< Return to Video

36C3 - Server Infrastructure for Global Rebellion

  • 0:00 - 0:18
    36c3 preroll music
  • 0:18 - 0:25
    Herald: Our next speaker: Basically, he
    eats up script kiddies for breakfast, I've heard.
  • 0:25 - 0:31
    He drives the open source train and
    his currency is uptime. Please welcome
  • 0:31 - 0:37
    with a very warm applause Julian Oliver
    and his "Server Infrastructure for the
  • 0:37 - 0:43
    Global Rebellion" talk.
  • 0:43 - 0:51
    Julian: So, yep. Great. Very pleased to be
    here. Amazing environment, indeed, as
  • 0:51 - 0:57
    usual with the CCC. First of all, I'm not
    at all a spokesperson for extinction
  • 0:57 - 1:02
    rebellion. I do not speak for this
    movement called extinction rebellion.
  • 1:02 - 1:09
    Whatever I say here tonight is entirely my
    own opinion. And so not to be taken as any
  • 1:09 - 1:15
    overarching description of the movement
    more generally. What you're looking at
  • 1:15 - 1:18
    here, of course, might simply be
    associated with this thing called
  • 1:18 - 1:25
    extinction rebellion. But it is not. It
    is, in fact, the extinction symbol. And
  • 1:25 - 1:28
    this is the part where in the first half
    of my talk, I depress you. But then we'll
  • 1:28 - 1:33
    go for a nice, big sort of warm finish.
    The extinction symbol was, in fact,
  • 1:33 - 1:41
    created in 2011 by a UK artist called ESP.
    And this entirely relates to, not
  • 1:41 - 1:45
    extinction rebellion, being long before
    extinction rebellion, but the fact that we
  • 1:45 - 1:50
    have entered the sixth mass extinction on
    this planet that we are on. And this has
  • 1:50 - 1:57
    became practically scientific consensus in
    2015, where it has been fairly surely
  • 1:57 - 2:02
    asserted and since reasserted that we have
    in fact entered the largest extinction
  • 2:02 - 2:08
    event on this planet in 65 million years.
    Global populations of fish, birds, mammals
  • 2:08 - 2:17
    down by about 60 % in 42 years and
    according to the WWF a few years ago. The
  • 2:17 - 2:23
    UN puts it at about 150 species lost per
    day. Now, that's a little bit more than
  • 2:23 - 2:28
    the father of biodiversity, E.O. Wilson,
    that says it's around about 27,000 a year.
  • 2:28 - 2:32
    In other words, one species lost every 19
    minutes. But what does that really mean?
  • 2:32 - 2:37
    Well, when we're talking about background
    extinction rates, we're looking at the at
  • 2:37 - 2:40
    the background extinction rate for the
    last 65 million years has been about one
  • 2:40 - 2:46
    to five species a year. So not 150 a day,
    but 1 to 5 a year. This is fairly
  • 2:46 - 2:50
    conclusive of the fact that we have
    entered the sixth extinction on this
  • 2:50 - 2:56
    planet. I'm here in Germany, for instance.
    Just a couple of years ago, there was this
  • 2:56 - 2:59
    Dutch-German study done that now reflects
    pretty much the state of the entire
  • 2:59 - 3:07
    European continent of the 3/4 of all
    flying insect biomass dropping in about 25
  • 3:07 - 3:12
    years. So three quarters less flying
    insects in 25 years and supposedly
  • 3:12 - 3:18
    dropping it around about 2.5 a year. Now
    we need insects much more than they need
  • 3:18 - 3:23
    us. They are the glue layer of our food
    system. But within the planetary boundary
  • 3:23 - 3:27
    and biological sense, they are absolutely
    intrinsic. They also keep much of our
  • 3:27 - 3:32
    water very fresh. As one biologist put it,
    we humans will never see the the end of
  • 3:32 - 3:38
    the insects. We need them that much. Now,
    climate change has become very much
  • 3:38 - 3:47
    ascribed to this loss of species. But in
    fact, it's not climate change that is
  • 3:47 - 3:54
    responsible for species decline per say.
    The WWF Living Planet Index attributes
  • 3:54 - 3:59
    about seven per cent of species declines
    to warming. In fact, the real reason why
  • 3:59 - 4:02
    we are losing so many species so quickly
    is because we're changing their habitats.
  • 4:02 - 4:07
    We're just removing them entirely, and
    certainly urbanization is a part of that
  • 4:07 - 4:11
    and land change as a result of warming,
    but primarily it's because we've replaced
  • 4:11 - 4:17
    habitats with with farmland. This is, for
    instance, in the Amazon basin carving into
  • 4:17 - 4:24
    the Amazon right there just to lay down
    some soy livestock, feed crops. And
  • 4:24 - 4:28
    there's another another another view
    there. Now, most of that soy, all of that
  • 4:28 - 4:33
    soy is really exported for livestock feed,
    mostly to Europe and to China. But getting
  • 4:33 - 4:37
    onto the warming thing, which is obviously
    a massive existential threat we do all
  • 4:37 - 4:44
    face. We can safely say now that the Paris
    accord has entirely failed. The warming
  • 4:44 - 4:49
    projections presently we're looking at
    about 2.8 to 3.2 by the end of the
  • 4:49 - 4:53
    century, not including self reinforcing
    feedbacks. In other words, things like
  • 4:53 - 4:58
    permafrost melts, just releasing tons of
    methane into the air or the wildfires that
  • 4:58 - 5:01
    we've been seeing in Australia and over in
    California that are just sending gigatons
  • 5:01 - 5:07
    of carbon into the air. So this is still
    to be seen as relatively optimistic.
  • 5:07 - 5:11
    If we're looking at current policies and
    where they will lead us, that's a lot more
  • 5:11 - 5:15
    than 1.5. I think, first of all, it's
    important to point out that this is
  • 5:15 - 5:19
    actually really happening. And even if
    it's unimaginable and completely
  • 5:19 - 5:24
    unacceptable that it is happening, we
    still need to remember that science does
  • 5:24 - 5:30
    not need human imagination for evidence.
    It needs instrumentation and lots and lots
  • 5:30 - 5:34
    of hard work and decades of study. And it
    confirms that, yes, indeed, it is really
  • 5:34 - 5:40
    happening. Technology will not save us.
    This is also increasingly scientific
  • 5:40 - 5:47
    consensus. Most recently, looking at the
    idea that we can just simply scrub carbon
  • 5:47 - 5:52
    out of the air, we can, you know, we can
    suck it out of the air and these negative
  • 5:52 - 5:58
    emission technology. That's if you like.
    They're not even gigatons capable. And 29
  • 5:58 - 6:03
    European science academies concluded that
    we can absolutely not rely on any Ts or
  • 6:03 - 6:07
    negative emissions technologies to pull
    enough carbon out of the air at anywhere
  • 6:07 - 6:12
    near the rate that we need it in order to
    save us. What I mean by save us? Well,
  • 6:12 - 6:16
    when I was born, it was around about
    330 ppm CO2 in the atmosphere
  • 6:16 - 6:22
    and we're now looking at about
    412 of the latest reading. This is the
  • 6:22 - 6:31
    Keeling Curve. Now 450 ppm is seen as
    something of a threshold that probably
  • 6:31 - 6:37
    gets us more or less near 2 degrees of
    warming from post-industrial levels with a
  • 6:37 - 6:43
    70 % probability if we keep it under 2
    degrees, in other words, 450 ppm. Sorry.
  • 6:43 - 6:48
    If we keep it under 450 ppm, then we will
    almost certainly manage to avoid that that
  • 6:48 - 6:52
    2 degrees threshold for the 70 %
    probability. Just looking at ocean rise
  • 6:52 - 7:01
    alone. This is Miami at two degrees, which
    is arguably just around the corner. This
  • 7:01 - 7:05
    is Shanghai. I don't know if you've been
    to Shanghai. Where will all those people
  • 7:05 - 7:09
    go, you might ask yourself. Bangkok is
    already underwater at this point. Two
  • 7:09 - 7:14
    degrees represent something else
    relatively significant, however, as
  • 7:14 - 7:18
    evidenced in this fantastic paper, well,
    fantastic if you read this sort of stuff
  • 7:18 - 7:22
    and don't want to drink yourself under the
    table. But trajectories of the Earths
  • 7:22 - 7:28
    system and the Anthropocene suggests very
    strongly that it's highly likely,
  • 7:28 - 7:33
    extremely probable that if we cross the 2
    degrees centigrade warming threshold, we
  • 7:33 - 7:42
    will be on autopilot to 2.5, 3 degrees,
    3.5 and 4 degrees. And that's simply an
  • 7:42 - 7:48
    unstoppable course. No amount of carbon
    scrubbing can possibly compete with the
  • 7:48 - 7:56
    self reinforcing feedbacks after that
    point. We're on a course to a very
  • 7:56 - 7:59
    different planet. Just to give you a sense
    of what 4 degrees, for instance, would
  • 7:59 - 8:03
    mean, should we ever get there, which it
    looks like we will before the end of the
  • 8:03 - 8:11
    century if we continue business as usual.
    The temperature rise from the Ice Age, the
  • 8:11 - 8:17
    end of the Ice Age back 10,000 years ago
    to 1850 was 4 degrees of warming. Now,
  • 8:17 - 8:27
    that's 10,000 years of time for organisms,
    including us, to evolve and adapt to that
  • 8:27 - 8:34
    warming. We're looking at the same amount
    of warming in just 150 years. There's no
  • 8:34 - 8:42
    time to adapt. This picture I've tweeted a
    bit, I suppose, but maybe too much. But
  • 8:42 - 8:44
    this was done for the New Scientist and
    the visualization of what the earth would
  • 8:44 - 8:48
    look like, what the world would look like
    at 4 degrees. Now, Middle and Southern
  • 8:48 - 8:58
    Europe are obviously entirely gone. North
    America, Africa, South America and Asia -
  • 8:58 - 9:01
    they've all gone. I mean, where would
    those people go? Obviously, they'll head
  • 9:01 - 9:05
    North. The states will move from a geo
    strategic perspective, would obviously
  • 9:05 - 9:16
    move to Canada, China and to Russia.
    There's been a lot of talk about as to
  • 9:16 - 9:20
    what that would mean for human populations
    and human population numbers and of course
  • 9:20 - 9:24
    you read some wild stuff, how can we
    possibly know? But this chap who's had his
  • 9:24 - 9:30
    name on 120 papers or something like this.
    He's one of the most highly regarded
  • 9:30 - 9:35
    atmospheric scientists in the world, cited
    over a thousand times across academic
  • 9:35 - 9:40
    journals in the domain of atmospheric
    science, believes it's just a few thousand
  • 9:40 - 9:44
    people. The carrying capacity of the earth
    is just a few thousand people seeking
  • 9:44 - 9:52
    refuge in the Arctic or Antarctica. And of
    course, all the way to 4 degrees, we have
  • 9:52 - 9:58
    war, we have resource depletion driving
    conflicts, we have mass migration and very
  • 9:58 - 10:04
    unfortunately it is fairly safe to
    conclude that children alive today will,
  • 10:04 - 10:08
    even those still again, relatively
    unimaginable, but based on the best
  • 10:08 - 10:14
    available information, very probably face
    mass migration, war and hunger. Should we
  • 10:14 - 10:19
    not turn things around? This is just
    simply the way it is. This is where we are
  • 10:19 - 10:25
    going. But surely governments would never
    let that happen. You hear that a lot. But
  • 10:25 - 10:30
    the thing is, they have let that happen
    and they are continuing to let that
  • 10:30 - 10:44
    happen. Appropriate response is probably
    this. This UK pop artist, experimental pop
  • 10:44 - 10:49
    stuff, said this, write this down on a
    napkin one day. I really like it. "Hope
  • 10:49 - 10:53
    without honesty is denial" because people
    reach for hope at these times. But I also
  • 10:53 - 11:01
    really like Kate Malveaux, climate
    scientist. She said that we don't need
  • 11:01 - 11:06
    hope, we need courage. Courage is the
    resolve to do well without the assurance
  • 11:06 - 11:12
    of a happy ending. This is more what we
    need to be going. Thanks of course, giving
  • 11:12 - 11:16
    us a bit of a hand here with this. From
    this moment the spear ends and techniques
  • 11:16 - 11:23
    begin. And truth is, there's no hope
    without action. This is really where we
  • 11:23 - 11:29
    stand and this is not just my opinion. It
    happens to be an opinion very widely
  • 11:29 - 11:33
    spread. In fact, the world scientists in
    their " A second warning to humanity",
  • 11:33 - 11:40
    very recently wrote that same thing. They
    said that with a groundswell of organized
  • 11:40 - 11:45
    grassroots efforts, dogged opposition can
    be overcome and political leaders
  • 11:45 - 11:53
    compelled to do the right thing. Now that
    is 15,364 scientists from 184 countries.
  • 11:53 - 11:58
    It's the most scientific document in all
    history. They are urging us in the
  • 11:58 - 12:07
    absolute and, you know, ineptitude and
    lack of engagement from governments to
  • 12:07 - 12:13
    actually rise up and force governments to
    act. That's what they're telling us to do.
  • 12:13 - 12:18
    And you can look at this as a bit like,
    you know, imagine you have a disease, a
  • 12:18 - 12:24
    very rare disease and that the world's
    experts, you know, that those those
  • 12:24 - 12:30
    scientists, 15,364 scientists, contains
    most of the world's Nobel laureates,
  • 12:30 - 12:38
    planetary boundary scientists, food system
    scientists, geologists, biologists. They
  • 12:38 - 12:41
    say that, you know, so from the
    perspective of expert opinion, it doesn't
  • 12:41 - 12:46
    get much better. You can imagine that you
    have a disease that very few people have,
  • 12:46 - 12:51
    and the world's expert says to you:
    "Listen, it's really grim. You are looking
  • 12:51 - 12:58
    at a at a particularly bleak end, an ugly
    end, unless, of course, you stop now doing
  • 12:58 - 13:06
    these things". You can also think that our
    space habitat has a variety of subsystems,
  • 13:06 - 13:12
    it is a freshwater subsystem that looks at
    water purification and filtration, a
  • 13:12 - 13:19
    thermal regulation subsystem. You could
    look at food pods. They are being attacked
  • 13:19 - 13:23
    on our space habitat. If you don't like
    the word environmental or earth, you think
  • 13:23 - 13:28
    it's a bit too kind of patchouli dose to a
    hippie. Then think of it this way, because
  • 13:28 - 13:32
    that is what's happening. What they're
    telling us is that it's time to rebel.
  • 13:32 - 13:39
    It's time to force governments to act
    because they are not acting. No more
  • 13:39 - 13:45
    business as usual. What we need is massive
    swarming, nonviolent, uncontainable civil
  • 13:45 - 13:51
    disobedience en masse. Civil disobedience,
    unlike protests were you just get out on
  • 13:51 - 13:57
    the street on a little key area with a
    police permit for the protest, holding
  • 13:57 - 14:03
    little signs, oi oi oi. Civil disobedience
    actually works. It has
  • 14:03 - 14:07
    provably worked. South Africa versus
    apartheid. India versus the British Roche.
  • 14:07 - 14:15
    U.S. Civil Rights Movement. The Velvet
    Revolution. It's the way to go. Extinction
  • 14:15 - 14:20
    rebellion is very much a manifestation of
    that energy at the idea of actually
  • 14:20 - 14:27
    channeling civil disobedience to the ends
    of driving change is very much what it's
  • 14:27 - 14:33
    about. It's the kernel of the movement. It
    started in October 31st, where a bunch of
  • 14:33 - 14:39
    British activists marched onto Parliament
    Square and declared a rebellion against
  • 14:39 - 14:43
    the British government for its lack of
    action on the climate and the ecological
  • 14:43 - 14:50
    emergency. And then soon afterwards, 6000
    or so descended upon London and
  • 14:50 - 14:57
    effectively shut down the city center by
    occupying five bridges. Extinction
  • 14:57 - 15:01
    rebellion is a leaderless... That's very
    important. I mean, is that the press of
  • 15:01 - 15:06
    always reaches for a figurehead, but it is
    very much a leaderless. That's not steered
  • 15:06 - 15:10
    by the UK , Decentralized International,
    apolitical network using nonviolent direct
  • 15:10 - 15:15
    action and civil disobedience to persuade
    governments to act justly on the climate
  • 15:15 - 15:20
    ecological emergency. I'm just going to
    show a couple of videos right now to just
  • 15:20 - 15:26
    give you a sense of the kind of what civil
    disobedience in this case actually
  • 15:26 - 15:31
    comprises. I'll show you a video from
    France particularly focused on
  • 15:31 - 15:36
    overconsumption. We're talking about
    resource depletion here in the CCC this
  • 15:36 - 15:41
    year, which I think is great. And this was
    a protest at Block Friday instead of Black
  • 15:41 - 15:47
    Friday, which is, of course, a mass
    consumers event. Here we go.
  • 15:47 - 17:20
    music plays
  • 17:20 - 17:24
    They occupied a shopping mall for seven
  • 17:24 - 17:27
    hours and a whole bunch of stores across
    the country, Apple Store, etc., just
  • 17:27 - 17:32
    fantastic stuff. And you might think
    'where's this going?'. Well. And is that
  • 17:32 - 17:35
    really the only approach, you know, occupy
    malls and shops, et cetera, et cetera?
  • 17:35 - 17:38
    I'll show you another video for a very
    different strategy. This is extension
  • 17:38 - 17:44
    rebellion, New York City occupying Times
    Square. And I think this is definitely...
  • 17:44 - 17:49
    Oh, what is the video called? That's
    right... Player.
  • 17:49 - 18:01
    music plays, drums beating
  • 18:01 - 18:02
    Sorry, It's a but cut off, isn't it?
  • 18:02 - 18:05
    Again? Or wait, whatever.
  • 18:08 - 18:12
    People in the video shouting repeadeatly:
  • 18:12 - 18:16
    This is an emergency! This is an
    emergency!
  • 18:20 - 18:22
    music plats, drums beating
  • 19:06 - 19:10
    This is an emergency! This is an
    emergency!
  • 19:28 - 19:34
    Person in video: Good Morning, New York
    City! This is Extinction Rebellion
  • 19:34 - 19:39
    enforcing an international
    rebellion...continues unintelligible
  • 19:39 - 19:42
    shouting and drums beating
  • 19:42 - 19:45
    [Subtitles appear in video, therefore left out here]
  • 20:34 - 20:38

    Julian: Well, anyway, you get the idea.
  • 20:38 - 20:42
    applause
  • 20:42 - 20:46
    So something's wrong with my copy of my
    with my render buffer there, I can see that.
  • 20:46 - 20:49
    I don't know, anyway. Three demands.
  • 20:49 - 20:54
    Typically, some branches have more. There
    are many branches now. 600 plus branches
  • 20:54 - 21:00
    all over the world. Some have four demands
    for us, as in the US. Some of these state
  • 21:00 - 21:03
    branches have added a fourth demand for
    climate ecological justice for those most
  • 21:03 - 21:09
    affected by changes within planetary
    boundaries. Sorry, changes above and
  • 21:09 - 21:13
    beyond planetary boundaries. But in
    general, there's this kernel of sort of
  • 21:13 - 21:16
    three demands. Tell the truth. Government
    must tell the truth by declaring a climate
  • 21:16 - 21:20
    and ecological emergency. Working with
    other institutions to communicate the
  • 21:20 - 21:24
    urgency for change. Act now. Government.
    Government must act now to halt
  • 21:24 - 21:29
    biodiversity loss and reduce greenhouse
    gas emissions to net zero by 2025. 2025,
  • 21:29 - 21:33
    you say. Understand? You might think that
    is a little bit short, but it's good to
  • 21:33 - 21:39
    have goals beyond politics. Government
    must create and be and be led by the
  • 21:39 - 21:46
    decisions of a citizen assembly on climate
    ecological justice. And it is working
  • 21:46 - 21:53
    significantly. In fact, if you go to this
    climate mobilizationorg map and you will
  • 21:53 - 21:59
    see that states, municipalities and cities
    all over the world, tons of them have in
  • 21:59 - 22:03
    fact declared a climate ecological
    emergency. What they do after that point
  • 22:03 - 22:10
    is, of course, the next step. But I can't
    find a single one of these that is dated
  • 22:10 - 22:15
    to before April this year. So in just one
    year, that is a significant political
  • 22:15 - 22:17
    transformation.
    applause
  • 22:17 - 22:25
    Yep, yes. And it's certainly not just
    extinction rebellion. It's Fridays for
  • 22:25 - 22:32
    future have been just upping the game.
    They're massively, so, respect! At the COP
  • 22:32 - 22:37
    25, which was obviously like a massive
    failure in itself, extinction rebellion
  • 22:37 - 22:42
    was listed as the most influential
    organization above the World Bank,
  • 22:42 - 22:49
    Greenpeace, et cetera, et cetera. So it's
    a relatively short kind of rise of a voice
  • 22:49 - 22:54
    for this particular movement.
    Now, infrastructure for
  • 22:54 - 22:58
    rebellion. Unfortunately, the movement got
    off to a reasonably bad start in the UK in
  • 22:58 - 23:01
    that respect. They went from the
    perspective of...
  • 23:01 - 23:04
    What's that? That's a bit odd.
    referring to the red blink glitch
  • 23:04 - 23:07
    They went from the perspective that we are
    an above ground movement. We work in
  • 23:07 - 23:14
    the open. It's not really good for civil disobedience
    to have that as your mandate or a priority.
  • 23:14 - 23:17
    And there in the UK, things are, of
    course, a little bit different. It's
  • 23:17 - 23:20
    something of a playground there for civil
    disobedience. The police are generally
  • 23:20 - 23:23
    quite nice. In fact, one of the chief of
    police in the UK said 'Well, they're
  • 23:23 - 23:29
    actually quite nice people, these
    activists'. This is not something that
  • 23:29 - 23:35
    exports very well. It doesn't even export
    over the border. I'll talk about them in a
  • 23:35 - 23:40
    moment. But they really settled on base
    camp over in the US. They just went
  • 23:40 - 23:45
    straight to base camp. Google for sharing
    like things like contact lists. They
  • 23:45 - 23:52
    didn't have anyone with technical, shall
    we say, know how or operational security
  • 23:52 - 23:56
    intuition or interest to look at it any
    other way. So they just reach for what's
  • 23:56 - 24:00
    at hand. The Action Network, too, hosted
    over in the United States Base camp, I
  • 24:00 - 24:07
    mean, the extinction rebellion explicitly
    breaks base camps terms of service. You
  • 24:07 - 24:10
    may not use the service or any illegal
    purpose. Well, civil disobedience is
  • 24:10 - 24:18
    breaking the law. That's what it is.
    Action Network, which is widely used by,
  • 24:18 - 24:22
    unfortunately, activist movements all over
    the world, humans rights spaces as well...
  • 24:22 - 24:27
    They they really use it a lot. They have
    just crazy stuff. You understand and agree
  • 24:27 - 24:31
    that we may disclose your information if
    required to do so by law or court order a
  • 24:31 - 24:36
    legal process some point, including to
    respond to any government or regulatory
  • 24:36 - 24:41
    request. I mean, this is nuts. Action
    Network hosted over in the US under a
  • 24:41 - 24:46
    Trump surveillance apparatus, that massive
    apparatus that Obama expanded hugely and
  • 24:46 - 24:53
    just gave to Trump. And I mean, this is an
    unsafe environment for hosting, you know,
  • 24:53 - 25:02
    contact lists.On the 3rd of of November
    last year, my partner said they really
  • 25:02 - 25:08
    should be an extinction rebellion in
    France. And and I immediately thought,
  • 25:08 - 25:15
    well, they will need a server. There in
    France, you do not want your activists on
  • 25:15 - 25:18
    Action Network. I mean, you don't want
    them using Google because, I mean, in
  • 25:18 - 25:24
    France, this is the situation. Here's
    France. This is, in fact, Paris and Sally
  • 25:24 - 25:28
    Bridge in the center of Paris with just
    cops cruising past and just tear gas and
  • 25:28 - 25:33
    even taking the sunglasses off and just
    and just spraying them right in the face.
  • 25:33 - 25:40
    This is Youth for Climate protesting
    outside an Amazon logistics center. Very
  • 25:40 - 25:44
    recently, in fact. Youth for climate, just
    with with a guy wearing the French stripes
  • 25:44 - 25:48
    in the background overseeing it. He says,
    'Yep, you can do it. The state says it's
  • 25:48 - 25:54
    OK', and just sprays them. You know, this
    is France. It's a different environment.
  • 25:54 - 25:59
    So I just really got them up and running
    with something really fast. Iceland was
  • 25:59 - 26:03
    chosen because Icelanders is very well
    known for its strict data protection laws.
  • 26:03 - 26:10
    It's well outside of obviously the EU and
    of course, the five eye states. And I went
  • 26:10 - 26:16
    the FlokiNET, geothermal direct from
    source, more direct from grid source.
  • 26:16 - 26:21
    Discourse for the forum rather than base
    camp, for instance. Nextcloud for all the
  • 26:21 - 26:25
    vital stuff replacing Google Drive, etc.
    hardened opened VPN and a data partition
  • 26:25 - 26:32
    on AES-XTS on 512, Jitsi-Meet for calls
    bit and just a very simple MTA. In fact,
  • 26:32 - 26:38
    it's not really an empty, it's just a just
    email, XM. XM form. Meanwhile, the
  • 26:38 - 26:42
    international movement as branches were
    popping up all over the world, were
  • 26:42 - 26:46
    descending on slack. Now slack is
    particularly problematic for a variety of
  • 26:46 - 26:50
    reasons. But what's there's a reason why
    they were jumping on slack. They wanted a
  • 26:50 - 27:00
    place to share their extinction rebellion,
    broader global needs. I mean, this is just
  • 27:00 - 27:06
    a few thousand people at that stage. Some
    people were members of multiple teams. And
  • 27:06 - 27:09
    importantly, they chose Slack because
    Slack does it for something that group
  • 27:09 - 27:13
    chat does not. Many teams, each with
    channels, public and private, and this is
  • 27:13 - 27:21
    just the, it is hard to call it, an
    innovation, but slack itself, is chosen
  • 27:21 - 27:26
    for that team based structuring
    configuration over group chat for a very
  • 27:26 - 27:30
    good reason. It is a direct messaging back
    end. Many national branches means many
  • 27:30 - 27:34
    teams. Some people belong to more than one
    team. But the problem with Slack is that
  • 27:34 - 27:37
    Slack is a racist infrastructure. It
    actually has its discriminatory
  • 27:37 - 27:43
    infrastructure. Slack voluntarily chose to
    follow Trump's digital trade embargo,
  • 27:43 - 27:49
    blocking like Crimea, Cuba and Iran.
    Several other countries just because they
  • 27:49 - 27:54
    thought maybe I'd know Trump would buy
    them a Rolex, I'm not sure. But it's it's
  • 27:54 - 28:00
    nuts that they did that. And then they
    even defended it, apologizing a little
  • 28:00 - 28:07
    bit. Sort of not apologizing later. Google
    Docs. Branches were jumping to Google Docs
  • 28:07 - 28:10
    to store contact lists. Here's your
    regional coordinator, your national
  • 28:10 - 28:15
    coordinator, your actions and logistics
    teams - terrible stuff! So much so that in
  • 28:15 - 28:21
    the UK at least a seasoned organization
    and protecting activists and ensuring that
  • 28:21 - 28:27
    they have legal rights or at least legal
    protections when they need them in the UK
  • 28:27 - 28:33
    decided to pull out of support of
    extinction rebellion on the basis that
  • 28:33 - 28:37
    XR UK was storing personal data
    inadequately and that they were very sure
  • 28:37 - 28:44
    that in fact the police would have access
    to that information. Thus, when openness
  • 28:44 - 28:49
    is enforced, we have a regime of openness
    doing things out in the open. It excludes.
  • 28:49 - 28:53
    What about those that might work and
    governments or government offices or
  • 28:53 - 28:58
    corporations or just those that are a bit
    nervous about getting involved in a civil
  • 28:58 - 29:02
    disobedience movement? They're not sure
    they want to actually take that big step.
  • 29:02 - 29:08
    Those are not going to feel very
    comfortable at all doing it in the open.
  • 29:08 - 29:13
    A community owned hub and operated
    hub for Extinction Rebellion was absolutely
  • 29:13 - 29:16

    needed. And so I set out just building
  • 29:16 - 29:21
    criterion for this had to be community
    owned and operated, platform wise, free
  • 29:21 - 29:28
    and open source software outside of the
    Five Eye and EU member states. It needed
  • 29:28 - 29:36
    to walk its talk and enjoy energy direct
    from source. No CO2 credits, a'la Google
  • 29:36 - 29:43
    and Amazon. Debian simply because I've
    been using Debian since the year 2000 only
  • 29:43 - 29:55
    and and I just love it. weeps If I start
    crying, you know why? It's not because the
  • 29:55 - 29:58
    planet is dying, it's because I just love
    Debian so much. But it needs to be
  • 29:58 - 30:02
    affordable and very well rooted. So,
    'mission coherent infrastructure' was what
  • 30:02 - 30:07
    is really often what I mean by that. Few
    people are aware that the global data
  • 30:07 - 30:11
    center industry consumes or at least
    pushes out, I should say, as much carbon
  • 30:11 - 30:17
    into the atmosphere as the entire airline
    industry. This is the same amount as the
  • 30:17 - 30:26
    UK. The United Kingdom itself actually
    burns a year. It's a lot. And for
  • 30:26 - 30:32
    organise.earth, which was the domain name
    that was chosen...Exactly 366 days ago, in
  • 30:32 - 30:41
    fact, it was born. I settled on mattermost
    and I'll explain why in a moment. And I
  • 30:41 - 30:47
    and I settled on datacenterlight in the
    Swiss Alps. Datacenterlight, direct from
  • 30:47 - 30:51
    source hydro alpine catchment hydro... It
    was a beautiful Irony there, actually sort
  • 30:51 - 30:58
    of like a bleak poetry that as warming
    melts the snow on the Alps, it flows down
  • 30:58 - 31:01
    into these large catchment bays, which
    then drive lovely big generators that
  • 31:01 - 31:08
    power the data center. So I just I can't
    get past that. It's extremely well rooted.
  • 31:08 - 31:13
    Their VMs are wonderfully fast. I settled
    on mattermost for these reasons: We had to
  • 31:13 - 31:20
    get thousands of people off Slack fast. So
    the U.S. similarity was mission critical.
  • 31:20 - 31:25
    There are export path from slack directly
    into mattermost. It has that team check
  • 31:25 - 31:30
    configuration that people in an activist
    communities really like now. They've
  • 31:30 - 31:35
    adopted that wholesale. It's reasonably
    unified. UI/UX across the endpoint
  • 31:35 - 31:41
    platforms, whether you're on iOS or
    Android or desktop. Team invite links.
  • 31:41 - 31:45
    Teams can actually control invitations to
    the teams by sending them a link and they
  • 31:45 - 31:49
    can recycle that link or at least flush it
    and generate a new one when they need to,
  • 31:49 - 31:56
    to control flow. This basic team admin
    controls. Extremely low entry barrier. The
  • 31:56 - 32:01
    server was entirely funded by one fresh,
    ahm French - I was going to say Swiss.
  • 32:01 - 32:08
    Then I said French. So I said fresh. - One
    French rebel. scales linearly as regards
  • 32:08 - 32:13
    system overheads. It's just extremely
    performant. In fact, when we got to about
  • 32:13 - 32:21
    20.000 people on organise.earth, the
    server population, matteremost itself was
  • 32:21 - 32:28
    running at about 30 percent of one core.
    "Mattermost for chat. Anything sensitive?
  • 32:28 - 32:33
    Use Signal or Wire." And that's the rule
    now on organise.earth, which has become
  • 32:33 - 32:37
    very much the global hub for the movement,
    with four hundred and seventy-five teams,
  • 32:37 - 32:43
    mostly national or local branches. It's a
    really large Mattermost deployment. Why
  • 32:43 - 32:51
    not Riot and Matrix/Synapse? Well, in
    December 2018, when I was looking at it,
  • 32:51 - 32:56
    it was a little bit immature. The UI UX
    was a bit geeky, but there were also real
  • 32:56 - 33:03
    problems with with scalability. I just
    seem to see that it wasn't something I
  • 33:03 - 33:08
    could really know that hundred thousand
    people, for instance, down the road could
  • 33:08 - 33:14
    actually all use on my particular site
    home server deployment. The device
  • 33:14 - 33:18
    verification was really freaking people
    out. I mean, some of the the great
  • 33:18 - 33:25
    majority of the rebels, in fact, that we
    are hosting are in fact the kind that
  • 33:25 - 33:31
    would look for a Google link to log in.
    There's no markdown. That might seem a
  • 33:31 - 33:34
    little bit arbitrary, but it's become
    relatively critical - especially for the
  • 33:34 - 33:38
    code / development side of things and
    formatting, making lists. Markdown is
  • 33:38 - 33:44
    important. It doesn't have that link-based
    invitation management either. But there's
  • 33:44 - 33:48
    also this metadata leakage concern -
    something that the Matrix team are really
  • 33:48 - 33:54
    looking at. And they've said so. They've
    said that the metadata leakage, they want
  • 33:54 - 34:01
    to fix that. They want a more unified
    experience across the app layer, too, with
  • 34:01 - 34:06
    Riot. So I'm looking forward to following
    that in the future. Zero knowledge: I
  • 34:06 - 34:13
    would love to go that way. But given the
    fact that that we already have use Signal or
  • 34:13 - 34:18
    Wire for anything sensitive and use
    Mattermost for anything else and use your
  • 34:18 - 34:21
    individual branch servers, which I talk
    about in a moment, for anything truly
  • 34:21 - 34:26
    internal to your branch, we've achieved
    basically the same thing because Riot -
  • 34:26 - 34:32
    just like with a Nimmo - is not
    entirely encrypted by default. It's
  • 34:32 - 34:39
    something that one must actually set up.
    So we're effectively in the same place.
  • 34:39 - 34:43
    Organized.earth has now grown to host a
    large number of platforms which I have
  • 34:43 - 34:48
    deployed there. We have, of course,
    Mattermost. We have NextCloud to us. Only
  • 34:48 - 34:54
    office is used for collaborative editing
    that has some missives I talk about in the
  • 34:54 - 34:58
    moment. Etherpad-Lite is used really
    heavily. LimeSurvey replaces Google Forms.
  • 34:58 - 35:03
    Jitsi-Meet doesn't really replace Zoom.
    But this is something that we're working
  • 35:03 - 35:11
    on very much. Rainloop with Docevot and
    PostFix for the for the mailing. And then
  • 35:11 - 35:16
    we have GitLab. GitLab has been a massive
    success. We have a few hundred coders now
  • 35:16 - 35:23
    working flat-out in the GitLab that we
    have deployed. And it is very interesting
  • 35:23 - 35:26
    that many of them say that would they
    would not be able to do what they're doing
  • 35:26 - 35:32
    on GitHub. Given that GitHub is tied to
    their work, GitHub is tied to the to their
  • 35:32 - 35:37
    real life a little bit too much. And they
    are genuinely worried about a boss or
  • 35:37 - 35:42
    corporation or company surveilling them
    when they are maybe, for instance, engaged
  • 35:42 - 35:51
    in a project that is technically illegal
    or quasi-legal. Discourse is used, I
  • 35:51 - 35:54
    guess, less heavily on the main
    organized.earth server than it is on some
  • 35:54 - 35:59
    of the branch deployments. The French
    server, for instance, now has 70,300
  • 35:59 - 36:10
    members in its Discourse. Yes, 70,300. What
    a win. Yeah. It's just like a marketplace
  • 36:10 - 36:21
    of chatter. Signal and Wire replacing
    WhatsApp and Skype. Mastodon node was
  • 36:21 - 36:25
    created, which has become quite popular
    with branches. And we have PeerTube
  • 36:25 - 36:28
    replacing YouTube. And importantly, we're
    working very hard to ensure that we have a
  • 36:28 - 36:36
    gender balance as much as possible within
    the open space of all these platforms. On
  • 36:36 - 36:41
    the backend, of course, Debian
    sobbing. AES XTS for the data
  • 36:41 - 36:47
    partition. Failed2ban and UFW for the
    firewalling. (aside) Those of you that are
  • 36:47 - 36:53
    taking photos of this are feds. I
    see you taking photos. Take photos.
  • 36:53 - 36:58
    laughs Snort for the intrusion
    detection. Prometheus and hardened
  • 36:58 - 37:05
    OpenVPN. I'm really into Duplicity for
    backups and Pecona for hot MySQL backups.
  • 37:05 - 37:12
    It's a real problem when you're trying to
    backup huge databases that are 14-15 GB or
  • 37:12 - 37:17
    more: You can't take them down long enough
    to do a dump with, say, MySQL or something
  • 37:17 - 37:23
    like this. Percona provides a really
    interesting solution for hot backups. I
  • 37:23 - 37:28
    had to work on optimizations with an IDB
    heavily in order to get the kind of
  • 37:28 - 37:32
    performance that was squeezing out of
    Mattermmost in its interaction with MySQL
  • 37:32 - 37:44
    on the server. Nginx we now support two
    protocols: v4 and v6. The v6 addition was
  • 37:44 - 37:49
    certainly very, very bumpy and I wish it
    wasn't so bumpy, but it was. I thought I
  • 37:49 - 37:56
    knew or understood physics better than I
    actually did the day of deployment.
  • 37:56 - 38:03
    PostFix and Dovecot. And then we have
    LetsEncrypt. Platform challenges: Jitsi-
  • 38:03 - 38:09
    Meat does not replace Zoom. Zoom is just
    simply more performant. I think about 1.7
  • 38:09 - 38:19
    Mbits/s is the lower-level, minimum
    bandwidth required for a user in order to
  • 38:19 - 38:23
    have a quality call but Jitsi-Meet is
    higher. And so we do get people on 3G,
  • 38:23 - 38:29
    they just drop out and we sometimes have
    40 or 50 people on the call and Jitsi-Meet
  • 38:29 - 38:34
    is not cutting it, unfortunately. Only
    office unless you want to pay 6,000 a
  • 38:34 - 38:40
    year, which of course we won't. You're
    looking at only 20 simultaneous editors at
  • 38:40 - 38:47
    the same time. This also needs to, needs to
    change. Thankfully, NextCloud's text app
  • 38:47 - 38:53
    seems to offer us a sweet spot there, as
    far as simultaneous editing. In the
  • 38:53 - 38:57
    meantime, EtherPad-Light is being used
    really heavily. There's a lack of epic
  • 38:57 - 39:01
    controls in MatterMmost, which is
    precisely why we are forking it. We are
  • 39:01 - 39:05
    forking Mattermost, which is a massive
    job, such that team admins can have all of
  • 39:05 - 39:12
    those hundreds of teams can individually
    manage their memberships. That having to rely
  • 39:12 - 39:18
    on me to drop into the into the CLI and
    use the Mattermost tooling to do things
  • 39:18 - 39:26
    like following the GDPR, deleting all of
    the posts of a particular member. And we
  • 39:26 - 39:31
    have SSO expectations for a mostly non-
    tech membership. People are so used to the
  • 39:31 - 39:37
    idea, especially the very that the younger
    and the older end of the demographic both
  • 39:37 - 39:44
    expect one unified log-in for all
    platforms. And this is just a real hassle
  • 39:44 - 39:49
    and very difficult to manage. But with
    Mattermost, it acts as a OAuth2 provider
  • 39:49 - 39:53
    that does offer us some interesting
    possibilities there. The XR Server
  • 39:53 - 39:59
    Platform has since evolved to this. It has
    MailTrain as the mailing list manager and
  • 39:59 - 40:06
    this is working real well. I'm at
    MailTrain V2 with a sweet docker compose
  • 40:06 - 40:10
    deployment. I thoroughly recommend giving
    that a go to replace your mailchimp
  • 40:10 - 40:16
    whatever needs. We also have a 'Rebels
    Manager' as the CRM. So this effectively
  • 40:16 - 40:21
    replaces Action Network and it leverages
    MailTrain. There's a very talented
  • 40:21 - 40:26
    developers in Brussels and Belgium that
    have put together the Rebels Manager,
  • 40:26 - 40:32
    which will be deploying across the entire
    movement. And yeah, it's working out real
  • 40:32 - 40:37
    nice as far as the deployments. The branch
    service deployed in the spirit of
  • 40:37 - 40:43
    decentralization. I have deployed these
    and there are many, many more to come. And
  • 40:43 - 40:47
    these are entirely independent from
    organized.earth, from the main hub. They
  • 40:47 - 40:52
    are self run self-administered. Admins are
    trained over ten to twenty five hours and
  • 40:52 - 40:58
    then the keys are flipped and then they
    just sail off on their own. 2020 plans:
  • 40:58 - 41:02
    the Mattermost-fork I mentioned, but
    importantly, the Wire-Mattermost
  • 41:02 - 41:07
    integration. What I'd really like to see
    and what we're talking about with the
  • 41:07 - 41:13
    Rebel codes is, I guess as we call
    ourselves, is to have a Wire Add-On or
  • 41:13 - 41:16
    Plugin for Mattermost such that you can
    just simply click on a bunch of different
  • 41:16 - 41:20
    people that you'd like to engage in a into
    anend-to-end encrypted voice call or chat.
  • 41:20 - 41:27
    We're excited about that. Enhance team
    admin controls: Team administrators should
  • 41:27 - 41:32
    be able to do a lot of the work that that
    I shouldn't be doing. A Federation feature
  • 41:32 - 41:39
    which effectively replaces Mattermosts
    enterprise offering, which is about three
  • 41:39 - 41:44
    dollars a month or something per seat.
    It's a crazy amount of money. I mean, in
  • 41:44 - 41:50
    our populations that would be completely
    impossible to afford that sort of The
  • 41:50 - 41:54
    Enterprise Enterprise edition anyway. So
    we are actually sort of forced to fork
  • 41:54 - 41:57
    Mattermost, which I'm sure is really gonna
    piss them off, but we are going to do it.
  • 41:57 - 42:03
    We've already started. Jitsi-Meet-rework:
    We want to build an OAuth-wall for Jitsi-
  • 42:03 - 42:09
    Meet so that we can protect our instances.
    Simultaneous session recording, not using
  • 42:09 - 42:13
    Jabari or with the chromium browser on a
    server, which I can't believe is the
  • 42:13 - 42:19
    solution that they have chosen. I will
    never, ever install a browser on a server.
  • 42:19 - 42:28
    It's just it's just illegal. And it's just
    it's just wrong. Bandwith optimizations,
  • 42:28 - 42:33
    we need a lot of work done there. Rebels
    Manager replaces Action Network. And then
  • 42:33 - 42:38
    we want to have a member facing services
    dashboard with that OAuth2-flow and
  • 42:38 - 42:43
    particularly and very importantly,
    colocation deployments. Working out of VMs
  • 42:43 - 42:48
    is all very well but you do have key theft
    from RAM as a as a plausible possibility
  • 42:48 - 42:53
    in many instances, so to speak. And so
    what we would like to aim for is being
  • 42:53 - 43:03
    able to drop off dedicated boxes with the
    RAM, epoxied into the slot and good to go,
  • 43:03 - 43:09
    nice on lockdown. Yes. Swiss VPN for the
    entire movement, this is something that I
  • 43:09 - 43:13
    should have done within it within a few
    weeks. And I also want to obsolete myself
  • 43:13 - 43:17
    so I can dedicate myself to other
    movements while maintaining at least a
  • 43:17 - 43:25
    tech advisory role within Extinction
    Rebellion. But it is time for techies to
  • 43:25 - 43:35
    rebel. There is no hope without action.
    But there is no action without
  • 43:35 - 43:41
    infrastructure, at least not at the scale
    that we need it today. We need massive
  • 43:41 - 43:47
    deployments, distributions. People need
    places to work and to organize and to do
  • 43:47 - 43:55
    so safely. SysOps, DevOps, Codes, front
    and back. All can dedicate an hour, a week
  • 43:55 - 44:04
    or a couple of hours a day to a cause
    which is probably best described as the
  • 44:04 - 44:13
    single biggest challenge that we as a as a
    species actually face. Live in your time
  • 44:13 - 44:20
    and dedicate an hour or two a week or a
    day, if you if you can, to this. Maybe not
  • 44:20 - 44:24
    Extinction Rebellion, but for Fridays For
    Future, Sunrise Movement, future movements
  • 44:24 - 44:29
    to come. If you are interested in getting
    involved in Extinction Rebellion and
  • 44:29 - 44:34
    joining the the the very large tech team,
    then visit rebellion.global, find your
  • 44:34 - 44:41
    local branch, get invited to Mattermost
    and then see you there. Another end of the
  • 44:41 - 44:56
    world is possible. Thanks a lot, guys.
  • 44:56 - 44:57
    applause
  • 44:57 - 44:59
    Herald: Thank you very much, Julian Oliver
    - Extinction Rebellion.
  • 44:59 - 45:06
    applause
    Herald: If you have questions, you know
  • 45:06 - 45:12
    the procedure. There are microphones from
    one to number six. And as far as I know,
  • 45:12 - 45:15
    we already have questions from the
    Internet. So signal angel, question number
  • 45:15 - 45:18
    one please.
    Signal Angel: Hello, someone from the IRC
  • 45:18 - 45:22
    wants to know, how do you enter the
    encryption passwords for your data
  • 45:22 - 45:26
    partitions during automated reboots in the
    data center?
  • 45:26 - 45:35
    Julian: This is completely impossible to
    do for an encrypted root file system,
  • 45:35 - 45:41
    obviously, one needs to, in fact, look at
    data partitions that are encrypted. But
  • 45:41 - 45:46
    the root file system not unfortunately on
    many the deployments that are not Colo and
  • 45:46 - 45:50
    those that do not have the flexibility of
    presence at the point of entering that
  • 45:50 - 46:00
    password. So from that from that basis, we
    we go with a an encrypted AES 512 Bit
  • 46:00 - 46:06
    encrypted data partition and one comes in
    over the VPN, tunnels in through SSH and
  • 46:06 - 46:13
    then decrypt and mounts. I realize this is
    not exactly ideal, but it is all we can do
  • 46:13 - 46:17
    in the VM space.
    Herald: And the next question from
  • 46:17 - 46:20
    microphone number two.
    Microphone 2: Hello, first of all thank
  • 46:20 - 46:25
    you so much for all this work you've put
    into creating this platform for the
  • 46:25 - 46:31
    movement. My question is, what measures
    have you taken to protect yourself against
  • 46:31 - 46:37
    the case where, for example, your home is
    raided by police and they try to somehow
  • 46:37 - 46:43
    get into the servers through other means
    than just impounding them.
  • 46:43 - 46:50
    Julian: I'm being socially engineered
    aren't I? n public? No, no, I'm I'm
  • 46:50 - 46:55
    particularly cautious about that stuff.
    And all of us, all the sysadmins of which
  • 46:55 - 46:59
    there are now about 30 across the
    different branch deployments, we have
  • 46:59 - 47:05
    very, very strict procedures for this sort
    of thing, including redundancy across
  • 47:05 - 47:10
    backups, leaving home check, powering off
    the laptops. In fact, just like I
  • 47:10 - 47:13
    installed the entire movement's
    infrastructure community on infrastructure
  • 47:13 - 47:18
    on a thinkpad X230 that I bought for one
    hundred and forty five euros on the German
  • 47:18 - 47:24
    eBay. And. And I've encouraged all of the
    SysAdmins to buy the same, precisely
  • 47:24 - 47:28
    because you have this lovely battery lock
    on the back. You can just flip it and and
  • 47:28 - 47:32
    pull out the battery. You know, if you're
    ever facing police or a stop and search.
  • 47:32 - 47:36
    And of course, some countries like, you
    know, maybe India or Brazil, this becomes
  • 47:36 - 47:42
    really critical. But there is just a
    routine. I'm leaving home, I'm powering
  • 47:42 - 47:49
    off my laptop. Just which screen-locker
    we're using, KeePass, you know, phones
  • 47:49 - 47:58
    encrypted. The files, The, um, the file
    system. And we just have to do our very,
  • 47:58 - 48:03
    very best. There is no such thing as
    perfect sort of forward security in this
  • 48:03 - 48:08
    space. But all we can do is employ best
    practice operational security and also
  • 48:08 - 48:13
    most importantly, treat sysadmins as high
    risk first stage targets, and they are
  • 48:13 - 48:19
    increasingly so from this perspective.
    Sysadmins are forbidden to go to actions.
  • 48:19 - 48:21
    They can not be arrested because there's
    always the possibility of coercion. And we
  • 48:21 - 48:26
    actually have a whole kind of script with
    sysadmins when they entering into the fold
  • 48:26 - 48:29
    to to explain to them, you are aware of
    the risks, you know, and you need to lean
  • 48:29 - 48:33
    on your branch to explain to you the
    the legalities of the of your
  • 48:33 - 48:37
    operating environment. What are your
    rights? Can you be coerced to to cough up
  • 48:37 - 48:44
    a password, you know, to to give the
    master key to your to your to KeePass, for
  • 48:44 - 48:48
    instance, like this. You need to know
    those rights. You need to know your
  • 48:48 - 48:51
    rights. And if you can't deal with the
    heat and you don't want to go that
  • 48:51 - 48:54
    distance, then step down from being
    sysadmin and give it to someone else who
  • 48:54 - 48:59
    is willing to go that distance. There are
    so many factors. And again, we can't
  • 48:59 - 49:06
    generalize across the entire geo cultural,
    political jurisdictional space that
  • 49:06 - 49:10
    Extinction Rebellion works at because it's
    just so various. Yeah.
  • 49:10 - 49:14
    Herald: Thank you. And the Internet has
    another question.
  • 49:14 - 49:19
    Signal Angel: How do you keep your
    community of, as you explain mostly non-
  • 49:19 - 49:23
    technical people on your geeky and
    decentralised solution as it grows?
  • 49:23 - 49:31
    Julian: No problem really keeping them. I
    mean, It's maybe when one of the founders
  • 49:31 - 49:38
    says something like completely
    controversial or absurd. This is being
  • 49:38 - 49:42
    recorded, isn't it? Then then yeah, we
    have we have lost some number,
  • 49:42 - 49:47
    understandably, but still the served
    population just grows day in and day out.
  • 49:47 - 49:50
    And I am expecting in 2020, at this
    current rate, we are looking at a at
  • 49:50 - 49:56
    around 400, 400 to 500 new members a day,
    on the Mattermost at least. And with
  • 49:56 - 50:03
    branch server deployments, it'll be three
    or four month until we've filled all the
  • 50:03 - 50:09
    national branch requirements. There is no
    problem for that. Mattermost is seemingly
  • 50:09 - 50:17
    reasonably enjoyed, not so geeky in that
    sense. Discourse is also very widely used
  • 50:17 - 50:24
    within the, I mean Twitter uses Discourse
    internally, but also publicly. We see many
  • 50:24 - 50:29
    large corporations and organizations and
    NGOs using Discourse as a forum solution,
  • 50:29 - 50:33
    as a discussion forum solution. So it's
    actually familiar to a lot of a lot of
  • 50:33 - 50:39
    people anyway. The geeky ness, I would say
    is probably when we start talking about
  • 50:39 - 50:42
    the need for a VPN. That's when a lot of
    people just switch off. So there's a lot
  • 50:42 - 50:46
    of cultural work, techno cultural work, if
    you like, that needs to be done there in
  • 50:46 - 50:53
    order to secure the movement further.
    Herald: Thank you. Microphone number five,
  • 50:53 - 50:56
    please.
    Microphone 5: Hi there. Um, so you talked
  • 50:56 - 50:59
    all about your communication
    infrastructure. Can you share anything
  • 50:59 - 51:03
    about your financial infrastructure?
    Julian: That's also very varied, too. I
  • 51:03 - 51:08
    mean, branches have their own funding
    coming in, but then there are others that
  • 51:08 - 51:13
    that will receive funding from. Previously
    it was the UK was managing a lot of that
  • 51:13 - 51:19
    funding. That's entirely switching now to
    the international support team, which is a
  • 51:19 - 51:23
    multinational group, if you like,
    organization within Extinction Rebellion
  • 51:23 - 51:27
    that does handle all the finances and
    donors would come to the movement wanting
  • 51:27 - 51:31
    to give money. And then that's distributed
    throughout the movement as needed to meet
  • 51:31 - 51:38
    the ends of branches. It's still just a
    year in and it's still quite varied. I
  • 51:38 - 51:44
    mean, XR Germany, for instance, actually
    donated to the global movement recently.
  • 51:44 - 51:50
    So it came back that way. It's I think
    it's it's always going to be relatively ad
  • 51:50 - 51:56
    hoc, especially also given the fact that
    some financial institutions, state craft
  • 51:56 - 52:05
    are very much on the tail of. I just spoke
    too much didn't I. But method no. Yep. You
  • 52:05 - 52:09
    need to be very careful about about where
    bank accounts are as regards the tax
  • 52:09 - 52:13
    state. And so I think it's it's gonna be a
    changing environment for quite some time.
  • 52:13 - 52:17
    I didn't actually know much about the
    finances side of things to answer that
  • 52:17 - 52:21
    wholely, but yeah. Thanks.
    Herald: Thank you. Microphone number
  • 52:21 - 52:26
    three, please.
    Microphone 3: Hi. A lot of people find it
  • 52:26 - 52:30
    very hard to go from this content to
    dissent and more people tend to get
  • 52:30 - 52:37
    involved, involved if we lower the barrier
    of entry. So, you know, it sounds great
  • 52:37 - 52:44
    when you say like a couple, couple a few
    hundred new people a day globally. I
  • 52:44 - 52:48
    suspect it would be more the low the more
    you lower the barrier of entry if you have
  • 52:48 - 52:53
    some sort of a gateway drug. So what are
    you thinking about making some kind of
  • 52:53 - 52:58
    system, some some kind of easy invite,
    sort of a one click, get an invite to
  • 52:58 - 53:01
    Mattermost thing that would make it
    easier.
  • 53:01 - 53:06
    Julian: Well that already exists. The
    organise.earth is really only the global
  • 53:06 - 53:13
    hub where branches will, for instance,
    interrelate, collaborate and interoperate,
  • 53:13 - 53:15
    if you like. But the branch server
    deployments themselves, they will handle
  • 53:15 - 53:20
    their own onboarding, if you like, but
    there is certainly some streamlining to be
  • 53:20 - 53:24
    done there. One of the things that comes
    up a lot is password complexity. We have a
  • 53:24 - 53:28
    very strict password complexity policy and
    that really frustrates people that would
  • 53:28 - 53:34
    like to name, would like to give the
    password the name of the dog, and the
  • 53:34 - 53:40
    year, maybe, at best. But you know, we
    really need to work on on finding a sweet
  • 53:40 - 53:44
    spot. We don't want to also have people
    going into arrest, forgetting to power off
  • 53:44 - 53:50
    their phone after following the encryption
    operational security guiding that we have.
  • 53:50 - 53:56
    And then their phone is, you know, face
    swiped into or something like this or
  • 53:56 - 54:00
    they're just tricked into swipe-unlocking
    the phone as happened in the UK and then
  • 54:00 - 54:05
    they're going to find their way into the
    platforms with best guess passwords. I
  • 54:05 - 54:08
    mean, who knows? We need to find a common
    middle ground, but also educate as to why
  • 54:08 - 54:12
    it's important that we use these platforms
    and in these ways and have passwords of
  • 54:12 - 54:16
    these strengths, etc.. It's an ongoing
    process.
  • 54:16 - 54:20
    Herald: I see the Interwebs has a
    question.
  • 54:20 - 54:24
    Signal angel: Someone in the IRC wants to
    know, why did you think it was necessary
  • 54:24 - 54:29
    to set up new infrastructure instead of
    using other radical tech infrastructures
  • 54:29 - 54:35
    like Riseup for example?
    Julian: Well, Riseup had, yeah, has its
  • 54:35 - 54:39
    own problems. We really wanted to go have
    community-run infrastructure such that we
  • 54:39 - 54:45
    can legally be responsible for that
    infrastructure, that we can say that it is
  • 54:45 - 54:49
    here for us and that if there is any,
    there's any attacks on that
  • 54:49 - 54:52
    infrastructure, we are in a much better
    legal position to be able to represent
  • 54:52 - 54:59
    ourselves from our operational
    circumstance and jurisdictional
  • 54:59 - 55:05
    circumstance. It was also very important
    that it's in Switzerland. Importantly, in
  • 55:05 - 55:10
    Switzerland, for Swiss data centers, you
    need to break the law in Switzerland
  • 55:10 - 55:17
    before there can even be a request for,
    say, a server seizure. And that needs to
  • 55:17 - 55:21
    go through the highest courts. This makes
    Switzerland a very, very nice place to
  • 55:21 - 55:25
    actually deploy server infrastructure for
    a civil disobedience movement. Riseup
  • 55:25 - 55:31
    simply doesn't meet it in that capacity.
    Herald: Thank you. Microphone number one,
  • 55:31 - 55:35
    please.
    Microphone 1: So my question was partially
  • 55:35 - 55:39
    responded already about the financial
    infrastructure you have. I know some
  • 55:39 - 55:43
    associations, but like, you know, they
    could afford a hundred bucks per year or
  • 55:43 - 55:48
    something like that, because that's so low
    and, you know, doing brilliant work. But
  • 55:48 - 55:53
    so it seems to me that you deployed tens
    of servers just for the V1. So what are
  • 55:53 - 55:58
    your initial cost? Could you lighten up
    that so that I can act back home? How do
  • 55:58 - 56:04
    you get the money initially?
    Julian: I installed almost all of that
  • 56:04 - 56:08
    infrastructure without receiving a single
    cent from extinction rebellion. And in
  • 56:08 - 56:11
    fact, I receive very, very little money
    from extinction rebellion now. And it was
  • 56:11 - 56:17
    only after burning through all of my
    savings from November to August, I burned
  • 56:17 - 56:21
    through all of my savings and ran myself
    financially into the ground, ended it
  • 56:21 - 56:26
    entirely on a gratis basis. And only then
    after that, I have a very small amount of
  • 56:26 - 56:30
    living expenses paid, which is really
    tiny, but just enough to cover my costs.
  • 56:30 - 56:34
    And I can make a lot of money deploying
    servers if I wish to for dreary NGOs etc.
  • 56:34 - 56:38
    etc., but I have dedicated myself to do
    this on the grounds that it needs to be
  • 56:38 - 56:43
    done and it needed to be done. Yeah. So it
    was actually free for the movement.
  • 56:43 - 56:57
    Applause
    Herald: Thank you for that.
  • 56:57 - 56:59
    Julian: Pleasure.
    Herald: Microphone number two, please.
  • 56:59 - 57:05
    Microphone 2: Right. You already mentioned
    that these server partitions are encrypted
  • 57:05 - 57:12
    at the data center. So do you have any
    other OPSEC mechanism in place? For
  • 57:12 - 57:16
    example, if these data center's raided?
    Julian: The data center can't actually, at
  • 57:16 - 57:20
    least without it being a breach of
    constitutional law in Switzerland, be
  • 57:20 - 57:31
    raided. But there, are there are some
    measures put in place for a switch-off in
  • 57:31 - 57:37
    the event. But I can't talk about that
    without putting other people on the hot
  • 57:37 - 57:41
    seat. Yeah, but it is it is all sorted.
    Yeah.
  • 57:41 - 57:46
    Herald: laughing Thank you. The Internet has
    another question.
  • 57:46 - 57:50
    Signal angel: Someone on the IRC wants to
    know, do you share the recipes for your
  • 57:50 - 57:56
    DevOps deployments? And specifically were,
    Signal and Wire difficult to set up?
  • 57:56 - 58:06
    Julian: Well, Signal is not so difficult
    to set up, but maybe it is easily confused
  • 58:06 - 58:10
    with the fact I mentioned the Wire server
    deployment. I'm in talks with Wire at the
  • 58:10 - 58:14
    moment. Does that make Wire about a server
    deployment for the movement such that we
  • 58:14 - 58:21
    can actually run our own entirely and
    again, write apps for that for that server
  • 58:21 - 58:30
    for use in the movement. But I think Wire
    and Signal, as far as an end user install,
  • 58:30 - 58:34
    it is extremely easy in getting them up
    and running. I think Signal has problems
  • 58:34 - 58:41
    obviously with the phone number discovery
    aspect. I mean, SIM cards, I don't know,
  • 58:41 - 58:46
    they're license plate numbers these days.
    I'm really quite a fan of Wire's non-
  • 58:46 - 58:52
    dependance on that. But as far as the
    blueprints are concerned, I really do hope
  • 58:52 - 58:59
    to write, as part of my self-obsolescence
    plan is to write a full documentation for
  • 58:59 - 59:04
    the server installs, for the for the post
    install ordering and such that I can be
  • 59:04 - 59:07
    handed over to someone else to do the
    deployments for me. And I think I have
  • 59:07 - 59:12
    actually found that person. That person
    happens to be German and very, very sharp.
  • 59:12 - 59:16
    So, I look forward to the possibility of
    publishing that at that point. But for
  • 59:16 - 59:20
    now, it's just a case of me doing the
    deployment, and then I sit down with
  • 59:20 - 59:25
    sysadmins for 10 to 25 hours and walk them
    through what that server is and how they
  • 59:25 - 59:28
    can sail that ship. It's how it's done at
    the moment.
  • 59:28 - 59:31
    Herald: Thank you. I think this is a call
    for participation, right?
  • 59:31 - 59:35
    Julian: It is indeed.
    Herald: Microphone number two, please.
  • 59:35 - 59:38
    Microphone 2: Is the Mattermost fork
    public available?
  • 59:38 - 59:43
    Julian: It will be, absolutely. I mean,
    it's just started. It's something that we
  • 59:43 - 59:46
    just kicked off. So hopefully, by about
    midyear, I think we might have something
  • 59:46 - 59:53
    that you could put into staging, maybe not
    production ready, but we'll see. Yeah, I
  • 59:53 - 59:55
    think it's gonna be great. And it's gonna
    be great for the community as a whole. I
  • 59:55 - 59:58
    mean, outside of extinction rebellion, but
    just those that would like an alternative
  • 59:58 - 60:02
    to Slack that doesn't have dumbed down
    team admin controls and has maybe
  • 60:02 - 60:06
    federation, if you really want to grow
    something really, really big. The sweet
  • 60:06 - 60:12
    spot is a folk Mattermost. I'm convinced.
    Herald: Thank you. Microphone number
  • 60:12 - 60:15
    three, please.
    Microphone 3: Why no digital civil
  • 60:15 - 60:19
    disobedience?
    Julian: Ah, yes, I can't talk about that,
  • 60:19 - 60:23
    but I'm very, very enthusiastic about it
    and have been engaged in that a little bit
  • 60:23 - 60:29
    here and there in the past. But yeah,
    electronic civil disobedience is, is very
  • 60:29 - 60:33
    close to my heart. And there's lots of it
    happening in the movement and it will be
  • 60:33 - 60:38
    in 2020, but I can't talk about that
    obviously, at all. Yeah. Would love to,
  • 60:38 - 60:42
    but I can't.
    Herald: So sad. Microphone number two,
  • 60:42 - 60:45
    please.
    Microphone 2: You're running a lot of
  • 60:45 - 60:48
    services with huge attack surface. What is
    the worst that could happen should your
  • 60:48 - 60:51
    infrastructure get compromised?
    Julian: With, services with what, sorry?
  • 60:51 - 60:54
    Microphone 2: What is the worst that could
    happen if your infrastructure is
  • 60:54 - 61:00
    compromised?
    Julian: Um, well, the branch servers are
  • 61:00 - 61:07
    entirely decentralized from the, from the
    organise.earth hub. Um, I would like to
  • 61:07 - 61:11
    think that it's highly unlikely that
    organise.earth is compromised, but if it
  • 61:11 - 61:20
    were to be compromised and I was not able
    to instigate a power-off event in process
  • 61:20 - 61:27
    or prior, then unfortunately it would be,
    there'll be access to large email, um,
  • 61:27 - 61:35
    registration information, largely, and our
    DB is database encrypted at the database
  • 61:35 - 61:41
    layer, but unfortunately if one has root,
    if one can privacy escalate to root, then
  • 61:41 - 61:46
    you would have access, potentially, to a
    decryption of the database. But there's
  • 61:46 - 61:55
    little we can really do about that. Um, if
    we find in 2020, let's say there is
  • 61:55 - 62:01
    encrypted by default. In other words, zero
    knowledge with OMEMO or with Riot
  • 62:01 - 62:06
    abstracted over Matrix and Synapse, well,
    hopefully Dendrite, written in Go. And it
  • 62:06 - 62:09
    is really performant and it can run six
    figure populations, it can support six
  • 62:09 - 62:12
    figure populations, then we'll absolutely
    switch to that and I will drive that
  • 62:12 - 62:18
    change and that time. But in the meantime,
    just use Mattermost for general team chat.
  • 62:18 - 62:22
    Everything else goes over Signal or Wire.
    That's how the movement runs right now.
  • 62:22 - 62:26
    Yeah.
    Herald: Thank you. Unfortunately, we run
  • 62:26 - 62:31
    out of time. Julian, would you be able to
    answer questions in the, uh, after talk?
  • 62:31 - 62:35
    Julian: Yes, of course. Yes, absolutely.
    Herald: So the offer, if you have
  • 62:35 - 62:41
    questions, come together, come to him and
    ask you questions. Julian Oliver, thank
  • 62:41 - 62:43
    you very much.
    Julian: Thanks, guys.
  • 62:43 - 62:44
    Applause
  • 62:44 - 62:49
    postroll music
  • 62:49 - 63:12
    Subtitles created by c3subtitles.de
    in the year 2020. Join, and help us!
Title:
36C3 - Server Infrastructure for Global Rebellion
Description:

more » « less
Video Language:
English
Duration:
01:03:12

English subtitles

Revisions