1 00:00:00,000 --> 00:00:01,388 ... wanted to be able to use 2 00:00:01,484 --> 00:00:03,114 Thunderbird and GnuPG together with Tor, 3 00:00:03,279 --> 00:00:04,744 and so we thought: 4 00:00:04,884 --> 00:00:07,103 oh, it would be really easy, I bet, 5 00:00:07,164 --> 00:00:09,694 to configure Thunderbird to work with Tor 6 00:00:09,753 --> 00:00:11,989 - hah - so a new Free software project was born. 7 00:00:12,758 --> 00:00:15,403 It's a really simple thing, but basically 8 00:00:15,530 --> 00:00:18,162 it's just a package that hooks it all together. 9 00:00:18,285 --> 00:00:21,277 So a lot of people were using Thunderbird 10 00:00:21,361 --> 00:00:23,797 and TorBirdy, and GnuPG, and Tor, 11 00:00:23,966 --> 00:00:26,031 and Debian, together for email, 12 00:00:26,100 --> 00:00:30,748 combined with Riseup as an email service. 13 00:00:30,829 --> 00:00:36,954 So it's a literally a real peer to peer, Free software driven set of things, 14 00:00:37,679 --> 00:00:41,221 actually, that made it possible. 15 00:00:48,559 --> 00:00:50,438 [question]: So one thing I never understood about this 16 00:00:50,610 --> 00:00:53,464 process was exactly how the documents were handled, and maybe that's because nobody 17 00:00:53,634 --> 00:00:57,561 wants to say, but, you know, did you leave them on a server somewhere and download 18 00:00:57,690 --> 00:01:00,807 them, hand them over to people, and who took what where, and how do you... 19 00:01:01,263 --> 00:01:05,069 in case I need to do something really dangerous with a load of documents, 20 00:01:05,198 --> 00:01:07,764 what's the best way of doing it? 21 00:01:07,891 --> 00:01:10,879 [laughter] 22 00:01:12,758 --> 00:01:14,763 [Jacob]: Hmm! 23 00:01:16,555 --> 00:01:18,859 [audience member]: It's a good thing this isn't being streamed. 24 00:01:19,498 --> 00:01:21,593 I'm sorry, what? 25 00:01:21,845 --> 00:01:24,789 There was a voice from god, what did she say? 26 00:01:25,169 --> 00:01:27,261 [audience]: I said good we aren't streaming tonight. 27 00:01:27,478 --> 00:01:30,162 Oh yeah, so hello to all of our friends 28 00:01:30,246 --> 00:01:34,133 in domestic and international surveillance services. 29 00:01:34,819 --> 00:01:37,458 Well, so I won't answer your question, 30 00:01:37,587 --> 00:01:40,146 but since you asked the question, it's my turn to talk. 31 00:01:40,407 --> 00:01:41,600 So what I would say is that... 32 00:01:41,686 --> 00:01:44,075 if you want to do clandestine activities 33 00:01:44,198 --> 00:01:46,161 that you fear for your life for, 34 00:01:46,291 --> 00:01:48,211 you need to really think about the situation that you're in 35 00:01:48,298 --> 00:01:49,361 very carefully. 36 00:01:49,447 --> 00:01:52,093 And so a big part of this is operational security 37 00:01:52,182 --> 00:01:54,272 and a big part of that is compartmentalization. 38 00:01:54,359 --> 00:01:56,530 So certain people had access to certain things, 39 00:01:56,699 --> 00:01:58,195 but maybe they couldn't decrypt them, 40 00:01:58,364 --> 00:02:00,968 and certain things were moved around, 41 00:02:01,052 --> 00:02:03,487 and that's on a need to know basis, 42 00:02:03,616 --> 00:02:05,067 and those people who knew, 43 00:02:05,191 --> 00:02:09,845 which is not me - I don't know anything, I don't know what you're talking about. 44 00:02:09,845 --> 00:02:11,888 Those people knew, and then you know, 45 00:02:12,016 --> 00:02:13,427 it'll go with them to their grave. 46 00:02:13,515 --> 00:02:15,729 So if you're interested in being the next Edward Snowden, 47 00:02:15,860 --> 00:02:17,225 you need to do your homework 48 00:02:17,397 --> 00:02:20,341 in finding people that will be able to do the other part of it, let's say. 49 00:02:20,341 --> 00:02:22,771 But just in general, I mean 50 00:02:22,858 --> 00:02:24,826 compartmentalization is key, right. 51 00:02:24,949 --> 00:02:27,163 So it's not just for AppArmor profiles. 52 00:02:27,294 --> 00:02:30,285 So you need to think about what you want to do. 53 00:02:30,364 --> 00:02:33,563 And I mean a big part of this is to consider that the network itself 54 00:02:33,651 --> 00:02:36,935 is the enemy, even though it is useful for communicating. 55 00:02:37,063 --> 00:02:40,730 So all the metadata that exists on the network 56 00:02:40,863 --> 00:02:42,871 could have tipped people off, could have caused 57 00:02:42,997 --> 00:02:44,363 this whole thing to fall apart. 58 00:02:44,489 --> 00:02:46,789 It really is amazing, I feel like you know 59 00:02:46,923 --> 00:02:48,157 two and half, three years ago, 60 00:02:48,240 --> 00:02:49,866 when you talk about Free software, 61 00:02:49,949 --> 00:02:51,617 and you talk about the idea of Free software, 62 00:02:51,743 --> 00:02:55,242 and you talk about issues relating to autonomy and privacy, and security 63 00:02:55,324 --> 00:02:57,803 you have a really different reception now than you did then, 64 00:02:57,928 --> 00:02:58,997 and that's really what it took 65 00:02:59,163 --> 00:03:01,596 to turn the world half a degree, or something, 66 00:03:01,728 --> 00:03:03,899 or a quarter of a degree or something. 67 00:03:04,881 --> 00:03:08,165 So I'm not going to tell you about detailed plans for conspiracy, 68 00:03:08,298 --> 00:03:10,943 but I highly encourage you to read about South African history, 69 00:03:11,028 --> 00:03:13,588 in particular the history of Umkhonto we Sizwe. 70 00:03:13,718 --> 00:03:17,979 They are the clandestine communications group for MK, 71 00:03:18,023 --> 00:03:20,881 or rather the operation who lay inside of MK, 72 00:03:20,881 --> 00:03:22,675 which is Umkhonto we Sizwe, 73 00:03:22,800 --> 00:03:25,151 and they are sort of with the African National Congress, 74 00:03:25,360 --> 00:03:28,760 and those people have published so many books about the revolutionary activities 75 00:03:28,852 --> 00:03:31,239 to overthrow the apartheid state. 76 00:03:31,366 --> 00:03:33,756 If you read these books, especially the book "Operation Vula" 77 00:03:33,880 --> 00:03:36,188 and "Armed and Dangerous" by Ronnie Kasrils 78 00:03:36,272 --> 00:03:38,705 they give you some idea about what you need to do 79 00:03:38,835 --> 00:03:40,279 which is to compartmentalize, 80 00:03:40,410 --> 00:03:42,542 how to find people to do various tasks, specific tasks, 81 00:03:42,719 --> 00:03:45,188 how to work on building trust with each other, what that looks like, 82 00:03:45,272 --> 00:03:47,196 how to identify political targets, 83 00:03:47,278 --> 00:03:50,313 how you might use things like communications technology 84 00:03:50,397 --> 00:03:53,037 to change the political topic on, 85 00:03:53,129 --> 00:03:55,426 and the discussion in general. 86 00:03:55,556 --> 00:03:59,523 And I think the best way to learn about these things is to study previous people 87 00:03:59,609 --> 00:04:01,660 who have tried to do that kind of stuff. 88 00:04:01,742 --> 00:04:05,241 And the NSA is not the apartheid regime of South Africa, 89 00:04:05,241 --> 00:04:06,890 but there are still lessons to be learned there, 90 00:04:06,986 --> 00:04:10,060 so if you really want to know the answer to that, also Che Guevara's manual 91 00:04:10,184 --> 00:04:12,104 on guerilla warfare is very interesting, 92 00:04:12,287 --> 00:04:13,774 and there's a lot of other books like that. 93 00:04:13,854 --> 00:04:15,691 I'd be happy to talk about it with you later. 94 00:04:15,852 --> 00:04:18,456 And I have nothing to do with anything that we may or may not have done. 95 00:04:18,547 --> 00:04:20,213 [laughter] 96 00:04:24,900 --> 00:04:28,280 [question]: Do you think there is a chance that things may get better 97 00:04:28,725 --> 00:04:33,050 for example I know that publicly, some programs were not extended 98 00:04:33,950 --> 00:04:37,212 but I don't know what is happening in the background 99 00:04:37,390 --> 00:04:43,147 so maybe it's the same thing but they are pretending that it's not 100 00:04:43,486 --> 00:04:45,193 How do you see this? 101 00:04:45,409 --> 00:04:47,713 [Jacob]: Well I think a couple of things. 102 00:04:47,794 --> 00:04:53,937 In general I think what happened, not just with this movie but with all of these things 103 00:04:54,066 --> 00:04:56,073 is that in inspired hope, 104 00:04:56,073 --> 00:04:57,353 and the hope is very important, 105 00:04:57,441 --> 00:05:01,151 but hope is not a strategy for survival, or for building alternatives, 106 00:05:01,279 --> 00:05:03,495 so what it has also done, is that it has allowed us to raise the profile 107 00:05:03,670 --> 00:05:05,500 of the things which actually do make it better. 108 00:05:05,587 --> 00:05:08,832 For example ridding ourselves of the chains of proprietary software 109 00:05:08,961 --> 00:05:12,071 is something that's a serious discussion with people that wouldn't have previously 110 00:05:12,158 --> 00:05:14,849 talked about Free software because they don't care about liberty, 111 00:05:14,972 --> 00:05:16,510 they care about security. 112 00:05:16,679 --> 00:05:18,689 And even though I think those are really simliar things, 113 00:05:18,774 --> 00:05:21,118 previously they just thought we were just Free software hippies, 114 00:05:21,251 --> 00:05:22,402 in tie-dye shirts 115 00:05:22,486 --> 00:05:25,086 and while that may be true on the weekends and evenings 116 00:05:25,086 --> 00:05:27,581 or with Bdale every day [laughter] 117 00:05:27,581 --> 00:05:29,541 I think that actually does make it better 118 00:05:29,671 --> 00:05:32,784 And it also changes the dialogue, in the sense that it's no longer reasonable 119 00:05:32,878 --> 00:05:37,307 to pretend that mass surveillance and surveillance issues don't matter, 120 00:05:37,439 --> 00:05:39,145 because if you really go down the rabbit-hole 121 00:05:39,231 --> 00:05:42,257 of thinking about what some of the security services are trying to do 122 00:05:42,257 --> 00:05:45,289 it becomes obvious that we want to encrypt everything all the time 123 00:05:45,289 --> 00:05:48,101 to beat selector-based surveillance and dragnet-based surveillance. 124 00:05:48,187 --> 00:05:50,276 It doesn't matter if something is authenticated 125 00:05:50,366 --> 00:05:52,683 You could still trigger some action to take place 126 00:05:52,762 --> 00:05:54,387 with these kinds of surveillance machines 127 00:05:54,473 --> 00:05:56,774 that could for example drone strike someone, 128 00:05:56,905 --> 00:05:58,440 and so it raises that. 129 00:05:58,524 --> 00:05:59,840 And that gives me a lot of hope too, 130 00:06:00,008 --> 00:06:03,378 because people understand the root of the problem, 131 00:06:03,466 --> 00:06:05,002 or the root of many problems 132 00:06:05,087 --> 00:06:07,090 and the root of some violence in the world, actually. 133 00:06:07,217 --> 00:06:09,098 And so it helps us to reduce that violence 134 00:06:09,222 --> 00:06:10,761 by getting people to acknowledge that it's real 135 00:06:10,848 --> 00:06:12,209 and also that they care about it 136 00:06:12,294 --> 00:06:14,078 and that we care about each other. 137 00:06:14,132 --> 00:06:16,861 So that really gives me a lot of hope, and part of that is Snowden 138 00:06:16,990 --> 00:06:18,483 and part of that is the documents 139 00:06:18,569 --> 00:06:20,276 but the other part of it is that.. 140 00:06:20,401 --> 00:06:25,013 I don't want to blow it up and make it sound like we did something 141 00:06:25,144 --> 00:06:26,630 like a big deal, 142 00:06:26,758 --> 00:06:29,916 but in a sense, Laura, Glen, myself and a number of other people 143 00:06:30,001 --> 00:06:32,526 were really not sure we would ever be able to travel home to our country 144 00:06:32,693 --> 00:06:34,142 that we wouldn't be arrested. 145 00:06:34,227 --> 00:06:36,487 I actually haven't been home in over two and half years, 146 00:06:36,618 --> 00:06:38,747 well, two years and three months or something 147 00:06:38,833 --> 00:06:41,992 I went out on a small business trip that was supposed to last two weeks 148 00:06:42,075 --> 00:06:43,484 and then this happened 149 00:06:43,569 --> 00:06:44,893 and I've been hear ever since. 150 00:06:44,893 --> 00:06:46,516 It's a really long, crazy trip. 151 00:06:46,644 --> 00:06:50,868 But the point is that that's what was necessary to make some of these changes 152 00:06:51,035 --> 00:06:53,474 and eventually it will turn around 153 00:06:53,599 --> 00:06:54,667 and I will be able to go home, 154 00:06:54,667 --> 00:06:57,096 and Laura and Glen will be able to travel to the US again. 155 00:06:57,178 --> 00:07:00,062 Obviously, Julian is still stuck in the Ecuadorian embassy 156 00:07:00,232 --> 00:07:01,807 Sarah lives in exile in Berlin, 157 00:07:01,807 --> 00:07:03,048 I live in exile in Berlin, 158 00:07:03,048 --> 00:07:04,539 And Ed is in Moscow 159 00:07:04,667 --> 00:07:07,528 So we're not finished with some of these things 160 00:07:07,613 --> 00:07:11,708 and it's also possible that we are, the set of people I mentioned, 161 00:07:11,836 --> 00:07:15,163 the state we're in, will stay that way forever. 162 00:07:15,248 --> 00:07:16,918 But what matters is that the rest of the world 163 00:07:17,043 --> 00:07:19,044 can actually move on and fix some of these problems, 164 00:07:19,044 --> 00:07:20,920 and I have a lot of hope about that. 165 00:07:21,007 --> 00:07:24,040 And I see a lot of change, that's the really big part. 166 00:07:24,128 --> 00:07:29,795 Like I see the reproducible build stuff that Holger and Lunar are working on. 167 00:07:29,969 --> 00:07:32,872 People really understand the root reason for needing to do that 168 00:07:32,961 --> 00:07:34,788 and actually seems quite reasonable to people 169 00:07:34,919 --> 00:07:37,521 who would previously have expended energy against it, 170 00:07:37,607 --> 00:07:40,722 in support of it, so I think that's really good. 171 00:07:40,722 --> 00:07:43,026 And there's a lot of other hopeful things. 172 00:07:43,109 --> 00:07:45,456 So I would try and be as uplifting as possible. 173 00:07:45,585 --> 00:07:47,588 It's not just the rum! 174 00:07:50,281 --> 00:07:53,651 [question]: Near the end of the film we saw something about another source. 175 00:07:53,736 --> 00:07:57,147 I may have been missing some news or something 176 00:07:57,314 --> 00:08:01,208 but I don't remember anything about that being public. 177 00:08:01,296 --> 00:08:02,943 Do you know what happened to them? 178 00:08:03,031 --> 00:08:05,633 [Jacob]: As far as I know any other source that was mentioned in the film 179 00:08:05,719 --> 00:08:08,364 is still anonymous, and they're still free. 180 00:08:08,492 --> 00:08:11,221 I'm not exactly sure because I was not involved in that part 181 00:08:11,390 --> 00:08:13,188 but I also saw the end of the film 182 00:08:13,309 --> 00:08:16,424 and I've seen a bunch of other reporting which wasn't attributed to anyone in particular 183 00:08:16,552 --> 00:08:21,375 So the good news... there's an old slogan from the Dutch hacker community, right? 184 00:08:21,547 --> 00:08:22,956 "Someone you trust is one of us, 185 00:08:23,038 --> 00:08:25,983 and the leak is higher up in the chain of command than you" 186 00:08:26,067 --> 00:08:30,718 And I feel like that might be true again, hopefully. 187 00:08:32,765 --> 00:08:34,856 I think that guy has a question as well. 188 00:08:34,945 --> 00:08:39,303 [question]: Part of the problem initially was that encryption software 189 00:08:39,428 --> 00:08:42,285 was not so easy to use, right? 190 00:08:42,285 --> 00:08:44,211 And I think part of the challenge for everyone 191 00:08:44,211 --> 00:08:47,744 was to improve on that situation to make it better 192 00:08:47,917 --> 00:08:52,526 so I'm asking you if you've observed any change and to the rest of the room 193 00:08:52,654 --> 00:08:56,148 have we done anything to improve on that? 194 00:08:57,049 --> 00:09:00,714 [Jacob]: I definitely think that there is a lot of free software 195 00:09:00,843 --> 00:09:02,723 that makes encryption easier to use, 196 00:09:02,894 --> 00:09:05,620 though not always on free platforms, which really is heart-breaking. 197 00:09:05,711 --> 00:09:09,078 For example Moxie Marlinspike has done a really good job 198 00:09:09,165 --> 00:09:10,914 with Signal, Textsecure and Redphone 199 00:09:10,914 --> 00:09:14,030 and making end-to-end, encrypted calling, texting, sexting, 200 00:09:14,111 --> 00:09:16,717 and whatever apps, 201 00:09:17,183 --> 00:09:20,044 sext-secure is what I think it's nicknamed 202 00:09:20,127 --> 00:09:22,433 and I'm very impressed by that, and it works really well 203 00:09:22,517 --> 00:09:24,572 and it's something which, especially in the last two years, 204 00:09:24,663 --> 00:09:27,517 if you have a cell-phone, which I don't recommend 205 00:09:27,560 --> 00:09:31,100 but if you have a cell-phone, and you put in everyone's phone number, 206 00:09:31,234 --> 00:09:34,519 a lot of people that I would classify as non-technical people, 207 00:09:34,599 --> 00:09:37,290 that don't care about Free software as a hobby or as a passion 208 00:09:37,415 --> 00:09:39,209 or as a profession. 209 00:09:39,209 --> 00:09:40,446 You see their names in those systems 210 00:09:40,532 --> 00:09:42,537 often more than some of the Free software people, 211 00:09:42,709 --> 00:09:44,460 and that's really impressive to me, 212 00:09:44,582 --> 00:09:48,295 and I think there's been a huge shift just generally about those sorts of things 213 00:09:48,380 --> 00:09:51,155 also about social responsibility, 214 00:09:51,374 --> 00:09:53,840 or people understand they have a responsibility to other people 215 00:09:54,011 --> 00:09:57,557 to encrypt communications, and not to put people in harm's way 216 00:09:57,685 --> 00:10:01,439 by sending unsafe stuff over unsafe communication lines. 217 00:10:01,570 --> 00:10:04,937 So I think in my personal view it's better. 218 00:10:05,068 --> 00:10:07,924 But the original problem wasn't actually that the encryption was hard to use. 219 00:10:08,053 --> 00:10:10,656 I think the main problem is people didn't understand the reason 220 00:10:10,782 --> 00:10:12,572 that it needed to be done 221 00:10:12,700 --> 00:10:16,727 and they believed the lie that is targetted versus mass surveillance. 222 00:10:16,859 --> 00:10:20,099 And there's a big lie, and the lie is that there is such a thing 223 00:10:20,187 --> 00:10:22,236 as targeted surveillance. 224 00:10:22,363 --> 00:10:24,924 In the modern era, most so-called targetted surveillance actually happens 225 00:10:24,924 --> 00:10:26,455 through mass surveillance. 226 00:10:26,455 --> 00:10:28,418 They gather everything up, and then they look through the thing 227 00:10:28,551 --> 00:10:30,211 they've already seized. 228 00:10:30,211 --> 00:10:32,945 And of course there are targetted, focussed attacks. 229 00:10:33,073 --> 00:10:36,358 But the main thing is that the abuse of surveillance often happens 230 00:10:36,443 --> 00:10:37,805 on an individual basis. 231 00:10:37,894 --> 00:10:39,681 It also has a societal cost. 232 00:10:39,681 --> 00:10:41,816 I think a lot of people really understand that. 233 00:10:41,904 --> 00:10:45,961 It's probably because I also live in Germany now for the last two years 234 00:10:46,040 --> 00:10:49,583 but I feel that German society in particular is extremely aware 235 00:10:49,751 --> 00:10:52,012 of these abuses in the modern world 236 00:10:52,099 --> 00:10:55,299 and they have a historical context that allows them to talk about it 237 00:10:55,388 --> 00:10:58,288 with the rest of the world, where the world doesn't downplay it. 238 00:10:58,369 --> 00:10:59,948 So this is how other people relate to Germany 239 00:11:00,081 --> 00:11:02,681 not just about Germans relate to each other. 240 00:11:02,853 --> 00:11:06,390 And that has also been really good for just meeting regular people 241 00:11:06,520 --> 00:11:07,885 who really care about it, 242 00:11:08,058 --> 00:11:09,122 and who really want to do things. 243 00:11:09,249 --> 00:11:10,875 So people's parents email me, and are like 244 00:11:10,960 --> 00:11:12,197 "I want to protect my children, 245 00:11:12,325 --> 00:11:14,971 what's the best way to use crypto with them?" 246 00:11:15,099 --> 00:11:16,507 You know, things like that. 247 00:11:16,635 --> 00:11:19,450 And I didn't every receive emails like that in the past 248 00:11:19,618 --> 00:11:23,504 and that's to me is uplifting and very positive. 249 00:11:25,041 --> 00:11:27,748 [question]: A quick organisational question. 250 00:11:27,880 --> 00:11:30,497 Right now we're live-streaming the Q&A. Are you comfortable with that? 251 00:11:30,668 --> 00:11:31,632 [Jacob]: I don't think in the last three years I've ever had a moment 252 00:11:31,939 --> 00:11:35,002 that wasn't being recorded. 253 00:11:36,538 --> 00:11:39,324 [laughter, applause] 254 00:11:41,095 --> 00:11:43,056 [question]: If you're fine with it, moving on... 255 00:11:43,726 --> 00:11:47,512 [Jacob]: That's fine, just don't do it when I'm trying to sleep. 256 00:11:48,148 --> 00:11:51,477 [question]: I was wondering why Laura and you ended up in Germany 257 00:11:51,610 --> 00:11:54,894 because what you said about people in Germany might be true 258 00:11:54,981 --> 00:12:00,612 but I'm really ashamed about my Government and how they dealt with ???? 259 00:12:00,612 --> 00:12:04,153 and they are doing nothing for this. 260 00:12:04,451 --> 00:12:07,692 [Jacob]: The reason that we ended up in Germany 261 00:12:07,777 --> 00:12:10,850 is that I'd been attending Chaos Computer Club events 262 00:12:11,018 --> 00:12:12,728 for many years 263 00:12:12,810 --> 00:12:15,241 and there are bunch of people that are part of the Chaos Computer Club 264 00:12:15,371 --> 00:12:17,122 who are really supportive, and good people, 265 00:12:17,207 --> 00:12:19,299 who have a stable base, and an infrastructure. 266 00:12:19,427 --> 00:12:24,638 The German hacker scene has this phenomenon which is that 267 00:12:24,809 --> 00:12:27,071 it's a part of society. 268 00:12:27,290 --> 00:12:30,487 So there are people in the CCC who will talk with the constitutional court 269 00:12:30,569 --> 00:12:31,892 for example, 270 00:12:31,981 --> 00:12:34,488 and that creates a much more stable civil society 271 00:12:34,580 --> 00:12:36,196 and those people were willing to help us. 272 00:12:36,285 --> 00:12:38,627 They were willing to hold footage, to hold encrypted data. 273 00:12:38,716 --> 00:12:41,616 They were willing to help modify hardware. 274 00:12:41,702 --> 00:12:44,855 There was a huge base of support where people, even if they had fear, 275 00:12:44,985 --> 00:12:47,070 they did stuff anyway. 276 00:12:47,121 --> 00:12:49,894 And that support went back a long time. 277 00:12:49,977 --> 00:12:52,965 And so we knew that it would be safe to store footage for the film here. 278 00:12:53,051 --> 00:12:56,292 In Berlin, not in Heidelberg, but here in Germany. 279 00:12:56,464 --> 00:13:00,520 And we knew that, of course, there were people that would be helpful. 280 00:13:00,598 --> 00:13:03,334 In the US there's a much bigger culture of fear. 281 00:13:03,421 --> 00:13:06,033 People are afraid of having their houses raided by the police, 282 00:13:06,198 --> 00:13:08,118 where there's lots of detainments at the borders, 283 00:13:08,246 --> 00:13:10,081 where there's lots of speculative arrests, 284 00:13:10,249 --> 00:13:11,866 journalists that are jailed, 285 00:13:11,913 --> 00:13:15,196 so the situation was not to say that Germany was perfect. 286 00:13:15,327 --> 00:13:18,994 I revealed in Der Speigel with three other journalists that Merkel was spied on 287 00:13:19,129 --> 00:13:20,363 by the NSA. 288 00:13:20,489 --> 00:13:22,193 And it's clear that the Germany government was complicit 289 00:13:22,281 --> 00:13:23,860 with some of this surveillance. 290 00:13:23,948 --> 00:13:27,011 But in a sort of pyramid of surveillance there's a sort of colonialism 291 00:13:27,062 --> 00:13:28,299 that takes place. 292 00:13:28,426 --> 00:13:30,944 And that the NSA and GCHQ are at the top. 293 00:13:31,031 --> 00:13:33,374 And the Germans are little bit below that. 294 00:13:33,458 --> 00:13:37,225 The thing is that there's not a lot you can do about that. 295 00:13:37,350 --> 00:13:38,850 And so even though we revealed this about Merkel, 296 00:13:38,972 --> 00:13:40,680 it's not clear what she should do. 297 00:13:40,853 --> 00:13:42,260 It's not clear what anyone should do. 298 00:13:42,388 --> 00:13:45,415 But one thing that was clear was that if they wanted to break into our houses 299 00:13:45,546 --> 00:13:49,513 they would do it in a way that would cost them a lot politically. 300 00:13:49,594 --> 00:13:50,919 It would be very public. 301 00:13:51,048 --> 00:13:53,138 The last time someone raided someone working with Der Speigel 302 00:13:53,264 --> 00:13:55,784 was in 1962 during the Speigel affair, 303 00:13:55,870 --> 00:13:57,786 and some ministers were kicked out. 304 00:13:57,876 --> 00:14:00,346 You may have seen recently the Landersverrat thing 305 00:14:00,346 --> 00:14:01,718 with Netzpolitik. 306 00:14:01,718 --> 00:14:04,319 The charges against them now have been dropped. 307 00:14:04,444 --> 00:14:06,537 That would never happen in the United States. 308 00:14:06,619 --> 00:14:07,944 We would not be safe. 309 00:14:08,025 --> 00:14:09,815 And I still, for my investigative journalism, 310 00:14:09,861 --> 00:14:11,436 and my work with Wikileaks, 311 00:14:11,486 --> 00:14:12,718 and my work with the Tor project, 312 00:14:12,850 --> 00:14:14,510 I wouldn't even go back to the US, 313 00:14:14,597 --> 00:14:16,687 because there's no chance that if they wanted to do something to me 314 00:14:16,817 --> 00:14:20,828 that I would have any constitutional liberties, I think, 315 00:14:20,956 --> 00:14:22,621 and the same is true of Snowden. 316 00:14:22,703 --> 00:14:24,457 You just won't get that fair trial. 317 00:14:24,542 --> 00:14:27,998 And we thought at least here we would have ground to stand and fight on. 318 00:14:28,126 --> 00:14:30,427 And it's exactly what happened, and we won. 319 00:14:33,801 --> 00:14:35,887 [question]: This is also about the fear stuff that you talk about 320 00:14:35,975 --> 00:14:41,947 which is in the very old days we used to put red words in the end of every message 321 00:14:42,074 --> 00:14:45,915 to make sure that it would be hard to find the actual subversive message 322 00:14:46,003 --> 00:14:47,912 among all the noise. 323 00:14:47,962 --> 00:14:49,544 And you can think about the same thing here. 324 00:14:49,716 --> 00:14:56,344 Should we build our systems so that everything gets encrypted all the time? 325 00:14:56,430 --> 00:14:59,029 [Jacob]: So I have a lot of radical suggestions for what to do, 326 00:14:59,119 --> 00:15:01,165 but I'm going to talk about them tomorrow in the keynote mostly. 327 00:15:01,332 --> 00:15:03,928 But to give you an example, when you install Debian, 328 00:15:04,013 --> 00:15:06,325 you can give someone the ability to log into the machine 329 00:15:06,487 --> 00:15:07,899 over a Tor hidden service for free. 330 00:15:08,027 --> 00:15:12,250 You get a free .onion when you add two lines to a Tor configuration file. 331 00:15:12,334 --> 00:15:15,538 We should make encryption not only easy to use but out of the box 332 00:15:15,622 --> 00:15:19,504 we should have it possible to have end-to-end reachability and connectivity, 333 00:15:19,677 --> 00:15:23,899 and we should reduce the total amount of metadata, to make it harder for people 334 00:15:24,026 --> 00:15:26,374 who want to break the law, that want to break into computers. 335 00:15:26,455 --> 00:15:30,724 We should solve the problem of adversarial versus non-adversarial forensics 336 00:15:30,851 --> 00:15:36,315 so we can verify our systems with open hardware and Free software together. 337 00:15:36,396 --> 00:15:39,302 And there's a lot to be done, but the main thing to do is to recognise 338 00:15:39,387 --> 00:15:43,269 that if you have the ability to upload to Debian, 339 00:15:43,393 --> 00:15:46,167 there are literally intelligence agencies that would like those keys. 340 00:15:46,296 --> 00:15:49,370 And we have a great responsiblity to humanity as Debian developers 341 00:15:49,542 --> 00:15:51,585 to do the right thing: to build open systems, 342 00:15:51,672 --> 00:15:55,258 to build them in a way where users don't need to understand this stuff. 343 00:15:55,427 --> 00:15:58,071 There are a lot of people in the world that will never see this film. 344 00:15:58,204 --> 00:16:02,977 And we can solve the problems that this film describes largely with Free software. 345 00:16:03,156 --> 00:16:04,730 And we can do that without them knowing, 346 00:16:04,858 --> 00:16:06,778 and they will be safe for us having done that. 347 00:16:06,949 --> 00:16:10,021 And if we can do that, the world will be a better place, I think. 348 00:16:10,021 --> 00:16:12,368 And I think the world is a better place because of the efforts that were 349 00:16:12,452 --> 00:16:15,485 already done in that area, that made this possible. 350 00:16:15,485 --> 00:16:17,656 The Tails project made it so that a bunch of people 351 00:16:17,867 --> 00:16:19,573 who were good at investigative journalism, 352 00:16:19,668 --> 00:16:23,759 but absolutely terrible with computers, were able to pull this off. 353 00:16:23,933 --> 00:16:27,256 And that is entirely the product, in my opinion, of Free software. 354 00:16:27,342 --> 00:16:32,677 And a little bit of Laura and Glen, but I'd say a lot of Free software. 355 00:16:34,302 --> 00:16:36,223 [question]: How many people do you think NSA has 356 00:16:36,355 --> 00:16:38,995 working within the Debian community? 357 00:16:39,889 --> 00:16:43,601 [laughter, applause] 358 00:16:45,309 --> 00:16:49,302 [Jacob]: Well, I looked in the Snowden archive about that actually. 359 00:16:50,263 --> 00:16:55,527 [laughter, applause] 360 00:16:56,640 --> 00:17:03,341 Yeah. And as far as I can tell Debian is not a high priority target for them. 361 00:17:03,685 --> 00:17:05,946 I mean they write exploits for all sort of stuff 362 00:17:06,077 --> 00:17:10,683 but I never found any systematic attempt to compromise or harm the Debian project. 363 00:17:10,806 --> 00:17:14,561 But obviously there are people who are paid by the NSA to infiltrate communities, 364 00:17:14,561 --> 00:17:16,993 and that's why we have to open transparent processes 365 00:17:16,993 --> 00:17:21,044 so that if those people behave badly, we have an audit trail. 366 00:17:21,044 --> 00:17:23,211 We won't ever stop that kind of stuff, 367 00:17:23,211 --> 00:17:25,178 but what matters is that people do good things. 368 00:17:25,178 --> 00:17:28,587 It doesn't matter who they do bad things for as long as we can correct those things 369 00:17:28,587 --> 00:17:31,019 and/or catch them and stop them before it happens. 370 00:17:31,019 --> 00:17:33,111 But as far as I know there are only a couple of people that have ever 371 00:17:33,111 --> 00:17:36,176 been associated with the NSA in the Debian community. 372 00:17:36,176 --> 00:17:39,933 But I think we shouldn't get paranoid about it, 373 00:17:39,933 --> 00:17:41,600 but we should just be prudent about our processes, 374 00:17:41,600 --> 00:17:43,947 because there are lots of intelligence services around the world 375 00:17:43,947 --> 00:17:47,147 that do not like the values of a universal operating system, 376 00:17:47,147 --> 00:17:50,902 so I don't think it's super-important to look, but I did actually look, 377 00:17:50,902 --> 00:17:54,695 very specifically for a whole bunch of people in the Debian community 378 00:17:54,695 --> 00:17:58,027 to see if any of them also were being paid by the NSA 379 00:17:58,027 --> 00:18:01,613 and I didn't find any serious thing that raised concern, 380 00:18:01,613 --> 00:18:03,783 and if I did, I would have... 381 00:18:03,783 --> 00:18:07,541 I mean, there were lots of things I found in the archive that I immediately 382 00:18:07,541 --> 00:18:09,333 notified security teams about. 383 00:18:09,333 --> 00:18:14,112 Where I worked along with many other people to actually fix those things. 384 00:18:14,112 --> 00:18:18,546 And one of those things, if we had found them, like infiltrators in Debian, 385 00:18:18,546 --> 00:18:20,769 I absolutely would have just told people about. 386 00:18:20,769 --> 00:18:23,408 The problem is that a lot of the journalists don't want to do that 387 00:18:23,408 --> 00:18:26,263 because there's a ten year felony where you go to prison - 388 00:18:26,263 --> 00:18:28,185 a federal American prison, for ten years - 389 00:18:28,322 --> 00:18:30,202 if you reveal the name of an agent. 390 00:18:30,599 --> 00:18:31,923 So there's a tension there, 391 00:18:31,923 --> 00:18:34,440 but I think that there's something to be said, 392 00:18:34,652 --> 00:18:36,655 if they're actually actively harming the community 393 00:18:36,655 --> 00:18:37,851 and they're committing a crime, 394 00:18:37,851 --> 00:18:39,470 I think there's something to be said about that. 395 00:18:39,470 --> 00:18:40,921 So if I found that I think it would be worthwhile, 396 00:18:40,921 --> 00:18:43,144 but just so you know, there's this high cost. 397 00:18:43,144 --> 00:18:45,362 So if there were people in the agency now, 398 00:18:45,362 --> 00:18:48,647 because they say that we used Tails, and Debian, and they wanted to subvert it, 399 00:18:48,647 --> 00:18:52,015 there's a really really high bar for punishment. 400 00:18:52,015 --> 00:18:55,132 Which suggests that maybe people won't tell you. 401 00:18:55,132 --> 00:18:59,055 So we need to sort of bank on the fact that we'll never know, 402 00:18:59,055 --> 00:19:02,766 but we don't need to know, as long as we have good processes 403 00:19:02,766 --> 00:19:04,390 that would catch bad behaviour. 404 00:19:04,390 --> 00:19:06,181 And that's one of the strengths of Debian. 405 00:19:06,181 --> 00:19:08,739 There are very few operating systems, I think, 406 00:19:08,739 --> 00:19:10,830 and just in general Free software communities, 407 00:19:10,830 --> 00:19:14,759 that are as diverse, and committed to the openness and the Free software nature 408 00:19:14,759 --> 00:19:17,742 of this kind of a project, 409 00:19:17,742 --> 00:19:20,985 and so it's very important to state that. 410 00:19:21,922 --> 00:19:24,824 But I do think one of the things that will happen in the future at some point 411 00:19:24,824 --> 00:19:28,067 is that you'll start to find people in the Debian community that are pressured 412 00:19:28,067 --> 00:19:29,645 by other people to do bad things 413 00:19:29,645 --> 00:19:31,866 so we need to set up processes that will stop that, 414 00:19:31,866 --> 00:19:34,296 to create an incentive for that not happening. 415 00:19:35,022 --> 00:19:37,240 But it's really tough, 416 00:19:37,926 --> 00:19:40,274 so I think that openness, transparency and accountability are the ways that 417 00:19:40,274 --> 00:19:43,772 we can combat that, because otherwise we won't really be able to solve it. 418 00:19:44,881 --> 00:19:47,182 But don't be paranoid, is the other thing. 419 00:19:47,309 --> 00:19:49,699 They really are out to get you, so be prepared. 420 00:19:50,430 --> 00:19:56,487 [laughter, applause] 421 00:20:00,796 --> 00:20:05,999 [question]: I'm just wondering how trust was established 422 00:20:05,999 --> 00:20:09,628 because I'm just realizing that this community, 423 00:20:09,628 --> 00:20:14,532 for you to verify your public key and even fingerprint is like, 424 00:20:14,532 --> 00:20:16,113 you have you produce your passport, 425 00:20:16,113 --> 00:20:19,613 so I'm wondering how Laura managed to exchange her keys with Snowden 426 00:20:19,613 --> 00:20:23,071 and make sure that they were really talking to the right person. 427 00:20:23,843 --> 00:20:28,019 [Julian]: Well, they had a whole sort of dance for doing key exchange. 428 00:20:28,019 --> 00:20:32,749 I think it was a little bit luck, and a little bit transitive trust, 429 00:20:32,749 --> 00:20:35,101 there's a little bit of the web of trust, 430 00:20:35,101 --> 00:20:36,457 and it worked pretty well. 431 00:20:36,719 --> 00:20:41,332 I mean, I don't think that the key-signing stuff that Debian does is anything close 432 00:20:41,332 --> 00:20:42,907 to what they were doing. 433 00:20:42,907 --> 00:20:45,939 They just wanted to make sure that the keys they had were the right keys, 434 00:20:45,939 --> 00:20:47,687 and that they weren't compromised, 435 00:20:47,687 --> 00:20:50,075 and that then they would change things. 436 00:20:50,075 --> 00:20:51,355 There was a point in the movie where they said: 437 00:20:51,355 --> 00:20:55,875 "let's disassociate our meta-data one more time" 438 00:20:55,875 --> 00:20:58,951 And what that means is they changed all of the identifiers that are visible 439 00:20:58,951 --> 00:21:04,158 to the network, new keys, new email addresses, new Tor circuit, etc 440 00:21:04,158 --> 00:21:07,611 and this is like a key consistency thing, 441 00:21:07,611 --> 00:21:11,358 where they had the right key to begin with and the continued to rotate over new keys. 442 00:21:11,358 --> 00:21:13,411 This is also sometimes called TOFU. 443 00:21:13,411 --> 00:21:15,848 This is, I think, weaker than the web of trust, 444 00:21:15,848 --> 00:21:19,345 but a lot easier for people to do, and very easy to explain, 445 00:21:19,345 --> 00:21:20,841 and it worked out pretty well. 446 00:21:20,841 --> 00:21:25,190 It doesn't scale really well, but it has a separate good side 447 00:21:25,190 --> 00:21:28,985 which is the web of trust explicitly names a web of co-conspirators. 448 00:21:28,985 --> 00:21:31,377 And so you don't want that feature. 449 00:21:31,377 --> 00:21:33,386 It's useful for something like Debian; 450 00:21:33,386 --> 00:21:36,067 it's not useful for clandestine conspiracies to commit 451 00:21:36,067 --> 00:21:37,949 investigative journalism. 452 00:21:37,949 --> 00:21:39,997 [laughter] 453 00:21:41,746 --> 00:21:44,137 Lots of questions, this is great. 454 00:21:44,771 --> 00:21:51,857 [question]: Somebody working on Tails told me that the NSA has a file on every DD. 455 00:21:52,323 --> 00:21:54,246 Is that true, do you know? 456 00:21:54,673 --> 00:21:57,101 [Julian]: Okay, so when you balance your check-book, 457 00:21:57,101 --> 00:21:58,941 just to answer your question in a really strange way, 458 00:21:58,941 --> 00:22:00,945 when you balance your check-book, or you balance your bank account, 459 00:22:00,945 --> 00:22:03,630 and you think this is how much my rent is, this is how much food is, 460 00:22:03,630 --> 00:22:06,401 this is how much I have to spend on some new hardware, 461 00:22:06,401 --> 00:22:09,688 you think about money in an individual way. 462 00:22:10,502 --> 00:22:13,187 But if you think about is as a state, the way a state thinks about money. 463 00:22:13,187 --> 00:22:16,302 They don't balance budgets the same way that you do. 464 00:22:16,302 --> 00:22:18,225 They think about long-term investments very differently. 465 00:22:18,225 --> 00:22:19,759 They have other people's money. 466 00:22:19,759 --> 00:22:21,719 It's a whole different way of managing it. 467 00:22:21,719 --> 00:22:27,291 And the NSA is not the Stasi. So it's not that you have to worry about 468 00:22:27,420 --> 00:22:29,784 them having a file on you, or every Debian developer, 469 00:22:30,197 --> 00:22:32,626 but rather there exist some laws in the United States that say 470 00:22:32,626 --> 00:22:35,781 for cyber-security purposes, you don't have constitutional rights 471 00:22:35,781 --> 00:22:37,707 and based on your accent, you weren't an American anyway, 472 00:22:37,707 --> 00:22:39,753 and you aren't in America, 473 00:22:39,753 --> 00:22:41,970 so you don't have any rights at all, anyway, according to them. 474 00:22:41,970 --> 00:22:44,186 They're just allowed to do whatever they want to you, 475 00:22:44,186 --> 00:22:46,280 up to and including murdering you, with the CIA. 476 00:22:46,280 --> 00:22:49,180 That's what they do with drones; that was at the very end of the movie. 477 00:22:49,735 --> 00:22:52,165 So it's not that they have a file on you. 478 00:22:52,339 --> 00:22:56,179 It's that they have giant databases full of information on all of us, 479 00:22:56,179 --> 00:22:59,550 and then when they're interested in you, pull up all your data, 480 00:22:59,550 --> 00:23:01,299 and associative data, 481 00:23:01,299 --> 00:23:03,348 and then they use that, and sometimes they use it to target you, 482 00:23:03,348 --> 00:23:06,246 to break into your machines, or to find people to exert pressure on, 483 00:23:06,246 --> 00:23:08,378 or to do psychological manipulation on. 484 00:23:08,378 --> 00:23:10,892 All that stuff, they do all of those things. 485 00:23:10,892 --> 00:23:12,774 And so it's not that they have one file on you. 486 00:23:12,774 --> 00:23:16,101 Though maybe, it depends, if you work on a critical package like the Linux kernel 487 00:23:16,101 --> 00:23:20,756 they might be more interested in you than if you work on something else. 488 00:23:20,756 --> 00:23:25,402 I don't want to denigrate anyone's work, but they have very specific focuses, 489 00:23:25,402 --> 00:23:29,065 and so they definitely are interested in being able to compromise systems, right? 490 00:23:29,920 --> 00:23:36,316 And so you may also have file, but it's really the meta list that's the new way 491 00:23:36,316 --> 00:23:37,470 of thinking about it. 492 00:23:37,470 --> 00:23:40,755 And in some senses I think that's actually scarier, because they just hoover up 493 00:23:40,755 --> 00:23:43,019 everything, all across the whole Internet, 494 00:23:43,019 --> 00:23:46,134 and things that are interesting, then they have them. 495 00:23:46,134 --> 00:23:49,202 And depending on what interesting things are there, they maybe 496 00:23:49,202 --> 00:23:51,504 put those in a database that lasts for ever, 497 00:23:51,504 --> 00:23:53,469 or maybe it's just around for 30 days, 498 00:23:53,469 --> 00:23:56,889 or maybe its full content for 9 days, or something like that. 499 00:23:57,608 --> 00:23:59,830 And then of course if you are a person of interest 500 00:23:59,830 --> 00:24:02,686 they do do the same stuff that the Stasi does, 501 00:24:02,686 --> 00:24:06,014 they do that Zersetzung stuff, if you're familiar with this German term, 502 00:24:06,014 --> 00:24:11,050 disintegration, they do that kind of stuff, along with JTRIG, from GHCQ, 503 00:24:11,050 --> 00:24:16,042 so they harass people, blackmail them, do all sorts of really nasty stuff. 504 00:24:16,509 --> 00:24:20,005 And they do that also, so both of those things. 505 00:24:20,651 --> 00:24:23,210 So again, I don't think you should be paranoid, you should encrypt your stuff, 506 00:24:23,210 --> 00:24:24,747 and help people do the same, 507 00:24:24,747 --> 00:24:28,966 and know that in a democratic society with a secret political police, 508 00:24:28,966 --> 00:24:31,953 the right place to be is in their database, right? 509 00:24:31,953 --> 00:24:34,045 You should be proud of being surveilled by them, 510 00:24:34,045 --> 00:24:35,665 it means you're doing the right thing. 511 00:24:36,650 --> 00:24:41,727 [laughter, applause] 512 00:24:43,174 --> 00:24:44,883 Nonetheless, we should stop them. 513 00:24:48,895 --> 00:24:53,843 [question]: I'm curious about your views about Snowden actually coming out 514 00:24:53,843 --> 00:24:55,634 and saying he was the whistleblower, 515 00:24:55,634 --> 00:24:59,004 because I know, when he came out, I had some fierce discussion 516 00:24:59,004 --> 00:25:01,613 with friends about it, so I wanted to know what you thought about it. 517 00:25:01,613 --> 00:25:03,102 [Jacob]: What do you mean came out? 518 00:25:03,102 --> 00:25:06,516 [question]: He said I'm Edward Snowden, I'm the whistle-blower, here I am, 519 00:25:06,516 --> 00:25:10,139 instead of just being anonymous the whole way, just sending files to people. 520 00:25:11,248 --> 00:25:13,680 [Jacob]: Well, I think the main thing is that it's about control of 521 00:25:13,680 --> 00:25:15,429 your own narrative, right? 522 00:25:15,429 --> 00:25:19,654 I mean if we could have done everything here anonymous, and gotten away with it, 523 00:25:19,654 --> 00:25:20,980 would that have made the same impact 524 00:25:20,980 --> 00:25:24,948 in getting other people to come forward even if they maintain their anonymity? 525 00:25:24,948 --> 00:25:27,802 So I think that what Snowden did, what's beautiful about it, 526 00:25:27,832 --> 00:25:30,506 is that he basically did enough, 527 00:25:31,243 --> 00:25:32,951 where he could then survive. 528 00:25:33,118 --> 00:25:36,236 Our job now for the most part, a very good friend told me, 529 00:25:36,236 --> 00:25:39,221 he's a little bit of a fatalist, he said: 530 00:25:39,221 --> 00:25:43,232 your job, Laura's job, Glen's job, Snowden's job, your job now is 531 00:25:43,232 --> 00:25:44,897 just to survive. 532 00:25:44,897 --> 00:25:47,371 That's all that you need to do now. You don't need to do anything else. 533 00:25:47,371 --> 00:25:51,804 You should go do other things, like drink a glass of wine, relax, be happy, 534 00:25:51,804 --> 00:25:54,751 have a nice life, but just survive, 535 00:25:54,929 --> 00:25:58,732 so other people can see that you do the right thing, and even though you could have 536 00:25:59,156 --> 00:26:02,230 done more, you did enough, and you lived through it. 537 00:26:02,230 --> 00:26:06,198 And so Snowden coming out and telling us all of these things, I mean, 538 00:26:06,198 --> 00:26:09,862 there are really powerful people saying he should be assassinated, right, 539 00:26:09,862 --> 00:26:13,921 hung by the neck until dead, was what one of the CIA people said. 540 00:26:13,921 --> 00:26:17,244 So he probably could have continued to be anonymous for a while, 541 00:26:17,244 --> 00:26:20,449 but imagine if the NSA had got to reveal his identity. 542 00:26:20,449 --> 00:26:23,884 How would that have been framed, what would the first impression have been? 543 00:26:23,884 --> 00:26:27,719 I think they called him a narcissist, and they called him all these terrible names. 544 00:26:27,719 --> 00:26:32,974 And it didn't really stick, because he basically said "come at me bro', 545 00:26:33,396 --> 00:26:37,746 I'm ready, and you can do your worst, but you can't get rid of the facts, 546 00:26:37,746 --> 00:26:39,155 so let's talk about the facts." 547 00:26:39,155 --> 00:26:42,403 And I think the timing of how he did that is good, because people really cared 548 00:26:42,612 --> 00:26:45,853 about the issues, but he also recognized that it was a matter of time, 549 00:26:45,853 --> 00:26:50,891 the NSA police went to his house, they really bothered his family, 550 00:26:50,891 --> 00:26:54,777 they've done that with my family as well, other people's families have had trouble. 551 00:26:55,283 --> 00:26:59,553 So I think think it's tough, because I think he probably would have liked to have 552 00:26:59,553 --> 00:27:03,198 been able to not have that happen, but there comes a point at which 553 00:27:03,198 --> 00:27:05,287 you're the person who has access to all that information 554 00:27:05,287 --> 00:27:06,865 and they're going to figure it out. 555 00:27:06,865 --> 00:27:11,517 No amount of anonymity, I think, will last forever, but it can buy you time. 556 00:27:11,517 --> 00:27:14,508 He got exactly the amount of time he needed. 557 00:27:15,062 --> 00:27:17,663 The really sad part about him coming out in public when he did, though, was that 558 00:27:17,663 --> 00:27:21,247 he got stuck in Russia, because my government cancelled his passport. 559 00:27:21,247 --> 00:27:23,681 I think mostly for propaganda reasons. 560 00:27:23,681 --> 00:27:28,329 Because in the United States, we denigrate all things relating to Russia. 561 00:27:28,329 --> 00:27:29,781 And there are lots of problems with Russia, 562 00:27:29,781 --> 00:27:32,256 and especially with Vladimir Putin, 563 00:27:32,256 --> 00:27:36,695 but at the same time that seems to be the only country that was willing to uphold 564 00:27:36,695 --> 00:27:38,441 his fundamental liberties. 565 00:27:38,441 --> 00:27:41,171 I went to the Council of Europe, and to the European Parliament, 566 00:27:41,171 --> 00:27:44,670 to the German Parliament, to the French, sort of to the French Parliament, 567 00:27:44,670 --> 00:27:48,297 they didn't really want to meet with me, but also to the Austrian Parliament, 568 00:27:48,297 --> 00:27:49,963 and to a number of other places, 569 00:27:49,963 --> 00:27:53,380 and everyone said, oh, we would really live to help anybody who needs help, 570 00:27:53,380 --> 00:27:55,253 oh it's Edward Snowden, never mind. 571 00:27:55,975 --> 00:27:57,813 [laughter] 572 00:27:57,941 --> 00:28:02,527 And so though I have a lot of critiques on Russia, the propaganda aspect of it 573 00:28:02,527 --> 00:28:04,657 was very damaging for him to be stuck in Russia, 574 00:28:04,657 --> 00:28:08,242 but on the other hand, he's still alive, and he's still mostly free. 575 00:28:08,242 --> 00:28:12,300 And they recognized his right to seek and to receive asylum. 576 00:28:12,857 --> 00:28:15,331 So there's a lot of trade-offs to think identifying one's self, 577 00:28:15,331 --> 00:28:17,807 and if you were thinking about being the next Snowden, 578 00:28:18,300 --> 00:28:19,460 or helping Snowden, or something like that, 579 00:28:20,384 --> 00:28:22,647 you really have to think that, you really have to think this out many steps ahead, 580 00:28:22,647 --> 00:28:25,808 and it's easy to stay, oh he should have just stayed anonymous and 581 00:28:25,808 --> 00:28:27,556 nobody would have figured it out, 582 00:28:27,556 --> 00:28:31,476 but that's very clearly not planning for the case that they do figure it out, 583 00:28:31,476 --> 00:28:33,272 and then they're going to be in control of the narrative, 584 00:28:33,272 --> 00:28:37,750 and in that case, I think you are better off to do what he did, 585 00:28:37,853 --> 00:28:40,156 and he did so quite reluctantly. 586 00:28:40,411 --> 00:28:43,481 He's not an egoist, or an narcissist, he's actually a really shy guy 587 00:28:43,481 --> 00:28:44,762 from what I can tell. 588 00:28:44,762 --> 00:28:48,644 I don't know exactly what conversation you and your friend had, 589 00:28:48,644 --> 00:28:52,826 but I would suspect that the notion is that people are more powerful 590 00:28:52,826 --> 00:28:53,875 when anonymous. 591 00:28:53,875 --> 00:28:55,966 And that is true sometimes, but not always, 592 00:28:55,966 --> 00:28:58,484 and it's important to remember that the anonymity technology is there 593 00:28:58,484 --> 00:29:01,004 so you have a choice, not a requirement. 594 00:29:01,004 --> 00:29:03,647 And that choice is sometimes counter-intuitive, 595 00:29:03,647 --> 00:29:06,380 but I think he did the right thing in this way, and I wish that my government 596 00:29:06,380 --> 00:29:09,022 had done the right thing by him as well, but they did not. 597 00:29:09,022 --> 00:29:09,833 [question]: So there are lot of questions, do you want to keep going on, 598 99:59:59,999 --> 99:59:59,999 shall we get in a little Mate? 599 99:59:59,999 --> 99:59:59,999 [Jacob]: I would love some of that rum. 600 99:59:59,999 --> 99:59:59,999 I think I have to GRsec, right? GRsec kernel. 601 99:59:59,999 --> 99:59:59,999 And then rum appears. Rum as a service. 602 99:59:59,999 --> 99:59:59,999 [applause] 603 99:59:59,999 --> 99:59:59,999 I'm really happy to keep taking questions, because to me, what I want is 604 99:59:59,999 --> 99:59:59,999 for every person in this room to feel a part of this, because you really are. 605 99:59:59,999 --> 99:59:59,999 A lot of the people I've met in this community really inspire me to action, 606 99:59:59,999 --> 99:59:59,999 and it's important to understand that really, it would not have been possible 607 99:59:59,999 --> 99:59:59,999 without Debian. 608 99:59:59,999 --> 99:59:59,999 For example debootstrap - really important tool, right? 609 99:59:59,999 --> 99:59:59,999 With weasel's packaging of Tor, it allowed us to have bootstraps of things, 610 99:59:59,999 --> 99:59:59,999 it allowed us to build things, 611 99:59:59,999 --> 99:59:59,999 and using Free software really was helpful, 612 99:59:59,999 --> 99:59:59,999 so if you guys have any questions at all, 613 99:59:59,999 --> 99:59:59,999 really each and every person that helps with Debian should just know 614 99:59:59,999 --> 99:59:59,999 that you are a part of that, 615 99:59:59,999 --> 99:59:59,999 and I'm just happy to talk for as long as you want, basically, 616 99:59:59,999 --> 99:59:59,999 to answer all of your questions, 617 99:59:59,999 --> 99:59:59,999 except the ones that put me in prison. Thanks. 618 99:59:59,999 --> 99:59:59,999 [laughter] 619 99:59:59,999 --> 99:59:59,999 [question]: I just wanted to make a quick note about the question 620 99:59:59,999 --> 99:59:59,999 "do they have a file on me?" 621 99:59:59,999 --> 99:59:59,999 From all I've read so far, it's just that they're doing the thing 622 99:59:59,999 --> 99:59:59,999 that is in the commercial world called "big data". 623 99:59:59,999 --> 99:59:59,999 [Jacob]: Yep. Absolutely. 624 99:59:59,999 --> 99:59:59,999 Oh boy. GRsec again? 625 99:59:59,999 --> 99:59:59,999 [orga]: it's not rum, but it's Bavarian whisky. 626 99:59:59,999 --> 99:59:59,999 [Jacob]: Oh boy. It's going to be a heavy morning tomorrow. 627 99:59:59,999 --> 99:59:59,999 I saw another couple of hands. 628 99:59:59,999 --> 99:59:59,999 [question]: I was just wondering if that you noticed throughout this 629 99:59:59,999 --> 99:59:59,999 that you think we could improve in Debian to make the next people's lives easier. 630 99:59:59,999 --> 99:59:59,999 [Jacob]: Oh my god, I'm so glad you asked that question, that's so fantastic. 631 99:59:59,999 --> 99:59:59,999 I'm going to talk about that tomorrow in my keynote, 632 99:59:59,999 --> 99:59:59,999 but let me tell you about one that I have. 633 99:59:59,999 --> 99:59:59,999 I revealed a specific document about a wifi injection attack system. 634 99:59:59,999 --> 99:59:59,999 It's a classified document, it's a top secret document, 635 99:59:59,999 --> 99:59:59,999 for a thing called nightstand, and what nightstand is, 636 99:59:59,999 --> 99:59:59,999 it's basically like car metasploit, it's a wifi injector... 637 99:59:59,999 --> 99:59:59,999 cheers! 638 99:59:59,999 --> 99:59:59,999 Danke schön. 639 99:59:59,999 --> 99:59:59,999 It's a wifi injector device... 640 99:59:59,999 --> 99:59:59,999 Whew, jesus! 641 99:59:59,999 --> 99:59:59,999 [laughter, applause] 642 99:59:59,999 --> 99:59:59,999 [orga]: Tonight's whisky sponsored by drunc-tank dot org. 643 99:59:59,999 --> 99:59:59,999 [Jacob]: So this wifi injector device, what it does is it basically is able to 644 99:59:59,999 --> 99:59:59,999 exploit the kernel of a device by sending malformed data over wifi. 645 99:59:59,999 --> 99:59:59,999 Now I have a series of photographs, so all of us.. not all of us, but most of us 646 99:59:59,999 --> 99:59:59,999 used these speciallly modified X60s where we removed the microphones, soldered?? 647 99:59:59,999 --> 99:59:59,999 down things on the PCI bus, 648 99:59:59,999 --> 99:59:59,999 we removed, like, firewire, really modified it, flashed coreboot onto it, 649 99:59:59,999 --> 99:59:59,999 flipped the read pin so it was only read-only, 650 99:59:59,999 --> 99:59:59,999 so you couldn't easily make a BIOS root kit and make it persistent, 651 99:59:59,999 --> 99:59:59,999 we booted TAILS, did all this stuff, 652 99:59:59,999 --> 99:59:59,999 often we could boot to RAM so that once the machine was powered off 653 99:59:59,999 --> 99:59:59,999 basically it would be done, so if someone kicks down your door, 654 99:59:59,999 --> 99:59:59,999 you just pull the power out, 655 99:59:59,999 --> 99:59:59,999 and you don't have a battery, and when the power fails you have an 656 99:59:59,999 --> 99:59:59,999 instant kill switch. 657 99:59:59,999 --> 99:59:59,999 So things that are in TAILS that are really useful include this 658 99:59:59,999 --> 99:59:59,999 wiping the kernel memory package which I hear is being packaged for Debian 659 99:59:59,999 --> 99:59:59,999 soon, which is very exciting. 660 99:59:59,999 --> 99:59:59,999 Because everyone should have access to that so we can tie it into something 661 99:59:59,999 --> 99:59:59,999 like GNU panicd or these other things. 662 99:59:59,999 --> 99:59:59,999 But one thing I kept having problems with is this wifi injection device, 663 99:59:59,999 --> 99:59:59,999 I'm pretty sure, was very close to my house. 664 99:59:59,999 --> 99:59:59,999 There was a white van outside, it was vibrating a bit like there was a guy 665 99:59:59,999 --> 99:59:59,999 walking around in it, 666 99:59:59,999 --> 99:59:59,999 and then all of sudden, an X60 here, an X60 here, and an X60 here, 667 99:59:59,999 --> 99:59:59,999 just booted into TAILS, not doing anything at all, but on the wifi network, 668 99:59:59,999 --> 99:59:59,999 kernel panic, kernel panic, kernel panic. 669 99:59:59,999 --> 99:59:59,999 All the same kernel panic, all the same memory offsets, 670 99:59:59,999 --> 99:59:59,999 in the Appletalk driver of the stock kernel for TAILS. 671 99:59:59,999 --> 99:59:59,999 I think I filed a bug upstream with TAILS at the time, 672 99:59:59,999 --> 99:59:59,999 but this is just incredible because it's clear that all the crap 673 99:59:59,999 --> 99:59:59,999 in the default Debian kernel that you really want for your 1992 Apple network 674 99:59:59,999 --> 99:59:59,999 makes operational security really hard, 675 99:59:59,999 --> 99:59:59,999 and one thing that would be really great would be a GRsec enabled kernel... 676 99:59:59,999 --> 99:59:59,999 [applause] 677 99:59:59,999 --> 99:59:59,999 Yes, have to drink. 678 99:59:59,999 --> 99:59:59,999 But as an example, we built different custom machines, and one of the things 679 99:59:59,999 --> 99:59:59,999 that we did for some people and in some circumstances was 680 99:59:59,999 --> 99:59:59,999 to build GRsec enabled kernels. 681 99:59:59,999 --> 99:59:59,999 And I'm not going to drink again. 682 99:59:59,999 --> 99:59:59,999 So we built those kernels 683 99:59:59,999 --> 99:59:59,999 [audience]: Which ones? 684 99:59:59,999 --> 99:59:59,999 [Jacbob]: Yes, exactly, those ones. 685 99:59:59,999 --> 99:59:59,999 And that was work which creates a problem for a bunch of reasons. 686 99:59:59,999 --> 99:59:59,999 When you build custom kernels, and you only have a few people 687 99:59:59,999 --> 99:59:59,999 that can build those kernels, 688 99:59:59,999 --> 99:59:59,999 you actually build a chain of evidence of who helped who. 689 99:59:59,999 --> 99:59:59,999 And if that was stable, normal package, 690 99:59:59,999 --> 99:59:59,999 that people could install in a Debian pure blend, 691 99:59:59,999 --> 99:59:59,999 then it would have been easier to do that. 692 99:59:59,999 --> 99:59:59,999 We built a lot more sandbox profiles for various different things, 693 99:59:59,999 --> 99:59:59,999 we built some transparent TOR-ification stuff, 694 99:59:59,999 --> 99:59:59,999 and that required a lot of bespoke knowledge, 695 99:59:59,999 --> 99:59:59,999 and it required a lot of effort that a lot of people did not have, 696 99:59:59,999 --> 99:59:59,999 because they had a different set of skills, 697 99:59:59,999 --> 99:59:59,999 and it's good to have a division of labour, 698 99:59:59,999 --> 99:59:59,999 but having that kind of stuff built into Debian by default, making a 699 99:59:59,999 --> 99:59:59,999 Debian installer that could do that, 700 99:59:59,999 --> 99:59:59,999 and also verification, would be great, right? 701 99:59:59,999 --> 99:59:59,999 So I wrote some custom scripts where I could look at a TAILS disk, 702 99:59:59,999 --> 99:59:59,999 or a Debian install, 703 99:59:59,999 --> 99:59:59,999 and know if it had been tampered with. 704 99:59:59,999 --> 99:59:59,999 And it would be nice if there was just a disk you could boot that did 705 99:59:59,999 --> 99:59:59,999 verification of an installed system 706 99:59:59,999 --> 99:59:59,999 very very easily, so easily that Glen Greenwald could use it. 707 99:59:59,999 --> 99:59:59,999 I love Glen, I saw that very politely, 708 99:59:59,999 --> 99:59:59,999 but what I means is it needs to be easier than that, 709 99:59:59,999 --> 99:59:59,999 because Glen at least knows that he he a reason to need it. 710 99:59:59,999 --> 99:59:59,999 And so that was something that we really needed help with. 711 99:59:59,999 --> 99:59:59,999 And we spent a lot of time on that. 712 99:59:59,999 --> 99:59:59,999 And there are lots of other little things like that, 713 99:59:59,999 --> 99:59:59,999 and I'll talk about some of those things tomorrow, 714 99:59:59,999 --> 99:59:59,999 but one of the really big problems is hardware, 715 99:59:59,999 --> 99:59:59,999 which is that you cannot buy a modern Intel CPU which doesn't come 716 99:59:59,999 --> 99:59:59,999 with a backdoor any more. 717 99:59:59,999 --> 99:59:59,999 And that is a huge problem, and I'm not sure that the answer is to use ARM. 718 99:59:59,999 --> 99:59:59,999 It seems like the answer is to use ARM. 719 99:59:59,999 --> 99:59:59,999 But that's only if assume that ARM didn't just add a backdoor that's obvious. 720 99:59:59,999 --> 99:59:59,999 So we really need to think about how to, in moving forward, 721 99:59:59,999 --> 99:59:59,999 how to have easy to use, easy to buy on the shelf, Debian hardware, 722 99:59:59,999 --> 99:59:59,999 available everywhere, all the time, 723 99:59:59,999 --> 99:59:59,999 so you can just go and buy this thing and verify it in some way 724 99:59:59,999 --> 99:59:59,999 with some other machine, 725 99:59:59,999 --> 99:59:59,999 to know that you would have the right thing. 726 99:59:59,999 --> 99:59:59,999 And to that extent we didn't have X-rays for a lot of the circuit boards, 727 99:59:59,999 --> 99:59:59,999 so that made it very difficult to know if when you buy something, 728 99:59:59,999 --> 99:59:59,999 it's been tampered with. 729 99:59:59,999 --> 99:59:59,999 I'll talk about some of that stuff tomorrow, 730 99:59:59,999 --> 99:59:59,999 but basically, Debian does a lot of stuff right, 731 99:59:59,999 --> 99:59:59,999 and that is also worth mentioning. 732 99:59:59,999 --> 99:59:59,999 There's so many things that just work out of the box, that just work perfectly. 733 99:59:59,999 --> 99:59:59,999 So the main thing is to keep the quality assurance at the level, 734 99:59:59,999 --> 99:59:59,999 or to exceed where it is right now. 735 99:59:59,999 --> 99:59:59,999 Because it actually works super super well. 736 99:59:59,999 --> 99:59:59,999 The exception being for very specific targetted attacks, 737 99:59:59,999 --> 99:59:59,999 the kernel attack surface is pretty big, and pretty bad, I think. 738 99:59:59,999 --> 99:59:59,999 And also, we rebuilt some binaries in order to.. 739 99:59:59,999 --> 99:59:59,999 sorry, I'll get to you in a second. 740 99:59:59,999 --> 99:59:59,999 We rebuilt some binaries to make sure that we had address space randomisation 741 99:59:59,999 --> 99:59:59,999 and linker hardening, and stack canary stuff, 742 99:59:59,999 --> 99:59:59,999 and for some stuff lately we've been using address space sanitizer, 743 99:59:59,999 --> 99:59:59,999 so it would be really great if all the hardening stuff was turned in, 744 99:59:59,999 --> 99:59:59,999 if there was PAX plus GRsec as a kernel. 745 99:59:59,999 --> 99:59:59,999 [audience]: so the specific problem with GR security is that they don't really 746 99:59:59,999 --> 99:59:59,999 want to work with distros. 747 99:59:59,999 --> 99:59:59,999 So we could have a Linux kernel package with GR security applied, 748 99:59:59,999 --> 99:59:59,999 but it wouldn't have any of the other Debian patches. 749 99:59:59,999 --> 99:59:59,999 [Jacob]: So I talked with Brad Spender about this, 750 99:59:59,999 --> 99:59:59,999 and I'm so glad that you said that, 751 99:59:59,999 --> 99:59:59,999 because what he said was that, as far as I can tell, he's totally interested in 752 99:59:59,999 --> 99:59:59,999 helping Debian with this but thinks that Debian is not interested. 753 99:59:59,999 --> 99:59:59,999 He actually runs a kernel building service where they actually do 754 99:59:59,999 --> 99:59:59,999 individual kernel builds, and I think you'd be interested, 755 99:59:59,999 --> 99:59:59,999 and when I told him we'd love to have this in TAILS, he said 756 99:59:59,999 --> 99:59:59,999 what patches do I need to include in GRsec to make sure that it'll work? 757 99:59:59,999 --> 99:59:59,999 And he offered to do the integration into the GRsec patch if there are not 758 99:59:59,999 --> 99:59:59,999 too many things. 759 99:59:59,999 --> 99:59:59,999 So I think what we should try and do is build a line of communication, 760 99:59:59,999 --> 99:59:59,999 and if it costs money we should find a way to raise that money, 761 99:59:59,999 --> 99:59:59,999 I'll put in some of my own personal money for this, 762 99:59:59,999 --> 99:59:59,999 and I know other people would too. 763 99:59:59,999 --> 99:59:59,999 [distant audience]: I will. 764 99:59:59,999 --> 99:59:59,999 [Jacob]: Great. 765 99:59:59,999 --> 99:59:59,999 So securedrop, for example, part of what they do for their leaking platform, 766 99:59:59,999 --> 99:59:59,999 if you go to the intercepts website, you wan to leak them a document, 767 99:59:59,999 --> 99:59:59,999 they actually use free software everywhere, but there are a few things 768 99:59:59,999 --> 99:59:59,999 they build specially, and one of those things is a GRsec kernel. 769 99:59:59,999 --> 99:59:59,999 So the people at first look, that helped make this movie, 770 99:59:59,999 --> 99:59:59,999 and that work on securedrop, 771 99:59:59,999 --> 99:59:59,999 they would probably also, 772 99:59:59,999 --> 99:59:59,999 I'm not committing them, I don't know that they would actually do this, 773 99:59:59,999 --> 99:59:59,999 but I think they would really like it if that was in there, 774 99:59:59,999 --> 99:59:59,999 and I think it we could find the community will to do that, 775 99:59:59,999 --> 99:59:59,999 I know I would volunteer and other people would, 776 99:59:59,999 --> 99:59:59,999 I know that dkg in the back would love to help with this, I would that ??? 777 99:59:59,999 --> 99:59:59,999 who is just totally behind funding this work, right? 778 99:59:59,999 --> 99:59:59,999 I thought that you were there to protect my civil liberties, buddy. 779 99:59:59,999 --> 99:59:59,999 But I really think that it's possible that we could do this, 780 99:59:59,999 --> 99:59:59,999 and I definitely think Brad, the author of GRsec, 781 99:59:59,999 --> 99:59:59,999 I think he would really love it if Debian shipped GRsec. 782 99:59:59,999 --> 99:59:59,999 And it doesn't need to come by default, 783 99:59:59,999 --> 99:59:59,999 but if it was possible to just have it all, that would be great. 784 99:59:59,999 --> 99:59:59,999 Maybe we could have an affinity group where everyone who is interested can 785 99:59:59,999 --> 99:59:59,999 meet sometime tomorrow and we could talk about doing this. 786 99:59:59,999 --> 99:59:59,999 I would love to have that conversation. 787 99:59:59,999 --> 99:59:59,999 Who are you? 788 99:59:59,999 --> 99:59:59,999 [audience]: Ben Hutchings. 789 99:59:59,999 --> 99:59:59,999 [Jacob]: Oh, nice to meet you! 790 99:59:59,999 --> 99:59:59,999 [laughter, applause] 791 99:59:59,999 --> 99:59:59,999 That's awkward. 792 99:59:59,999 --> 99:59:59,999 [question]: Hi. Sorry to interrupt the awkwardness, 793 99:59:59,999 --> 99:59:59,999 and replace it with more awkwardness. 794 99:59:59,999 --> 99:59:59,999 Nice to see you, Jake. 795 99:59:59,999 --> 99:59:59,999 So, I remember reading the documents in 2013 796 99:59:59,999 --> 99:59:59,999 and seeing the NSA's internal training guide for how to query their 797 99:59:59,999 --> 99:59:59,999 Hadoop data store, aka xkeyscore, 798 99:59:59,999 --> 99:59:59,999 and so I thought I would just ask you if you think Free software net helps us 799 99:59:59,999 --> 99:59:59,999 or helps them. 800 99:59:59,999 --> 99:59:59,999 [Jacob]: I'm really glad you asked that question. 801 99:59:59,999 --> 99:59:59,999 I think that Free software helps everyone on the planet, and I think that 802 99:59:59,999 --> 99:59:59,999 purpose-based limitations.. I understand why people want them. 803 99:59:59,999 --> 99:59:59,999 I think we should try to build a world where we are free, 804 99:59:59,999 --> 99:59:59,999 and so putting in purpose-based limitations is really problematic, 805 99:59:59,999 --> 99:59:59,999 and I think what we should do is try to mitigate the harm that they can do 806 99:59:59,999 --> 99:59:59,999 with those systems, 807 99:59:59,999 --> 99:59:59,999 as opposed to pretending that they care about Free software licensing. 808 99:59:59,999 --> 99:59:59,999 These guys kill people with flying robots, 809 99:59:59,999 --> 99:59:59,999 it's illegal to murder people, and they do it. 810 99:59:59,999 --> 99:59:59,999 Limiting their use with licenses, first of all, that just means they'll spend 811 99:59:59,999 --> 99:59:59,999 your tax money to rewrite it if they care about the license, 812 99:59:59,999 --> 99:59:59,999 and you won't get their bug-fixes or their improvements, 813 99:59:59,999 --> 99:59:59,999 and then additionally they're still not going to obey your license anyway, 814 99:59:59,999 --> 99:59:59,999 because literally some of these people work on assassinating people. 815 99:59:59,999 --> 99:59:59,999 So it is better that we keep our integrity and take the high road, 816 99:59:59,999 --> 99:59:59,999 and write Free software, and we give it to every single person on the planet 817 99:59:59,999 --> 99:59:59,999 without exception, 818 99:59:59,999 --> 99:59:59,999 It's just better. It's better for all of us, right? 819 99:59:59,999 --> 99:59:59,999 So the fact that they have Hadoop, the fact that they, for example, use OpenSSL, 820 99:59:59,999 --> 99:59:59,999 or maybe they use Tor, or whatever, right? 821 99:59:59,999 --> 99:59:59,999 Or they use gdb to debug their exploits. 822 99:59:59,999 --> 99:59:59,999 I kind of wish that on them. 823 99:59:59,999 --> 99:59:59,999 [laughter, applause] 824 99:59:59,999 --> 99:59:59,999 I think it's great, right? 825 99:59:59,999 --> 99:59:59,999 So one of the things Che Guevara said in his manual about guerilla warfare, 826 99:59:59,999 --> 99:59:59,999 in chapter two, is that (oh, it was chapter three) 827 99:59:59,999 --> 99:59:59,999 He talks about when you have to arm a guerrilla army, 828 99:59:59,999 --> 99:59:59,999 this is not exactly related, but it's an analog. 829 99:59:59,999 --> 99:59:59,999 He says that the most important thing is for the guerrilla army to 830 99:59:59,999 --> 99:59:59,999 use the weapons of the people that they're fighting - the oppressor. 831 99:59:59,999 --> 99:59:59,999 And the reason is that it allows you to resupply, essentially. 832 99:59:59,999 --> 99:59:59,999 When you win a battle, you resupply. 833 99:59:59,999 --> 99:59:59,999 When we all use the same Free software, and we're working on these things, 834 99:59:59,999 --> 99:59:59,999 the fact that they have to contribute to the same projects and they often do 835 99:59:59,999 --> 99:59:59,999 means there's a net win for us. 836 99:59:59,999 --> 99:59:59,999 They do have some private things that they don't share, obviously, 837 99:59:59,999 --> 99:59:59,999 with the exception of nice people like Edward Snowden, 838 99:59:59,999 --> 99:59:59,999 and I think that it is a net positive thing, 839 99:59:59,999 --> 99:59:59,999 and if we think of it as a struggle, 840 99:59:59,999 --> 99:59:59,999 we are better off to take the high road, 841 99:59:59,999 --> 99:59:59,999 and so I really think we should not pretend that we can stop them, 842 99:59:59,999 --> 99:59:59,999 and instead we should work together to build solutions. 843 99:59:59,999 --> 99:59:59,999 And I think that Debian is doing that, right? 844 99:59:59,999 --> 99:59:59,999 I think Debian is much harder to compromise than 845 99:59:59,999 --> 99:59:59,999 a lot of other operating systems, 846 99:59:59,999 --> 99:59:59,999 and it's much much harder to coerce people, 847 99:59:59,999 --> 99:59:59,999 and there's a strong ethos that comes with it that it's not just the technical 848 99:59:59,999 --> 99:59:59,999 project, there's a social aspect to it. 849 99:59:59,999 --> 99:59:59,999 I think I was in the New Maintainer queue for 11 years, 850 99:59:59,999 --> 99:59:59,999 maybe that's a little too long, 851 99:59:59,999 --> 99:59:59,999 but there's a huge hazing process, 852 99:59:59,999 --> 99:59:59,999 so anyone who wants to help, really really wants to help, 853 99:59:59,999 --> 99:59:59,999 and if they want to do something wrong there are processes to catch 854 99:59:59,999 --> 99:59:59,999 people doing things wrong. 855 99:59:59,999 --> 99:59:59,999 So we should really stay true to the Free software ethos, 856 99:59:59,999 --> 99:59:59,999 and it really is a net benefit. 857 99:59:59,999 --> 99:59:59,999 [question]: Hi Jake. Thanks a lot for saying so much "GRsec". 858 99:59:59,999 --> 99:59:59,999 Just wanted to give a shout out. 859 99:59:59,999 --> 99:59:59,999 You mentioned possible backdoors in CPUs and so on, 860 99:59:59,999 --> 99:59:59,999 that ARM might not be the next best thing because it's not so open either. 861 99:59:59,999 --> 99:59:59,999 You might want to have a look at Power 8. 862 99:59:59,999 --> 99:59:59,999 It's basically PowerPC 64, so Debian has support for it as far as I know, 863 99:59:59,999 --> 99:59:59,999 and most of the stuff is actually open. 864 99:59:59,999 --> 99:59:59,999 Not that actually designs that IBM is using, 865 99:59:59,999 --> 99:59:59,999 but you can have, actually, an FPGA implementation of it, 866 99:59:59,999 --> 99:59:59,999 and if you have the money make your own ASICs for it, without even knowing 867 99:59:59,999 --> 99:59:59,999 how to do it, which is pretty good, I think. 868 99:59:59,999 --> 99:59:59,999 [Jacob]: I think there are lots of things we can hack right? 869 99:59:59,999 --> 99:59:59,999 I mean I had one of those weird RMS laptops, the Limote, 870 99:59:59,999 --> 99:59:59,999 or whatever it's called, for a while. 871 99:59:59,999 --> 99:59:59,999 And I was definitely able to get some Free software running on it, 872 99:59:59,999 --> 99:59:59,999 in theory it was a Free software laptop. 873 99:59:59,999 --> 99:59:59,999 But getting other people to use this is the problem, 874 99:59:59,999 --> 99:59:59,999 you need to get everybody to use it, right? 875 99:59:59,999 --> 99:59:59,999 There's a sort of old anarchist cliché, 876 99:59:59,999 --> 99:59:59,999 "None of us are free until all of us are free" 877 99:59:59,999 --> 99:59:59,999 And that really applies here. 878 99:59:59,999 --> 99:59:59,999 We really need to have Free software that's usable by everyone, 879 99:59:59,999 --> 99:59:59,999 otherwise we're sort of bound by the lowest common denominator 880 99:59:59,999 --> 99:59:59,999 of Free, or proprietary tools, depending on what people have to use. 881 99:59:59,999 --> 99:59:59,999 So it'll be great when we have that, 882 99:59:59,999 --> 99:59:59,999 and there's a thing called the Nokimist??? 883 99:59:59,999 --> 99:59:59,999 which is a video mixing board that has an FPGA implementing a Free software CPU 884 99:59:59,999 --> 99:59:59,999 that you can boot Debian on, or OpenWRT, 885 99:59:59,999 --> 99:59:59,999 and it does work, and I have used it, 886 99:59:59,999 --> 99:59:59,999 and in fact I used to use it as a shell, 887 99:59:59,999 --> 99:59:59,999 and for a long time I used a Debian trick, 888 99:59:59,999 --> 99:59:59,999 actually I've never talked about that in public, 889 99:59:59,999 --> 99:59:59,999 let me think about that for a second. 890 99:59:59,999 --> 99:59:59,999 So I used to use an IRC client that was really buggy, 891 99:59:59,999 --> 99:59:59,999 and I couldn't figure out where all the bugs were, 892 99:59:59,999 --> 99:59:59,999 but I knew that if I hung out in certain networks that someone else 893 99:59:59,999 --> 99:59:59,999 would help me find those bugs by trying to exploit my client. 894 99:59:59,999 --> 99:59:59,999 And I wanted to make it as hard as possible. 895 99:59:59,999 --> 99:59:59,999 So I ran my IRC client inside of a Debian machine that was running an S390 emulator. 896 99:59:59,999 --> 99:59:59,999 Who here uses Hercules? Thank you to whoever packaged it. 897 99:59:59,999 --> 99:59:59,999 And so I would use Hercules, it was a very long install process. 898 99:59:59,999 --> 99:59:59,999 Very slow. 899 99:59:59,999 --> 99:59:59,999 And I would do this, and what I'd always dreamed of doing at some point 900 99:59:59,999 --> 99:59:59,999 was using the Nokimist??? and the Hercules together 901 99:59:59,999 --> 99:59:59,999 for maximum ridiculously difficult to exploit, 902 99:59:59,999 --> 99:59:59,999 plus GRsec kernel. 903 99:59:59,999 --> 99:59:59,999 But that's not a usable thing. 904 99:59:59,999 --> 99:59:59,999 So what we need to do is take these kinds of prototypes 905 99:59:59,999 --> 99:59:59,999 which actually do represent many steps forward, 906 99:59:59,999 --> 99:59:59,999 and we need to make sure that they're produced on a scale where 907 99:59:59,999 --> 99:59:59,999 you can go into a store and puchase them anonymously, with cash, 908 99:59:59,999 --> 99:59:59,999 in a way that you can then verify. 909 99:59:59,999 --> 99:59:59,999 And we're actually really close to that with software defined radios 910 99:59:59,999 --> 99:59:59,999 and open hardware, 911 99:59:59,999 --> 99:59:59,999 but we're not quite there yet. 912 99:59:59,999 --> 99:59:59,999 [question]: What I meant is that Power 8 is basically getting big, currently, 913 99:59:59,999 --> 99:59:59,999 on the server market, 914 99:59:59,999 --> 99:59:59,999 and it might get big for other stuff also. 915 99:59:59,999 --> 99:59:59,999 [Jacob]: Hopefully. 916 99:59:59,999 --> 99:59:59,999 [question]: I want to come back to the story about the panic 917 99:59:59,999 --> 99:59:59,999 in the Appletalk driver. 918 99:59:59,999 --> 99:59:59,999 The common approach against this is to compile your own kernel with 919 99:59:59,999 --> 99:59:59,999 all this stuff not compiled in, 920 99:59:59,999 --> 99:59:59,999 but on two of my systems I have a modprobe wrapper which has 921 99:59:59,999 --> 99:59:59,999 a whitelist of module which may be loaded, 922 99:59:59,999 --> 99:59:59,999 and I install that wrapper as the thing that the kernel uses for loading modules. 923 99:59:59,999 --> 99:59:59,999 Do you know if such a thing exists elsewhere, or if not, 924 99:59:59,999 --> 99:59:59,999 I would be interested in developing it into something which is actually useable 925 99:59:59,999 --> 99:59:59,999 for people. 926 99:59:59,999 --> 99:59:59,999 [Jacob]: That would be great. 927 99:59:59,999 --> 99:59:59,999 In this case we were using Tails. 928 99:59:59,999 --> 99:59:59,999 And so, Tails is very finicky about what it will accept, 929 99:59:59,999 --> 99:59:59,999 and so having that in Debian will make it a lot easier to get it into something 930 99:59:59,999 --> 99:59:59,999 like Tails, I think. 931 99:59:59,999 --> 99:59:59,999 But the main thing is really that we have to think about the attack surface 932 99:59:59,999 --> 99:59:59,999 of the kernel very differently. 933 99:59:59,999 --> 99:59:59,999 The problem is not Appletalk; the problem is the Linux kernel is filled with 934 99:59:59,999 --> 99:59:59,999 a lot of code, 935 99:59:59,999 --> 99:59:59,999 and you can autoload, in certain cases, certain things come in, 936 99:59:59,999 --> 99:59:59,999 and certain things get autoloaded, 937 99:59:59,999 --> 99:59:59,999 and I know Bdale loves his ham radio stuff, 938 99:59:59,999 --> 99:59:59,999 but I never use ham radio on my machine 939 99:59:59,999 --> 99:59:59,999 I used for clandestine conspiracies, you know? 940 99:59:59,999 --> 99:59:59,999 That's a separate machine. 941 99:59:59,999 --> 99:59:59,999 It's over here. 942 99:59:59,999 --> 99:59:59,999 So we just need to find a way to think about that. 943 99:59:59,999 --> 99:59:59,999 And part of that could be kernel stuff, but also part of it could be thinking 944 99:59:59,999 --> 99:59:59,999 about solutions like that, where we don't need to change the kernel. 945 99:59:59,999 --> 99:59:59,999 So if you could package that and develop that, it would be really fantastic. 946 99:59:59,999 --> 99:59:59,999 [Ben]: Actually, some time ago, after I think it was the econet exploits, 947 99:59:59,999 --> 99:59:59,999 no-one uses econet, it was broken anyway, but you could exploit it, 948 99:59:59,999 --> 99:59:59,999 because it was autoloaded. 949 99:59:59,999 --> 99:59:59,999 So I actually went through and turned off autoloading on a few of the more obscure 950 99:59:59,999 --> 99:59:59,999 network protocols. 951 99:59:59,999 --> 99:59:59,999 We could probably go further with that, even in the defaults. 952 99:59:59,999 --> 99:59:59,999 [Jacob]: I think it would be great to change some of the kernel stuff so that 953 99:59:59,999 --> 99:59:59,999 at least, I mean, Tails is a special use case, where, I think, it's very important, 954 99:59:59,999 --> 99:59:59,999 and it doesn't work for everyone, 955 99:59:59,999 --> 99:59:59,999 but we should just consider that there are certainly things which are really great, 956 99:59:59,999 --> 99:59:59,999 and I want to use Debian for it, because Debian is a universal operating system. 957 99:59:59,999 --> 99:59:59,999 But for a modern desktop system where you're using GNOME, 958 99:59:59,999 --> 99:59:59,999 and you haven't set anything up, Appletalk for example, 959 99:59:59,999 --> 99:59:59,999 maybe we would ask those people to load that module themselves. 960 99:59:59,999 --> 99:59:59,999 [Ben]: Yeah, for example you could have, a lot of those things are going to 961 99:59:59,999 --> 99:59:59,999 have supporting utilities, 962 99:59:59,999 --> 99:59:59,999 so you could put something in the supporting utilities that loads it 963 99:59:59,999 --> 99:59:59,999 at boot time. 964 99:59:59,999 --> 99:59:59,999 And if you don't have those installed, you don't need it. 965 99:59:59,999 --> 99:59:59,999 [Jacob]: Yep, totally. And I think there's lots of ways to do it where 966 99:59:59,999 --> 99:59:59,999 the network can't trigger it, and that's important. 967 99:59:59,999 --> 99:59:59,999 [Ben]: Yeah, that puzzled me, I can't understand, 968 99:59:59,999 --> 99:59:59,999 the protocol module when userland tries to open a socket 969 99:59:59,999 --> 99:59:59,999 of that type, 970 99:59:59,999 --> 99:59:59,999 it shouldn't happen in response to network traffic. 971 99:59:59,999 --> 99:59:59,999 There are things like, I think if you run ifconfig that can autoload 972 99:59:59,999 --> 99:59:59,999 a bunch of things, for example. 973 99:59:59,999 --> 99:59:59,999 [Jacob]: Yeah, I think on either side it should be more explicit, 974 99:59:59,999 --> 99:59:59,999 and in this case with Tails, 975 99:59:59,999 --> 99:59:59,999 there was a time when you looked at the kernel module list 976 99:59:59,999 --> 99:59:59,999 and it was pretty amazing, 977 99:59:59,999 --> 99:59:59,999 like I think there was an X25 thing, an Appletalk, thing, 978 99:59:59,999 --> 99:59:59,999 wait, this is all about going over Tor, we don't support any of these 979 99:59:59,999 --> 99:59:59,999 things at all. 980 99:59:59,999 --> 99:59:59,999 So it's just the way that things are interdependent, right? 981 99:59:59,999 --> 99:59:59,999 It's not a dig at the kernel itself. 982 99:59:59,999 --> 99:59:59,999 I think the Linux kernel as it works in Debian today works really well 983 99:59:59,999 --> 99:59:59,999 for a lot of people, 984 99:59:59,999 --> 99:59:59,999 but there is definitely a high security use case, 985 99:59:59,999 --> 99:59:59,999 and I, for example, if I were a Debian developer, and I had a development 986 99:59:59,999 --> 99:59:59,999 machine where I didn't run a web browser, 987 99:59:59,999 --> 99:59:59,999 and I took a lot of effort. 988 99:59:59,999 --> 99:59:59,999 It would be really nice if there were a kernel that put in the same 989 99:59:59,999 --> 99:59:59,999 threshold of security. 990 99:59:59,999 --> 99:59:59,999 And I think that the GRsec kernel with some stuff changed about it, 991 99:59:59,999 --> 99:59:59,999 like getting rid of Appletalk and a few other things, 992 99:59:59,999 --> 99:59:59,999 would be closer to that, 993 99:59:59,999 --> 99:59:59,999 and combined with that guy's tool that he's talking about, 994 99:59:59,999 --> 99:59:59,999 you could make autoloadable module, that at least even if the system was 995 99:59:59,999 --> 99:59:59,999 going to autoload it, you could stop it, in a failing closed sort of way. 996 99:59:59,999 --> 99:59:59,999 And I think there's a lot of stuff, practically, to do on that front, 997 99:59:59,999 --> 99:59:59,999 and there's another project called Subgraph OS, 998 99:59:59,999 --> 99:59:59,999 which is basically working on becoming in some ways a Debian derivative, 999 99:59:59,999 --> 99:59:59,999 and they're going to do stuff like GRsec kernel, 1000 99:59:59,999 --> 99:59:59,999 and they have a whole sandboxing framework which uses apparmor, seccomp 1001 99:59:59,999 --> 99:59:59,999 and xpra, and a few other things, 1002 99:59:59,999 --> 99:59:59,999 and I think that they'll make a lot of interesting security decisions, 1003 99:59:59,999 --> 99:59:59,999 which might make sense to adopt in Debian later. 1004 99:59:59,999 --> 99:59:59,999 [Ben]: I think Matthew Garrett has an interesting criticism about that and 1005 99:59:59,999 --> 99:59:59,999 how it wouldn't really work, and Wayland was a better way to go than xpra. 1006 99:59:59,999 --> 99:59:59,999 [Jacob]: Yeah, I've heard those criticisms, 1007 99:59:59,999 --> 99:59:59,999 but Matthew Garrett is wrong. 1008 99:59:59,999 --> 99:59:59,999 Not usually, but in this particular case. 1009 99:59:59,999 --> 99:59:59,999 For example, the sandboxing stuff, if you have a GNOME appstore, 1010 99:59:59,999 --> 99:59:59,999 essentially, that's for one set of users, but for a Debian developer 1011 99:59:59,999 --> 99:59:59,999 writing your own policies, it might be useful, 1012 99:59:59,999 --> 99:59:59,999 and if you need Wayland, you might not have a full solution, 1013 99:59:59,999 --> 99:59:59,999 we might want to have both for a while. 1014 99:59:59,999 --> 99:59:59,999 And think it'd be great. 1015 99:59:59,999 --> 99:59:59,999 And the main thing is we just need to find people who will think about those 1016 99:59:59,999 --> 99:59:59,999 issues and try to integrate them, 1017 99:59:59,999 --> 99:59:59,999 because most people who write exploits, or who understand how to do offensive 1018 99:59:59,999 --> 99:59:59,999 security stuff, they don't want to help Free software projects, 1019 99:59:59,999 --> 99:59:59,999 they just want to exploit them. 1020 99:59:59,999 --> 99:59:59,999 And so some of the Subgraph guys, what I really like about them 1021 99:59:59,999 --> 99:59:59,999 is that they're trying to improve the Free software products we all use. 1022 99:59:59,999 --> 99:59:59,999 Even though they may make different design decisions, 1023 99:59:59,999 --> 99:59:59,999 they're making Free software all the same. 1024 99:59:59,999 --> 99:59:59,999 [question]: Maybe also, some other thing to keep in mind is actually 1025 99:59:59,999 --> 99:59:59,999 that there is also a social aspect of this pressure if NSA wants to put anything 1026 99:59:59,999 --> 99:59:59,999 inside Debian. 1027 99:59:59,999 --> 99:59:59,999 So if we actually also need to make sure that if they put pressure on somebody 1028 99:59:59,999 --> 99:59:59,999 we have any way to help these people not land in prison. 1029 99:59:59,999 --> 99:59:59,999 So is there also a social aspect of supporting people which get pressure 1030 99:59:59,999 --> 99:59:59,999 from anyone. 1031 99:59:59,999 --> 99:59:59,999 [Jacob]: Yep. I mean, if anyone is ever in that situation one thing I would say 1032 99:59:59,999 --> 99:59:59,999 is that it's your right to remain silent, 1033 99:59:59,999 --> 99:59:59,999 you have the right to remain silent I think is the phrase the police would say 1034 99:59:59,999 --> 99:59:59,999 but there are definitely communities of people who will help you. 1035 99:59:59,999 --> 99:59:59,999 There's a group called the Courage foundation, for example, 1036 99:59:59,999 --> 99:59:59,999 which was started by Sarah Harrison, 1037 99:59:59,999 --> 99:59:59,999 and the job that the Courage foundation has taken on 1038 99:59:59,999 --> 99:59:59,999 is essentially to help people who would be sources or who are in harm's way like this 1039 99:59:59,999 --> 99:59:59,999 and if you found yourself in that kind of a position there are people 1040 99:59:59,999 --> 99:59:59,999 who will try to help you. 1041 99:59:59,999 --> 99:59:59,999 I really don't think that is the next step in this, 1042 99:59:59,999 --> 99:59:59,999 I think that could happen. 1043 99:59:59,999 --> 99:59:59,999 But I thin it's much more likely someone is going to write an exploit for Firefox. 1044 99:59:59,999 --> 99:59:59,999 That's the way they're going to own Debian people in the future, 1045 99:59:59,999 --> 99:59:59,999 for the most part, that's how they own us today. 1046 99:59:59,999 --> 99:59:59,999 Firefox, number one enemy to security on your Debian machine, probably. 1047 99:59:59,999 --> 99:59:59,999 And that's not a dig at Firefox, it's just super-complicated software, 1048 99:59:59,999 --> 99:59:59,999 and these guys are really good at writing exploits, 1049 99:59:59,999 --> 99:59:59,999 and that's an easy target. 1050 99:59:59,999 --> 99:59:59,999 So we, I think, have to do with the social thing, 1051 99:59:59,999 --> 99:59:59,999 but we also should look at some of the technical problems, 1052 99:59:59,999 --> 99:59:59,999 and then when and if people have that, you can contact me. 1053 99:59:59,999 --> 99:59:59,999 I'm super happy to put you in touch with people who will help. 1054 99:59:59,999 --> 99:59:59,999 And obviously, get a lawyer, get several lawyers if you can. 1055 99:59:59,999 --> 99:59:59,999 Contact the EFF, or the ACLU, depending on where you are. 1056 99:59:59,999 --> 99:59:59,999 At least in Germany, and in the United States, it isn't so bad yet 1057 99:59:59,999 --> 99:59:59,999 that they can put that kind of pressure on you openly, 1058 99:59:59,999 --> 99:59:59,999 in a Free software project. 1059 99:59:59,999 --> 99:59:59,999 If you write proprietary software you're in a very different situations, 1060 99:59:59,999 --> 99:59:59,999 and there are definitely people who are in that situation right now, 1061 99:59:59,999 --> 99:59:59,999 and I don't envy them. Their position is actually much harder. 1062 99:59:59,999 --> 99:59:59,999 So actually writing Free software already makes you not at the very beginning 1063 99:59:59,999 --> 99:59:59,999 of the target list, I think. 1064 99:59:59,999 --> 99:59:59,999 Any other questions? Wow. Where's the rum? 1065 99:59:59,999 --> 99:59:59,999 [question]: How do you deliver the encrypted message without exposing 1066 99:59:59,999 --> 99:59:59,999 the connection to a third party? 1067 99:59:59,999 --> 99:59:59,999 [Jacob]: Which encrypted message do you mean? 1068 99:59:59,999 --> 99:59:59,999 Do you mean, like jabber? 1069 99:59:59,999 --> 99:59:59,999 [question]: Email, or jabber, yes. 1070 99:59:59,999 --> 99:59:59,999 [Jacob]: For the most part we use systems where Tor hidden services are available 1071 99:59:59,999 --> 99:59:59,999 to connect to them, so we never even left the Tor anonymity network, 1072 99:59:59,999 --> 99:59:59,999 so they're end-to-end encrypted and anonymized, you connect to a 1073 99:59:59,999 --> 99:59:59,999 .onion address, 1074 99:59:59,999 --> 99:59:59,999 and then using crypto on top of that, so TLS to a Jabber server, 1075 99:59:59,999 --> 99:59:59,999 and then OTR on top of that, 1076 99:59:59,999 --> 99:59:59,999 so you have, you could call it a composition of cryptographic systems, 1077 99:59:59,999 --> 99:59:59,999 and the core of that is Tor, along with using throwaway machines, 1078 99:59:59,999 --> 99:59:59,999 going to locations where you never go twice, 1079 99:59:59,999 --> 99:59:59,999 using open wifi plus Tor plus TLS plus OTR, 1080 99:59:59,999 --> 99:59:59,999 and for email, Riseup offers Tor hidden services, which allows you to do the same 1081 99:59:59,999 --> 99:59:59,999 thing, essentially, and then using PGP as well. 1082 99:59:59,999 --> 99:59:59,999 [question]: I mean, how about metadata, like the delivery address of the target? 1083 99:59:59,999 --> 99:59:59,999 [Jacbob]: In some cases we use a system called Pond, 1084 99:59:59,999 --> 99:59:59,999 and Pond is a system that is completely Tor hidden service based, 1085 99:59:59,999 --> 99:59:59,999 pond.imperialviolet.org. 1086 99:59:59,999 --> 99:59:59,999 Adam Langley probably wouldn't want me to say, but I'll say it anyway, 1087 99:59:59,999 --> 99:59:59,999 it would be very useful to package this for Debian, 1088 99:59:59,999 --> 99:59:59,999 because it's a system where once you do key exchange with someone, 1089 99:59:59,999 --> 99:59:59,999 you have an end-to-end encrypted messaging system that's like email, 1090 99:59:59,999 --> 99:59:59,999 you can send files that are encrypted, you can send messages that are encrypted, 1091 99:59:59,999 --> 99:59:59,999 It's delay based. You don't have usernames, 1092 99:59:59,999 --> 99:59:59,999 you just have a public key, and then you have group signatures, 1093 99:59:59,999 --> 99:59:59,999 so that people can send things to your mailbox by proving they are a member 1094 99:59:59,999 --> 99:59:59,999 of the group but not which member of the group they are. 1095 99:59:59,999 --> 99:59:59,999 And there's a lot of stuff like that. 1096 99:59:59,999 --> 99:59:59,999 So we use Jabber, we use email, and we use Pond. 1097 99:59:59,999 --> 99:59:59,999 And those three systems together also allowed us to build a clandestine 1098 99:59:59,999 --> 99:59:59,999 sneakernet. 1099 99:59:59,999 --> 99:59:59,999 So we have the ability to carry USB disks, 1100 99:59:59,999 --> 99:59:59,999 and a few of us carried them inside of our bodies, 1101 99:59:59,999 --> 99:59:59,999 and if you've never had that experience, lucky you. 1102 99:59:59,999 --> 99:59:59,999 You want to make sure you use post-quantum computer crypto for that, by the way. 1103 99:59:59,999 --> 99:59:59,999 It's more comfortable. 1104 99:59:59,999 --> 99:59:59,999 [orga]: Shall we relieve this man from his duties? 1105 99:59:59,999 --> 99:59:59,999 [Jacob]: Any more questions? 1106 99:59:59,999 --> 99:59:59,999 [orga]: One more question. 1107 99:59:59,999 --> 99:59:59,999 [question]: Okay, so when the Snowden leaks were first published it created 1108 99:59:59,999 --> 99:59:59,999 a lot of awareness, and people were talking about it, 1109 99:59:59,999 --> 99:59:59,999 and there was a huge media echo, 1110 99:59:59,999 --> 99:59:59,999 Now if some documents leaked, people are saying yeah, all this surveillance, 1111 99:59:59,999 --> 99:59:59,999 and we aren't dead yet, and we can still live our lives. 1112 99:59:59,999 --> 99:59:59,999 They basically care less. They still care a bit, but they care much less than 1113 99:59:59,999 --> 99:59:59,999 when the first documents were published, 1114 99:59:59,999 --> 99:59:59,999 so how can we maintain awareness for this issue in the world population, 1115 99:59:59,999 --> 99:59:59,999 in your opinion? 1116 99:59:59,999 --> 99:59:59,999 [Jacob]: There's a really scary thing that's happening right now. 1117 99:59:59,999 --> 99:59:59,999 There was this idea in the 90s, we had the crypto wars. 1118 99:59:59,999 --> 99:59:59,999 Did any of you remember this idea of the crypto wars? 1119 99:59:59,999 --> 99:59:59,999 Okay, a few of you do, maybe not all of you do. 1120 99:59:59,999 --> 99:59:59,999 But we had the so-called crypto wars in the 90s, I encourage you to look this up 1121 99:59:59,999 --> 99:59:59,999 on DuckDuckGo, or whatever your favourite search engine is. 1122 99:59:59,999 --> 99:59:59,999 In theory we're in the second crypto wars now. 1123 99:59:59,999 --> 99:59:59,999 In reality what happened is the first crypto wars never ended. 1124 99:59:59,999 --> 99:59:59,999 We didn't actually win, like we thought we did. 1125 99:59:59,999 --> 99:59:59,999 But there are a bunch of things that are taking place. 1126 99:59:59,999 --> 99:59:59,999 For example, making a stand against backdoors. 1127 99:59:59,999 --> 99:59:59,999 Using end-to-end encrypted communications. 1128 99:59:59,999 --> 99:59:59,999 Actually pushing for that, being quite open about actually hosting 1129 99:59:59,999 --> 99:59:59,999 those kinds of services, and doing it from a principled perspective, 1130 99:59:59,999 --> 99:59:59,999 from a legal perspective. 1131 99:59:59,999 --> 99:59:59,999 I think you will find that the tension will continue to rise for a while, 1132 99:59:59,999 --> 99:59:59,999 and I think that it will continue to be a conversation about public debate, 1133 99:59:59,999 --> 99:59:59,999 and an important aspect of this is that now regular journalists that don't 1134 99:59:59,999 --> 99:59:59,999 understand technology at least understand the importance of these things. 1135 99:59:59,999 --> 99:59:59,999 And if they don't do that, they at least perceive that they will be considered 1136 99:59:59,999 --> 99:59:59,999 unprofessional if they don't care, and think about those things, 1137 99:59:59,999 --> 99:59:59,999 or they'll be somehow negligent. 1138 99:59:59,999 --> 99:59:59,999 And I think that will keep some of the discussion going, 1139 99:59:59,999 --> 99:59:59,999 and it will allow us to build some breathing room, 1140 99:59:59,999 --> 99:59:59,999 and that breathing room will actually allow us to build some alternatives. 1141 99:59:59,999 --> 99:59:59,999 But there are some downsides, right? 1142 99:59:59,999 --> 99:59:59,999 Some of the things that take place when you reveal security service spying 1143 99:59:59,999 --> 99:59:59,999 is that it tends to get normalized, to a degree. 1144 99:59:59,999 --> 99:59:59,999 But then in some cases it does get pushed back. 1145 99:59:59,999 --> 99:59:59,999 In the 70s in the United States, it became illegal to do assassinations, for example. 1146 99:59:59,999 --> 99:59:59,999 Because what the CIA were doing was so atrocious that eventually there was 1147 99:59:59,999 --> 99:59:59,999 political pushback. 1148 99:59:59,999 --> 99:59:59,999 It turns out it only lasted 30 years, and then they started doing it again. 1149 99:59:59,999 --> 99:59:59,999 But there's a saying in my country which is that effectively the price of liberty 1150 99:59:59,999 --> 99:59:59,999 is eternal vigilance. 1151 99:59:59,999 --> 99:59:59,999 And that's what we are engaged in now. 1152 99:59:59,999 --> 99:59:59,999 And the liberty starts with software liberty, I think, 1153 99:59:59,999 --> 99:59:59,999 in the case of communications on networks. 1154 99:59:59,999 --> 99:59:59,999 And so we have to have Free software, and it has to be responsibly encoding 1155 99:59:59,999 --> 99:59:59,999 packets and data, 1156 99:59:59,999 --> 99:59:59,999 and if we think about it in this sense we'll find a lot of pressure, 1157 99:59:59,999 --> 99:59:59,999 and we'll have a lot of discussions about it, 1158 99:59:59,999 --> 99:59:59,999 and you'll start to see it be a part of policy debates, 1159 99:59:59,999 --> 99:59:59,999 like one of the presidential candidates in the United States 1160 99:59:59,999 --> 99:59:59,999 just came out against encryption. 1161 99:59:59,999 --> 99:59:59,999 I hope that sinks his presidential campaign. 1162 99:59:59,999 --> 99:59:59,999 I mean it's weird to be against encryption. 1163 99:59:59,999 --> 99:59:59,999 It's like I'm against prime numbers. 1164 99:59:59,999 --> 99:59:59,999 No modular arithmetic. 1165 99:59:59,999 --> 99:59:59,999 [laughter, applause] 1166 99:59:59,999 --> 99:59:59,999 I just want to say it's important to understand, you are right, 1167 99:59:59,999 --> 99:59:59,999 people will be normalized about it, 1168 99:59:59,999 --> 99:59:59,999 but each and every one of us that understands these issues 1169 99:59:59,999 --> 99:59:59,999 can actually keep it alive. 1170 99:59:59,999 --> 99:59:59,999 And the way we do that is when we communicate with people... 1171 99:59:59,999 --> 99:59:59,999 I'll give you an example which I like to give. 1172 99:59:59,999 --> 99:59:59,999 I grew up in San Fransisco and in the Bay Area or San Fransisco, and California, 1173 99:59:59,999 --> 99:59:59,999 and I did that in the 80s. 1174 99:59:59,999 --> 99:59:59,999 And so a lot of people that I knew had HIV and they died of AIDS. 1175 99:59:59,999 --> 99:59:59,999 And there was a huge discussion about this, and it was called GRID, 1176 99:59:59,999 --> 99:59:59,999 the Gay Related Immune Deficiency syndrome. 1177 99:59:59,999 --> 99:59:59,999 Before it was called HIV and AIDS. 1178 99:59:59,999 --> 99:59:59,999 And lots of people were sick, and lot of people died, 1179 99:59:59,999 --> 99:59:59,999 and there was a sort of normalization process where people sort of 1180 99:59:59,999 --> 99:59:59,999 accepted this as their fate, especially if they were in the gay community. 1181 99:59:59,999 --> 99:59:59,999 And still, over years and years and years, people began to build a culture about 1182 99:59:59,999 --> 99:59:59,999 safe sex, and they started to talk about respecting their partners, 1183 99:59:59,999 --> 99:59:59,999 and about talking about these issues, and about getting tested, 1184 99:59:59,999 --> 99:59:59,999 and it took a lot of effort, to really go much further. 1185 99:59:59,999 --> 99:59:59,999 A lot of people actually died in that process. 1186 99:59:59,999 --> 99:59:59,999 It was a very sad, serious situation. 1187 99:59:59,999 --> 99:59:59,999 And I think we have similar discussions that are taking place now, 1188 99:59:59,999 --> 99:59:59,999 and some people don't take it seriously, 1189 99:59:59,999 --> 99:59:59,999 and if they happen to be Muslims living in Pakistan, 1190 99:59:59,999 --> 99:59:59,999 they might get a drone strike. 1191 99:59:59,999 --> 99:59:59,999 And there's a sort of survival mechanism that takes place there. 1192 99:59:59,999 --> 99:59:59,999 And it's an unfortunate parallel, I think, 1193 99:59:59,999 --> 99:59:59,999 but I would really consider that we can change this dialogue 1194 99:59:59,999 --> 99:59:59,999 by continuing to have it even though it's exhausting, 1195 99:59:59,999 --> 99:59:59,999 and by recognizing our responsibility, 1196 99:59:59,999 --> 99:59:59,999 and how we can make it better by continuing to do that, 1197 99:59:59,999 --> 99:59:59,999 and by building healthy alternatives, and by building new systems, 1198 99:59:59,999 --> 99:59:59,999 and by refusing to backdoor any system, ever, 1199 99:59:59,999 --> 99:59:59,999 completely committing to Free software, 1200 99:59:59,999 --> 99:59:59,999 and transparency of that software, and also of those processes. 1201 99:59:59,999 --> 99:59:59,999 And really really really sharing the knowledge about it, 1202 99:59:59,999 --> 99:59:59,999 to make it impossible to surpress. 1203 99:59:59,999 --> 99:59:59,999 And we should not accept the normalization of that. 1204 99:59:59,999 --> 99:59:59,999 We shouldn't make it fun to spy on people, we shouldn't make jokes about it 1205 99:59:59,999 --> 99:59:59,999 in a way that normalizes it, 1206 99:59:59,999 --> 99:59:59,999 and we should respect those people who are victims of surveillance, 1207 99:59:59,999 --> 99:59:59,999 and we should recognize that basically everyone here is a victim of surveillance 1208 99:59:59,999 --> 99:59:59,999 to some degree, 1209 99:59:59,999 --> 99:59:59,999 and we should care about that, and we should continue to be upset, 1210 99:59:59,999 --> 99:59:59,999 but not just upset; to channel that anger into something useful 1211 99:59:59,999 --> 99:59:59,999 like making Debian better. 1212 99:59:59,999 --> 99:59:59,999 [applause] 1213 99:59:59,999 --> 99:59:59,999 [orga]: Thanks Jake for such a long Q&A session, 1214 99:59:59,999 --> 99:59:59,999 I hope you enjoy the rum. 1215 99:59:59,999 --> 99:59:59,999 And I'm sure Jake's going to ask any more questions if he can still talk. 1216 99:59:59,999 --> 99:59:59,999 [Jacob]: Thanks.