[Script Info]
Title: 
[Events]
Format: Layer, Start, End, Style, Name, MarginL, MarginR, MarginV, Effect, Text
Dialogue: 0,0:00:00.00,0:00:01.49,Default,,0000,0000,0000,,... wanted to be able to use
Dialogue: 0,0:00:01.49,0:00:03.28,Default,,0000,0000,0000,,Thunderbird and GnuPG together with Tor,
Dialogue: 0,0:00:03.28,0:00:04.74,Default,,0000,0000,0000,,and so we thought:
Dialogue: 0,0:00:04.74,0:00:07.10,Default,,0000,0000,0000,,oh, it would be really easy, I bet,
Dialogue: 0,0:00:07.10,0:00:09.69,Default,,0000,0000,0000,,to configure Thunderbird to work with Tor
Dialogue: 0,0:00:09.70,0:00:11.99,Default,,0000,0000,0000,,- hah - so a new Free software project\Nwas born.
Dialogue: 0,0:00:12.36,0:00:15.53,Default,,0000,0000,0000,,It's a really simple thing, but basically
Dialogue: 0,0:00:15.53,0:00:17.66,Default,,0000,0000,0000,,it's just a package\Nthat hooks it all together.
Dialogue: 0,0:00:17.66,0:00:20.58,Default,,0000,0000,0000,,So a lot of people were using Thunderbird
Dialogue: 0,0:00:20.58,0:00:23.80,Default,,0000,0000,0000,,and TorBirdy, and GnuPG, and Tor,
Dialogue: 0,0:00:23.80,0:00:26.03,Default,,0000,0000,0000,,and Debian, together for email,
Dialogue: 0,0:00:26.05,0:00:29.81,Default,,0000,0000,0000,,combined with Riseup as an email service.
Dialogue: 0,0:00:30.70,0:00:36.95,Default,,0000,0000,0000,,So it's literally a real peer to peer,\NFree software driven set of things,
Dialogue: 0,0:00:37.18,0:00:39.51,Default,,0000,0000,0000,,actually, that made it possible.
Dialogue: 0,0:00:48.56,0:00:50.44,Default,,0000,0000,0000,,[question]:\NSo one thing I never understood about this
Dialogue: 0,0:00:50.44,0:00:53.46,Default,,0000,0000,0000,,process was exactly how the documents were\Nhandled, and maybe that's because nobody
Dialogue: 0,0:00:53.47,0:00:57.56,Default,,0000,0000,0000,,wants to say, but, you know, did you leave\Nthem on a server somewhere and download
Dialogue: 0,0:00:57.58,0:01:00.81,Default,,0000,0000,0000,,them, hand them over to people, and who\Ntook what where, and how do you...
Dialogue: 0,0:01:01.26,0:01:04.85,Default,,0000,0000,0000,,in case I need to do something really\Ndangerous with a load of documents,
Dialogue: 0,0:01:04.85,0:01:07.76,Default,,0000,0000,0000,,what's the best way of doing it?
Dialogue: 0,0:01:07.89,0:01:10.88,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:01:12.76,0:01:14.76,Default,,0000,0000,0000,,[Jacob]: Hmm!
Dialogue: 0,0:01:16.56,0:01:18.86,Default,,0000,0000,0000,,[audience member]: It's a good thing\Nthis isn't being streamed.
Dialogue: 0,0:01:19.50,0:01:21.59,Default,,0000,0000,0000,,I'm sorry, what?
Dialogue: 0,0:01:21.84,0:01:24.79,Default,,0000,0000,0000,,There was a voice from god,\Nwhat did she say?
Dialogue: 0,0:01:25.17,0:01:27.26,Default,,0000,0000,0000,,[audience]:\NI said good we aren't streaming tonight.
Dialogue: 0,0:01:27.48,0:01:30.16,Default,,0000,0000,0000,,Oh yeah, so hello to all of our friends\N
Dialogue: 0,0:01:30.16,0:01:34.13,Default,,0000,0000,0000,,in domestic and international\Nsurveillance services.
Dialogue: 0,0:01:34.82,0:01:37.46,Default,,0000,0000,0000,,Well, so I won't answer your question,
Dialogue: 0,0:01:37.46,0:01:40.15,Default,,0000,0000,0000,,but since you asked the question,\Nit's my turn to talk.
Dialogue: 0,0:01:40.16,0:01:41.60,Default,,0000,0000,0000,,So what I would say is that...
Dialogue: 0,0:01:41.62,0:01:44.08,Default,,0000,0000,0000,,if you want to do clandestine activities
Dialogue: 0,0:01:44.08,0:01:46.16,Default,,0000,0000,0000,,that you fear for your life for,
Dialogue: 0,0:01:46.17,0:01:48.20,Default,,0000,0000,0000,,you need to really think about\Nthe situation that you're in
Dialogue: 0,0:01:48.20,0:01:49.35,Default,,0000,0000,0000,,very carefully.
Dialogue: 0,0:01:49.35,0:01:51.87,Default,,0000,0000,0000,,And so a big part of this is\Noperational security
Dialogue: 0,0:01:51.89,0:01:54.10,Default,,0000,0000,0000,,and a big part of that is\Ncompartmentalization.
Dialogue: 0,0:01:54.11,0:01:56.31,Default,,0000,0000,0000,,So certain people had access\Nto certain things,
Dialogue: 0,0:01:56.32,0:01:58.20,Default,,0000,0000,0000,,but maybe they couldn't decrypt them,
Dialogue: 0,0:01:58.20,0:02:00.97,Default,,0000,0000,0000,,and certain things were moved around,
Dialogue: 0,0:02:00.97,0:02:03.49,Default,,0000,0000,0000,,and that's on a need to know basis,
Dialogue: 0,0:02:03.49,0:02:05.07,Default,,0000,0000,0000,,and those people who knew,
Dialogue: 0,0:02:05.08,0:02:09.30,Default,,0000,0000,0000,,which is not me - I don't know anything,\NI don't know what you're talking about.
Dialogue: 0,0:02:09.84,0:02:11.89,Default,,0000,0000,0000,,Those people knew, and then you know,
Dialogue: 0,0:02:11.90,0:02:13.43,Default,,0000,0000,0000,,it'll go with them to their grave.
Dialogue: 0,0:02:13.44,0:02:15.73,Default,,0000,0000,0000,,So if you're interested in being the next\NEdward Snowden,
Dialogue: 0,0:02:15.76,0:02:17.22,Default,,0000,0000,0000,,you need to do your homework
Dialogue: 0,0:02:17.25,0:02:20.34,Default,,0000,0000,0000,,in finding people that will be able to do\Nthe other part of it, let's say.
Dialogue: 0,0:02:20.34,0:02:22.77,Default,,0000,0000,0000,,But just in general, I mean
Dialogue: 0,0:02:22.78,0:02:24.83,Default,,0000,0000,0000,,compartmentalization is key, right.
Dialogue: 0,0:02:24.84,0:02:27.16,Default,,0000,0000,0000,,So it's not just for AppArmor profiles.
Dialogue: 0,0:02:27.17,0:02:30.28,Default,,0000,0000,0000,,So you need to think about\Nwhat you want to do.
Dialogue: 0,0:02:30.29,0:02:33.55,Default,,0000,0000,0000,,And I mean a big part of this\Nis to consider that the network itself
Dialogue: 0,0:02:33.55,0:02:36.76,Default,,0000,0000,0000,,is the enemy, even though it is useful\Nfor communicating.
Dialogue: 0,0:02:37.06,0:02:40.73,Default,,0000,0000,0000,,So all the metadata that exists\Non the network
Dialogue: 0,0:02:40.73,0:02:42.87,Default,,0000,0000,0000,,could have tipped people off,\Ncould have caused
Dialogue: 0,0:02:42.87,0:02:44.36,Default,,0000,0000,0000,,this whole thing to fall apart.
Dialogue: 0,0:02:44.49,0:02:46.79,Default,,0000,0000,0000,,It really is amazing, I feel like you know
Dialogue: 0,0:02:46.82,0:02:48.15,Default,,0000,0000,0000,,two and half, three years ago,
Dialogue: 0,0:02:48.15,0:02:49.77,Default,,0000,0000,0000,,when you talk about Free software,
Dialogue: 0,0:02:49.77,0:02:51.62,Default,,0000,0000,0000,,and you talk about the idea of\NFree software,
Dialogue: 0,0:02:51.62,0:02:55.02,Default,,0000,0000,0000,,and you talk about issues relating to\Nautonomy and privacy, and security
Dialogue: 0,0:02:55.02,0:02:57.72,Default,,0000,0000,0000,,you have a really different reception now\Nthan you did then,
Dialogue: 0,0:02:57.72,0:02:58.98,Default,,0000,0000,0000,,and that's really what it took
Dialogue: 0,0:02:58.98,0:03:01.60,Default,,0000,0000,0000,,to turn the world half a degree,\Nor something,
Dialogue: 0,0:03:01.62,0:03:03.90,Default,,0000,0000,0000,,or a quarter of a degree or something.
Dialogue: 0,0:03:04.88,0:03:08.16,Default,,0000,0000,0000,,So I'm not going to tell you about\Ndetailed plans for conspiracy,
Dialogue: 0,0:03:08.18,0:03:10.94,Default,,0000,0000,0000,,but I highly encourage you to read about\NSouth African history,
Dialogue: 0,0:03:10.95,0:03:13.59,Default,,0000,0000,0000,,in particular the history of\NUmkhonto we Sizwe.
Dialogue: 0,0:03:13.60,0:03:17.98,Default,,0000,0000,0000,,They are the clandestine communications\Ngroup for MK,
Dialogue: 0,0:03:18.02,0:03:20.88,Default,,0000,0000,0000,,or rather the operation who lay inside of MK,
Dialogue: 0,0:03:20.88,0:03:22.68,Default,,0000,0000,0000,,which is Umkhonto we Sizwe,
Dialogue: 0,0:03:22.69,0:03:25.00,Default,,0000,0000,0000,,and they are sort of with\Nthe African National Congress,
Dialogue: 0,0:03:25.00,0:03:28.76,Default,,0000,0000,0000,,and those people have published so many\Nbooks about the revolutionary activities
Dialogue: 0,0:03:28.76,0:03:31.21,Default,,0000,0000,0000,,to overthrow the apartheid state.
Dialogue: 0,0:03:31.21,0:03:33.76,Default,,0000,0000,0000,,If you read these books, especially\Nthe book "Operation Vula"
Dialogue: 0,0:03:33.76,0:03:36.18,Default,,0000,0000,0000,,and "Armed and Dangerous"\Nby Ronnie Kasrils
Dialogue: 0,0:03:36.18,0:03:38.70,Default,,0000,0000,0000,,they give you some idea about\Nwhat you need to do
Dialogue: 0,0:03:38.72,0:03:40.22,Default,,0000,0000,0000,,which is to compartmentalize,
Dialogue: 0,0:03:40.22,0:03:42.54,Default,,0000,0000,0000,,how to find people to do various tasks,\Nspecific tasks,
Dialogue: 0,0:03:42.55,0:03:45.18,Default,,0000,0000,0000,,how to work on building trust\Nwith each other, what that looks like,
Dialogue: 0,0:03:45.18,0:03:47.20,Default,,0000,0000,0000,,how to identify political targets,
Dialogue: 0,0:03:47.20,0:03:50.31,Default,,0000,0000,0000,,how you might use things\Nlike communications technology
Dialogue: 0,0:03:50.31,0:03:53.04,Default,,0000,0000,0000,,to change the political topic on,
Dialogue: 0,0:03:53.06,0:03:55.29,Default,,0000,0000,0000,,and the discussion in general.
Dialogue: 0,0:03:55.56,0:03:59.52,Default,,0000,0000,0000,,And I think the best way to learn about\Nthese things is to study previous people
Dialogue: 0,0:03:59.52,0:04:01.66,Default,,0000,0000,0000,,who have tried to do that kind of stuff.
Dialogue: 0,0:04:01.73,0:04:05.24,Default,,0000,0000,0000,,And the NSA is not the apartheid regime of\NSouth Africa,
Dialogue: 0,0:04:05.24,0:04:06.89,Default,,0000,0000,0000,,but there are still lessons\Nto be learned there,
Dialogue: 0,0:04:06.90,0:04:10.06,Default,,0000,0000,0000,,so if you really want to know the answer\Nto that, also Che Guevara's manual
Dialogue: 0,0:04:10.08,0:04:12.10,Default,,0000,0000,0000,,on guerilla warfare is very interesting,
Dialogue: 0,0:04:12.12,0:04:13.77,Default,,0000,0000,0000,,and there's a lot of other books like that.
Dialogue: 0,0:04:13.78,0:04:15.58,Default,,0000,0000,0000,,I'd be happy to talk about it\Nwith you later.
Dialogue: 0,0:04:15.58,0:04:18.24,Default,,0000,0000,0000,,And I have nothing to do with anything\Nthat we may or may not have done.
Dialogue: 0,0:04:18.55,0:04:20.21,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:04:24.90,0:04:28.53,Default,,0000,0000,0000,,[question]: Do you think there is a chance\Nthat things may get better
Dialogue: 0,0:04:28.54,0:04:33.94,Default,,0000,0000,0000,,for example I know that publicly,\Nsome programs were not extended
Dialogue: 0,0:04:33.95,0:04:37.10,Default,,0000,0000,0000,,but I don't know what is happening\Nin the background
Dialogue: 0,0:04:37.10,0:04:42.97,Default,,0000,0000,0000,,so maybe it's the same thing\Nbut they are pretending that it's not
Dialogue: 0,0:04:42.97,0:04:45.19,Default,,0000,0000,0000,,How do you see this?
Dialogue: 0,0:04:45.41,0:04:47.71,Default,,0000,0000,0000,,[Jacob]: Well I think a couple of things.
Dialogue: 0,0:04:47.72,0:04:53.93,Default,,0000,0000,0000,,In general I think what happened, not just\Nwith this movie but with all of these things
Dialogue: 0,0:04:53.93,0:04:56.07,Default,,0000,0000,0000,,is that in inspired hope,
Dialogue: 0,0:04:56.07,0:04:57.35,Default,,0000,0000,0000,,and the hope is very important,
Dialogue: 0,0:04:57.36,0:05:01.15,Default,,0000,0000,0000,,but hope is not a strategy for survival,\Nor for building alternatives,
Dialogue: 0,0:05:01.15,0:05:03.50,Default,,0000,0000,0000,,so what it has also done, is that it has\Nallowed us to raise the profile
Dialogue: 0,0:05:03.51,0:05:05.50,Default,,0000,0000,0000,,of the things which actually do\Nmake it better.
Dialogue: 0,0:05:05.59,0:05:08.82,Default,,0000,0000,0000,,For example ridding ourselves of the\Nchains of proprietary software
Dialogue: 0,0:05:08.82,0:05:12.07,Default,,0000,0000,0000,,is something that's a serious discussion\Nwith people that wouldn't have previously
Dialogue: 0,0:05:12.08,0:05:14.85,Default,,0000,0000,0000,,talked about Free software\Nbecause they don't care about liberty,
Dialogue: 0,0:05:14.87,0:05:16.51,Default,,0000,0000,0000,,they care about security.
Dialogue: 0,0:05:16.52,0:05:18.69,Default,,0000,0000,0000,,And even though I think those are\Nreally simliar things,
Dialogue: 0,0:05:18.70,0:05:21.10,Default,,0000,0000,0000,,previously they just thought we were just\NFree software hippies,
Dialogue: 0,0:05:21.10,0:05:22.40,Default,,0000,0000,0000,,in tie-dye shirts
Dialogue: 0,0:05:22.42,0:05:25.09,Default,,0000,0000,0000,,and while that may be true on the weekends\Nand evenings
Dialogue: 0,0:05:25.09,0:05:27.58,Default,,0000,0000,0000,,or with Bdale every day\N[laughter]
Dialogue: 0,0:05:27.58,0:05:29.54,Default,,0000,0000,0000,,I think that actually does make it better
Dialogue: 0,0:05:29.67,0:05:32.77,Default,,0000,0000,0000,,And it also changes the dialogue, in\Nthe sense that it's no longer reasonable
Dialogue: 0,0:05:32.77,0:05:36.95,Default,,0000,0000,0000,,to pretend that mass surveillance and\Nsurveillance issues don't matter,
Dialogue: 0,0:05:37.31,0:05:39.11,Default,,0000,0000,0000,,because if you really go down the\Nrabbit-hole
Dialogue: 0,0:05:39.11,0:05:42.26,Default,,0000,0000,0000,,of thinking about what some of the\Nsecurity services are trying to do
Dialogue: 0,0:05:42.26,0:05:45.29,Default,,0000,0000,0000,,it becomes obvious that we want to encrypt\Neverything all the time
Dialogue: 0,0:05:45.29,0:05:48.10,Default,,0000,0000,0000,,to beat selector-based surveillance\Nand dragnet-based surveillance.
Dialogue: 0,0:05:48.19,0:05:50.28,Default,,0000,0000,0000,,It doesn't matter if something is authenticated
Dialogue: 0,0:05:50.28,0:05:52.68,Default,,0000,0000,0000,,You could still trigger some action\Nto take place
Dialogue: 0,0:05:52.69,0:05:54.39,Default,,0000,0000,0000,,with these kinds of surveillance machines
Dialogue: 0,0:05:54.39,0:05:56.77,Default,,0000,0000,0000,,that could for example drone\Nstrike someone,
Dialogue: 0,0:05:56.80,0:05:58.44,Default,,0000,0000,0000,,and so it raises that.
Dialogue: 0,0:05:58.45,0:05:59.82,Default,,0000,0000,0000,,And that gives me a lot of hope too,
Dialogue: 0,0:05:59.82,0:06:03.38,Default,,0000,0000,0000,,because people understand the root\Nof the problem,
Dialogue: 0,0:06:03.38,0:06:05.00,Default,,0000,0000,0000,,or the root of many problems
Dialogue: 0,0:06:05.01,0:06:07.09,Default,,0000,0000,0000,,and the root of some violence\Nin the world, actually.
Dialogue: 0,0:06:07.22,0:06:09.10,Default,,0000,0000,0000,,And so it helps us to reduce that\Nviolence
Dialogue: 0,0:06:09.10,0:06:10.76,Default,,0000,0000,0000,,by getting people to acknowledge\Nthat it's real
Dialogue: 0,0:06:10.78,0:06:12.20,Default,,0000,0000,0000,,and also that they care about it
Dialogue: 0,0:06:12.20,0:06:14.14,Default,,0000,0000,0000,,and that we care about each other.
Dialogue: 0,0:06:14.14,0:06:16.86,Default,,0000,0000,0000,,So that really gives me a lot of hope,\Nand part of that is Snowden
Dialogue: 0,0:06:16.86,0:06:18.48,Default,,0000,0000,0000,,and part of that is the documents
Dialogue: 0,0:06:18.50,0:06:20.28,Default,,0000,0000,0000,,but the other part of it is that..
Dialogue: 0,0:06:20.40,0:06:25.01,Default,,0000,0000,0000,,I don't want to blow it up and make it\Nsound like we did something
Dialogue: 0,0:06:25.02,0:06:26.63,Default,,0000,0000,0000,,like a big deal,
Dialogue: 0,0:06:26.64,0:06:29.91,Default,,0000,0000,0000,,but in a sense, Laura, Glen, myself\Nand a number of other people
Dialogue: 0,0:06:29.91,0:06:32.53,Default,,0000,0000,0000,,were really not sure we would ever be able\Nto travel home to our country
Dialogue: 0,0:06:32.54,0:06:34.14,Default,,0000,0000,0000,,that we wouldn't be arrested.
Dialogue: 0,0:06:34.14,0:06:36.49,Default,,0000,0000,0000,,I actually haven't been home\Nin over two and half years,
Dialogue: 0,0:06:36.50,0:06:38.72,Default,,0000,0000,0000,,well, two years and three months\Nor something
Dialogue: 0,0:06:38.72,0:06:41.98,Default,,0000,0000,0000,,I went out on a small business trip\Nthat was supposed to last two weeks
Dialogue: 0,0:06:41.98,0:06:43.48,Default,,0000,0000,0000,,and then this happened
Dialogue: 0,0:06:43.50,0:06:44.89,Default,,0000,0000,0000,,and I've been here ever since.
Dialogue: 0,0:06:44.89,0:06:46.52,Default,,0000,0000,0000,,It's a really long, crazy trip.
Dialogue: 0,0:06:46.64,0:06:50.87,Default,,0000,0000,0000,,But the point is that that's what was\Nnecessary to make some of these changes
Dialogue: 0,0:06:51.04,0:06:53.47,Default,,0000,0000,0000,,and eventually it will turn around
Dialogue: 0,0:06:53.60,0:06:54.67,Default,,0000,0000,0000,,and I will be able to go home,
Dialogue: 0,0:06:54.67,0:06:57.10,Default,,0000,0000,0000,,and Laura and Glen will be able to travel\Nto the US again.
Dialogue: 0,0:06:57.10,0:07:00.06,Default,,0000,0000,0000,,Obviously, Julian is still stuck in the\NEcuadorian embassy
Dialogue: 0,0:07:00.06,0:07:01.81,Default,,0000,0000,0000,,Sarah lives in exile in Berlin,
Dialogue: 0,0:07:01.81,0:07:03.05,Default,,0000,0000,0000,,I live in exile in Berlin,
Dialogue: 0,0:07:03.05,0:07:04.54,Default,,0000,0000,0000,,And Ed is in Moscow
Dialogue: 0,0:07:04.55,0:07:07.53,Default,,0000,0000,0000,,So we're not finished with some of\Nthese things
Dialogue: 0,0:07:07.53,0:07:11.71,Default,,0000,0000,0000,,and it's also possible that we are,\Nthe set of people I mentioned,
Dialogue: 0,0:07:11.73,0:07:15.16,Default,,0000,0000,0000,,the state we're in, will stay that way\Nforever.
Dialogue: 0,0:07:15.25,0:07:16.92,Default,,0000,0000,0000,,But what matters is that the rest\Nof the world
Dialogue: 0,0:07:16.93,0:07:19.04,Default,,0000,0000,0000,,can actually move on and fix some of\Nthese problems,
Dialogue: 0,0:07:19.04,0:07:20.92,Default,,0000,0000,0000,,and I have a lot of hope about that.
Dialogue: 0,0:07:21.01,0:07:24.04,Default,,0000,0000,0000,,And I see a lot of change, that's the\Nreally big part.
Dialogue: 0,0:07:24.04,0:07:29.80,Default,,0000,0000,0000,,Like I see the reproducible build stuff\Nthat Holger and Lunar are working on.
Dialogue: 0,0:07:29.97,0:07:32.87,Default,,0000,0000,0000,,People really understand the root reason\Nfor needing to do that
Dialogue: 0,0:07:32.88,0:07:34.92,Default,,0000,0000,0000,,and actually seems quite reasonable\Nto people
Dialogue: 0,0:07:34.92,0:07:37.52,Default,,0000,0000,0000,,who would previously have expended energy\Nagainst it,
Dialogue: 0,0:07:37.54,0:07:40.72,Default,,0000,0000,0000,,in support of it, so I think that's\Nreally good.
Dialogue: 0,0:07:40.72,0:07:43.03,Default,,0000,0000,0000,,And there's a lot of other hopeful things.
Dialogue: 0,0:07:43.11,0:07:45.46,Default,,0000,0000,0000,,So I would try and be as uplifting\Nas possible.
Dialogue: 0,0:07:45.48,0:07:47.59,Default,,0000,0000,0000,,It's not just the rum!
Dialogue: 0,0:07:50.28,0:07:53.65,Default,,0000,0000,0000,,[question]: Near the end of the film\Nwe saw something about another source.
Dialogue: 0,0:07:54.07,0:07:57.15,Default,,0000,0000,0000,,I may have been missing some news\Nor something
Dialogue: 0,0:07:57.16,0:08:01.04,Default,,0000,0000,0000,,but I don't remember anything about that\Nbeing public.
Dialogue: 0,0:08:01.30,0:08:02.94,Default,,0000,0000,0000,,Do you know what happened to them?
Dialogue: 0,0:08:03.03,0:08:05.63,Default,,0000,0000,0000,,[Jacob]: As far as I know any other\Nsource that was mentioned in the film
Dialogue: 0,0:08:05.64,0:08:08.36,Default,,0000,0000,0000,,is still anonymous, and they're still free.
Dialogue: 0,0:08:08.49,0:08:11.22,Default,,0000,0000,0000,,I'm not exactly sure because I was not\Ninvolved in that part
Dialogue: 0,0:08:11.23,0:08:13.19,Default,,0000,0000,0000,,but I also saw the end of the film
Dialogue: 0,0:08:13.20,0:08:16.42,Default,,0000,0000,0000,,and I've seen a bunch of other reporting\Nwhich wasn't attributed to anyone in particular
Dialogue: 0,0:08:16.55,0:08:21.38,Default,,0000,0000,0000,,So the good news... there's an old slogan\Nfrom the Dutch hacker community, right?
Dialogue: 0,0:08:21.55,0:08:22.93,Default,,0000,0000,0000,,"Someone you trust is one of us,
Dialogue: 0,0:08:22.93,0:08:25.98,Default,,0000,0000,0000,,and the leak is higher up in the chain of\Ncommand than you"
Dialogue: 0,0:08:26.07,0:08:30.72,Default,,0000,0000,0000,,And I feel like that might be true again,\Nhopefully.
Dialogue: 0,0:08:32.76,0:08:34.86,Default,,0000,0000,0000,,I think that guy has a question as well.
Dialogue: 0,0:08:34.94,0:08:39.30,Default,,0000,0000,0000,,[question]: Part of the problem initially\Nwas that encryption software
Dialogue: 0,0:08:39.43,0:08:42.28,Default,,0000,0000,0000,,was not so easy to use, right?
Dialogue: 0,0:08:42.28,0:08:44.21,Default,,0000,0000,0000,,And I think part of the challenge\Nfor everyone
Dialogue: 0,0:08:44.21,0:08:47.74,Default,,0000,0000,0000,,was to improve on that situation\Nto make it better
Dialogue: 0,0:08:47.92,0:08:52.52,Default,,0000,0000,0000,,so I'm asking you if you've observed\Nany change and to the rest of the room
Dialogue: 0,0:08:52.52,0:08:56.15,Default,,0000,0000,0000,,have we done anything to improve on that?
Dialogue: 0,0:08:57.05,0:09:00.71,Default,,0000,0000,0000,,[Jacob]: I definitely think that there is\Na lot of free software
Dialogue: 0,0:09:00.71,0:09:02.72,Default,,0000,0000,0000,,that makes encryption easier to use,
Dialogue: 0,0:09:02.72,0:09:05.62,Default,,0000,0000,0000,,though not always on free platforms,\Nwhich really is heart-breaking.
Dialogue: 0,0:09:05.71,0:09:09.08,Default,,0000,0000,0000,,For example Moxie Marlinspike has done\Na really good job
Dialogue: 0,0:09:09.16,0:09:10.91,Default,,0000,0000,0000,,with Signal, Textsecure and Redphone
Dialogue: 0,0:09:10.91,0:09:14.03,Default,,0000,0000,0000,,and making end-to-end, encrypted\Ncalling, texting, sexting,
Dialogue: 0,0:09:14.11,0:09:16.72,Default,,0000,0000,0000,,and whatever apps,
Dialogue: 0,0:09:16.74,0:09:19.71,Default,,0000,0000,0000,,sext-secure is what I think it's nicknamed
Dialogue: 0,0:09:19.71,0:09:22.42,Default,,0000,0000,0000,,and I'm very impressed by that,\Nand it works really well
Dialogue: 0,0:09:22.42,0:09:24.57,Default,,0000,0000,0000,,and it's something which, especially\Nin the last two years,
Dialogue: 0,0:09:24.57,0:09:27.52,Default,,0000,0000,0000,,if you have a cell-phone,\Nwhich I don't recommend
Dialogue: 0,0:09:27.56,0:09:31.04,Default,,0000,0000,0000,,but if you have a cell-phone,\Nand you put in everyone's phone number,
Dialogue: 0,0:09:31.04,0:09:34.45,Default,,0000,0000,0000,,a lot of people that I would classify as\Nnon-technical people,
Dialogue: 0,0:09:34.45,0:09:37.28,Default,,0000,0000,0000,,that don't care about Free software\Nas a hobby or as a passion
Dialogue: 0,0:09:37.28,0:09:38.100,Default,,0000,0000,0000,,or as a profession.
Dialogue: 0,0:09:38.100,0:09:40.51,Default,,0000,0000,0000,,You see their names in those systems
Dialogue: 0,0:09:40.53,0:09:42.54,Default,,0000,0000,0000,,often more than some of the\NFree software people,
Dialogue: 0,0:09:42.54,0:09:44.46,Default,,0000,0000,0000,,and that's really impressive to me,
Dialogue: 0,0:09:44.48,0:09:48.29,Default,,0000,0000,0000,,and I think there's been a huge shift\Njust generally about those sorts of things
Dialogue: 0,0:09:48.29,0:09:51.15,Default,,0000,0000,0000,,also about social responsibility,
Dialogue: 0,0:09:51.15,0:09:53.84,Default,,0000,0000,0000,,or people understand they have a\Nresponsibility to other people
Dialogue: 0,0:09:53.84,0:09:57.56,Default,,0000,0000,0000,,to encrypt communications,\Nand not to put people in harm's way
Dialogue: 0,0:09:57.56,0:10:01.42,Default,,0000,0000,0000,,by sending unsafe stuff over\Nunsafe communication lines.
Dialogue: 0,0:10:01.42,0:10:04.94,Default,,0000,0000,0000,,So I think in my personal view it's better.
Dialogue: 0,0:10:04.96,0:10:07.90,Default,,0000,0000,0000,,But the original problem wasn't actually\Nthat the encryption was hard to use.
Dialogue: 0,0:10:07.90,0:10:10.66,Default,,0000,0000,0000,,I think the main problem is people didn't\Nunderstand the reason
Dialogue: 0,0:10:10.66,0:10:12.57,Default,,0000,0000,0000,,that it needed to be done
Dialogue: 0,0:10:12.70,0:10:16.73,Default,,0000,0000,0000,,and they believed the lie that is\Ntargetted versus mass surveillance.
Dialogue: 0,0:10:16.86,0:10:20.03,Default,,0000,0000,0000,,And there's a big lie, and the lie is\Nthat there is such a thing
Dialogue: 0,0:10:20.03,0:10:22.24,Default,,0000,0000,0000,,as targeted surveillance.
Dialogue: 0,0:10:22.36,0:10:24.92,Default,,0000,0000,0000,,In the modern era, most so-called\Ntargetted surveillance actually happens
Dialogue: 0,0:10:24.92,0:10:26.46,Default,,0000,0000,0000,,through mass surveillance.
Dialogue: 0,0:10:26.46,0:10:28.42,Default,,0000,0000,0000,,They gather everything up, and then they\Nlook through the thing
Dialogue: 0,0:10:28.43,0:10:30.21,Default,,0000,0000,0000,,they've already seized.
Dialogue: 0,0:10:30.21,0:10:32.94,Default,,0000,0000,0000,,And of course there are targetted,\Nfocussed attacks.
Dialogue: 0,0:10:33.07,0:10:36.36,Default,,0000,0000,0000,,But the main thing is that the abuse of\Nsurveillance often happens
Dialogue: 0,0:10:36.36,0:10:37.80,Default,,0000,0000,0000,,on an individual basis.
Dialogue: 0,0:10:37.81,0:10:39.68,Default,,0000,0000,0000,,It also has a societal cost.
Dialogue: 0,0:10:39.68,0:10:41.82,Default,,0000,0000,0000,,I think a lot of people really\Nunderstand that.
Dialogue: 0,0:10:41.90,0:10:45.95,Default,,0000,0000,0000,,It's probably because I also live in\NGermany now for the last two years
Dialogue: 0,0:10:45.95,0:10:49.51,Default,,0000,0000,0000,,but I feel that German society in\Nparticular is extremely aware
Dialogue: 0,0:10:49.51,0:10:52.01,Default,,0000,0000,0000,,of these abuses in the modern world
Dialogue: 0,0:10:52.02,0:10:55.30,Default,,0000,0000,0000,,and they have a historical context\Nthat allows them to talk about it
Dialogue: 0,0:10:55.32,0:10:58.28,Default,,0000,0000,0000,,with the rest of the world, where the\Nworld doesn't downplay it.
Dialogue: 0,0:10:58.28,0:10:59.95,Default,,0000,0000,0000,,So this is how other people relate to\NGermany
Dialogue: 0,0:10:59.96,0:11:02.68,Default,,0000,0000,0000,,not just about Germans relate to\Neach other.
Dialogue: 0,0:11:02.85,0:11:06.39,Default,,0000,0000,0000,,And that has also been really good\Nfor just meeting regular people
Dialogue: 0,0:11:06.39,0:11:07.88,Default,,0000,0000,0000,,who really care about it,
Dialogue: 0,0:11:07.90,0:11:09.12,Default,,0000,0000,0000,,and who really want to do things.
Dialogue: 0,0:11:09.14,0:11:10.88,Default,,0000,0000,0000,,So people's parents email me,\Nand are like
Dialogue: 0,0:11:10.88,0:11:12.48,Default,,0000,0000,0000,,"I want to protect my children,
Dialogue: 0,0:11:12.48,0:11:14.94,Default,,0000,0000,0000,,what's the best way to use crypto\Nwith them?"
Dialogue: 0,0:11:14.94,0:11:16.50,Default,,0000,0000,0000,,You know, things like that.
Dialogue: 0,0:11:16.50,0:11:19.45,Default,,0000,0000,0000,,And I didn't ever receive emails like\Nthat in the past
Dialogue: 0,0:11:19.47,0:11:23.50,Default,,0000,0000,0000,,and that's to me is uplifting\Nand very positive.
Dialogue: 0,0:11:25.04,0:11:27.75,Default,,0000,0000,0000,,[question]: A quick organisational question.
Dialogue: 0,0:11:27.77,0:11:30.50,Default,,0000,0000,0000,,Right now we're live-streaming the Q&A.\NAre you comfortable with that?
Dialogue: 0,0:11:30.67,0:11:33.24,Default,,0000,0000,0000,,[Jacob]: I don't think in the last three\Nyears I've ever had a moment
Dialogue: 0,0:11:33.24,0:11:36.09,Default,,0000,0000,0000,,that wasn't being recorded.
Dialogue: 0,0:11:36.54,0:11:39.32,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:11:41.10,0:11:43.06,Default,,0000,0000,0000,,[question]: If you're fine with it, moving on...
Dialogue: 0,0:11:43.73,0:11:47.51,Default,,0000,0000,0000,,[Jacob]: That's fine, just don't do it\Nwhen I'm trying to sleep.
Dialogue: 0,0:11:48.15,0:11:51.46,Default,,0000,0000,0000,,[question]: I was wondering why Laura\Nand you ended up in Germany
Dialogue: 0,0:11:51.46,0:11:54.86,Default,,0000,0000,0000,,because what you said about people in\NGermany might be true
Dialogue: 0,0:11:54.86,0:12:00.61,Default,,0000,0000,0000,,but I'm really ashamed about my Government,\Nhow they dealt with spying the chancellor,
Dialogue: 0,0:12:00.61,0:12:04.15,Default,,0000,0000,0000,,and anything... they are doing nothing for this.
Dialogue: 0,0:12:04.45,0:12:07.69,Default,,0000,0000,0000,,[Jacob]: The reason that we ended up in\NGermany
Dialogue: 0,0:12:07.70,0:12:10.85,Default,,0000,0000,0000,,is that I'd been attending\NChaos Computer Club events
Dialogue: 0,0:12:10.87,0:12:12.73,Default,,0000,0000,0000,,for many years
Dialogue: 0,0:12:12.73,0:12:15.24,Default,,0000,0000,0000,,and there are bunch of people that are\Npart of the Chaos Computer Club
Dialogue: 0,0:12:15.25,0:12:17.12,Default,,0000,0000,0000,,who are really supportive,\Nand good people,
Dialogue: 0,0:12:17.14,0:12:19.30,Default,,0000,0000,0000,,who have a stable base,\Nand an infrastructure.
Dialogue: 0,0:12:19.43,0:12:24.64,Default,,0000,0000,0000,,The German hacker scene has this\Nphenomenon which is that
Dialogue: 0,0:12:24.66,0:12:27.07,Default,,0000,0000,0000,,it's a part of society.
Dialogue: 0,0:12:27.39,0:12:30.48,Default,,0000,0000,0000,,So there are people in the CCC who will\Ntalk with the constitutional court
Dialogue: 0,0:12:30.48,0:12:31.89,Default,,0000,0000,0000,,for example,
Dialogue: 0,0:12:31.90,0:12:34.48,Default,,0000,0000,0000,,and that creates a much more stable\Ncivil society
Dialogue: 0,0:12:34.48,0:12:36.20,Default,,0000,0000,0000,,and those people were willing to help us.
Dialogue: 0,0:12:36.20,0:12:38.63,Default,,0000,0000,0000,,They were willing to hold footage,\Nto hold encrypted data.
Dialogue: 0,0:12:38.65,0:12:41.62,Default,,0000,0000,0000,,They were willing to help modify hardware.
Dialogue: 0,0:12:41.62,0:12:44.86,Default,,0000,0000,0000,,There was a huge base of support where\Npeople, even if they had fear,
Dialogue: 0,0:12:44.86,0:12:47.07,Default,,0000,0000,0000,,they did stuff anyway.
Dialogue: 0,0:12:47.12,0:12:49.89,Default,,0000,0000,0000,,And that support went back a long time.
Dialogue: 0,0:12:49.91,0:12:52.96,Default,,0000,0000,0000,,And so we knew that it would be safe\Nto store footage for the film here.
Dialogue: 0,0:12:52.97,0:12:56.23,Default,,0000,0000,0000,,In Berlin, not in Heidelberg, but here\Nin Germany.
Dialogue: 0,0:12:56.23,0:13:00.52,Default,,0000,0000,0000,,And we knew that, of course,\Nthere were people that would be helpful.
Dialogue: 0,0:13:00.60,0:13:03.33,Default,,0000,0000,0000,,In the US there's a much bigger culture\Nof fear.
Dialogue: 0,0:13:03.42,0:13:06.03,Default,,0000,0000,0000,,People are afraid of having their houses\Nraided by the police,
Dialogue: 0,0:13:06.04,0:13:08.12,Default,,0000,0000,0000,,where there's lots of detainments at the\Nborders,
Dialogue: 0,0:13:08.13,0:13:10.08,Default,,0000,0000,0000,,where there's lots of speculative arrests,
Dialogue: 0,0:13:10.08,0:13:11.85,Default,,0000,0000,0000,,journalists that are jailed,
Dialogue: 0,0:13:11.85,0:13:15.20,Default,,0000,0000,0000,,so the situation was not to say that\NGermany was perfect.
Dialogue: 0,0:13:15.33,0:13:18.99,Default,,0000,0000,0000,,I revealed in Der Spiegel with three other\Njournalists that Merkel was spied on
Dialogue: 0,0:13:19.02,0:13:20.36,Default,,0000,0000,0000,,by the NSA.
Dialogue: 0,0:13:20.37,0:13:22.19,Default,,0000,0000,0000,,And it's clear that the Germany government\Nwas complicit
Dialogue: 0,0:13:22.19,0:13:23.85,Default,,0000,0000,0000,,with some of this surveillance.
Dialogue: 0,0:13:23.85,0:13:27.01,Default,,0000,0000,0000,,But in a sort of pyramid of surveillance\Nthere's a sort of colonialism
Dialogue: 0,0:13:27.02,0:13:28.41,Default,,0000,0000,0000,,that takes place.
Dialogue: 0,0:13:28.43,0:13:30.94,Default,,0000,0000,0000,,And that the NSA and GCHQ are at the top.
Dialogue: 0,0:13:30.95,0:13:33.37,Default,,0000,0000,0000,,And the Germans are little bit below that.
Dialogue: 0,0:13:33.38,0:13:37.22,Default,,0000,0000,0000,,The thing is that there's not a lot you\Ncan do about that.
Dialogue: 0,0:13:37.22,0:13:38.96,Default,,0000,0000,0000,,And so even though we revealed this\Nabout Merkel,
Dialogue: 0,0:13:38.97,0:13:40.68,Default,,0000,0000,0000,,it's not clear what she should do.
Dialogue: 0,0:13:40.68,0:13:42.26,Default,,0000,0000,0000,,It's not clear what anyone should do.
Dialogue: 0,0:13:42.26,0:13:45.41,Default,,0000,0000,0000,,But one thing that was clear was that\Nif they wanted to break into our houses
Dialogue: 0,0:13:45.41,0:13:49.50,Default,,0000,0000,0000,,they would do it in a way that would\Ncost them a lot politically.
Dialogue: 0,0:13:49.50,0:13:50.92,Default,,0000,0000,0000,,It would be very public.
Dialogue: 0,0:13:51.05,0:13:53.14,Default,,0000,0000,0000,,The last time someone raided someone\Nworking with Der Spiegel
Dialogue: 0,0:13:53.15,0:13:55.78,Default,,0000,0000,0000,,was in 1962 during the Spiegel affair,
Dialogue: 0,0:13:55.78,0:13:57.79,Default,,0000,0000,0000,,and some ministers were kicked out.
Dialogue: 0,0:13:57.88,0:14:00.35,Default,,0000,0000,0000,,You may have seen recently the\NLandesverrat thing
Dialogue: 0,0:14:00.35,0:14:01.72,Default,,0000,0000,0000,,with Netzpolitik.
Dialogue: 0,0:14:01.72,0:14:04.32,Default,,0000,0000,0000,,The charges against them now\Nhave been dropped.
Dialogue: 0,0:14:04.44,0:14:06.54,Default,,0000,0000,0000,,That would never happen in the\NUnited States.
Dialogue: 0,0:14:06.62,0:14:07.94,Default,,0000,0000,0000,,We would not be safe.
Dialogue: 0,0:14:08.02,0:14:09.82,Default,,0000,0000,0000,,And I still, for my investigative\Njournalism,
Dialogue: 0,0:14:09.86,0:14:11.44,Default,,0000,0000,0000,,and my work with Wikileaks,
Dialogue: 0,0:14:11.49,0:14:12.72,Default,,0000,0000,0000,,and my work with the Tor project,
Dialogue: 0,0:14:12.73,0:14:14.51,Default,,0000,0000,0000,,I wouldn't even go back to the US,
Dialogue: 0,0:14:14.54,0:14:16.69,Default,,0000,0000,0000,,because there's no chance that if they\Nwanted to do something to me
Dialogue: 0,0:14:16.72,0:14:20.83,Default,,0000,0000,0000,,that I would have any constitutional\Nliberties, I think,
Dialogue: 0,0:14:20.85,0:14:22.62,Default,,0000,0000,0000,,and the same is true of Snowden.
Dialogue: 0,0:14:22.64,0:14:24.46,Default,,0000,0000,0000,,You just won't get that fair trial.
Dialogue: 0,0:14:24.47,0:14:27.100,Default,,0000,0000,0000,,And we thought at least here we would\Nhave ground to stand and fight on.
Dialogue: 0,0:14:28.02,0:14:30.43,Default,,0000,0000,0000,,And it's exactly what happened,\Nand we won.
Dialogue: 0,0:14:33.65,0:14:35.88,Default,,0000,0000,0000,,[question]: This is also about the fear\Nstuff that you talk about
Dialogue: 0,0:14:35.88,0:14:41.95,Default,,0000,0000,0000,,which is in the very old days we used to\Nput red words in the end of every message
Dialogue: 0,0:14:41.97,0:14:45.91,Default,,0000,0000,0000,,to make sure that it would be hard to find\Nthe actual subversive message
Dialogue: 0,0:14:45.91,0:14:47.91,Default,,0000,0000,0000,,among all the noise.
Dialogue: 0,0:14:47.91,0:14:49.54,Default,,0000,0000,0000,,And you can think about the same thing\Nhere.
Dialogue: 0,0:14:49.72,0:14:55.38,Default,,0000,0000,0000,,Should we build our systems so that\Neverything gets encrypted all the time?
Dialogue: 0,0:14:56.43,0:14:59.03,Default,,0000,0000,0000,,[Jacob]: So I have a lot of radical\Nsuggestions for what to do,
Dialogue: 0,0:14:59.03,0:15:01.16,Default,,0000,0000,0000,,but I'm going to talk about them tomorrow\Nin the keynote mostly.
Dialogue: 0,0:15:01.17,0:15:03.93,Default,,0000,0000,0000,,But to give you an example,\Nwhen you install Debian,
Dialogue: 0,0:15:03.95,0:15:06.32,Default,,0000,0000,0000,,you can give someone the ability to log\Ninto the machine
Dialogue: 0,0:15:06.34,0:15:07.90,Default,,0000,0000,0000,,over a Tor hidden service for free.
Dialogue: 0,0:15:07.92,0:15:12.25,Default,,0000,0000,0000,,You get a free .onion when you add two\Nlines to a Tor configuration file.
Dialogue: 0,0:15:12.28,0:15:15.53,Default,,0000,0000,0000,,We should make encryption not only easy\Nto use but out of the box
Dialogue: 0,0:15:15.53,0:15:19.50,Default,,0000,0000,0000,,we should have it possible to have\Nend-to-end reachability and connectivity,
Dialogue: 0,0:15:19.53,0:15:23.90,Default,,0000,0000,0000,,and we should reduce the total amount\Nof metadata, to make it harder for people
Dialogue: 0,0:15:23.92,0:15:26.37,Default,,0000,0000,0000,,who want to break the law, that want to\Nbreak into computers.
Dialogue: 0,0:15:26.38,0:15:30.72,Default,,0000,0000,0000,,We should solve the problem of adversarial\Nversus non-adversarial forensics
Dialogue: 0,0:15:30.73,0:15:36.32,Default,,0000,0000,0000,,so we can verify our systems with open\Nhardware and Free software together.
Dialogue: 0,0:15:36.40,0:15:39.30,Default,,0000,0000,0000,,And there's a lot to be done,\Nbut the main thing to do is to recognise
Dialogue: 0,0:15:39.31,0:15:43.05,Default,,0000,0000,0000,,that if you have the ability to upload\Nto Debian,
Dialogue: 0,0:15:43.39,0:15:46.17,Default,,0000,0000,0000,,there are literally intelligence agencies\Nthat would like those keys.
Dialogue: 0,0:15:46.19,0:15:49.36,Default,,0000,0000,0000,,And we have a great responsiblity to\Nhumanity as Debian developers
Dialogue: 0,0:15:49.36,0:15:51.57,Default,,0000,0000,0000,,to do the right thing: to build open\Nsystems,
Dialogue: 0,0:15:51.57,0:15:55.26,Default,,0000,0000,0000,,to build them in a way where users don't\Nneed to understand this stuff.
Dialogue: 0,0:15:55.43,0:15:58.07,Default,,0000,0000,0000,,There are a lot of people in the world\Nthat will never see this film.
Dialogue: 0,0:15:58.20,0:16:02.98,Default,,0000,0000,0000,,And we can solve the problems that this\Nfilm describes largely with Free software.
Dialogue: 0,0:16:03.04,0:16:04.73,Default,,0000,0000,0000,,And we can do that without them knowing,
Dialogue: 0,0:16:04.73,0:16:06.78,Default,,0000,0000,0000,,and they will be safe for us having\Ndone that.
Dialogue: 0,0:16:06.78,0:16:10.02,Default,,0000,0000,0000,,And if we can do that, the world will be\Na better place, I think.
Dialogue: 0,0:16:10.02,0:16:12.37,Default,,0000,0000,0000,,And I think the world is a better place\Nbecause of the efforts that were
Dialogue: 0,0:16:12.45,0:16:15.48,Default,,0000,0000,0000,,already done in that area, that made this\Npossible.
Dialogue: 0,0:16:15.48,0:16:17.65,Default,,0000,0000,0000,,The Tails project made it so that a bunch\Nof people
Dialogue: 0,0:16:17.65,0:16:19.57,Default,,0000,0000,0000,,who were good at investigative journalism,
Dialogue: 0,0:16:19.59,0:16:23.76,Default,,0000,0000,0000,,but absolutely terrible with computers,\Nwere able to pull this off.
Dialogue: 0,0:16:23.93,0:16:27.25,Default,,0000,0000,0000,,And that is entirely the product, in my\Nopinion, of Free software.
Dialogue: 0,0:16:27.25,0:16:32.68,Default,,0000,0000,0000,,And a little bit of Laura and Glen, but\NI'd say a lot of Free software.
Dialogue: 0,0:16:34.30,0:16:36.20,Default,,0000,0000,0000,,[question]: How many people do you think\NNSA has
Dialogue: 0,0:16:36.20,0:16:38.100,Default,,0000,0000,0000,,working within the Debian community?
Dialogue: 0,0:16:39.89,0:16:43.60,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:16:45.31,0:16:49.30,Default,,0000,0000,0000,,[Jacob]: Well, I looked in the Snowden\Narchive about that actually.
Dialogue: 0,0:16:52.81,0:16:55.53,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:16:56.64,0:17:03.34,Default,,0000,0000,0000,,Yeah. And as far as I can tell Debian is\Nnot a high priority target for them.
Dialogue: 0,0:17:03.68,0:17:05.93,Default,,0000,0000,0000,,I mean they write exploits for all sort\Nof stuff
Dialogue: 0,0:17:05.93,0:17:10.68,Default,,0000,0000,0000,,but I never found any systematic attempt\Nto compromise or harm the Debian project.
Dialogue: 0,0:17:10.70,0:17:14.56,Default,,0000,0000,0000,,But obviously there are people who are\Npaid by the NSA to infiltrate communities,
Dialogue: 0,0:17:14.56,0:17:16.99,Default,,0000,0000,0000,,and that's why we have to open transparent\Nprocesses
Dialogue: 0,0:17:16.99,0:17:21.04,Default,,0000,0000,0000,,so that if those people behave badly,\Nwe have an audit trail.
Dialogue: 0,0:17:21.04,0:17:23.21,Default,,0000,0000,0000,,We won't ever stop that kind of stuff,
Dialogue: 0,0:17:23.21,0:17:25.18,Default,,0000,0000,0000,,but what matters\Nis that people do good things.
Dialogue: 0,0:17:25.18,0:17:28.59,Default,,0000,0000,0000,,It doesn't matter who they do bad things\Nfor as long as we can correct those things
Dialogue: 0,0:17:28.59,0:17:31.02,Default,,0000,0000,0000,,and/or catch them and stop them before\Nit happens.
Dialogue: 0,0:17:31.02,0:17:33.11,Default,,0000,0000,0000,,But as far as I know there are only a\Ncouple of people that have ever
Dialogue: 0,0:17:33.11,0:17:36.18,Default,,0000,0000,0000,,been associated with the NSA in the\NDebian community.
Dialogue: 0,0:17:36.18,0:17:39.93,Default,,0000,0000,0000,,But I think we shouldn't get paranoid\Nabout it,
Dialogue: 0,0:17:39.93,0:17:41.60,Default,,0000,0000,0000,,but we should just be prudent about our\Nprocesses,
Dialogue: 0,0:17:41.60,0:17:43.95,Default,,0000,0000,0000,,because there are lots of intelligence\Nservices around the world
Dialogue: 0,0:17:43.95,0:17:47.15,Default,,0000,0000,0000,,that do not like the values of a\Nuniversal operating system,
Dialogue: 0,0:17:47.15,0:17:50.90,Default,,0000,0000,0000,,so I don't think it's super-important to\Nlook, but I did actually look,
Dialogue: 0,0:17:50.90,0:17:54.70,Default,,0000,0000,0000,,very specifically for a whole bunch of\Npeople in the Debian community
Dialogue: 0,0:17:54.70,0:17:58.03,Default,,0000,0000,0000,,to see if any of them also were being\Npaid by the NSA
Dialogue: 0,0:17:58.03,0:18:01.61,Default,,0000,0000,0000,,and I didn't find any serious thing that\Nraised concern,
Dialogue: 0,0:18:01.61,0:18:03.78,Default,,0000,0000,0000,,and if I did, I would have...
Dialogue: 0,0:18:03.78,0:18:07.54,Default,,0000,0000,0000,,I mean, there were lots of things I found\Nin the archive that I immediately
Dialogue: 0,0:18:07.54,0:18:09.33,Default,,0000,0000,0000,,notified security teams about.
Dialogue: 0,0:18:09.33,0:18:14.11,Default,,0000,0000,0000,,Where I worked along with many other\Npeople to actually fix those things.
Dialogue: 0,0:18:14.11,0:18:18.55,Default,,0000,0000,0000,,And one of those things, if we had found\Nthem, like infiltrators in Debian,
Dialogue: 0,0:18:18.55,0:18:20.77,Default,,0000,0000,0000,,I absolutely would have just told people\Nabout it.
Dialogue: 0,0:18:20.77,0:18:23.41,Default,,0000,0000,0000,,The problem is that a lot of the\Njournalists don't want to do that
Dialogue: 0,0:18:23.41,0:18:26.26,Default,,0000,0000,0000,,because there's a ten year felony\Nwhere you go to prison -
Dialogue: 0,0:18:26.26,0:18:28.18,Default,,0000,0000,0000,,a federal American prison, for\Nten years -
Dialogue: 0,0:18:28.32,0:18:30.20,Default,,0000,0000,0000,,if you reveal the name of an agent.
Dialogue: 0,0:18:30.60,0:18:31.92,Default,,0000,0000,0000,,So there's a tension there,
Dialogue: 0,0:18:31.92,0:18:34.44,Default,,0000,0000,0000,,but I think that there's something\Nto be said,
Dialogue: 0,0:18:34.65,0:18:36.66,Default,,0000,0000,0000,,if they're actually actively harming the\Ncommunity
Dialogue: 0,0:18:36.66,0:18:37.85,Default,,0000,0000,0000,,and they're committing a crime,
Dialogue: 0,0:18:37.85,0:18:39.47,Default,,0000,0000,0000,,I think there's something to be said\Nabout that.
Dialogue: 0,0:18:39.47,0:18:40.92,Default,,0000,0000,0000,,So if I found that I think it would be\Nworthwhile,
Dialogue: 0,0:18:40.92,0:18:43.14,Default,,0000,0000,0000,,but just so you know, there's this\Nhigh cost.
Dialogue: 0,0:18:43.14,0:18:45.36,Default,,0000,0000,0000,,So if there were people in the agency\Nnow,
Dialogue: 0,0:18:45.36,0:18:48.65,Default,,0000,0000,0000,,because they say that we used Tails, and\NDebian, and they wanted to subvert it,
Dialogue: 0,0:18:48.65,0:18:52.02,Default,,0000,0000,0000,,there's a really really high bar for\Npunishment.
Dialogue: 0,0:18:52.02,0:18:55.13,Default,,0000,0000,0000,,Which suggests that maybe people\Nwon't tell you.
Dialogue: 0,0:18:55.13,0:18:59.06,Default,,0000,0000,0000,,So we need to sort of bank on the fact\Nthat we'll never know,
Dialogue: 0,0:18:59.06,0:19:02.77,Default,,0000,0000,0000,,but we don't need to know, as long as we\Nhave good processes
Dialogue: 0,0:19:02.77,0:19:04.39,Default,,0000,0000,0000,,that would catch bad behaviour.
Dialogue: 0,0:19:04.39,0:19:06.18,Default,,0000,0000,0000,,And that's one of the strengths of Debian.
Dialogue: 0,0:19:06.18,0:19:08.74,Default,,0000,0000,0000,,There are very few operating systems,\NI think,
Dialogue: 0,0:19:08.74,0:19:10.83,Default,,0000,0000,0000,,and just in general Free software\Ncommunities,
Dialogue: 0,0:19:10.83,0:19:14.76,Default,,0000,0000,0000,,that are as diverse, and committed to the\Nopenness and the Free software nature
Dialogue: 0,0:19:14.76,0:19:17.74,Default,,0000,0000,0000,,of this kind of a project,
Dialogue: 0,0:19:17.74,0:19:20.98,Default,,0000,0000,0000,,and so it's very important to state that.
Dialogue: 0,0:19:21.92,0:19:24.82,Default,,0000,0000,0000,,But I do think one of the things that will\Nhappen in the future at some point
Dialogue: 0,0:19:24.82,0:19:28.07,Default,,0000,0000,0000,,is that you'll start to find people in the\NDebian community that are pressured
Dialogue: 0,0:19:28.07,0:19:29.64,Default,,0000,0000,0000,,by other people to do bad things
Dialogue: 0,0:19:29.64,0:19:31.87,Default,,0000,0000,0000,,so we need to set up processes that will\Nstop that,
Dialogue: 0,0:19:31.87,0:19:34.30,Default,,0000,0000,0000,,to create an incentive for that\Nnot happening.
Dialogue: 0,0:19:35.02,0:19:37.24,Default,,0000,0000,0000,,But it's really tough,
Dialogue: 0,0:19:37.93,0:19:40.27,Default,,0000,0000,0000,,so I think that openness, transparency\Nand accountability are the ways that
Dialogue: 0,0:19:40.27,0:19:43.77,Default,,0000,0000,0000,,we can combat that, because otherwise\Nwe won't really be able to solve it.
Dialogue: 0,0:19:44.88,0:19:47.18,Default,,0000,0000,0000,,But don't be paranoid, is the other thing.
Dialogue: 0,0:19:47.31,0:19:49.70,Default,,0000,0000,0000,,They really are out to get you,\Nso be prepared.
Dialogue: 0,0:19:50.43,0:19:56.49,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:20:00.80,0:20:05.100,Default,,0000,0000,0000,,[question]: I'm just wondering how trust\Nwas established
Dialogue: 0,0:20:05.100,0:20:09.63,Default,,0000,0000,0000,,because I'm just realizing that\Nthis community,
Dialogue: 0,0:20:09.63,0:20:14.53,Default,,0000,0000,0000,,for you to verify your public key and even\Nfingerprint is like,
Dialogue: 0,0:20:14.53,0:20:16.11,Default,,0000,0000,0000,,you have you produce your passport,
Dialogue: 0,0:20:16.11,0:20:19.61,Default,,0000,0000,0000,,so I'm wondering how Laura managed to\Nexchange her keys with Snowden
Dialogue: 0,0:20:19.61,0:20:23.07,Default,,0000,0000,0000,,and make sure that they were really\Ntalking to the right person.
Dialogue: 0,0:20:23.84,0:20:28.02,Default,,0000,0000,0000,,[Jacob]: Well, they had a whole sort of\Ndance for doing key exchange.
Dialogue: 0,0:20:28.02,0:20:32.75,Default,,0000,0000,0000,,I think it was a little bit luck, and a\Nlittle bit transitive trust,
Dialogue: 0,0:20:32.75,0:20:35.10,Default,,0000,0000,0000,,there's a little bit of the web of trust,
Dialogue: 0,0:20:35.10,0:20:36.46,Default,,0000,0000,0000,,and it worked pretty well.
Dialogue: 0,0:20:36.72,0:20:41.33,Default,,0000,0000,0000,,I mean, I don't think that the key-signing\Nstuff that Debian does is anything close
Dialogue: 0,0:20:41.33,0:20:42.91,Default,,0000,0000,0000,,to what they were doing.
Dialogue: 0,0:20:42.91,0:20:45.94,Default,,0000,0000,0000,,They just wanted to make sure that the\Nkeys they had were the right keys,
Dialogue: 0,0:20:45.94,0:20:47.69,Default,,0000,0000,0000,,and that they weren't compromised,
Dialogue: 0,0:20:47.69,0:20:50.08,Default,,0000,0000,0000,,and that then they would change things.
Dialogue: 0,0:20:50.08,0:20:51.36,Default,,0000,0000,0000,,There was a point in the movie where they\Nsaid:
Dialogue: 0,0:20:51.36,0:20:55.88,Default,,0000,0000,0000,,"let's disassociate our meta-data\None more time"
Dialogue: 0,0:20:55.88,0:20:58.95,Default,,0000,0000,0000,,And what that means is they changed all\Nof the identifiers that are visible
Dialogue: 0,0:20:58.95,0:21:04.16,Default,,0000,0000,0000,,to the network, new keys, new email\Naddresses, new Tor circuit, etc
Dialogue: 0,0:21:04.16,0:21:07.61,Default,,0000,0000,0000,,and this is like a key consistency thing,
Dialogue: 0,0:21:07.61,0:21:11.36,Default,,0000,0000,0000,,where they had the right key to begin with\Nand they continued to rotate over to new keys.
Dialogue: 0,0:21:11.36,0:21:13.41,Default,,0000,0000,0000,,This is also sometimes called TOFU.
Dialogue: 0,0:21:13.41,0:21:15.85,Default,,0000,0000,0000,,This is, I think, weaker than the\Nweb of trust,
Dialogue: 0,0:21:15.85,0:21:19.34,Default,,0000,0000,0000,,but a lot easier for people to do, and\Nvery easy to explain,
Dialogue: 0,0:21:19.34,0:21:20.84,Default,,0000,0000,0000,,and it worked out pretty well.
Dialogue: 0,0:21:20.84,0:21:25.19,Default,,0000,0000,0000,,It doesn't scale really well, but it has a\Nseparate good side
Dialogue: 0,0:21:25.19,0:21:28.98,Default,,0000,0000,0000,,which is the web of trust explicitly names\Na web of co-conspirators.
Dialogue: 0,0:21:28.98,0:21:31.38,Default,,0000,0000,0000,,And so you don't want that feature.
Dialogue: 0,0:21:31.38,0:21:33.39,Default,,0000,0000,0000,,It's useful for something like Debian;
Dialogue: 0,0:21:33.39,0:21:36.07,Default,,0000,0000,0000,,it's not useful for clandestine\Nconspiracies to commit
Dialogue: 0,0:21:36.07,0:21:37.95,Default,,0000,0000,0000,,investigative journalism.
Dialogue: 0,0:21:37.95,0:21:39.100,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:21:41.75,0:21:44.14,Default,,0000,0000,0000,,Lots of questions, this is great.
Dialogue: 0,0:21:44.77,0:21:51.86,Default,,0000,0000,0000,,[question]: Somebody working on Tails told\Nme that the NSA has a file on every DD.
Dialogue: 0,0:21:52.32,0:21:54.25,Default,,0000,0000,0000,,Is that true, do you know?
Dialogue: 0,0:21:54.67,0:21:57.10,Default,,0000,0000,0000,,[Jacob]: Okay, so when you balance your\Ncheck-book,
Dialogue: 0,0:21:57.10,0:21:58.94,Default,,0000,0000,0000,,just to answer your question in a really\Nstrange way,
Dialogue: 0,0:21:58.94,0:22:00.94,Default,,0000,0000,0000,,when you balance your check-book,\Nor you balance your bank account,
Dialogue: 0,0:22:00.94,0:22:03.63,Default,,0000,0000,0000,,and you think this is how much my rent is,\Nthis is how much food is,
Dialogue: 0,0:22:03.63,0:22:06.40,Default,,0000,0000,0000,,this is how much I have to spend on some\Nnew hardware,
Dialogue: 0,0:22:06.40,0:22:09.69,Default,,0000,0000,0000,,you think about money in an\Nindividual way.
Dialogue: 0,0:22:10.50,0:22:13.19,Default,,0000,0000,0000,,But if you think about is as a state, the\Nway a state thinks about money.
Dialogue: 0,0:22:13.19,0:22:16.30,Default,,0000,0000,0000,,They don't balance budgets the same\Nway that you do.
Dialogue: 0,0:22:16.30,0:22:18.22,Default,,0000,0000,0000,,They think about long-term investments\Nvery differently.
Dialogue: 0,0:22:18.22,0:22:19.76,Default,,0000,0000,0000,,They have other people's money.
Dialogue: 0,0:22:19.76,0:22:21.72,Default,,0000,0000,0000,,It's a whole different way of managing it.
Dialogue: 0,0:22:21.72,0:22:27.29,Default,,0000,0000,0000,,And the NSA is not the Stasi. So it's not\Nthat you have to worry about
Dialogue: 0,0:22:27.42,0:22:29.78,Default,,0000,0000,0000,,them having a file on you, or every Debian\Ndeveloper,
Dialogue: 0,0:22:30.20,0:22:32.63,Default,,0000,0000,0000,,but rather there exist some laws in the\NUnited States that say
Dialogue: 0,0:22:32.63,0:22:35.78,Default,,0000,0000,0000,,for cyber-security purposes, you don't\Nhave constitutional rights
Dialogue: 0,0:22:35.78,0:22:37.71,Default,,0000,0000,0000,,and based on your accent, you weren't\Nan American anyway,
Dialogue: 0,0:22:37.71,0:22:39.75,Default,,0000,0000,0000,,and you aren't in America,
Dialogue: 0,0:22:39.75,0:22:41.97,Default,,0000,0000,0000,,so you don't have any rights at all,\Nanyway, according to them.
Dialogue: 0,0:22:41.97,0:22:44.19,Default,,0000,0000,0000,,They're just allowed to do whatever they\Nwant to you,
Dialogue: 0,0:22:44.19,0:22:46.28,Default,,0000,0000,0000,,up to and including murdering you, with\Nthe CIA.
Dialogue: 0,0:22:46.28,0:22:49.18,Default,,0000,0000,0000,,That's what they do with drones; that was\Nat the very end of the movie.
Dialogue: 0,0:22:49.74,0:22:52.16,Default,,0000,0000,0000,,So it's not that they have a file on you.
Dialogue: 0,0:22:52.34,0:22:56.18,Default,,0000,0000,0000,,It's that they have giant databases full\Nof information on all of us,
Dialogue: 0,0:22:56.18,0:22:59.55,Default,,0000,0000,0000,,and then when they're interested in you,\Npull up all your data,
Dialogue: 0,0:22:59.55,0:23:01.30,Default,,0000,0000,0000,,and associative data,
Dialogue: 0,0:23:01.30,0:23:03.35,Default,,0000,0000,0000,,and then they use that, and sometimes\Nthey use it to target you,
Dialogue: 0,0:23:03.35,0:23:06.25,Default,,0000,0000,0000,,to break into your machines,\Nor to find people to exert pressure on,
Dialogue: 0,0:23:06.25,0:23:08.38,Default,,0000,0000,0000,,or to do psychological manipulation on.
Dialogue: 0,0:23:08.38,0:23:10.89,Default,,0000,0000,0000,,All that stuff, they do all of those\Nthings.
Dialogue: 0,0:23:10.89,0:23:12.77,Default,,0000,0000,0000,,And so it's not that they have one file\Non you.
Dialogue: 0,0:23:12.77,0:23:16.10,Default,,0000,0000,0000,,Though maybe, it depends, if you work on\Na critical package like the Linux kernel\N
Dialogue: 0,0:23:16.10,0:23:20.76,Default,,0000,0000,0000,,they might be more interested in you\Nthan if you work on something else.
Dialogue: 0,0:23:20.76,0:23:25.40,Default,,0000,0000,0000,,I don't want to denigrate anyone's work,\Nbut they have very specific focuses,
Dialogue: 0,0:23:25.40,0:23:29.06,Default,,0000,0000,0000,,and so they definitely are interested in\Nbeing able to compromise systems, right?
Dialogue: 0,0:23:29.92,0:23:36.32,Default,,0000,0000,0000,,And so you may also have a file, but it's\Nreally the meta list that's the new way
Dialogue: 0,0:23:36.32,0:23:37.47,Default,,0000,0000,0000,,of thinking about it.
Dialogue: 0,0:23:37.47,0:23:40.76,Default,,0000,0000,0000,,And in some senses I think that's actually\Nscarier, because they just hoover up
Dialogue: 0,0:23:40.76,0:23:43.02,Default,,0000,0000,0000,,everything, all across the whole Internet,
Dialogue: 0,0:23:43.02,0:23:46.13,Default,,0000,0000,0000,,and things that are interesting, then\Nthey have them.
Dialogue: 0,0:23:46.13,0:23:49.20,Default,,0000,0000,0000,,And depending on what interesting\Nthings are there, they maybe
Dialogue: 0,0:23:49.20,0:23:51.50,Default,,0000,0000,0000,,put those in a database that lasts\Nfor ever,
Dialogue: 0,0:23:51.50,0:23:53.47,Default,,0000,0000,0000,,or maybe it's just around for 30 days,
Dialogue: 0,0:23:53.47,0:23:56.89,Default,,0000,0000,0000,,or maybe its full content for 9 days,\Nor something like that.
Dialogue: 0,0:23:57.61,0:23:59.83,Default,,0000,0000,0000,,And then of course if you are a person of\Ninterest
Dialogue: 0,0:23:59.83,0:24:02.69,Default,,0000,0000,0000,,they do do the same stuff that the Stasi\Ndoes,
Dialogue: 0,0:24:02.69,0:24:06.01,Default,,0000,0000,0000,,they do that Zersetzung stuff, if you're\Nfamiliar with this German term,
Dialogue: 0,0:24:06.01,0:24:11.05,Default,,0000,0000,0000,,disintegration, they do that kind of\Nstuff, along with JTRIG, from GCHQ,
Dialogue: 0,0:24:11.05,0:24:16.04,Default,,0000,0000,0000,,so they harass people, blackmail them,\Ndo all sorts of really nasty stuff.
Dialogue: 0,0:24:16.51,0:24:20.00,Default,,0000,0000,0000,,And they do that also, so both of those\Nthings.
Dialogue: 0,0:24:20.65,0:24:23.21,Default,,0000,0000,0000,,So again, I don't think you should be\Nparanoid, you should encrypt your stuff,
Dialogue: 0,0:24:23.21,0:24:24.75,Default,,0000,0000,0000,,and help people do the same,
Dialogue: 0,0:24:24.75,0:24:28.97,Default,,0000,0000,0000,,and know that in a democratic society with\Na secret political police,
Dialogue: 0,0:24:28.97,0:24:31.95,Default,,0000,0000,0000,,the right place to be is in their\Ndatabase, right?
Dialogue: 0,0:24:31.95,0:24:34.04,Default,,0000,0000,0000,,You should be proud of being surveilled\Nby them,
Dialogue: 0,0:24:34.04,0:24:35.66,Default,,0000,0000,0000,,it means you're doing the right thing.
Dialogue: 0,0:24:36.65,0:24:41.73,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:24:43.17,0:24:44.88,Default,,0000,0000,0000,,Nonetheless, we should stop them.
Dialogue: 0,0:24:48.90,0:24:53.84,Default,,0000,0000,0000,,[question]: I'm curious about your views\Nabout Snowden actually coming out
Dialogue: 0,0:24:53.84,0:24:55.63,Default,,0000,0000,0000,,and saying he was the whistleblower,
Dialogue: 0,0:24:55.63,0:24:59.00,Default,,0000,0000,0000,,because I know, when he came out,\NI had some fierce discussion
Dialogue: 0,0:24:59.00,0:25:01.61,Default,,0000,0000,0000,,with friends about it, so I wanted to know\Nwhat you thought about it.
Dialogue: 0,0:25:01.61,0:25:03.10,Default,,0000,0000,0000,,[Jacob]: What do you mean came out?
Dialogue: 0,0:25:03.10,0:25:06.52,Default,,0000,0000,0000,,[question]: He said I'm Edward Snowden,\NI'm the whistle-blower, here I am,
Dialogue: 0,0:25:06.52,0:25:10.14,Default,,0000,0000,0000,,instead of just being anonymous the\Nwhole way, just sending files to people.
Dialogue: 0,0:25:11.25,0:25:13.68,Default,,0000,0000,0000,,[Jacob]: Well, I think the main thing is\Nthat it's about control of
Dialogue: 0,0:25:13.68,0:25:15.43,Default,,0000,0000,0000,,your own narrative, right?
Dialogue: 0,0:25:15.43,0:25:19.65,Default,,0000,0000,0000,,I mean if we could have done everything\Nhere anonymous, and gotten away with it,
Dialogue: 0,0:25:19.65,0:25:20.98,Default,,0000,0000,0000,,would that have made the same impact
Dialogue: 0,0:25:20.98,0:25:24.95,Default,,0000,0000,0000,,in getting other people to come forward\Neven if they maintain their anonymity?
Dialogue: 0,0:25:24.95,0:25:27.80,Default,,0000,0000,0000,,So I think that what Snowden did, what's\Nbeautiful about it,
Dialogue: 0,0:25:27.83,0:25:30.51,Default,,0000,0000,0000,,is that he basically did enough,
Dialogue: 0,0:25:31.24,0:25:32.95,Default,,0000,0000,0000,,where he could then survive.
Dialogue: 0,0:25:33.12,0:25:36.24,Default,,0000,0000,0000,,Our job now for the most part, a very\Ngood friend told me,
Dialogue: 0,0:25:36.24,0:25:39.22,Default,,0000,0000,0000,,he's a little bit of a fatalist, he said:
Dialogue: 0,0:25:39.22,0:25:43.23,Default,,0000,0000,0000,,your job, Laura's job, Glen's job,\NSnowden's job, your job now is
Dialogue: 0,0:25:43.23,0:25:44.90,Default,,0000,0000,0000,,just to survive.
Dialogue: 0,0:25:44.90,0:25:47.37,Default,,0000,0000,0000,,That's all that you need to do now.\NYou don't need to do anything else.
Dialogue: 0,0:25:47.37,0:25:51.80,Default,,0000,0000,0000,,You should go do other things, like\Ndrink a glass of wine, relax, be happy,
Dialogue: 0,0:25:51.80,0:25:54.75,Default,,0000,0000,0000,,have a nice life, but just survive,
Dialogue: 0,0:25:54.93,0:25:58.73,Default,,0000,0000,0000,,so other people can see that you do the\Nright thing, and even though you could have
Dialogue: 0,0:25:59.16,0:26:02.23,Default,,0000,0000,0000,,done more, you did enough,\Nand you lived through it.
Dialogue: 0,0:26:02.23,0:26:06.20,Default,,0000,0000,0000,,And so Snowden coming out and telling us\Nall of these things, I mean,
Dialogue: 0,0:26:06.20,0:26:09.86,Default,,0000,0000,0000,,there are really powerful people saying\Nhe should be assassinated, right,
Dialogue: 0,0:26:09.86,0:26:13.92,Default,,0000,0000,0000,,hung by the neck until dead, was what one\Nof the CIA people said.
Dialogue: 0,0:26:13.92,0:26:17.24,Default,,0000,0000,0000,,So he probably could have continued to be\Nanonymous for a while,
Dialogue: 0,0:26:17.24,0:26:20.45,Default,,0000,0000,0000,,but imagine if the NSA had got to reveal\Nhis identity.
Dialogue: 0,0:26:20.45,0:26:23.88,Default,,0000,0000,0000,,How would that have been framed, what\Nwould the first impression have been?
Dialogue: 0,0:26:23.88,0:26:27.72,Default,,0000,0000,0000,,I think they called him a narcissist, and\Nthey called him all these terrible names.
Dialogue: 0,0:26:27.72,0:26:32.97,Default,,0000,0000,0000,,And it didn't really stick, because he\Nbasically said "come at me bro',
Dialogue: 0,0:26:33.40,0:26:37.75,Default,,0000,0000,0000,,I'm ready, and you can do your worst,\Nbut you can't get rid of the facts,
Dialogue: 0,0:26:37.75,0:26:39.16,Default,,0000,0000,0000,,so let's talk about the facts."
Dialogue: 0,0:26:39.16,0:26:42.40,Default,,0000,0000,0000,,And I think the timing of how he did that\Nis good, because people really cared
Dialogue: 0,0:26:42.61,0:26:45.85,Default,,0000,0000,0000,,about the issues, but he also recognized\Nthat it was a matter of time,
Dialogue: 0,0:26:45.85,0:26:50.89,Default,,0000,0000,0000,,the NSA police went to his house, they\Nreally bothered his family,
Dialogue: 0,0:26:50.89,0:26:54.78,Default,,0000,0000,0000,,they've done that with my family as well,\Nother people's families have had trouble.
Dialogue: 0,0:26:55.28,0:26:59.55,Default,,0000,0000,0000,,So I think it's tough, because I\Nthink he probably would have liked to have
Dialogue: 0,0:26:59.55,0:27:03.20,Default,,0000,0000,0000,,been able to not have that happen, but \Nthere comes a point at which
Dialogue: 0,0:27:03.20,0:27:05.29,Default,,0000,0000,0000,,you're the person who has access to all \Nthat information
Dialogue: 0,0:27:05.29,0:27:06.86,Default,,0000,0000,0000,,and they're going to figure it out.
Dialogue: 0,0:27:06.86,0:27:11.52,Default,,0000,0000,0000,,No amount of anonymity, I think, will\Nlast forever, but it can buy you time.
Dialogue: 0,0:27:11.52,0:27:14.51,Default,,0000,0000,0000,,He got exactly the amount of time\Nhe needed.
Dialogue: 0,0:27:15.06,0:27:17.66,Default,,0000,0000,0000,,The really sad part about him coming out\Nin public when he did, though, was that
Dialogue: 0,0:27:17.66,0:27:21.25,Default,,0000,0000,0000,,he got stuck in Russia, because my\Ngovernment cancelled his passport.
Dialogue: 0,0:27:21.25,0:27:23.68,Default,,0000,0000,0000,,I think mostly for propaganda reasons.
Dialogue: 0,0:27:23.68,0:27:28.33,Default,,0000,0000,0000,,Because in the United States, we denigrate\Nall things relating to Russia.
Dialogue: 0,0:27:28.33,0:27:29.78,Default,,0000,0000,0000,,And there are lots of problems with\NRussia,
Dialogue: 0,0:27:29.78,0:27:32.26,Default,,0000,0000,0000,,and especially with Vladimir Putin,
Dialogue: 0,0:27:32.26,0:27:36.70,Default,,0000,0000,0000,,but at the same time that seems to be the\Nonly country that was willing to uphold
Dialogue: 0,0:27:36.70,0:27:38.44,Default,,0000,0000,0000,,his fundamental liberties.
Dialogue: 0,0:27:38.44,0:27:41.17,Default,,0000,0000,0000,,I went to the Council of Europe, and to\Nthe European Parliament,
Dialogue: 0,0:27:41.17,0:27:44.67,Default,,0000,0000,0000,,to the German Parliament, to the French,\Nsort of to the French Parliament,
Dialogue: 0,0:27:44.67,0:27:48.30,Default,,0000,0000,0000,,they didn't really want to meet with me,\Nbut also to the Austrian Parliament,
Dialogue: 0,0:27:48.30,0:27:49.96,Default,,0000,0000,0000,,and to a number of other places,
Dialogue: 0,0:27:49.96,0:27:53.38,Default,,0000,0000,0000,,and everyone said, oh, we would really\Nlive to help anybody who needs help,
Dialogue: 0,0:27:53.38,0:27:55.25,Default,,0000,0000,0000,,oh it's Edward Snowden, never mind.
Dialogue: 0,0:27:55.98,0:27:57.81,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:27:57.94,0:28:02.53,Default,,0000,0000,0000,,And so though I have a lot of critiques\Non Russia, the propaganda aspect of it
Dialogue: 0,0:28:02.53,0:28:04.66,Default,,0000,0000,0000,,was very damaging for him to be stuck\Nin Russia,
Dialogue: 0,0:28:04.66,0:28:08.24,Default,,0000,0000,0000,,but on the other hand, he's still alive,\Nand he's still mostly free.
Dialogue: 0,0:28:08.24,0:28:12.30,Default,,0000,0000,0000,,And they recognized his right to\Nseek and to receive asylum.
Dialogue: 0,0:28:12.86,0:28:15.33,Default,,0000,0000,0000,,So there's a lot of trade-offs to think\Nidentifying one's self,
Dialogue: 0,0:28:15.33,0:28:17.81,Default,,0000,0000,0000,,and if you were thinking about being\Nthe next Snowden,
Dialogue: 0,0:28:18.30,0:28:19.46,Default,,0000,0000,0000,,or helping Snowden,\Nor something like that,
Dialogue: 0,0:28:20.38,0:28:22.65,Default,,0000,0000,0000,,you really have to think that, you really\Nhave to think this out many steps ahead,
Dialogue: 0,0:28:22.65,0:28:25.81,Default,,0000,0000,0000,,and it's easy to stay, oh he should have\Njust stayed anonymous and
Dialogue: 0,0:28:25.81,0:28:27.56,Default,,0000,0000,0000,,nobody would have figured it out,
Dialogue: 0,0:28:27.56,0:28:31.48,Default,,0000,0000,0000,,but that's very clearly not planning for\Nthe case that they do figure it out,
Dialogue: 0,0:28:31.48,0:28:33.27,Default,,0000,0000,0000,,and then they're going to be in control\Nof the narrative,
Dialogue: 0,0:28:33.27,0:28:37.75,Default,,0000,0000,0000,,and in that case, I think you are better\Noff to do what he did,
Dialogue: 0,0:28:37.85,0:28:40.16,Default,,0000,0000,0000,,and he did so quite reluctantly.
Dialogue: 0,0:28:40.41,0:28:43.48,Default,,0000,0000,0000,,He's not an egoist, or an narcissist,\Nhe's actually a really shy guy
Dialogue: 0,0:28:43.48,0:28:44.76,Default,,0000,0000,0000,,from what I can tell.
Dialogue: 0,0:28:44.76,0:28:48.64,Default,,0000,0000,0000,,I don't know exactly what conversation\Nyou and your friend had,
Dialogue: 0,0:28:48.64,0:28:52.83,Default,,0000,0000,0000,,but I would suspect that the notion is\Nthat people are more powerful
Dialogue: 0,0:28:52.83,0:28:53.88,Default,,0000,0000,0000,,when anonymous.
Dialogue: 0,0:28:53.88,0:28:55.97,Default,,0000,0000,0000,,And that is true sometimes,\Nbut not always,
Dialogue: 0,0:28:55.97,0:28:58.48,Default,,0000,0000,0000,,and it's important to remember that\Nthe anonymity technology is there
Dialogue: 0,0:28:58.48,0:29:01.00,Default,,0000,0000,0000,,so you have a choice, not a requirement.
Dialogue: 0,0:29:01.00,0:29:03.65,Default,,0000,0000,0000,,And that choice is sometimes\Ncounter-intuitive,
Dialogue: 0,0:29:03.65,0:29:06.38,Default,,0000,0000,0000,,but I think he did the right thing in\Nthis way, and I wish that my government
Dialogue: 0,0:29:06.38,0:29:09.02,Default,,0000,0000,0000,,had done the right thing by him as well,\Nbut they did not.
Dialogue: 0,0:29:09.02,0:29:12.12,Default,,0000,0000,0000,,[question]: So there are lot of questions,\Ndo you want to keep going on,
Dialogue: 0,0:29:12.13,0:29:13.49,Default,,0000,0000,0000,,shall we get in a little Mate?
Dialogue: 0,0:29:14.56,0:29:17.75,Default,,0000,0000,0000,,[Jacob]: I would love some of that rum.
Dialogue: 0,0:29:17.75,0:29:22.72,Default,,0000,0000,0000,,I think I have to GRsec, right?\NGRsec kernel.
Dialogue: 0,0:29:22.72,0:29:24.13,Default,,0000,0000,0000,,And then rum appears. Rum as a service.
Dialogue: 0,0:29:26.38,0:29:29.91,Default,,0000,0000,0000,,[applause]
Dialogue: 0,0:29:32.90,0:29:36.91,Default,,0000,0000,0000,,I'm really happy to keep taking questions,\Nbecause to me, what I want is
Dialogue: 0,0:29:36.91,0:29:41.57,Default,,0000,0000,0000,,for every person in this room to feel\Na part of this, because you really are.
Dialogue: 0,0:29:41.57,0:29:44.84,Default,,0000,0000,0000,,A lot of the people I've met in this\Ncommunity really inspire me to action,
Dialogue: 0,0:29:44.84,0:29:48.85,Default,,0000,0000,0000,,and it's important to understand that\Nreally, it would not have been possible
Dialogue: 0,0:29:48.85,0:29:50.09,Default,,0000,0000,0000,,without Debian.
Dialogue: 0,0:29:50.09,0:29:54.25,Default,,0000,0000,0000,,For example debootstrap - really important\Ntool, right?
Dialogue: 0,0:29:54.25,0:29:58.57,Default,,0000,0000,0000,,With weasel's packaging of Tor, it allowed\Nus to have bootstraps of things,
Dialogue: 0,0:29:58.57,0:29:59.94,Default,,0000,0000,0000,,it allowed us to build things,
Dialogue: 0,0:29:59.94,0:30:02.49,Default,,0000,0000,0000,,and using Free software really was\Nhelpful,
Dialogue: 0,0:30:02.49,0:30:04.89,Default,,0000,0000,0000,,so if you guys have any questions at all,
Dialogue: 0,0:30:04.89,0:30:08.39,Default,,0000,0000,0000,,really each and every person that helps\Nwith Debian should just know
Dialogue: 0,0:30:08.39,0:30:09.86,Default,,0000,0000,0000,,that you are a part of that,
Dialogue: 0,0:30:09.86,0:30:12.36,Default,,0000,0000,0000,,and I'm just happy to talk for as long as\Nyou want, basically,
Dialogue: 0,0:30:12.36,0:30:14.16,Default,,0000,0000,0000,,to answer all of your questions,\N
Dialogue: 0,0:30:14.16,0:30:16.46,Default,,0000,0000,0000,,except the ones that put me in prison.\NThanks.
Dialogue: 0,0:30:16.46,0:30:18.38,Default,,0000,0000,0000,,[laughter]
Dialogue: 0,0:30:19.43,0:30:23.80,Default,,0000,0000,0000,,[question]: I just wanted to make a quick\Nnote about the question
Dialogue: 0,0:30:23.80,0:30:26.08,Default,,0000,0000,0000,,"do they have a file on me?"
Dialogue: 0,0:30:26.08,0:30:30.17,Default,,0000,0000,0000,,From all I've read so far, it's just that\Nthey're doing the thing
Dialogue: 0,0:30:30.17,0:30:33.24,Default,,0000,0000,0000,,that is in the commercial world called\N"big data".
Dialogue: 0,0:30:34.01,0:30:36.34,Default,,0000,0000,0000,,[Jacob]: Yep. Absolutely.
Dialogue: 0,0:30:36.34,0:30:38.81,Default,,0000,0000,0000,,Oh boy. GRsec again?
Dialogue: 0,0:30:40.79,0:30:44.95,Default,,0000,0000,0000,,[orga]: it's not rum, but it's Bavarian\Nwhisky.
Dialogue: 0,0:30:45.58,0:30:50.05,Default,,0000,0000,0000,,[Jacob]: Oh boy. It's going to be a\Nheavy morning tomorrow.
Dialogue: 0,0:30:50.93,0:30:54.08,Default,,0000,0000,0000,,I saw another couple of hands.
Dialogue: 0,0:30:56.48,0:30:59.98,Default,,0000,0000,0000,,[question]: I was just wondering if\Nthat you noticed throughout this
Dialogue: 0,0:30:59.98,0:31:04.89,Default,,0000,0000,0000,,that you think we could improve in Debian\Nto make the next people's lives easier.
Dialogue: 0,0:31:04.89,0:31:08.69,Default,,0000,0000,0000,,[Jacob]: Oh my god, I'm so glad you asked\Nthat question, that's so fantastic.
Dialogue: 0,0:31:08.69,0:31:10.39,Default,,0000,0000,0000,,I'm going to talk about that tomorrow\Nin my keynote,
Dialogue: 0,0:31:10.39,0:31:12.34,Default,,0000,0000,0000,,but let me tell you about one that I have.
Dialogue: 0,0:31:12.34,0:31:16.67,Default,,0000,0000,0000,,I revealed a specific document about a\Nwifi injection attack system.
Dialogue: 0,0:31:16.67,0:31:19.47,Default,,0000,0000,0000,,It's a classified document, it's a\Ntop secret document,
Dialogue: 0,0:31:19.47,0:31:22.16,Default,,0000,0000,0000,,for a thing called nightstand, and what\Nnightstand is,
Dialogue: 0,0:31:22.16,0:31:25.93,Default,,0000,0000,0000,,it's basically like car metasploit,\Nit's a wifi injector...
Dialogue: 0,0:31:25.93,0:31:29.09,Default,,0000,0000,0000,,cheers!
Dialogue: 0,0:31:35.35,0:31:37.40,Default,,0000,0000,0000,,Danke schön.
Dialogue: 0,0:31:38.38,0:31:40.55,Default,,0000,0000,0000,,It's a wifi injector device...
Dialogue: 0,0:31:41.16,0:31:42.85,Default,,0000,0000,0000,,Whew, jesus!
Dialogue: 0,0:31:43.95,0:31:48.10,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:31:52.75,0:31:56.57,Default,,0000,0000,0000,,[orga]: Tonight's whisky sponsored by\Ndrunc-tank dot org.
Dialogue: 0,0:31:59.91,0:32:03.82,Default,,0000,0000,0000,,[Jacob]: So this wifi injector device,\Nwhat it does is it basically is able to
Dialogue: 0,0:32:03.82,0:32:09.04,Default,,0000,0000,0000,,exploit the kernel of a device by sending\Nmalformed data over wifi.
Dialogue: 0,0:32:09.04,0:32:14.98,Default,,0000,0000,0000,,Now I have a series of photographs, so\Nall of us.. not all of us, but most of us
Dialogue: 0,0:32:14.98,0:32:19.58,Default,,0000,0000,0000,,used these speciallly modified X60s where\Nwe removed the microphones, soldered??
Dialogue: 0,0:32:19.58,0:32:22.08,Default,,0000,0000,0000,,down things on the PCI bus,
Dialogue: 0,0:32:22.08,0:32:24.03,Default,,0000,0000,0000,,we removed, like, firewire, really\Nmodified it, flashed coreboot onto it,
Dialogue: 0,0:32:24.03,0:32:26.87,Default,,0000,0000,0000,,flipped the read pin so it was only\Nread-only,
Dialogue: 0,0:32:26.87,0:32:30.16,Default,,0000,0000,0000,,so you couldn't easily make a BIOS\Nroot kit and make it persistent,
Dialogue: 0,0:32:30.16,0:32:32.45,Default,,0000,0000,0000,,we booted TAILS, did all this stuff,
Dialogue: 0,0:32:32.45,0:32:35.97,Default,,0000,0000,0000,,often we could boot to RAM so that\Nonce the machine was powered off
Dialogue: 0,0:32:35.97,0:32:39.32,Default,,0000,0000,0000,,basically it would be done, so if someone\Nkicks down your door,
Dialogue: 0,0:32:39.32,0:32:41.02,Default,,0000,0000,0000,,you just pull the power out,
Dialogue: 0,0:32:41.02,0:32:43.15,Default,,0000,0000,0000,,and you don't have a battery, and\Nwhen the power fails you have an
Dialogue: 0,0:32:43.15,0:32:45.25,Default,,0000,0000,0000,,instant kill switch.
Dialogue: 0,0:32:45.25,0:32:48.37,Default,,0000,0000,0000,,So things that are in TAILS that are \Nreally useful include this
Dialogue: 0,0:32:48.37,0:32:52.81,Default,,0000,0000,0000,,wiping the kernel memory package\Nwhich I hear is being packaged for Debian
Dialogue: 0,0:32:52.81,0:32:54.66,Default,,0000,0000,0000,,soon, which is very exciting.
Dialogue: 0,0:32:54.66,0:32:57.04,Default,,0000,0000,0000,,Because everyone should have access\Nto that so we can tie it into something
Dialogue: 0,0:32:57.04,0:33:01.21,Default,,0000,0000,0000,,like GNU panicd or these other things.
Dialogue: 0,0:33:01.21,0:33:08.03,Default,,0000,0000,0000,,But one thing I kept having problems with\Nis this wifi injection device,
Dialogue: 0,0:33:08.03,0:33:09.98,Default,,0000,0000,0000,,I'm pretty sure, was very close to my\Nhouse.
Dialogue: 0,0:33:09.98,0:33:13.11,Default,,0000,0000,0000,,There was a white van outside, it was\Nvibrating a bit like there was a guy
Dialogue: 0,0:33:13.11,0:33:14.83,Default,,0000,0000,0000,,walking around in it,
Dialogue: 0,0:33:14.83,0:33:17.73,Default,,0000,0000,0000,,and then all of sudden, an X60 here,\Nan X60 here, and an X60 here,
Dialogue: 0,0:33:17.73,0:33:22.10,Default,,0000,0000,0000,,just booted into TAILS, not doing\Nanything at all, but on the wifi network,
Dialogue: 0,0:33:22.10,0:33:24.44,Default,,0000,0000,0000,,kernel panic, kernel panic, kernel panic.
Dialogue: 0,0:33:24.44,0:33:27.67,Default,,0000,0000,0000,,All the same kernel panic, all the\Nsame memory offsets,
Dialogue: 0,0:33:27.67,0:33:32.42,Default,,0000,0000,0000,,in the Appletalk driver of the stock\Nkernel for TAILS.
Dialogue: 0,0:33:32.42,0:33:36.58,Default,,0000,0000,0000,,I think I filed a bug upstream with TAILS\Nat the time,
Dialogue: 0,0:33:36.58,0:33:40.02,Default,,0000,0000,0000,,but this is just incredible because\Nit's clear that all the crap
Dialogue: 0,0:33:40.02,0:33:46.06,Default,,0000,0000,0000,,in the default Debian kernel that you\Nreally want for your 1992 Apple network
Dialogue: 0,0:33:46.06,0:33:48.41,Default,,0000,0000,0000,,makes operational security really hard,
Dialogue: 0,0:33:48.41,0:33:51.63,Default,,0000,0000,0000,,and one thing that would be really great\Nwould be a GRsec enabled kernel...
Dialogue: 0,0:33:53.21,0:33:55.28,Default,,0000,0000,0000,,[applause]
Dialogue: 0,0:33:55.28,0:33:57.51,Default,,0000,0000,0000,,Yes, have to drink.
Dialogue: 0,0:34:01.35,0:34:06.70,Default,,0000,0000,0000,,But as an example, we built different\Ncustom machines, and one of the things
Dialogue: 0,0:34:06.70,0:34:09.95,Default,,0000,0000,0000,,that we did for some people and in some\Ncircumstances was
Dialogue: 0,0:34:09.95,0:34:12.37,Default,,0000,0000,0000,,to build GRsec enabled kernels.
Dialogue: 0,0:34:12.37,0:34:14.76,Default,,0000,0000,0000,,And I'm not going to drink again.
Dialogue: 0,0:34:19.04,0:34:20.89,Default,,0000,0000,0000,,So we built those kernels
Dialogue: 0,0:34:21.22,0:34:23.45,Default,,0000,0000,0000,,[audience]: Which ones?
Dialogue: 0,0:34:24.32,0:34:27.17,Default,,0000,0000,0000,,[Jacbob]: Yes, exactly, those ones.
Dialogue: 0,0:34:27.17,0:34:30.89,Default,,0000,0000,0000,,And that was work which creates a problem\Nfor a bunch of reasons.
Dialogue: 0,0:34:30.89,0:34:33.54,Default,,0000,0000,0000,,When you build custom kernels, and\Nyou only have a few people
Dialogue: 0,0:34:33.54,0:34:35.24,Default,,0000,0000,0000,,that can build those kernels,
Dialogue: 0,0:34:35.24,0:34:37.89,Default,,0000,0000,0000,,you actually build a chain of evidence of\Nwho helped who.
Dialogue: 0,0:34:37.89,0:34:39.89,Default,,0000,0000,0000,,And if that was a stable, normal package,
Dialogue: 0,0:34:39.89,0:34:42.59,Default,,0000,0000,0000,,that people could install in a Debian\Npure blend,
Dialogue: 0,0:34:42.59,0:34:44.71,Default,,0000,0000,0000,,then it would have been easier to do that.
Dialogue: 0,0:34:44.71,0:34:48.66,Default,,0000,0000,0000,,We built a lot more sandbox profiles for\Nvarious different things,
Dialogue: 0,0:34:48.66,0:34:51.28,Default,,0000,0000,0000,,we built some transparent TOR-ification\Nstuff,
Dialogue: 0,0:34:51.28,0:34:53.95,Default,,0000,0000,0000,,and that required a lot of bespoke\Nknowledge,
Dialogue: 0,0:34:53.95,0:34:57.30,Default,,0000,0000,0000,,and it required a lot of effort that a lot\Nof people did not have,
Dialogue: 0,0:34:57.30,0:34:59.20,Default,,0000,0000,0000,,because they had a different set of\Nskills,
Dialogue: 0,0:34:59.20,0:35:00.88,Default,,0000,0000,0000,,and it's good to have a division of\Nlabour,
Dialogue: 0,0:35:00.88,0:35:04.16,Default,,0000,0000,0000,,but having that kind of stuff built into\NDebian by default, making a
Dialogue: 0,0:35:04.16,0:35:06.13,Default,,0000,0000,0000,,Debian installer that could do that,
Dialogue: 0,0:35:06.13,0:35:08.75,Default,,0000,0000,0000,,and also verification, would be great,\Nright?
Dialogue: 0,0:35:08.75,0:35:12.15,Default,,0000,0000,0000,,So I wrote some custom scripts \Nwhere I could look at a TAILS disk,
Dialogue: 0,0:35:12.15,0:35:14.04,Default,,0000,0000,0000,,or a Debian install,
Dialogue: 0,0:35:14.04,0:35:15.99,Default,,0000,0000,0000,,and know if it had been tampered with.
Dialogue: 0,0:35:15.99,0:35:19.94,Default,,0000,0000,0000,,And it would be nice if there was just\Na disk you could boot that did
Dialogue: 0,0:35:19.94,0:35:21.99,Default,,0000,0000,0000,,verification of an installed system
Dialogue: 0,0:35:21.99,0:35:25.04,Default,,0000,0000,0000,,very very easily, so easily that\NGlen Greenwald could use it.
Dialogue: 0,0:35:25.04,0:35:29.78,Default,,0000,0000,0000,,I love Glen, I say that very politely,
Dialogue: 0,0:35:30.05,0:35:33.00,Default,,0000,0000,0000,,but what I mean is it needs to be\Neasier than that,
Dialogue: 0,0:35:33.00,0:35:36.42,Default,,0000,0000,0000,,because Glen at least knows that he\Nhe a reason to use it.
Dialogue: 0,0:35:36.42,0:35:39.53,Default,,0000,0000,0000,,And so that was something that we really\Nneeded help with.
Dialogue: 0,0:35:39.53,0:35:41.62,Default,,0000,0000,0000,,And we spent a lot of time on that.
Dialogue: 0,0:35:41.62,0:35:43.79,Default,,0000,0000,0000,,And there are lots of other little things\Nlike that,
Dialogue: 0,0:35:43.79,0:35:45.39,Default,,0000,0000,0000,,and I'll talk about some of those things\Ntomorrow,
Dialogue: 0,0:35:45.39,0:35:47.40,Default,,0000,0000,0000,,but one of the really big problems is\Nhardware,
Dialogue: 0,0:35:47.40,0:35:50.59,Default,,0000,0000,0000,,which is that you cannot buy a modern\NIntel CPU which doesn't come
Dialogue: 0,0:35:50.59,0:35:52.44,Default,,0000,0000,0000,,with a backdoor any more.
Dialogue: 0,0:35:52.44,0:35:57.02,Default,,0000,0000,0000,,And that is a huge problem, and I'm not\Nsure that the answer is to use ARM.
Dialogue: 0,0:35:57.02,0:35:59.04,Default,,0000,0000,0000,,It seems like the answer is to use ARM.
Dialogue: 0,0:35:59.04,0:36:02.92,Default,,0000,0000,0000,,But that's only if assume that ARM didn't\Njust add a backdoor that's obvious.
Dialogue: 0,0:36:02.92,0:36:07.58,Default,,0000,0000,0000,,So we really need to think about how to,\Nin moving forward,
Dialogue: 0,0:36:07.58,0:36:12.48,Default,,0000,0000,0000,,how to have easy to use, easy to buy\Non the shelf, Debian hardware,
Dialogue: 0,0:36:12.48,0:36:14.98,Default,,0000,0000,0000,,available everywhere, all the time,
Dialogue: 0,0:36:14.98,0:36:18.10,Default,,0000,0000,0000,,so you can just go and buy this thing and\Nverify it in some way
Dialogue: 0,0:36:18.10,0:36:19.88,Default,,0000,0000,0000,,with some other machine,
Dialogue: 0,0:36:19.88,0:36:21.70,Default,,0000,0000,0000,,to know that you would have the right\Nthing.
Dialogue: 0,0:36:21.70,0:36:24.65,Default,,0000,0000,0000,,And to that extent we didn't have X-rays\Nfor a lot of the circuit boards,
Dialogue: 0,0:36:24.65,0:36:27.51,Default,,0000,0000,0000,,so that made it very difficult to know\Nif when you buy something,
Dialogue: 0,0:36:27.51,0:36:29.72,Default,,0000,0000,0000,,it's been tampered with.
Dialogue: 0,0:36:29.72,0:36:32.35,Default,,0000,0000,0000,,I'll talk about some of that stuff\Ntomorrow,
Dialogue: 0,0:36:32.35,0:36:35.75,Default,,0000,0000,0000,,but basically, Debian does a lot of stuff\Nright,
Dialogue: 0,0:36:35.75,0:36:39.11,Default,,0000,0000,0000,,and that is also worth mentioning.
Dialogue: 0,0:36:39.11,0:36:44.11,Default,,0000,0000,0000,,There's so many things that just work\Nout of the box, that just work perfectly.
Dialogue: 0,0:36:44.11,0:36:47.66,Default,,0000,0000,0000,,So the main thing is to keep the\Nquality assurance at the level,
Dialogue: 0,0:36:47.66,0:36:49.64,Default,,0000,0000,0000,,or to exceed where it is right now.
Dialogue: 0,0:36:49.64,0:36:51.96,Default,,0000,0000,0000,,Because it actually works super super\Nwell.
Dialogue: 0,0:36:51.96,0:36:55.74,Default,,0000,0000,0000,,The exception being for very specific\Ntargetted attacks,
Dialogue: 0,0:36:55.74,0:36:59.49,Default,,0000,0000,0000,,the kernel attack surface is pretty big,\Nand pretty bad, I think.
Dialogue: 0,0:36:59.49,0:37:03.06,Default,,0000,0000,0000,,And also, we rebuilt some binaries in\Norder to..
Dialogue: 0,0:37:03.06,0:37:04.45,Default,,0000,0000,0000,,sorry, I'll get to you in a second.
Dialogue: 0,0:37:04.45,0:37:08.88,Default,,0000,0000,0000,,We rebuilt some binaries to make sure\Nthat we had address space randomisation
Dialogue: 0,0:37:08.88,0:37:11.58,Default,,0000,0000,0000,,and linker hardening, and stack\Ncanary stuff,
Dialogue: 0,0:37:11.58,0:37:15.60,Default,,0000,0000,0000,,and for some stuff lately we've been using\Naddress sanitizer,
Dialogue: 0,0:37:15.60,0:37:19.60,Default,,0000,0000,0000,,so it would be really great if all the\Nhardening stuff was turned on,
Dialogue: 0,0:37:19.60,0:37:22.98,Default,,0000,0000,0000,,if there was PAX plus GRsec as a kernel.
Dialogue: 0,0:37:23.80,0:37:26.52,Default,,0000,0000,0000,,[audience]: so the specific problem with\NGR security is that they don't really
Dialogue: 0,0:37:26.52,0:37:29.58,Default,,0000,0000,0000,,want to work with distros.
Dialogue: 0,0:37:29.58,0:37:35.28,Default,,0000,0000,0000,,So we could have a Linux kernel package\Nwith GR security applied,
Dialogue: 0,0:37:35.28,0:37:38.40,Default,,0000,0000,0000,,but it wouldn't have any of the other\NDebian patches.
Dialogue: 0,0:37:39.12,0:37:41.40,Default,,0000,0000,0000,,[Jacob]: So I talked with Brad Spender\Nabout this,
Dialogue: 0,0:37:41.40,0:37:42.94,Default,,0000,0000,0000,,and I'm so glad that you said that,
Dialogue: 0,0:37:42.94,0:37:47.18,Default,,0000,0000,0000,,because what he said was that, as far\Nas I can tell, he's totally interested in
Dialogue: 0,0:37:47.18,0:37:49.70,Default,,0000,0000,0000,,helping Debian with this but thinks that\NDebian is not interested.
Dialogue: 0,0:37:49.70,0:37:53.06,Default,,0000,0000,0000,,He actually runs a kernel building\Nservice where they do
Dialogue: 0,0:37:53.06,0:37:55.28,Default,,0000,0000,0000,,individual kernel builds, and I think\Nyou'd be interested,
Dialogue: 0,0:37:55.29,0:37:57.08,Default,,0000,0000,0000,,and when I told him we'd love to have\Nthis in TAILS, he said
Dialogue: 0,0:37:57.34,0:38:01.42,Default,,0000,0000,0000,,what patches do I need to include in GRsec\Nto make sure that it'll work?
Dialogue: 0,0:38:01.42,0:38:04.50,Default,,0000,0000,0000,,And he offered to do the integration\Ninto the GRsec patch if there are not
Dialogue: 0,0:38:04.50,0:38:05.76,Default,,0000,0000,0000,,too many things.
Dialogue: 0,0:38:05.76,0:38:07.90,Default,,0000,0000,0000,,So I think what we should try and do\Nis build a line of communication,
Dialogue: 0,0:38:07.90,0:38:10.00,Default,,0000,0000,0000,,and if it costs money we should find a way\Nto raise that money,
Dialogue: 0,0:38:10.00,0:38:11.80,Default,,0000,0000,0000,,I'll put in some of my own personal money\Nfor this,
Dialogue: 0,0:38:11.80,0:38:13.72,Default,,0000,0000,0000,,and I know other people would too.
Dialogue: 0,0:38:13.72,0:38:14.42,Default,,0000,0000,0000,,[distant audience]: I will.
Dialogue: 0,0:38:14.42,0:38:16.16,Default,,0000,0000,0000,,[Jacob]: Great.
Dialogue: 0,0:38:16.16,0:38:18.92,Default,,0000,0000,0000,,So securedrop, for example, part of what\Nthey do for their leaking platform,
Dialogue: 0,0:38:18.92,0:38:22.30,Default,,0000,0000,0000,,if you go to the intercepts website,\Nyou want to leak them a document,
Dialogue: 0,0:38:22.30,0:38:26.20,Default,,0000,0000,0000,,they actually use free software\Neverywhere, but there are a few things\N
Dialogue: 0,0:38:26.20,0:38:29.34,Default,,0000,0000,0000,,they build specially, and one of those\Nthings is a GRsec kernel.
Dialogue: 0,0:38:29.34,0:38:31.76,Default,,0000,0000,0000,,So the people at first look, that helped\Nmake this movie,
Dialogue: 0,0:38:31.76,0:38:33.52,Default,,0000,0000,0000,,and that work on securedrop,
Dialogue: 0,0:38:33.52,0:38:34.90,Default,,0000,0000,0000,,they would probably also,
Dialogue: 0,0:38:34.90,0:38:37.24,Default,,0000,0000,0000,,I'm not committing them, I don't\Nknow that they would actually do this,
Dialogue: 0,0:38:37.24,0:38:39.28,Default,,0000,0000,0000,,but I think they would really like it if\Nthat was in there,
Dialogue: 0,0:38:39.28,0:38:41.90,Default,,0000,0000,0000,,and I think it we could find the community\Nwill to do that,
Dialogue: 0,0:38:41.90,0:38:44.08,Default,,0000,0000,0000,,I know I would volunteer and other people\Nwould,
Dialogue: 0,0:38:44.08,0:38:47.16,Default,,0000,0000,0000,,I know that dkg in the back would love to\Nhelp with this, I know the ACLU is just
Dialogue: 0,0:38:47.16,0:38:50.48,Default,,0000,0000,0000,,totally behind funding this work, right?\N[audience]: I don't know.
Dialogue: 0,0:38:53.70,0:38:56.40,Default,,0000,0000,0000,,I thought that you were there to protect\Nmy civil liberties, buddy.
Dialogue: 0,0:39:00.08,0:39:03.46,Default,,0000,0000,0000,,But I really think that it's possible\Nthat we could do this,
Dialogue: 0,0:39:03.46,0:39:07.38,Default,,0000,0000,0000,,and I definitely think Brad, the author of\NGRsec,
Dialogue: 0,0:39:07.38,0:39:09.92,Default,,0000,0000,0000,,I think he would really love it if Debian\Nshipped GRsec.
Dialogue: 0,0:39:09.92,0:39:11.92,Default,,0000,0000,0000,,And it doesn't need to come by default,
Dialogue: 0,0:39:11.92,0:39:16.78,Default,,0000,0000,0000,,but if it was possible to just have\Nit at all, that would be great.
Dialogue: 0,0:39:17.22,0:39:20.40,Default,,0000,0000,0000,,Maybe we could have an affinity group\Nwhere everyone who is interested can
Dialogue: 0,0:39:20.40,0:39:23.10,Default,,0000,0000,0000,,meet sometime tomorrow and we could\Ntalk about doing this.
Dialogue: 0,0:39:23.10,0:39:25.42,Default,,0000,0000,0000,,I would love to have that conversation.
Dialogue: 0,0:39:25.42,0:39:27.08,Default,,0000,0000,0000,,Who are you?
Dialogue: 0,0:39:28.03,0:39:29.11,Default,,0000,0000,0000,,[audience]: Ben Hutchings.
Dialogue: 0,0:39:29.72,0:39:34.27,Default,,0000,0000,0000,,[Jacob]: Oh, nice to meet you!
Dialogue: 0,0:39:35.04,0:39:38.58,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:39:42.88,0:39:44.74,Default,,0000,0000,0000,,That's awkward.
Dialogue: 0,0:39:46.82,0:39:50.84,Default,,0000,0000,0000,,[question]: Hi. Sorry to interrupt the\Nawkwardness,
Dialogue: 0,0:39:50.84,0:39:52.56,Default,,0000,0000,0000,,and replace it with more awkwardness.
Dialogue: 0,0:39:52.56,0:39:54.06,Default,,0000,0000,0000,,Nice to see you, Jake.
Dialogue: 0,0:39:54.06,0:39:58.28,Default,,0000,0000,0000,,So, I remember reading the documents\Nin 2013
Dialogue: 0,0:39:58.28,0:40:04.22,Default,,0000,0000,0000,,and seeing the NSA's internal training\Nguide for how to query their
Dialogue: 0,0:40:04.22,0:40:07.50,Default,,0000,0000,0000,,Hadoop data store, aka xkeyscore,
Dialogue: 0,0:40:07.50,0:40:14.96,Default,,0000,0000,0000,,and so I thought I would just ask you\Nif you think Free software net helps us
Dialogue: 0,0:40:14.96,0:40:16.64,Default,,0000,0000,0000,,or helps them.
Dialogue: 0,0:40:17.36,0:40:19.16,Default,,0000,0000,0000,,[Jacob]: I'm really glad you asked that\Nquestion.
Dialogue: 0,0:40:19.16,0:40:23.00,Default,,0000,0000,0000,,I think that Free software helps everyone\Non the planet, and I think that
Dialogue: 0,0:40:23.00,0:40:26.98,Default,,0000,0000,0000,,purpose-based limitations.. I understand\Nwhy people want them.
Dialogue: 0,0:40:27.64,0:40:30.68,Default,,0000,0000,0000,,I think we should try to build a world\Nwhere we are free,
Dialogue: 0,0:40:30.68,0:40:34.36,Default,,0000,0000,0000,,and so putting in purpose-based\Nlimitations is really problematic,
Dialogue: 0,0:40:34.64,0:40:37.68,Default,,0000,0000,0000,,and I think what we should do is try to\Nmitigate the harm that they can do
Dialogue: 0,0:40:37.68,0:40:39.34,Default,,0000,0000,0000,,with those systems,
Dialogue: 0,0:40:39.34,0:40:41.82,Default,,0000,0000,0000,,as opposed to pretending that they care\Nabout Free software licensing.
Dialogue: 0,0:40:42.28,0:40:45.10,Default,,0000,0000,0000,,These guys kill people with flying robots,
Dialogue: 0,0:40:45.10,0:40:48.66,Default,,0000,0000,0000,,it's illegal to murder people, and they\Ndo it.
Dialogue: 0,0:40:49.42,0:40:52.70,Default,,0000,0000,0000,,Limiting their use with licenses, first\Nof all, that just means they'll spend
Dialogue: 0,0:40:52.70,0:40:55.36,Default,,0000,0000,0000,,your tax money to rewrite it if they care\Nabout the license,
Dialogue: 0,0:40:56.24,0:40:59.68,Default,,0000,0000,0000,,and you won't get their bug-fixes or their\Nimprovements,
Dialogue: 0,0:40:59.68,0:41:02.16,Default,,0000,0000,0000,,and then additionally they're still not\Ngoing to obey your license anyway,
Dialogue: 0,0:41:02.16,0:41:05.14,Default,,0000,0000,0000,,because literally some of these people\Nwork on assassinating people.
Dialogue: 0,0:41:05.14,0:41:08.48,Default,,0000,0000,0000,,So it is better that we keep our integrity\Nand take the high road,
Dialogue: 0,0:41:08.48,0:41:11.98,Default,,0000,0000,0000,,and write Free software, and we give it to\Nevery single person on the planet
Dialogue: 0,0:41:11.98,0:41:13.62,Default,,0000,0000,0000,,without exception,
Dialogue: 0,0:41:14.60,0:41:16.46,Default,,0000,0000,0000,,It's just better. It's better for all of\Nus, right?
Dialogue: 0,0:41:16.46,0:41:22.08,Default,,0000,0000,0000,,So the fact that they have Hadoop, the\Nfact that they, for example, use OpenSSL,
Dialogue: 0,0:41:22.08,0:41:24.86,Default,,0000,0000,0000,,or maybe they use Tor, or whatever, right?
Dialogue: 0,0:41:24.86,0:41:26.92,Default,,0000,0000,0000,,Or they use gdb to debug their exploits.
Dialogue: 0,0:41:30.22,0:41:32.26,Default,,0000,0000,0000,,I kind of wish that on them.
Dialogue: 0,0:41:33.72,0:41:36.62,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,0:41:37.64,0:41:39.10,Default,,0000,0000,0000,,I think it's great, right?
Dialogue: 0,0:41:39.10,0:41:42.34,Default,,0000,0000,0000,,So one of the things Che Guevara said\Nin his manual about guerilla warfare,
Dialogue: 0,0:41:42.34,0:41:44.82,Default,,0000,0000,0000,,in chapter two, is that (oh, it was\Nchapter three)
Dialogue: 0,0:41:44.82,0:41:48.00,Default,,0000,0000,0000,,He talks about when you have to arm\Na guerrilla army,
Dialogue: 0,0:41:48.00,0:41:52.14,Default,,0000,0000,0000,,this is not exactly related, but it's an\Nanalog.
Dialogue: 0,0:41:52.14,0:41:54.78,Default,,0000,0000,0000,,He says that the most important thing\Nis for the guerrilla army to
Dialogue: 0,0:41:54.78,0:41:58.34,Default,,0000,0000,0000,,use the weapons of the people that\Nthey're fighting - the oppressor.
Dialogue: 0,0:41:58.34,0:42:01.74,Default,,0000,0000,0000,,And the reason is that it allows you to\Nresupply, essentially.
Dialogue: 0,0:42:01.74,0:42:04.58,Default,,0000,0000,0000,,When you win a battle, you resupply.
Dialogue: 0,0:42:05.14,0:42:07.86,Default,,0000,0000,0000,,When we all use the same Free software,\Nand we're working on these things,
Dialogue: 0,0:42:07.86,0:42:10.88,Default,,0000,0000,0000,,the fact that they have to contribute\Nto the same projects and they often do
Dialogue: 0,0:42:10.88,0:42:13.12,Default,,0000,0000,0000,,means there's a net win for us.
Dialogue: 0,0:42:13.12,0:42:16.42,Default,,0000,0000,0000,,They do have some private things that they\Ndon't share, obviously,
Dialogue: 0,0:42:16.42,0:42:19.38,Default,,0000,0000,0000,,with the exception of nice people like\NEdward Snowden,
Dialogue: 0,0:42:19.38,0:42:22.06,Default,,0000,0000,0000,,and I think that it is a net positive\Nthing,
Dialogue: 0,0:42:22.06,0:42:24.20,Default,,0000,0000,0000,,and if we think of it as a struggle,
Dialogue: 0,0:42:24.20,0:42:26.28,Default,,0000,0000,0000,,we are better off to take the high road,
Dialogue: 0,0:42:26.28,0:42:29.42,Default,,0000,0000,0000,,and so I really think we should not\Npretend that we can stop them,
Dialogue: 0,0:42:29.42,0:42:32.00,Default,,0000,0000,0000,,and instead we should work together\Nto build solutions.
Dialogue: 0,0:42:32.00,0:42:33.64,Default,,0000,0000,0000,,And I think that Debian is doing that,\Nright?
Dialogue: 0,0:42:33.64,0:42:35.96,Default,,0000,0000,0000,,I think Debian is much harder to\Ncompromise than
Dialogue: 0,0:42:35.96,0:42:37.68,Default,,0000,0000,0000,,a lot of other operating systems,
Dialogue: 0,0:42:37.68,0:42:39.88,Default,,0000,0000,0000,,and it's much much harder to coerce\Npeople,
Dialogue: 0,0:42:39.88,0:42:42.72,Default,,0000,0000,0000,,and there's a strong ethos that comes\Nwith it that it's not just the technical
Dialogue: 0,0:42:42.72,0:42:45.30,Default,,0000,0000,0000,,project, there's a social aspect to it.
Dialogue: 0,0:42:45.30,0:42:48.51,Default,,0000,0000,0000,,I think I was in the New Maintainer\Nqueue for 11 years,
Dialogue: 0,0:42:48.51,0:42:50.30,Default,,0000,0000,0000,,maybe that's a little too long,
Dialogue: 0,0:42:50.30,0:42:52.40,Default,,0000,0000,0000,,but there's a huge hazing process,
Dialogue: 0,0:42:52.40,0:42:55.64,Default,,0000,0000,0000,,so anyone who wants to help, really really\Nwants to help,
Dialogue: 0,0:42:55.64,0:42:58.66,Default,,0000,0000,0000,,and if they want to do something wrong\Nthere are processes to catch
Dialogue: 0,0:42:58.66,0:43:00.60,Default,,0000,0000,0000,,people doing things wrong.
Dialogue: 0,0:43:00.60,0:43:03.00,Default,,0000,0000,0000,,So we should really stay true to the\NFree software ethos,
Dialogue: 0,0:43:03.00,0:43:05.06,Default,,0000,0000,0000,,and it really is a net benefit.
Dialogue: 0,0:43:08.36,0:43:12.12,Default,,0000,0000,0000,,[question]: Hi Jake. Thanks a lot for\Nsaying so much "GRsec".
Dialogue: 0,0:43:17.02,0:43:19.74,Default,,0000,0000,0000,,Just wanted to give a shout out.
Dialogue: 0,0:43:19.74,0:43:24.68,Default,,0000,0000,0000,,You mentioned possible backdoors in\NCPUs and so on,
Dialogue: 0,0:43:24.68,0:43:30.34,Default,,0000,0000,0000,,that ARM might not be the next best thing\Nbecause it's not so open either.
Dialogue: 0,0:43:30.34,0:43:32.96,Default,,0000,0000,0000,,You might want to have a look at Power 8.
Dialogue: 0,0:43:32.96,0:43:38.54,Default,,0000,0000,0000,,It's basically PowerPC 64, so Debian has\Nsupport for it as far as I know,
Dialogue: 0,0:43:38.54,0:43:41.30,Default,,0000,0000,0000,,and most of the stuff is actually open.
Dialogue: 0,0:43:41.30,0:43:45.30,Default,,0000,0000,0000,,Not that actual designs that IBM is\Nusing,
Dialogue: 0,0:43:45.30,0:43:49.10,Default,,0000,0000,0000,,but you can have, actually, an FPGA\Nimplementation of it,
Dialogue: 0,0:43:49.10,0:43:55.24,Default,,0000,0000,0000,,and if you have the money make your own\NASICs for it, without even knowing
Dialogue: 0,0:43:55.24,0:43:59.08,Default,,0000,0000,0000,,how to do it, which is pretty good,\NI think.
Dialogue: 0,0:43:59.86,0:44:02.86,Default,,0000,0000,0000,,[Jacob]: I think there are lots of things\Nwe can hack right?
Dialogue: 0,0:44:02.86,0:44:06.10,Default,,0000,0000,0000,,I mean I had one of those weird RMS\Nlaptops, the Limote,
Dialogue: 0,0:44:06.10,0:44:07.94,Default,,0000,0000,0000,,or whatever it's called, for a while.
Dialogue: 0,0:44:07.94,0:44:10.54,Default,,0000,0000,0000,,And I was definitely able to get some\NFree software running on it,
Dialogue: 0,0:44:10.54,0:44:12.62,Default,,0000,0000,0000,,in theory it was a Free software laptop.
Dialogue: 0,0:44:12.62,0:44:16.16,Default,,0000,0000,0000,,But getting other people to use this is\Nthe problem,
Dialogue: 0,0:44:16.16,0:44:18.38,Default,,0000,0000,0000,,you need to get everybody to use it,\Nright?
Dialogue: 0,0:44:18.38,0:44:20.68,Default,,0000,0000,0000,,There's a sort of old anarchist cliché,
Dialogue: 0,0:44:20.68,0:44:22.72,Default,,0000,0000,0000,,"None of us are free until all of us are\Nfree"
Dialogue: 0,0:44:22.72,0:44:25.20,Default,,0000,0000,0000,,And that really applies here.
Dialogue: 0,0:44:25.20,0:44:28.02,Default,,0000,0000,0000,,We really need to have Free software\Nthat's usable by everyone,
Dialogue: 0,0:44:28.02,0:44:31.32,Default,,0000,0000,0000,,otherwise we're sort of bound by the\Nlowest common denominator
Dialogue: 0,0:44:31.32,0:44:36.44,Default,,0000,0000,0000,,of Free, or proprietary tools, depending\Non what people have to use.
Dialogue: 0,0:44:36.44,0:44:38.38,Default,,0000,0000,0000,,So it'll be great when we have that,
Dialogue: 0,0:44:38.38,0:44:40.14,Default,,0000,0000,0000,,and there's a thing called the Nokimist???
Dialogue: 0,0:44:40.14,0:44:44.20,Default,,0000,0000,0000,,which is a video mixing board that has an\NFPGA implementing a Free software CPU
Dialogue: 0,0:44:44.20,0:44:46.32,Default,,0000,0000,0000,,that you can boot Debian on, or OpenWRT,
Dialogue: 0,0:44:46.32,0:44:48.40,Default,,0000,0000,0000,,and it does work, and I have used it,
Dialogue: 0,0:44:48.40,0:44:50.58,Default,,0000,0000,0000,,and in fact I used to use it as a shell,
Dialogue: 0,0:44:50.58,0:44:54.12,Default,,0000,0000,0000,,and for a long time I used a Debian\Ntrick,
Dialogue: 0,0:44:54.12,0:44:56.30,Default,,0000,0000,0000,,actually I've never talked about that in\Npublic,
Dialogue: 0,0:44:56.30,0:44:57.72,Default,,0000,0000,0000,,let me think about that for a second.
Dialogue: 0,0:44:58.88,0:45:02.28,Default,,0000,0000,0000,,So I used to use an IRC client that was\Nreally buggy,
Dialogue: 0,0:45:02.28,0:45:05.46,Default,,0000,0000,0000,,and I couldn't figure out where all the\Nbugs were,
Dialogue: 0,0:45:05.46,0:45:08.28,Default,,0000,0000,0000,,but I knew that if I hung out in certain\Nnetworks that someone else
Dialogue: 0,0:45:08.28,0:45:11.82,Default,,0000,0000,0000,,would help me find those bugs by trying\Nto exploit my client.
Dialogue: 0,0:45:11.82,0:45:13.74,Default,,0000,0000,0000,,And I wanted to make it as hard as\Npossible.
Dialogue: 0,0:45:13.74,0:45:18.96,Default,,0000,0000,0000,,So I ran my IRC client inside of a Debian\Nmachine that was running an S390 emulator.
Dialogue: 0,0:45:18.96,0:45:24.98,Default,,0000,0000,0000,,Who here uses Hercules? Thank you to\Nwhoever packaged it.
Dialogue: 0,0:45:24.98,0:45:28.04,Default,,0000,0000,0000,,And so I would use Hercules, it was a\Nvery long install process.
Dialogue: 0,0:45:28.04,0:45:30.02,Default,,0000,0000,0000,,Very slow.
Dialogue: 0,0:45:30.02,0:45:34.38,Default,,0000,0000,0000,,And I would do this, and what I'd always\Ndreamed of doing at some point
Dialogue: 0,0:45:34.38,0:45:37.20,Default,,0000,0000,0000,,was using the Nokimist??? and the\NHercules together
Dialogue: 0,0:45:37.20,0:45:40.58,Default,,0000,0000,0000,,for maximum ridiculously difficult\Nto exploit,
Dialogue: 0,0:45:40.58,0:45:42.22,Default,,0000,0000,0000,,plus GRsec kernel.
Dialogue: 0,0:45:45.14,0:45:47.66,Default,,0000,0000,0000,,But that's not a usable thing.
Dialogue: 0,0:45:47.66,0:45:49.90,Default,,0000,0000,0000,,So what we need to do is take these kinds\Nof prototypes
Dialogue: 0,0:45:49.90,0:45:52.60,Default,,0000,0000,0000,,which actually do represent many steps\Nforward,
Dialogue: 0,0:45:52.60,0:45:55.90,Default,,0000,0000,0000,,and we need to make sure that they're\Nproduced on a scale where
Dialogue: 0,0:45:55.90,0:45:59.98,Default,,0000,0000,0000,,you can go into a store and puchase them\Nanonymously, with cash,
Dialogue: 0,0:45:59.98,0:46:02.26,Default,,0000,0000,0000,,in a way that you can then verify.
Dialogue: 0,0:46:02.26,0:46:06.26,Default,,0000,0000,0000,,And we're actually really close to that\Nwith software defined radios
Dialogue: 0,0:46:06.26,0:46:07.72,Default,,0000,0000,0000,,and open hardware,
Dialogue: 0,0:46:07.72,0:46:10.24,Default,,0000,0000,0000,,but we're not quite there yet.
Dialogue: 0,0:46:11.82,0:46:15.90,Default,,0000,0000,0000,,[question]: What I meant is that Power 8\Nis basically getting big, currently,
Dialogue: 0,0:46:15.90,0:46:17.88,Default,,0000,0000,0000,,on the server market,
Dialogue: 0,0:46:17.88,0:46:20.94,Default,,0000,0000,0000,,and it might get big for other stuff also.
Dialogue: 0,0:46:21.78,0:46:23.40,Default,,0000,0000,0000,,[Jacob]: Hopefully.
Dialogue: 0,0:46:26.16,0:46:29.24,Default,,0000,0000,0000,,[question]: I want to come back to the\Nstory about the panic
Dialogue: 0,0:46:29.24,0:46:31.84,Default,,0000,0000,0000,,in the Appletalk driver.
Dialogue: 0,0:46:31.84,0:46:36.94,Default,,0000,0000,0000,,The common approach against this is\Nto compile your own kernel with
Dialogue: 0,0:46:36.94,0:46:39.72,Default,,0000,0000,0000,,all this stuff not compiled in,
Dialogue: 0,0:46:39.72,0:46:44.50,Default,,0000,0000,0000,,but on two of my systems I have a\Nmodprobe wrapper which has
Dialogue: 0,0:46:44.50,0:46:47.32,Default,,0000,0000,0000,,a whitelist of modules which may be\Nloaded,
Dialogue: 0,0:46:47.32,0:46:52.11,Default,,0000,0000,0000,,and I install that wrapper as the thing\Nthat the kernel uses for loading modules.
Dialogue: 0,0:46:52.36,0:46:58.04,Default,,0000,0000,0000,,Do you know if such a thing exists\Nelsewhere, or if not,
Dialogue: 0,0:46:58.04,0:47:03.14,Default,,0000,0000,0000,,I would be interested in developing it\Ninto something which is actually useable
Dialogue: 0,0:47:03.14,0:47:04.78,Default,,0000,0000,0000,,for people.
Dialogue: 0,0:47:05.68,0:47:07.74,Default,,0000,0000,0000,,[Jacob]: That would be great.
Dialogue: 0,0:47:07.74,0:47:11.60,Default,,0000,0000,0000,,In this case we were using Tails.
Dialogue: 0,0:47:11.60,0:47:19.15,Default,,0000,0000,0000,,And so, Tails is very finicky about what\Nit will accept, and very reasonably so,
Dialogue: 0,0:47:19.15,0:47:23.36,Default,,0000,0000,0000,,and so having that in Debian will make it\Na lot easier to get it into something
Dialogue: 0,0:47:23.36,0:47:25.34,Default,,0000,0000,0000,,like Tails, I think.
Dialogue: 0,0:47:25.34,0:47:28.52,Default,,0000,0000,0000,,But the main thing is really that we have\Nto think about the attack surface
Dialogue: 0,0:47:28.52,0:47:30.30,Default,,0000,0000,0000,,of the kernel very differently.
Dialogue: 0,0:47:30.30,0:47:33.30,Default,,0000,0000,0000,,The problem is not Appletalk; the problem\Nis the Linux kernel is filled with
Dialogue: 0,0:47:33.30,0:47:34.92,Default,,0000,0000,0000,,a lot of code,
Dialogue: 0,0:47:34.92,0:47:38.52,Default,,0000,0000,0000,,and you can autoload, in certain cases,\Ncertain things come in,
Dialogue: 0,0:47:38.52,0:47:40.50,Default,,0000,0000,0000,,and certain things get autoloaded,
Dialogue: 0,0:47:40.50,0:47:43.38,Default,,0000,0000,0000,,and I know Bdale loves his\Nham radio stuff,
Dialogue: 0,0:47:43.38,0:47:45.72,Default,,0000,0000,0000,,but I never use ham radio on my machine
Dialogue: 0,0:47:45.72,0:47:49.00,Default,,0000,0000,0000,,I used for clandestine conspiracies,\Nyou know?
Dialogue: 0,0:47:49.00,0:47:50.64,Default,,0000,0000,0000,,That's a separate machine.
Dialogue: 0,0:47:50.64,0:47:52.12,Default,,0000,0000,0000,,It's over here.
Dialogue: 0,0:47:52.12,0:47:53.86,Default,,0000,0000,0000,,So we just need to find a way to think\Nabout that.
Dialogue: 0,0:47:53.86,0:47:56.84,Default,,0000,0000,0000,,And part of that could be kernel stuff,\Nbut also part of it could be thinking
Dialogue: 0,0:47:56.84,0:47:59.74,Default,,0000,0000,0000,,about solutions like that, where we\Ndon't need to change the kernel.
Dialogue: 0,0:47:59.74,0:48:02.10,Default,,0000,0000,0000,,So if you could package that and develop\Nthat, it would be really fantastic.
Dialogue: 0,0:48:04.02,0:48:09.48,Default,,0000,0000,0000,,[Ben]: Actually, some time ago, after\NI think it was the econet exploits,
Dialogue: 0,0:48:09.48,0:48:13.28,Default,,0000,0000,0000,,no-one uses econet, it was broken anyway,\Nbut you could exploit it,
Dialogue: 0,0:48:13.28,0:48:15.24,Default,,0000,0000,0000,,because it was autoloaded.
Dialogue: 0,0:48:15.24,0:48:22.92,Default,,0000,0000,0000,,So I actually went through and turned off\Nautoloading on a few of the more obscure
Dialogue: 0,0:48:22.92,0:48:24.74,Default,,0000,0000,0000,,network protocols.
Dialogue: 0,0:48:24.74,0:48:29.02,Default,,0000,0000,0000,,We could probably go further with that,\Neven in the defaults.
Dialogue: 0,0:48:29.02,0:48:31.86,Default,,0000,0000,0000,,[Jacob]: I think it would be great to\Nchange some of the kernel stuff so that
Dialogue: 0,0:48:31.86,0:48:36.04,Default,,0000,0000,0000,,at least, I mean, Tails is a special use\Ncase, where, I think, it's very important,
Dialogue: 0,0:48:36.04,0:48:37.94,Default,,0000,0000,0000,,and it doesn't work for everyone,
Dialogue: 0,0:48:37.94,0:48:41.32,Default,,0000,0000,0000,,but we should just consider that there are\Ncertainly things which are really great,
Dialogue: 0,0:48:41.32,0:48:44.40,Default,,0000,0000,0000,,and I want to use Debian for it, because\NDebian is a universal operating system.
Dialogue: 0,0:48:44.40,0:48:48.16,Default,,0000,0000,0000,,But for a modern desktop system where\Nyou're using GNOME,
Dialogue: 0,0:48:48.16,0:48:53.70,Default,,0000,0000,0000,,and you haven't set anything up,\NAppletalk for example,
Dialogue: 0,0:48:53.70,0:48:57.78,Default,,0000,0000,0000,,maybe we would ask those people\Nto load that module themselves.
Dialogue: 0,0:48:59.54,0:49:04.90,Default,,0000,0000,0000,,[Ben]: Yeah, for example you could\Nhave, a lot of those things are going to
Dialogue: 0,0:49:04.90,0:49:06.98,Default,,0000,0000,0000,,have supporting utilities,
Dialogue: 0,0:49:06.98,0:49:10.02,Default,,0000,0000,0000,,so you could put something in the\Nsupporting utilities that loads it
Dialogue: 0,0:49:10.02,0:49:11.38,Default,,0000,0000,0000,,at boot time.
Dialogue: 0,0:49:12.10,0:49:14.16,Default,,0000,0000,0000,,And if you don't have those installed,\Nyou don't need it.
Dialogue: 0,0:49:15.06,0:49:17.42,Default,,0000,0000,0000,,[Jacob]: Yep, totally. And I think there's\Nlots of ways to do it where
Dialogue: 0,0:49:17.42,0:49:20.06,Default,,0000,0000,0000,,the network can't trigger it,\Nand that's important.
Dialogue: 0,0:49:20.80,0:49:23.80,Default,,0000,0000,0000,,[Ben]: Yeah, that puzzled me,\NI can't understand,
Dialogue: 0,0:49:23.80,0:49:29.36,Default,,0000,0000,0000,,the protocol module should get loaded\Nwhen userland tries to open a socket
Dialogue: 0,0:49:29.36,0:49:32.22,Default,,0000,0000,0000,,of that type,
Dialogue: 0,0:49:32.22,0:49:35.48,Default,,0000,0000,0000,,it shouldn't happen in response to\Nnetwork traffic.
Dialogue: 0,0:49:36.96,0:49:44.98,Default,,0000,0000,0000,,There are things like, I think if you\Nrun ifconfig that can autoload
Dialogue: 0,0:49:44.98,0:49:47.00,Default,,0000,0000,0000,,a bunch of things, for example.
Dialogue: 0,0:49:47.72,0:49:49.80,Default,,0000,0000,0000,,[Jacob]: Yeah, I think on either side\Nit should be more explicit,
Dialogue: 0,0:49:49.80,0:49:52.94,Default,,0000,0000,0000,,and in this case with Tails,
Dialogue: 0,0:49:52.94,0:49:55.22,Default,,0000,0000,0000,,there was a time when you looked at\Nthe kernel module list
Dialogue: 0,0:49:55.22,0:49:57.08,Default,,0000,0000,0000,,and it was pretty amazing,
Dialogue: 0,0:49:57.08,0:50:00.80,Default,,0000,0000,0000,,like I think there was an X25 thing,\Nan Appletalk thing,
Dialogue: 0,0:50:00.80,0:50:03.78,Default,,0000,0000,0000,,wait, this is all about going over Tor,\Nwe don't support any of these
Dialogue: 0,0:50:03.78,0:50:05.34,Default,,0000,0000,0000,,things at all.
Dialogue: 0,0:50:05.34,0:50:09.54,Default,,0000,0000,0000,,So it's just the way that things are \Ninterdependent, right?
Dialogue: 0,0:50:09.54,0:50:11.44,Default,,0000,0000,0000,,It's not a dig at the kernel itself.
Dialogue: 0,0:50:11.44,0:50:13.98,Default,,0000,0000,0000,,I think the Linux kernel as it works\Nin Debian today works really well
Dialogue: 0,0:50:13.98,0:50:15.44,Default,,0000,0000,0000,,for a lot of people,
Dialogue: 0,0:50:15.44,0:50:17.96,Default,,0000,0000,0000,,but there is definitely a high security\Nuse case,
Dialogue: 0,0:50:17.96,0:50:20.78,Default,,0000,0000,0000,,and I, for example, if I were a Debian\Ndeveloper, and I had a development
Dialogue: 0,0:50:20.78,0:50:22.78,Default,,0000,0000,0000,,machine where I didn't run a web\Nbrowser,
Dialogue: 0,0:50:22.78,0:50:24.94,Default,,0000,0000,0000,,and I took a lot of effort.
Dialogue: 0,0:50:24.94,0:50:29.40,Default,,0000,0000,0000,,It would be really nice if there were\Na kernel that put in the same
Dialogue: 0,0:50:29.40,0:50:32.42,Default,,0000,0000,0000,,threshold of security.
Dialogue: 0,0:50:32.42,0:50:35.84,Default,,0000,0000,0000,,And I think that the GRsec kernel with\Nsome stuff changed about it,
Dialogue: 0,0:50:35.84,0:50:37.84,Default,,0000,0000,0000,,like getting rid of Appletalk and a few\Nother things,
Dialogue: 0,0:50:37.84,0:50:39.50,Default,,0000,0000,0000,,would be closer to that,
Dialogue: 0,0:50:39.50,0:50:41.58,Default,,0000,0000,0000,,and combined with that guy's tool that\Nhe's talking about,
Dialogue: 0,0:50:41.58,0:50:46.76,Default,,0000,0000,0000,,you could make autoloadable module,\Nthat at least even if the system was
Dialogue: 0,0:50:46.76,0:50:49.50,Default,,0000,0000,0000,,going to autoload it, you could stop it,\Nin a failing closed sort of way.
Dialogue: 0,0:50:49.50,0:50:53.20,Default,,0000,0000,0000,,And I think there's a lot of stuff,\Npractically, to do on that front,
Dialogue: 0,0:50:53.20,0:50:56.16,Default,,0000,0000,0000,,and there's another project called\NSubgraph OS,
Dialogue: 0,0:50:56.16,0:51:02.16,Default,,0000,0000,0000,,which is basically working on becoming\Nin some ways a Debian derivative,
Dialogue: 0,0:51:02.16,0:51:04.54,Default,,0000,0000,0000,,and they're going to do stuff like GRsec\Nkernel,
Dialogue: 0,0:51:04.54,0:51:08.14,Default,,0000,0000,0000,,and they have a whole sandboxing framework\Nwhich uses apparmor, seccomp
Dialogue: 0,0:51:08.14,0:51:10.54,Default,,0000,0000,0000,,and xpra, and a few other things,
Dialogue: 0,0:51:10.54,0:51:13.90,Default,,0000,0000,0000,,and I think that they'll make a lot of\Ninteresting security decisions,
Dialogue: 0,0:51:13.90,0:51:16.96,Default,,0000,0000,0000,,which might make sense to adopt in \NDebian later.
Dialogue: 0,0:51:17.86,0:51:20.44,Default,,0000,0000,0000,,[Ben]: I think Matthew Garrett has an\Ninteresting criticism about that and
Dialogue: 0,0:51:20.44,0:51:24.02,Default,,0000,0000,0000,,how it wouldn't really work, and Wayland\Nwas a better way to go than xpra.
Dialogue: 0,0:51:25.24,0:51:26.74,Default,,0000,0000,0000,,[Jacob]: Yeah, I've heard those\Ncriticisms,
Dialogue: 0,0:51:26.74,0:51:28.62,Default,,0000,0000,0000,,but Matthew Garrett is wrong.
Dialogue: 0,0:51:29.60,0:51:32.54,Default,,0000,0000,0000,,Not usually, but in this particular case.
Dialogue: 0,0:51:32.54,0:51:37.20,Default,,0000,0000,0000,,For example, the sandboxing stuff,\Nif you have a GNOME appstore,
Dialogue: 0,0:51:37.20,0:51:41.76,Default,,0000,0000,0000,,essentially, that's for one set of users,\Nbut for a Debian developer
Dialogue: 0,0:51:41.76,0:51:44.28,Default,,0000,0000,0000,,writing your own policies,\Nit might be useful,
Dialogue: 0,0:51:44.28,0:51:46.96,Default,,0000,0000,0000,,and if you need Wayland, you might\Nnot have a full solution,
Dialogue: 0,0:51:46.96,0:51:49.22,Default,,0000,0000,0000,,we might want to have both for a while.
Dialogue: 0,0:51:49.22,0:51:51.06,Default,,0000,0000,0000,,And think it'd be great.
Dialogue: 0,0:51:51.06,0:51:54.14,Default,,0000,0000,0000,,And the main thing is we just need to\Nfind people who will think about those
Dialogue: 0,0:51:54.14,0:51:55.82,Default,,0000,0000,0000,,issues and try to integrate them,
Dialogue: 0,0:51:55.82,0:52:00.48,Default,,0000,0000,0000,,because most people who write exploits,\Nor who understand how to do offensive
Dialogue: 0,0:52:00.48,0:52:03.36,Default,,0000,0000,0000,,security stuff, they don't want to help\NFree software projects,
Dialogue: 0,0:52:04.20,0:52:05.76,Default,,0000,0000,0000,,they just want to exploit them.
Dialogue: 0,0:52:05.76,0:52:08.46,Default,,0000,0000,0000,,And so some of the Subgraph guys,\Nwhat I really like about them
Dialogue: 0,0:52:08.46,0:52:11.46,Default,,0000,0000,0000,,is that they're trying to improve the\NFree software products we all use.
Dialogue: 0,0:52:11.46,0:52:13.48,Default,,0000,0000,0000,,Even though they may make different\Ndesign decisions,
Dialogue: 0,0:52:13.48,0:52:15.20,Default,,0000,0000,0000,,they're making Free software all the same.
Dialogue: 0,0:52:18.68,0:52:24.40,Default,,0000,0000,0000,,[question]: Maybe also, some other thing\Nto keep in mind is actually
Dialogue: 0,0:52:24.40,0:52:39.04,Default,,0000,0000,0000,,that there is also a social aspect of this\Npressure if NSA wants to put anything
Dialogue: 0,0:52:39.04,0:52:41.44,Default,,0000,0000,0000,,inside Debian.
Dialogue: 0,0:52:41.44,0:52:48.02,Default,,0000,0000,0000,,So if we actually also need to make sure\Nthat if they put pressure on somebody
Dialogue: 0,0:52:48.02,0:52:56.60,Default,,0000,0000,0000,,we have any way to help these people\Nnot to land in prison.
Dialogue: 0,0:52:56.60,0:53:04.08,Default,,0000,0000,0000,,So is there also a social aspect of \Nsupporting people which get pressure
Dialogue: 0,0:53:04.08,0:53:05.98,Default,,0000,0000,0000,,from anyone.
Dialogue: 0,0:53:06.84,0:53:09.72,Default,,0000,0000,0000,,[Jacob]: Yep. I mean, if anyone is ever\Nin that situation one thing I would say
Dialogue: 0,0:53:09.72,0:53:12.64,Default,,0000,0000,0000,,is that it's your right to remain silent,
Dialogue: 0,0:53:12.64,0:53:15.72,Default,,0000,0000,0000,,you have the right to remain silent\NI think is the phrase the police would say
Dialogue: 0,0:53:15.72,0:53:19.30,Default,,0000,0000,0000,,but there are definitely communities\Nof people who will help you.
Dialogue: 0,0:53:19.30,0:53:21.70,Default,,0000,0000,0000,,There's a group called the Courage\Nfoundation, for example,
Dialogue: 0,0:53:21.70,0:53:23.56,Default,,0000,0000,0000,,which was started by Sarah Harrison,
Dialogue: 0,0:53:23.56,0:53:26.28,Default,,0000,0000,0000,,and the job that the Courage foundation\Nhas taken on
Dialogue: 0,0:53:26.28,0:53:30.06,Default,,0000,0000,0000,,is essentially to help people who would be\Nsources or who are in harm's way like this
Dialogue: 0,0:53:30.06,0:53:32.64,Default,,0000,0000,0000,,and if you found yourself in that kind of\Na position there are people
Dialogue: 0,0:53:32.64,0:53:34.52,Default,,0000,0000,0000,,who will try to help you.
Dialogue: 0,0:53:34.52,0:53:36.80,Default,,0000,0000,0000,,I really don't think that is the next step\Nin this,
Dialogue: 0,0:53:36.80,0:53:38.38,Default,,0000,0000,0000,,I think that could happen.
Dialogue: 0,0:53:38.38,0:53:42.00,Default,,0000,0000,0000,,But I think it's much more likely someone\Nis going to write an exploit for Firefox.
Dialogue: 0,0:53:42.00,0:53:44.58,Default,,0000,0000,0000,,That's the way they're going to own\NDebian people in the future,
Dialogue: 0,0:53:44.58,0:53:47.04,Default,,0000,0000,0000,,for the most part, that's how they own\Nus today.
Dialogue: 0,0:53:47.04,0:53:51.70,Default,,0000,0000,0000,,Firefox, number one enemy to security\Non your Debian machine, probably.
Dialogue: 0,0:53:51.70,0:53:54.68,Default,,0000,0000,0000,,And that's not a dig at Firefox, it's just\Nsuper-complicated software,
Dialogue: 0,0:53:54.68,0:53:56.52,Default,,0000,0000,0000,,and these guys are really good at\Nwriting exploits,
Dialogue: 0,0:53:56.52,0:53:58.58,Default,,0000,0000,0000,,and that's an easy target.
Dialogue: 0,0:53:58.58,0:54:00.96,Default,,0000,0000,0000,,So we, I think, have to do with the social\Nthing,
Dialogue: 0,0:54:00.96,0:54:03.58,Default,,0000,0000,0000,,but we also should look at some of the\Ntechnical problems,
Dialogue: 0,0:54:03.58,0:54:06.82,Default,,0000,0000,0000,,and then when and if people have that,\Nyou can contact me.
Dialogue: 0,0:54:06.82,0:54:10.02,Default,,0000,0000,0000,,I'm super happy to put you in touch with\Npeople who will help.
Dialogue: 0,0:54:10.02,0:54:13.86,Default,,0000,0000,0000,,And obviously, get a lawyer, get several\Nlawyers if you can.
Dialogue: 0,0:54:13.86,0:54:17.44,Default,,0000,0000,0000,,Contact the EFF, or the ACLU, depending\Non where you are.
Dialogue: 0,0:54:17.44,0:54:22.56,Default,,0000,0000,0000,,At least in Germany, and in the United\NStates, it isn't so bad yet
Dialogue: 0,0:54:22.56,0:54:25.90,Default,,0000,0000,0000,,that they can put that kind of pressure \Non you openly,
Dialogue: 0,0:54:25.90,0:54:27.76,Default,,0000,0000,0000,,in a Free software project.
Dialogue: 0,0:54:27.76,0:54:31.12,Default,,0000,0000,0000,,If you write proprietary software you're\Nin a very different situation,
Dialogue: 0,0:54:31.12,0:54:34.18,Default,,0000,0000,0000,,and there are definitely people who are in\Nthat situation right now,
Dialogue: 0,0:54:34.18,0:54:38.22,Default,,0000,0000,0000,,and I don't envy them. Their position is\Nactually much harder.
Dialogue: 0,0:54:38.22,0:54:42.20,Default,,0000,0000,0000,,So actually writing Free software already\Nmakes you not at the very beginning
Dialogue: 0,0:54:42.20,0:54:43.76,Default,,0000,0000,0000,,of the target list, I think.
Dialogue: 0,0:54:46.86,0:54:53.14,Default,,0000,0000,0000,,Any other questions? Wow. Where's the rum?
Dialogue: 0,0:55:01.32,0:55:06.08,Default,,0000,0000,0000,,[question]: How do you deliver the\Nencrypted message without exposing
Dialogue: 0,0:55:06.08,0:55:07.78,Default,,0000,0000,0000,,the connection to a third party?
Dialogue: 0,0:55:14.32,0:55:15.96,Default,,0000,0000,0000,,[Jacob]: Which encrypted message do you\Nmean?
Dialogue: 0,0:55:16.96,0:55:19.10,Default,,0000,0000,0000,,Do you mean, like jabber?
Dialogue: 0,0:55:19.80,0:55:21.26,Default,,0000,0000,0000,,[question]: Email, or jabber, yes.
Dialogue: 0,0:55:22.04,0:55:25.64,Default,,0000,0000,0000,,[Jacob]: For the most part we use systems\Nwhere Tor hidden services are available
Dialogue: 0,0:55:25.64,0:55:29.06,Default,,0000,0000,0000,,to connect to them, so we never even left\Nthe Tor anonymity network,
Dialogue: 0,0:55:29.06,0:55:31.52,Default,,0000,0000,0000,,so they're end-to-end encrypted and\Nanonymized, you connect to a
Dialogue: 0,0:55:31.52,0:55:33.54,Default,,0000,0000,0000,,.onion address,
Dialogue: 0,0:55:33.54,0:55:37.56,Default,,0000,0000,0000,,and then using crypto on top of that, so\NTLS to a Jabber server,
Dialogue: 0,0:55:37.56,0:55:39.88,Default,,0000,0000,0000,,and then OTR on top of that,
Dialogue: 0,0:55:39.88,0:55:44.94,Default,,0000,0000,0000,,so you have, you could call it a\Ncomposition of cryptographic systems,
Dialogue: 0,0:55:44.94,0:55:50.06,Default,,0000,0000,0000,,and the core of that is Tor, along with\Nusing throwaway machines,
Dialogue: 0,0:55:50.06,0:55:52.62,Default,,0000,0000,0000,,going to locations where you never go\Ntwice,
Dialogue: 0,0:55:52.62,0:55:57.16,Default,,0000,0000,0000,,using open wifi plus Tor plus TLS plus\NOTR,
Dialogue: 0,0:55:57.16,0:56:01.82,Default,,0000,0000,0000,,and for email, Riseup offers Tor hidden\Nservices, which allows you to do the same
Dialogue: 0,0:56:01.82,0:56:05.04,Default,,0000,0000,0000,,thing, essentially, and then using PGP as\Nwell.
Dialogue: 0,0:56:05.84,0:56:11.60,Default,,0000,0000,0000,,[question]: I mean, how about metadata,\Nlike the delivery address of the target?
Dialogue: 0,0:56:12.90,0:56:23.10,Default,,0000,0000,0000,,[Jacob]: In some cases we use a system\Ncalled Pond,
Dialogue: 0,0:56:23.10,0:56:26.42,Default,,0000,0000,0000,,and Pond is a system that is completely\NTor hidden service based,
Dialogue: 0,0:56:26.42,0:56:29.34,Default,,0000,0000,0000,,pond.imperialviolet.org.
Dialogue: 0,0:56:29.34,0:56:33.44,Default,,0000,0000,0000,,Adam Langley probably wouldn't want me to\Nsay, but I'll say it anyway,
Dialogue: 0,0:56:33.44,0:56:35.88,Default,,0000,0000,0000,,it would be very useful to package this\Nfor Debian,
Dialogue: 0,0:56:35.88,0:56:39.40,Default,,0000,0000,0000,,because it's a system where once you do\Nkey exchange with someone,
Dialogue: 0,0:56:39.40,0:56:44.36,Default,,0000,0000,0000,,you have an end-to-end encrypted messaging\Nsystem that's like email,
Dialogue: 0,0:56:44.36,0:56:47.96,Default,,0000,0000,0000,,you can send files that are encrypted,\Nyou can send messages that are encrypted,
Dialogue: 0,0:56:47.96,0:56:50.58,Default,,0000,0000,0000,,It's delay based. You don't have\Nusernames,
Dialogue: 0,0:56:50.58,0:56:53.50,Default,,0000,0000,0000,,you just have a public key,\Nand then you have group signatures,
Dialogue: 0,0:56:53.50,0:56:57.08,Default,,0000,0000,0000,,so that people can send things to your\Nmailbox by proving they are a member
Dialogue: 0,0:56:57.08,0:56:59.66,Default,,0000,0000,0000,,of the group but not which member of\Nthe group they are.
Dialogue: 0,0:56:59.66,0:57:01.62,Default,,0000,0000,0000,,And there's a lot of stuff like that.
Dialogue: 0,0:57:01.62,0:57:03.86,Default,,0000,0000,0000,,So we use Jabber, we use email, and we use\NPond.
Dialogue: 0,0:57:03.86,0:57:08.00,Default,,0000,0000,0000,,And those three systems together also\Nallowed us to build a clandestine
Dialogue: 0,0:57:08.00,0:57:09.58,Default,,0000,0000,0000,,sneakernet.
Dialogue: 0,0:57:09.58,0:57:11.44,Default,,0000,0000,0000,,So we have the ability to carry USB disks,
Dialogue: 0,0:57:11.44,0:57:13.26,Default,,0000,0000,0000,,and a few of us carried them inside of\Nour bodies,
Dialogue: 0,0:57:13.26,0:57:16.12,Default,,0000,0000,0000,,and if you've never had that experience,\Nlucky you.
Dialogue: 0,0:57:19.58,0:57:24.40,Default,,0000,0000,0000,,You want to make sure you use post-quantum\Ncomputer crypto for that, by the way.
Dialogue: 0,0:57:24.40,0:57:25.64,Default,,0000,0000,0000,,It's more comfortable.
Dialogue: 0,0:57:28.68,0:57:30.62,Default,,0000,0000,0000,,[orga]: Shall we relieve this man from his\Nduties?
Dialogue: 0,0:57:31.20,0:57:33.08,Default,,0000,0000,0000,,[Jacob]: Any more questions?
Dialogue: 0,0:57:33.66,0:57:35.24,Default,,0000,0000,0000,,[orga]: One more question.
Dialogue: 0,0:57:36.18,0:57:39.06,Default,,0000,0000,0000,,[question]: Okay, so when the Snowden\Nleaks were first published it created
Dialogue: 0,0:57:39.06,0:57:42.18,Default,,0000,0000,0000,,a lot of awareness, and people were\Ntalking about it,
Dialogue: 0,0:57:42.18,0:57:44.52,Default,,0000,0000,0000,,and there was a huge media echo,
Dialogue: 0,0:57:44.52,0:57:48.22,Default,,0000,0000,0000,,Now if some documents leaked, people\Nare saying yeah, all this surveillance,
Dialogue: 0,0:57:48.22,0:57:51.48,Default,,0000,0000,0000,,and we aren't dead yet, and we can still\Nlive our lives.
Dialogue: 0,0:57:51.48,0:57:55.38,Default,,0000,0000,0000,,They basically care less. They still care\Na bit, but they care much less than
Dialogue: 0,0:57:55.38,0:57:58.58,Default,,0000,0000,0000,,when the first documents were published,
Dialogue: 0,0:57:58.58,0:58:04.66,Default,,0000,0000,0000,,so how can we maintain awareness for\Nthis issue in the world population,
Dialogue: 0,0:58:04.66,0:58:06.02,Default,,0000,0000,0000,,in your opinion?
Dialogue: 0,0:58:07.10,0:58:09.28,Default,,0000,0000,0000,,[Jacob]: There's a really scary thing\Nthat's happening right now.
Dialogue: 0,0:58:09.28,0:58:13.58,Default,,0000,0000,0000,,There was this idea in the 90s, we had\Nthe crypto wars.
Dialogue: 0,0:58:13.58,0:58:16.28,Default,,0000,0000,0000,,Did any of you remember this idea of the\Ncrypto wars?
Dialogue: 0,0:58:16.28,0:58:18.52,Default,,0000,0000,0000,,Okay, a few of you do, maybe not all of\Nyou do.
Dialogue: 0,0:58:18.52,0:58:21.74,Default,,0000,0000,0000,,But we had the so-called crypto wars in\Nthe 90s, I encourage you to look this up
Dialogue: 0,0:58:21.74,0:58:25.02,Default,,0000,0000,0000,,on DuckDuckGo, or whatever your\Nfavourite search engine is.
Dialogue: 0,0:58:25.02,0:58:28.76,Default,,0000,0000,0000,,In theory we're in the second crypto\Nwars now.
Dialogue: 0,0:58:28.76,0:58:32.12,Default,,0000,0000,0000,,In reality what happened is the first\Ncrypto wars never ended.
Dialogue: 0,0:58:32.12,0:58:34.82,Default,,0000,0000,0000,,We didn't actually win, like we thought\Nwe did.
Dialogue: 0,0:58:34.82,0:58:37.18,Default,,0000,0000,0000,,But there are a bunch of things that are\Ntaking place.
Dialogue: 0,0:58:37.18,0:58:41.02,Default,,0000,0000,0000,,For example, making a stand against\Nbackdoors.
Dialogue: 0,0:58:41.02,0:58:45.08,Default,,0000,0000,0000,,Using end-to-end encrypted\Ncommunications.
Dialogue: 0,0:58:45.08,0:58:47.62,Default,,0000,0000,0000,,Actually pushing for that, being quite\Nopen about actually hosting
Dialogue: 0,0:58:47.62,0:58:50.82,Default,,0000,0000,0000,,those kinds of services, and doing it\Nfrom a principled perspective,
Dialogue: 0,0:58:50.82,0:58:52.88,Default,,0000,0000,0000,,from a legal perspective.
Dialogue: 0,0:58:52.88,0:58:57.54,Default,,0000,0000,0000,,I think you will find that the tension\Nwill continue to rise for a while,
Dialogue: 0,0:58:57.54,0:59:02.14,Default,,0000,0000,0000,,and I think that it will continue to be\Na conversation about public debate,
Dialogue: 0,0:59:02.14,0:59:06.56,Default,,0000,0000,0000,,and an important aspect of this is that\Nnow regular journalists that don't
Dialogue: 0,0:59:06.56,0:59:10.20,Default,,0000,0000,0000,,understand technology at least understand\Nthe importance of these things.
Dialogue: 0,0:59:10.20,0:59:13.26,Default,,0000,0000,0000,,And if they don't do that, they at least\Nperceive that they will be considered
Dialogue: 0,0:59:13.26,0:59:16.90,Default,,0000,0000,0000,,unprofessional if they don't care, and\Nthink about those things,
Dialogue: 0,0:59:16.90,0:59:19.14,Default,,0000,0000,0000,,or they'll be somehow negligent.
Dialogue: 0,0:59:19.14,0:59:21.20,Default,,0000,0000,0000,,And I think that will keep some of the\Ndiscussion going,
Dialogue: 0,0:59:21.20,0:59:23.86,Default,,0000,0000,0000,,and it will allow us to build some\Nbreathing room,
Dialogue: 0,0:59:23.86,0:59:26.78,Default,,0000,0000,0000,,and that breathing room will actually\Nallow us to build some alternatives.
Dialogue: 0,0:59:26.78,0:59:29.70,Default,,0000,0000,0000,,But there are some downsides, right?
Dialogue: 0,0:59:29.70,0:59:34.02,Default,,0000,0000,0000,,Some of the things that take place when\Nyou reveal security service spying
Dialogue: 0,0:59:34.02,0:59:36.74,Default,,0000,0000,0000,,is that it tends to get normalized, to a\Ndegree.
Dialogue: 0,0:59:36.74,0:59:39.28,Default,,0000,0000,0000,,But then in some cases it does get pushed\Nback.
Dialogue: 0,0:59:39.28,0:59:43.76,Default,,0000,0000,0000,,In the 70s in the United States, it became\Nillegal to do assassinations, for example.
Dialogue: 0,0:59:43.76,0:59:46.86,Default,,0000,0000,0000,,Because what the CIA were doing was so\Natrocious that eventually there was
Dialogue: 0,0:59:46.86,0:59:48.62,Default,,0000,0000,0000,,political pushback.
Dialogue: 0,0:59:48.62,0:59:52.40,Default,,0000,0000,0000,,It turns out it only lasted 30 years, and\Nthen they started doing it again.
Dialogue: 0,0:59:52.40,0:59:57.70,Default,,0000,0000,0000,,But there's a saying in my country which\Nis that effectively the price of liberty
Dialogue: 0,0:59:57.70,0:59:59.48,Default,,0000,0000,0000,,is eternal vigilance.
Dialogue: 0,0:59:59.48,1:00:01.08,Default,,0000,0000,0000,,And that's what we are engaged in now.
Dialogue: 0,1:00:01.08,1:00:04.80,Default,,0000,0000,0000,,And the liberty starts with software\Nliberty, I think,
Dialogue: 0,1:00:04.80,1:00:06.96,Default,,0000,0000,0000,,in the case of communications on networks.
Dialogue: 0,1:00:06.96,1:00:10.50,Default,,0000,0000,0000,,And so we have to have Free software,\Nand it has to be responsibly encoding
Dialogue: 0,1:00:10.50,1:00:12.16,Default,,0000,0000,0000,,packets and data,
Dialogue: 0,1:00:12.16,1:00:14.00,Default,,0000,0000,0000,,and if we think about it in this sense\Nwe'll find a lot of pressure,
Dialogue: 0,1:00:14.00,1:00:16.91,Default,,0000,0000,0000,,and we'll have a lot of discussions\Nabout it,
Dialogue: 0,1:00:16.91,1:00:19.72,Default,,0000,0000,0000,,and you'll start to see it be a part of\Npolicy debates,
Dialogue: 0,1:00:19.72,1:00:22.60,Default,,0000,0000,0000,,like one of the presidential candidates\Nin the United States
Dialogue: 0,1:00:22.60,1:00:24.40,Default,,0000,0000,0000,,just came out against encryption.
Dialogue: 0,1:00:24.40,1:00:26.62,Default,,0000,0000,0000,,I hope that sinks his presidential\Ncampaign.
Dialogue: 0,1:00:26.62,1:00:28.60,Default,,0000,0000,0000,,I mean it's weird to be against\Nencryption.
Dialogue: 0,1:00:28.60,1:00:31.16,Default,,0000,0000,0000,,It's like I'm against prime numbers.
Dialogue: 0,1:00:31.16,1:00:33.24,Default,,0000,0000,0000,,No modular arithmetic.
Dialogue: 0,1:00:33.58,1:00:37.16,Default,,0000,0000,0000,,[laughter, applause]
Dialogue: 0,1:00:38.52,1:00:41.72,Default,,0000,0000,0000,,I just want to say it's important to\Nunderstand, you are right,
Dialogue: 0,1:00:41.72,1:00:43.72,Default,,0000,0000,0000,,people will be normalized about it,
Dialogue: 0,1:00:43.72,1:00:45.88,Default,,0000,0000,0000,,but each and every one of us that\Nunderstands these issues
Dialogue: 0,1:00:45.88,1:00:47.70,Default,,0000,0000,0000,,can actually keep it alive.
Dialogue: 0,1:00:47.70,1:00:49.88,Default,,0000,0000,0000,,And the way we do that is when we\Ncommunicate with people...
Dialogue: 0,1:00:49.88,1:00:52.20,Default,,0000,0000,0000,,I'll give you an example which I\Nlike to give.
Dialogue: 0,1:00:52.20,1:00:55.22,Default,,0000,0000,0000,,I grew up in San Fransisco and in the Bay\NArea or San Fransisco, and California,
Dialogue: 0,1:00:55.22,1:00:57.74,Default,,0000,0000,0000,,and I did that in the 80s.
Dialogue: 0,1:00:57.74,1:01:01.78,Default,,0000,0000,0000,,And so a lot of people that I knew had\NHIV and they died of AIDS.
Dialogue: 0,1:01:01.78,1:01:05.60,Default,,0000,0000,0000,,And there was a huge discussion about\Nthis, and it was called GRID,
Dialogue: 0,1:01:05.60,1:01:08.70,Default,,0000,0000,0000,,the Gay Related Immune Deficiency\Nsyndrome.
Dialogue: 0,1:01:08.70,1:01:10.66,Default,,0000,0000,0000,,Before it was called HIV and AIDS.
Dialogue: 0,1:01:10.66,1:01:12.64,Default,,0000,0000,0000,,And lots of people were sick, and lot of\Npeople died,
Dialogue: 0,1:01:12.64,1:01:14.82,Default,,0000,0000,0000,,and there was a sort of normalization\Nprocess where people sort of
Dialogue: 0,1:01:14.82,1:01:18.14,Default,,0000,0000,0000,,accepted this as their fate, especially\Nif they were in the gay community.
Dialogue: 0,1:01:18.14,1:01:22.90,Default,,0000,0000,0000,,And still, over years and years and years,\Npeople began to build a culture about
Dialogue: 0,1:01:22.90,1:01:26.30,Default,,0000,0000,0000,,safe sex, and they started to talk about\Nrespecting their partners,
Dialogue: 0,1:01:26.30,1:01:28.56,Default,,0000,0000,0000,,and about talking about these issues,\Nand about getting tested,
Dialogue: 0,1:01:28.56,1:01:32.40,Default,,0000,0000,0000,,and it took a lot of effort, to really go\Nmuch further.
Dialogue: 0,1:01:32.40,1:01:34.50,Default,,0000,0000,0000,,A lot of people actually died in that\Nprocess.
Dialogue: 0,1:01:34.50,1:01:37.16,Default,,0000,0000,0000,,It was a very sad, serious situation.
Dialogue: 0,1:01:37.16,1:01:40.46,Default,,0000,0000,0000,,And I think we have similar discussions\Nthat are taking place now,
Dialogue: 0,1:01:40.46,1:01:42.36,Default,,0000,0000,0000,,and some people don't take it seriously,
Dialogue: 0,1:01:42.36,1:01:45.48,Default,,0000,0000,0000,,and if they happen to be Muslims living \Nin Pakistan,
Dialogue: 0,1:01:45.48,1:01:48.32,Default,,0000,0000,0000,,they might get a drone strike.
Dialogue: 0,1:01:48.32,1:01:51.30,Default,,0000,0000,0000,,And there's a sort of survival mechanism\Nthat takes place there.
Dialogue: 0,1:01:51.30,1:01:54.38,Default,,0000,0000,0000,,And it's an unfortunate parallel, I think,
Dialogue: 0,1:01:54.38,1:01:57.26,Default,,0000,0000,0000,,but I would really consider that we can\Nchange this dialogue
Dialogue: 0,1:01:57.26,1:01:59.58,Default,,0000,0000,0000,,by continuing to have it even though\Nit's exhausting,
Dialogue: 0,1:01:59.58,1:02:01.90,Default,,0000,0000,0000,,and by recognizing our responsibility,
Dialogue: 0,1:02:01.90,1:02:04.24,Default,,0000,0000,0000,,and how we can make it better by\Ncontinuing to do that,
Dialogue: 0,1:02:04.24,1:02:07.04,Default,,0000,0000,0000,,and by building healthy alternatives,\Nand by building new systems,
Dialogue: 0,1:02:07.04,1:02:10.38,Default,,0000,0000,0000,,and by refusing to backdoor any\Nsystem, ever,
Dialogue: 0,1:02:10.38,1:02:13.56,Default,,0000,0000,0000,,completely committing to\NFree software,
Dialogue: 0,1:02:13.56,1:02:16.76,Default,,0000,0000,0000,,and transparency of that software,\Nand also of those processes.
Dialogue: 0,1:02:16.76,1:02:19.64,Default,,0000,0000,0000,,And really really really sharing the\Nknowledge about it,
Dialogue: 0,1:02:19.64,1:02:21.62,Default,,0000,0000,0000,,to make it impossible to surpress.
Dialogue: 0,1:02:21.62,1:02:25.02,Default,,0000,0000,0000,,And we should not accept the\Nnormalization of that.
Dialogue: 0,1:02:25.02,1:02:28.12,Default,,0000,0000,0000,,We shouldn't make it fun to spy on people,\Nwe shouldn't make jokes about it
Dialogue: 0,1:02:28.12,1:02:30.24,Default,,0000,0000,0000,,in a way that normalizes it,
Dialogue: 0,1:02:30.24,1:02:33.84,Default,,0000,0000,0000,,and we should respect those people\Nwho are victims of surveillance,
Dialogue: 0,1:02:33.84,1:02:36.70,Default,,0000,0000,0000,,and we should recognize that basically\Neveryone here is a victim of surveillance
Dialogue: 0,1:02:36.70,1:02:38.30,Default,,0000,0000,0000,,to some degree,
Dialogue: 0,1:02:38.30,1:02:40.42,Default,,0000,0000,0000,,and we should care about that,\Nand we should continue to be upset,
Dialogue: 0,1:02:40.42,1:02:43.16,Default,,0000,0000,0000,,but not just upset; to channel that\Nanger into something useful
Dialogue: 0,1:02:43.16,1:02:45.32,Default,,0000,0000,0000,,like making Debian better.
Dialogue: 0,1:02:46.82,1:02:50.24,Default,,0000,0000,0000,,[applause]
Dialogue: 0,1:02:56.10,1:03:00.04,Default,,0000,0000,0000,,[orga]: Thanks Jake for such a long Q&A\Nsession,
Dialogue: 0,1:03:00.04,1:03:01.86,Default,,0000,0000,0000,,I hope you enjoy the rum.
Dialogue: 0,1:03:01.86,1:03:04.80,Default,,0000,0000,0000,,And I'm sure Jake's going to answer any more\Nquestions if he can still talk.
Dialogue: 0,1:03:08.30,1:03:10.14,Default,,0000,0000,0000,,[Jacob]: Thanks.