So I was checking some dates on old posts and came across a link to an article in Slate talking about the Madrid bombings which picked up a blog post I’d written:
“Cataspanglish at Slow Spainremembers the grim day three years ago: “Students of the company where I was teaching in Tres Cantos were on some of those trains that were blown up and that day and the days and weeks that followed were completely surreal. I was living in Lavapiés and the world’s press and secret service agents were virtually camping outside my door. I had lived the IRA campaigns as a school kid but this was far bigger and on my doorstep and watching the events unravel was one of the strangest times of life. I had to get back on those trains the following week and like many others, I didn’t have a happy ride.”
The event aims to gather people from the Greater Region SaarLorLux and will be held in English, French, German and, of course, Luxembourgish!
Privacy is a fundamental human right. It is recognized in many countries to be as central to individual human dignity and social values as Freedom of Association and Freedom of Speech. Simply put, privacy is the border where we draw a line between how far a society can intrude into our personal lives. From Why Privacy Matters of the CryptoPartyHandbook
Make sure everyone learns something, sharing knowledge and empowering people to protect their privacy in the digital domain.
It is very important that you leave the CryptoParty with tools you can use on a daily basis, and explain to your friends how to do it too. All the attendees should come with device(s) where they want to install tools.
The Luxembourg CryptoParties are intended for everyone; no prior technical expertise or knowledge is assumed. Crypto geeks please come along and help us out!
“sysadmins are the secret masters of the universe, and they keep your life running.” says Cory Doctorow, writing about his short story, “When Sysadmins Ruled the Earth“. A post apocalyptic tale where the aforementioned sysadmins are the unlikely heroes, I was introduced to the comic book version on my phone by the Doctor @pdavenne, in fact a comic book was the only way I was going to read about bloody sysadmins.
As I take more resposibility for where my online stuff is located, who can get access to my data, my operating system (windows > OSX > Linux), I’m constantly having to learn new things, and just as moving to Linux was inevitable for idealogical reasons, it follows that the only way I’ll be “happy” with using a server is when I’ve got full control over it. I’m lucky to be surrounded with incredibly smart people who can, and often do, do all this stuff for me, but it’s my stuff and my responsibility.
Many free services that people have been depending upon in recent years have been shut down, sold off, change their terms & conditions without consideration for the user or are simply cases of digital sharecropping. The latest, greatest, ones of course being Google announcing the closing of their popular RSS Reader service, Twitter buying Posterous and shutting it down, and Twitter (again) changing the use of their API which will effectively destroy many of the 3rd party services built on it which contributed so much to popurlarisng it in the first place.
So I’m pretty much done with sharecropping for these companies – so much of what I do, of what everyone does these days, is on a server somewhere out there, surrounded, as Julian Oliver often points out, “by guns, dirt, tax and shareholders”. It’s time to take control of that server and skill up.
As a firm believer in the stupidity of the nation state concept I had long argued against the use of country specific domain names, supporting genereric top-level domains (.com, .org, .net etc.) instead. After all, wasn’t this the great promise of the internet, something that existed above the ridiculous borders created on this tired old planet?
But the other day I found myself investigating country specific domain names for a new site. Which is the best, the safest – the country with the best record on, and best legislation for, protecting my rights of freedom and privacy?
“First of all, I wanted to get out of the USA domain-name hegemony. Recently the US has been increasingly flexing its legal muscles internationally. It is now claiming global dominion over all the old domains originally set up in its territory: .com, .org, .net, .info, you name it.
And it does not matter if you are are a citizen of another country, living in another country, your website is hosted on another country’s servers, and you have nothing whatsoever to do with the good ol’ US of A: if you use one of these domain names, the US government can pull the plug on your site, with no warning and no redress. This has already started to happen.
So I am now safely ensconced in Switzerland — notably the only country not to take down the Wikileaks website in 2010, despite massive global push-back from the US et al. Switzerland still seems to be taking basic human rights seriously.”
So sadly I’m weighing up whether Holland (where the ChokePoint Project and the Rudi Bloemgarten Foundation are based) is a better option than Switzerland and resigning myself to the fact that shortly I’ll have a new site located in some nation state somewhere.
Here is the summary of the presentation, written by the workshop team, which provides a good overview of the Project (the presentation slides are here).
ChokePoint Project – Ruben Bloemgarten
Ruben Bloemgarten presented the work of the Choke Point Project trying to address similar issues to those of the ECSA platform. Ruben noted the importance of timing, as old information was said not to be actionable anymore, therefore being essential to determine the kind of information that can be provided and to identify who can supply information.
Mr Bloemgarten noted that there were three main spheres of organizations and data types: first, a technical sphere generating measurement data (network activity generated, network topologies); second, a legal one including jurisprudence; and third, reporting organizations with direct information of the impact of both previous spheres on the ground.
He clarified that data was not equal to information, so for the purpose of the talk data should be considered machine readable, while information should be considered human readable. Therefore a data broker would be necessary to collect and transform information into data and vice versa. He further pointed out that data needs to be homogenized in some format so that comparative analysis can be performed and that the output (quantitative or qualitative) obtained can be used by other existing projects.
Concerning the access of users to the platform, Mr Bloemgarten stressed that when new information was generated and could be communicated to third parties, different layers of access might beneeded. One can allow access of technical users to raw data and access to non-technical users to a more global set of bits of information.
He moved on highlighting a series of requirements that an ECSA-like platform should consider in order to be functional: there cannot be trust without verification and he argued that the platform needed to be open. Second, potentially dangerous data could not be part of the system and therefore anonymization of raw data or removal of classified information must happen at the data source provider, before entering the system, as it is complex to segment this information once is part of the aggregation and processing and can potentially cause harm.
Mr Bloemgarten came to the end of his presentation clarifying that the ChokePoint Project had different tracks, measuring connectivity of regions based on Measurement Lab data or cooperating with the partner Digital Rights Watch for all what concerns the track on legal developments, as well as with other partners to avoid duplication and to incorporate diverse expertise to the project.
– CryptoParty is a global, self-organising movement of peer to peer learning about how to protect the “basic human right to Privacy in networked, digital domains.”
We wrote a handbook in a book sprint
book sprints are a good way to get a collaboratively written book out in 3-5 days
The Long Version
What is CryptoParty? Interested parties with computers, devices, and the desire to learn to use the most basic crypto programs and the fundamental concepts of their operation! CryptoParties are free to attend, public, and are commercially and politically non-aligned. CryptoParties are absolutely against sexual harassment and discrimination.
Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn’t want the whole world to know, but a secret matter is something one doesn’t want anybody to know. Privacy is the power to selectively reveal oneself to the world. ~A Cypherpunk’s Manifesto by Eric Hughes, 1993
Party Like It’s 1984
The CryptoParty Handbook introduction “A CryptoParty History: Party Like It’s 1984” sez that:
“The CryptoParty idea was conceived on August 22nd 2012 as the result of a casual Twitter conversation between information activist and Twitter identity Asher Wolf and computer security experts in the wake of the Australian Cybercrime Legislation Amendment Bill 2011.
As someone with a long history of participation in peer to peer knowledge acquisition and having experienced the hard learning curve of luddite to needtobe cryptogeek through my involvement with the ChokePoint Project, the CryptoParty seems a perfect vehicle for getting non-geeks up and running with needed tools whilst breaking down some of the barriers between “geeks” and “users” at the same time.
Every CryptoParty has its own style and I’ve only been to the ones in Berlin but one thing that became clear very early on was that things had to be made accessible for the average computer/mobile phone user. To this end “The CryptoParty Handbook was born from a suggestion by Marta Peirano and Adam Hyde after the first Berlin CryptoParty, held on the 29th of August, 2012. Julian Oliver and Danja Vasiliev, co-organisers of the Berlin CryptoParty along with Marta were very enthusiastic about the idea, seeing a need for a practical working book with a low entry-barrier to use in subsequent parties.” https://cryptoparty.org/wiki/CryptoPartyHandbook#V1.0
In a book sprint a bunch of people get together to write a book in 3-5 days with a facillitator and, hopefully, no distractions. I’ve increasingly been thinking this is the only way to get things done in networked working so was intrigued to find out myself. The facilitation role is really important and we were lucky to have book sprints founder Adam Hyde to guide us through the process and make great food to keep the writing inspiration flowing.
We already had a lot of material in the “How to Bypass Internet Censorship” & “Basic Internet Security” books previously produced in other sprints, so the main job was to give context to a lot of it and bring it up to date. Things move fast in the tech world and legislation, and more importantly the interpretation and use of that legislation around networked communication, struggles hard to keep up and is subject to the force of political and commercial interests. For example, no one would have imagined how the use of email legislation would have been brought into the spotlight by the Petraeus affair between version 1.0 and 1.1 of the handbook.
Usually book sprint collaborators are working together physically, but due to nature of this particular beast, there were remote contributors too . We were creating the book using booktype and the interface has a chat feature, so between that and IRC it was possible to accommodate remote contributions and the whole book was being forked on GitHub (meaning another editable version was created on a popular code-sharing site) as it was being produced.
Plenty of information about the mechanics of book sprints can be found here – I found the experience to be a practial way to focus on a project and produce something in a limited timeframe. The main problem with creating a tech based book is the question of who is going to take responibility for the all important updates? In this case, it seems like the community around the book on GitHub are taking that role.
So, at the end of the 3 days the book was released:
“This 392 page, Creative Commons licensed handbook is designed to help those with no prior experience to protect their basic human right to Privacy in networked, digital domains. By covering a broad array of topics and use contexts it is written to help anyone wishing to understand and then quickly mitigate many kinds of vulnerability using free, open-source tools. Most importantly however this handbook is intended as a reference for use during Crypto Parties. It is being continuously developed.
WARNING! – Due to the rapid development of the Handbook, as well as lack of rigorous peer review, there may be advice within that does not guarantee your safety. As always, be vigilant! This is version 1.1 Each version of the book will improve upon the last, if you find any errors, please contribute your suggested changes.”
Techno-Activism Third Mondays (#TA3M) is an informal meetup designed to connect techno-activists and hacktivists in different cities who work on or with circumvention tools, and are interested in anti-censorship and anti-surveillance tech. It began in New York.
Networking opportunities for people in the techno-activism and circumvention tools communities.
Provide individuals with space for collaborative problem solving, to meet new friends, and recruit for projects.
Introduce newbies into the community so as to diversify the circumvention tech community.
I organised a meetup yesterday at the excellent co.up coworking space to see what is going on in this field in Berlin. The event was held on the same freezing snowy night that Neelie Kroes was scheduled to speak in the city (finally she couldn’t get here because of the “inclement” weather!), so it was an intimate reunion which attracted peeps from Tactical Tech, and the engine room. We had a good discussion about where the possibilities of #TA3M, speakers to invite and the local situation with regards to techno-activism.
Recently I had the great pleasure of making a small contribution to Border Bumping – “a work of dislocative media that situates cellular telecommunications infrastructure as a disruptive force, challenging the integrity of national borders”, by Julian Oliver.
I first met Julian in Linz last year at Ars Electronica where he and Danja Vasiliev were picking up the Golden Nica for Newstweek, and after talking to him for 5 minutes I had the sensation I was talking to somebody from a William Gibson book.
Julian explains the project in the following way on the Border Bumping site: “As we traverse borders our cellular devices hop from network to network across neighbouring territories, often before or after we ourselves have arrived. These moments, of our device operating in one territory whilst our body continues in another, can be seen to produce a new and contradictory terrain for action.. Running a freely available, custom-built smartphone application, Border Bumping agents collect cell tower and location data as they traverse national borders in trains, cars, buses, boats or on foot. Moments of discrepancy at the edges are logged and uploaded to the central Border Bumping server, at the point of crossing. For instance: a user is in Germany but her device reports she is in France. The Border Bumping server will take this report literally and the French border is redrawn accordingly. The ongoing collection and rendering of these disparities results in an ever evolving record of infrastructurally antagonised territory, a tele-cartography.”
As I spent most of last summer bumping into borders, travelling on the TransEuropeExpress, I had already become aware of this situation, especially crossing and re-crossing the Benelux countries. It also brought to mind the fascinating essay by Eleanor Saitta, Transnationality and Performance which begins:
Last week I crossed an international border to install an application on my cellphone. That wasn’t the nominal purpose of the trip, but if we step back from our understanding of internationalization and international copyright law, that interaction between border crossing and the performance of an effectively physical act is almost surreal. More surreal is the possibility (I can’t now check) that I could have simply traded my Icelandic SIM card for my American one and have effectively, virtually, performed that border crossing.That particular pseudo-border is one I’ve been crossing regularly this month. My phone can speak GSM over Wi-Fi, instead of the cellular radio — a feature intended by T-Mobile (the US representatives of a German semi-state entity) to cheaply solve the problem of inadequate coverage at the rural borders of their network and in pockets of urban radio-invisibility. In my case, though, it means that I can trivially make my phone believe temporarily that it’s on American soil, and have calls billed appropriately.Of course, I could actually be on US soil here — the American embassy, whose grounds are legally recognized as such, is just down the road — but my phone wouldn’t notice the difference. Likewise, somehow Roger’s cell towers near the US-Canada border are much stronger than the AT&T or T-Mobile towers; my phone always crosses the border long before I do.
For Border Bumping, Julian asked me to do some research into cell towers, especially so-called “stealth” towers and build an archive mapping them. Sounds simple, huh? But just as we found when we tried to map Internet connectivity for the ChokePoint Project, reliable publicly available information on the geolocacalisation of cell towers is actually pretty hard to find. The situation isn’t helped by the fact that mobile service providers aren’t obliged to provide information as is shown in this statement from the Sitefinder – Mobile Phone Base Station Database website of Ofcom, the Independent regulator and competition authority for the UK communications industries:
Sitefinder was set up as a result of recommendations of the Stewart Report in 2000. It is a voluntary scheme under which mobile network operators make information available on the location and operating characteristics of individual base stations, so that people who wish to inform themselves about this can do so.Ofcom hosts the Sitefinder tool on behalf of Government, which can be searched for the location and details of mobile phone base station sites around specific locations. The data within Sitefinder is owned by the mobile network operators, who supply it on a voluntary basis. A request made under the Freedom of Information Act 2000, for Ofcom to make available the information contained within Sitefinder, is subject to an ongoing legal process. Meanwhile, the mobile network operators (except Everything Everywhere) continue to provide voluntary updates which are made every 3 months or so.The Sitefinder tool therefore remains available and reasonably current (except for Everything Everywhere sites); meanwhile Ofcom will not release the underlying database pending the outcome of the legal process.Ofcom cannot accept liability for any inaccuracies or omissions in the data provided within Sitefinder, or its currency.
Consequently finding information to build the database involved a lot of sniffing around online. Fortunately there are cell-tower nerds out there who go out and map this stuff but there is no coherent set of criteria that everyone uses.
The initial Border Bumping archive can be found here