Protecting our Freedom

Written By: - Date published: 1:27 pm, January 19th, 2015 - 7 comments
Categories: internet, uk politics - Tags: , ,

So I’ve been at an open source (programming) conference last week.  Lots of learning, it’s been great.

But my best lecture was a key-note speech from Columbian University Law Prof Eben Moglen.

He was looking at the future of the internet, and whether society’s nervous system is working for the data-miners or the people.

And from David Cameron’s comments last Monday it’s clear which side the UK PM’s on.  Fortunately his coalition partners are giving him short shrift, because he’s clearly missing something when he says he’s defending freedom with such thoughts as: “In our country, do we want to allow a means of communication between people which we [the British government] cannot read?”

Yup, he wants the UK government to be monitoring all communication.

That terrifies me.  Fortunately even the right-wing Spectator newspaper was calling him out on it, saying it would make UK like Russia and China.

And there was great irony in the leaked release of a secret report from UK/US cybersecurity agencies on Friday saying that the West was vulnerable because of a lack of the encryption that David Cameron wants rid of.  Our networks are too open to attack from China, Russia and criminals.  We need more encryption and secure messaging, not less.

Eben Moglen pointed out that 75 years ago we sacrificed 10s of millions of lives to prevent us having to live in a state that monitored everything we do and say – we called that totalitarianism.  We’re not calling for that now, although some hackers have paid the ultimate price in some countries and Edward Snowden is in exile.  Rather, we need to stand up to our governments, and the likes of the programmers he was talking to need to make sure they build the tools to keep us safe from surveillance.  We should not sell out our privacy to the likes of facebook for convenience, nor should we give it up to the NSA and GCSB to combat “terror”.

Yes, bad people will use freedom to do bad things – they always have.  But the number of people killed by atrocities per capita is probably the lowest it’s ever been – even if we hear much more about the 2000 dead in Nigeria or 17 dead in France (in disproportionate amounts) or the latest US drone attack.

And most of the acts of terror aren’t planned on the internet – ISIS and Boko Haram can just talk between their commanders in their own territory, and the western violence has been by lone wolves or brothers who’ll be talking offline.  So why spy on everyone else, and why insist that all of us are unprotected from criminals or hostile governments?

While I was hearing on the radio the oxymoron that “terror [definition: extreme fear] is our greatest fear”, it’s not logical to give into it and give away our freedoms and rights to somehow “combat” it.

Lose those freedoms and it will be very hard to get it back.

As Anthony’s found street art had it: Future generations will not forgive your apathy.

7 comments on “Protecting our Freedom ”

  1. lprent 1

    I thought that Cameron was being a complete idiot when he said that. We definitely need more encryption, not less.

    As this initiative states

    Ideally, every time you visit a website, that connection should happen over a secure HTTPS connection so nobody can snoop on your surfing habits when you are using a public network at a coffee shop or at the airport. But in reality, most smaller websites don’t offer these kind of secure connections because getting the kind of digital public-key certificate that makes HTTPS connections work involves a rather annoying and manual process. They also typically don’t come cheap.

    It doesn’t have to be like that, though. Starting soon, Mozilla, Cisco, Akamai, the Electronic Frontier Foundation, IdenTrust and researchers at the University of Michigan are working through the Internet Security Research Group to create a new certificate authority to offer these digital certificates for free to anybody who owns a web domain. The “Let’s Encrypt” group will launch this service next summer.

    Currently, the EFF writes today, “HTTPS (and other uses of TLS/SSL) is dependent on a horrifyingly complex and often structurally dysfunctional bureaucracy for authentication.”

    The Let’s Encrypt project aims to make getting certificates not just free, but also as easy as possible.

    We actually have a certificate for this site. However it was something that I didn’t transfer across when I did the server shuffle on Dec 17th.

    I’m considering changing the site to be https only because that is a whole lot easier than having it part http and part https. I just have to test the loadings first.

    • Murray Rawshark 1.1

      At least some Swiss financial institutions have been using quantum encryption for years now. I think it’s probably still very expensive, but it is safe.

  2. aerobubble 2

    Since the state collects all information, its impertive that we use encryption, but this makes the ability of the state to protect nullified. Rather needs a compromise. That we all use different degrees of encryption intensity, since they only really need the meta data. So if we all use softer, deencryptable in a reasonable time, then terrorists would select the heavy encryption and so stick out…
    …oh… …that wont work because terrorists would ue one time pads.

    No, even meta data collection is too authoritarian, since itx like the poll tax on steroids, they know where you are, who you know, etc, and so can tax you immediately, change traffic lights, delay you train, push a document into the hands of a job interviwer.

    No the problem is the secrecy, if we knew who was watching us, and we had recipical access then it would be easier. i.e hire spies that are willing to be watch by thegeneral pubic 23/7 and let them access our meta data in private, thus you have the trust.

    • Murray Rawshark 2.1

      If you don’t use the best encryption you can get, you run the risk of having your bank account emptied, among other things. There are other ways to catch criminals besides the Stasi approach. Law enforcement is often just bloody lazy.

  3. BassGuy 3

    I was talking about this with friends at work today, and the question came up “What can we do?”

    I’m of the opinion that technical solutions are only short term solutions, encrypted email, SMS, https, and so forth, until the law is changed to stop us using encryption.

    Simply writing to our MPs and various representatives won’t help much, either, if I am to judge by borderline hysteria that was “the Internet is Skynet.” We need something more effective. But what?

    The parties in favour of banning encryption already have the ear of the Prime Minister and our elected representatives, and they’ll put forward the usual “Won’t somebody think of the children?” arguments. “We won’t find the terrorists if they have encryption! We won’t get convictions if bad guys encrypt their hard drives and phones!”

    As far as I’m concerned, that’s just too bad. Security services need to do their jobs, not rely on making the rest of us weaker so they only need to grep a chat log while sitting in an air conditioned office.

    Is there anything that can we do to keep ourselves from falling into this lazy spy’s totalitarian trap?

  4. tracey 4

    Cameron gets more criticised than Key… Yet they say the same things.

    • adam 4.1

      I’m glad you said that Tracey – I thought I was going a bit nuts thinking the same thing.

The server will be getting hardware changes this evening starting at 10pm NZDT.
The site will be off line for some hours.