[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:01.39,Default,,0000,0000,0000,,... wanted to be able to use
Dialogue: 0,0:00:01.48,0:00:03.11,Default,,0000,0000,0000,,Thunderbird and GnuPG together with Tor,
Dialogue: 0,0:00:03.28,0:00:04.74,Default,,0000,0000,0000,,and so we thought:
Dialogue: 0,0:00:04.88,0:00:07.10,Default,,0000,0000,0000,,oh, it would be really easy, I bet,
Dialogue: 0,0:00:07.16,0:00:09.69,Default,,0000,0000,0000,,to configure Thunderbird to work with Tor
Dialogue: 0,0:00:09.75,0:00:11.99,Default,,0000,0000,0000,,- hah - so a new Free software project\Nwas born.
Dialogue: 0,0:00:12.76,0:00:15.40,Default,,0000,0000,0000,,It's a really simple thing, but basically
Dialogue: 0,0:00:15.53,0:00:18.16,Default,,0000,0000,0000,,it's just a package\Nthat hooks it all together.
Dialogue: 0,0:00:18.28,0:00:21.28,Default,,0000,0000,0000,,So a lot of people were using Thunderbird
Dialogue: 0,0:00:21.36,0:00:23.80,Default,,0000,0000,0000,,and TorBirdy, and GnuPG, and Tor,
Dialogue: 0,0:00:23.97,0:00:26.03,Default,,0000,0000,0000,,and Debian, together for email,
Dialogue: 0,0:00:26.10,0:00:30.75,Default,,0000,0000,0000,,combined with Riseup as an email service.
Dialogue: 0,0:00:30.83,0:00:36.95,Default,,0000,0000,0000,,So it's a literally a real peer to peer,\NFree software driven set of things,
Dialogue: 0,0:00:37.68,0:00:41.22,Default,,0000,0000,0000,,actually, that made it possible.
Dialogue: 0,0:00:48.56,0:00:50.44,Default,,0000,0000,0000,,[question]:\NSo one thing I never understood about this
Dialogue: 0,0:00:50.61,0:00:53.46,Default,,0000,0000,0000,,process was exactly how the documents were\Nhandled, and maybe that's because nobody
Dialogue: 0,0:00:53.63,0:00:57.56,Default,,0000,0000,0000,,wants to say, but, you know, did you leave\Nthem on a server somewhere and download
Dialogue: 0,0:00:57.69,0:01:00.81,Default,,0000,0000,0000,,them, hand them over to people, and who\Ntook what where, and how do you...
Dialogue: 0,0:01:01.26,0:01:05.07,Default,,0000,0000,0000,,in case I need to do something really\Ndangerous with a load of documents,
Dialogue: 0,0:01:05.20,0:01:07.76,Default,,0000,0000,0000,,what's the best way of doing it?
Dialogue: 0,0:01:07.89,0:01:10.88,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:01:12.76,0:01:14.76,Default,,0000,0000,0000,,[Jacob]: Hmm!
Dialogue: 0,0:01:16.56,0:01:18.86,Default,,0000,0000,0000,,[audience member]: It's a good thing\Nthis isn't being streamed.
Dialogue: 0,0:01:19.50,0:01:21.59,Default,,0000,0000,0000,,I'm sorry, what?
Dialogue: 0,0:01:21.84,0:01:24.79,Default,,0000,0000,0000,,There was a voice from god,\Nwhat did she say?
Dialogue: 0,0:01:25.17,0:01:27.26,Default,,0000,0000,0000,,[audience]:\NI said good we aren't streaming tonight.
Dialogue: 0,0:01:27.48,0:01:30.16,Default,,0000,0000,0000,,Oh yeah, so hello to all of our friends\N
Dialogue: 0,0:01:30.25,0:01:34.13,Default,,0000,0000,0000,,in domestic and international\Nsurveillance services.
Dialogue: 0,0:01:34.82,0:01:37.46,Default,,0000,0000,0000,,Well, so I won't answer your question,
Dialogue: 0,0:01:37.59,0:01:40.15,Default,,0000,0000,0000,,but since you asked the question,\Nit's my turn to talk.
Dialogue: 0,0:01:40.41,0:01:41.60,Default,,0000,0000,0000,,So what I would say is that...
Dialogue: 0,0:01:41.69,0:01:44.08,Default,,0000,0000,0000,,if you want to do clandestine activities
Dialogue: 0,0:01:44.20,0:01:46.16,Default,,0000,0000,0000,,that you fear for your life for,
Dialogue: 0,0:01:46.29,0:01:48.21,Default,,0000,0000,0000,,you need to really think about\Nthe situation that you're in
Dialogue: 0,0:01:48.30,0:01:49.36,Default,,0000,0000,0000,,very carefully.
Dialogue: 0,0:01:49.45,0:01:52.09,Default,,0000,0000,0000,,And so a big part of this is\Noperational security
Dialogue: 0,0:01:52.18,0:01:54.27,Default,,0000,0000,0000,,and a big part of that is\Ncompartmentalization.
Dialogue: 0,0:01:54.36,0:01:56.53,Default,,0000,0000,0000,,So certain people had access\Nto certain things,
Dialogue: 0,0:01:56.70,0:01:58.20,Default,,0000,0000,0000,,but maybe they couldn't decrypt them,
Dialogue: 0,0:01:58.36,0:02:00.97,Default,,0000,0000,0000,,and certain things were moved around,
Dialogue: 0,0:02:01.05,0:02:03.49,Default,,0000,0000,0000,,and that's on a need to know basis,
Dialogue: 0,0:02:03.62,0:02:05.07,Default,,0000,0000,0000,,and those people who knew,
Dialogue: 0,0:02:05.19,0:02:09.84,Default,,0000,0000,0000,,which is not me - I don't know anything,\NI don't know what you're talking about.
Dialogue: 0,0:02:09.84,0:02:11.89,Default,,0000,0000,0000,,Those people knew, and then you know,
Dialogue: 0,0:02:12.02,0:02:13.43,Default,,0000,0000,0000,,it'll go with them to their grave.
Dialogue: 0,0:02:13.52,0:02:15.73,Default,,0000,0000,0000,,So if you're interested in being the next\NEdward Snowden,
Dialogue: 0,0:02:15.86,0:02:17.22,Default,,0000,0000,0000,,you need to do your homework
Dialogue: 0,0:02:17.40,0:02:20.34,Default,,0000,0000,0000,,in finding people that will be able to do\Nthe other part of it, let's say.
Dialogue: 0,0:02:20.34,0:02:22.77,Default,,0000,0000,0000,,But just in general, I mean
Dialogue: 0,0:02:22.86,0:02:24.83,Default,,0000,0000,0000,,compartmentalization is key, right.
Dialogue: 0,0:02:24.95,0:02:27.16,Default,,0000,0000,0000,,So it's not just for AppArmor profiles.
Dialogue: 0,0:02:27.29,0:02:30.28,Default,,0000,0000,0000,,So you need to think about\Nwhat you want to do.
Dialogue: 0,0:02:30.36,0:02:33.56,Default,,0000,0000,0000,,And I mean a big part of this\Nis to consider that the network itself
Dialogue: 0,0:02:33.65,0:02:36.94,Default,,0000,0000,0000,,is the enemy, even though it is useful\Nfor communicating.
Dialogue: 0,0:02:37.06,0:02:40.73,Default,,0000,0000,0000,,So all the metadata that exists\Non the network
Dialogue: 0,0:02:40.86,0:02:42.87,Default,,0000,0000,0000,,could have tipped people off,\Ncould have caused
Dialogue: 0,0:02:42.100,0:02:44.36,Default,,0000,0000,0000,,this whole thing to fall apart.
Dialogue: 0,0:02:44.49,0:02:46.79,Default,,0000,0000,0000,,It really is amazing, I feel like you know
Dialogue: 0,0:02:46.92,0:02:48.16,Default,,0000,0000,0000,,two and half, three years ago,
Dialogue: 0,0:02:48.24,0:02:49.87,Default,,0000,0000,0000,,when you talk about Free software,
Dialogue: 0,0:02:49.95,0:02:51.62,Default,,0000,0000,0000,,and you talk about the idea of\NFree software,
Dialogue: 0,0:02:51.74,0:02:55.24,Default,,0000,0000,0000,,and you talk about issues relating to\Nautonomy and privacy, and security
Dialogue: 0,0:02:55.32,0:02:57.80,Default,,0000,0000,0000,,you have a really different reception now\Nthan you did then,
Dialogue: 0,0:02:57.93,0:02:58.100,Default,,0000,0000,0000,,and that's really what it took
Dialogue: 0,0:02:59.16,0:03:01.60,Default,,0000,0000,0000,,to turn the world half a degree,\Nor something,
Dialogue: 0,0:03:01.73,0:03:03.90,Default,,0000,0000,0000,,or a quarter of a degree or something.
Dialogue: 0,0:03:04.88,0:03:08.16,Default,,0000,0000,0000,,So I'm not going to tell you about\Ndetailed plans for conspiracy,
Dialogue: 0,0:03:08.30,0:03:10.94,Default,,0000,0000,0000,,but I highly encourage you to read about\NSouth African history,
Dialogue: 0,0:03:11.03,0:03:13.59,Default,,0000,0000,0000,,in particular the history of\NUmkhonto we Sizwe.
Dialogue: 0,0:03:13.72,0:03:17.98,Default,,0000,0000,0000,,They are the clandestine communications\Ngroup for MK,
Dialogue: 0,0:03:18.02,0:03:20.88,Default,,0000,0000,0000,,or rather the operation who lay inside of MK,
Dialogue: 0,0:03:20.88,0:03:22.68,Default,,0000,0000,0000,,which is Umkhonto we Sizwe,
Dialogue: 0,0:03:22.80,0:03:25.15,Default,,0000,0000,0000,,and they are sort of with\Nthe African National Congress,
Dialogue: 0,0:03:25.36,0:03:28.76,Default,,0000,0000,0000,,and those people have published so many\Nbooks about the revolutionary activities
Dialogue: 0,0:03:28.85,0:03:31.24,Default,,0000,0000,0000,,to overthrow the apartheid state.
Dialogue: 0,0:03:31.37,0:03:33.76,Default,,0000,0000,0000,,If you read these books, especially\Nthe book "Operation Vula"
Dialogue: 0,0:03:33.88,0:03:36.19,Default,,0000,0000,0000,,and "Armed and Dangerous"\Nby Ronnie Kasrils
Dialogue: 0,0:03:36.27,0:03:38.70,Default,,0000,0000,0000,,they give you some idea about\Nwhat you need to do
Dialogue: 0,0:03:38.84,0:03:40.28,Default,,0000,0000,0000,,which is to compartmentalize,
Dialogue: 0,0:03:40.41,0:03:42.54,Default,,0000,0000,0000,,how to find people to do various tasks,\Nspecific tasks,
Dialogue: 0,0:03:42.72,0:03:45.19,Default,,0000,0000,0000,,how to work on building trust\Nwith each other, what that looks like,
Dialogue: 0,0:03:45.27,0:03:47.20,Default,,0000,0000,0000,,how to identify political targets,
Dialogue: 0,0:03:47.28,0:03:50.31,Default,,0000,0000,0000,,how you might use things\Nlike communications technology
Dialogue: 0,0:03:50.40,0:03:53.04,Default,,0000,0000,0000,,to change the political topic on,
Dialogue: 0,0:03:53.13,0:03:55.43,Default,,0000,0000,0000,,and the discussion in general.
Dialogue: 0,0:03:55.56,0:03:59.52,Default,,0000,0000,0000,,And I think the best way to learn about\Nthese things is to study previous people
Dialogue: 0,0:03:59.61,0:04:01.66,Default,,0000,0000,0000,,who have tried to do that kind of stuff.
Dialogue: 0,0:04:01.74,0:04:05.24,Default,,0000,0000,0000,,And the NSA is not the apartheid regime of\NSouth Africa,
Dialogue: 0,0:04:05.24,0:04:06.89,Default,,0000,0000,0000,,but there are still lessons\Nto be learned there,
Dialogue: 0,0:04:06.99,0:04:10.06,Default,,0000,0000,0000,,so if you really want to know the answer\Nto that, also Che Guevara's manual
Dialogue: 0,0:04:10.18,0:04:12.10,Default,,0000,0000,0000,,on guerilla warfare is very interesting,
Dialogue: 0,0:04:12.29,0:04:13.77,Default,,0000,0000,0000,,and there's a lot of other books like that.
Dialogue: 0,0:04:13.85,0:04:15.69,Default,,0000,0000,0000,,I'd be happy to talk about it\Nwith you later.
Dialogue: 0,0:04:15.85,0:04:18.46,Default,,0000,0000,0000,,And I have nothing to do with anything\Nthat we may or may not have done.
Dialogue: 0,0:04:18.55,0:04:20.21,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:04:24.90,0:04:28.28,Default,,0000,0000,0000,,[question]: Do you think there is a chance\Nthat things may get better
Dialogue: 0,0:04:28.72,0:04:33.05,Default,,0000,0000,0000,,for example I know that publicly,\Nsome programs were not extended
Dialogue: 0,0:04:33.95,0:04:37.21,Default,,0000,0000,0000,,but I don't know what is happening\Nin the background
Dialogue: 0,0:04:37.39,0:04:43.15,Default,,0000,0000,0000,,so maybe it's the same thing\Nbut they are pretending that it's not
Dialogue: 0,0:04:43.49,0:04:45.19,Default,,0000,0000,0000,,How do you see this?
Dialogue: 0,0:04:45.41,0:04:47.71,Default,,0000,0000,0000,,[Jacob]: Well I think a couple of things.
Dialogue: 0,0:04:47.79,0:04:53.94,Default,,0000,0000,0000,,In general I think what happened, not just\Nwith this movie but with all of these things
Dialogue: 0,0:04:54.07,0:04:56.07,Default,,0000,0000,0000,,is that in inspired hope,
Dialogue: 0,0:04:56.07,0:04:57.35,Default,,0000,0000,0000,,and the hope is very important,
Dialogue: 0,0:04:57.44,0:05:01.15,Default,,0000,0000,0000,,but hope is not a strategy for survival,\Nor for building alternatives,
Dialogue: 0,0:05:01.28,0:05:03.50,Default,,0000,0000,0000,,so what it has also done, is that it has\Nallowed us to raise the profile
Dialogue: 0,0:05:03.67,0:05:05.50,Default,,0000,0000,0000,,of the things which actually do\Nmake it better.
Dialogue: 0,0:05:05.59,0:05:08.83,Default,,0000,0000,0000,,For example ridding ourselves of the\Nchains of proprietary software
Dialogue: 0,0:05:08.96,0:05:12.07,Default,,0000,0000,0000,,is something that's a serious discussion\Nwith people that wouldn't have previously
Dialogue: 0,0:05:12.16,0:05:14.85,Default,,0000,0000,0000,,talked about Free software\Nbecause they don't care about liberty,
Dialogue: 0,0:05:14.97,0:05:16.51,Default,,0000,0000,0000,,they care about security.
Dialogue: 0,0:05:16.68,0:05:18.69,Default,,0000,0000,0000,,And even though I think those are\Nreally simliar things,
Dialogue: 0,0:05:18.77,0:05:21.12,Default,,0000,0000,0000,,previously they just thought we were just\NFree software hippies,
Dialogue: 0,0:05:21.25,0:05:22.40,Default,,0000,0000,0000,,in tie-dye shirts
Dialogue: 0,0:05:22.49,0:05:25.09,Default,,0000,0000,0000,,and while that may be true on the weekends\Nand evenings
Dialogue: 0,0:05:25.09,0:05:27.58,Default,,0000,0000,0000,,or with Bdale every day\N[laughter]
Dialogue: 0,0:05:27.58,0:05:29.54,Default,,0000,0000,0000,,I think that actually does make it better
Dialogue: 0,0:05:29.67,0:05:32.78,Default,,0000,0000,0000,,And it also changes the dialogue, in\Nthe sense that it's no longer reasonable
Dialogue: 0,0:05:32.88,0:05:37.31,Default,,0000,0000,0000,,to pretend that mass surveillance and\Nsurveillance issues don't matter,
Dialogue: 0,0:05:37.44,0:05:39.14,Default,,0000,0000,0000,,because if you really go down the\Nrabbit-hole
Dialogue: 0,0:05:39.23,0:05:42.26,Default,,0000,0000,0000,,of thinking about what some of the\Nsecurity services are trying to do
Dialogue: 0,0:05:42.26,0:05:45.29,Default,,0000,0000,0000,,it becomes obvious that we want to encrypt\Neverything all the time
Dialogue: 0,0:05:45.29,0:05:48.10,Default,,0000,0000,0000,,to beat selector-based surveillance\Nand dragnet-based surveillance.
Dialogue: 0,0:05:48.19,0:05:50.28,Default,,0000,0000,0000,,It doesn't matter if something is authenticated
Dialogue: 0,0:05:50.37,0:05:52.68,Default,,0000,0000,0000,,You could still trigger some action\Nto take place
Dialogue: 0,0:05:52.76,0:05:54.39,Default,,0000,0000,0000,,with these kinds of surveillance machines
Dialogue: 0,0:05:54.47,0:05:56.77,Default,,0000,0000,0000,,that could for example drone\Nstrike someone,
Dialogue: 0,0:05:56.90,0:05:58.44,Default,,0000,0000,0000,,and so it raises that.
Dialogue: 0,0:05:58.52,0:05:59.84,Default,,0000,0000,0000,,And that gives me a lot of hope too,
Dialogue: 0,0:06:00.01,0:06:03.38,Default,,0000,0000,0000,,because people understand the root\Nof the problem,
Dialogue: 0,0:06:03.47,0:06:05.00,Default,,0000,0000,0000,,or the root of many problems
Dialogue: 0,0:06:05.09,0:06:07.09,Default,,0000,0000,0000,,and the root of some violence\Nin the world, actually.
Dialogue: 0,0:06:07.22,0:06:09.10,Default,,0000,0000,0000,,And so it helps us to reduce that\Nviolence
Dialogue: 0,0:06:09.22,0:06:10.76,Default,,0000,0000,0000,,by getting people to acknowledge\Nthat it's real
Dialogue: 0,0:06:10.85,0:06:12.21,Default,,0000,0000,0000,,and also that they care about it
Dialogue: 0,0:06:12.29,0:06:14.08,Default,,0000,0000,0000,,and that we care about each other.
Dialogue: 0,0:06:14.13,0:06:16.86,Default,,0000,0000,0000,,So that really gives me a lot of hope,\Nand part of that is Snowden
Dialogue: 0,0:06:16.99,0:06:18.48,Default,,0000,0000,0000,,and part of that is the documents
Dialogue: 0,0:06:18.57,0:06:20.28,Default,,0000,0000,0000,,but the other part of it is that..
Dialogue: 0,0:06:20.40,0:06:25.01,Default,,0000,0000,0000,,I don't want to blow it up and make it\Nsound like we did something
Dialogue: 0,0:06:25.14,0:06:26.63,Default,,0000,0000,0000,,like a big deal,
Dialogue: 0,0:06:26.76,0:06:29.92,Default,,0000,0000,0000,,but in a sense, Laura, Glen, myself\Nand a number of other people
Dialogue: 0,0:06:30.00,0:06:32.53,Default,,0000,0000,0000,,were really not sure we would ever be able\Nto travel home to our country
Dialogue: 0,0:06:32.69,0:06:34.14,Default,,0000,0000,0000,,that we wouldn't be arrested.
Dialogue: 0,0:06:34.23,0:06:36.49,Default,,0000,0000,0000,,I actually haven't been home\Nin over two and half years,
Dialogue: 0,0:06:36.62,0:06:38.75,Default,,0000,0000,0000,,well, two years and three months\Nor something
Dialogue: 0,0:06:38.83,0:06:41.99,Default,,0000,0000,0000,,I went out on a small business trip\Nthat was supposed to last two weeks
Dialogue: 0,0:06:42.08,0:06:43.48,Default,,0000,0000,0000,,and then this happened
Dialogue: 0,0:06:43.57,0:06:44.89,Default,,0000,0000,0000,,and I've been hear ever since.
Dialogue: 0,0:06:44.89,0:06:46.52,Default,,0000,0000,0000,,It's a really long, crazy trip.
Dialogue: 0,0:06:46.64,0:06:50.87,Default,,0000,0000,0000,,But the point is that that's what was\Nnecessary to make some of these changes
Dialogue: 0,0:06:51.04,0:06:53.47,Default,,0000,0000,0000,,and eventually it will turn around
Dialogue: 0,0:06:53.60,0:06:54.67,Default,,0000,0000,0000,,and I will be able to go home,
Dialogue: 0,0:06:54.67,0:06:57.10,Default,,0000,0000,0000,,and Laura and Glen will be able to travel\Nto the US again.
Dialogue: 0,0:06:57.18,0:07:00.06,Default,,0000,0000,0000,,Obviously, Julian is still stuck in the\NEcuadorian embassy
Dialogue: 0,0:07:00.23,0:07:01.81,Default,,0000,0000,0000,,Sarah lives in exile in Berlin,
Dialogue: 0,0:07:01.81,0:07:03.05,Default,,0000,0000,0000,,I live in exile in Berlin,
Dialogue: 0,0:07:03.05,0:07:04.54,Default,,0000,0000,0000,,And Ed is in Moscow
Dialogue: 0,0:07:04.67,0:07:07.53,Default,,0000,0000,0000,,So we're not finished with some of\Nthese things
Dialogue: 0,0:07:07.61,0:07:11.71,Default,,0000,0000,0000,,and it's also possible that we are,\Nthe set of people I mentioned,
Dialogue: 0,0:07:11.84,0:07:15.16,Default,,0000,0000,0000,,the state we're in, will stay that way\Nforever.
Dialogue: 0,0:07:15.25,0:07:16.92,Default,,0000,0000,0000,,But what matters is that the rest\Nof the world
Dialogue: 0,0:07:17.04,0:07:19.04,Default,,0000,0000,0000,,can actually move on and fix some of\Nthese problems,
Dialogue: 0,0:07:19.04,0:07:20.92,Default,,0000,0000,0000,,and I have a lot of hope about that.
Dialogue: 0,0:07:21.01,0:07:24.04,Default,,0000,0000,0000,,And I see a lot of change, that's the\Nreally big part.
Dialogue: 0,0:07:24.13,0:07:29.80,Default,,0000,0000,0000,,Like I see the reproducible build stuff\Nthat Holger and Lunar are working on.
Dialogue: 0,0:07:29.97,0:07:32.87,Default,,0000,0000,0000,,People really understand the root reason\Nfor needing to do that
Dialogue: 0,0:07:32.96,0:07:34.79,Default,,0000,0000,0000,,and actually seems quite reasonable\Nto people
Dialogue: 0,0:07:34.92,0:07:37.52,Default,,0000,0000,0000,,who would previously have expended energy\Nagainst it,
Dialogue: 0,0:07:37.61,0:07:40.72,Default,,0000,0000,0000,,in support of it, so I think that's\Nreally good.
Dialogue: 0,0:07:40.72,0:07:43.03,Default,,0000,0000,0000,,And there's a lot of other hopeful things.
Dialogue: 0,0:07:43.11,0:07:45.46,Default,,0000,0000,0000,,So I would try and be as uplifting\Nas possible.
Dialogue: 0,0:07:45.58,0:07:47.59,Default,,0000,0000,0000,,It's not just the rum!
Dialogue: 0,0:07:50.28,0:07:53.65,Default,,0000,0000,0000,,[question]: Near the end of the film\Nwe saw something about another source.
Dialogue: 0,0:07:53.74,0:07:57.15,Default,,0000,0000,0000,,I may have been missing some news\Nor something
Dialogue: 0,0:07:57.31,0:08:01.21,Default,,0000,0000,0000,,but I don't remember anything about that\Nbeing public.
Dialogue: 0,0:08:01.30,0:08:02.94,Default,,0000,0000,0000,,Do you know what happened to them?
Dialogue: 0,0:08:03.03,0:08:05.63,Default,,0000,0000,0000,,[Jacob]: As far as I know any other\Nsource that was mentioned in the film
Dialogue: 0,0:08:05.72,0:08:08.36,Default,,0000,0000,0000,,is still anonymous, and they're still free.
Dialogue: 0,0:08:08.49,0:08:11.22,Default,,0000,0000,0000,,I'm not exactly sure because I was not\Ninvolved in that part
Dialogue: 0,0:08:11.39,0:08:13.19,Default,,0000,0000,0000,,but I also saw the end of the film
Dialogue: 0,0:08:13.31,0:08:16.42,Default,,0000,0000,0000,,and I've seen a bunch of other reporting\Nwhich wasn't attributed to anyone in particular
Dialogue: 0,0:08:16.55,0:08:21.38,Default,,0000,0000,0000,,So the good news... there's an old slogan\Nfrom the Dutch hacker community, right?
Dialogue: 0,0:08:21.55,0:08:22.96,Default,,0000,0000,0000,,"Someone you trust is one of us,
Dialogue: 0,0:08:23.04,0:08:25.98,Default,,0000,0000,0000,,and the leak is higher up in the chain of\Ncommand than you"
Dialogue: 0,0:08:26.07,0:08:30.72,Default,,0000,0000,0000,,And I feel like that might be true again,\Nhopefully.
Dialogue: 0,0:08:32.76,0:08:34.86,Default,,0000,0000,0000,,I think that guy has a question as well.
Dialogue: 0,0:08:34.94,0:08:39.30,Default,,0000,0000,0000,,[question]: Part of the problem initially\Nwas that encryption software
Dialogue: 0,0:08:39.43,0:08:42.28,Default,,0000,0000,0000,,was not so easy to use, right?
Dialogue: 0,0:08:42.28,0:08:44.21,Default,,0000,0000,0000,,And I think part of the challenge\Nfor everyone
Dialogue: 0,0:08:44.21,0:08:47.74,Default,,0000,0000,0000,,was to improve on that situation\Nto make it better
Dialogue: 0,0:08:47.92,0:08:52.53,Default,,0000,0000,0000,,so I'm asking you if you've observed\Nany change and to the rest of the room
Dialogue: 0,0:08:52.65,0:08:56.15,Default,,0000,0000,0000,,have we done anything to improve on that?
Dialogue: 0,0:08:57.05,0:09:00.71,Default,,0000,0000,0000,,[Jacob]: I definitely think that there is\Na lot of free software
Dialogue: 0,0:09:00.84,0:09:02.72,Default,,0000,0000,0000,,that makes encryption easier to use,
Dialogue: 0,0:09:02.89,0:09:05.62,Default,,0000,0000,0000,,though not always on free platforms,\Nwhich really is heart-breaking.
Dialogue: 0,0:09:05.71,0:09:09.08,Default,,0000,0000,0000,,For example Moxie Marlinspike has done\Na really good job
Dialogue: 0,0:09:09.16,0:09:10.91,Default,,0000,0000,0000,,with Signal, Textsecure and Redphone
Dialogue: 0,0:09:10.91,0:09:14.03,Default,,0000,0000,0000,,and making end-to-end, encrypted\Ncalling, texting, sexting,
Dialogue: 0,0:09:14.11,0:09:16.72,Default,,0000,0000,0000,,and whatever apps,
Dialogue: 0,0:09:17.18,0:09:20.04,Default,,0000,0000,0000,,sext-secure is what I think it's nicknamed
Dialogue: 0,0:09:20.13,0:09:22.43,Default,,0000,0000,0000,,and I'm very impressed by that,\Nand it works really well
Dialogue: 0,0:09:22.52,0:09:24.57,Default,,0000,0000,0000,,and it's something which, especially\Nin the last two years,
Dialogue: 0,0:09:24.66,0:09:27.52,Default,,0000,0000,0000,,if you have a cell-phone,\Nwhich I don't recommend
Dialogue: 0,0:09:27.56,0:09:31.10,Default,,0000,0000,0000,,but if you have a cell-phone,\Nand you put in everyone's phone number,
Dialogue: 0,0:09:31.23,0:09:34.52,Default,,0000,0000,0000,,a lot of people that I would classify as\Nnon-technical people,
Dialogue: 0,0:09:34.60,0:09:37.29,Default,,0000,0000,0000,,that don't care about Free software\Nas a hobby or as a passion
Dialogue: 0,0:09:37.42,0:09:39.21,Default,,0000,0000,0000,,or as a profession.
Dialogue: 0,0:09:39.21,0:09:40.45,Default,,0000,0000,0000,,You see their names in those systems
Dialogue: 0,0:09:40.53,0:09:42.54,Default,,0000,0000,0000,,often more than some of the\NFree software people,
Dialogue: 0,0:09:42.71,0:09:44.46,Default,,0000,0000,0000,,and that's really impressive to me,
Dialogue: 0,0:09:44.58,0:09:48.30,Default,,0000,0000,0000,,and I think there's been a huge shift\Njust generally about those sorts of things
Dialogue: 0,0:09:48.38,0:09:51.16,Default,,0000,0000,0000,,also about social responsibility,
Dialogue: 0,0:09:51.37,0:09:53.84,Default,,0000,0000,0000,,or people understand they have a\Nresponsibility to other people
Dialogue: 0,0:09:54.01,0:09:57.56,Default,,0000,0000,0000,,to encrypt communications,\Nand not to put people in harm's way
Dialogue: 0,0:09:57.68,0:10:01.44,Default,,0000,0000,0000,,by sending unsafe stuff over\Nunsafe communication lines.
Dialogue: 0,0:10:01.57,0:10:04.94,Default,,0000,0000,0000,,So I think in my personal view it's better.
Dialogue: 0,0:10:05.07,0:10:07.92,Default,,0000,0000,0000,,But the original problem wasn't actually\Nthat the encryption was hard to use.
Dialogue: 0,0:10:08.05,0:10:10.66,Default,,0000,0000,0000,,I think the main problem is people didn't\Nunderstand the reason
Dialogue: 0,0:10:10.78,0:10:12.57,Default,,0000,0000,0000,,that it needed to be done
Dialogue: 0,0:10:12.70,0:10:16.73,Default,,0000,0000,0000,,and they believed the lie that is\Ntargetted versus mass surveillance.
Dialogue: 0,0:10:16.86,0:10:20.10,Default,,0000,0000,0000,,And there's a big lie, and the lie is\Nthat there is such a thing
Dialogue: 0,0:10:20.19,0:10:22.24,Default,,0000,0000,0000,,as targeted surveillance.
Dialogue: 0,0:10:22.36,0:10:24.92,Default,,0000,0000,0000,,In the modern era, most so-called\Ntargetted surveillance actually happens
Dialogue: 0,0:10:24.92,0:10:26.46,Default,,0000,0000,0000,,through mass surveillance.
Dialogue: 0,0:10:26.46,0:10:28.42,Default,,0000,0000,0000,,They gather everything up, and then they\Nlook through the thing
Dialogue: 0,0:10:28.55,0:10:30.21,Default,,0000,0000,0000,,they've already seized.
Dialogue: 0,0:10:30.21,0:10:32.94,Default,,0000,0000,0000,,And of course there are targetted,\Nfocussed attacks.
Dialogue: 0,0:10:33.07,0:10:36.36,Default,,0000,0000,0000,,But the main thing is that the abuse of\Nsurveillance often happens
Dialogue: 0,0:10:36.44,0:10:37.80,Default,,0000,0000,0000,,on an individual basis.
Dialogue: 0,0:10:37.89,0:10:39.68,Default,,0000,0000,0000,,It also has a societal cost.
Dialogue: 0,0:10:39.68,0:10:41.82,Default,,0000,0000,0000,,I think a lot of people really\Nunderstand that.
Dialogue: 0,0:10:41.90,0:10:45.96,Default,,0000,0000,0000,,It's probably because I also live in\NGermany now for the last two years
Dialogue: 0,0:10:46.04,0:10:49.58,Default,,0000,0000,0000,,but I feel that German society in\Nparticular is extremely aware
Dialogue: 0,0:10:49.75,0:10:52.01,Default,,0000,0000,0000,,of these abuses in the modern world
Dialogue: 0,0:10:52.10,0:10:55.30,Default,,0000,0000,0000,,and they have a historical context\Nthat allows them to talk about it
Dialogue: 0,0:10:55.39,0:10:58.29,Default,,0000,0000,0000,,with the rest of the world, where the\Nworld doesn't downplay it.
Dialogue: 0,0:10:58.37,0:10:59.95,Default,,0000,0000,0000,,So this is how other people relate to\NGermany
Dialogue: 0,0:11:00.08,0:11:02.68,Default,,0000,0000,0000,,not just about Germans relate to\Neach other.
Dialogue: 0,0:11:02.85,0:11:06.39,Default,,0000,0000,0000,,And that has also been really good\Nfor just meeting regular people
Dialogue: 0,0:11:06.52,0:11:07.88,Default,,0000,0000,0000,,who really care about it,
Dialogue: 0,0:11:08.06,0:11:09.12,Default,,0000,0000,0000,,and who really want to do things.
Dialogue: 0,0:11:09.25,0:11:10.88,Default,,0000,0000,0000,,So people's parents email me,\Nand are like
Dialogue: 0,0:11:10.96,0:11:12.20,Default,,0000,0000,0000,,"I want to protect my children,
Dialogue: 0,0:11:12.32,0:11:14.97,Default,,0000,0000,0000,,what's the best way to use crypto\Nwith them?"
Dialogue: 0,0:11:15.10,0:11:16.51,Default,,0000,0000,0000,,You know, things like that.
Dialogue: 0,0:11:16.64,0:11:19.45,Default,,0000,0000,0000,,And I didn't every receive emails like\Nthat in the past
Dialogue: 0,0:11:19.62,0:11:23.50,Default,,0000,0000,0000,,and that's to me is uplifting\Nand very positive.
Dialogue: 0,0:11:25.04,0:11:27.75,Default,,0000,0000,0000,,[question]: A quick organisational question.
Dialogue: 0,0:11:27.88,0:11:30.50,Default,,0000,0000,0000,,Right now we're live-streaming the Q&A.\NAre you comfortable with that?
Dialogue: 0,0:11:30.67,0:11:31.63,Default,,0000,0000,0000,,[Jacob]: I don't think in the last three\Nyears I've ever had a moment
Dialogue: 0,0:11:31.94,0:11:35.00,Default,,0000,0000,0000,,that wasn't being recorded.
Dialogue: 0,0:11:36.54,0:11:39.32,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:11:41.10,0:11:43.06,Default,,0000,0000,0000,,[question]: If you're fine with it, moving on...
Dialogue: 0,0:11:43.73,0:11:47.51,Default,,0000,0000,0000,,[Jacob]: That's fine, just don't do it\Nwhen I'm trying to sleep.
Dialogue: 0,0:11:48.15,0:11:51.48,Default,,0000,0000,0000,,[question]: I was wondering why Laura\Nand you ended up in Germany
Dialogue: 0,0:11:51.61,0:11:54.89,Default,,0000,0000,0000,,because what you said about people in\NGermany might be true
Dialogue: 0,0:11:54.98,0:12:00.61,Default,,0000,0000,0000,,but I'm really ashamed about my Government\Nand how they dealt with ????
Dialogue: 0,0:12:00.61,0:12:04.15,Default,,0000,0000,0000,,and they are doing nothing for this.
Dialogue: 0,0:12:04.45,0:12:07.69,Default,,0000,0000,0000,,[Jacob]: The reason that we ended up in\NGermany
Dialogue: 0,0:12:07.78,0:12:10.85,Default,,0000,0000,0000,,is that I'd been attending\NChaos Computer Club events
Dialogue: 0,0:12:11.02,0:12:12.73,Default,,0000,0000,0000,,for many years
Dialogue: 0,0:12:12.81,0:12:15.24,Default,,0000,0000,0000,,and there are bunch of people that are\Npart of the Chaos Computer Club
Dialogue: 0,0:12:15.37,0:12:17.12,Default,,0000,0000,0000,,who are really supportive,\Nand good people,
Dialogue: 0,0:12:17.21,0:12:19.30,Default,,0000,0000,0000,,who have a stable base,\Nand an infrastructure.
Dialogue: 0,0:12:19.43,0:12:24.64,Default,,0000,0000,0000,,The German hacker scene has this\Nphenomenon which is that
Dialogue: 0,0:12:24.81,0:12:27.07,Default,,0000,0000,0000,,it's a part of society.
Dialogue: 0,0:12:27.29,0:12:30.49,Default,,0000,0000,0000,,So there are people in the CCC who will\Ntalk with the constitutional court
Dialogue: 0,0:12:30.57,0:12:31.89,Default,,0000,0000,0000,,for example,
Dialogue: 0,0:12:31.98,0:12:34.49,Default,,0000,0000,0000,,and that creates a much more stable\Ncivil society
Dialogue: 0,0:12:34.58,0:12:36.20,Default,,0000,0000,0000,,and those people were willing to help us.
Dialogue: 0,0:12:36.28,0:12:38.63,Default,,0000,0000,0000,,They were willing to hold footage,\Nto hold encrypted data.
Dialogue: 0,0:12:38.72,0:12:41.62,Default,,0000,0000,0000,,They were willing to help modify hardware.
Dialogue: 0,0:12:41.70,0:12:44.86,Default,,0000,0000,0000,,There was a huge base of support where\Npeople, even if they had fear,
Dialogue: 0,0:12:44.98,0:12:47.07,Default,,0000,0000,0000,,they did stuff anyway.
Dialogue: 0,0:12:47.12,0:12:49.89,Default,,0000,0000,0000,,And that support went back a long time.
Dialogue: 0,0:12:49.98,0:12:52.96,Default,,0000,0000,0000,,And so we knew that it would be safe\Nto store footage for the film here.
Dialogue: 0,0:12:53.05,0:12:56.29,Default,,0000,0000,0000,,In Berlin, not in Heidelberg, but here\Nin Germany.
Dialogue: 0,0:12:56.46,0:13:00.52,Default,,0000,0000,0000,,And we knew that, of course,\Nthere were people that would be helpful.
Dialogue: 0,0:13:00.60,0:13:03.33,Default,,0000,0000,0000,,In the US there's a much bigger culture\Nof fear.
Dialogue: 0,0:13:03.42,0:13:06.03,Default,,0000,0000,0000,,People are afraid of having their houses\Nraided by the police,
Dialogue: 0,0:13:06.20,0:13:08.12,Default,,0000,0000,0000,,where there's lots of detainments at the\Nborders,
Dialogue: 0,0:13:08.25,0:13:10.08,Default,,0000,0000,0000,,where there's lots of speculative arrests,
Dialogue: 0,0:13:10.25,0:13:11.87,Default,,0000,0000,0000,,journalists that are jailed,
Dialogue: 0,0:13:11.91,0:13:15.20,Default,,0000,0000,0000,,so the situation was not to say that\NGermany was perfect.
Dialogue: 0,0:13:15.33,0:13:18.99,Default,,0000,0000,0000,,I revealed in Der Speigel with three other\Njournalists that Merkel was spied on
Dialogue: 0,0:13:19.13,0:13:20.36,Default,,0000,0000,0000,,by the NSA.
Dialogue: 0,0:13:20.49,0:13:22.19,Default,,0000,0000,0000,,And it's clear that the Germany government\Nwas complicit
Dialogue: 0,0:13:22.28,0:13:23.86,Default,,0000,0000,0000,,with some of this surveillance.
Dialogue: 0,0:13:23.95,0:13:27.01,Default,,0000,0000,0000,,But in a sort of pyramid of surveillance\Nthere's a sort of colonialism
Dialogue: 0,0:13:27.06,0:13:28.30,Default,,0000,0000,0000,,that takes place.
Dialogue: 0,0:13:28.43,0:13:30.94,Default,,0000,0000,0000,,And that the NSA and GCHQ are at the top.
Dialogue: 0,0:13:31.03,0:13:33.37,Default,,0000,0000,0000,,And the Germans are little bit below that.
Dialogue: 0,0:13:33.46,0:13:37.22,Default,,0000,0000,0000,,The thing is that there's not a lot you\Ncan do about that.
Dialogue: 0,0:13:37.35,0:13:38.85,Default,,0000,0000,0000,,And so even though we revealed this\Nabout Merkel,
Dialogue: 0,0:13:38.97,0:13:40.68,Default,,0000,0000,0000,,it's not clear what she should do.
Dialogue: 0,0:13:40.85,0:13:42.26,Default,,0000,0000,0000,,It's not clear what anyone should do.
Dialogue: 0,0:13:42.39,0:13:45.42,Default,,0000,0000,0000,,But one thing that was clear was that\Nif they wanted to break into our houses
Dialogue: 0,0:13:45.55,0:13:49.51,Default,,0000,0000,0000,,they would do it in a way that would\Ncost them a lot politically.
Dialogue: 0,0:13:49.59,0:13:50.92,Default,,0000,0000,0000,,It would be very public.
Dialogue: 0,0:13:51.05,0:13:53.14,Default,,0000,0000,0000,,The last time someone raided someone\Nworking with Der Speigel
Dialogue: 0,0:13:53.26,0:13:55.78,Default,,0000,0000,0000,,was in 1962 during the Speigel affair,
Dialogue: 0,0:13:55.87,0:13:57.79,Default,,0000,0000,0000,,and some ministers were kicked out.
Dialogue: 0,0:13:57.88,0:14:00.35,Default,,0000,0000,0000,,You may have seen recently the\NLandersverrat thing
Dialogue: 0,0:14:00.35,0:14:01.72,Default,,0000,0000,0000,,with Netzpolitik.
Dialogue: 0,0:14:01.72,0:14:04.32,Default,,0000,0000,0000,,The charges against them now\Nhave been dropped.
Dialogue: 0,0:14:04.44,0:14:06.54,Default,,0000,0000,0000,,That would never happen in the\NUnited States.
Dialogue: 0,0:14:06.62,0:14:07.94,Default,,0000,0000,0000,,We would not be safe.
Dialogue: 0,0:14:08.02,0:14:09.82,Default,,0000,0000,0000,,And I still, for my investigative\Njournalism,
Dialogue: 0,0:14:09.86,0:14:11.44,Default,,0000,0000,0000,,and my work with Wikileaks,
Dialogue: 0,0:14:11.49,0:14:12.72,Default,,0000,0000,0000,,and my work with the Tor project,
Dialogue: 0,0:14:12.85,0:14:14.51,Default,,0000,0000,0000,,I wouldn't even go back to the US,
Dialogue: 0,0:14:14.60,0:14:16.69,Default,,0000,0000,0000,,because there's no chance that if they\Nwanted to do something to me
Dialogue: 0,0:14:16.82,0:14:20.83,Default,,0000,0000,0000,,that I would have any constitutional\Nliberties, I think,
Dialogue: 0,0:14:20.96,0:14:22.62,Default,,0000,0000,0000,,and the same is true of Snowden.
Dialogue: 0,0:14:22.70,0:14:24.46,Default,,0000,0000,0000,,You just won't get that fair trial.
Dialogue: 0,0:14:24.54,0:14:27.100,Default,,0000,0000,0000,,And we thought at least here we would\Nhave ground to stand and fight on.
Dialogue: 0,0:14:28.13,0:14:30.43,Default,,0000,0000,0000,,And it's exactly what happened,\Nand we won.
Dialogue: 0,0:14:33.80,0:14:35.89,Default,,0000,0000,0000,,[question]: This is also about the fear\Nstuff that you talk about
Dialogue: 0,0:14:35.98,0:14:41.95,Default,,0000,0000,0000,,which is in the very old days we used to\Nput red words in the end of every message
Dialogue: 0,0:14:42.07,0:14:45.92,Default,,0000,0000,0000,,to make sure that it would be hard to find\Nthe actual subversive message
Dialogue: 0,0:14:46.00,0:14:47.91,Default,,0000,0000,0000,,among all the noise.
Dialogue: 0,0:14:47.96,0:14:49.54,Default,,0000,0000,0000,,And you can think about the same thing\Nhere.
Dialogue: 0,0:14:49.72,0:14:56.34,Default,,0000,0000,0000,,Should we build our systems so that\Neverything gets encrypted all the time?
Dialogue: 0,0:14:56.43,0:14:59.03,Default,,0000,0000,0000,,[Jacob]: So I have a lot of radical\Nsuggestions for what to do,
Dialogue: 0,0:14:59.12,0:15:01.16,Default,,0000,0000,0000,,but I'm going to talk about them tomorrow\Nin the keynote mostly.
Dialogue: 0,0:15:01.33,0:15:03.93,Default,,0000,0000,0000,,But to give you an example,\Nwhen you install Debian,
Dialogue: 0,0:15:04.01,0:15:06.32,Default,,0000,0000,0000,,you can give someone the ability to log\Ninto the machine
Dialogue: 0,0:15:06.49,0:15:07.90,Default,,0000,0000,0000,,over a Tor hidden service for free.
Dialogue: 0,0:15:08.03,0:15:12.25,Default,,0000,0000,0000,,You get a free .onion when you add two\Nlines to a Tor configuration file.
Dialogue: 0,0:15:12.33,0:15:15.54,Default,,0000,0000,0000,,We should make encryption not only easy\Nto use but out of the box
Dialogue: 0,0:15:15.62,0:15:19.50,Default,,0000,0000,0000,,we should have it possible to have\Nend-to-end reachability and connectivity,
Dialogue: 0,0:15:19.68,0:15:23.90,Default,,0000,0000,0000,,and we should reduce the total amount\Nof metadata, to make it harder for people
Dialogue: 0,0:15:24.03,0:15:26.37,Default,,0000,0000,0000,,who want to break the law, that want to\Nbreak into computers.
Dialogue: 0,0:15:26.46,0:15:30.72,Default,,0000,0000,0000,,We should solve the problem of adversarial\Nversus non-adversarial forensics
Dialogue: 0,0:15:30.85,0:15:36.32,Default,,0000,0000,0000,,so we can verify our systems with open\Nhardware and Free software together.
Dialogue: 0,0:15:36.40,0:15:39.30,Default,,0000,0000,0000,,And there's a lot to be done,\Nbut the main thing to do is to recognise
Dialogue: 0,0:15:39.39,0:15:43.27,Default,,0000,0000,0000,,that if you have the ability to upload\Nto Debian,
Dialogue: 0,0:15:43.39,0:15:46.17,Default,,0000,0000,0000,,there are literally intelligence agencies\Nthat would like those keys.
Dialogue: 0,0:15:46.30,0:15:49.37,Default,,0000,0000,0000,,And we have a great responsiblity to\Nhumanity as Debian developers
Dialogue: 0,0:15:49.54,0:15:51.58,Default,,0000,0000,0000,,to do the right thing: to build open\Nsystems,
Dialogue: 0,0:15:51.67,0:15:55.26,Default,,0000,0000,0000,,to build them in a way where users don't\Nneed to understand this stuff.
Dialogue: 0,0:15:55.43,0:15:58.07,Default,,0000,0000,0000,,There are a lot of people in the world\Nthat will never see this film.
Dialogue: 0,0:15:58.20,0:16:02.98,Default,,0000,0000,0000,,And we can solve the problems that this\Nfilm describes largely with Free software.
Dialogue: 0,0:16:03.16,0:16:04.73,Default,,0000,0000,0000,,And we can do that without them knowing,
Dialogue: 0,0:16:04.86,0:16:06.78,Default,,0000,0000,0000,,and they will be safe for us having\Ndone that.
Dialogue: 0,0:16:06.95,0:16:10.02,Default,,0000,0000,0000,,And if we can do that, the world will be\Na better place, I think.
Dialogue: 0,0:16:10.02,0:16:12.37,Default,,0000,0000,0000,,And I think the world is a better place\Nbecause of the efforts that were
Dialogue: 0,0:16:12.45,0:16:15.48,Default,,0000,0000,0000,,already done in that area, that made this\Npossible.
Dialogue: 0,0:16:15.48,0:16:17.66,Default,,0000,0000,0000,,The Tails project made it so that a bunch\Nof people
Dialogue: 0,0:16:17.87,0:16:19.57,Default,,0000,0000,0000,,who were good at investigative journalism,
Dialogue: 0,0:16:19.67,0:16:23.76,Default,,0000,0000,0000,,but absolutely terrible with computers,\Nwere able to pull this off.
Dialogue: 0,0:16:23.93,0:16:27.26,Default,,0000,0000,0000,,And that is entirely the product, in my\Nopinion, of Free software.
Dialogue: 0,0:16:27.34,0:16:32.68,Default,,0000,0000,0000,,And a little bit of Laura and Glen, but\NI'd say a lot of Free software.
Dialogue: 0,0:16:34.30,0:16:36.22,Default,,0000,0000,0000,,[question]: How many people do you think\NNSA has
Dialogue: 0,0:16:36.36,0:16:38.100,Default,,0000,0000,0000,,working within the Debian community?
Dialogue: 0,0:16:39.89,0:16:43.60,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:16:45.31,0:16:49.30,Default,,0000,0000,0000,,[Jacob]: Well, I looked in the Snowden\Narchive about that actually.
Dialogue: 0,0:16:50.26,0:16:55.53,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:16:56.64,0:17:03.34,Default,,0000,0000,0000,,Yeah. And as far as I can tell Debian is\Nnot a high priority target for them.
Dialogue: 0,0:17:03.68,0:17:05.95,Default,,0000,0000,0000,,I mean they write exploits for all sort\Nof stuff
Dialogue: 0,0:17:06.08,0:17:10.68,Default,,0000,0000,0000,,but I never found any systematic attempt\Nto compromise or harm the Debian project.
Dialogue: 0,0:17:10.81,0:17:14.56,Default,,0000,0000,0000,,But obviously there are people who are\Npaid by the NSA to infiltrate communities,
Dialogue: 0,0:17:14.56,0:17:16.99,Default,,0000,0000,0000,,and that's why we have to open transparent\Nprocesses
Dialogue: 0,0:17:16.99,0:17:21.04,Default,,0000,0000,0000,,so that if those people behave badly,\Nwe have an audit trail.
Dialogue: 0,0:17:21.04,0:17:23.21,Default,,0000,0000,0000,,We won't ever stop that kind of stuff,
Dialogue: 0,0:17:23.21,0:17:25.18,Default,,0000,0000,0000,,but what matters\Nis that people do good things.
Dialogue: 0,0:17:25.18,0:17:28.59,Default,,0000,0000,0000,,It doesn't matter who they do bad things\Nfor as long as we can correct those things
Dialogue: 0,0:17:28.59,0:17:31.02,Default,,0000,0000,0000,,and/or catch them and stop them before\Nit happens.
Dialogue: 0,0:17:31.02,0:17:33.11,Default,,0000,0000,0000,,But as far as I know there are only a\Ncouple of people that have ever
Dialogue: 0,0:17:33.11,0:17:36.18,Default,,0000,0000,0000,,been associated with the NSA in the\NDebian community.
Dialogue: 0,0:17:36.18,0:17:39.93,Default,,0000,0000,0000,,But I think we shouldn't get paranoid\Nabout it,
Dialogue: 0,0:17:39.93,0:17:41.60,Default,,0000,0000,0000,,but we should just be prudent about our\Nprocesses,
Dialogue: 0,0:17:41.60,0:17:43.95,Default,,0000,0000,0000,,because there are lots of intelligence\Nservices around the world
Dialogue: 0,0:17:43.95,0:17:47.15,Default,,0000,0000,0000,,that do not like the values of a\Nuniversal operating system,
Dialogue: 0,0:17:47.15,0:17:50.90,Default,,0000,0000,0000,,so I don't think it's super-important to\Nlook, but I did actually look,
Dialogue: 0,0:17:50.90,0:17:54.70,Default,,0000,0000,0000,,very specifically for a whole bunch of\Npeople in the Debian community
Dialogue: 0,0:17:54.70,0:17:58.03,Default,,0000,0000,0000,,to see if any of them also were being\Npaid by the NSA
Dialogue: 0,0:17:58.03,0:18:01.61,Default,,0000,0000,0000,,and I didn't find any serious thing that\Nraised concern,
Dialogue: 0,0:18:01.61,0:18:03.78,Default,,0000,0000,0000,,and if I did, I would have...
Dialogue: 0,0:18:03.78,0:18:07.54,Default,,0000,0000,0000,,I mean, there were lots of things I found\Nin the archive that I immediately
Dialogue: 0,0:18:07.54,0:18:09.33,Default,,0000,0000,0000,,notified security teams about.
Dialogue: 0,0:18:09.33,0:18:14.11,Default,,0000,0000,0000,,Where I worked along with many other\Npeople to actually fix those things.
Dialogue: 0,0:18:14.11,0:18:18.55,Default,,0000,0000,0000,,And one of those things, if we had found\Nthem, like infiltrators in Debian,
Dialogue: 0,0:18:18.55,0:18:20.77,Default,,0000,0000,0000,,I absolutely would have just told people\Nabout.
Dialogue: 0,0:18:20.77,0:18:23.41,Default,,0000,0000,0000,,The problem is that a lot of the\Njournalists don't want to do that
Dialogue: 0,0:18:23.41,0:18:26.26,Default,,0000,0000,0000,,because there's a ten year felony\Nwhere you go to prison -
Dialogue: 0,0:18:26.26,0:18:28.18,Default,,0000,0000,0000,,a federal American prison, for\Nten years -
Dialogue: 0,0:18:28.32,0:18:30.20,Default,,0000,0000,0000,,if you reveal the name of an agent.
Dialogue: 0,0:18:30.60,0:18:31.92,Default,,0000,0000,0000,,So there's a tension there,
Dialogue: 0,0:18:31.92,0:18:34.44,Default,,0000,0000,0000,,but I think that there's something\Nto be said,
Dialogue: 0,0:18:34.65,0:18:36.66,Default,,0000,0000,0000,,if they're actually actively harming the\Ncommunity
Dialogue: 0,0:18:36.66,0:18:37.85,Default,,0000,0000,0000,,and they're committing a crime,
Dialogue: 0,0:18:37.85,0:18:39.47,Default,,0000,0000,0000,,I think there's something to be said\Nabout that.
Dialogue: 0,0:18:39.47,0:18:40.92,Default,,0000,0000,0000,,So if I found that I think it would be\Nworthwhile,
Dialogue: 0,0:18:40.92,0:18:43.14,Default,,0000,0000,0000,,but just so you know, there's this\Nhigh cost.
Dialogue: 0,0:18:43.14,0:18:45.36,Default,,0000,0000,0000,,So if there were people in the agency\Nnow,
Dialogue: 0,0:18:45.36,0:18:48.65,Default,,0000,0000,0000,,because they say that we used Tails, and\NDebian, and they wanted to subvert it,
Dialogue: 0,0:18:48.65,0:18:52.02,Default,,0000,0000,0000,,there's a really really high bar for\Npunishment.
Dialogue: 0,0:18:52.02,0:18:55.13,Default,,0000,0000,0000,,Which suggests that maybe people\Nwon't tell you.
Dialogue: 0,0:18:55.13,0:18:59.06,Default,,0000,0000,0000,,So we need to sort of bank on the fact\Nthat we'll never know,
Dialogue: 0,0:18:59.06,0:19:02.77,Default,,0000,0000,0000,,but we don't need to know, as long as we\Nhave good processes
Dialogue: 0,0:19:02.77,0:19:04.39,Default,,0000,0000,0000,,that would catch bad behaviour.
Dialogue: 0,0:19:04.39,0:19:06.18,Default,,0000,0000,0000,,And that's one of the strengths of Debian.
Dialogue: 0,0:19:06.18,0:19:08.74,Default,,0000,0000,0000,,There are very few operating systems,\NI think,
Dialogue: 0,0:19:08.74,0:19:10.83,Default,,0000,0000,0000,,and just in general Free software\Ncommunities,
Dialogue: 0,0:19:10.83,0:19:14.76,Default,,0000,0000,0000,,that are as diverse, and committed to the\Nopenness and the Free software nature
Dialogue: 0,0:19:14.76,0:19:17.74,Default,,0000,0000,0000,,of this kind of a project,
Dialogue: 0,0:19:17.74,0:19:20.98,Default,,0000,0000,0000,,and so it's very important to state that.
Dialogue: 0,0:19:21.92,0:19:24.82,Default,,0000,0000,0000,,But I do think one of the things that will\Nhappen in the future at some point
Dialogue: 0,0:19:24.82,0:19:28.07,Default,,0000,0000,0000,,is that you'll start to find people in the\NDebian community that are pressured
Dialogue: 0,0:19:28.07,0:19:29.64,Default,,0000,0000,0000,,by other people to do bad things
Dialogue: 0,0:19:29.64,0:19:31.87,Default,,0000,0000,0000,,so we need to set up processes that will\Nstop that,
Dialogue: 0,0:19:31.87,0:19:34.30,Default,,0000,0000,0000,,to create an incentive for that\Nnot happening.
Dialogue: 0,0:19:35.02,0:19:37.24,Default,,0000,0000,0000,,But it's really tough,
Dialogue: 0,0:19:37.93,0:19:40.27,Default,,0000,0000,0000,,so I think that openness, transparency\Nand accountability are the ways that
Dialogue: 0,0:19:40.27,0:19:43.77,Default,,0000,0000,0000,,we can combat that, because otherwise\Nwe won't really be able to solve it.
Dialogue: 0,0:19:44.88,0:19:47.18,Default,,0000,0000,0000,,But don't be paranoid, is the other thing.
Dialogue: 0,0:19:47.31,0:19:49.70,Default,,0000,0000,0000,,They really are out to get you,\Nso be prepared.
Dialogue: 0,0:19:50.43,0:19:56.49,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:20:00.80,0:20:05.100,Default,,0000,0000,0000,,[question]: I'm just wondering how trust\Nwas established
Dialogue: 0,0:20:05.100,0:20:09.63,Default,,0000,0000,0000,,because I'm just realizing that\Nthis community,
Dialogue: 0,0:20:09.63,0:20:14.53,Default,,0000,0000,0000,,for you to verify your public key and even\Nfingerprint is like,
Dialogue: 0,0:20:14.53,0:20:16.11,Default,,0000,0000,0000,,you have you produce your passport,
Dialogue: 0,0:20:16.11,0:20:19.61,Default,,0000,0000,0000,,so I'm wondering how Laura managed to\Nexchange her keys with Snowden
Dialogue: 0,0:20:19.61,0:20:23.07,Default,,0000,0000,0000,,and make sure that they were really\Ntalking to the right person.
Dialogue: 0,0:20:23.84,0:20:28.02,Default,,0000,0000,0000,,[Julian]: Well, they had a whole sort of\Ndance for doing key exchange.
Dialogue: 0,0:20:28.02,0:20:32.75,Default,,0000,0000,0000,,I think it was a little bit luck, and a\Nlittle bit transitive trust,
Dialogue: 0,0:20:32.75,0:20:35.10,Default,,0000,0000,0000,,there's a little bit of the web of trust,
Dialogue: 0,0:20:35.10,0:20:36.46,Default,,0000,0000,0000,,and it worked pretty well.
Dialogue: 0,0:20:36.72,0:20:41.33,Default,,0000,0000,0000,,I mean, I don't think that the key-signing\Nstuff that Debian does is anything close
Dialogue: 0,0:20:41.33,0:20:42.91,Default,,0000,0000,0000,,to what they were doing.
Dialogue: 0,0:20:42.91,0:20:45.94,Default,,0000,0000,0000,,They just wanted to make sure that the\Nkeys they had were the right keys,
Dialogue: 0,0:20:45.94,0:20:47.69,Default,,0000,0000,0000,,and that they weren't compromised,
Dialogue: 0,0:20:47.69,0:20:50.08,Default,,0000,0000,0000,,and that then they would change things.
Dialogue: 0,0:20:50.08,0:20:51.36,Default,,0000,0000,0000,,There was a point in the movie where they\Nsaid:
Dialogue: 0,0:20:51.36,0:20:55.88,Default,,0000,0000,0000,,"let's disassociate our meta-data\None more time"
Dialogue: 0,0:20:55.88,0:20:58.95,Default,,0000,0000,0000,,And what that means is they changed all\Nof the identifiers that are visible
Dialogue: 0,0:20:58.95,0:21:04.16,Default,,0000,0000,0000,,to the network, new keys, new email\Naddresses, new Tor circuit, etc
Dialogue: 0,0:21:04.16,0:21:07.61,Default,,0000,0000,0000,,and this is like a key consistency thing,
Dialogue: 0,0:21:07.61,0:21:11.36,Default,,0000,0000,0000,,where they had the right key to begin with\Nand the continued to rotate over new keys.
Dialogue: 0,0:21:11.36,0:21:13.41,Default,,0000,0000,0000,,This is also sometimes called TOFU.
Dialogue: 0,0:21:13.41,0:21:15.85,Default,,0000,0000,0000,,This is, I think, weaker than the\Nweb of trust,
Dialogue: 0,0:21:15.85,0:21:19.34,Default,,0000,0000,0000,,but a lot easier for people to do, and\Nvery easy to explain,
Dialogue: 0,0:21:19.34,0:21:20.84,Default,,0000,0000,0000,,and it worked out pretty well.
Dialogue: 0,0:21:20.84,0:21:25.19,Default,,0000,0000,0000,,It doesn't scale really well, but it has a\Nseparate good side
Dialogue: 0,0:21:25.19,0:21:28.98,Default,,0000,0000,0000,,which is the web of trust explicitly names\Na web of co-conspirators.
Dialogue: 0,0:21:28.98,0:21:31.38,Default,,0000,0000,0000,,And so you don't want that feature.
Dialogue: 0,0:21:31.38,0:21:33.39,Default,,0000,0000,0000,,It's useful for something like Debian;
Dialogue: 0,0:21:33.39,0:21:36.07,Default,,0000,0000,0000,,it's not useful for clandestine\Nconspiracies to commit
Dialogue: 0,0:21:36.07,0:21:37.95,Default,,0000,0000,0000,,investigative journalism.
Dialogue: 0,0:21:37.95,0:21:39.100,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:21:41.75,0:21:44.14,Default,,0000,0000,0000,,Lots of questions, this is great.
Dialogue: 0,0:21:44.77,0:21:51.86,Default,,0000,0000,0000,,[question]: Somebody working on Tails told\Nme that the NSA has a file on every DD.
Dialogue: 0,0:21:52.32,0:21:54.25,Default,,0000,0000,0000,,Is that true, do you know?
Dialogue: 0,0:21:54.67,0:21:57.10,Default,,0000,0000,0000,,[Julian]: Okay, so when you balance your\Ncheck-book,
Dialogue: 0,0:21:57.10,0:21:58.94,Default,,0000,0000,0000,,just to answer your question in a really\Nstrange way,
Dialogue: 0,0:21:58.94,0:22:00.94,Default,,0000,0000,0000,,when you balance your check-book,\Nor you balance your bank account,
Dialogue: 0,0:22:00.94,0:22:03.63,Default,,0000,0000,0000,,and you think this is how much my rent is,\Nthis is how much food is,
Dialogue: 0,0:22:03.63,0:22:06.40,Default,,0000,0000,0000,,this is how much I have to spend on some\Nnew hardware,
Dialogue: 0,0:22:06.40,0:22:09.69,Default,,0000,0000,0000,,you think about money in an\Nindividual way.
Dialogue: 0,0:22:10.50,0:22:13.19,Default,,0000,0000,0000,,But if you think about is as a state, the\Nway a state thinks about money.
Dialogue: 0,0:22:13.19,0:22:16.30,Default,,0000,0000,0000,,They don't balance budgets the same\Nway that you do.
Dialogue: 0,0:22:16.30,0:22:18.22,Default,,0000,0000,0000,,They think about long-term investments\Nvery differently.
Dialogue: 0,0:22:18.22,0:22:19.76,Default,,0000,0000,0000,,They have other people's money.
Dialogue: 0,0:22:19.76,0:22:21.72,Default,,0000,0000,0000,,It's a whole different way of managing it.
Dialogue: 0,0:22:21.72,0:22:27.29,Default,,0000,0000,0000,,And the NSA is not the Stasi. So it's not\Nthat you have to worry about
Dialogue: 0,0:22:27.42,0:22:29.78,Default,,0000,0000,0000,,them having a file on you, or every Debian\Ndeveloper,
Dialogue: 0,0:22:30.20,0:22:32.63,Default,,0000,0000,0000,,but rather there exist some laws in the\NUnited States that say
Dialogue: 0,0:22:32.63,0:22:35.78,Default,,0000,0000,0000,,for cyber-security purposes, you don't\Nhave constitutional rights
Dialogue: 0,0:22:35.78,0:22:37.71,Default,,0000,0000,0000,,and based on your accent, you weren't\Nan American anyway,
Dialogue: 0,0:22:37.71,0:22:39.75,Default,,0000,0000,0000,,and you aren't in America,
Dialogue: 0,0:22:39.75,0:22:41.97,Default,,0000,0000,0000,,so you don't have any rights at all,\Nanyway, according to them.
Dialogue: 0,0:22:41.97,0:22:44.19,Default,,0000,0000,0000,,They're just allowed to do whatever they\Nwant to you,
Dialogue: 0,0:22:44.19,0:22:46.28,Default,,0000,0000,0000,,up to and including murdering you, with\Nthe CIA.
Dialogue: 0,0:22:46.28,0:22:49.18,Default,,0000,0000,0000,,That's what they do with drones; that was\Nat the very end of the movie.
Dialogue: 0,0:22:49.74,0:22:52.16,Default,,0000,0000,0000,,So it's not that they have a file on you.
Dialogue: 0,0:22:52.34,0:22:56.18,Default,,0000,0000,0000,,It's that they have giant databases full\Nof information on all of us,
Dialogue: 0,0:22:56.18,0:22:59.55,Default,,0000,0000,0000,,and then when they're interested in you,\Npull up all your data,
Dialogue: 0,0:22:59.55,0:23:01.30,Default,,0000,0000,0000,,and associative data,
Dialogue: 0,0:23:01.30,0:23:03.35,Default,,0000,0000,0000,,and then they use that, and sometimes\Nthey use it to target you,
Dialogue: 0,0:23:03.35,0:23:06.25,Default,,0000,0000,0000,,to break into your machines,\Nor to find people to exert pressure on,
Dialogue: 0,0:23:06.25,0:23:08.38,Default,,0000,0000,0000,,or to do psychological manipulation on.
Dialogue: 0,0:23:08.38,0:23:10.89,Default,,0000,0000,0000,,All that stuff, they do all of those\Nthings.
Dialogue: 0,0:23:10.89,0:23:12.77,Default,,0000,0000,0000,,And so it's not that they have one file\Non you.
Dialogue: 0,0:23:12.77,0:23:16.10,Default,,0000,0000,0000,,Though maybe, it depends, if you work on\Na critical package like the Linux kernel\N
Dialogue: 0,0:23:16.10,0:23:20.76,Default,,0000,0000,0000,,they might be more interested in you\Nthan if you work on something else.
Dialogue: 0,0:23:20.76,0:23:25.40,Default,,0000,0000,0000,,I don't want to denigrate anyone's work,\Nbut they have very specific focuses,
Dialogue: 0,0:23:25.40,0:23:29.06,Default,,0000,0000,0000,,and so they definitely are interested in\Nbeing able to compromise systems, right?
Dialogue: 0,0:23:29.92,0:23:36.32,Default,,0000,0000,0000,,And so you may also have file, but it's\Nreally the meta list that's the new way
Dialogue: 0,0:23:36.32,0:23:37.47,Default,,0000,0000,0000,,of thinking about it.
Dialogue: 0,0:23:37.47,0:23:40.76,Default,,0000,0000,0000,,And in some senses I think that's actually\Nscarier, because they just hoover up
Dialogue: 0,0:23:40.76,0:23:43.02,Default,,0000,0000,0000,,everything, all across the whole Internet,
Dialogue: 0,0:23:43.02,0:23:46.13,Default,,0000,0000,0000,,and things that are interesting, then\Nthey have them.
Dialogue: 0,0:23:46.13,0:23:49.20,Default,,0000,0000,0000,,And depending on what interesting\Nthings are there, they maybe
Dialogue: 0,0:23:49.20,0:23:51.50,Default,,0000,0000,0000,,put those in a database that lasts\Nfor ever,
Dialogue: 0,0:23:51.50,0:23:53.47,Default,,0000,0000,0000,,or maybe it's just around for 30 days,
Dialogue: 0,0:23:53.47,0:23:56.89,Default,,0000,0000,0000,,or maybe its full content for 9 days,\Nor something like that.
Dialogue: 0,0:23:57.61,0:23:59.83,Default,,0000,0000,0000,,And then of course if you are a person of\Ninterest
Dialogue: 0,0:23:59.83,0:24:02.69,Default,,0000,0000,0000,,they do do the same stuff that the Stasi\Ndoes,
Dialogue: 0,0:24:02.69,0:24:06.01,Default,,0000,0000,0000,,they do that Zersetzung stuff, if you're\Nfamiliar with this German term,
Dialogue: 0,0:24:06.01,0:24:11.05,Default,,0000,0000,0000,,disintegration, they do that kind of\Nstuff, along with JTRIG, from GHCQ,
Dialogue: 0,0:24:11.05,0:24:16.04,Default,,0000,0000,0000,,so they harass people, blackmail them,\Ndo all sorts of really nasty stuff.
Dialogue: 0,0:24:16.51,0:24:20.00,Default,,0000,0000,0000,,And they do that also, so both of those\Nthings.
Dialogue: 0,0:24:20.65,0:24:23.21,Default,,0000,0000,0000,,So again, I don't think you should be\Nparanoid, you should encrypt your stuff,
Dialogue: 0,0:24:23.21,0:24:24.75,Default,,0000,0000,0000,,and help people do the same,
Dialogue: 0,0:24:24.75,0:24:28.97,Default,,0000,0000,0000,,and know that in a democratic society with\Na secret political police,
Dialogue: 0,0:24:28.97,0:24:31.95,Default,,0000,0000,0000,,the right place to be is in their\Ndatabase, right?
Dialogue: 0,0:24:31.95,0:24:34.04,Default,,0000,0000,0000,,You should be proud of being surveilled\Nby them,
Dialogue: 0,0:24:34.04,0:24:35.66,Default,,0000,0000,0000,,it means you're doing the right thing.
Dialogue: 0,0:24:36.65,0:24:41.73,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:24:43.17,0:24:44.88,Default,,0000,0000,0000,,Nonetheless, we should stop them.
Dialogue: 0,0:24:48.90,0:24:53.84,Default,,0000,0000,0000,,[question]: I'm curious about your views\Nabout Snowden actually coming out
Dialogue: 0,0:24:53.84,0:24:55.63,Default,,0000,0000,0000,,and saying he was the whistleblower,
Dialogue: 0,0:24:55.63,0:24:59.00,Default,,0000,0000,0000,,because I know, when he came out,\NI had some fierce discussion
Dialogue: 0,0:24:59.00,0:25:01.61,Default,,0000,0000,0000,,with friends about it, so I wanted to know\Nwhat you thought about it.
Dialogue: 0,0:25:01.61,0:25:03.10,Default,,0000,0000,0000,,[Jacob]: What do you mean came out?
Dialogue: 0,0:25:03.10,0:25:06.52,Default,,0000,0000,0000,,[question]: He said I'm Edward Snowden,\NI'm the whistle-blower, here I am,
Dialogue: 0,0:25:06.52,0:25:10.14,Default,,0000,0000,0000,,instead of just being anonymous the\Nwhole way, just sending files to people.
Dialogue: 0,0:25:11.25,0:25:13.68,Default,,0000,0000,0000,,[Jacob]: Well, I think the main thing is\Nthat it's about control of
Dialogue: 0,0:25:13.68,0:25:15.43,Default,,0000,0000,0000,,your own narrative, right?
Dialogue: 0,0:25:15.43,0:25:19.65,Default,,0000,0000,0000,,I mean if we could have done everything\Nhere anonymous, and gotten away with it,
Dialogue: 0,0:25:19.65,0:25:20.98,Default,,0000,0000,0000,,would that have made the same impact
Dialogue: 0,0:25:20.98,0:25:24.95,Default,,0000,0000,0000,,in getting other people to come forward\Neven if they maintain their anonymity?
Dialogue: 0,0:25:24.95,0:25:27.80,Default,,0000,0000,0000,,So I think that what Snowden did, what's\Nbeautiful about it,
Dialogue: 0,0:25:27.83,0:25:30.51,Default,,0000,0000,0000,,is that he basically did enough,
Dialogue: 0,0:25:31.24,0:25:32.95,Default,,0000,0000,0000,,where he could then survive.
Dialogue: 0,0:25:33.12,0:25:36.24,Default,,0000,0000,0000,,Our job now for the most part, a very\Ngood friend told me,
Dialogue: 0,0:25:36.24,0:25:39.22,Default,,0000,0000,0000,,he's a little bit of a fatalist, he said:
Dialogue: 0,0:25:39.22,0:25:43.23,Default,,0000,0000,0000,,your job, Laura's job, Glen's job,\NSnowden's job, your job now is
Dialogue: 0,0:25:43.23,0:25:44.90,Default,,0000,0000,0000,,just to survive.
Dialogue: 0,0:25:44.90,0:25:47.37,Default,,0000,0000,0000,,That's all that you need to do now.\NYou don't need to do anything else.
Dialogue: 0,0:25:47.37,0:25:51.80,Default,,0000,0000,0000,,You should go do other things, like\Ndrink a glass of wine, relax, be happy,
Dialogue: 0,0:25:51.80,0:25:54.75,Default,,0000,0000,0000,,have a nice life, but just survive,
Dialogue: 0,0:25:54.93,0:25:58.73,Default,,0000,0000,0000,,so other people can see that you do the\Nright thing, and even though you could have
Dialogue: 0,0:25:59.16,0:26:02.23,Default,,0000,0000,0000,,done more, you did enough,\Nand you lived through it.
Dialogue: 0,0:26:02.23,0:26:06.20,Default,,0000,0000,0000,,And so Snowden coming out and telling us\Nall of these things, I mean,
Dialogue: 0,0:26:06.20,0:26:09.86,Default,,0000,0000,0000,,there are really powerful people saying\Nhe should be assassinated, right,
Dialogue: 0,0:26:09.86,0:26:13.92,Default,,0000,0000,0000,,hung by the neck until dead, was what one\Nof the CIA people said.
Dialogue: 0,0:26:13.92,0:26:17.24,Default,,0000,0000,0000,,So he probably could have continued to be\Nanonymous for a while,
Dialogue: 0,0:26:17.24,0:26:20.45,Default,,0000,0000,0000,,but imagine if the NSA had got to reveal\Nhis identity.
Dialogue: 0,0:26:20.45,0:26:23.88,Default,,0000,0000,0000,,How would that have been framed, what\Nwould the first impression have been?
Dialogue: 0,0:26:23.88,0:26:27.72,Default,,0000,0000,0000,,I think they called him a narcissist, and\Nthey called him all these terrible names.
Dialogue: 0,0:26:27.72,0:26:32.97,Default,,0000,0000,0000,,And it didn't really stick, because he\Nbasically said "come at me bro',
Dialogue: 0,0:26:33.40,0:26:37.75,Default,,0000,0000,0000,,I'm ready, and you can do your worst,\Nbut you can't get rid of the facts,
Dialogue: 0,0:26:37.75,0:26:39.16,Default,,0000,0000,0000,,so let's talk about the facts."
Dialogue: 0,0:26:39.16,0:26:42.40,Default,,0000,0000,0000,,And I think the timing of how he did that\Nis good, because people really cared
Dialogue: 0,0:26:42.61,0:26:45.85,Default,,0000,0000,0000,,about the issues, but he also recognized\Nthat it was a matter of time,
Dialogue: 0,0:26:45.85,0:26:50.89,Default,,0000,0000,0000,,the NSA police went to his house, they\Nreally bothered his family,
Dialogue: 0,0:26:50.89,0:26:54.78,Default,,0000,0000,0000,,they've done that with my family as well,\Nother people's families have had trouble.
Dialogue: 0,0:26:55.28,0:26:59.55,Default,,0000,0000,0000,,So I think think it's tough, because I\Nthink he probably would have liked to have
Dialogue: 0,0:26:59.55,0:27:03.20,Default,,0000,0000,0000,,been able to not have that happen, but \Nthere comes a point at which
Dialogue: 0,0:27:03.20,0:27:05.29,Default,,0000,0000,0000,,you're the person who has access to all \Nthat information
Dialogue: 0,0:27:05.29,0:27:06.86,Default,,0000,0000,0000,,and they're going to figure it out.
Dialogue: 0,0:27:06.86,0:27:11.52,Default,,0000,0000,0000,,No amount of anonymity, I think, will\Nlast forever, but it can buy you time.
Dialogue: 0,0:27:11.52,0:27:14.51,Default,,0000,0000,0000,,He got exactly the amount of time\Nhe needed.
Dialogue: 0,0:27:15.06,0:27:17.66,Default,,0000,0000,0000,,The really sad part about him coming out\Nin public when he did, though, was that
Dialogue: 0,0:27:17.66,0:27:21.25,Default,,0000,0000,0000,,he got stuck in Russia, because my\Ngovernment cancelled his passport.
Dialogue: 0,0:27:21.25,0:27:23.68,Default,,0000,0000,0000,,I think mostly for propaganda reasons.
Dialogue: 0,0:27:23.68,0:27:28.33,Default,,0000,0000,0000,,Because in the United States, we denigrate\Nall things relating to Russia.
Dialogue: 0,0:27:28.33,0:27:29.78,Default,,0000,0000,0000,,And there are lots of problems with\NRussia,
Dialogue: 0,0:27:29.78,0:27:32.26,Default,,0000,0000,0000,,and especially with Vladimir Putin,
Dialogue: 0,0:27:32.26,0:27:36.70,Default,,0000,0000,0000,,but at the same time that seems to be the\Nonly country that was willing to uphold
Dialogue: 0,0:27:36.70,0:27:38.44,Default,,0000,0000,0000,,his fundamental liberties.
Dialogue: 0,0:27:38.44,0:27:41.17,Default,,0000,0000,0000,,I went to the Council of Europe, and to\Nthe European Parliament,
Dialogue: 0,0:27:41.17,0:27:44.67,Default,,0000,0000,0000,,to the German Parliament, to the French,\Nsort of to the French Parliament,
Dialogue: 0,0:27:44.67,0:27:48.30,Default,,0000,0000,0000,,they didn't really want to meet with me,\Nbut also to the Austrian Parliament,
Dialogue: 0,0:27:48.30,0:27:49.96,Default,,0000,0000,0000,,and to a number of other places,
Dialogue: 0,0:27:49.96,0:27:53.38,Default,,0000,0000,0000,,and everyone said, oh, we would really\Nlive to help anybody who needs help,
Dialogue: 0,0:27:53.38,0:27:55.25,Default,,0000,0000,0000,,oh it's Edward Snowden, never mind.
Dialogue: 0,0:27:55.98,0:27:57.81,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:27:57.94,0:28:02.53,Default,,0000,0000,0000,,And so though I have a lot of critiques\Non Russia, the propaganda aspect of it
Dialogue: 0,0:28:02.53,0:28:04.66,Default,,0000,0000,0000,,was very damaging for him to be stuck\Nin Russia,
Dialogue: 0,0:28:04.66,0:28:08.24,Default,,0000,0000,0000,,but on the other hand, he's still alive,\Nand he's still mostly free.
Dialogue: 0,0:28:08.24,0:28:12.30,Default,,0000,0000,0000,,And they recognized his right to\Nseek and to receive asylum.
Dialogue: 0,0:28:12.86,0:28:15.33,Default,,0000,0000,0000,,So there's a lot of trade-offs to think\Nidentifying one's self,
Dialogue: 0,0:28:15.33,0:28:17.81,Default,,0000,0000,0000,,and if you were thinking about being\Nthe next Snowden,
Dialogue: 0,0:28:18.30,0:28:19.46,Default,,0000,0000,0000,,or helping Snowden,\Nor something like that,
Dialogue: 0,0:28:20.38,0:28:22.65,Default,,0000,0000,0000,,you really have to think that, you really\Nhave to think this out many steps ahead,
Dialogue: 0,0:28:22.65,0:28:25.81,Default,,0000,0000,0000,,and it's easy to stay, oh he should have\Njust stayed anonymous and
Dialogue: 0,0:28:25.81,0:28:27.56,Default,,0000,0000,0000,,nobody would have figured it out,
Dialogue: 0,0:28:27.56,0:28:31.48,Default,,0000,0000,0000,,but that's very clearly not planning for\Nthe case that they do figure it out,
Dialogue: 0,0:28:31.48,0:28:33.27,Default,,0000,0000,0000,,and then they're going to be in control\Nof the narrative,
Dialogue: 0,0:28:33.27,0:28:37.75,Default,,0000,0000,0000,,and in that case, I think you are better\Noff to do what he did,
Dialogue: 0,0:28:37.85,0:28:40.16,Default,,0000,0000,0000,,and he did so quite reluctantly.
Dialogue: 0,0:28:40.41,0:28:43.48,Default,,0000,0000,0000,,He's not an egoist, or an narcissist,\Nhe's actually a really shy guy
Dialogue: 0,0:28:43.48,0:28:44.76,Default,,0000,0000,0000,,from what I can tell.
Dialogue: 0,0:28:44.76,0:28:48.64,Default,,0000,0000,0000,,I don't know exactly what conversation\Nyou and your friend had,
Dialogue: 0,0:28:48.64,0:28:52.83,Default,,0000,0000,0000,,but I would suspect that the notion is\Nthat people are more powerful
Dialogue: 0,0:28:52.83,0:28:53.88,Default,,0000,0000,0000,,when anonymous.
Dialogue: 0,0:28:53.88,0:28:55.97,Default,,0000,0000,0000,,And that is true sometimes,\Nbut not always,
Dialogue: 0,0:28:55.97,0:28:58.48,Default,,0000,0000,0000,,and it's important to remember that\Nthe anonymity technology is there
Dialogue: 0,0:28:58.48,0:29:01.00,Default,,0000,0000,0000,,so you have a choice, not a requirement.
Dialogue: 0,0:29:01.00,0:29:03.65,Default,,0000,0000,0000,,And that choice is sometimes\Ncounter-intuitive,
Dialogue: 0,0:29:03.65,0:29:06.38,Default,,0000,0000,0000,,but I think he did the right thing in\Nthis way, and I wish that my government
Dialogue: 0,0:29:06.38,0:29:09.02,Default,,0000,0000,0000,,had done the right thing by him as well,\Nbut they did not.
Dialogue: 0,0:29:09.02,0:29:09.83,Default,,0000,0000,0000,,[question]: So there are lot of questions,\Ndo you want to keep going on,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,shall we get in a little Mate?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: I would love some of that rum.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think I have to GRsec, right?\NGRsec kernel.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And then rum appears. Rum as a service.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'm really happy to keep taking questions,\Nbecause to me, what I want is
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,for every person in this room to feel\Na part of this, because you really are.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,A lot of the people I've met in this\Ncommunity really inspire me to action,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it's important to understand that\Nreally, it would not have been possible
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,without Debian.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,For example debootstrap - really important\Ntool, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,With weasel's packaging of Tor, it allowed\Nus to have bootstraps of things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it allowed us to build things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and using Free software really was\Nhelpful,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so if you guys have any questions at all,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,really each and every person that helps\Nwith Debian should just know
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that you are a part of that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I'm just happy to talk for as long as\Nyou want, basically,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to answer all of your questions,\N
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,except the ones that put me in prison.\NThanks.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: I just wanted to make a quick\Nnote about the question
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,"do they have a file on me?"
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,From all I've read so far, it's just that\Nthey're doing the thing
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that is in the commercial world called\N"big data".
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Yep. Absolutely.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Oh boy. GRsec again?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[orga]: it's not rum, but it's Bavarian\Nwhisky.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Oh boy. It's going to be a\Nheavy morning tomorrow.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I saw another couple of hands.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: I was just wondering if\Nthat you noticed throughout this
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that you think we could improve in Debian\Nto make the next people's lives easier.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Oh my god, I'm so glad you asked\Nthat question, that's so fantastic.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'm going to talk about that tomorrow\Nin my keynote,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but let me tell you about one that I have.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I revealed a specific document about a\Nwifi injection attack system.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's a classified document, it's a\Ntop secret document,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,for a thing called nightstand, and what\Nnightstand is,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's basically like car metasploit,\Nit's a wifi injector...
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,cheers!
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Danke schön.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's a wifi injector device...
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Whew, jesus!
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[orga]: Tonight's whisky sponsored by\Ndrunc-tank dot org.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: So this wifi injector device,\Nwhat it does is it basically is able to
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,exploit the kernel of a device by sending\Nmalformed data over wifi.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Now I have a series of photographs, so\Nall of us.. not all of us, but most of us
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,used these speciallly modified X60s where\Nwe removed the microphones, soldered??
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,down things on the PCI bus,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we removed, like, firewire, really\Nmodified it, flashed coreboot onto it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,flipped the read pin so it was only\Nread-only,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so you couldn't easily make a BIOS\Nroot kit and make it persistent,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we booted TAILS, did all this stuff,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,often we could boot to RAM so that\Nonce the machine was powered off
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,basically it would be done, so if someone\Nkicks down your door,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you just pull the power out,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and you don't have a battery, and\Nwhen the power fails you have an
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,instant kill switch.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So things that are in TAILS that are \Nreally useful include this
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,wiping the kernel memory package\Nwhich I hear is being packaged for Debian
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,soon, which is very exciting.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Because everyone should have access\Nto that so we can tie it into something
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like GNU panicd or these other things.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But one thing I kept having problems with\Nis this wifi injection device,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'm pretty sure, was very close to my\Nhouse.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There was a white van outside, it was\Nvibrating a bit like there was a guy
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,walking around in it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then all of sudden, an X60 here,\Nan X60 here, and an X60 here,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,just booted into TAILS, not doing\Nanything at all, but on the wifi network,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,kernel panic, kernel panic, kernel panic.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,All the same kernel panic, all the\Nsame memory offsets,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in the Appletalk driver of the stock\Nkernel for TAILS.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think I filed a bug upstream with TAILS\Nat the time,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but this is just incredible because\Nit's clear that all the crap
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in the default Debian kernel that you\Nreally want for your 1992 Apple network
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,makes operational security really hard,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and one thing that would be really great\Nwould be a GRsec enabled kernel...
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Yes, have to drink.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But as an example, we built different\Ncustom machines, and one of the things
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that we did for some people and in some\Ncircumstances was
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to build GRsec enabled kernels.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I'm not going to drink again.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we built those kernels
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[audience]: Which ones?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacbob]: Yes, exactly, those ones.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And that was work which creates a problem\Nfor a bunch of reasons.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,When you build custom kernels, and\Nyou only have a few people
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that can build those kernels,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you actually build a chain of evidence of\Nwho helped who.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And if that was stable, normal package,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that people could install in a Debian\Npure blend,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,then it would have been easier to do that.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We built a lot more sandbox profiles for\Nvarious different things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we built some transparent TOR-ification\Nstuff,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and that required a lot of bespoke\Nknowledge,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it required a lot of effort that a lot\Nof people did not have,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because they had a different set of\Nskills,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it's good to have a division of\Nlabour,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but having that kind of stuff built into\NDebian by default, making a
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Debian installer that could do that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and also verification, would be great,\Nright?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So I wrote some custom scripts \Nwhere I could look at a TAILS disk,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or a Debian install,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and know if it had been tampered with.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And it would be nice if there was just\Na disk you could boot that did
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,verification of an installed system
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,very very easily, so easily that\NGlen Greenwald could use it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I love Glen, I saw that very politely,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but what I means is it needs to be\Neasier than that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because Glen at least knows that he\Nhe a reason to need it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And so that was something that we really\Nneeded help with.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And we spent a lot of time on that.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And there are lots of other little things\Nlike that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I'll talk about some of those things\Ntomorrow,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but one of the really big problems is\Nhardware,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which is that you cannot buy a modern\NIntel CPU which doesn't come
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,with a backdoor any more.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And that is a huge problem, and I'm not\Nsure that the answer is to use ARM.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It seems like the answer is to use ARM.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But that's only if assume that ARM didn't\Njust add a backdoor that's obvious.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we really need to think about how to,\Nin moving forward,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,how to have easy to use, easy to buy\Non the shelf, Debian hardware,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,available everywhere, all the time,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so you can just go and buy this thing and\Nverify it in some way
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,with some other machine,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to know that you would have the right\Nthing.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And to that extent we didn't have X-rays\Nfor a lot of the circuit boards,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so that made it very difficult to know\Nif when you buy something,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's been tampered with.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'll talk about some of that stuff\Ntomorrow,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but basically, Debian does a lot of stuff\Nright,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and that is also worth mentioning.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There's so many things that just work\Nout of the box, that just work perfectly.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So the main thing is to keep the\Nquality assurance at the level,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or to exceed where it is right now.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Because it actually works super super\Nwell.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The exception being for very specific\Ntargetted attacks,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the kernel attack surface is pretty big,\Nand pretty bad, I think.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And also, we rebuilt some binaries in\Norder to..
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,sorry, I'll get to you in a second.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We rebuilt some binaries to make sure\Nthat we had address space randomisation
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and linker hardening, and stack\Ncanary stuff,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and for some stuff lately we've been using\Naddress space sanitizer,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so it would be really great if all the\Nhardening stuff was turned in,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,if there was PAX plus GRsec as a kernel.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[audience]: so the specific problem with\NGR security is that they don't really
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,want to work with distros.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we could have a Linux kernel package\Nwith GR security applied,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but it wouldn't have any of the other\NDebian patches.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: So I talked with Brad Spender\Nabout this,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I'm so glad that you said that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because what he said was that, as far\Nas I can tell, he's totally interested in
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,helping Debian with this but thinks that\NDebian is not interested.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,He actually runs a kernel building\Nservice where they actually do
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,individual kernel builds, and I think\Nyou'd be interested,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and when I told him we'd love to have\Nthis in TAILS, he said
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,what patches do I need to include in GRsec\Nto make sure that it'll work?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And he offered to do the integration\Ninto the GRsec patch if there are not
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,too many things.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So I think what we should try and do\Nis build a line of communication,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if it costs money we should find a way\Nto raise that money,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'll put in some of my own personal money\Nfor this,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I know other people would too.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[distant audience]: I will.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Great.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So securedrop, for example, part of what\Nthey do for their leaking platform,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,if you go to the intercepts website,\Nyou wan to leak them a document,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,they actually use free software\Neverywhere, but there are a few things\N
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,they build specially, and one of those\Nthings is a GRsec kernel.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So the people at first look, that helped\Nmake this movie,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and that work on securedrop,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,they would probably also,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'm not committing them, I don't\Nknow that they would actually do this,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but I think they would really like it if\Nthat was in there,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I think it we could find the community\Nwill to do that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I know I would volunteer and other people\Nwould,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I know that dkg in the back would love to\Nhelp with this, I would that ???
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,who is just totally behind funding this\Nwork, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I thought that you were there to protect\Nmy civil liberties, buddy.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But I really think that it's possible\Nthat we could do this,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I definitely think Brad, the author of\NGRsec,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think he would really love it if Debian\Nshipped GRsec.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And it doesn't need to come by default,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but if it was possible to just have\Nit all, that would be great.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Maybe we could have an affinity group\Nwhere everyone who is interested can
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,meet sometime tomorrow and we could\Ntalk about doing this.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I would love to have that conversation.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Who are you?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[audience]: Ben Hutchings.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Oh, nice to meet you!
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,That's awkward.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: Hi. Sorry to interrupt the\Nawkwardness,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and replace it with more awkwardness.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Nice to see you, Jake.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So, I remember reading the documents\Nin 2013
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and seeing the NSA's internal training\Nguide for how to query their
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Hadoop data store, aka xkeyscore,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and so I thought I would just ask you\Nif you think Free software net helps us
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or helps them.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: I'm really glad you asked that\Nquestion.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think that Free software helps everyone\Non the planet, and I think that
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,purpose-based limitations.. I understand\Nwhy people want them.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think we should try to build a world\Nwhere we are free,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and so putting in purpose-based\Nlimitations is really problematic,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I think what we should do is try to\Nmitigate the harm that they can do
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,with those systems,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,as opposed to pretending that they care\Nabout Free software licensing.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,These guys kill people with flying robots,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it's illegal to murder people, and they\Ndo it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Limiting their use with licenses, first\Nof all, that just means they'll spend
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,your tax money to rewrite it if they care\Nabout the license,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and you won't get their bug-fixes or their\Nimprovements,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then additionally they're still not\Ngoing to obey your license anyway,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because literally some of these people\Nwork on assassinating people.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So it is better that we keep our integrity\Nand take the high road,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and write Free software, and we give it to\Nevery single person on the planet
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,without exception,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's just better. It's better for all of\Nus, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So the fact that they have Hadoop, the\Nfact that they, for example, use OpenSSL,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or maybe they use Tor, or whatever, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Or they use gdb to debug their exploits.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I kind of wish that on them.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think it's great, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So one of the things Che Guevara said\Nin his manual about guerilla warfare,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in chapter two, is that (oh, it was\Nchapter three)
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,He talks about when you have to arm\Na guerrilla army,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,this is not exactly related, but it's an\Nanalog.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,He says that the most important thing\Nis for the guerrilla army to
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,use the weapons of the people that\Nthey're fighting - the oppressor.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And the reason is that it allows you to\Nresupply, essentially.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,When you win a battle, you resupply.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,When we all use the same Free software,\Nand we're working on these things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the fact that they have to contribute\Nto the same projects and they often do
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,means there's a net win for us.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,They do have some private things that they\Ndon't share, obviously,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,with the exception of nice people like\NEdward Snowden,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I think that it is a net positive\Nthing,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if we think of it as a struggle,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we are better off to take the high road,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and so I really think we should not\Npretend that we can stop them,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and instead we should work together\Nto build solutions.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I think that Debian is doing that,\Nright?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think Debian is much harder to\Ncompromise than
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,a lot of other operating systems,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it's much much harder to coerce\Npeople,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and there's a strong ethos that comes\Nwith it that it's not just the technical
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,project, there's a social aspect to it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think I was in the New Maintainer\Nqueue for 11 years,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,maybe that's a little too long,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but there's a huge hazing process,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so anyone who wants to help, really really\Nwants to help,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if they want to do something wrong\Nthere are processes to catch
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,people doing things wrong.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we should really stay true to the\NFree software ethos,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it really is a net benefit.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: Hi Jake. Thanks a lot for\Nsaying so much "GRsec".
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Just wanted to give a shout out.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,You mentioned possible backdoors in\NCPUs and so on,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that ARM might not be the next best thing\Nbecause it's not so open either.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,You might want to have a look at Power 8.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's basically PowerPC 64, so Debian has\Nsupport for it as far as I know,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and most of the stuff is actually open.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Not that actually designs that IBM is\Nusing,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but you can have, actually, an FPGA\Nimplementation of it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if you have the money make your own\NASICs for it, without even knowing
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,how to do it, which is pretty good,\NI think.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: I think there are lots of things\Nwe can hack right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I mean I had one of those weird RMS\Nlaptops, the Limote,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or whatever it's called, for a while.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I was definitely able to get some\NFree software running on it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in theory it was a Free software laptop.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But getting other people to use this is\Nthe problem,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you need to get everybody to use it,\Nright?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There's a sort of old anarchist cliché,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,"None of us are free until all of us are\Nfree"
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And that really applies here.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We really need to have Free software\Nthat's usable by everyone,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,otherwise we're sort of bound by the\Nlowest common denominator
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,of Free, or proprietary tools, depending\Non what people have to use.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So it'll be great when we have that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and there's a thing called the Nokimist???
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which is a video mixing board that has an\NFPGA implementing a Free software CPU
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that you can boot Debian on, or OpenWRT,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it does work, and I have used it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and in fact I used to use it as a shell,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and for a long time I used a Debian\Ntrick,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,actually I've never talked about that in\Npublic,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,let me think about that for a second.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So I used to use an IRC client that was\Nreally buggy,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I couldn't figure out where all the\Nbugs were,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but I knew that if I hung out in certain\Nnetworks that someone else
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,would help me find those bugs by trying\Nto exploit my client.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I wanted to make it as hard as\Npossible.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So I ran my IRC client inside of a Debian\Nmachine that was running an S390 emulator.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Who here uses Hercules? Thank you to\Nwhoever packaged it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And so I would use Hercules, it was a\Nvery long install process.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Very slow.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I would do this, and what I'd always\Ndreamed of doing at some point
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,was using the Nokimist??? and the\NHercules together
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,for maximum ridiculously difficult\Nto exploit,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,plus GRsec kernel.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But that's not a usable thing.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So what we need to do is take these kinds\Nof prototypes
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which actually do represent many steps\Nforward,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we need to make sure that they're\Nproduced on a scale where
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you can go into a store and puchase them\Nanonymously, with cash,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in a way that you can then verify.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And we're actually really close to that\Nwith software defined radios
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and open hardware,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but we're not quite there yet.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: What I meant is that Power 8\Nis basically getting big, currently,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,on the server market,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it might get big for other stuff also.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Hopefully.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: I want to come back to the\Nstory about the panic
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in the Appletalk driver.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The common approach against this is\Nto compile your own kernel with
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,all this stuff not compiled in,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but on two of my systems I have a\Nmodprobe wrapper which has
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,a whitelist of module which may be\Nloaded,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I install that wrapper as the thing\Nthat the kernel uses for loading modules.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Do you know if such a thing exists\Nelsewhere, or if not,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I would be interested in developing it\Ninto something which is actually useable
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,for people.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: That would be great.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In this case we were using Tails.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And so, Tails is very finicky about what\Nit will accept,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and so having that in Debian will make it\Na lot easier to get it into something
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like Tails, I think.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But the main thing is really that we have\Nto think about the attack surface
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,of the kernel very differently.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,The problem is not Appletalk; the problem\Nis the Linux kernel is filled with
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,a lot of code,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and you can autoload, in certain cases,\Ncertain things come in,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and certain things get autoloaded,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I know Bdale loves his\Nham radio stuff,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but I never use ham radio on my machine
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I used for clandestine conspiracies,\Nyou know?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,That's a separate machine.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's over here.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we just need to find a way to think\Nabout that.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And part of that could be kernel stuff,\Nbut also part of it could be thinking
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,about solutions like that, where we\Ndon't need to change the kernel.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So if you could package that and develop\Nthat, it would be really fantastic.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Ben]: Actually, some time ago, after\NI think it was the econet exploits,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,no-one uses econet, it was broken anyway,\Nbut you could exploit it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because it was autoloaded.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So I actually went through and turned off\Nautoloading on a few of the more obscure
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,network protocols.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We could probably go further with that,\Neven in the defaults.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: I think it would be great to\Nchange some of the kernel stuff so that
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,at least, I mean, Tails is a special use\Ncase, where, I think, it's very important,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it doesn't work for everyone,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but we should just consider that there are\Ncertainly things which are really great,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I want to use Debian for it, because\NDebian is a universal operating system.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But for a modern desktop system where\Nyou're using GNOME,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and you haven't set anything up,\NAppletalk for example,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,maybe we would ask those people\Nto load that module themselves.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Ben]: Yeah, for example you could\Nhave, a lot of those things are going to
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,have supporting utilities,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so you could put something in the\Nsupporting utilities that loads it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,at boot time.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And if you don't have those installed,\Nyou don't need it.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Yep, totally. And I think there's\Nlots of ways to do it where
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the network can't trigger it,\Nand that's important.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Ben]: Yeah, that puzzled me,\NI can't understand,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the protocol module when\Nuserland tries to open a socket
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,of that type,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it shouldn't happen in response to\Nnetwork traffic.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There are things like, I think if you\Nrun ifconfig that can autoload
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,a bunch of things, for example.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Yeah, I think on either side\Nit should be more explicit,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and in this case with Tails,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,there was a time when you looked at\Nthe kernel module list
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it was pretty amazing,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like I think there was an X25 thing,\Nan Appletalk, thing,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,wait, this is all about going over Tor,\Nwe don't support any of these
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,things at all.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So it's just the way that things are \Ninterdependent, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's not a dig at the kernel itself.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think the Linux kernel as it works\Nin Debian today works really well
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,for a lot of people,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but there is definitely a high security\Nuse case,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I, for example, if I were a Debian\Ndeveloper, and I had a development
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,machine where I didn't run a web\Nbrowser,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I took a lot of effort.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It would be really nice if there were\Na kernel that put in the same
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,threshold of security.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I think that the GRsec kernel with\Nsome stuff changed about it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like getting rid of Appletalk and a few\Nother things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,would be closer to that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and combined with that guy's tool that\Nhe's talking about,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you could make autoloadable module,\Nthat at least even if the system was
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,going to autoload it, you could stop it,\Nin a failing closed sort of way.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I think there's a lot of stuff,\Npractically, to do on that front,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and there's another project called\NSubgraph OS,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which is basically working on becoming\Nin some ways a Debian derivative,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and they're going to do stuff like GRsec\Nkernel,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and they have a whole sandboxing framework\Nwhich uses apparmor, seccomp
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and xpra, and a few other things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I think that they'll make a lot of\Ninteresting security decisions,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which might make sense to adopt in \NDebian later.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Ben]: I think Matthew Garrett has an\Ninteresting criticism about that and
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,how it wouldn't really work, and Wayland\Nwas a better way to go than xpra.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Yeah, I've heard those\Ncriticisms,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but Matthew Garrett is wrong.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Not usually, but in this particular case.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,For example, the sandboxing stuff,\Nif you have a GNOME appstore,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,essentially, that's for one set of users,\Nbut for a Debian developer
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,writing your own policies,\Nit might be useful,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if you need Wayland, you might\Nnot have a full solution,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we might want to have both for a while.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And think it'd be great.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And the main thing is we just need to\Nfind people who will think about those
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,issues and try to integrate them,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because most people who write exploits,\Nor who understand how to do offensive
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,security stuff, they don't want to help\NFree software projects,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,they just want to exploit them.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And so some of the Subgraph guys,\Nwhat I really like about them
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,is that they're trying to improve the\NFree software products we all use.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Even though they may make different\Ndesign decisions,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,they're making Free software all the same.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: Maybe also, some other thing\Nto keep in mind is actually
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that there is also a social aspect of this\Npressure if NSA wants to put anything
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,inside Debian.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So if we actually also need to make sure\Nthat if they put pressure on somebody
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,we have any way to help these people\Nnot land in prison.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So is there also a social aspect of \Nsupporting people which get pressure
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,from anyone.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Yep. I mean, if anyone is ever\Nin that situation one thing I would say
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,is that it's your right to remain silent,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you have the right to remain silent\NI think is the phrase the police would say
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but there are definitely communities\Nof people who will help you.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There's a group called the Courage\Nfoundation, for example,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,which was started by Sarah Harrison,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and the job that the Courage foundation\Nhas taken on
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,is essentially to help people who would be\Nsources or who are in harm's way like this
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if you found yourself in that kind of\Na position there are people
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,who will try to help you.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I really don't think that is the next step\Nin this,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think that could happen.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But I thin it's much more likely someone\Nis going to write an exploit for Firefox.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,That's the way they're going to own\NDebian people in the future,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,for the most part, that's how they own\Nus today.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Firefox, number one enemy to security\Non your Debian machine, probably.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And that's not a dig at Firefox, it's just\Nsuper-complicated software,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and these guys are really good at\Nwriting exploits,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and that's an easy target.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we, I think, have to do with the social\Nthing,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but we also should look at some of the\Ntechnical problems,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then when and if people have that,\Nyou can contact me.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'm super happy to put you in touch with\Npeople who will help.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And obviously, get a lawyer, get several\Nlawyers if you can.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Contact the EFF, or the ACLU, depending\Non where you are.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,At least in Germany, and in the United\NStates, it isn't so bad yet
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,that they can put that kind of pressure \Non you openly,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in a Free software project.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,If you write proprietary software you're\Nin a very different situations,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and there are definitely people who are in\Nthat situation right now,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I don't envy them. Their position is\Nactually much harder.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So actually writing Free software already\Nmakes you not at the very beginning
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,of the target list, I think.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Any other questions? Wow. Where's the rum?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: How do you deliver the\Nencrypted message without exposing
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the connection to a third party?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Which encrypted message do you\Nmean?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Do you mean, like jabber?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: Email, or jabber, yes.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: For the most part we use systems\Nwhere Tor hidden services are available
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to connect to them, so we never even left\Nthe Tor anonymity network,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so they're end-to-end encrypted and\Nanonymized, you connect to a
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,.onion address,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then using crypto on top of that, so\NTLS to a Jabber server,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and then OTR on top of that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so you have, you could call it a\Ncomposition of cryptographic systems,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and the core of that is Tor, along with\Nusing throwaway machines,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,going to locations where you never go\Ntwice,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,using open wifi plus Tor plus TLS plus\NOTR,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and for email, Riseup offers Tor hidden\Nservices, which allows you to do the same
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,thing, essentially, and then using PGP as\Nwell.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: I mean, how about metadata,\Nlike the delivery address of the target?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacbob]: In some cases we use a system\Ncalled Pond,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and Pond is a system that is completely\NTor hidden service based,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,pond.imperialviolet.org.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Adam Langley probably wouldn't want me to\Nsay, but I'll say it anyway,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,it would be very useful to package this\Nfor Debian,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,because it's a system where once you do\Nkey exchange with someone,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you have an end-to-end encrypted messaging\Nsystem that's like email,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you can send files that are encrypted,\Nyou can send messages that are encrypted,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's delay based. You don't have\Nusernames,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,you just have a public key,\Nand then you have group signatures,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so that people can send things to your\Nmailbox by proving they are a member
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,of the group but not which member of\Nthe group they are.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And there's a lot of stuff like that.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we use Jabber, we use email, and we use\NPond.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And those three systems together also\Nallowed us to build a clandestine
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,sneakernet.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,So we have the ability to carry USB disks,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and a few of us carried them inside of\Nour bodies,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if you've never had that experience,\Nlucky you.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,You want to make sure you use post-quantum\Ncomputer crypto for that, by the way.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's more comfortable.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[orga]: Shall we relieve this man from his\Nduties?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Any more questions?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[orga]: One more question.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[question]: Okay, so when the Snowden\Nleaks were first published it created
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,a lot of awareness, and people were\Ntalking about it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and there was a huge media echo,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Now if some documents leaked, people\Nare saying yeah, all this surveillance,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we aren't dead yet, and we can still\Nlive our lives.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,They basically care less. They still care\Na bit, but they care much less than
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,when the first documents were published,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,so how can we maintain awareness for\Nthis issue in the world population,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in your opinion?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: There's a really scary thing\Nthat's happening right now.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,There was this idea in the 90s, we had\Nthe crypto wars.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Did any of you remember this idea of the\Ncrypto wars?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Okay, a few of you do, maybe not all of\Nyou do.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But we had the so-called crypto wars in\Nthe 90s, I encourage you to look this up
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,on DuckDuckGo, or whatever your\Nfavourite search engine is.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In theory we're in the second crypto\Nwars now.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In reality what happened is the first\Ncrypto wars never ended.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We didn't actually win, like we thought\Nwe did.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But there are a bunch of things that are\Ntaking place.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,For example, making a stand against\Nbackdoors.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Using end-to-end encrypted\Ncommunications.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Actually pushing for that, being quite\Nopen about actually hosting
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,those kinds of services, and doing it\Nfrom a principled perspective,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,from a legal perspective.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I think you will find that the tension\Nwill continue to rise for a while,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I think that it will continue to be\Na conversation about public debate,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and an important aspect of this is that\Nnow regular journalists that don't
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,understand technology at least understand\Nthe importance of these things.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And if they don't do that, they at least\Nperceive that they will be considered
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,unprofessional if they don't care, and\Nthink about those things,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,or they'll be somehow negligent.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I think that will keep some of the\Ndiscussion going,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it will allow us to build some\Nbreathing room,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and that breathing room will actually\Nallow us to build some alternatives.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But there are some downsides, right?
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Some of the things that take place when\Nyou reveal security service spying
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,is that it tends to get normalized, to a\Ndegree.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But then in some cases it does get pushed\Nback.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,In the 70s in the United States, it became\Nillegal to do assassinations, for example.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Because what the CIA were doing was so\Natrocious that eventually there was
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,political pushback.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It turns out it only lasted 30 years, and\Nthen they started doing it again.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,But there's a saying in my country which\Nis that effectively the price of liberty
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,is eternal vigilance.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And that's what we are engaged in now.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And the liberty starts with software\Nliberty, I think,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in the case of communications on networks.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And so we have to have Free software,\Nand it has to be responsibly encoding
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,packets and data,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if we think about it in this sense\Nwe'll find a lot of pressure,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we'll have a lot of discussions\Nabout it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and you'll start to see it be a part of\Npolicy debates,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like one of the presidential candidates\Nin the United States
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,just came out against encryption.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I hope that sinks his presidential\Ncampaign.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I mean it's weird to be against\Nencryption.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It's like I'm against prime numbers.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,No modular arithmetic.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I just want to say it's important to\Nunderstand, you are right,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,people will be normalized about it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but each and every one of us that\Nunderstands these issues
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,can actually keep it alive.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And the way we do that is when we\Ncommunicate with people...
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I'll give you an example which I\Nlike to give.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I grew up in San Fransisco and in the Bay\NArea or San Fransisco, and California,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and I did that in the 80s.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And so a lot of people that I knew had\NHIV and they died of AIDS.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And there was a huge discussion about\Nthis, and it was called GRID,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,the Gay Related Immune Deficiency\Nsyndrome.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,Before it was called HIV and AIDS.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And lots of people were sick, and lot of\Npeople died,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and there was a sort of normalization\Nprocess where people sort of
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,accepted this as their fate, especially\Nif they were in the gay community.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And still, over years and years and years,\Npeople began to build a culture about
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,safe sex, and they started to talk about\Nrespecting their partners,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and about talking about these issues,\Nand about getting tested,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and it took a lot of effort, to really go\Nmuch further.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,A lot of people actually died in that\Nprocess.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,It was a very sad, serious situation.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I think we have similar discussions\Nthat are taking place now,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and some people don't take it seriously,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and if they happen to be Muslims living \Nin Pakistan,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,they might get a drone strike.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And there's a sort of survival mechanism\Nthat takes place there.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And it's an unfortunate parallel, I think,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but I would really consider that we can\Nchange this dialogue
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,by continuing to have it even though\Nit's exhausting,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and by recognizing our responsibility,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and how we can make it better by\Ncontinuing to do that,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and by building healthy alternatives,\Nand by building new systems,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and by refusing to backdoor any\Nsystem, ever,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,completely committing to\NFree software,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and transparency of that software,\Nand also of those processes.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And really really really sharing the\Nknowledge about it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to make it impossible to surpress.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And we should not accept the\Nnormalization of that.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,We shouldn't make it fun to spy on people,\Nwe shouldn't make jokes about it
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,in a way that normalizes it,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we should respect those people\Nwho are victims of surveillance,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we should recognize that basically\Neveryone here is a victim of surveillance
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,to some degree,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,and we should care about that,\Nand we should continue to be upset,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,but not just upset; to channel that\Nanger into something useful
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,like making Debian better.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[applause]
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[orga]: Thanks Jake for such a long Q&A\Nsession,
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,I hope you enjoy the rum.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,And I'm sure Jake's going to ask any more\Nquestions if he can still talk.
Dialogue: 0,9:59:59.99,9:59:59.99,Default,,0000,0000,0000,,[Jacob]: Thanks.