STDIN

Readings due for Monday November 17, 2008:

Phil Zimmerman: “How PGP Works/Why Do You Need PGP?”
Classmate Miranda summarizes Zimmerman’s reading, a piece directed at giving the instructional of PGP, how it functions, and why it is beneficial: “Zimmerman discusses PGP encryption software, which allows individuals to engage in electronic communication without the government or anyone else interfering or eavesdropping. There are two “keys” that facilitate the private exchanges online, a public key and a private key. He also mentions a public-key-enciphered conventional “session” key. Along with these keys are key rings, which hold key IDs and passwords.”

Stephen Levy: “CryptoRebels”
In “CryptoRebels,” Levy gives us a history of cryptography and notes its inherent politics, “the vital importance of getting this stuff out to the world for the public weal,” again confirming the hacker ethic of proliferation of information (Levy, 186). Levy continues discussing the capabilities of the NSA and then details Whitfield Diffie’s public key cryptography system that Phil Zimmerman describes in his article as well. Levy then comments on Zimmerman’s PGP and its relative success as a FOSS project, despite the legal trouble it faced for violation of intellectual property rights. He describes Cypherpunks and their rebellion against privacy invasion. Levy ends on a note of the importance of cryptography and the stakes of privacy versus national security.

Cory Doctorow: Little Brother (1/3 of book)
Maria gives a great summarization of the beginning of Doctorow’s book, expressing her own feelings that the book is farfetched: “As for Cory Doctorow’s Little Brother, a world overly exaggerated is presented, full of surveillance and paranoia about a possible terrorist attack. Set in San Francisco, the story narrates the lives of Marcus Yallow and his three high school friends, and how they are completely altered after a sudden bombing. Doctorow’s work ties correlates with the issue of privacy because the characters are deprived, to some extent, of their right to privacy and to some degree of secrecy… As the story unfolds, there is a growing force of opposition and resistance, mostly triggered by Marcus’s efforts and hacker activities. However, the greater the opposition, the more severe, and rather ridiculous, things turn out to be.”

We began class by identifying just who cryptographers are and where they reside in the world of hackerdom. There are two levels: there are the geeks and hackers that are really into crypto and math, then there are the other hackers who are of course involved in this world to some degree. All hackers have PGP.

Then we discussed how exactly the public key cryptography system works. Biella described this using two rings, one represented a public key and the other represented the private key. You physically give the public key to someone who enters it into his or her computer. (She gave it to James). Then, if they want to send you a message, they encrypt it with your public key. Then, upon receiving the message only your private key will open it. You are literally giving the other half of this “code” to someone.

Because of the degree of secrecy involved in keys, there is a high-level of trust that is established between geeks when exchanging keys. There is a web-of-trust established. You know whom you trust with your life and in turn those people have the people that they trust. Subsequently, you trust those people, and so on. This is how the web of trust forms and keys are exchanged to create key rings.

We watched a video Biella recorded in Mexico at a key-signing party. There is a lot of pride amongst hackers in who has signed your key. At key signing parties, huge groups of these cryptographers physically gather and have printed papers with the public key of others and their other information. When they meet one another they confirm that the information is correct by physically signing the papers. They also exchange IDs to ensure that everyone is who they say they are. (At this particular conference there was an uproar because one developer presented his membership card of a private organisation called "transnational republic" and used that as his ID to prove a point.)

In the video Biella questions attendees about the importance of key-signing parties, here are a few responses:
“You have an obligation to the community. You can sign people you wouldn’t normally meet.”
“It is important to confirm that people are legit”
“You can put faces to a name and you know who you are dealing with.”

Then we held some discussion. Jon stated that he found it strange that FOSS projects have such policies of privacy when they are “open.” Biella replied that it is about authentication and it’s more practical than anything else. It prevents anyone from messing with the infrastructure of these projects. Although it can’t be 100% effective, it is a deterrent of “digital arson.” Security is not absolute. It is about just making it more difficult to mess with.

The majority of the class was Biella giving a legal and cultural history of privacy:

1700s: Free Speech had philosophical tracks. Privacy exists, but much more implicit like in ideas of architecture. People like Jefferson assert that anonymity is really important to free speech. “The Spectator” was a newspaper at the time committed to anonymity.

1890: Commitment to Privacy, Law Journal article, “Right to Privacy,” makes it clear that new technology has been provoked. (Quoted on our handout)

Biella interjects with a thought that privacy is not explicitly stated in the Bill of Rights and that is why it is even more important. It is more important because it is implied and not spelled out.

WWII: Alan Turing, who created the idea of the computer with the Turing Machine, was a cryptographer for the British. He helped end WWII by cracking German cryptography. He was later jailed for being a homosexual and only released when he agreed to hormone treatments. Ironic because this was the exact persecution he was fighting against.

1966: Freedom of Information Act: Full or partial disclosure of documents of the US government, exemptions being trade secret, national security, etc.

1967: Publication of “Code Breakers”: Up until this point the history of cryptography had been opaque and never completely compiled. It created the conditions for people to think about the implications of cryptography and helped the development of public-key cryptography.

1974: Privacy Act: After Watergate and it amended the Freedom of Information Act. It stated that records about you could only be released voluntarily.

1991: Zimmerman releases PGP. It was one of the greatest acts of civil disobedience. He broke patent laws because he included the algorithms from RSA and broke national security laws because strong forms of cryptography were not allowed to be exported outside of the US.

1994: CALEA. Made all phone companies changed to a digital format and change networks so it was easier to wiretap.

1995: Case brought to court by Daniel Bernstein. Ruled that you have the First Amendment right to created cryptography and release it for export.

1999: Court said that Bernstein had the right to publish academic material and could export cryptography. Before this strong cryptography had to be housed outside of the US.

2001: Patriot Act: It made it easier to get a warrant for a wiretap. There was a shift in awareness of not just the government spying on us, but corporations too.

2004: FBI, CIA, Department of Justice, etc. requested that CALEA expand to the Internet. It was passed and it is very easy for them to track anyone via the Internet.

We finished with Max describing TOR, an Internet routing system. It routes all traffic through TOR nodes, so that whoever is trying to track can’t identify where the information is actually coming from. It isn’t centralized so it would be too difficult to shut down. It is crackable, but expensive and time-consuming. It is also really slow because of all the re-routing, thus it is best to be used only for really important documents.

Cory Doctorow posts on boinboing that he’ll be hosting a book signing of Little Brother in London next week. There are user comments underneath about his novel which are interesting.
http://www.boingboing.net/2008/11/18/little-brother-uk-la.html