0:00:00.000,0:00:18.479
<i>36c3 preroll music</i>

0:00:18.479,0:00:24.769
Herald: Our next speaker: Basically, he[br]eats up script kiddies for breakfast, I've heard.

0:00:24.769,0:00:30.599
He drives the open source train and[br]his currency is uptime. Please welcome

0:00:30.599,0:00:36.820
with a very warm applause Julian Oliver[br]and his "Server Infrastructure for the

0:00:36.820,0:00:43.180
Global Rebellion" talk.

0:00:43.180,0:00:51.350
Julian: So, yep. Great. Very pleased to be[br]here. Amazing environment, indeed, as

0:00:51.350,0:00:56.720
usual with the CCC. First of all, I'm not[br]at all a spokesperson for extinction

0:00:56.720,0:01:01.570
rebellion. I do not speak for this[br]movement called extinction rebellion.

0:01:01.570,0:01:09.170
Whatever I say here tonight is entirely my[br]own opinion. And so not to be taken as any

0:01:09.170,0:01:14.670
overarching description of the movement[br]more generally. What you're looking at

0:01:14.670,0:01:18.049
here, of course, might simply be[br]associated with this thing called

0:01:18.049,0:01:24.700
extinction rebellion. But it is not. It[br]is, in fact, the extinction symbol. And

0:01:24.700,0:01:27.700
this is the part where in the first half[br]of my talk, I depress you. But then we'll

0:01:27.700,0:01:32.659
go for a nice, big sort of warm finish.[br]The extinction symbol was, in fact,

0:01:32.659,0:01:41.319
created in 2011 by a UK artist called ESP.[br]And this entirely relates to, not

0:01:41.319,0:01:44.840
extinction rebellion, being long before[br]extinction rebellion, but the fact that we

0:01:44.840,0:01:50.399
have entered the sixth mass extinction on[br]this planet that we are on. And this has

0:01:50.399,0:01:56.819
became practically scientific consensus in[br]2015, where it has been fairly surely

0:01:56.819,0:02:02.349
asserted and since reasserted that we have[br]in fact entered the largest extinction

0:02:02.349,0:02:08.060
event on this planet in 65 million years.[br]Global populations of fish, birds, mammals

0:02:08.060,0:02:16.620
down by about 60 % in 42 years and[br]according to the WWF a few years ago. The

0:02:16.620,0:02:22.709
UN puts it at about 150 species lost per[br]day. Now, that's a little bit more than

0:02:22.709,0:02:27.610
the father of biodiversity, E.O. Wilson,[br]that says it's around about 27,000 a year.

0:02:27.610,0:02:32.210
In other words, one species lost every 19[br]minutes. But what does that really mean?

0:02:32.210,0:02:36.690
Well, when we're talking about background[br]extinction rates, we're looking at the at

0:02:36.690,0:02:39.940
the background extinction rate for the[br]last 65 million years has been about one

0:02:39.940,0:02:46.210
to five species a year. So not 150 a day,[br]but 1 to 5 a year. This is fairly

0:02:46.210,0:02:50.390
conclusive of the fact that we have[br]entered the sixth extinction on this

0:02:50.390,0:02:55.730
planet. I'm here in Germany, for instance.[br]Just a couple of years ago, there was this

0:02:55.730,0:02:59.140
Dutch-German study done that now reflects[br]pretty much the state of the entire

0:02:59.140,0:03:06.580
European continent of the 3/4 of all[br]flying insect biomass dropping in about 25

0:03:06.580,0:03:12.349
years. So three quarters less flying[br]insects in 25 years and supposedly

0:03:12.349,0:03:18.030
dropping it around about 2.5 a year. Now[br]we need insects much more than they need

0:03:18.030,0:03:22.950
us. They are the glue layer of our food[br]system. But within the planetary boundary

0:03:22.950,0:03:27.430
and biological sense, they are absolutely[br]intrinsic. They also keep much of our

0:03:27.430,0:03:32.000
water very fresh. As one biologist put it,[br]we humans will never see the the end of

0:03:32.000,0:03:38.430
the insects. We need them that much. Now,[br]climate change has become very much

0:03:38.430,0:03:46.599
ascribed to this loss of species. But in[br]fact, it's not climate change that is

0:03:46.599,0:03:53.530
responsible for species decline per say.[br]The WWF Living Planet Index attributes

0:03:53.530,0:03:58.579
about seven per cent of species declines[br]to warming. In fact, the real reason why

0:03:58.579,0:04:02.040
we are losing so many species so quickly[br]is because we're changing their habitats.

0:04:02.040,0:04:06.590
We're just removing them entirely, and[br]certainly urbanization is a part of that

0:04:06.590,0:04:10.579
and land change as a result of warming,[br]but primarily it's because we've replaced

0:04:10.579,0:04:17.389
habitats with with farmland. This is, for[br]instance, in the Amazon basin carving into

0:04:17.389,0:04:23.870
the Amazon right there just to lay down[br]some soy livestock, feed crops. And

0:04:23.870,0:04:28.080
there's another another another view[br]there. Now, most of that soy, all of that

0:04:28.080,0:04:32.889
soy is really exported for livestock feed,[br]mostly to Europe and to China. But getting

0:04:32.889,0:04:36.760
onto the warming thing, which is obviously[br]a massive existential threat we do all

0:04:36.760,0:04:44.360
face. We can safely say now that the Paris[br]accord has entirely failed. The warming

0:04:44.360,0:04:49.070
projections presently we're looking at[br]about 2.8 to 3.2 by the end of the

0:04:49.070,0:04:53.450
century, not including self reinforcing[br]feedbacks. In other words, things like

0:04:53.450,0:04:57.640
permafrost melts, just releasing tons of[br]methane into the air or the wildfires that

0:04:57.640,0:05:01.480
we've been seeing in Australia and over in[br]California that are just sending gigatons

0:05:01.480,0:05:07.250
of carbon into the air. So this is still[br]to be seen as relatively optimistic.

0:05:07.250,0:05:11.110
If we're looking at current policies and[br]where they will lead us, that's a lot more

0:05:11.110,0:05:14.950
than 1.5. I think, first of all, it's[br]important to point out that this is

0:05:14.950,0:05:19.270
actually really happening. And even if[br]it's unimaginable and completely

0:05:19.270,0:05:24.170
unacceptable that it is happening, we[br]still need to remember that science does

0:05:24.170,0:05:29.540
not need human imagination for evidence.[br]It needs instrumentation and lots and lots

0:05:29.540,0:05:34.030
of hard work and decades of study. And it[br]confirms that, yes, indeed, it is really

0:05:34.030,0:05:39.800
happening. Technology will not save us.[br]This is also increasingly scientific

0:05:39.800,0:05:46.740
consensus. Most recently, looking at the[br]idea that we can just simply scrub carbon

0:05:46.740,0:05:52.250
out of the air, we can, you know, we can[br]suck it out of the air and these negative

0:05:52.250,0:05:57.740
emission technology. That's if you like.[br]They're not even gigatons capable. And 29

0:05:57.740,0:06:02.950
European science academies concluded that[br]we can absolutely not rely on any Ts or

0:06:02.950,0:06:06.580
negative emissions technologies to pull[br]enough carbon out of the air at anywhere

0:06:06.580,0:06:12.360
near the rate that we need it in order to[br]save us. What I mean by save us? Well,

0:06:12.360,0:06:16.460
when I was born, it was around about[br]330 ppm CO2 in the atmosphere

0:06:16.460,0:06:22.400
and we're now looking at about[br]412 of the latest reading. This is the

0:06:22.400,0:06:30.830
Keeling Curve. Now 450 ppm is seen as[br]something of a threshold that probably

0:06:30.830,0:06:37.260
gets us more or less near 2 degrees of[br]warming from post-industrial levels with a

0:06:37.260,0:06:43.090
70 % probability if we keep it under 2[br]degrees, in other words, 450 ppm. Sorry.

0:06:43.090,0:06:47.510
If we keep it under 450 ppm, then we will[br]almost certainly manage to avoid that that

0:06:47.510,0:06:51.764
2 degrees threshold for the 70 %[br]probability. Just looking at ocean rise

0:06:51.764,0:07:01.030
alone. This is Miami at two degrees, which[br]is arguably just around the corner. This

0:07:01.030,0:07:05.000
is Shanghai. I don't know if you've been[br]to Shanghai. Where will all those people

0:07:05.000,0:07:09.440
go, you might ask yourself. Bangkok is[br]already underwater at this point. Two

0:07:09.440,0:07:13.830
degrees represent something else[br]relatively significant, however, as

0:07:13.830,0:07:17.560
evidenced in this fantastic paper, well,[br]fantastic if you read this sort of stuff

0:07:17.560,0:07:22.470
and don't want to drink yourself under the[br]table. But trajectories of the Earths

0:07:22.470,0:07:28.270
system and the Anthropocene suggests very[br]strongly that it's highly likely,

0:07:28.270,0:07:32.760
extremely probable that if we cross the 2[br]degrees centigrade warming threshold, we

0:07:32.760,0:07:42.240
will be on autopilot to 2.5, 3 degrees,[br]3.5 and 4 degrees. And that's simply an

0:07:42.240,0:07:48.310
unstoppable course. No amount of carbon[br]scrubbing can possibly compete with the

0:07:48.310,0:07:55.780
self reinforcing feedbacks after that[br]point. We're on a course to a very

0:07:55.780,0:07:59.430
different planet. Just to give you a sense[br]of what 4 degrees, for instance, would

0:07:59.430,0:08:03.360
mean, should we ever get there, which it[br]looks like we will before the end of the

0:08:03.360,0:08:11.180
century if we continue business as usual.[br]The temperature rise from the Ice Age, the

0:08:11.180,0:08:17.300
end of the Ice Age back 10,000 years ago[br]to 1850 was 4 degrees of warming. Now,

0:08:17.300,0:08:27.070
that's 10,000 years of time for organisms,[br]including us, to evolve and adapt to that

0:08:27.070,0:08:34.110
warming. We're looking at the same amount[br]of warming in just 150 years. There's no

0:08:34.110,0:08:41.719
time to adapt. This picture I've tweeted a[br]bit, I suppose, but maybe too much. But

0:08:41.719,0:08:44.180
this was done for the New Scientist and[br]the visualization of what the earth would

0:08:44.180,0:08:47.750
look like, what the world would look like[br]at 4 degrees. Now, Middle and Southern

0:08:47.750,0:08:57.570
Europe are obviously entirely gone. North[br]America, Africa, South America and Asia -

0:08:57.570,0:09:01.450
they've all gone. I mean, where would[br]those people go? Obviously, they'll head

0:09:01.450,0:09:05.330
North. The states will move from a geo[br]strategic perspective, would obviously

0:09:05.330,0:09:16.330
move to Canada, China and to Russia.[br]There's been a lot of talk about as to

0:09:16.330,0:09:19.700
what that would mean for human populations[br]and human population numbers and of course

0:09:19.700,0:09:23.890
you read some wild stuff, how can we[br]possibly know? But this chap who's had his

0:09:23.890,0:09:30.020
name on 120 papers or something like this.[br]He's one of the most highly regarded

0:09:30.020,0:09:34.670
atmospheric scientists in the world, cited[br]over a thousand times across academic

0:09:34.670,0:09:39.590
journals in the domain of atmospheric[br]science, believes it's just a few thousand

0:09:39.590,0:09:43.560
people. The carrying capacity of the earth[br]is just a few thousand people seeking

0:09:43.560,0:09:51.930
refuge in the Arctic or Antarctica. And of[br]course, all the way to 4 degrees, we have

0:09:51.930,0:09:58.270
war, we have resource depletion driving[br]conflicts, we have mass migration and very

0:09:58.270,0:10:04.320
unfortunately it is fairly safe to[br]conclude that children alive today will,

0:10:04.320,0:10:08.150
even those still again, relatively[br]unimaginable, but based on the best

0:10:08.150,0:10:14.340
available information, very probably face[br]mass migration, war and hunger. Should we

0:10:14.340,0:10:18.890
not turn things around? This is just[br]simply the way it is. This is where we are

0:10:18.890,0:10:24.740
going. But surely governments would never[br]let that happen. You hear that a lot. But

0:10:24.740,0:10:29.700
the thing is, they have let that happen[br]and they are continuing to let that

0:10:29.700,0:10:44.100
happen. Appropriate response is probably[br]this. This UK pop artist, experimental pop

0:10:44.100,0:10:49.470
stuff, said this, write this down on a[br]napkin one day. I really like it. "Hope

0:10:49.470,0:10:52.810
without honesty is denial" because people[br]reach for hope at these times. But I also

0:10:52.810,0:11:00.510
really like Kate Malveaux, climate[br]scientist. She said that we don't need

0:11:00.510,0:11:06.300
hope, we need courage. Courage is the[br]resolve to do well without the assurance

0:11:06.300,0:11:12.280
of a happy ending. This is more what we[br]need to be going. Thanks of course, giving

0:11:12.280,0:11:16.210
us a bit of a hand here with this. From[br]this moment the spear ends and techniques

0:11:16.210,0:11:23.350
begin. And truth is, there's no hope[br]without action. This is really where we

0:11:23.350,0:11:28.990
stand and this is not just my opinion. It[br]happens to be an opinion very widely

0:11:28.990,0:11:33.380
spread. In fact, the world scientists in[br]their " A second warning to humanity",

0:11:33.380,0:11:39.600
very recently wrote that same thing. They[br]said that with a groundswell of organized

0:11:39.600,0:11:45.480
grassroots efforts, dogged opposition can[br]be overcome and political leaders

0:11:45.480,0:11:53.300
compelled to do the right thing. Now that[br]is 15,364 scientists from 184 countries.

0:11:53.300,0:11:58.350
It's the most scientific document in all[br]history. They are urging us in the

0:11:58.350,0:12:07.070
absolute and, you know, ineptitude and[br]lack of engagement from governments to

0:12:07.070,0:12:12.910
actually rise up and force governments to[br]act. That's what they're telling us to do.

0:12:12.910,0:12:17.820
And you can look at this as a bit like,[br]you know, imagine you have a disease, a

0:12:17.820,0:12:24.170
very rare disease and that the world's[br]experts, you know, that those those

0:12:24.170,0:12:30.210
scientists, 15,364 scientists, contains[br]most of the world's Nobel laureates,

0:12:30.210,0:12:37.770
planetary boundary scientists, food system[br]scientists, geologists, biologists. They

0:12:37.770,0:12:41.190
say that, you know, so from the[br]perspective of expert opinion, it doesn't

0:12:41.190,0:12:46.110
get much better. You can imagine that you[br]have a disease that very few people have,

0:12:46.110,0:12:50.880
and the world's expert says to you:[br]"Listen, it's really grim. You are looking

0:12:50.880,0:12:58.020
at a at a particularly bleak end, an ugly[br]end, unless, of course, you stop now doing

0:12:58.020,0:13:06.230
these things". You can also think that our[br]space habitat has a variety of subsystems,

0:13:06.230,0:13:11.560
it is a freshwater subsystem that looks at[br]water purification and filtration, a

0:13:11.560,0:13:18.770
thermal regulation subsystem. You could[br]look at food pods. They are being attacked

0:13:18.770,0:13:23.110
on our space habitat. If you don't like[br]the word environmental or earth, you think

0:13:23.110,0:13:28.060
it's a bit too kind of patchouli dose to a[br]hippie. Then think of it this way, because

0:13:28.060,0:13:32.110
that is what's happening. What they're[br]telling us is that it's time to rebel.

0:13:32.110,0:13:38.930
It's time to force governments to act[br]because they are not acting. No more

0:13:38.930,0:13:44.860
business as usual. What we need is massive[br]swarming, nonviolent, uncontainable civil

0:13:44.860,0:13:50.630
disobedience en masse. Civil disobedience,[br]unlike protests were you just get out on

0:13:50.630,0:13:56.529
the street on a little key area with a[br]police permit for the protest, holding

0:13:56.529,0:14:02.960
little signs, oi oi oi. Civil disobedience[br]actually works. It has

0:14:02.960,0:14:07.190
provably worked. South Africa versus[br]apartheid. India versus the British Roche.

0:14:07.190,0:14:15.460
U.S. Civil Rights Movement. The Velvet[br]Revolution. It's the way to go. Extinction

0:14:15.460,0:14:20.070
rebellion is very much a manifestation of[br]that energy at the idea of actually

0:14:20.070,0:14:26.680
channeling civil disobedience to the ends[br]of driving change is very much what it's

0:14:26.680,0:14:33.480
about. It's the kernel of the movement. It[br]started in October 31st, where a bunch of

0:14:33.480,0:14:38.710
British activists marched onto Parliament[br]Square and declared a rebellion against

0:14:38.710,0:14:43.260
the British government for its lack of[br]action on the climate and the ecological

0:14:43.260,0:14:49.900
emergency. And then soon afterwards, 6000[br]or so descended upon London and

0:14:49.900,0:14:57.370
effectively shut down the city center by[br]occupying five bridges. Extinction

0:14:57.370,0:15:01.250
rebellion is a leaderless... That's very[br]important. I mean, is that the press of

0:15:01.250,0:15:05.770
always reaches for a figurehead, but it is[br]very much a leaderless. That's not steered

0:15:05.770,0:15:10.020
by the UK , Decentralized International, [br]apolitical network using nonviolent direct

0:15:10.020,0:15:14.560
action and civil disobedience to persuade[br]governments to act justly on the climate

0:15:14.560,0:15:19.839
ecological emergency. I'm just going to[br]show a couple of videos right now to just

0:15:19.839,0:15:26.350
give you a sense of the kind of what civil[br]disobedience in this case actually

0:15:26.350,0:15:31.210
comprises. I'll show you a video from[br]France particularly focused on

0:15:31.210,0:15:35.810
overconsumption. We're talking about[br]resource depletion here in the CCC this

0:15:35.810,0:15:41.230
year, which I think is great. And this was[br]a protest at Block Friday instead of Black

0:15:41.230,0:15:47.009
Friday, which is, of course, a mass[br]consumers event. Here we go.

0:15:47.009,0:17:19.989
<i>music plays</i>

0:17:19.989,0:17:24.158
They occupied a shopping mall for seven

0:17:24.158,0:17:27.139
hours and a whole bunch of stores across[br]the country, Apple Store, etc., just

0:17:27.139,0:17:31.580
fantastic stuff. And you might think[br]'where's this going?'. Well. And is that

0:17:31.580,0:17:34.860
really the only approach, you know, occupy[br]malls and shops, et cetera, et cetera?

0:17:34.860,0:17:37.980
I'll show you another video for a very[br]different strategy. This is extension

0:17:37.980,0:17:44.070
rebellion, New York City occupying Times[br]Square. And I think this is definitely...

0:17:44.070,0:17:48.999
Oh, what is the video called? That's[br]right... Player.

0:17:48.999,0:18:00.534
<i>music plays, drums beating</i>

0:18:00.534,0:18:02.490
Sorry, It's a but cut off, isn't it?

0:18:02.490,0:18:05.034
Again? Or wait, whatever.

0:18:08.464,0:18:11.539
People in the video shouting repeadeatly:

0:18:11.539,0:18:16.079
This is an emergency! This is an[br]emergency!

0:18:20.239,0:18:22.339
<i>music plats, drums beating</i>

0:19:05.789,0:19:10.119
This is an emergency! This is an[br]emergency!

0:19:28.389,0:19:34.110
Person in video: Good Morning, New York[br]City! This is Extinction Rebellion

0:19:34.110,0:19:38.950
enforcing an international[br]rebellion...<i>continues unintelligible</i>

0:19:38.950,0:19:42.224
<i>shouting and drums beating</i>

0:19:42.224,0:19:45.499
[Subtitles appear in video, therefore left out here]

0:20:34.229,0:20:38.049
[br]Julian: Well, anyway, you get the idea.

0:20:38.049,0:20:42.009
<i>applause</i>

0:20:42.009,0:20:45.820
So something's wrong with my copy of my [br]with my render buffer there, I can see that.

0:20:45.820,0:20:48.639
I don't know, anyway. Three demands.

0:20:48.639,0:20:54.239
Typically, some branches have more. There[br]are many branches now. 600 plus branches

0:20:54.239,0:20:59.590
all over the world. Some have four demands[br]for us, as in the US. Some of these state

0:20:59.590,0:21:03.359
branches have added a fourth demand for[br]climate ecological justice for those most

0:21:03.359,0:21:09.419
affected by changes within planetary[br]boundaries. Sorry, changes above and

0:21:09.419,0:21:12.749
beyond planetary boundaries. But in[br]general, there's this kernel of sort of

0:21:12.749,0:21:16.499
three demands. Tell the truth. Government[br]must tell the truth by declaring a climate

0:21:16.499,0:21:19.980
and ecological emergency. Working with[br]other institutions to communicate the

0:21:19.980,0:21:24.380
urgency for change. Act now. Government.[br]Government must act now to halt

0:21:24.380,0:21:29.080
biodiversity loss and reduce greenhouse[br]gas emissions to net zero by 2025. 2025,

0:21:29.080,0:21:33.059
you say. Understand? You might think that[br]is a little bit short, but it's good to

0:21:33.059,0:21:38.659
have goals beyond politics. Government[br]must create and be and be led by the

0:21:38.659,0:21:45.940
decisions of a citizen assembly on climate[br]ecological justice. And it is working

0:21:45.940,0:21:52.840
significantly. In fact, if you go to this[br]climate mobilizationorg map and you will

0:21:52.840,0:21:58.649
see that states, municipalities and cities[br]all over the world, tons of them have in

0:21:58.649,0:22:03.019
fact declared a climate ecological[br]emergency. What they do after that point

0:22:03.019,0:22:09.809
is, of course, the next step. But I can't[br]find a single one of these that is dated

0:22:09.809,0:22:14.929
to before April this year. So in just one[br]year, that is a significant political

0:22:14.929,0:22:16.929
transformation.[br]<i>applause</i>

0:22:16.929,0:22:24.799
Yep, yes. And it's certainly not just[br]extinction rebellion. It's Fridays for

0:22:24.799,0:22:31.950
future have been just upping the game.[br]They're massively, so, respect! At the COP

0:22:31.950,0:22:37.070
25, which was obviously like a massive[br]failure in itself, extinction rebellion

0:22:37.070,0:22:41.859
was listed as the most influential[br]organization above the World Bank,

0:22:41.859,0:22:49.369
Greenpeace, et cetera, et cetera. So it's[br]a relatively short kind of rise of a voice

0:22:49.369,0:22:54.389
for this particular movement.[br]Now, infrastructure for

0:22:54.389,0:22:58.100
rebellion. Unfortunately, the movement got[br]off to a reasonably bad start in the UK in

0:22:58.100,0:23:00.950
that respect. They went from the[br]perspective of...

0:23:00.950,0:23:03.690
What's that? That's a bit odd.[br]<i>referring to the red blink glitch</i>

0:23:03.690,0:23:07.125
They went from the perspective that we are[br]an above ground movement. We work in

0:23:07.125,0:23:14.009
the open. It's not really good for civil disobedience[br]to have that as your mandate or a priority.

0:23:14.009,0:23:17.279
And there in the UK, things are, of[br]course, a little bit different. It's

0:23:17.279,0:23:20.249
something of a playground there for civil[br]disobedience. The police are generally

0:23:20.249,0:23:22.720
quite nice. In fact, one of the chief of[br]police in the UK said 'Well, they're

0:23:22.720,0:23:28.789
actually quite nice people, these[br]activists'. This is not something that

0:23:28.789,0:23:34.659
exports very well. It doesn't even export[br]over the border. I'll talk about them in a

0:23:34.659,0:23:39.950
moment. But they really settled on base[br]camp over in the US. They just went

0:23:39.950,0:23:45.109
straight to base camp. Google for sharing[br]like things like contact lists. They

0:23:45.109,0:23:51.749
didn't have anyone with technical, shall[br]we say, know how or operational security

0:23:51.749,0:23:55.769
intuition or interest to look at it any[br]other way. So they just reach for what's

0:23:55.769,0:24:00.489
at hand. The Action Network, too, hosted[br]over in the United States Base camp, I

0:24:00.489,0:24:07.320
mean, the extinction rebellion explicitly[br]breaks base camps terms of service. You

0:24:07.320,0:24:09.779
may not use the service or any illegal[br]purpose. Well, civil disobedience is

0:24:09.779,0:24:18.179
breaking the law. That's what it is.[br]Action Network, which is widely used by,

0:24:18.179,0:24:22.249
unfortunately, activist movements all over[br]the world, humans rights spaces as well...

0:24:22.249,0:24:26.889
They they really use it a lot. They have[br]just crazy stuff. You understand and agree

0:24:26.889,0:24:30.899
that we may disclose your information if[br]required to do so by law or court order a

0:24:30.899,0:24:35.739
legal process some point, including to[br]respond to any government or regulatory

0:24:35.739,0:24:40.820
request. I mean, this is nuts. Action[br]Network hosted over in the US under a

0:24:40.820,0:24:46.100
Trump surveillance apparatus, that massive[br]apparatus that Obama expanded hugely and

0:24:46.100,0:24:52.669
just gave to Trump. And I mean, this is an[br]unsafe environment for hosting, you know,

0:24:52.669,0:25:02.000
contact lists.On the 3rd of of November[br]last year, my partner said they really

0:25:02.000,0:25:07.679
should be an extinction rebellion in[br]France. And and I immediately thought,

0:25:07.679,0:25:15.210
well, they will need a server. There in[br]France, you do not want your activists on

0:25:15.210,0:25:17.929
Action Network. I mean, you don't want[br]them using Google because, I mean, in

0:25:17.929,0:25:23.820
France, this is the situation. Here's[br]France. This is, in fact, Paris and Sally

0:25:23.820,0:25:28.359
Bridge in the center of Paris with just[br]cops cruising past and just tear gas and

0:25:28.359,0:25:32.830
even taking the sunglasses off and just[br]and just spraying them right in the face.

0:25:32.830,0:25:39.529
This is Youth for Climate protesting[br]outside an Amazon logistics center. Very

0:25:39.529,0:25:43.970
recently, in fact. Youth for climate, just[br]with with a guy wearing the French stripes

0:25:43.970,0:25:47.999
in the background overseeing it. He says,[br]'Yep, you can do it. The state says it's

0:25:47.999,0:25:54.200
OK', and just sprays them. You know, this[br]is France. It's a different environment.

0:25:54.200,0:25:58.570
So I just really got them up and running[br]with something really fast. Iceland was

0:25:58.570,0:26:02.840
chosen because Icelanders is very well[br]known for its strict data protection laws.

0:26:02.840,0:26:09.820
It's well outside of obviously the EU and[br]of course, the five eye states. And I went

0:26:09.820,0:26:16.320
the FlokiNET, geothermal direct from[br]source, more direct from grid source.

0:26:16.320,0:26:20.909
Discourse for the forum rather than base[br]camp, for instance. Nextcloud for all the

0:26:20.909,0:26:24.701
vital stuff replacing Google Drive, etc.[br]hardened opened VPN and a data partition

0:26:24.701,0:26:31.509
on AES-XTS on 512, Jitsi-Meet for calls[br]bit and just a very simple MTA. In fact,

0:26:31.509,0:26:38.070
it's not really an empty, it's just a just[br]email, XM. XM form. Meanwhile, the

0:26:38.070,0:26:41.840
international movement as branches were[br]popping up all over the world, were

0:26:41.840,0:26:46.299
descending on slack. Now slack is[br]particularly problematic for a variety of

0:26:46.299,0:26:50.480
reasons. But what's there's a reason why[br]they were jumping on slack. They wanted a

0:26:50.480,0:26:59.850
place to share their extinction rebellion,[br]broader global needs. I mean, this is just

0:26:59.850,0:27:05.700
a few thousand people at that stage. Some[br]people were members of multiple teams. And

0:27:05.700,0:27:08.879
importantly, they chose Slack because[br]Slack does it for something that group

0:27:08.879,0:27:13.080
chat does not. Many teams, each with[br]channels, public and private, and this is

0:27:13.080,0:27:20.669
just the, it is hard to call it, an[br]innovation, but slack itself, is chosen

0:27:20.669,0:27:25.559
for that team based structuring[br]configuration over group chat for a very

0:27:25.559,0:27:29.919
good reason. It is a direct messaging back[br]end. Many national branches means many

0:27:29.919,0:27:34.169
teams. Some people belong to more than one[br]team. But the problem with Slack is that

0:27:34.169,0:27:37.259
Slack is a racist infrastructure. It[br]actually has its discriminatory

0:27:37.259,0:27:43.490
infrastructure. Slack voluntarily chose to[br]follow Trump's digital trade embargo,

0:27:43.490,0:27:49.159
blocking like Crimea, Cuba and Iran.[br]Several other countries just because they

0:27:49.159,0:27:54.500
thought maybe I'd know Trump would buy[br]them a Rolex, I'm not sure. But it's it's

0:27:54.500,0:28:00.330
nuts that they did that. And then they[br]even defended it, apologizing a little

0:28:00.330,0:28:06.619
bit. Sort of not apologizing later. Google[br]Docs. Branches were jumping to Google Docs

0:28:06.619,0:28:09.759
to store contact lists. Here's your[br]regional coordinator, your national

0:28:09.759,0:28:14.869
coordinator, your actions and logistics[br]teams - terrible stuff! So much so that in

0:28:14.869,0:28:21.210
the UK at least a seasoned organization[br]and protecting activists and ensuring that

0:28:21.210,0:28:26.570
they have legal rights or at least legal[br]protections when they need them in the UK

0:28:26.570,0:28:32.599
decided to pull out of support of[br]extinction rebellion on the basis that

0:28:32.599,0:28:36.970
XR UK was storing personal data[br]inadequately and that they were very sure

0:28:36.970,0:28:43.869
that in fact the police would have access[br]to that information. Thus, when openness

0:28:43.869,0:28:49.190
is enforced, we have a regime of openness[br]doing things out in the open. It excludes.

0:28:49.190,0:28:53.070
What about those that might work and[br]governments or government offices or

0:28:53.070,0:28:57.710
corporations or just those that are a bit[br]nervous about getting involved in a civil

0:28:57.710,0:29:01.970
disobedience movement? They're not sure[br]they want to actually take that big step.

0:29:01.970,0:29:07.789
Those are not going to feel very[br]comfortable at all doing it in the open.

0:29:07.789,0:29:13.089
A community owned hub and operated[br]hub for Extinction Rebellion was absolutely

0:29:13.089,0:29:16.149
[br]needed. And so I set out just building

0:29:16.149,0:29:21.410
criterion for this had to be community[br]owned and operated, platform wise, free

0:29:21.410,0:29:27.529
and open source software outside of the[br]Five Eye and EU member states. It needed

0:29:27.529,0:29:35.909
to walk its talk and enjoy energy direct[br]from source. No CO2 credits, a'la Google

0:29:35.909,0:29:43.490
and Amazon. Debian simply because I've[br]been using Debian since the year 2000 only

0:29:43.490,0:29:54.879
and and I just love it. <i>weeps</i> If I start[br]crying, you know why? It's not because the

0:29:54.879,0:29:58.359
planet is dying, it's because I just love[br]Debian so much. But it needs to be

0:29:58.359,0:30:02.499
affordable and very well rooted. So,[br]'mission coherent infrastructure' was what

0:30:02.499,0:30:06.649
is really often what I mean by that. Few[br]people are aware that the global data

0:30:06.649,0:30:11.119
center industry consumes or at least[br]pushes out, I should say, as much carbon

0:30:11.119,0:30:16.599
into the atmosphere as the entire airline[br]industry. This is the same amount as the

0:30:16.599,0:30:26.240
UK. The United Kingdom itself actually[br]burns a year. It's a lot. And for

0:30:26.240,0:30:32.080
organise.earth, which was the domain name[br]that was chosen...Exactly 366 days ago, in

0:30:32.080,0:30:41.070
fact, it was born. I settled on mattermost[br]and I'll explain why in a moment. And I

0:30:41.070,0:30:46.940
and I settled on datacenterlight in the[br]Swiss Alps. Datacenterlight, direct from

0:30:46.940,0:30:51.179
source hydro alpine catchment hydro... It[br]was a beautiful Irony there, actually sort

0:30:51.179,0:30:57.600
of like a bleak poetry that as warming[br]melts the snow on the Alps, it flows down

0:30:57.600,0:31:01.369
into these large catchment bays, which[br]then drive lovely big generators that

0:31:01.369,0:31:08.370
power the data center. So I just I can't[br]get past that. It's extremely well rooted.

0:31:08.370,0:31:13.049
Their VMs are wonderfully fast. I settled[br]on mattermost for these reasons: We had to

0:31:13.049,0:31:19.620
get thousands of people off Slack fast. So[br]the U.S. similarity was mission critical.

0:31:19.620,0:31:25.299
There are export path from slack directly[br]into mattermost. It has that team check

0:31:25.299,0:31:30.279
configuration that people in an activist[br]communities really like now. They've

0:31:30.279,0:31:35.429
adopted that wholesale. It's reasonably[br]unified. UI/UX across the endpoint

0:31:35.429,0:31:41.369
platforms, whether you're on iOS or[br]Android or desktop. Team invite links.

0:31:41.369,0:31:44.909
Teams can actually control invitations to[br]the teams by sending them a link and they

0:31:44.909,0:31:49.279
can recycle that link or at least flush it[br]and generate a new one when they need to,

0:31:49.279,0:31:55.619
to control flow. This basic team admin[br]controls. Extremely low entry barrier. The

0:31:55.619,0:32:00.669
server was entirely funded by one fresh,[br]ahm French - I was going to say Swiss.

0:32:00.669,0:32:08.210
Then I said French. So I said fresh. - One[br]French rebel. scales linearly as regards

0:32:08.210,0:32:12.820
system overheads. It's just extremely[br]performant. In fact, when we got to about

0:32:12.820,0:32:20.649
20.000 people on organise.earth, the[br]server population, matteremost itself was

0:32:20.649,0:32:28.350
running at about 30 percent of one core.[br]"Mattermost for chat. Anything sensitive?

0:32:28.350,0:32:32.659
Use Signal or Wire." And that's the rule[br]now on organise.earth, which has become

0:32:32.659,0:32:36.539
very much the global hub for the movement,[br]with four hundred and seventy-five teams,

0:32:36.539,0:32:43.090
mostly national or local branches. It's a[br]really large Mattermost deployment. Why

0:32:43.090,0:32:50.639
not Riot and Matrix/Synapse? Well, in[br]December 2018, when I was looking at it,

0:32:50.639,0:32:55.529
it was a little bit immature. The UI UX[br]was a bit geeky, but there were also real

0:32:55.529,0:33:02.870
problems with with scalability. I just[br]seem to see that it wasn't something I

0:33:02.870,0:33:07.679
could really know that hundred thousand[br]people, for instance, down the road could

0:33:07.679,0:33:14.119
actually all use on my particular site[br]home server deployment. The device

0:33:14.119,0:33:18.479
verification was really freaking people[br]out. I mean, some of the the great

0:33:18.479,0:33:24.559
majority of the rebels, in fact, that we[br]are hosting are in fact the kind that

0:33:24.559,0:33:31.049
would look for a Google link to log in.[br]There's no markdown. That might seem a

0:33:31.049,0:33:33.969
little bit arbitrary, but it's become[br]relatively critical - especially for the

0:33:33.969,0:33:38.270
code / development side of things and[br]formatting, making lists. Markdown is

0:33:38.270,0:33:43.700
important. It doesn't have that link-based[br]invitation management either. But there's

0:33:43.700,0:33:48.139
also this metadata leakage concern -[br]something that the Matrix team are really

0:33:48.139,0:33:54.109
looking at. And they've said so. They've[br]said that the metadata leakage, they want

0:33:54.109,0:34:01.140
to fix that. They want a more unified[br]experience across the app layer, too, with

0:34:01.140,0:34:06.440
Riot. So I'm looking forward to following[br]that in the future. Zero knowledge: I

0:34:06.440,0:34:12.910
would love to go that way. But given the[br]fact that that we already have use Signal or

0:34:12.910,0:34:17.659
Wire for anything sensitive and use[br]Mattermost for anything else and use your

0:34:17.659,0:34:21.429
individual branch servers, which I talk[br]about in a moment, for anything truly

0:34:21.429,0:34:26.450
internal to your branch, we've achieved[br]basically the same thing because Riot -

0:34:26.450,0:34:32.230
just like with a Nimmo - is not[br]entirely encrypted by default. It's

0:34:32.230,0:34:39.369
something that one must actually set up.[br]So we're effectively in the same place.

0:34:39.369,0:34:42.869
Organized.earth has now grown to host a[br]large number of platforms which I have

0:34:42.869,0:34:48.440
deployed there. We have, of course,[br]Mattermost. We have NextCloud to us. Only

0:34:48.440,0:34:53.950
office is used for collaborative editing[br]that has some missives I talk about in the

0:34:53.950,0:34:58.480
moment. Etherpad-Lite is used really[br]heavily. LimeSurvey replaces Google Forms.

0:34:58.480,0:35:03.011
Jitsi-Meet doesn't really replace Zoom.[br]But this is something that we're working

0:35:03.011,0:35:10.670
on very much. Rainloop with Docevot and[br]PostFix for the for the mailing. And then

0:35:10.670,0:35:16.380
we have GitLab. GitLab has been a massive[br]success. We have a few hundred coders now

0:35:16.380,0:35:22.869
working flat-out in the GitLab that we[br]have deployed. And it is very interesting

0:35:22.869,0:35:26.500
that many of them say that would they[br]would not be able to do what they're doing

0:35:26.500,0:35:32.280
on GitHub. Given that GitHub is tied to[br]their work, GitHub is tied to the to their

0:35:32.280,0:35:37.260
real life a little bit too much. And they[br]are genuinely worried about a boss or

0:35:37.260,0:35:41.760
corporation or company surveilling them[br]when they are maybe, for instance, engaged

0:35:41.760,0:35:51.109
in a project that is technically illegal[br]or quasi-legal. Discourse is used, I

0:35:51.109,0:35:54.460
guess, less heavily on the main[br]organized.earth server than it is on some

0:35:54.460,0:35:58.800
of the branch deployments. The French[br]server, for instance, now has 70,300

0:35:58.800,0:36:10.000
members in its Discourse. Yes, 70,300. What[br]a win. Yeah. It's just like a marketplace

0:36:10.000,0:36:20.690
of chatter. Signal and Wire replacing[br]WhatsApp and Skype. Mastodon node was

0:36:20.690,0:36:24.730
created, which has become quite popular[br]with branches. And we have PeerTube

0:36:24.730,0:36:28.390
replacing YouTube. And importantly, we're[br]working very hard to ensure that we have a

0:36:28.390,0:36:36.190
gender balance as much as possible within[br]the open space of all these platforms. On

0:36:36.190,0:36:40.619
the backend, of course, Debian[br]<b>sobbing</b>. AES XTS for the data

0:36:40.619,0:36:47.119
partition. Failed2ban and UFW for the[br]firewalling. (aside) Those of you that are

0:36:47.119,0:36:52.510
taking photos of this are feds. I[br]see you taking photos. Take photos.

0:36:52.510,0:36:58.289
<b>laughs</b> Snort for the intrusion[br]detection. Prometheus and hardened

0:36:58.289,0:37:05.430
OpenVPN. I'm really into Duplicity for[br]backups and Pecona for hot MySQL backups.

0:37:05.430,0:37:12.119
It's a real problem when you're trying to[br]backup huge databases that are 14-15 GB or

0:37:12.119,0:37:16.860
more: You can't take them down long enough[br]to do a dump with, say, MySQL or something

0:37:16.860,0:37:22.660
like this. Percona provides a really[br]interesting solution for hot backups. I

0:37:22.660,0:37:27.650
had to work on optimizations with an IDB[br]heavily in order to get the kind of

0:37:27.650,0:37:32.349
performance that was squeezing out of[br]Mattermmost in its interaction with MySQL

0:37:32.349,0:37:44.279
on the server. Nginx we now support two[br]protocols: v4 and v6. The v6 addition was

0:37:44.279,0:37:49.220
certainly very, very bumpy and I wish it[br]wasn't so bumpy, but it was. I thought I

0:37:49.220,0:37:56.140
knew or understood physics better than I[br]actually did the day of deployment.

0:37:56.140,0:38:02.940
PostFix and Dovecot. And then we have[br]LetsEncrypt. Platform challenges: Jitsi-

0:38:02.940,0:38:09.360
Meat does not replace Zoom. Zoom is just[br]simply more performant. I think about 1.7

0:38:09.360,0:38:19.491
Mbits/s is the lower-level, minimum[br]bandwidth required for a user in order to

0:38:19.491,0:38:23.390
have a quality call but Jitsi-Meet is[br]higher. And so we do get people on 3G,

0:38:23.390,0:38:28.740
they just drop out and we sometimes have[br]40 or 50 people on the call and Jitsi-Meet

0:38:28.740,0:38:34.410
is not cutting it, unfortunately. Only[br]office unless you want to pay 6,000 a

0:38:34.410,0:38:39.859
year, which of course we won't. You're[br]looking at only 20 simultaneous editors at

0:38:39.859,0:38:47.160
the same time. This also needs to, needs to[br]change. Thankfully, NextCloud's text app

0:38:47.160,0:38:53.190
seems to offer us a sweet spot there, as[br]far as simultaneous editing. In the

0:38:53.190,0:38:57.109
meantime, EtherPad-Light is being used[br]really heavily. There's a lack of epic

0:38:57.109,0:39:01.200
controls in MatterMmost, which is[br]precisely why we are forking it. We are

0:39:01.200,0:39:05.051
forking Mattermost, which is a massive[br]job, such that team admins can have all of

0:39:05.051,0:39:11.700
those hundreds of teams can individually[br]manage their memberships. That having to rely

0:39:11.700,0:39:17.700
on me to drop into the into the CLI and[br]use the Mattermost tooling to do things

0:39:17.700,0:39:26.450
like following the GDPR, deleting all of[br]the posts of a particular member. And we

0:39:26.450,0:39:30.829
have SSO expectations for a mostly non-[br]tech membership. People are so used to the

0:39:30.829,0:39:37.390
idea, especially the very that the younger[br]and the older end of the demographic both

0:39:37.390,0:39:43.569
expect one unified log-in for all[br]platforms. And this is just a real hassle

0:39:43.569,0:39:49.240
and very difficult to manage. But with[br]Mattermost, it acts as a OAuth2 provider

0:39:49.240,0:39:53.260
that does offer us some interesting[br]possibilities there. The XR Server

0:39:53.260,0:39:58.920
Platform has since evolved to this. It has[br]MailTrain as the mailing list manager and

0:39:58.920,0:40:05.609
this is working real well. I'm at[br]MailTrain V2 with a sweet docker compose

0:40:05.609,0:40:09.690
deployment. I thoroughly recommend giving[br]that a go to replace your mailchimp

0:40:09.690,0:40:16.119
whatever needs. We also have a 'Rebels[br]Manager' as the CRM. So this effectively

0:40:16.119,0:40:20.829
replaces Action Network and it leverages[br]MailTrain. There's a very talented

0:40:20.829,0:40:26.430
developers in Brussels and Belgium that[br]have put together the Rebels Manager,

0:40:26.430,0:40:31.819
which will be deploying across the entire[br]movement. And yeah, it's working out real

0:40:31.819,0:40:36.890
nice as far as the deployments. The branch[br]service deployed in the spirit of

0:40:36.890,0:40:43.240
decentralization. I have deployed these[br]and there are many, many more to come. And

0:40:43.240,0:40:47.039
these are entirely independent from[br]organized.earth, from the main hub. They

0:40:47.039,0:40:51.740
are self run self-administered. Admins are[br]trained over ten to twenty five hours and

0:40:51.740,0:40:58.500
then the keys are flipped and then they[br]just sail off on their own. 2020 plans:

0:40:58.500,0:41:01.819
the Mattermost-fork I mentioned, but[br]importantly, the Wire-Mattermost

0:41:01.819,0:41:06.589
integration. What I'd really like to see[br]and what we're talking about with the

0:41:06.589,0:41:12.859
Rebel codes is, I guess as we call[br]ourselves, is to have a Wire Add-On or

0:41:12.859,0:41:15.789
Plugin for Mattermost such that you can[br]just simply click on a bunch of different

0:41:15.789,0:41:20.130
people that you'd like to engage in a into[br]anend-to-end encrypted voice call or chat.

0:41:20.130,0:41:27.151
We're excited about that. Enhance team[br]admin controls: Team administrators should

0:41:27.151,0:41:31.940
be able to do a lot of the work that that[br]I shouldn't be doing. A Federation feature

0:41:31.940,0:41:39.309
which effectively replaces Mattermosts[br]enterprise offering, which is about three

0:41:39.309,0:41:43.680
dollars a month or something per seat.[br]It's a crazy amount of money. I mean, in

0:41:43.680,0:41:50.190
our populations that would be completely[br]impossible to afford that sort of The

0:41:50.190,0:41:54.069
Enterprise Enterprise edition anyway. So[br]we are actually sort of forced to fork

0:41:54.069,0:41:57.170
Mattermost, which I'm sure is really gonna[br]piss them off, but we are going to do it.

0:41:57.170,0:42:03.470
We've already started. Jitsi-Meet-rework:[br]We want to build an OAuth-wall for Jitsi-

0:42:03.470,0:42:09.299
Meet so that we can protect our instances.[br]Simultaneous session recording, not using

0:42:09.299,0:42:13.080
Jabari or with the chromium browser on a[br]server, which I can't believe is the

0:42:13.080,0:42:18.740
solution that they have chosen. I will[br]never, ever install a browser on a server.

0:42:18.740,0:42:28.029
It's just it's just illegal. And it's just[br]it's just wrong. Bandwith optimizations,

0:42:28.029,0:42:33.460
we need a lot of work done there. Rebels[br]Manager replaces Action Network. And then

0:42:33.460,0:42:37.680
we want to have a member facing services[br]dashboard with that OAuth2-flow and

0:42:37.680,0:42:43.039
particularly and very importantly,[br]colocation deployments. Working out of VMs

0:42:43.039,0:42:47.819
is all very well but you do have key theft[br]from RAM as a as a plausible possibility

0:42:47.819,0:42:52.960
in many instances, so to speak. And so[br]what we would like to aim for is being

0:42:52.960,0:43:03.170
able to drop off dedicated boxes with the[br]RAM, epoxied into the slot and good to go,

0:43:03.170,0:43:08.599
nice on lockdown. Yes. Swiss VPN for the[br]entire movement, this is something that I

0:43:08.599,0:43:12.819
should have done within it within a few[br]weeks. And I also want to obsolete myself

0:43:12.819,0:43:17.319
so I can dedicate myself to other[br]movements while maintaining at least a

0:43:17.319,0:43:25.410
tech advisory role within Extinction[br]Rebellion. But it is time for techies to

0:43:25.410,0:43:34.569
rebel. There is no hope without action.[br]But there is no action without

0:43:34.569,0:43:40.549
infrastructure, at least not at the scale[br]that we need it today. We need massive

0:43:40.549,0:43:46.680
deployments, distributions. People need[br]places to work and to organize and to do

0:43:46.680,0:43:55.369
so safely. SysOps, DevOps, Codes, front[br]and back. All can dedicate an hour, a week

0:43:55.369,0:44:04.410
or a couple of hours a day to a cause[br]which is probably best described as the

0:44:04.410,0:44:13.260
single biggest challenge that we as a as a[br]species actually face. Live in your time

0:44:13.260,0:44:20.400
and dedicate an hour or two a week or a[br]day, if you if you can, to this. Maybe not

0:44:20.400,0:44:24.080
Extinction Rebellion, but for Fridays For[br]Future, Sunrise Movement, future movements

0:44:24.080,0:44:28.690
to come. If you are interested in getting[br]involved in Extinction Rebellion and

0:44:28.690,0:44:33.710
joining the the the very large tech team,[br]then visit rebellion.global, find your

0:44:33.710,0:44:41.329
local branch, get invited to Mattermost[br]and then see you there. Another end of the

0:44:41.329,0:44:55.700
world is possible. Thanks a lot, guys.

0:44:55.700,0:44:56.700
<i>applause</i>

0:44:56.700,0:44:59.170
Herald: Thank you very much, Julian Oliver[br]- Extinction Rebellion.

0:44:59.170,0:45:06.369
<i>applause</i>[br]Herald: If you have questions, you know

0:45:06.369,0:45:11.800
the procedure. There are microphones from[br]one to number six. And as far as I know,

0:45:11.800,0:45:15.430
we already have questions from the[br]Internet. So signal angel, question number

0:45:15.430,0:45:18.339
one please.[br]Signal Angel: Hello, someone from the IRC

0:45:18.339,0:45:22.140
wants to know, how do you enter the[br]encryption passwords for your data

0:45:22.140,0:45:25.710
partitions during automated reboots in the[br]data center?

0:45:25.710,0:45:34.830
Julian: This is completely impossible to[br]do for an encrypted root file system,

0:45:34.830,0:45:40.970
obviously, one needs to, in fact, look at[br]data partitions that are encrypted. But

0:45:40.970,0:45:45.670
the root file system not unfortunately on[br]many the deployments that are not Colo and

0:45:45.670,0:45:50.470
those that do not have the flexibility of[br]presence at the point of entering that

0:45:50.470,0:45:59.779
password. So from that from that basis, we[br]we go with a an encrypted AES 512 Bit

0:45:59.779,0:46:06.110
encrypted data partition and one comes in[br]over the VPN, tunnels in through SSH and

0:46:06.110,0:46:13.000
then decrypt and mounts. I realize this is[br]not exactly ideal, but it is all we can do

0:46:13.000,0:46:17.150
in the VM space.[br]Herald: And the next question from

0:46:17.150,0:46:20.440
microphone number two.[br]Microphone 2: Hello, first of all thank

0:46:20.440,0:46:24.880
you so much for all this work you've put[br]into creating this platform for the

0:46:24.880,0:46:31.070
movement. My question is, what measures[br]have you taken to protect yourself against

0:46:31.070,0:46:36.829
the case where, for example, your home is[br]raided by police and they try to somehow

0:46:36.829,0:46:42.869
get into the servers through other means[br]than just impounding them.

0:46:42.869,0:46:49.880
Julian: I'm being socially engineered[br]aren't I? n public? No, no, I'm I'm

0:46:49.880,0:46:55.100
particularly cautious about that stuff.[br]And all of us, all the sysadmins of which

0:46:55.100,0:46:59.160
there are now about 30 across the[br]different branch deployments, we have

0:46:59.160,0:47:04.690
very, very strict procedures for this sort[br]of thing, including redundancy across

0:47:04.690,0:47:09.589
backups, leaving home check, powering off[br]the laptops. In fact, just like I

0:47:09.589,0:47:13.460
installed the entire movement's[br]infrastructure community on infrastructure

0:47:13.460,0:47:18.010
on a thinkpad X230 that I bought for one[br]hundred and forty five euros on the German

0:47:18.010,0:47:23.579
eBay. And. And I've encouraged all of the[br]SysAdmins to buy the same, precisely

0:47:23.579,0:47:27.710
because you have this lovely battery lock[br]on the back. You can just flip it and and

0:47:27.710,0:47:32.289
pull out the battery. You know, if you're[br]ever facing police or a stop and search.

0:47:32.289,0:47:36.049
And of course, some countries like, you[br]know, maybe India or Brazil, this becomes

0:47:36.049,0:47:41.630
really critical. But there is just a[br]routine. I'm leaving home, I'm powering

0:47:41.630,0:47:49.069
off my laptop. Just which screen-locker[br]we're using, KeePass, you know, phones

0:47:49.069,0:47:58.500
encrypted. The files, The, um, the file[br]system. And we just have to do our very,

0:47:58.500,0:48:02.740
very best. There is no such thing as[br]perfect sort of forward security in this

0:48:02.740,0:48:07.670
space. But all we can do is employ best[br]practice operational security and also

0:48:07.670,0:48:13.470
most importantly, treat sysadmins as high[br]risk first stage targets, and they are

0:48:13.470,0:48:18.660
increasingly so from this perspective.[br]Sysadmins are forbidden to go to actions.

0:48:18.660,0:48:21.240
They can not be arrested because there's[br]always the possibility of coercion. And we

0:48:21.250,0:48:25.950
actually have a whole kind of script with[br]sysadmins when they entering into the fold

0:48:25.950,0:48:29.230
to to explain to them, you are aware of[br]the risks, you know, and you need to lean

0:48:29.230,0:48:33.069
on your branch to explain to you the [br]the legalities of the of your

0:48:33.069,0:48:37.240
operating environment. What are your[br]rights? Can you be coerced to to cough up

0:48:37.240,0:48:44.010
a password, you know, to to give the[br]master key to your to your to KeePass, for

0:48:44.010,0:48:47.829
instance, like this. You need to know[br]those rights. You need to know your

0:48:47.829,0:48:50.619
rights. And if you can't deal with the[br]heat and you don't want to go that

0:48:50.619,0:48:53.640
distance, then step down from being[br]sysadmin and give it to someone else who

0:48:53.640,0:48:59.349
is willing to go that distance. There are[br]so many factors. And again, we can't

0:48:59.349,0:49:05.840
generalize across the entire geo cultural,[br]political jurisdictional space that

0:49:05.840,0:49:09.759
Extinction Rebellion works at because it's[br]just so various. Yeah.

0:49:09.759,0:49:13.600
Herald: Thank you. And the Internet has[br]another question.

0:49:13.600,0:49:18.660
Signal Angel: How do you keep your[br]community of, as you explain mostly non-

0:49:18.660,0:49:23.450
technical people on your geeky and[br]decentralised solution as it grows?

0:49:23.450,0:49:31.160
Julian: No problem really keeping them. I[br]mean, It's maybe when one of the founders

0:49:31.160,0:49:38.200
says something like completely[br]controversial or absurd. This is being

0:49:38.200,0:49:42.100
recorded, isn't it? Then then yeah, we[br]have we have lost some number,

0:49:42.100,0:49:47.009
understandably, but still the served[br]population just grows day in and day out.

0:49:47.009,0:49:50.279
And I am expecting in 2020, at this[br]current rate, we are looking at a at

0:49:50.279,0:49:55.970
around 400, 400 to 500 new members a day,[br]on the Mattermost at least. And with

0:49:55.970,0:50:02.779
branch server deployments, it'll be three[br]or four month until we've filled all the

0:50:02.779,0:50:09.450
national branch requirements. There is no[br]problem for that. Mattermost is seemingly

0:50:09.450,0:50:17.430
reasonably enjoyed, not so geeky in that[br]sense. Discourse is also very widely used

0:50:17.430,0:50:23.859
within the, I mean Twitter uses Discourse[br]internally, but also publicly. We see many

0:50:23.859,0:50:28.990
large corporations and organizations and[br]NGOs using Discourse as a forum solution,

0:50:28.990,0:50:33.240
as a discussion forum solution. So it's[br]actually familiar to a lot of a lot of

0:50:33.240,0:50:38.869
people anyway. The geeky ness, I would say[br]is probably when we start talking about

0:50:38.869,0:50:42.380
the need for a VPN. That's when a lot of[br]people just switch off. So there's a lot

0:50:42.380,0:50:46.160
of cultural work, techno cultural work, if[br]you like, that needs to be done there in

0:50:46.160,0:50:52.599
order to secure the movement further.[br]Herald: Thank you. Microphone number five,

0:50:52.599,0:50:55.599
please.[br]Microphone 5: Hi there. Um, so you talked

0:50:55.599,0:50:58.589
all about your communication[br]infrastructure. Can you share anything

0:50:58.589,0:51:03.420
about your financial infrastructure?[br]Julian: That's also very varied, too. I

0:51:03.420,0:51:07.609
mean, branches have their own funding[br]coming in, but then there are others that

0:51:07.609,0:51:13.000
that will receive funding from. Previously[br]it was the UK was managing a lot of that

0:51:13.000,0:51:19.150
funding. That's entirely switching now to[br]the international support team, which is a

0:51:19.150,0:51:23.089
multinational group, if you like,[br]organization within Extinction Rebellion

0:51:23.089,0:51:26.970
that does handle all the finances and[br]donors would come to the movement wanting

0:51:26.970,0:51:31.079
to give money. And then that's distributed[br]throughout the movement as needed to meet

0:51:31.079,0:51:38.230
the ends of branches. It's still just a[br]year in and it's still quite varied. I

0:51:38.230,0:51:44.240
mean, XR Germany, for instance, actually[br]donated to the global movement recently.

0:51:44.240,0:51:49.950
So it came back that way. It's I think[br]it's it's always going to be relatively ad

0:51:49.950,0:51:56.190
hoc, especially also given the fact that[br]some financial institutions, state craft

0:51:56.190,0:52:05.170
are very much on the tail of. I just spoke[br]too much didn't I. But method no. Yep. You

0:52:05.170,0:52:09.099
need to be very careful about about where[br]bank accounts are as regards the tax

0:52:09.099,0:52:13.359
state. And so I think it's it's gonna be a[br]changing environment for quite some time.

0:52:13.359,0:52:16.690
I didn't actually know much about the[br]finances side of things to answer that

0:52:16.690,0:52:21.210
wholely, but yeah. Thanks.[br]Herald: Thank you. Microphone number

0:52:21.210,0:52:25.640
three, please.[br]Microphone 3: Hi. A lot of people find it

0:52:25.640,0:52:30.390
very hard to go from this content to[br]dissent and more people tend to get

0:52:30.390,0:52:36.960
involved, involved if we lower the barrier[br]of entry. So, you know, it sounds great

0:52:36.960,0:52:43.819
when you say like a couple, couple a few[br]hundred new people a day globally. I

0:52:43.819,0:52:48.089
suspect it would be more the low the more[br]you lower the barrier of entry if you have

0:52:48.089,0:52:52.599
some sort of a gateway drug. So what are[br]you thinking about making some kind of

0:52:52.599,0:52:57.990
system, some some kind of easy invite,[br]sort of a one click, get an invite to

0:52:57.990,0:53:00.930
Mattermost thing that would make it[br]easier.

0:53:00.930,0:53:06.401
Julian: Well that already exists. The[br]organise.earth is really only the global

0:53:06.401,0:53:12.569
hub where branches will, for instance,[br]interrelate, collaborate and interoperate,

0:53:12.569,0:53:15.010
if you like. But the branch server[br]deployments themselves, they will handle

0:53:15.010,0:53:20.329
their own onboarding, if you like, but[br]there is certainly some streamlining to be

0:53:20.329,0:53:24.000
done there. One of the things that comes[br]up a lot is password complexity. We have a

0:53:24.000,0:53:28.410
very strict password complexity policy and[br]that really frustrates people that would

0:53:28.410,0:53:33.910
like to name, would like to give the[br]password the name of the dog, and the

0:53:33.910,0:53:39.500
year, maybe, at best. But you know, we[br]really need to work on on finding a sweet

0:53:39.500,0:53:44.150
spot. We don't want to also have people[br]going into arrest, forgetting to power off

0:53:44.150,0:53:50.269
their phone after following the encryption[br]operational security guiding that we have.

0:53:50.269,0:53:55.960
And then their phone is, you know, face[br]swiped into or something like this or

0:53:55.960,0:53:59.990
they're just tricked into swipe-unlocking[br]the phone as happened in the UK and then

0:53:59.990,0:54:05.150
they're going to find their way into the[br]platforms with best guess passwords. I

0:54:05.150,0:54:07.819
mean, who knows? We need to find a common[br]middle ground, but also educate as to why

0:54:07.819,0:54:12.300
it's important that we use these platforms[br]and in these ways and have passwords of

0:54:12.300,0:54:16.280
these strengths, etc.. It's an ongoing[br]process.

0:54:16.280,0:54:19.759
Herald: I see the Interwebs has a[br]question.

0:54:19.759,0:54:23.589
Signal angel: Someone in the IRC wants to[br]know, why did you think it was necessary

0:54:23.589,0:54:28.720
to set up new infrastructure instead of[br]using other radical tech infrastructures

0:54:28.720,0:54:35.130
like Riseup for example?[br]Julian: Well, Riseup had, yeah, has its

0:54:35.130,0:54:39.150
own problems. We really wanted to go have[br]community-run infrastructure such that we

0:54:39.150,0:54:44.599
can legally be responsible for that[br]infrastructure, that we can say that it is

0:54:44.599,0:54:48.900
here for us and that if there is any,[br]there's any attacks on that

0:54:48.900,0:54:51.750
infrastructure, we are in a much better[br]legal position to be able to represent

0:54:51.750,0:54:58.940
ourselves from our operational[br]circumstance and jurisdictional

0:54:58.940,0:55:04.509
circumstance. It was also very important[br]that it's in Switzerland. Importantly, in

0:55:04.509,0:55:10.230
Switzerland, for Swiss data centers, you[br]need to break the law in Switzerland

0:55:10.230,0:55:17.220
before there can even be a request for,[br]say, a server seizure. And that needs to

0:55:17.220,0:55:20.880
go through the highest courts. This makes[br]Switzerland a very, very nice place to

0:55:20.880,0:55:25.319
actually deploy server infrastructure for[br]a civil disobedience movement. Riseup

0:55:25.319,0:55:31.100
simply doesn't meet it in that capacity.[br]Herald: Thank you. Microphone number one,

0:55:31.100,0:55:34.619
please.[br]Microphone 1: So my question was partially

0:55:34.619,0:55:39.150
responded already about the financial[br]infrastructure you have. I know some

0:55:39.150,0:55:43.000
associations, but like, you know, they[br]could afford a hundred bucks per year or

0:55:43.000,0:55:47.680
something like that, because that's so low[br]and, you know, doing brilliant work. But

0:55:47.680,0:55:52.579
so it seems to me that you deployed tens[br]of servers just for the V1. So what are

0:55:52.579,0:55:58.420
your initial cost? Could you lighten up[br]that so that I can act back home? How do

0:55:58.420,0:56:04.220
you get the money initially?[br]Julian: I installed almost all of that

0:56:04.220,0:56:07.749
infrastructure without receiving a single[br]cent from extinction rebellion. And in

0:56:07.749,0:56:11.059
fact, I receive very, very little money[br]from extinction rebellion now. And it was

0:56:11.059,0:56:17.190
only after burning through all of my[br]savings from November to August, I burned

0:56:17.190,0:56:20.990
through all of my savings and ran myself[br]financially into the ground, ended it

0:56:20.990,0:56:25.859
entirely on a gratis basis. And only then[br]after that, I have a very small amount of

0:56:25.859,0:56:29.800
living expenses paid, which is really[br]tiny, but just enough to cover my costs.

0:56:29.800,0:56:34.060
And I can make a lot of money deploying[br]servers if I wish to for dreary NGOs etc.

0:56:34.060,0:56:37.690
etc., but I have dedicated myself to do[br]this on the grounds that it needs to be

0:56:37.690,0:56:42.850
done and it needed to be done. Yeah. So it[br]was actually free for the movement.

0:56:42.850,0:56:56.880
<i>Applause</i>[br]Herald: Thank you for that.

0:56:56.880,0:56:59.359
Julian: Pleasure.[br]Herald: Microphone number two, please.

0:56:59.359,0:57:05.159
Microphone 2: Right. You already mentioned[br]that these server partitions are encrypted

0:57:05.159,0:57:12.230
at the data center. So do you have any[br]other OPSEC mechanism in place? For

0:57:12.230,0:57:16.249
example, if these data center's raided?[br]Julian: The data center can't actually, at

0:57:16.249,0:57:20.450
least without it being a breach of[br]constitutional law in Switzerland, be

0:57:20.450,0:57:31.390
raided. But there, are there are some[br]measures put in place for a switch-off in

0:57:31.390,0:57:36.589
the event. But I can't talk about that[br]without putting other people on the hot

0:57:36.589,0:57:41.470
seat. Yeah, but it is it is all sorted.[br]Yeah.

0:57:41.470,0:57:45.660
Herald: <i>laughing</i> Thank you. The Internet has[br]another question.

0:57:45.660,0:57:49.680
Signal angel: Someone on the IRC wants to[br]know, do you share the recipes for your

0:57:49.680,0:57:56.410
DevOps deployments? And specifically were,[br]Signal and Wire difficult to set up?

0:57:56.410,0:58:05.720
Julian: Well, Signal is not so difficult[br]to set up, but maybe it is easily confused

0:58:05.720,0:58:10.150
with the fact I mentioned the Wire server[br]deployment. I'm in talks with Wire at the

0:58:10.150,0:58:14.180
moment. Does that make Wire about a server[br]deployment for the movement such that we

0:58:14.180,0:58:21.380
can actually run our own entirely and[br]again, write apps for that for that server

0:58:21.380,0:58:30.210
for use in the movement. But I think Wire[br]and Signal, as far as an end user install,

0:58:30.210,0:58:34.380
it is extremely easy in getting them up[br]and running. I think Signal has problems

0:58:34.380,0:58:40.770
obviously with the phone number discovery[br]aspect. I mean, SIM cards, I don't know,

0:58:40.770,0:58:45.599
they're license plate numbers these days.[br]I'm really quite a fan of Wire's non-

0:58:45.599,0:58:52.380
dependance on that. But as far as the[br]blueprints are concerned, I really do hope

0:58:52.380,0:58:59.260
to write, as part of my self-obsolescence[br]plan is to write a full documentation for

0:58:59.260,0:59:04.349
the server installs, for the for the post[br]install ordering and such that I can be

0:59:04.349,0:59:07.420
handed over to someone else to do the[br]deployments for me. And I think I have

0:59:07.420,0:59:11.500
actually found that person. That person[br]happens to be German and very, very sharp.

0:59:11.500,0:59:16.490
So, I look forward to the possibility of[br]publishing that at that point. But for

0:59:16.490,0:59:20.340
now, it's just a case of me doing the[br]deployment, and then I sit down with

0:59:20.340,0:59:24.970
sysadmins for 10 to 25 hours and walk them[br]through what that server is and how they

0:59:24.970,0:59:28.269
can sail that ship. It's how it's done at[br]the moment.

0:59:28.269,0:59:31.259
Herald: Thank you. I think this is a call[br]for participation, right?

0:59:31.259,0:59:35.180
Julian: It is indeed.[br]Herald: Microphone number two, please.

0:59:35.180,0:59:38.480
Microphone 2: Is the Mattermost fork[br]public available?

0:59:38.480,0:59:42.710
Julian: It will be, absolutely. I mean,[br]it's just started. It's something that we

0:59:42.710,0:59:46.339
just kicked off. So hopefully, by about[br]midyear, I think we might have something

0:59:46.339,0:59:52.650
that you could put into staging, maybe not[br]production ready, but we'll see. Yeah, I

0:59:52.650,0:59:55.300
think it's gonna be great. And it's gonna[br]be great for the community as a whole. I

0:59:55.300,0:59:58.150
mean, outside of extinction rebellion, but[br]just those that would like an alternative

0:59:58.150,1:00:02.049
to Slack that doesn't have dumbed down[br]team admin controls and has maybe

1:00:02.049,1:00:05.530
federation, if you really want to grow[br]something really, really big. The sweet

1:00:05.530,1:00:11.760
spot is a folk Mattermost. I'm convinced.[br]Herald: Thank you. Microphone number

1:00:11.760,1:00:15.410
three, please.[br]Microphone 3: Why no digital civil

1:00:15.410,1:00:18.700
disobedience?[br]Julian: Ah, yes, I can't talk about that,

1:00:18.700,1:00:23.170
but I'm very, very enthusiastic about it[br]and have been engaged in that a little bit

1:00:23.170,1:00:29.009
here and there in the past. But yeah,[br]electronic civil disobedience is, is very

1:00:29.009,1:00:32.790
close to my heart. And there's lots of it[br]happening in the movement and it will be

1:00:32.790,1:00:38.160
in 2020, but I can't talk about that[br]obviously, at all. Yeah. Would love to,

1:00:38.160,1:00:42.139
but I can't.[br]Herald: So sad. Microphone number two,

1:00:42.139,1:00:45.049
please.[br]Microphone 2: You're running a lot of

1:00:45.049,1:00:48.150
services with huge attack surface. What is[br]the worst that could happen should your

1:00:48.150,1:00:51.249
infrastructure get compromised?[br]Julian: With, services with what, sorry?

1:00:51.249,1:00:54.280
Microphone 2: What is the worst that could[br]happen if your infrastructure is

1:00:54.280,1:01:00.460
compromised?[br]Julian: Um, well, the branch servers are

1:01:00.460,1:01:06.660
entirely decentralized from the, from the[br]organise.earth hub. Um, I would like to

1:01:06.660,1:01:11.340
think that it's highly unlikely that[br]organise.earth is compromised, but if it

1:01:11.340,1:01:20.210
were to be compromised and I was not able[br]to instigate a power-off event in process

1:01:20.210,1:01:27.010
or prior, then unfortunately it would be,[br]there'll be access to large email, um,

1:01:27.010,1:01:35.130
registration information, largely, and our[br]DB is database encrypted at the database

1:01:35.130,1:01:40.789
layer, but unfortunately if one has root,[br]if one can privacy escalate to root, then

1:01:40.789,1:01:46.250
you would have access, potentially, to a[br]decryption of the database. But there's

1:01:46.250,1:01:54.579
little we can really do about that. Um, if[br]we find in 2020, let's say there is

1:01:54.579,1:02:00.859
encrypted by default. In other words, zero[br]knowledge with OMEMO or with Riot

1:02:00.859,1:02:05.510
abstracted over Matrix and Synapse, well,[br]hopefully Dendrite, written in Go. And it

1:02:05.510,1:02:08.859
is really performant and it can run six[br]figure populations, it can support six

1:02:08.859,1:02:12.339
figure populations, then we'll absolutely[br]switch to that and I will drive that

1:02:12.339,1:02:17.869
change and that time. But in the meantime,[br]just use Mattermost for general team chat.

1:02:17.869,1:02:22.440
Everything else goes over Signal or Wire.[br]That's how the movement runs right now.

1:02:22.440,1:02:26.079
Yeah.[br]Herald: Thank you. Unfortunately, we run

1:02:26.079,1:02:30.970
out of time. Julian, would you be able to[br]answer questions in the, uh, after talk?

1:02:30.970,1:02:34.910
Julian: Yes, of course. Yes, absolutely.[br]Herald: So the offer, if you have

1:02:34.910,1:02:40.840
questions, come together, come to him and[br]ask you questions. Julian Oliver, thank

1:02:40.840,1:02:42.840
you very much.[br]Julian: Thanks, guys.

1:02:42.840,1:02:44.380
<i>Applause</i>

1:02:44.380,1:02:49.381
<i>postroll music</i>

1:02:49.381,1:03:12.000
Subtitles created by c3subtitles.de[br]in the year 2020. Join, and help us!