public
anonymous / captions.sbv
Created

28c3: The coming war on general computation

  • Download Gist
captions.sbv
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 581 582 583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887 888 889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 969 970 971 972 973 974 975 976 977 978 979 980 981 982 983 984 985 986 987 988 989 990 991 992 993 994 995 996 997 998 999 1000 1001 1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 1013 1014 1015 1016 1017 1018 1019 1020 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 1189 1190 1191 1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278 1279 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 1323 1324 1325 1326 1327 1328 1329 1330 1331 1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354 1355
0:00:09.099,0:00:09.700
Introducer:
 
0:00:09.700,0:00:16.250
Anyway, I believe I've killed enough time
... so, ladies and gentlemen, a person who
 
0:00:16.250,0:00:22.169
in this crowd needs absolutely no introduction,
Cory Doctorow!
 
0:00:22.169,0:00:24.660
[Audience applauds.]
 
0:00:24.660,0:00:25.910
Doctorow:
 
0:00:25.910,0:00:29.640
Thank you.
 
0:00:29.640,0:00:36.640
So, when I speak in places where
the first language of the nation is not English,
 
0:00:37.640,0:00:44.269
there is a disclaimer and an apology, because
I'm one of nature's fast talkers. When I was
 
0:00:44.269,0:00:49.679
at the United Nations at the World Intellectual
Property Organization, I was known as the
 
0:00:49.679,0:00:55.550
"scourge" of the simultaneous translation
corps; I would stand up and speak, and turn
 
0:00:55.550,0:00:59.679
around, and there would be window after window
of translator, and every one of them would
 
0:00:59.679,0:01:06.520
be doing this [Doctorow facepalms]. [Audience
laughs] So in advance, I give you permission
 
0:01:06.520,0:01:11.350
when I start talking quickly to do this [Doctorow
makes SOS motion] and I will slow down.
 
0:01:11.350,0:01:17.060
So, tonight's talk -- wah, wah, waaah
[Doctorow makes 'fail horn' sound, apparently
 
0:01:17.060,0:01:22.060
in response to audience making SOS motion;
audience laughs]] -- tonight's talk is not
 
0:01:22.060,0:01:28.600
a copyright talk. I do copyright talks all
the time; questions about culture and creativity
 
0:01:28.600,0:01:33.909
are interesting enough, but to be honest,
I'm quite sick of them. If you want to hear
 
0:01:33.909,0:01:39.210
freelancer writers like me bang on about what's
happening to the way we earn our living, by
 
0:01:39.210,0:01:45.020
all means, go and find one of the many talks
I've done on this subject on YouTube. But,
 
0:01:45.020,0:01:49.990
tonight, I want to talk about something more
important -- I want talk to talk about general
 
0:01:49.990,0:01:52.689
purpose computers.
 
0:01:52.689,0:01:57.689
Because general purpose computers are, in
fact, astounding -- so astounding that our
 
0:01:57.689,0:02:03.189
society is still struggling to come to grips
with them: to figure out what they're for,
 
0:02:03.189,0:02:09.729
to figure out how to accommodate them, and
how to cope with them. Which, unfortunately,
 
0:02:09.729,0:02:12.319
brings me back to copyright.
 
0:02:12.319,0:02:17.800
Because the general shape of the
copyright wars and the lessons they can teach
 
0:02:17.800,0:02:23.310
us about the upcoming fights over the destiny
of the general purpose computer are important.
 
0:02:23.310,0:02:30.310
In the beginning, we had packaged software,
and the attendant industry, and we had sneakernet.
 
0:02:31.690,0:02:38.100
So, we had floppy disks in ziplock bags, or
in cardboard boxes, hung on pegs in shops,
 
0:02:38.100,0:02:43.780
and sold like candy bars and magazines. And
they were eminently susceptible to duplication,
 
0:02:43.780,0:02:49.500
and so they were duplicated quickly, and widely,
and this was to the great chagrin of people
 
0:02:49.500,0:02:51.680
who made and sold software.
 
0:02:51.680,0:02:58.680
Enter DRM 0.96. They started to
introduce physical defects to the disks or
 
0:02:59.430,0:03:05.770
started to insist on other physical indicia
which the software could check for -- dongles,
 
0:03:05.770,0:03:10.660
hidden sectors, challenge/response protocols
that required that you had physical possession
 
0:03:10.660,0:03:17.330
of large, unwieldy manuals that were difficult
to copy, and of course these failed, for two
 
0:03:17.330,0:03:23.090
reasons. First, they were commercially unpopular,
of course, because they reduced the usefulness
 
0:03:23.090,0:03:27.600
of the software to the legitimate purchasers,
while leaving the people who took the software
 
0:03:27.600,0:03:32.790
without paying for it untouched. The legitimate
purchasers resented the non-functionality
 
0:03:32.790,0:03:38.240
of their backups, they hated the loss of scarce
ports to the authentication dongles, and they
 
0:03:38.240,0:03:43.620
resented the inconvenience of having to transport
large manuals when they wanted to run their
 
0:03:43.620,0:03:49.260
software. And second, these didn't stop pirates,
who found it trivial to patch the software
 
0:03:49.260,0:03:55.080
and bypass authentication. Typically, the
way that happened is some expert who had possession
 
0:03:55.080,0:04:00.680
of technology and expertise of equivalent
sophistication to the software vendor itself,
 
0:04:00.680,0:04:05.820
would reverse engineer the software and release
cracked versions that quickly became widely
 
0:04:05.820,0:04:11.630
circulated. While this kind of expertise and
technology sounded highly specialized, it
 
0:04:11.630,0:04:16.750
really wasn't; figuring out what recalcitrant
programs were doing, and routing around the
 
0:04:16.750,0:04:22.639
defects in shitty floppy disk media were both
core skills for computer programmers, and
 
0:04:22.639,0:04:27.300
were even more so in the era of fragile floppy
disks and the rough-and-ready early days of
 
0:04:27.300,0:04:33.660
software development. Anti-copying strategies
only became more fraught as networks spread;
 
0:04:33.660,0:04:38.840
once we had BBSes, online services, USENET
newsgroups, and mailing lists, the expertise
 
0:04:38.840,0:04:43.240
of people who figured out how to defeat these
authentication systems could be packaged up
 
0:04:43.240,0:04:49.640
in software as little crack files, or, as
the network capacity increased, the cracked
 
0:04:49.640,0:04:53.420
disk images or executables themselves could
be spread on their own.
 
0:04:53.420,0:05:00.420
Which gave us DRM 1.0. By 1996,
it became clear to everyone in the halls of
 
0:05:00.480,0:05:06.130
power that there was something important about
to happen. We were about to have an information
 
0:05:06.130,0:05:13.070
economy, whatever the hell that was. They
assumed it meant an economy where we bought
 
0:05:13.070,0:05:19.960
and sold information. Now, information technology
makes things efficient, so imagine the markets
 
0:05:19.960,0:05:25.150
that an information economy would have. You
could buy a book for a day, you could sell
 
0:05:25.150,0:05:29.740
the right to watch the movie for one Euro,
and then you could rent out the pause button
 
0:05:29.740,0:05:35.210
at one penny per second. You could sell movies
for one price in one country, and another
 
0:05:35.210,0:05:41.230
price in another, and so on, and so on; the
fantasies of those days were a little like
 
0:05:41.230,0:05:46.880
a boring science fiction adaptation of the
Old Testament book of Numbers, a kind of tedious
 
0:05:46.880,0:05:52.080
enumeration of every permutation of things
people do with information and the ways we
 
0:05:52.080,0:05:54.020
could charge them for it.
 
0:05:54.020,0:05:58.870
But none of this would be possible
unless we could control how people use their
 
0:05:58.870,0:06:04.419
computers and the files we transfer to them.
After all, it was well and good to talk about
 
0:06:04.419,0:06:10.090
selling someone the 24 hour right to a video,
or the right to move music onto an iPod, but
 
0:06:10.090,0:06:15.220
not the right to move music from the iPod
onto another device, but how the Hell could
 
0:06:15.220,0:06:19.850
you do that once you'd given them the file?
In order to do that, to make this work, you
 
0:06:19.850,0:06:24.340
needed to figure out how to stop computers
from running certain programs and inspecting
 
0:06:24.340,0:06:29.669
certain files and processes. For example,
you could encrypt the file, and then require
 
0:06:29.669,0:06:34.000
the user to run a program that only unlocked
the file under certain circumstances.
 
0:06:34.000,0:06:40.990
But as they say on the Internet,
"now you have two problems". You also, now,
 
0:06:40.990,0:06:45.050
have to stop the user from saving the file
while it's in the clear, and you have to stop
 
0:06:45.050,0:06:49.639
the user from figuring out where the unlocking
program stores its keys, because if the user
 
0:06:49.639,0:06:53.820
finds the keys, she'll just decrypt the file
and throw away that stupid player app.
 
0:06:53.820,0:06:58.370
And now you have three problems
[audience laughs], because now you have to
 
0:06:58.370,0:07:02.020
stop the users who figure out how to render
the file in the clear from sharing it with
 
0:07:02.020,0:07:07.060
other users, and now you've got four! problems,
because now you have to stop the users who
 
0:07:07.060,0:07:11.710
figure out how to extract secrets from unlocking
programs from telling other users how to do
 
0:07:11.710,0:07:16.830
it too, and now you've got five! problems,
because now you have to stop users who figure
 
0:07:16.830,0:07:20.680
out how to extract secrets from unlocking
programs from telling other users what the
 
0:07:20.680,0:07:22.070
secrets were!
 
0:07:22.070,0:07:28.910
That's a lot of problems. But by
1996, we had a solution. We had the WIPO Copyright
 
0:07:28.910,0:07:32.990
Treaty, passed by the United Nations World
Intellectual Property Organization, which
 
0:07:32.990,0:07:37.930
created laws that made it illegal to extract
secrets from unlocking programs, and it created
 
0:07:37.930,0:07:42.250
laws that made it illegal to extract media
cleartexts from the unlocking programs while
 
0:07:42.250,0:07:46.580
they were running, and it created laws that
made it illegal to tell people how to extract
 
0:07:46.580,0:07:51.720
secrets from unlocking programs, and created
laws that made it illegal to host copyrighted
 
0:07:51.720,0:07:58.120
works and secrets and all with a handy streamlined
process that let you remove stuff from the
 
0:07:58.120,0:08:02.729
internet without having to screw around with
lawyers, and judges, and all that crap. And
 
0:08:02.729,0:08:09.729
with that, illegal copying ended forever [audience
laughs very hard, applauds], the information
 
0:08:18.710,0:08:23.490
economy blossomed into a beautiful flower
that brought prosperity to the whole wide
 
0:08:23.490,0:08:29.630
world; as they say on the aircraft carriers,
"Mission Accomplished". [audience laughs]
 
0:08:29.630,0:08:34.490
Well, of course that's not how the
story ends because pretty much anyone who
 
0:08:34.490,0:08:39.630
understood computers and networks understood
that while these laws would create more problems
 
0:08:39.630,0:08:44.180
than they could possibly solve; after all,
these were laws that made it illegal to look
 
0:08:44.180,0:08:49.149
inside your computer when it was running certain
programs, they made it illegal to tell people
 
0:08:49.149,0:08:53.550
what you found when you looked inside your
computer, they made it easy to censor material
 
0:08:53.550,0:08:57.769
on the internet without having to prove that
anything wrong had happened; in short, they
 
0:08:57.769,0:09:04.420
made unrealistic demands on reality and reality
did not oblige them. After all, copying only
 
0:09:04.420,0:09:09.050
got easier following the passage of these
laws -- copying will only ever get easier!
 
0:09:09.050,0:09:14.329
Here, 2011, this is as hard as copying will
get! Your grandchildren will turn to you around
 
0:09:14.329,0:09:18.420
the Christmas table and say "Tell me again,
Grandpa, tell me again, Grandma, about when
 
0:09:18.420,0:09:23.550
it was hard to copy things in 2011, when you
couldn't get a drive the size of your fingernail
 
0:09:23.550,0:09:27.860
that could hold every song ever recorded,
every movie ever made, every word ever spoken,
 
0:09:27.860,0:09:31.920
every picture ever taken, everything, and
transfer it in such a short period of time
 
0:09:31.920,0:09:36.300
you didn't even notice it was doing it, tell
us again when it was so stupidly hard to copy
 
0:09:36.300,0:09:43.300
things back in 2011". And so, reality asserted
itself, and everyone had a good laugh over
 
0:09:43.490,0:09:47.970
how funny our misconceptions were when we
entered the 21st century, and then a lasting
 
0:09:47.970,0:09:52.759
peace was reached with freedom and prosperity
for all. [audience chuckles]
 
0:09:52.759,0:09:57.949
Well, not really. Because, like
the nursery rhyme lady who swallows a spider
 
0:09:57.949,0:10:02.329
to catch a fly, and has to swallow a bird
to catch the spider, and a cat to catch the
 
0:10:02.329,0:10:08.850
bird, and so on, so must a regulation that
has broad general appeal but is disastrous
 
0:10:08.850,0:10:13.929
in its implementation beget a new regulation
aimed at shoring up the failure of the old
 
0:10:13.929,0:10:18.110
one. Now, it's tempting to stop the story
here and conclude that the problem is that
 
0:10:18.110,0:10:23.470
lawmakers are either clueless or evil, or
possibly evilly clueless, and just leave it
 
0:10:23.470,0:10:28.730
there, which is not a very satisfying place
to go, because it's fundamentally a council
 
0:10:28.730,0:10:33.350
of despair; it suggests that our problems
cannot be solved for so long as stupidity
 
0:10:33.350,0:10:38.660
and evilness are present in the halls of power,
which is to say they will never be solved.
 
0:10:38.660,0:10:41.100
But I have another theory about what's happened.
 
0:10:41.100,0:10:46.220
It's not that regulators don't understand
information technology, because it should
 
0:10:46.220,0:10:52.819
be possible to be a non-expert and still make
a good law! M.P.s and Congressmen and so on
 
0:10:52.819,0:10:58.129
are elected to represent districts and people,
not disciplines and issues. We don't have
 
0:10:58.129,0:11:02.490
a Member of Parliament for biochemistry, and
we don't have a Senator from the great state
 
0:11:02.490,0:11:09.240
of urban planning, and we don't have an M.E.P.
from child welfare. (But perhaps we should.)
 
0:11:09.240,0:11:14.610
And yet those people who are experts in policy
and politics, not technical disciplines, nevertheless,
 
0:11:14.610,0:11:20.029
often do manage to pass good rules that make
sense, and that's because government relies
 
0:11:20.029,0:11:24.850
on heuristics -- rules of thumbs about how
to balance expert input from different sides
 
0:11:24.850,0:11:25.790
of an issue.
 
0:11:25.790,0:11:30.269
But information technology confounds
these heuristics -- it kicks the crap out
 
0:11:30.269,0:11:36.170
of them -- in one important way, and this
is it. One important test of whether or not
 
0:11:36.170,0:11:40.540
a regulation is fit for a purpose is first,
of course, whether it will work, but second
 
0:11:40.540,0:11:45.249
of all, whether or not in the course of doing
its work, it will have lots of effects on
 
0:11:45.249,0:11:51.619
everything else. If I wanted Congress to write,
or Parliament to write, or the E.U. to regulate
 
0:11:51.619,0:11:56.769
a wheel, it's unlikely I'd succeed. If I turned
up and said "well, everyone knows that wheels
 
0:11:56.769,0:12:01.980
are good and right, but have you noticed that
every single bank robber has four wheels on
 
0:12:01.980,0:12:06.449
his car when he drives away from the bank
robbery? Can't we do something about this?",
 
0:12:06.449,0:12:11.189
the answer would of course be "no". Because
we don't know how to make a wheel that is
 
0:12:11.189,0:12:16.800
still generally useful for legitimate wheel
applications but useless to bad guys. And
 
0:12:16.800,0:12:20.959
we can all see that the general benefits of
wheels are so profound that we'd be foolish
 
0:12:20.959,0:12:26.470
to risk them in a foolish errand to stop bank
robberies by changing wheels. Even if there
 
0:12:26.470,0:12:31.050
were an /epidemic/ of bank robberies, even
if society were on the verge of collapse thanks
 
0:12:31.050,0:12:34.999
to bank robberies, no-one would think that
wheels were the right place to start solving
 
0:12:34.999,0:12:36.149
our problems.
 
0:12:36.149,0:12:42.470
But. If I were to show up in that
same body to say that I had absolute proof
 
0:12:42.470,0:12:48.300
that hands-free phones were making cars dangerous,
and I said, "I would like you to pass a law
 
0:12:48.300,0:12:52.619
that says it's illegal to put a hands-free
phone in a car", the regulator might say "Yeah,
 
0:12:52.619,0:12:56.499
I'd take your point, we'd do that". And we
might disagree about whether or not this is
 
0:12:56.499,0:13:00.809
a good idea, or whether or not my evidence
made sense, but very few of us would say "well,
 
0:13:00.809,0:13:06.519
once you take the hands-free phones out of
the car, they stop being cars". We understand
 
0:13:06.519,0:13:12.100
that we can keep cars cars even if we remove
features from them. Cars are special purpose,
 
0:13:12.100,0:13:16.860
at least in comparison to wheels, and all
that the addition of a hands-free phone does
 
0:13:16.860,0:13:22.829
is add one more feature to an already-specialized
technology. In fact, there's that heuristic
 
0:13:22.829,0:13:27.480
that we can apply here -- special-purpose
technologies are complex. And you can remove
 
0:13:27.480,0:13:32.569
features from them without doing fundamental
disfiguring violence to their underlying utility.
 
0:13:32.569,0:13:38.309
This rule of thumb serves regulators
well, by and large, but it is rendered null
 
0:13:38.309,0:13:42.869
and void by the general-purpose computer and
the general-purpose network -- the PC and
 
0:13:42.869,0:13:48.230
the Internet. Because if you think of computer
software as a feature, that is a computer
 
0:13:48.230,0:13:52.649
with spreadsheets running on it has a spreadsheet
feature, and one that's running World of Warcraft
 
0:13:52.649,0:13:57.899
has an MMORPG feature, then this heuristic
leads you to think that you could reasonably
 
0:13:57.899,0:14:02.319
say, "make me a computer that doesn't run
spreadsheets", and that it would be no more
 
0:14:02.319,0:14:07.029
of an attack on computing than "make me a
car without a hands-free phone" is an attack
 
0:14:07.029,0:14:12.610
on cars. And if you think of protocols and
sites as features of the network, then saying
 
0:14:12.610,0:14:18.939
"fix the Internet so that it doesn't run BitTorrent",
or "fix the Internet so that thepiratebay.org
 
0:14:18.939,0:14:23.709
no longer resolves", then it sounds a lot
like "change the sound of busy signals", or
 
0:14:23.709,0:14:28.439
"take that pizzeria on the corner off the
phone network", and not like an attack on
 
0:14:28.439,0:14:30.899
the fundamental principles of internetworking.
 
0:14:30.899,0:14:36.420
Not realizing that this rule of
thumb that works for cars and for houses and
 
0:14:36.420,0:14:41.189
for every other substantial area of technological
regulation fails for the Internet does not
 
0:14:41.189,0:14:45.059
make you evil and it does not make you an
ignoramus. It just makes you part of that
 
0:14:45.059,0:14:50.679
vast majority of the world for whom ideas
like "Turing complete" and "end-to-end" are
 
0:14:50.679,0:14:56.839
meaningless. So, our regulators go off, and
they blithely pass these laws, and they become
 
0:14:56.839,0:15:01.439
part of the reality of our technological world.
There are suddenly numbers that we aren't
 
0:15:01.439,0:15:06.290
allowed to write down on the Internet, programs
we're not allowed to publish, and all it takes
 
0:15:06.290,0:15:11.489
to make legitimate material disappear from
the Internet is to say "that? That infringes
 
0:15:11.489,0:15:15.809
copyright.". It fails to attain the actual
goal of the regulation; it doesn't stop people
 
0:15:15.809,0:15:21.119
from violating copyright, but it bears a kind
of superficial resemblance to copyright enforcement
 
0:15:21.119,0:15:26.959
-- it satisfies the security syllogism: "something
must be done, I am doing something, something
 
0:15:26.959,0:15:32.790
has been done." And thus any failures that
arise can be blamed on the idea that the regulation
 
0:15:32.790,0:15:37.859
doesn't go far enough, rather than the idea
that it was flawed from the outset.
 
0:15:37.859,0:15:42.399
This kind of superficial resemblance
and underlying divergence happens in other
 
0:15:42.399,0:15:46.999
engineering contexts. I've a friend who was
once a senior executive at a big consumer
 
0:15:46.999,0:15:50.929
packaged goods company who told me about what
happened when the marketing department told
 
0:15:50.929,0:15:55.199
the engineers that they'd thought up a great
idea for detergent: from now on, they were
 
0:15:55.199,0:16:00.059
going to make detergent that made your clothes
newer every time you washed them! Well after
 
0:16:00.059,0:16:04.869
the engineers had tried unsuccessfully to
convey the concept of "entropy" to the marketing
 
0:16:04.869,0:16:10.100
department [audience laughs], they arrived
at another solution -- "solution" -- they'd
 
0:16:10.100,0:16:15.959
develop a detergent that used enzymes that
attacked loose fiber ends, the kind that you
 
0:16:15.959,0:16:20.259
get with broken fibers that make your clothes
look old. So every time you washed your clothes
 
0:16:20.259,0:16:25.100
in the detergent, they would look newer. But
that was because the detergent was literally
 
0:16:25.100,0:16:31.100
digesting your clothes! Using it would literally
cause your clothes to dissolve in the washing
 
0:16:31.100,0:16:36.949
machine! This was the opposite of making clothes
newer; instead, you were artificially aging
 
0:16:36.949,0:16:42.829
your clothes every time you washed them, and
as the user, the more you deployed the "solution",
 
0:16:42.829,0:16:47.489
the more drastic your measures had to be to
keep your clothes up to date -- you actually
 
0:16:47.489,0:16:50.720
had to go buy new clothes because the old
ones fell apart.
 
0:16:50.720,0:16:55.129
So today we have marketing departments
who say things like "we don't need computers,
 
0:16:55.129,0:17:00.540
we need... appliances. Make me a computer
that doesn't run every program, just a program
 
0:17:00.540,0:17:05.920
that does this specialized task, like streaming
audio, or routing packets, or playing Xbox
 
0:17:05.920,0:17:10.429
games, and make sure it doesn't run programs
that I haven't authorized that might undermine
 
0:17:10.429,0:17:16.019
our profits". And on the surface, this seems
like a reasonable idea -- just a program that
 
0:17:16.019,0:17:22.679
does one specialized task -- after all, we
can put an electric motor in a blender, and
 
0:17:22.679,0:17:27.059
we can install a motor in a dishwasher, and
we don't worry if it's still possible to run
 
0:17:27.059,0:17:33.490
a dishwashing program in a blender. But that's
not what we do when we turn a computer into
 
0:17:33.490,0:17:38.380
an appliance. We're not making a computer
that runs only the "appliance" app; we're
 
0:17:38.380,0:17:43.870
making a computer that can run every program,
but which uses some combination of rootkits,
 
0:17:43.870,0:17:48.409
spyware, and code-signing to prevent the user
from knowing which processes are running,
 
0:17:48.409,0:17:53.049
from installing her own software, and from
terminating processes that she doesn't want.
 
0:17:53.049,0:17:58.870
In other words, an appliance is not a stripped-down
computer -- it is a fully functional computer
 
0:17:58.870,0:18:02.299
with spyware on it out of the box.
 
0:18:02.299,0:18:08.750
[audience applauds loudly] Thanks.
 
0:18:08.750,0:18:14.190
Because we don't know how to build
the general purpose computer that is capable
 
0:18:14.190,0:18:18.539
of running any program we can compile except
for some program that we don't like, or that
 
0:18:18.539,0:18:23.549
we prohibit by law, or that loses us money.
The closest approximation that we have to
 
0:18:23.549,0:18:29.220
this is a computer with spyware -- a computer
on which remote parties set policies without
 
0:18:29.220,0:18:34.220
the computer user's knowledge, over the objection
of the computer's owner. And so it is that
 
0:18:34.220,0:18:37.450
digital rights management always converges
on malware.
 
0:18:37.450,0:18:41.200
There was, of course, this famous
incident, a kind of gift to people who have
 
0:18:41.200,0:18:47.130
this hypothesis, in which Sony loaded covert
rootkit installers on 6 million audio CDs,
 
0:18:47.130,0:18:52.399
which secretly executed programs that watched
for attempts to read the sound files on CDs,
 
0:18:52.399,0:18:56.269
and terminated them, and which also hid the
rootkit's existence by causing the kernel
 
0:18:56.269,0:19:00.820
to lie about which processes were running,
and which files were present on the drive.
 
0:19:00.820,0:19:05.960
But it's not the only example; just recently,
Nintendo shipped the 3DS, which opportunistically
 
0:19:05.960,0:19:10.130
updates its firmware, and does an integrity
check to make sure that you haven't altered
 
0:19:10.130,0:19:15.299
the old firmware in any way, and if it detects
signs of tampering, it bricks itself.
 
0:19:15.299,0:19:20.389
Human rights activists have raised
alarms over U-EFI, the new PC bootloader,
 
0:19:20.389,0:19:25.179
which restricts your computer so it runs signed
operating systems, noting that repressive
 
0:19:25.179,0:19:30.279
governments will likely withhold signatures
from OSes unless they have covert surveillance
 
0:19:30.279,0:19:30.850
operations.
 
0:19:30.850,0:19:35.179
And on the network side, attempts
to make a network that can't be used for copyright
 
0:19:35.179,0:19:40.710
infringement always converges with the surveillance
measures that we know from repressive governments.
 
0:19:40.710,0:19:47.700
So, SOPA, the U.S. Stop Online Piracy Act,
bans tools like DNSSec because they can be
 
0:19:47.700,0:19:52.519
used to defeat DNS blocking measures. And
it blocks tools like Tor, because they can
 
0:19:52.519,0:19:57.760
be used to circumvent IP blocking measures.
In fact, the proponents of SOPA, the Motion
 
0:19:57.760,0:20:03.120
Picture Association of America, circulated
a memo, citing research that SOPA would probably
 
0:20:03.120,0:20:08.600
work, because it uses the same measures as
are used in Syria, China, and Uzbekistan,
 
0:20:08.600,0:20:12.389
and they argued that these measures are effective
in those countries, and so they would work
 
0:20:12.389,0:20:13.880
in America, too!
 
0:20:13.880,0:20:20.279
[audience laughs and applauds] Don't applaud
me, applaud the MPAA!
 
0:20:20.279,0:20:26.039
Now, it may seem like SOPA is the
end game in a long fight over copyright, and
 
0:20:26.039,0:20:30.639
the internet, and it may seem like if we defeat
SOPA, we'll be well on our way to securing
 
0:20:30.639,0:20:36.320
the freedom of PCs and networks. But as I
said at the beginning of this talk, this isn't
 
0:20:36.320,0:20:42.649
about copyright, because the copyright wars
are just the 0.9 beta version of the long
 
0:20:42.649,0:20:47.490
coming war on computation. The entertainment
industry were just the first belligerents
 
0:20:47.490,0:20:52.340
in this coming century-long conflict. We tend
to think of them as particularly successful
 
0:20:52.340,0:20:58.610
-- after all, here is SOPA, trembling on the
verge of passage, and breaking the internet
 
0:20:58.610,0:21:04.519
on this fundamental level in the name of preserving
Top 40 music, reality TV shows, and Ashton
 
0:21:04.519,0:21:06.929
Kutcher movies! [laughs, scattered applause]
 
0:21:06.929,0:21:13.100
But the reality is, copyright legislation
gets as far as it does precisely because it's
 
0:21:13.100,0:21:18.980
not taken seriously, which is why on one hand,
Canada has had Parliament after Parliament
 
0:21:18.980,0:21:23.940
introduce one stupid copyright bill after
another, but on the other hand, Parliament
 
0:21:23.940,0:21:29.639
after Parliament has failed to actually vote
on the bill. It's why we got SOPA, a bill
 
0:21:29.639,0:21:36.639
composed of pure stupid, pieced together molecule-by-molecule,
into a kind of "Stupidite 250", which is normally
 
0:21:37.509,0:21:44.110
only found in the heart of newborn star, and
it's why these rushed-through SOPA hearings
 
0:21:44.110,0:21:48.679
had to be adjourned midway through the Christmas
break, so that lawmakers could get into a
 
0:21:48.679,0:21:55.029
real vicious nationally-infamous debate over
an important issue, unemployment insurance.
 
0:21:55.029,0:22:01.840
It's why the World Intellectual Property Organization
is gulled time and again into enacting crazed,
 
0:22:01.840,0:22:07.090
pig-ignorant copyright proposals because when
the nations of the world send their U.N. missions
 
0:22:07.090,0:22:13.070
to Geneva, they send water experts, not copyright
experts; they send health experts, not copyright
 
0:22:13.070,0:22:17.730
experts; they send agriculture experts, not
copyright experts, because copyright is just
 
0:22:17.730,0:22:24.730
not important to pretty much everyone! [applause]
 
0:22:27.179,0:22:34.179
Canada's Parliament didn't vote
on its copyright bills because, of all the
 
0:22:34.490,0:22:40.169
things that Canada needs to do, fixing copyright
ranks well below health emergencies on first
 
0:22:40.169,0:22:45.440
nations reservations, exploiting the oil patch
in Alberta, interceding in sectarian resentments
 
0:22:45.440,0:22:49.799
among French- and English-speakers, solving
resources crises in the nation's fisheries,
 
0:22:49.799,0:22:54.929
and thousand other issues! The triviality
of copyright tells you that when other sectors
 
0:22:54.929,0:23:00.559
of the economy start to evince concerns about
the internet and the PC, that copyright will
 
0:23:00.559,0:23:06.630
be revealed for a minor skirmish, and not
a war. Why would other sectors nurse grudges
 
0:23:06.630,0:23:11.659
against computers? Well, because the world
we live in today is /made/ of computers. We
 
0:23:11.659,0:23:15.899
don't have cars anymore, we have computers
we ride in; we don't have airplanes anymore,
 
0:23:15.899,0:23:22.899
we have flying Solaris boxes with a big bucketful
of SCADA controllers [laughter]; a 3D printer
 
0:23:24.409,0:23:30.380
is not a device, it's a peripheral, and it
only works connected to a computer; a radio
 
0:23:30.380,0:23:36.200
is no longer a crystal, it's a general-purpose
computer with a fast ADC and a fast DAC and
 
0:23:36.200,0:23:37.269
some software.
 
0:23:37.269,0:23:43.200
The grievances that arose from
unauthorized copying are trivial, when compared
 
0:23:43.200,0:23:49.269
to the calls for action that our new computer-embroidered
reality will create. Think of radio for a
 
0:23:49.269,0:23:54.149
minute. The entire basis for radio regulation
up until today was based on the idea that
 
0:23:54.149,0:23:59.179
the properties of a radio are fixed at the
time of manufacture, and can't be easily altered.
 
0:23:59.179,0:24:03.389
You can't just flip a switch on your baby
monitor, and turn it into something that interferes
 
0:24:03.389,0:24:08.610
with air traffic control signals. But powerful
software-defined radios can change from baby
 
0:24:08.610,0:24:13.720
monitor to emergency services dispatcher to
air traffic controller just by loading and
 
0:24:13.720,0:24:18.590
executing different software, which is why
the first time the American telecoms regulator
 
0:24:18.590,0:24:23.879
(the FCC) considered what would happen when
we put SDRs in the field, they asked for comment
 
0:24:23.879,0:24:29.200
on whether it should mandate that all software-defined
radios should be embedded in trusted computing
 
0:24:29.200,0:24:34.779
machines. Ultimately, whether every PC should
be locked, so that the programs they run are
 
0:24:34.779,0:24:37.330
strictly regulated by central authorities.
 
0:24:37.330,0:24:42.259
And even this is a shadow of what
is to come. After all, this was the year in
 
0:24:42.259,0:24:48.370
which we saw the debut of open sourced shape
files for converting AR-15s to full automatic.
 
0:24:48.370,0:24:53.629
This was the year of crowd-funded open-sourced
hardware for gene sequencing. And while 3D
 
0:24:53.629,0:24:57.750
printing will give rise to plenty of trivial
complaints, there will be judges in the American
 
0:24:57.750,0:25:02.730
South and Mullahs in Iran who will lose their
minds over people in their jurisdiction printing
 
0:25:02.730,0:25:09.509
out sex toys. [guffaw from audience] The trajectory
of 3D printing will most certainly raise real
 
0:25:09.509,0:25:13.409
grievances, from solid state meth labs, to
ceramic knives.
 
0:25:13.409,0:25:17.950
And it doesn't take a science fiction
writer to understand why regulators might
 
0:25:17.950,0:25:23.889
be nervous about the user-modifiable firmware
on self-driving cars, or limiting interoperability
 
0:25:23.889,0:25:28.789
for aviation controllers, or the kind of thing
you could do with bio-scale assemblers and
 
0:25:28.789,0:25:34.240
sequencers. Imagine what will happen the day
that Monsanto determines that it's really...
 
0:25:34.240,0:25:39.000
really... important to make sure that computers
can't execute programs that cause specialized
 
0:25:39.000,0:25:44.940
peripherals to output organisms that eat their
lunch... literally. Regardless of whether
 
0:25:44.940,0:25:50.070
you think these are real problems or merely
hysterical fears, they are nevertheless the
 
0:25:50.070,0:25:54.440
province of lobbies and interest groups that
are far more influential than Hollywood and
 
0:25:54.440,0:25:59.600
big content are on their best days, and every
one of them will arrive at the same place
 
0:25:59.600,0:26:04.929
-- "can't you just make us a general purpose
computer that runs all the programs, except
 
0:26:04.929,0:26:10.019
the ones that scare and anger us? Can't you
just make us an Internet that transmits any
 
0:26:10.019,0:26:14.929
message over any protocol between any two
points, unless it upsets us?"
 
0:26:14.929,0:26:18.879
And personally, I can see that
there will be programs that run on general
 
0:26:18.879,0:26:24.100
purpose computers and peripherals that will
even freak me out. So I can believe that people
 
0:26:24.100,0:26:28.370
who advocate for limiting general purpose
computers will find receptive audience for
 
0:26:28.370,0:26:33.740
their positions. But just as we saw with the
copyright wars, banning certain instructions,
 
0:26:33.740,0:26:39.470
or protocols, or messages, will be wholly
ineffective as a means of prevention and remedy;
 
0:26:39.470,0:26:45.590
and as we saw in the copyright wars, all attempts
at controlling PCs will converge on rootkits;
 
0:26:45.590,0:26:51.480
all attempts at controlling the Internet will
converge on surveillance and censorship, which
 
0:26:51.480,0:26:57.179
is why all this stuff matters. Because we've
spent the last 10+ years as a body sending
 
0:26:57.179,0:27:01.639
our best players out to fight what we thought
was the final boss at the end of the game,
 
0:27:01.639,0:27:06.100
but it turns out it's just been the mini-boss
at the end of the level, and the stakes are
 
0:27:06.100,0:27:07.340
only going to get higher.
 
0:27:07.340,0:27:11.509
As a member of the Walkman generation,
I have made peace with the fact that I will
 
0:27:11.509,0:27:17.090
require a hearing aid long before I die, and
of course, it won't be a hearing aid, it will
 
0:27:17.090,0:27:22.480
be a computer I put in my body. So when I
get into a car -- a computer I put my body
 
0:27:22.480,0:27:27.580
into -- with my hearing aid -- a computer
I put inside my body -- I want to know that
 
0:27:27.580,0:27:32.399
these technologies are not designed to keep
secrets from me, and to prevent me from terminating
 
0:27:32.399,0:27:39.399
processes on them that work against my interests.
[vigorous applause from audience] Thank you.
 
0:27:43.139,0:27:50.139
Thank you. So, last year, the Lower
Merion School District, in a middle-class,
 
0:27:53.450,0:27:57.539
affluent suburb of Philadelphia found itself
in a great deal of trouble, because it was
 
0:27:57.539,0:28:02.570
caught distributing PCs to its students, equipped
with rootkits that allowed for remote covert
 
0:28:02.570,0:28:07.059
surveillance through the computer's camera
and network connection. It transpired that
 
0:28:07.059,0:28:12.549
they had been photographing students thousands
of times, at home and at school, awake and
 
0:28:12.549,0:28:17.990
asleep, dressed and naked. Meanwhile, the
latest generation of lawful intercept technology
 
0:28:17.990,0:28:23.990
can covertly operate cameras, mics, and GPSes
on PCs, tablets, and mobile devices.
 
0:28:23.990,0:28:30.039
Freedom in the future will require
us to have the capacity to monitor our devices
 
0:28:30.039,0:28:36.419
and set meaningful policy on them, to examine
and terminate the processes that run on them,
 
0:28:36.419,0:28:41.590
to maintain them as honest servants to our
will, and not as traitors and spies working
 
0:28:41.590,0:28:47.179
for criminals, thugs, and control freaks.
And we haven't lost yet, but we have to win
 
0:28:47.179,0:28:52.669
the copyright wars to keep the Internet and
the PC free and open. Because these are the
 
0:28:52.669,0:28:58.299
materiel in the wars that are to come, we
won't be able to fight on without them. And
 
0:28:58.299,0:29:04.299
I know this sounds like a council of despair,
but as I said, these are early days. We have
 
0:29:04.299,0:29:08.710
been fighting the mini-boss, and that means
that great challenges are yet to come, but
 
0:29:08.710,0:29:15.580
like all good level designers, fate has sent
us a soft target to train ourselves on -- we
 
0:29:15.580,0:29:21.360
have a chance, a real chance, and if we support
open and free systems, and the organizations
 
0:29:21.360,0:29:28.360
that fight for them -- EFF, Bits of Freedom
[?], Edrie [?], [?], Nets Politique [?], La
 
0:29:28.740,0:29:33.450
Quadrature du Net, and all the others, who
are thankfully, too numerous to name here
 
0:29:33.450,0:29:38.440
-- we may yet win the battle, and secure the
ammunition we'll need for the war.
 
0:29:38.440,0:29:45.440
Thank you.
 
0:37:48.880,0:37:55.880
[sustained applause]

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.