents | |
| 0:20:47.490,0:20:52.340 | |
| in this coming century-long conflict. We tend | |
| to think of them as particularly successful | |
| 0:20:52.340,0:20:58.610 | |
| -- after all, here is SOPA, trembling on the | |
| verge of passage, and breaking the internet | |
| 0:20:58.610,0:21:04.519 | |
| on this fundamental level in the name of preserving | |
| Top 40 music, reality TV shows, and Ashton | |
| 0:21:04.519,0:21:06.929 | |
| Kutcher movies! [laughs, scattered applause] | |
| 0:21:06.929,0:21:13.100 | |
| But the reality is, copyright legislation | |
| gets as far as it does precisely because it's | |
| 0:21:13.100,0:21:18.980 | |
| not taken seriously, which is why on one hand, | |
| Canada has had Parliament after Parliament | |
| 0:21:18.980,0:21:23.940 | |
| introduce one stupid copyright bill after | |
| another, but on the other hand, Parliament | |
| 0:21:23.940,0:21:29.639 | |
| after Parliament has failed to actually vote | |
| on the bill. It's why we got SOPA, a bill | |
| 0:21:29.639,0:21:36.639 | |
| composed of pure stupid, pieced together molecule-by-molecule, | |
| into a kind of "Stupidite 250", which is normally | |
| 0:21:37.509,0:21:44.110 | |
| only found in the heart of newborn star, and | |
| it's why these rushed-through SOPA hearings | |
| 0:21:44.110,0:21:48.679 | |
| had to be adjourned midway through the Christmas | |
| break, so that lawmakers could get into a | |
| 0:21:48.679,0:21:55.029 | |
| real vicious nationally-infamous debate over | |
| an important issue, unemployment insurance. | |
| 0:21:55.029,0:22:01.840 | |
| It's why the World Intellectual Property Organization | |
| is gulled time and again into enacting crazed, | |
| 0:22:01.840,0:22:07.090 | |
| pig-ignorant copyright proposals because when | |
| the nations of the world send their U.N. missions | |
| 0:22:07.090,0:22:13.070 | |
| to Geneva, they send water experts, not copyright | |
| experts; they send health experts, not copyright | |
| 0:22:13.070,0:22:17.730 | |
| experts; they send agriculture experts, not | |
| copyright experts, because copyright is just | |
| 0:22:17.730,0:22:24.730 | |
| not important to pretty much everyone! [applause] | |
| 0:22:27.179,0:22:34.179 | |
| Canada's Parliament didn't vote | |
| on its copyright bills because, of all the | |
| 0:22:34.490,0:22:40.169 | |
| things that Canada needs to do, fixing copyright | |
| ranks well below health emergencies on first | |
| 0:22:40.169,0:22:45.440 | |
| nations reservations, exploiting the oil patch | |
| in Alberta, interceding in sectarian resentments | |
| 0:22:45.440,0:22:49.799 | |
| among French- and English-speakers, solving | |
| resources crises in the nation's fisheries, | |
| 0:22:49.799,0:22:54.929 | |
| and thousand other issues! The triviality | |
| of copyright tells you that when other sectors | |
| 0:22:54.929,0:23:00.559 | |
| of the economy start to evince concerns about | |
| the internet and the PC, that copyright will | |
| 0:23:00.559,0:23:06.630 | |
| be revealed for a minor skirmish, and not | |
| a war. Why would other sectors nurse grudges | |
| 0:23:06.630,0:23:11.659 | |
| against computers? Well, because the world | |
| we live in today is /made/ of computers. We | |
| 0:23:11.659,0:23:15.899 | |
| don't have cars anymore, we have computers | |
| we ride in; we don't have airplanes anymore, | |
| 0:23:15.899,0:23:22.899 | |
| we have flying Solaris boxes with a big bucketful | |
| of SCADA controllers [laughter]; a 3D printer | |
| 0:23:24.409,0:23:30.380 | |
| is not a device, it's a peripheral, and it | |
| only works connected to a computer; a radio | |
| 0:23:30.380,0:23:36.200 | |
| is no longer a crystal, it's a general-purpose | |
| computer with a fast ADC and a fast DAC and | |
| 0:23:36.200,0:23:37.269 | |
| some software. | |
| 0:23:37.269,0:23:43.200 | |
| The grievances that arose from | |
| unauthorized copying are trivial, when compared | |
| 0:23:43.200,0:23:49.269 | |
| to the calls for action that our new computer-embroidered | |
| reality will create. Think of radio for a | |
| 0:23:49.269,0:23:54.149 | |
| minute. The entire basis for radio regulation | |
| up until today was based on the idea that | |
| 0:23:54.149,0:23:59.179 | |
| the properties of a radio are fixed at the | |
| time of manufacture, and can't be easily altered. | |
| 0:23:59.179,0:24:03.389 | |
| You can't just flip a switch on your baby | |
| monitor, and turn it into something that interferes | |
| 0:24:03.389,0:24:08.610 | |
| with air traffic control signals. But powerful | |
| software-defined radios can change from baby | |
| 0:24:08.610,0:24:13.720 | |
| monitor to emergency services dispatcher to | |
| air traffic controller just by loading and | |
| 0:24:13.720,0:24:18.590 | |
| executing different software, which is why | |
| the first time the American telecoms regulator | |
| 0:24:18.590,0:24:23.879 | |
| (the FCC) considered what would happen when | |
| we put SDRs in the field, they asked for comment | |
| 0:24:23.879,0:24:29.200 | |
| on whether it should mandate that all software-defined | |
| radios should be embedded in trusted computing | |
| 0:24:29.200,0:24:34.779 | |
| machines. Ultimately, whether every PC should | |
| be locked, so that the programs they run are | |
| 0:24:34.779,0:24:37.330 | |
| strictly regulated by central authorities. | |
| 0:24:37.330,0:24:42.259 | |
| And even this is a shadow of what | |
| is to come. After all, this was the year in | |
| 0:24:42.259,0:24:48.370 | |
| which we saw the debut of open sourced shape | |
| files for converting AR-15s to full automatic. | |
| 0:24:48.370,0:24:53.629 | |
| This was the year of crowd-funded open-sourced | |
| hardware for gene sequencing. And while 3D | |
| 0:24:53.629,0:24:57.750 | |
| printing will give rise to plenty of trivial | |
| complaints, there will be judges in the American | |
| 0:24:57.750,0:25:02.730 | |
| South and Mullahs in Iran who will lose their | |
| minds over people in their jurisdiction printing | |
| 0:25:02.730,0:25:09.509 | |
| out sex toys. [guffaw from audience] The trajectory | |
| of 3D printing will most certainly raise real | |
| 0:25:09.509,0:25:13.409 | |
| grievances, from solid state meth labs, to | |
| ceramic knives. | |
| 0:25:13.409,0:25:17.950 | |
| And it doesn't take a science fiction | |
| writer to understand why regulators might | |
| 0:25:17.950,0:25:23.889 | |
| be nervous about the user-modifiable firmware | |
| on self-driving cars, or limiting interoperability | |
| 0:25:23.889,0:25:28.789 | |
| for aviation controllers, or the kind of thing | |
| you could do with bio-scale assemblers and | |
| 0:25:28.789,0:25:34.240 | |
| sequencers. Imagine what will happen the day | |
| that Monsanto determines that it's really... | |
| 0:25:34.240,0:25:39.000 | |
| really... important to make sure that computers | |
| can't execute programs that cause specialized | |
| 0:25:39.000,0:25:44.940 | |
| peripherals to output organisms that eat their | |
| lunch... literally. Regardless of whether | |
| 0:25:44.940,0:25:50.070 | |
| you think these are real problems or merely | |
| hysterical fears, they are nevertheless the | |
| 0:25:50.070,0:25:54.440 | |
| province of lobbies and interest groups that | |
| are far more influential than Hollywood and | |
| 0:25:54.440,0:25:59.600 | |
| big content are on their best days, and every | |
| one of them will arrive at the same place | |
| 0:25:59.600,0:26:04.929 | |
| -- "can't you just make us a general purpose | |
| computer that runs all the programs, except | |
| 0:26:04.929,0:26:10.019 | |
| the ones that scare and anger us? Can't you | |
| just make us an Internet that transmits any | |
| 0:26:10.019,0:26:14.929 | |
| message over any protocol between any two | |
| points, unless it upsets us?" | |
| 0:26:14.929,0:26:18.879 | |
| And personally, I can see that | |
| there will be programs that run on general | |
| 0:26:18.879,0:26:24.100 | |
| purpose computers and peripherals that will | |
| even freak me out. So I can believe that people | |
| 0:26:24.100,0:26:28.370 | |
| who advocate for limiting general purpose | |
| computers will find receptive audience for | |
| 0:26:28.370,0:26:33.740 | |
| their positions. But just as we saw with the | |
| copyright wars, banning certain instructions, | |
| 0:26:33.740,0:26:39.470 | |
| or protocols, or messages, will be wholly | |
| ineffective as a means of prevention and remedy; | |
| 0:26:39.470,0:26:45.590 | |
| and as we saw in the copyright wars, all attempts | |
| at controlling PCs will converge on rootkits; | |
| 0:26:45.590,0:26:51.480 | |
| all attempts at controlling the Internet will | |
| converge on surveillance and censorship, which | |
| 0:26:51.480,0:26:57.179 | |
| is why all this stuff matters. Because we've | |
| spent the last 10+ years as a body sending | |
| 0:26:57.179,0:27:01.639 | |
| our best players out to fight what we thought | |
| was the final boss at the end of the game, | |
| 0:27:01.639,0:27:06.100 | |
| but it turns out it's just been the mini-boss | |
| at the end of the level, and the stakes are | |
| 0:27:06.100,0:27:07.340 | |
| only going to get higher. | |
| 0:27:07.340,0:27:11.509 | |
| As a member of the Walkman generation, | |
| I have made peace with the fact that I will | |
| 0:27:11.509,0:27:17.090 | |
| require a hearing aid long before I die, and | |
| of course, it won't be a hearing aid, it will | |
| 0:27:17.090,0:27:22.480 | |
| be a computer I put in my body. So when I | |
| get into a car -- a computer I put my body | |
| 0:27:22.480,0:27:27.580 | |
| into -- with my hearing aid -- a computer | |
| I put inside my body -- I want to know that | |
| 0:27:27.580,0:27:32.399 | |
| these technologies are not designed to keep | |
| secrets from me, and to prevent me from terminating | |
| 0:27:32.399,0:27:39.399 | |
| processes on them that work against my interests. | |
| [vigorous applause from audience] Thank you. | |
| 0:27:43.139,0:27:50.139 | |
| Thank you. So, last year, the Lower | |
| Merion School District, in a middle-class, | |
| 0:27:53.450,0:27:57.539 | |
| affluent suburb of Philadelphia found itself | |
| in a great deal of trouble, because it was | |
| 0:27:57.539,0:28:02.570 | |
| caught distributing PCs to its students, equipped | |
| with rootkits that allowed for remote covert | |
| 0:28:02.570,0:28:07.059 | |
| surveillance through the computer's camera | |
| and network connection. It transpired that | |
| 0:28:07.059,0:28:12.549 | |
| they had been photographing students thousands | |
| of times, at home and at school, awake and | |
| 0:28:12.549,0:28:17.990 | |
| asleep, dressed and naked. Meanwhile, the | |
| latest generation of lawful intercept technology | |
| 0:28:17.990,0:28:23.990 | |
| can covertly operate cameras, mics, and GPSes | |
| on PCs, tablets, and mobile devices. | |
| 0:28:23.990,0:28:30.039 | |
| Freedom in the future will require | |
| us to have the capacity to monitor our devices | |
| 0:28:30.039,0:28:36.419 | |
| and set meaningful policy on them, to examine | |
| and terminate the processes that run on them, | |
| 0:28:36.419,0:28:41.590 | |
| to maintain them as honest servants to our | |
| will, and not as traitors and spies working | |
| 0:28:41.590,0:28:47.179 | |
| for criminals, thugs, and control freaks. | |
| And we haven't lost yet, but we have to win | |
| 0:28:47.179,0:28:52.669 | |
| the copyright wars to keep the Internet and | |
| the PC free and open. Because these are the | |
| 0:28:52.669,0:28:58.299 | |
| materiel in the wars that are to come, we | |
| won't be able to fight on without them. And | |
| 0:28:58.299,0:29:04.299 | |
| I know this sounds like a council of despair, | |
| but as I said, these are early days. We have | |
| 0:29:04.299,0:29:08.710 | |
| been fighting the mini-boss, and that means | |
| that great challenges are yet to come, but | |
| 0:29:08.710,0:29:15.580 | |
| like all good level designers, fate has sent | |
| us a soft target to train ourselves on -- we | |
| 0:29:15.580,0:29:21.360 | |
| have a chance, a real chance, and if we support | |
| open and free systems, and the organizations | |
| 0:29:21.360,0:29:28.360 | |
| that fight for them -- EFF, Bits of Freedom | |
| [?], Edrie [?], [?], Nets Politique [?], La | |
| 0:29:28.740,0:29:33.450 | |
| Quadrature du Net, and all the others, who | |
| are thankfully, too numerous to name here | |
| 0:29:33.450,0:29:38.440 | |
| -- we may yet win the battle, and secure the | |
| ammunition we'll need for the war. | |
| 0:29:38.440,0:29:45.440 | |
| Thank you. | |
| 0:37:48.880,0:37:55.880 | |
| [sustained applause] | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment