Human Rights

Centering Decentralization

"Oh great, another white dude from a western democracy going off about decentralization." I promise that I will not be hawking a crypto-currency or even talking about anything blockchain-related. Rather, I see the dramatic centralization of our online lives as a direct risk to an inclusive society, and want to talk about some of the real barriers we need to prioritize in untangling ourselves from this to anchor ourselves from drifting off into techno-solutionism.

Smaller, independent and even self-run platforms and communities don't magically solve all the problems, but I do believe that they can provide the best path forward. These decentralized and federated tools allow for (and actually require) community building, and in the (very) long run, they also have to align with human decency and empathy, if only because without that, they will slowly consume themselves.

De-platforming is censure not censorship.

This is part 2 in a series on the past, present, and future of the Internet. Read Part 1: "I Believe in the Internet"

"De-platforming" is a bad framing of an important concept. Not being able to find a company to make your presence on the Internet easy is fundamentally different from having a government actively blocking access to you. We should be asking why these companies are choosing to allow the use of their platforms for hatespeech, violence, and undermining democracy instead of asking why specific people or companies doing this are being "de-platformed", as if a right to free speech somehow guarantees also a right to a soapbox and a megaphone.

Let's take Parler's journey, but you could sub in Gab, 8chan, or a host of other extremist sites.

I (Still) Believe in the Internet

This is the first in a series on the past, present, and future of the Internet

I am a member of the forgotten gap-generation between Gen-X and the Millennials (Jillian York wrote eloquently on this almost a decade ago ). I didn't grow up "on" the Internet as a digital native -- I grew up alongside it.

My on-ramp started with dial-up access to local BBSes and eventually to the actual Internet at the time (USENET, Gopher, MUDs, and other now-mostly-dead systems), mostly accessed through a green-screen terminal via manually-typed in AT commands with a 2400 baud modem (or the 9600 baud one if you were first!). HTML itself, the base of the modern web, was just barely a project at the time, and the "World Wide Web" simply didn't exist. Being able to navigate via text screens the entire content of the local university's library (instead of getting a ride there and rummaging through a card catalog) was a game changer.

For the era, I had undeniably privileged access to the Internet -- which is to say that access to the Internet was itself inherently a privilege. This is a critical data point that gets lost in most rose-colored reflections of the Internet. That said, there was a strange undercurrent of makers, hackers, and this incredibly subversive belief in equality, collaboration, and sharing. With a huge caveat around its lack of diversity, the Internet did provide for a brief shining moment a safe space for people - awkward nerdy teenagers like me - who didn't really fit in but could find their way online. It was a ramshackle and weird community of MUDs and newsgroups and IRC chat channels and home-cooked bulletin boards. The Internet I knew was built and staffed by people who had previously run 3-line dial-up BBS systems and avid, if lost, volunteers who'd found a home and a family.

The modern Internet may seem like it still provides this, but instead of encouraging unity and positive support, it seems to excel instead at division and hate. What has happened, and how can we change course?

Re-factoring the Crypto Debate

The Carnegie Endowment for International Peace is hosting a working group to move the crypto debate forward by adding two valuable dimensions to the conversation. The WG added use cases to more capture concerns of various stakeholders and defined its technical scope, selecting a specific point to engage in this debate (around the ability to break encryption on mobile devices under the physical control of national law enforcement, but not in-transit or, theoretically, remote device access).

That said, I find the report and its use cases dangerously US-centric; ignoring the role of authoritarian states and how even this tightly scoped debate would put human rights defenders, activists, and advocates for change in these places at risk. The use cases include a wide variety, but exclude the use cases of authoritarian, state-level actors and also exclude activists who will be targeted with technologies that break end to end encryption guarantees.

We need to look beyond markets to how crypto regulation advances or undermines long-term goals around democracy and human rights around the world. "Exceptional Access" or however we frame it will be used against human rights defenders - either directly, or through pressure on tech platforms to provide equivalent access to states we might consider authoritarian. It may be a bitter pill for the law enforcement groups who seem themselves as the good guys fighting human trafficking and other horrible crimes; but promoting e2ee to encourage and protect opening civil spaces, more safely confronting corruption, and sustaining democracy could be a bigger win on a long-term, global level.

Entropy Story-time: From Claude Shannon to Equifax

There's an piece floating around that does a great, succinct job at summarizing Claude Shannon's contributions to our modern understanding of information. If you haven't read The bit bomb on Aeon, head over there. It'll make your brain happy with things like this:

"Shannon – mathematician, American, jazz fanatic, juggling enthusiast – is the founder of information theory, and the architect of our digital world. It was Shannon’s paper ‘A Mathematical Theory of Communication’ (1948) that introduced the bit, an objective measure of how much information a message contains."

The article digs deep into how easy it is to predict things - especially language. It ends up focusing on the power of pattern detection in being able to compress information:

"Shannon expanded this point by turning to a pulpy Raymond Chandler detective story […] He flipped to a random passage … then read out letter by letter to his wife, Betty. Her role was to guess each subsequent letter […] Betty’s job grew progressively easier as context accumulated […] a phrase beginning ‘a small oblong reading lamp on the’ is very likely to be followed by one of two letters: D, or Betty’s first guess, T (presumably for ‘table’). In a zero-redundancy language using our alphabet, Betty would have had only a 1-in-26 chance of guessing correctly; in our language, by contrast, her odds were closer to 1-in-2. "

Let's talk about PGP

I've been working on a new way to explain email encryption; I'd appreciate feedback on this approach. If you're looking to try email encryption out - buy me a beer (let let me buy you one) if we're in the same place, or check out the usable, in-browser work by Mailvelope.

New GPG Keys! Jon Fri, 11/11/2016 - 14:29

I am transitioning both my professional and personal GPG keys. This transition document (in full, below) and both updated keys are signed with both old and new keys for both personal and professional accounts to validate the transition.

In short:
[email protected] - new keyID 270C17F1
[email protected] - new keyID FDDB8C25

If this is all greek to you, GPG (or PGP) is a way to encrypt your email so that only other specific people (who must also be using GPG) are able to read it. While we think of email like regular mail, with a level of privacy like something in an envelope, the reality is that it's better to compare it to a postcard. If you're interested in getting started, I highly recommend EFF's excellent PGP guide, and Mailvelope is a super-easy browser plugin to help get you started in more secure webmail (it works great, for example, with gmail).

Cylons, Open Source, and Security Jon Fri, 10/07/2016 - 10:06

The Lock-in / Break-out Cycle

"This has all happened before. This will all happen again." - a refrain from the rebooted Battlestar Galactica science fiction series that is painfully accurate in the software world. This is not always ideal, but it is reality.