(You may well want to read the two previous blog posts which go along with this one to understand the whole mindset behind this piece, but that’s about 6K words total, so… On Undesigning the Cryptographic Utopia and On the Ethics and Pragmatics of Cryptography)

So here’s a problem to solve: peer caching of HTML5 video objects. I’ve got a few of these: the #TRUTHandBEAUTY video archive. Suppose that the Jamais Cascio talk on solving global warming with Geoengineering goes viral? I’m hosting 500mb of files, multiplied by 80,000 viewers, that’s 40,000 gigabytes, 40 terabytes. I’m not sure than when Dreamhost says “unlimited” they mean 40 terabytes unlimited. So I could move them to Archive.org, but that file is CC-BY-SA-NC. Vimeo and Youtube and Blip won’t do such a long file, and advertise all over everything in some cases, so… let’s just say hosting this stuff myself is the current paradigm, and hoping that people who Slashdot also mirror.

Now, why is this a crypto problem? We can’t reasonably expect every human to make a legal assessment of every file they want to help host. It’s simply unreasonable: the transactional overhead of examining every file for Copyright and (by god) even Patent infringement is too great for Youtube and all the other Common Carrier services, like your ISP, and it’s too great for you and me. But not having savage lawyers fighting on our behalf, we have to try something different.

Question: is an encrypted file that I cannot read copyright infringement if another person downloads it and decrypts it into a copyrighted file on their machine? What if I have absolutely no idea about the contents? How far do we have to push this argument (say I’m only holding 1/8th of the bits?) before we wind up with a “no infringing files here, Officer” cache? We can legally design this. Google might even help.

So now I’ve got my 500mb .ogg file. I have a utility which cuts it into some set of known-safe sections. In my case it’s a .ogg which is OK to redistribute, but even if it was copyright infringing, it’s all OK for now because we’ve cut it into non-infringing lumps and stored them too. We’ve probably doubled our file size in the process, but we’re going to live with that problem for now. So your web browser is the next obstacle.

You download the .ogg – no problem. I’m getting hammered, rather than serving you the .ogg, I want to be able to serve you a redirect. I don’t just want to serve you the redirect, though, I want to serve you a metadata file which your browser turns into a “go git ‘em” strategy not unlike a politically sophisticated Bittorrent. Now this implies a browser plug-in or a proxy that sits on your machine and grabs URLs of the format http://cache.cache/

These are not evil pieces of software to write, particularly after Bittorrent, so let us continue down this path.

Let’s assume, for a moment, that caches are social and work like currency. I have 10 or 100 friends. They have web sites. They set up a subdomain, cache.yourname.com, and a robot sits there. If my site (and not somebody else’s site) pushes a file over there by HTTP with appropriate passwords, the cache robot takes a non-infringing set of files. On request it returns them by HTTP, as it would any other file, up to a preset limit between us which is likely based on your web host’s policy, your degree of good will towards me, and how much traffic you’ve seen so far.

If you’re particularly well-intentioned you have 10 or 100 friends, and if my file is really, really moving, you ping them and ask if they’d be willing to carry a slice of the file. And, after all, you have no idea what’s in it, and in fact whether it originated on my web site, or whether I was simply carrying a cache file for somebody else, and decided to spend a little of my capital with you by passing on this slice of popular content to you.

It’s a little like Bittorrent, with a couple of key differences.

1) You don’t know what you’re carrying because it’s hacked up into lumps (Freenet-ish)

2) The social network of people sharing cache responsibilities is hardcoded, it’s a social/trust network, rather than being the swarm of people currently downloading a file.

These are politically rather than technically important distinctions, and we’ll get to the reason for making them later.

So now we’ve got a METADATA format, and a simple protocol for moving LUMPs of files across the network to be served by cache robots. Robots presumably have half a dozen or so operations, roughly:

* catch a file
* ask a neighbouring node to cache a file
* serve a file (actually this is probably just HTTP via Apache or whatever)
* expire a file that we don’t want to serve any more
* manage bandwidth (“no more files this month”)
* communicate status to various humans and robots

Now, let’s discuss liability again.

Let’s say we’ve moved beyond mere copyright infringement, and we’re dealing with CP. So now we’re in a domain where even holding a chunk of something, and simply saying “got no idea, gov” is not enough – it’s morally repungant to be aiding and abetting in the distribution of CP, and even if we’ve got a technically legal system, these people can fuck right off. We want to put heads on poles here, and we’ll help the police to get the job done. So our fully-anon system where blocks are being pushed around an (encrypted) network all on their own suddenly isn’t good enough. It might be technically fine, within the limits of its lack of sophistication, but it’s politically inadequate. There’s a very basic atomic operation missing: get that motherfucker!

So let’s take a look at this again. I need to know who is distributing these files. But I must not know what’s in them, because I’m a Common Carrier and only carrying a chunk to protect myself from some kinds of liability.

This is a job for crypto. Specifically, this is a job for Secret Sharing and Digital Signatures. And possibly zero knowledge proofs. Now this is a proper-hard protocol design question, but let’s think through the political level first, then get technical.

* I’m hosting a non-infringing lump of something
* There’s a METADATA file which names all the lumps required to assemble FINAL file.
* The METADATA file includes a decryption key for this final file.

Now, what I need to know is that this METADATA file exists (or the lumps I’m holding are useless) and that it’s VALID (in some political sense). But I don’t want to see it, and I don’t want my ROBOT to see it, to avoid liability. In fact, I might even have a defensive-driving script which autorefuses to store both the METADATA file and a LUMP file.

So how’s about we don’t touch anything which doesn’t have a METADATA file with some kind of credentials. Ah, but we don’t want to see the METADATA, so what we need is a SIGNATURE or something like it for each lump.

“No, officer, I don’t know what this is – in fact I can’t know what this is, but I accepted it based on this credential, and since you’ve proven to me (by the digital signatures) that it’s actually CP, and you have a warrant, have… SOME INCRIMINATING DATA ON THE AUTHOR.”

Ok. Promising. So I have a list of known-good digital signatures, and I accept a LUMP which is signed as known-good by them, and if something goes wrong, I point at… hm… no. No good, because we’ve broken ANONYMITY as a goal state. Try again.

Now, ANONYMITY is a problem. I want to get these CP peddling mofos as much as you do. What I really want is PSEUDONYMITY and REASONABLE COURTS. I want stuff like SOURCE PROTECTION for journalists. I want to know, for sure, that if this person is evil me and my friends can reveal their identity in a legally binding form, but I don’t want to be pressured into doing that.

This is Zero Knowledge Proof territory, perhaps. So let’s examine a protocol.

=== PROTOCOL BEGINS ===
1) We meet, and I agree I’ll take a share of your Secret Identity.
2) I don’t want sole responsibility for this, no sir, so we’re doing this Jury Style – a committee of 12 of your peers, or 15 because this is the internet and people are flakes.
3) We’ve got two technical assets – Secret Sharing (e.g. gfshare or ssss in Ubuntu) and zero knowledge proofs.
4) Brute force: You take your passport, and you show it to the 12 of us. You then take your laptop and prepare the following.
4.1) a PNG of your passport, and a digitally signed legal document asking us to act as a JURY and turn it over to relevant authorities under a set of conditions (this akin to a legal escrow agreement, or a will)
4.2) This file split into 15 pieces, of which 12 enable recovery, or some similar scheme.
4.3) You prepare 100,000 sets of 15 files.
5) We agree on 99,999 sets of these files, and check (by recombining parts) that they, indeed, sum to your Identity. Ideally we’d like to do this in a clever way which prevents us seeing YOUR IDENTITY but still proves it was in there, but that’s a Hard Problem, so we’re going to accept that we’ve seen your identity.
6) If 99,999 files were legit, there is an extremely high probability that file 100,000 is legit. Again, consult the Zero Knowledge Proof literature for ways of doing this in a few dozen turns, not 100k turns, but we’re thinking this through in brute force terms.
7) I now have a share of your identity, which I have excellent reason to believe is you I can’t prove that it is you without 11/15 others helping me. We’ve locked your identity where we can’t get it (assuming that we really did delete those other shares…)
8 ) Everybody involved now signs each of these shares, blind signatures (i.e. of the hash, not the file) and signs your key with those blind signatures.
9) We have now legally and technically escrowed your identity – this committee of 15 people knows who this individual is, for sure, but only 12/15 of us in agreement can legally prove it
10) I can now take this document to escrow brokers of other kinds and use it to generate, for example, PSEUDONYMS (subsidiary keys) with any given of security or reliability.
11) Let’s call an identity like this an ESCROWNYM. An ESCROWNYM creates PSEUDONYMS, because the intermediary generating the PSEUDONYM keeps a copy of the ESCROWNYM document, possibly split in shares etc. as illustrated, and all legally binding like.
=== PROTOCOL ENDS ===

Congratulations. You’ve just re-invented Jury Trial, more or less.

Now let’s go back to our file hosting problem.

I REQUIRE any content that I am hosting to be backed by an ESCROWNYM which is backed by a Nation State passport. But because Nation States are being pathological bitches right now, most smart people prepare one of these ESCROWNYM documents backed by SIGNERS in 14 jurisdictions, including hard-to-navigate spaces like Iceland, Russia, Sweden, Palestine, South Africa and so on. And, of course, people signing these ESCROWNYM documents are actually often using ESCROWNYMs to sign them – we have an absolutely solid chain of legal responsibility here, to named individuals identified by their Nation State identity documents, but the overheads of FORCING these individuals to reveal the identity of a person behind such an ESCROWNYM are genuinely formidable.

But if I get a PSEUDONYM-signed file, tracked to a Known-Good ESCROWNYM (i.e. the pseudonym generated by a service I trust, such as a reputable City of London legal firm), I’m comfortable hosting it. Because IF it turns out that I’m hosting a share of a CP file, or nuclear bomb making instructions or something, I’m absolutely sure that either the Person Who Made This Data, or the Persons Protecting Them, can be made fully and legally transparent.

Now let’s stop and think about that for a moment, maybe take a breather.

=== breath ===

=== breath ===

=== breath ===

So I’m hosting a file on my machine. I’ve digitally signed it with a PSEUDONYM backed by an ESCROWNYM and now I’m getting slammed because the file is Very Popular. My network of buddies take the LUMPs of the file that I have prepared (and signed) and carry them, and people coming to my site get served a tiny METADATA file which tells them what the LUMPIDs are to reconstitute the file, and the decryption key. In the event that the file allows, for example, comments or modifications at a later date, the DECRYPTION KEY is actually a PUBLIC KEY, which can be used to decrypt the METADATA for future versions of the file.

Hm.

This isn’t really very technically sophisticated, is it?

You know, if we were just a bit more technically sophisticated, I bet we could generate PSEUDONYMS from an ESCROWNYM automatically. That’s something along the line of blind signatures, or some of that tricky Chaumian stuff which is typically used on digital cash. You sign my ESCROWNYM and, at the same time, 1000 PSUEDONYMS which you never ever see, not even for a moment. Yes, there’s tech for this, no, I don’t understand it well enough to know exactly what the edge on that envelope is – I’m a cryptographic applications designer, not a cryptographer or cryptologist, and there’s a big, big difference. Trust me on this: past a certain point, cryptosystems and algorithms are black boxes to me. But I can think about code and politics at the same time, and that is useful. Bear with my technical limits.

Now, what I’m proposing here is obviously a socially-networked anonymous publishing system with full legal and community accountability. PSEUDONYMS backtrack to ESCROWNYMs backtrack to IDENTITIES through a series of nestled processes. You can see a version of this thinking, assuming (ahem) trustworthy Nation State and International Organization actors in CheapID (which, let us remember, was produced for the Office of the Secretary of Defense with the US National Security Agency doing the technical oversight.)

But my faith in the Nation State’s trustworthiness has been shaken so much by #NDAA and the legalization of indefinite detention without trial in America that I’ve been forced to go back to the drawing board.

Don’t blame me: I’m trying to preserve the existing rights and freedoms of our societies, things we all voted on, things we all agreed, things that have been historically Known Good for hundred and hundreds of years in many cultures. This is not vagabondish Cryptoanarchy and end-running around taxes, this is right to a trial by jury in a digital domain in a situation where, alas, jury trials are being denied to people by their governments.

Now, do you understand my lines, and what it means when The State crosses them? I am FUCKING SERIOUS about the Free Society, and I’ll do what it takes to defend it.

Let those with ears hear me: civil rights, and the democracy that arises from them, stay, at the point of a sword if needs be. I am not easily provoked, but I know the history of the Holocaust, of Stalinism, of Maoism, of Pol Pot, and yes, of Vietnam and El Salvador and all the rest well enough to know one thing.

None of us are safe from a government which has breached Habeas Corpus and claimed a Global Jurisdiction. I did a pretty good analysis of this kind of Transnational Sovereignty stuff a few years ago (for the DoD), I know the terrain, and I believe I understand the Bush-Cheney-Rumsfeld-Rove-Feith type thinking behind it pretty well.

I’ve drawn a line in the sand here. I know how dangerous cryptography is: when they said “munitions” they meant it. I’ve stayed scrupulously clean, out of the field, for years, while friends of mine went off and did things like Wikileaks and Openleaks.

I don’t even use encryption in my personal life – I don’t use PGP, I don’t use GPG, I don’t use OTR, I try to avoid using Skype because I do not want any TLA (three letter agency) worrying about what’s on my mind. I keep all my shit in Gmail, for god’s sake.

But, seriously, this shit will not stand.

If I have to actually build prototypes, hell if I have to build a team with diverse skills and actually build a working system for a properly secure, legally and politically sophisticated global protected publishing system, I will. I’m hoping to inspire people younger, sharper and more technically capable than me to ask the right questions of the cryptographic applications they may be writing right now.

But if it comes to it, I think I’m smart enough to evade making most of the mistakes made by other attempts to solve this problem, and I’d point to the dents I’ve put in certain other intractable problems as evidence to that effect.

I don’t want to go down that path, I have many other things which call for my time, but I’m here for civil rights, and if I have to fight for them, I’m not going to make the mistake of bringing a knife to a gun fight.

If we have to take back the internet one byte at a time, line by line, network by network, wire by wire encrypting everything as we go, building new jurisdictions in which the antient Rule of Law is observed, so be it. We have agreed on these laws, they are in the Constitution of the United States of America, and no mere Law or President may abrogate them. They are in the laws of Great Britain. They are present in the Constitutions, Laws and Practices of nearly all countries.

We need to start building Jurisdictions which respect free speech, including political free speech, but do not violate other Common Law. We need to obey basic rules in these Jurisdictions to protect them from shutdown by the State on the basis of copyright infringement or similar crimes, including distribution of terrorist materials, CP and similar.

The internet is not going to police itself. If we do not do it, the State will, and right now, the State is in really serious danger of going right off the cliff into Fascism, at least in America.

There are rules. Governments must obey them, even the Americans. Liberty will not be lost.

Not on my watch.

1. Because the Media are owned by Corporations who we wish to Police using the power of the State which they have Suborned using the gutter press and requiring political advertising in elections.
2. Because the Internet Service Providers are Tightly Aligned with Copyright Holders who are tightly aligned with the Media who Suborn the State as above.
3. Because with current technology, one must choose between Freedom of Speech (including the ability to repeat previous utterances, which may or may not be Copyrighted) and Enforceable Copyright. We do not know how to do both.
4. Because Anonymous Free Speech is a critical part of Democratic Participation in Contested Societies, which is all of them if you are (for example) politically radical or queer in ways which are oppressed.

So let’s nail down a few basics. In the previous post on the ethics and pragmatics of cryptography I fleshed out some of the political background. Now let’s have a think about system design in terms of things such a system MUST do, and things it MUST NOT do, as well as a few desirables.

Let’s start with a few very basic notions.

1. We’d like to build infrastructure which worked like HTTP or (better!) NNTP or SSH or even GIT – useful, extensible, general, logically deep but simple to implement – protocols and platforms, not applications if you like.
2. We’d like to support four primitive operations:
   1. Create
   2. Read
   3. Update
   4. Delete, and two additional operations
   5. Link/Reference and
   6. Blacklist

   I will explain Blacklist in a moment.

3. As noted, anonymous free speech is necessary for political reasons, and is our primary goal in this matter.

So now let’s talk about identity. There are only two real kinds of identity: biometrics and biographies. These expose us in totally different ways: biometrics put a name to a face on the street. Biographies allow association of a single fact (“car license place XXXYYYZZZ”) with the rest of our story. The worse case is Biometrics tied to our Biographies which allows the merest sight of our face to be correlated to everything about us in the files, including errors, omissions and politically-motivated hate speech. CheapID addresses with problem with an axe: it forcibly separates Biography and Biometrics, gives one to your Nation State government, and the other to the United Nations, and uses Sheer Evil to protect the cryptography which prevents the two colluding.

Right now, The State mainly identifies us using Biographies. Credit ratings etc. are also Biographies. It’s worth noting that under current law you don’t own facts about you, you can’t make people (a company) forget what they know about you, and these profiles are casually interlinked to form pervasive information resources about us. They may know us better than we know ourselves in some areas, say spending habits.

So let us consider a few more points of background.

1. We have some customary rights, such as more or less everything you can do with a pencil and paper is legal.
2. Computers and public key cryptography are a bit different from pencils and paper in that they implement very efficient mass duplication and some other interesting atomic operations like digital signatures.
3. In most cases, digital messaging is going to require using the machines of people we do not control to carry our traffic, whether they are peer intermediaries or internet service providers.

Now, that heavy thud noise is the absolute obviousness of our problem: if the person (company) carrying our traffic wants us to shut up about something, only the power of the State can compel them not to censor or silence us. Without State oversight, anybody can simply refuse to carry the traffic of a person they do not like, or refuse to carry conversation of a topic they do not approve of. Private, individual rights afforded to intermediaries, their right to control their own equipment, turns into their right to silence your voice without even a hint of technical irony. In the same way that you can choose either Copyright in its current forms or Free Speech, but cannot prevent those with Free Speech from repeating what another has said before them, you must choose between each individual’s Freedom to control their own computers, and each individual’s right to have their message carried by third parties who might have other priorities, ideological objections, or real-world costs.

We are beginning to frame the problem, are we not?

A node on a network chooses to Repeat my Speech to relay the message to my friends.

I choose to Repeat a piece of Speech by Lada Gaga to my friend, and this is now copyright infringement.

You can’t get copying out of the network, and this is why it’s a choice between Free Speech and Copyright.

But the problem is that my right not to Repeat your speech turns into censorship. This is why we have exquisitely heavy laws around censorship, discrimination and other forms of favouritism in many aspects of the workplace.

What do you choose to carry, in some sense, defines you.

So the first thing we have to do is to Blind Intermediaries. We can’t make them responsible for the content they carry – you’re going to replicate my Political Free Speech whether you like it or not, because I’m not going to tell you what you are carrying, and this removes the possibility of content-based censorship from our intermediate parties, including ISPs. Note how carefully and precisely we are constructing this: this is about fundamental technical and social forces inter-relate. We’re building this up from atomic operations because it’s like lego, not like a legal system!

So let’s talk about Blacklisting. You can’t Blacklist what you can’t see. On the other hand, you don’t have to Blacklist what you can’t see. Common carrier / good neighbour type provisions allow us to carry each-other’s encrypted traffic as a social courtesy, protected from our neighbour’s weirdness or illegality. All messages are encrypted from end-to-end by default.

So what of Publishing, of Speech? I originate a Message. You wish to see the Message. You have the key to decrypt the Message. Intermediaries may or may not have this key. So now we have one Atomic Operation still – messages which we may-or-may-not have keys for. This is a very similar general conclusion to that reached by Freenet, at least in it’s earlier incarnations, and by Self-certifying File Systems.

So let’s boil it down one more step. A Message is encrypted with a Key. You obtain the Key in the body of another Message. The Key is in-some-way tied to mechanisms for retrieving the Message (hashes, indexes, self-certifying file systems and so on.) You have a network of readable Messages to which one has Keys, and (potentially) a set of Messages to which one does not have Keys. This is a very simple construct. Authorship may or may not be required to carry a message, and can be asserted by a digital signature. Public notaries can deal with the problem of people stripping off one signature from a Message and replacing it with another (i.e. digital signatures prove that a Key is willing to sign a document, not that they created it.)

Message distribution protocols may vary – there’s an absolute mess of methods of moving files around on a network, with different properties in terms of latency, accessibility, queuing and fifty other things. As long as the messages stay encrypted until they hit a key, it really doesn’t matter how they move around. This is a fundamental error made by many efforts in this direction so far: unifying Delivery and Key Management and often Identity Management in a single system. Actually these functions can be separated into a set of subsystems which interface and overlap, message retrieval vs. decryption vs. identity architectures.

So let’s pick apart Identity. Two basic approaches: biometrics and biographies. Two simple approaches: take a state-owned ID like a passport, assuming that you live in a State with strong identity architecture, and encase the State ID in a container constructed using Shamir’s Secret Sharing. Use an introducer network to store the shares as a precondition of entry to the network. You can also use a Non-State biographical or biometric profile to store this information. So then you basically get introduced to the network, you get your first set of keys, and then you connect to the system as a whole one link at a time. You can view it as a file system, you can view it as the web, you can view it as Dropbox, you can view it as Freenet – the underlying cryptographic architecture is the same.

So let’s talk about what we’re talking about: replacing the file system, both on your PC, and distributed in various forms, with something which is cryptographically sensitive to the world we operate in. You could think of this in brute-force forms like whole disk encryption, but that’s pretty much working in the same single-computer-at-a-time monolithic paradigm which also produces our fragility in hardware terms and necessitates the Cloud and various kinds of decentralized systems. Possibly TAHOE-LAFS has a lot of these features, albeit pointed in a slightly different direction. The Capability-Based Operating System folks, in their thinking about filesystems and similar, have likely already cracked a lot of this. The crux of it is that there’s a lot of technology, at at least the level of sophistication required to build a genuinely politically useful tool-set, but because these systems have been built as applications rather than infrastructure, because they’ve been built as programs rather than services, because the political structures haven’t been clearly designed in a specific way (with Freenet as a possible exception) we haven’t seen the jump to scale.

Introduction to a network with identity (in some form) escrowed using Secret Sharing.

Publication into some form of storage grid, which could use a variety of technologies depending on whether you’re pushing a 50kb email-type communication to a single recipient, or a 5gb archive to 78,000 people. Moving files around is a transparent process, it doesn’t affect the fundamental publishing architecture, and the case-hardened viscously secure untraceable server architectures follow as-needed. Even one’s personal file system could have these attributes, with files from other people being stored encrypted with a key-ring for access – in short, a cache of a much larger system – if we wanted to go in the general metacomputer direction.

Now, within this general speculative framework, four items.

Firstly, you can blacklist known-evil files and transactions, and if there are signatures (and many systems may require a signature to play) you can track back up to something resembling a subpoena against a network of people holding shares of the identity split with Secret Sharing. Community accountability for child porn and/or copyright infringement and/or storage of classified data depending on community standards. Consistent refusal to honor subpoenas (court generated, community generated – these are policy issues) results in forks, subnets splitting and similar.

Secondly, you can store the local files, move them into a remote storage grid, distribute them via decentralized server architectures or what-have-you without disturbing the cryptographic enclosures. This is important: we’re discussing a new way of thinking about files, and dropping these new objects into existing or new storage systems should work transparently.

Thirdly, we can step out of the domain of solving one problem at a time. We need decentralized cache-and-storage architectures, we need backup, we need cloud metacomputing and these things don’t need to be provided by Amazon because, well, we’ve got a ton more compute power than they do and most of us have hundreds of gigs empty in one place or another. This is a property rights and security issue, and the right combination of simple architectures and politically sophisticated implementations of crypto can make that entire resource usable. The only obstacle is the copyright lobby, and there’s a pretty simple approach to that: acknowledge that we secure the GPL and Wikipedia using Copyright and Hollywood secures their movies using Copyright. We need to renegotiate the legal framework around Copyright but, for now, let us consider using our own community enforcement mechanisms (see first point) to make a network which is clean to some appropriate level. Community policing of copyright on a private network is a very reasonable approach to building new infrastructure, and if we can’t manage this, we’re going to have the State down our neck for the foreseeable future. A partionable network – clean networks and renegade subdomains – is entirely plausible.

Finally, let’s think about this in terms of historical trends. Computing goes through a well-understood cycle, Sutherland’s Wheel of Reincarnation where systems swing between centralized and decentralized, parallel and serial, hardware and software. As each layer becomes more sophisticated, it acts as a platform for the alternate strategy – Amazon’s datacenters are centralized parallel supercomputers. So are google’s. In fact, the world is dominated by parallel supercomputer companies, although we use terms like cluster and data center. But it’s all the same kinds of thinking that were pioneered in the Transputer age.

To build a genuinely Free parallel supercomputer – something which belongs to all of us and none of us, which ships our bits when we get massive traffic spikes on our HTML 5 videos, backs up our files, crunches our data and generally manages our “cloud” needs without simply handing the next round of computer development to the corporate powers without a fight.

This is a much bigger issue than just file sharing. It is about freedom of speech, of unpopular speech, of political speech in jurisdictions where what you may have to say is illegal or even more dangerous. The implementation for the current control structures is corporate control of the information technology backbone, both at the wire level, and at the scale of the large scale parallel supercomputer clusters which currently only exist in the hands of corporations.

So that’s the game plan. Metacomputer infrastructure for the internet, out of corporate control, using crypto to manage the policy issues by making people accountable to their peers in a manner akin to jury trial, including handing people to the State for things like CP.

This constitutes lifting the core functions of the “internet” – right down to structures like DNS – right out of corporate control, and therefore government control in most cases.

It’s vastly harder to patch the existing system with layers of crypto and retrofit than to figure out three or four fundamental primitives – identity, files-and-distribution, key management, distribution-and-queues. Building applications on top of those primitives to reimplement various applications we currently have on the internet (email, twitter, the web) may be vastly easier and more productive than attempting to build a single new system which is built on top of the politically naive internet infrastructure we have to hand.

A handful of well-designed cryptographic primitives from which a proper, politically sophisticated digital backbone could be built. This is a non-trivial undertaking, but it’s one which will be much easier started on the right foot.

Think of the original design processes for Unix. Now imagine we’re working at internet-scale in a politically contested environment on untrusted networks.

Game on.

Good examples of this: the hexayurt or the Simple Critical Infrastructure Maps system. Applied to cryptographic applications, it resulted in CheapID and the infamous, lost PKI stockmarket software I wrote once and erased in fear.

Here’s our fundamental issue: there are (at least) three actors we need to consider in cryptographic applications design. They are The User, The Mafia and The State. Most cryptographic applications designers (CADs for now) are politically naive Libertarians, and make one of two errors.

1. They confuse the User and the Mafia, or
2. They conflate the Mafia and the State

This is a debate seen most clearly in electronic currency circles. It comes down to taxes. There are two models: this currency is for not paying taxes, because the government are basically a mafia that extracts taxation. Or this currency is not for paying taxes, because we don’t care if our users are organized crime or not, the government are worse.

These are subtly different models. To model the government as a Mafia is a different thing than to model the users as potentially containing Mafias that cannot be extracted from the system. One or other assumption percolates much CAD thinking.

I’ve been close to the Government. It’s not a mafia. I’ve been slightly less close to the Mafia. They’re not like users. There is a very clear need to create a system which:

1. Protects users from the Government
2. Protects users from the Mafia
3. Protects users from each-other
4. Does not protect The Mafia from The Government

Now, framing cryptographic applications politics in this way is enough to give most of the people involved in the field conniption fits. The apolitical simplifications made in cryptography and cryptology are actually of the “let us assume the horse is a sphere” variety, and when you build social systems around those kinds of mathematical constructs, inevitable failure results.

PGP’s web of trust had, at most, half a million users. Facebook’s web of trust has a billion and rising, while providing users absolutely no protection at all from anybody – they’re being predated by advertisers, by the State, and by each-other with no meaningful safeguards.

So let’s distinguish the Mafia and the State, briefly.

1. Anybody can declare themselves The Mafia by establishing coercion in collaboration with others
2. The State is a special instance of cooperative coercion which may have features like popular support, a criminal justice system with rules, or control of critical infrastructure like hospitals
3. Many of the activities of the State continue with 100% transparency, unlike the Mafia which relies on secrecy to protect it form the State
4. There are a plurality of States

Now this teases apart a useful distinction: the State should be able to operate transparently in (nearly) all circumstances. Mafias, more or less by definition, require secrecy to operate. One could possibly argue that a Mafia which is strong enough to operate Transparently is a State, but that’s a political argument with some fundamental weaknesses which I don’t care to make. My definition of the State is that the State is any entity which can retroactively grant immunity for crimes (cf. Weber’s “monopoly of force” model) but this is an aside.

We are now in a position of attempting to navigate our lives with a hostile State. Even if our own countries (hello Switzerland, hello Norway) are pretty decent, the US and it’s enormous technical monitoring apparatus watch us all through our cell phones and our internet connections. The panopticon is watching you read this blog post through your ISP, and it doesn’t really matter what The Law or Your Government says, because the web server is in America and they’re probably tapping the undersea cables globally anyway, at least for some traffic. The calculus of competing virtues argument for leaving America to heal after 9/11 changed with the signing of the NDAA which ratified the death of the American Constitution, moving the issues resulting from 9/11 from being a temporary breach to a permanent state of affairs.

In this environment, we must therefore examine maintaining our civil rights without passive (or occasionally active) support from the State.

Now, I want you to look at that construction carefully. We have, at least in America, agreed on a set of inviolable rights. These rights are not simply legal rights, they are Rights which define what can be legal. They are the Law above the Law, and graven in stone. The current US government is clearly acting illegally by asserting that it is free to murder its own citizens and hold people without trials, and there is no question that a technological implementation of basic civil rights like freedom of speech and freedom from unreasonable search and seizure simply maintains existing legal practices in a more complex operating environment. We are not talking about implementing cryptoanarchy or end-running around the right of the State to exist. Rather, we are discussing maintaining already socially and legally established rights in the face of a wayward government.

This is an extremely critical deviation from normal cryptographic applications developer practices. Most of the so-called cipherpunks wanted to implement a new political system called cryptoanarchy using software. That new political system is full of potential problems, and is untried. Defending an existing known-good political equilibrium using software is a fundamentally different enterprise.

Alice, Bob and Carol are about as sophisticated as the political constructs inside of most cryptographic applications get. The State is Carol, and the Users and the Mafia are Alice and Bob, with no distinction made. This is simply using the wrong level of abstraction to get the results you want.

CheapID hinges on a single political insight: the hatred of Nation State intelligence services for each-other could be used to protect citizens from all states. That insight is then used as a political factor in designing a global identity card standard. Many see this as madness, but at least we are addressing the questions at the right architectural level.

Finally, we must address the issue of secure endpoints. The smallest and cheapest system capable of resisting technical intrusion so your messages will not be read between the keyboard and your cryptographic application is a military base with three levels of doors, metal-box rooms mounted on springs, and guards watching each-other. The fantasy that consumer-grade laptops offer security is just that.

Now, with all this said, we need to start rethinking the mass deployment of cryptography to foil the thieves in the wires, and to protect the human and civil rights we all have. But we must implement what we know works, and not an untried and untested new political equilibrium, no matter how attractive, just because it’s what drops out of the code.

Code is law. Make law wisely.

You need a Jefferson at the Keyboard to Write the New Constitution, whether the language is C or English.

The cosmic infinite inside says Gandhi
But the historic Gandhi did not do enough
Nuclear age spun out from his death, an echo
The corpse of a god festering in history, missing
In 1958 He would have united the world

I’ve seen the potential, and refused it, haunted
by the inevitable failure, not Jesus or Buddha
carried the world, and most certainly not I
A fifth rate avatar of the Fat God, My guru joked,
the sixth rate avatar hangs from a rear-view mirror

This, then, is the gap, far worse than death
The inevitable failure to make the world what it is not
Bring two grains of beauty, pass silently or loud,
Become one with the forgotten past when your day comes
It may be that this is all we really are

About half of us would have to change our minds
to make the world work for one hundred percent of humanity
and the limit of divine will is just that: your mind
is ever your own, and your choices bind you
the democracy of action is total responsibility

addendum
“You cannot help anybody you are not willing to watch die” said my guru, meaning that if you are not willing to watch somebody die, they can drag you down with them if they refuse to live, which is common, in extremis. Facing the darkness of the world has now escalated to this point in my life, as I contemplate the break in America represented by NDAA and ponder the strain of mitigating and coping with a world in which America has no Constitutional restraint. It’s as shocking to me as it was for German Jews realizing that that they were no longer secure in their person in Germany in 1932 or a little later. If not the American dream, then what?

The pain and sadness I feel about losing America as our guiding light – which it has been, in some way, for many years, certainly up until 2001 – cannot be easily expressed. I am an ideological person, and one prone to wind up jammed in the gears of history. I’m just too tired and too old to mount much of an effort, to make much noise. I face the retreat to the personal domain, rather than taking arms and making noise, because I don’t see a victory at this juncture.

Hitler was gone in 10 years. Perhaps the current wave of fascism in America will pass me by.

Is this really it? To sit on my hands, and wait it out?

Yes. I’m too tired to fight. The public will is not with me, at all, in any way, shape or form, and to decline and fail gracefully and with (some) honor is as much as anyone can hope for.

It is, perhaps, more ethical than total victory, than ascent into the Bonosphere, filled with doing good by political compromise.

Time for me to return to the personal domain for a while, to care for and feed my plants like the hexayurt, and take better care of myself. If there’s a generation on fire with the desire for liberty, let them find my door.

I can’t tell, for sure, whether this sense of decline and loss is simply me hitting 40 and looking at the wasteland of my life, or if it’s a genuine reaction to the implication that the Americans are gone – that they’ve legalized kidnapping and, in fact, unmade humane practices as old as Magna Carta. But I look at my friends, ask advice, and yes, sure enough, it’s there for them too.

The Gap is widening.

I was taught about this in detail. I’ve taken some of that work and turned it into the social thermometer. Other parts are metabolized into the Awful Play, the Musical Comedy from Hell, which I will not write the name of now. And, above all, there is the non-flinching.

I’ve joked about staring into the abyss until it blinks, but there’s an element of truth to this. I landmined the path of fascism with everything I had since about 2003 or 2004, worked ceaselessly against this eventuality because I knew it was possible, and my war started early.

And I guess that’s what I’m trying to say. I’ve burned the candle at both ends and mortgaged the middle for years because I knew this was possibly coming, and it was far easier to fight it before it arrived than afterwards.

Pretty soon, The Future We Deserve will be available, and if we got it right, if the timing and the idea and the content are right, perhaps we can start a new conversation about the future. Our future-creation mechanisms suck, they’re bottlenecked by commercialism and investment strategy and itch-scratching, little visionary work is supported, and we need it more than ever.

It might seem peculiar to talk of such tiny candles in a time of darkness, but if I told you what I’d done to fight the power, you would not be comfortable in the same room as me. I say this not to boast, nor as a warning, but perhaps to ask forgiveness for what I have brought into the world.

So let us hope that we can fan some flames of hope and light with The Future We Deserve and perhaps build an active network of people with ideas, with vision, and with hope and work on figuring out how to get some of these best practices for living and good ideas into our lives and launched, off the drawing board, into reality.

Imagine a good idea that became as popular as some of these pervasive bad ideas are. One or two like that.

I realize this is elliptic. I can’t say everything I know or describe everything I fear and hope. I’m trying to update my models of reality for the new situation, take the subtle and inchoate and give it, if not voice, an uneasy rotation under its blankets, enough to disturb a cat sleeping on the bed, but not enough to raise the ire of the Leviathan sleeping under it.

In short: I prepare my mind to fight, and pray I do not have to. Let us pray.

Postscript
I write like this because I want to sit down and explain to somebody the stakes of the game, and what moves I have made, and there is no-one left to hear me.

My life is, by any standards, a fucking mess. I finally found an image which really does it justice: I’m a chisel. A very hard, very flat chunk of grey metal that’s hammered into stone.

Facet One – my health
I got pneumonia in Colorado when I was about 30. Up until that point I’d been rock solid for about ten years. Haven’t been right since, and I haven’t fixed it. I’ve gotten slowly fatter and lost more lung capacity with each year, and taking the time out to make repairs has just never been a priority.

Think about that. Six months off, regular tai chi, maybe some acupuncture and odds-are that my body would reset the congestion in my lungs. It’s been ten years, and I haven’t got to it. I’ve made time for a withering look at every major planetary crisis we have, although I’m a little light on nanotechnology and geoengineering (fortunately that’s what Cascio is for dealing with, thank god) but otherwise, deep global coverage. And I’ve put off resting and taking care of myself for a decade.

That has to stop. I have to stop using food as a buffer for stress* and start actually doing the things I know how to do to take better care of myself.

This is going to mean shedding responsibilities and, occasionally, letting people drown because I’m too tired to catch them.

I’ve been Mr. Reliable for too long. New approach needed. One which prioritises sleep over saving the world sometimes.

* for stress read existential horror

Facet Two – beauty
I was never exactly good looking. I saw some pictures of me from around 25 recently, and the thought did occur to me that I’d been better looking than I remembered – and it was a long, long time ago. But that’s an aside.

What I really wanted to talk about was beauty.

At least two of the women I’ve loved and been loved by were beautiful in the most powerful way. I miss them. What I miss is not the simple sculptural quality of looking over at your girlfriend and thinking that god was having an on day when she was made, but something much more subtle.

Beautiful people care about themselves.

You don’t wind up without that kind of surface if you don’t care about it. It’s a constant attention to the body, to the emotions, to the environment, to good food, to rest, to many other things, that takes somebody who could be good looking, and turns them into somebody beautiful. It’s a practice, one might say an artistic one, and it’s something I do not do at all in any way. I occasionally dress appropriately, I play with images of myself and roles, but I don’t think I’ve invested five minutes in actually trying to look good in 10 years. And this is not simply about sexuality, but about an attitude to myself.

The thing about being beautiful is that it’s expensive and often very, very fragile. Hot is durable, beautiful is fragile, people in the worse conditions can manage hot. But beautiful, in the sense I mean it, is spacious. It goes away under pressure. Only the very, very best can maintain it without the underlying blowtorch heat, but it’s not sexuality.

It’s giving a damn, for years, about how you live in your body, and how your body signals the person you are to the world.

I let my ideas and my work do the talking, as is appropriate for a man of my kind. But, actually, to do the things I had to do, to become the person I had to be, I treated my body as a locus of action for my will, not an end-in-itself.

When I was very young, about 20, I fell under the influence of a famous curator Jasia Reichardt who suggested, with some seriousness, that I become an artist. I had a knack for form in computer graphics, and at the time, the early 1990s, people like William Latham were making serious strides.

But I was much, much better at technology, and it became the path not taken. I consistently wrote poetry occasionally for about 10 years, painted consistently for two or three, eventually getting about as good as a mildly talented 11 year old (but with a certain outsider ferocity) and just gradually, quietly stopped creating. I don’t think I’ve made a thing that was beautiful, rather than simply useful, in most of ten years.

I was shocked when I realised that. I’ve become a caricature of my younger self, not it’s expression. The useful bits of me have grown out of all proportion to my other potentialities, because the world needed me to be useful, and I did it the world’s way albeit exclusively on my own terms.

But in the final analysis, I made the same mistake as my old friend Brian. I became a human doing.

It’s too late to spend my thirties getting married and having kids. It’s too late to lose these capabilities and to not know what I know about the world. It’s too late to be a nicer human being. I’ve meddled in the affairs of gods, demons and kings for too long, and you can’t get the edge of the underworld out of my biography. I’ve spent too much time around death, as a bulwark of life. The price of being a bulwark is looking like a bulwark.

But I can make some time for beauty, and to create again.

Facet three – war
I recently said something new about war. The greatly esteemed Kevin Carson collected a series of statements and conversations from twitter, making an essay of a rather turbulent late night thinking session.

I’m grateful to Kevin for doing that, it might have slipped by without him. So what I said, roughly, is this:

1. Government in democracies centralises authority in the elected officials representing the Will of the People, but this explicit centralisation of legitimacy is threatened by decentralisation.
2. Network-centric war has a simple goal: a total comprehension of a transparent battlespace. To be efficient with such transparency, a hierarchy has to add more value than following the guidance of a chain of command costs in communications and centralization errors.
3. In all probability, such hierarchies cannot add more strategic value than they subtract in network errors, which also kills democratic oversight of effective wars, by dismantling the the centralization of legitimacy.

To this we add a sub-argument from John Boyd, that to think clearly about war requires one to have an absolutely solid personal moral foundation for one’s fight. If we do not know that what we are doing is right, the analysis required for clear strategy also leads us to the conclusion that we are heedless murderers or simple evil, and what we know about human cognitive biases is clear. People will not ever come to the conclusion they are the Baddies if they can avoid it.

In short: you can have an accountable military, or an effective one. Groups like the IRA were never accountable to the populations they said they represented. That problem’s only going to get worse, and (for example) Special Forces in the US is in some ways being used as an answer to the costs of democratic centralization. But when one adds a “moral war” layer to this, the situation worsens dramatically: those who are convinced they are right and therefore require no oversight may also have clarity of mind based on moral certitude, while those who see shades of grey in their mandate may fog their thinking around the moral issues, and thereby lose clarity in strategy.

This is, as far as I am aware, new thinking about the interface between new military technology and democratic governance, although it applies old principles in thinking about war. It’s likely I’m retreading areas visited by some policy paper from 1985 – there’s always somebody but it’s dropped out of the debate as far as I can see. The precise dynamics of centralization and accountability in a netwar environment are going to be huge issues in the next year or two too: see Anonymous.

So back to the chisel: I’m good at this stuff. Somebody has to be good at it, and I am. I’ve made substantial contributions to thinking about security issues in several areas, and always towards safeguarding human rights. I can’t quit this responsibly, I just have to manage it.

Consider then, James Jesus Angleton.

Angleton was a true aesthete. He edited a poetry magazine that he himself hand-delivered to subscribers at all hours of the night.

He also ran counter-intelligence for the CIA and, according to Robert Anton Wilson, had President John F. Kennedy killed because he had earlier worked for the Soviet Union.

That, of course, is pure conspiracy theory, but it might explain his happy-old-man demeanour, while at the same time being written up in the history books as a miserable failure. Did Angleton have the last laugh?

Anyway, if Angleton can manage to go from a foppish fan of Ezra Pound to the man who killed the king and die with a smile on his face I’m sure I can square carrying tiny my share of the world’s troubles and keep my head together for the next few years.

Facet four…
The big new projects. Pirate Party Defence Policy Working Group which does what it says on the tin.

Edgeryders is a Council of Europe funded project on European social stability and options for young people who can’t enter society by getting a shiny new job and following their parents because they’re on about half the money our parents had. Now compare that to the seminal Framing the Collapsonomics Practice – we’ve “crossed the chasm” from being out in the woods, talking about the far future to working hand-in-glove with European-level government actors.

TRUTH AND BEAUTY (and don’t forget our video archive builds on the base established by Tea in the Park, an activity we did a couple of years ago where we had a picnic every Sunday for eight months or so, without ever putting up a web site. We just met, week after week, drank tea and got to know each-other. It meant spending a lot of time outside, too, getting familiar with a whole different perspective on London – as folks who were independent from the cafes and stores, with our own music and our newspapers and our thermos flasks, watching the spending world go by.

Truth and Beauty builds on that implicit base of “it’s almost like doing nothing, except that you get to know people really, really well.”

Time. We’re all too busy. We don’t really know even in our closest friends in the way that people who live in villages know their entire community. I got very used to seeing the same faces every few days when I lived in Cloughjordan and the work they’d done on community development there really paid off in huge ways in terms of quality of life and happy people.

So the next phase of TRUTH and BEAUTY is to bring back the Sunday Brunch, much along the lines of Tea in the Park, but this time with added… indoorness. I suspect if the weather’s nice we’ll wind up in St. James Park just round the corner a lot of the time, but we’ve got many months before warm summer evenings arrive so, until picnic season, Hub on Sunday afternoons.

First one will be this Sunday, and it’ll be a general get-to-know-you and thinking together on what we’d like to do with our Sunday Brunches at the Hub.

See you on Sunday! Shall we say, aspirationally, 11AM onwards?

PS: Truth and Beauty on Tuesday 24th will be Dash May (who badly needs to send me blurb!) talking about his artistic practice, including a lot of work on biological systems, and why the Axolotl (regenerating newt-like thing) is such a fascinating beastie.

PPS: I have decided to spend a chunk of this year learning to take pictures, and I promise-promise-promise not to just turn it into functionalist documentation of work. Promise.

David Bovill of Liquid Law

PPS: the point was that, at heart, nothing is wasted. It all comes around again.

I have not lost respect for women, any more than losing respect for Marxism means you no longer respect Russians.

The issues women face are real. However, political mistakes made in the early stages of women’s struggle in the West are causing huge problems. The strategies conceived in the fifties and sixties and seventies have resulted in yet more problems. The common feminist tactics that I encounter now, raising political issues focus on the gender issues in the world to the near-exclusion of all other forms of analysis and discourse. Political mistakes and strategic blunders have led to tactical ineffectiveness.

In short, in my experience, feminism has forgotten how to play nice with others.

I’m therefore disengaging from feminist discourse for the time being. There’s no way, in reasonable time, to engage in useful debate with people who’re at the tail end of fifty or sixty years of flawed thinking – in fact, it’s often like arguing with fundamentalist christians, who are at the end of a much longer flawed chain.

My rough order of concerns, right now, are nuclear/biotech/nanotech apocalypse, destruction of climate, destruction of nature by other means, fascism, poverty, race and colonialism. I understand that the rights of women influence many of these areas, of course. But feminism is, right now, seventh or eighth in my list of concerns globally, and I am unwilling to sacrifice my effectiveness in addressing higher priorities to feminist concerns. I’ve been asked to do that several times in different ways recently, and I will not do it.

Nor, bluntly, should you want me to. I’m worrying about the US declaring itself fascist: you should be too.

That does not mean that I’m going to personally oppress women to get ahead. Jesus christ, who or what do you think I am? What it does mean, however, is that I’m going to insist that people who want to engage me in feminist discourse accept “no, thank you” for an answer in most cases. I have other things to worry about, I probably disagree with you on some very fundamental distinctions about sex, gender, social roles, personal responsibility, obligation and interdependence. But I don’t have time, right now, to fight with feminists at the level required to get real insight on these issues, so for the moment, I’m disengaging.

Partly, feminism seems (to me) to often be astonishingly unconsciously culturally imperialist, paving over traditional social models which have served men and women alike for centuries with undisturbed aplomb. My culture has always said women and men are equals, it’s uncontroversial and completely integrated into our way of life. Perhaps there are things here worth learning about.

Partly, I think women globally need to up their game. Power is hard: men having access to power historically suffered for it, and it destroyed most of them that held it. If women want to hold power and fight alongside their brothers for what is right for everybody, they’re going to have to learn how to suffer and die when dealing with power as men always have. The game does not get easier just because women have decided to participate. I think much of the complaining about the way men are using power right now is women discovering just how hard and nasty dealing with power is, and how much men have suffered for it. As a friend once said to me, while waxing philosophical on the nature of war, the women came here to die, the same as the men.

For the record, then, here is my stance: men and women are equal.

Although I don’t talk about it very much, I was a cypherpunk in the 1990s. I contributed a little to a software project to protect human rights workers in China. I collaborated with some individuals on a software project to build a Kiva-like microfinance engine on top of e-gold, and narrowly avoided getting entangled in a lot of legal badness when the project exploded. I’m going to return to that story in a minute, but let’s turn back to Julian Assange.

The more secretive or unjust an organization is, the more leaks induce fear and paranoia in its leadership and planning coterie. This must result in minimization of efficient internal communications mechanisms (an increase in cognitive “secrecy tax”) and consequent system-wide cognitive decline resulting in decreased ability to hold onto power as the environment demands adaptation.

Hence in a world where leaking is easy, secretive or unjust systems are nonlinearly hit relative to open, just systems. Since unjust systems, by their nature induce opponents, and in many places barely have the upper hand, leaking leaves them exquisitely vulnerable to those who seek to replace them with more open forms of governance.

Julian Assange, late 2006

Now there are two things you can infer from this, if you read between the lines.

1. Some of the “leaked” material will actually be obtained by computer intrusion (hacking/cracking) and passed off as being leaked by insiders
2. Assange’s model is fundamentally economic and logistical: it’s about transaction costs in a Coase/Benkler style.

WikiLeaks is acting as a marketplace for illicit information, literally a clearing house. This model, with its unconscious capitalist/economics language bias, is the key reason to doubt the long-term effectiveness of this strategy.

Here’s why: the “daylight” model of increasing the transaction costs for conspiracies against the people, in a manner which extends good journalistic practice for the digital age has a simple countermeasure: make security cheaper. By pushing up demand for secure communications, the price of supply goes down. Ah, you say, but leaks circumvent security: actually, no. Digitally tagging files by doing things like rearranging whitespace and swapping words around helps track documents so you know which person leaked. Similar approaches can be taken for images and video. Security isn’t just about stopping people from listening, it’s the whole spectrum of information assurance techniques.

All we’re doing is breeding better conspiracies.

There’s also good reason to believe that Assange simply picked the wrong target. There are a vast number of commercial conspiracies – cartels and industrial espionage being two really useful examples, plus omnipresent government corruption over civil contracting matters. Hitting these networks hard might actually have achieved a lot of popular support for wikileaks in the popular press, and the politically powerful middle class support base which actually decides elections might have come along for the ride. But doing stuff that makes it less likely for the western democracies to win wars makes everybody in those democracies uneasy, consciously or not, and leaves wikileaks politically and more importantly emotionally exposed. People just don’t like it. And it’s not just because Julian Assange is a zealot.

Now let’s consider the “nightside” model, in which we think of wikileaks as simply being a publishing front for computer crackers to launder stolen documents as more-legitimate leaks. By creating a single exchange point, they’ve created a point of regulation. Pushing down the cost of publishing a cracked document, and providing filtering to take out (say) the names of innocents involved in a situation also creates a new political bottleneck, which (of course) the authorities have chocked down on as hard as possible. The other argument is that wikileaks primary threat is not the governments of the west, but vastly more unscrupulous agencies (Mossad, the Chinese) who might find their own uses for an allegedly journalistic endeavour.

Economics thinking leads one astray when dealing with matters of political power.

“Political power grows out of the barrel of a gun.” – Mao Tse-tung

I was writing software to run cryptographic financial markets in the late part of the last millennium. I’d worked extensively with the e-gold guys, and started to do some real analysis on how to do something very, very interesting. I was thinking about low-cost financial instruments for sustainable development, and rapidly discovered that there was a very, very real risk that my work was going to wind up empowering mafias.

I got The Fear. I was an illegal immigrant writing software to build secure, anonymous, untraceable financial instruments on top of a dodgy digital currency run out of a south sea island banking system, and (worse) Florida. I slapped some sense into myself, and left the project behind, and cryptography with it. It just didn’t feel safe because I was already running one risk (being an illegal immigrant trying to find status to stay in the US) and I was breaking The Rules (1. only ever break one law at a time. 2. never break the law with somebody you don’t trust. 3. never break the law with somebody protected from the consequences. 4. don’t get caught. 5. never break the law with somebody dumber than you are. 6. cons con cons (aka “you cannot cheat an honest man.”), 7. never steal anything worth less than two years salary. 8. don’t do it for the thrill.)

These are the things you learn growing up on a Scottish housing estate in the 1980s.

So I quit crypto. Not being able to go to The State for help, if the situation I’d been in escalated to Men With Guns, left me with a clear understanding: I needed the State’s protection to be a full human being. Now, let me say that again: I needed the State’s protection to be a full human being.

This is the start of my divergence from the classical cyperpunk’s anti-State crypto-anarchist market capitalist stance. I realized that I needed them to protect me from the Mafia, because I saw just the very shady outline of the Mafia two or three handshakes out from where I was, in a position where I couldn’t get help without getting deported. If they’d gone from three handshakes away to one handshake away, I’d have had to make a decision: ask for help and lose my country, or go it alone and risk losing my life or worse.

It’s not until you get a sense of those situations yourself that your ethics become clear. But I realized that I needed the State.

Years later, I realized the State needed me. I did a biometrics technology package, aimed at situations like Iraq, which embodied many of the fundamental core cypherpunk principles (anonymity, cryptographic assurances of judicial process, cryptographic implementation of personal privacy) in a proposed biometric ID card standard. I was working for the Office of the Secretary of Defense, with oversight from the National Security Agency. I worked in the public domain, you can see the CheapID proposal here, and I considered myself to be doing good. The Pentagon have always supported the hexayurt project, they’ve always treated the concepts of appropriate technology with respect, and while none of that washes away the evil done, I’ve never seen the fanged end of the beast.

But I know it is there, and I tread carefully.

Recently I invented the Riot Snorkel in direct response to the abuse of pepper spray and cs gas for suppressing peaceful protest in America. In the long run, that might be a pretty harsh anti-State action, and I’m aware of the risk it’s going to get people hurt in the long run by depriving police of an effective first move in quashing protests. I took a calculated risk, and invested some of my political capital to draw a line in the sand: “you should not be doing this, and I’m standing up.” That’s a political step I made to frame a wider project: getting some of this radical political stuff implemented as the only realistic way of governing ourselves on the planet, given the failure of mainstream democracies to protect the environment, help the poor, or even stay at peace in times where no legitimate reason for war exist.

Understand: follow my engineering advice, and pepper spray and cs gas stop working. I didn’t put that out there without thinking through the risks at a political and personal level pretty carefully. I did it to protect democracy, in my own way, in my own time.

So this is where Assange and I part ways. He used an economic analysis, and came up with a way of making conspiracy expensive. I used a military use-of-force analysis, and came to the conclusion that I needed the State’s protection, and in fact we all do. As a result, I’m guardedly loyal to the State, and I want the best State possible. I’m absolutely enthusiastic about the A Thousand Nations approach of building some new countries with new governance arrangements and seeing what works (“a Cambrian explosion in governance!” as they say) but, in the here and now, we need Better States.

So here’s the model I use, parallel to Assange’s transaction costs model.

1. Inside of government there’s a range of political and personal character, ranging from saintly to outright diabolical in a very literal “evil” sense.
2. The good end of government tend to believe in things like open data, open government, rule of law, human rights and similar. It’s people a lot like you and me, but inside the State.
3. By identifying the progressive incumbents, the best of the people seated at the Big Tables, and supporting them, we can produce better government.
4. The critical periods are long-term conflicts about what to do on the biggest scale: wars, environment, civil rights etc. in which established factions form and fight for the framing of the problem of a given position.
5. The critical actors are senior bureaucrats, not elected officials. Elected officials of any substantial power are all agents of satan by virtue of constantly having to lie to people and the media “or the other, even worse guy, will win.” This is corruption.
6. Civil society – that’s you and me – can meaningfully contribute by effective support and cooperation to differentially empower progressive incumbents. We help the critical actors (senior bureaucrats) win critical conflicts during critical periods as a way of expressing our political power.
7. Mostly what they need are good ideas and proof that doing the right thing will work. Civil society can produce these, possibly using Wikipedia-type Free approaches.

I wrote about this approach at considerable length in The Big Deal, a series of long blog posts analysing how civil society could push forwards a new settlement with government in critical areas to try and create a better world. I believe in this approach.

Now, here’s why I’m laying this approach out. Next year, I’m going after #Occupy. The current political culture inside of #Occupy is dangerously shallow. If we get large scale economic breakage, and Occupy goes from being 2,000 people in New York to being 200,000 people, if it becomes the army of the dispossessed, the Tyranny of Structurelessness is going to be an immense bane, as a lot of angry, frightened people get together in a non-democratic environment and attempt to figure out where to apply their political weight to get solutions. There’s a name for that: it’s called a mob. We can, and must, do better than first-past-the-post voting every four years for leaders pre-selected by political power elites and corporate-controlled media. But we must also do better than small groups of people waving their hands at each other at emotive appeals.

Two core virtues: voting, and written discourse. They go together: you can’t vote on a speech, or an improvised dialogue, because somebody may have made a mistake and now you’re voting on their mistake, not their intention. We need clear, written platforms, and political accountability for diverting from them. We’d all prefer CHANGE Obama to MORE OF THE SAME Obama, but there’s little framework for holding him to his own high standards.

As I outlined in The Big Deal and When? we just can’t sustain political change on the basis of an inaccurate world model.

Fighting, even winning, the war against narrow self interest is not the same thing as creating viable global solutions for the narrows that the human race finds itself in.

Support progressive incumbents.

Solve problems, don’t just yell at people.

Be ready to take responsibility, because The State does a lot of work for us, and it’s going bankrupt in many places.

Frontal assault is always going to get you bitten in the face. But we can change the world, as previous generations have, by skillful politics and picking both our horses and our battles with care.

As I said at the beginning, I went to the same school as Julian Assange, but we learned different lessons.

We can’t do this alone, and a counter-conspiracy is just another gang. It’s up to us to find a better, more inclusive, more whole way to address our global problems.

Because until the proposed settlement works for everybody with a veto, particularly a veto-by-violence, stuck we remain.

So that’s my game plan for next year. Thankless as the task might be, society as-a-whole is going to need a more politically sophisticated Occupy to take up the slack left by a limp press and a corrupt government. The outrage of the people needs to be both realistic and constructive, because if we tear down much more, there’s going to be nothing left. We don’t suffer from too much governance, we suffer from too little: no effective climate regulation, no effective nanobio risk regulation.

Imagine a bridge built from the more reasonable end of Occupy, right through to the strategy rooms of Whitehall and Washington DC. That’s my vision of 2012: get everybody around the same table, make them all say sorry to each other, and then get on with figuring out how to fix the world.

The rebel Chinese village of Wukan, which has driven out the Communist party, has resorted to smuggling in food past a police ring of steel which has cut off its population of more than 20,000.

A demonstration in the centre of Wukan village, in south China’s Guangdong province.

Villagers say that they have enough supplies to hold out for only 10 more days.

Wukan has been encircled by the police cordon since Sunday, after a failed attempt by 1,000 armed police to capture the village. No food or water is allowed in, and no villagers allowed out.

But the villagers were unbowed yesterday, and their leaders said they had seen signs that the government would “blink first”.

“We have an old saying here,” said Chen Liangshu, one of the villagers, referring to the legendary aggression of the Wukanese and their neighbours. “In heaven there is the Thunder God, on earth there is Lufeng and Wukan.”

Trouble in Wukan has been brewing since September, after the fishing village revolted at an attempt to take one of its last parcels of farmland and give it to a major Chinese property developer, Country Garden.

If I was a lawyer I might sue. I’m an engineer: I design.

So I am presenting a simple plan for a chemical weapons protection system which is suitable for construction by peaceful protesters.

I am aware this is a technology which could be abused, however (as I will explain in a moment) I consider this to be a reasonable risk under circumstances where widespread punitive use of sublethal chemical weapons is a routine fact of life for many peaceful protesters.

The Ethical Case
Sublethal chemical weapons like pepper spray were originally intended as an alternative to lethal force like firearms. They were sold to the public as a solution to problems like a senile man with a knife: you can disable him with relatively low risk using pepper spray, or you can shoot him with a firearm, but there’s no other way to disarm him that doesn’t put a policeman’s life in danger in close combat with a knife-wielder.

As an alternative to firearms or other likely-lethal force, sublethal chemical weapons have considerable utility.

However, as we’ve seen recently in America, pepper spray and CS gas are being used in a different way: punitive torture using chemical agents (punitive chemical torture for short) is being used to punish people for protesting. This is problematic for multiple reasons, but two likely have legal force.

Firstly, torture is not a means of punishment which is recognized as legitimate under US law, European law, or international treaties on human rights. The United Nations explicitly takes a stand against it, as does the European human rights system. Therefore punitive use of torture using chemical agents is likely illegal in the spirit of the law, even if it is temporarily legal by the letter of it in some jurisdictions.

Secondly, police do not have the ability to impose summary judgement, and punishment. Even if chemical torture was a legitimized punishment for certain classes of crimes (“protesting and third class trespass, GUILTY!”) police do not have the ability to decide who is guilty or not guilty and hand out punishment: that’s the court system’s job, not the police’s. This is a very simple argument to make, and the usurpation of powers indicated by police action in this respect is much more in line with the kind of thing you might see under martial law than normative legal conditions.

So on this basis, I feel it to be necessary and important to do something to reduce the damage done by likely-illegal punitive chemical torture by police and other actors. As noted, I’m a designer, not a lawyer, so here is my solution.

Improvised Sublethal Chemical Weapons Personal Protective Equipment – Not the Riot Snorkel

In the early phases of this project, I used the nickname “riot snorkel” for what I had designed. This name is not suitable for general use, because it includes the word “riot”, but as a working title it remains. I apologize for any confusion this may cause in future. This device is designed to protect peaceful protesters from improper use of sublethal chemical weapons.

The ISCWPPE (“isc-wipe”) has three phases tiers of deployment.

ISCWPPE-1
Firstly, one takes the mouthpiece from a cheap snorkel and pulls off the snorkel. The mouthpiece is joined to three or four feet of garden hose, which is run down the back of the protester and invisibly positioned out of sight. One breathes in through the hose-snorkel when pepper spray is in play, the air intake being hidden and protected from frontal assault with a spray. This should probably be paired with a pair of goggles and a nose-clip or a face mask from standard swimming gear supplies to protect the eyes and nose. Critically, this does not obscure the face, and therefore is not a likely to be a mask which police might compel one to remove for identification purposes: I believe the ISCWPPE to be legal. The net effect is that if one is pepper sprayed, the respiratory tract and eyes will be protected from the effect of the sublethal chemical weapon. Skin burns will still be sustained, but the essential functions of the body will be protected.

ISCWPPE-2
The second level of the ISCWPPE connects the end of the pipe to a soda bottle based filter. Take a two litre soda bottle, connect the hose to the top of the bottle. An air intake goes into the bottom of the bottle, in the manner common in water pipes. The air intake tube starts above the level of the top of the bottle, so that liquid does not spill, and passes through the side of the bottle above the water line, while extending below the water line. The entire assembly could easily go in a small backpack, with the pipe from the snorkel going into the top of the backpack in a similar manner to Camelbak-type hydration packs. As one inhales, air is drawn through the water as a series of bubbles. Gravel or beads break up the bubbles, increasing the surface area. Allegedly vinegar counteracts CS gas, which is the primary modality this approach protects against. I cannot vouch for the safety of inhaling air passed through a vinegar solution (secondary drowning?) but this is terrain for analysis by medics, and possible experiment. Be careful with this! You will also need to add an exhale valve (see the standard N95 dust mask) to enable respiration. An exhale valve could also be fashioned from a tube-shaped balloon – cut off both ends, stretch over the pipe, and air can flow down the length of the rubber, but not back up. It’s a very simple, very durable valve, but may make a strange noise. Try taping a piece of such a balloon to a straw to understand the principle!

ISCWPPE-3
The third level of the ISCWPPE places a plastic bag, sealed at the neck, over the face of the protester. The out breath through the exhale valve expands the bag, producing a clear, flexible bubble around the head of the protester. Pepper spray and CS gas swirl outside of the bubble, while one is safe within. Exhaling continues to keep the bubble inflated. This bubble is at positive pressure, which will stop infiltration by any gas in the environment. However, this setup may be dangerous, as a blow to the head which rendered somebody unconscious without breaking the bag could result in suffocation.

This is all notional, first-pass work on protecting people, but I don’t know what else to do to stop that abuse of these weapons other than making them ineffective.

Take care, and be at peace.

Vinay Gupta
Director
Hexayurt Project

Israel threatens to cut off power, water to Gaza
(AFP) – 17 hours ago
JERUSALEM — Israel warned on Saturday that it would cut the supply of water and electricity to the Gaza Strip if rival Palestinian movements Fatah and Hamas form a unity government.
“The foreign ministry is examining the possibility of Israel pulling out of the Gaza Strip in terms of infrastructure,” Deputy Foreign Minister Danny Ayalon told the daily Yediot Aharonot website.
A unity government deal “would transform the Palestinian Authority into a terrorist authority and would put an end to any hope for a peace agreement” with Israel, said Ayalon, who is also a Knesset deputy from the nationalist Yisrael Beitenu party.
On Friday, Israeli ministers decided to maintain a freeze on the transfer of tens of millions of dollars in tax monies to the Palestinian Authority hours after Palestinian president Mahmud Abbas held top-level talks with Hamas chief Khaled Meshaal at which they announced a new era of “partnership.”
The transfer of funds, which make up a large percentage of the authority’s monthly budget, was frozen on November 1 as a punitive measure after the Palestinians won full membership of the UN cultural organisation.
“If the Palestinians have signed an agreement over a unity government, it would make a transfer of funds impossible,” a senior government official told AFP.
In January, Prime Minister Benjamin Netanyahu had already threatened to cut off water and power to Gaza, which has been controlled by Hamas since the Islamist group chased Fatah from the territory in 2008.
Israel, which unilaterally withdrew from Gaza and dismantled Jewish settlements in 2008, continues to supply the territory with water and 70 percent of its electrical power, the rest being supplied by neighbouring Egypt or local power plants.
Copyright © 2011 AFP. All rights reserved.