Schneier on Security
A blog covering security and security technology.
« Advances in Attacking ATMs |
| Friday Squid Blogging: Possible Squid Eyeball Found in Florida »
November 30, 2012
IT for Oppression
I've been thinking a lot about how information technology, and the Internet in particular, is becoming a tool for oppressive governments. As Evgeny Morozov describes in his great book The Net Delusion: The Dark Side of Internet Freedom, repressive regimes all over the world are using the Internet to more efficiently implement surveillance, censorship, and propaganda. And they're getting really good at it.
For a lot of us who imagined that the Internet would spark an inevitable wave of Internet freedom, this has come as a bit of a surprise. But it turns out that information technology is not just a tool for freedom-fighting rebels under oppressive governments, it's also a tool for those oppressive governments. Basically, IT magnifies power; the more power you have, the more it can be magnified in IT.
I think we got this wrong -- anyone remember John Perry Barlow's 1996 manifesto? -- because, like most technologies, IT technologies are first used by the more agile individuals and groups outside the formal power structures. In the same way criminals can make use of a technological innovation faster than the police can, dissidents in countries all over the world were able to make use of Internet technologies faster than governments could. Unfortunately, and inevitably, governments have caught up.
This is the "security gap" I talk about in the closing chapters of Liars and Outliers.
I thought about all these things as I read this article on how the Syrian government hacked into the computers of dissidents:
The cyberwar in Syria began with a feint. On Feb. 8, 2011, just as the Arab Spring was reaching a crescendo, the government in Damascus suddenly reversed a long-standing ban on websites such as Facebook, Twitter, YouTube, and the Arabic version of Wikipedia. It was an odd move for a regime known for heavy-handed censorship; before the uprising, police regularly arrested bloggers and raided Internet cafes. And it came at an odd time. Less than a month earlier demonstrators in Tunisia, organizing themselves using social networking services, forced their president to flee the country after 23 years in office. Protesters in Egypt used the same tools to stage protests that ultimately led to the end of Hosni Mubarak's 30-year rule. The outgoing regimes in both countries deployed riot police and thugs and tried desperately to block the websites and accounts affiliated with the revolutionaries. For a time, Egypt turned off the Internet altogether.
Syria, however, seemed to be taking the opposite tack. Just as protesters were casting about for the means with which to organize and broadcast their messages, the government appeared to be handing them the keys.
The first documented attack in the Syrian cyberwar took place in early May 2011, some two months after the start of the uprising. It was a clumsy one. Users who tried to access Facebook in Syria were presented with a fake security certificate that triggered a warning on most browsers. People who ignored it and logged in would be giving up their user name and password, and with them, their private messages and contacts.
I dislike this being called a "cyberwar," but that's my only complaint with the article.
There are no easy solutions here, especially because technologies that defend against one of those three things -- surveillance, censorship, and propaganda -- often make one of the others easier. But this is an important problem to solve if we want the Internet to be a vehicle of freedom and not control.
EDITED TO ADD (12/13): This is a good 90-minute talk about how governments have tried to block Tor.
Posted on November 30, 2012 at 5:23 AM
• 48 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Bruce, my question would be at what point does the oppressor fail? For example, during WWII it was illegal to have radio equipment? Ham radio could be used for internet, but would be real slow. In fact, it is still, as far as I know illegal to encrypt radio communications.
Eventually, if given enough provocation, the people will react in ways that the governments can not stop. Sheer numbers will overcome the clamp down.
Ham radio, linking IPs, pirate radio?. the options are simply too numerous to stop all of them.
The sad part is people are being killed. The good if there is any is that a learning curve is taking place. For example, new coverage may play people for fools but eventually they overplay their hands and the citizens catch on. They lose their credibility...
Just my thoughts. Ham Radio? dot dot dash. I look forward to reading Clive's view on my thoughts.....
the Internet in particular, is becoming a tool for oppressive governments. … inevitably, governments have caught up.
“They knew everything about me,” he says. “The people I talked to, the plans, the dates, the stories of other people, every movement, every word I said through Skype. They even knew the password of my Skype account.” At one point during the interrogation, Karim was presented with a stack of more than 1,000 pages of printouts, data from his Skype chats and files his torturers had downloaded remotely using a malicious computer program to penetrate his hard drive. “My computer was arrested before me,” he says.
Rather, governments now exploit low hanging fruit like unencrypted comms (Facebook), weakly encrypted comms (Skype), and soft targets (Windows PCs and mobile devices). Who here would trust their lives to anything less than VPNs and Tor run from a LiveCD?
The salient question is why these tools and the instruction and OpSec that go with them aren't being used, or remain so difficult to use.
Prob with radio, satellite and mesh networking is the Syrian army locks on to the signal and mortars it not caring who they kill standing around it like when those French journalists were killed in Homs.
Another major problem is these despotic regimes are simply contacting out to the new worldwide corporate intel network we've allowed to fester. Iranian democracy activists reported being confronted with all their communications during interrogation because nokia-siemens sold the regime the most advanced chokepoint and spy software ever made.
New technology is pretty much always a net loss for freedom once governments and other oppressive forces learn how to use it for their own advantage. Photography was originally just a new art form, but now we have security cameras all over the place, just like the "telescreens" in Orwell's 1984.
The only reason ordinary citizens have ever had freedom is that the government lacked the power to monitor everyone 24 hours a day. Technology has now largely given it this power via security cameras, the ability of ISPs to record network activity, the ability to automatically correlate data between disparate sources (DMV records, IRS records, etc.). And what technology on its own has not given them, they've managed to get us to accept, such as ID checks and baggage scans at airports -- another source of valuable information about our activities.
Like it or not, the progress of technology is a net loss for individual freedom.
Yet another two-edged sword.
If power relations don't change during the period during which the more-agile side has an advantage, technology is well-suited to oppression. Especially in countries where much/most of the tech comes from outside, so that there are relatively few chokepoints.
If you had told me in 1990 that the default for storage of information on personal devices would still be in the clear, I would have been quite sad.
Why do you have the adjective 'oppressive' in the opening sentence? Through the ages one could write things such as (Fire, the wheel, the inclined plane, the automatic rifle, the personal computer, etc, etc) is a tool being used by governments, both oppressive and non-oppressive.
This is a good talk about what is going on with IT oppression according to the Tor Project people:
They can detect where traffic is being routed and filtered through bluecoat proxies and such. Subsequent talks by Applebaum on youtube talk about Syria.
Bruce, my question would be at what point does the oppressor fail?
Sadly the answer these days is they don't anywhere if the chose to devote the human resources (technology only takes you so far), and it started to be the case with certain Western Nations towards the end of the 1980's. As IT costs dropped more and more nations crossed the threashold where this is the case. and I think on the technology front all had "capability" crossed the line shortly after they went "all digital" although most did not actualy start wholesale surveillance untill the "war on terror" came along.
Although the Head of the FBI (Louis Freeh) had been pushing Europe and other places quite hard with his "secret briefings" for strong controls on encryption and vastly increased surveillance long before that in the mid 90's. It is belived he got a real taste for surveillance when as an FBI staffer he did the NY and Washington offices and one case in particular the "Pizza Connection" where he was the lead prosecuter. It was at the time the most complex case of it's kind especialy as it was known that the Maffia for some years had been rather better with electronic surveillance than the "feds" for quite a few years prior to that. As a Clinton appointee he was fairly vociferous on "Clipper" and he was known to be up to his eyeballs in Carnivor so much so that in 2000 Bussines Week publicaly called for his resignation over it.
Perhaps both oddly and surprisingly some nations we consider technologicaly backwards got well ahead of the mass survillance curve in the mid 1950's. The reason being there were so few actual telephones outside of direct state control it was possible to record every conversation held on them. A further side effect was it was actually possible for moderatly good (70WPM) typists to actually type up ALL the conversations into documents within a day and stenograhars doing the same in real time for some cases.
I don't know for certain but I was told over thirty years ago that when Britain did it's little number on the USSR military command telephone cables in Berlin that likewise all conversations were typed up but importantly onto punched paper tape at the same time. Apparently this was originaly so that they could be encrypted quickly to be sent back to the UK over high speed telex lines (as audio was, untill NSA/GCHQ developed the for runners of CELP not realy encryptable in a secure high volume way).
I was further told that some of the earliest computers (that were based on the work of Tommy Flowers during WWII) were used to scan the tapes to look quickly for various words. These were then cross refrenced as well as (word) frequency analysed to help the Intel bods find various conversations and trends.
In essence this was one of the for runners of ECHELON.
Obviously as the number of phone lines in use increased beyond a certain point they were not just used by businesses, but private individuals as well as the effective cost came down, this started what became an almost exponential rise in "social" calls and recording and typing them up was nolonger possible.
As that "social call" state had been reached in the US and other Western nations prior to the technology improving sufficiently Western nations where in effect behind the possible surveillance curve whilst various other Eastern European and Communist block countries never reached the point where the populous ever got in front (One such is North Korea and supposadly all of the areas anexed by China post second world war).
It is why it's fairly pointless trying to hide information with the likes of TOR as has been pointed out some time ago it is quite amenable to traffic analysis partly due to it's low latency, partly due to the fact that it does not use "link stuffing" and quite a lot to the fact that the Internet does not follow geo-political bounderies and has a number of "choke points" where most traffic can be seen. Have a look at for instance Australia it is a natural choke point for much traffic and it is probably why it has received quite a bit of Chinese APT / Similar from Russia and quite a bit of "technical help" from various TLA's in the US and UK.
I don't like it. Why should I allow technology to take my freedom?
IT isn't used just by governments for oppression. At my last job as a security analyst, my mission changed from guarding the network to monitoring the corporate network for misuse of IT assets by employees and employee compliance with HR policies and guidelines. The reality was that if one was an executive, the rules generally did not apply unless you committed fraud or some other crime, while a normal employee could be terminated or reprimanded for trivial IT misuse. It quickly became apparent that we were in place to keep normal employees in line. When my colleagues caught executives committing nonfinancial federal felonies, said executives were allowed to resign quietly and the crimes were covered up. That was the rumor and we never saw anything in the papers about any company executive going to jail or entering a plea bargain, so the rumor was likely true.
I forgot to mention whilst "encryption" is not alowed for Amateur Radio you are alowed under the "experimenters" part of the licence to try new methods of "coding" and this also includes things like data compression. You are supposed to register your methods with the FCC however that's mainly the "modulation" methods not "data compression".
Now as some people are aware various types of compreasion end up compressing not just the data length but the letter frequency distrubution and with what is equivilent to "code book compression" or "pre-seeded compression" you can make quite an effective basic "cipher system". One or two other minor changes would quite easily tip it over into what would be regarded as "encryption", say if you decided to add "whitening" for spectrum energy (in band) managment that was not one of the usual short LSFR's...
as far as I know illegal to encrypt radio communications
--Correct, however now you can encrypt signals to you satellite (which we all have, right?) I was disappointed when I found that out, but the point is for everyone to know what you're saying, openness, learning about radio. The community is self-enforcing, be civil. You know in WWI they almost completely abolished amateur radio?--Scary. The radio ban would be enforced with triangulating vehicles (they don't really do it anymore); and consider the "Russian Woodpecker", what a nightmare to be a ham near that when it operated; and it interfered other comms as well. And of course the true nightmare where @xenon mentioned mortaring the triangulation.
According to Al Jazeera none of the activists or the FSA has used state internet since the revolution began. They send sdcards full of videos to couriers who drive to the FSA controlled border areas and upload them with wireless through those countries.
For comminucations they yell outside their windows and it gets passed around the city like a scene from WWII. They also have been bribing Syrian army depots to give them encrypted army radios or talking on clear radios but using subtle code so they appear to be Syrian army. In fact almost all of their eq is stolen or bought from the army.
A guy in Lebanon has been handing out an Arabic live cd like Tails/Amnesic except it allows adhoc wireless, and if they see agents or army approaching they can pop the CD or usb and hide it. This hasn't always worked as sometimes the army simply mortars any and all wireless signals even in Damascas suburbs. Or they have been reported by al jazeera to kidnap entire apartment bldgs full of people to interrogate them on who put the mesh router on the roof. None of those people were seen again.
Extreme challenging comsec so nobody trusts cells or wireless anymore
In the recent case of the Russian spies caught in New York.
It used to be that it was much easier for eastern block spies to operate in the west than for western spies to operate in the east - because the "apparatus of state security" was much better at spying on people there.
Now it seems that monitoring (at least online) of people in the west is more effective than the KGB were at trailing CIA agents around Moscow.
@clive. Excellent points as always. I really am kind of humming/thinking out loud. I hope that we don't see the creeping (pun intended) where modern societies crack down, track, etc. ordinary citizens. But our benevolent overlords (borrowing from a recent article) are not protecting us and may actually be harming freedom. By definition when people of afraid to speak or act in normal ways it curtails free speech.
I think I have an answer? @jacob Bruce, my question would be at what point does the oppressor fail? when they are caught on camera using dogs and water cannons. Civil rights movement. In Syria, it may be when people see the violence or when enough people simply refuse to cower.
@clive, @figureitout. I am not advocating using radio in such a manner. Simply thinking of ways that the citizens can still communicate without government stopping them. bombing by triangulation is a scary thought. mem cards hand carried by cell phone recording maybe. It must be really bad in syria from what I am hearing... :(
@figureitout. I seem to remember some 4"? little mini satellites launched recently. Love to see the chinese try to hit a 4" target in space....Joking. but neat concept. everyone could have their own little comm sat....How many bottle rockets to reach low earth orbit??? :)
As usual, tools are neutral, it's what you do with them that counts. A screwdriver can be used for stabbing. If you ban them, 50 people can't build their pergola. The trick is to set up the incentives to do more good than ill.
Great column, Bruce. After reading it, I expected your usual byline stating it was written for the New York Times or Wall Street Journal or some other well-known and respected major media outlet. Perhaps this could be adapted into such an essay, if any major media outlets are interested ...
Good point. A tool is just a tool; it takes on life when you put it into the hands of a human. Up until that point, it is neither good nor bad.
The same is true with money: it's a tool; no more, no less. I like how Bruce described it: these tools magnify power. If you're a jerk, you'll be a colossal jerk; if you're a saint, you'll do a lot of good in the world.
I wish the gun-control fanatics could learn that lesson ... it would inject a lot more reason into that debate.
Who here would trust their lives to anything less than VPNs and Tor run from a LiveCD?
... your average, common person who has no clue about deep computer-security topics, and has easy, convenient access to the insecure tools (hmm - there might be a lesson there in itself). Walk up to a Jordanian on the street, and will they even know what "Tor" means? VPN's just a little more likely. They will know Facebook, probably intimately.
The salient question is why these tools and the instruction and OpSec that go with [the more-secure tools] aren't being used, or remain so difficult to use.
The radio ban would be enforced with triangulating vehicles (they don't really do it anymore)
Well they do and they don't, the two basic ways of DFing (Direction Finding originaly called Huff Duff during WWII from HF-DF of ships and submarines) are to have two or three RX stations take bearings which are drawn on a map to make the "cocked hat", which gives the aproximate location of the transmitter and effectivly a head start on the second methos. Which is a lot slower and involves driving down a spiral with a single vehical or person on foot you basicaly drive at a tangent to the direction reading you get and swing the null backwards and forwards. You always try and maintain the tangent to one side of the direction or the other and this gives you the spiral course.
These days Doplar DF (Datong made a kit) can be good to a couple of degrees not the ten to twenty of the cardoid loop antenna nulls so you can almost drive straight down the bearing. Military DF systems work in various ways one of which is to set up a base line between two or more receivers that measure the phase of the incoming signal from the transmitter and compare them to each other this gives not just a direction but a range as well which can be enough to localise the transmitter to a small fraction of the distance from the nearest RX unit. With modern wideband IQ receivers and fast DSP back ends all transmitters in an area can be localised within a few milliseconds of coming on air and several hundred signals can be tracked and mapped.
With GPS systems and 100lb 150mm Howitzer shells with built in GPS and guidence smarts you can drop ten or twenty air burst shells onto the target area almost simultaneously within a few seconds from over 10Km away or just fly a missile down the beam if you happen to be a Chechen leader using a satellite phone.
Or atleast that's what they would have you believe from the arms dealers brochures. The reality is that those results are "idealized" not real muck and bullets warfare.
But sufficient for modern forces to use various Low Probability of Intercept (LPI) technologies with narow beam signals to satellite or very high altitude aircraft (some people have developed IR Laser systems to do the same) with very minimal TX time...
All in all a long way from an amateur radio "fox hunt".
@clive @brandon @howard Great writing on your part. Sometimes I feel like a child asking for water fountain and getting the fire hose. The more you know and learn the more you realize just how little you know and how clueless he average citizen is on these things. Scary and people are being killed because they try to speak up without the proper tools/understanding. Or is it that they shouldn't even try to speak up? Jeez cynical thoughts on my part. Really what is lesson to draw?
I firmly believe that "those who fail to learn history are doomed to repeat it AND those who fail to learn history correctly are simply doomed"
Can nimble citizens stay ahead of oppressive governments or are they doomed?
Once again, thoughtful, intelligent material Bruce.
The technology is already available to circumvent these oppressive measures. But how many will use it?
Most of the failings described here result from people placing their trust in companies instead of using encryption and subterfuge.
I suspect the trend in Syria (and China) is the same throughout the developed world - increasing surveillance, decreasing education, increasing oppression coupled with an increasing divide between those that have and those that want.
Things to watch for are attacks on liberty at a hardware level, and network diversity (Australian NBN anyone?). Either of those measures will defeat existing dark nets - unless people create bulletin boards and satellite communications. Not personal satellites - but burst transmissions aimed asteroid trails. I suspect the mechanics behind liberty surviving oppression have not changed much since the WW1. In the end it comes down to how much you can trust other people (including me).
In the meantime "there's gold in that there data" - and we all want to get rich right? (right Jodee?). Some people piss up ropes, others piss upstream. (sigh).
Small criticism about the article:
"In July, Lesueur took the program down altogether. The weapon (...) had been disarmed."
Surely the Syrian gov still have a copy.
... those that have and those that want.
An interesting turn of phrase, they are not opposites so instead of a linear scale you have a nice plain with "Have - Have not" in one direction and "Want - Want not" in the orthogonal direction.
Thus you would find the top 400US citizens that are the taxation fortunate "ultra rich" who's annual "unearned (and mainly UNtaxed) income" exceeds the "earned (and mainly fully taxed) income" of those that earn bellow the US national average wage fall in the quadrant of "Have & Want" (good be called unrivaled greed)...
hope we don't see..modern societies crack down ordinary citizens
--Uh, yeah we're there; old as history and never ends.
thinking of ways..citizens can comm..
--Good, me too; it's what humans do, we talk (just becoming more digital). Was thinking about inside jokes & figures of speech but it's basically a OTP. Want a method where you don't have to say something but people know what you mean, it'll be fraught w/ errors & miscomms.
4" little mini satellites launched
--Cool, going to look into that. Just watch all the "junk" there take it out though and costs a lot prob.
Or is it that they shouldn't even try to speak up?
--If you already have on the internet, you might as well continue. Physical sec. of your tech. will become an issue. If not, I would advise not to or take extreme precautions; you'll be getting a lot more attention than you care for. And when you spot your first "stalker", that's when the "fun" begins.
All in all a long way from an amateur radio "fox hunt".
--Sounds more like a slaughterhouse.
--Pretty cool, did something similar to that as a kid. Fraught w/ difficulties as mentioned on wiki, you'd probably need set signaling areas and of course sunlight; and of course someone willing to talk like that! :)
@ Bruce Schneier
There were science fiction writers that predicted oppressive use of technology. One could also say that Orwell's 1984 hit on some basic surveillance state tech.
1. Everyone had a TV-like device for propaganda and content control (DRM) was near complete.
2. Each device had a camera that govt would use to randomly watch citizens & comms system to give instruction. (Pervasive surveillance, devices used against you, etc.)
Robert Ludlum's books tried to incorporate technology into their evil plans a few times. One involved using tons of cheap cameras, networking, neural nets & govt to get total awareness of most civilian activities. A nearby city is currently implementing a pervasive monitoring system that can track vehicles/people using image recognition techniques & feed data to police HQ (or cars?).
You could say what people saw coming in the late 90's depended on whether they're hopeful optimists or pessimists. I've always been pessimistic about how power-seeking governments will employ technology. That worldview's accuracy stayed high over the years. Expect more of the same.
And where did the Syrian government buy all the hardware/software needed for this plan?
Works with lamp source...like Aldis lamp/shutter... common in navies
In Edwin Black's book, "IBM and the Holocaust: The Strategic Alliance Between Nazi Germany and America's Most Powerful Corporation", the argument is made (and documented) that IT effectively made Nazi domination of the European Jews possible, efficient and effective.
This seems to be the trouble in attempting to separate humankind's achievements from any given moral/ethical compass(es). Technology leverages capability, whether for a sneaker manufacturer or a first/second/third world tyrant(s). As long as data tech doesn't possess its own 'sense of right and wrong', it will always be in demand in the darkest corners of the sociopolitical spectrum.
Or so I say.
... the argument is made (and documented) that IT effectively made Nazi domination of the European Jews possible, efficient and effective.
The problem is it is a biased viewpoint in that the author was looking to prove a specific connection and ignored a much larger and more generalised issue.
As we've noted all mankinds basic tools are agnostic to their use, it's exemplified by "beat swords into plough shears" and why many oriental fighting skills involve training around what are in effect oriental "agricultural tools" that were like the rice flail that were common even well into the 20th Century.
In actual fact it was not just the Computing Tabulating Recording (CTR) company (that later became IBM) who directly or indirectly supplied what you might call IT equipment to Nazi Germany even UK companies like the British Tabulating Machine Company (BTM) bid on or were supplying equipment to the German Government in the early 1930's.
Further part of the problem we have today with Nazi Germany is the implicit asssumption that it "was only the Nazi's" that were persecuting racial minorities in Europe prior to WWII.
They were not, many European nations including Britain had significant sympathy for or some form of active eugenics program based on the idea that crime or other social ills originated from certain racial minorities.
Those with these beliefs also had collected and tabulated statistics "to prove" this. These statistics were usually tabulated by exactly the same sort of IT equipment (card tabulators).
The problem was all the statistics showed was the racial prejudices of those filling out the basic data and those asking the questions...
We hide it away with other statistical problems with the nice and unthreatening name of "perceptial bias".
However it is endemic in societies, that is if you have a racial minority that is fairly easy to distinguish then as a police officer or other person with some kind of authority be it institutional or perssonal you can discriminate against them. For instance by not giving work out or not letting them rent housing except in certain areas. It creates social tension that activly encorages crime on both sides of the racial divide against each other. As is often observed a "rat trapped in a corner fights" for it's survival, likewise bears in "bearpit" baiting. If you treat peoople like animals then you should expect them to behave in similar ways for their survival.
When you analys most racial tension underneath it all is the "not one of us" tribal behaviour which is also the same behaviour that enables a society to exist.
I can see in London today racial tensions moving from one group to another and it is nearly all pased on "protecting one's own". Most people in the Uk thought it funny when discussions started about expanding Europe eastwards that Polish imigrant's who had come to the UK to work were very anti-expansion. They did not realise it was the "protection of my turff" attitude that has for centuries caused racial discrimination and tension and the resulting social problems of crime and disease. The UK is perhaps the largest "mongrel nation" in Europe and is as far as I am aware per head of population the nation with the largest immigrant population (defined on Grandparent birth location status).
It is thus "to easy" as in the case of the book's author to "focus in" on a preconceived bias and find evidence to support it.
And it's dangerous because it alows us to hide history, and thus condemns us to repeate it. Germany had a specific set of social ills after WWI, this caused significant shortages of jobs food etc and made stereotyping easy for those with political ambitions and a little charisma in one form or another (back then it was oratory that was the key for Hitler and Oswald Mosely and many many others).
Rich jews were easy targets just as "Bankers" are today, those with financial status above the norm are easy to spot. However we common folk rarely get to see the Ultra-rich who are mainly the cause of many social ills, they are very few in number and tend to keep out of the limelight. The game they play which is buying power via politicians is an old one as is creating a social divide and giving one side a focuss on the other side to hate. And inturn they make sure that those people have a focus back they other way. While people are being follishly tribal, they fail to realise they are just being stage managed for the benifit of the Ultra-rich.
Technology will always be a tool for those with political ambition and those with ambition need money to purchase the technology, few people care or ask where the money comes from or where it goes...
@ Clive Robinson re IBM & Nazis
Maybe. That I recall, the belief that IBM helped the Nazi's relied on these claims:
1. There were very few computers around, so IBM's people knew who they were working with.
2. IBM had exclusive rights to the punch cards used. They printed the stuff on them. Makes it harder to pretend you didn't know who was using them or for why.
3. Researchers uncovered the contract for the computers. It was between the Nazi's and IBM's office in America, not Germany. This made it hard to believe it was a rogue subsidiary.
4. The picture of Watson and Hitler together doesn't help.
It's been a long time since I did research on the subject. I do remember those points sticking out. If they are accurate, it's hard to believe IBM was as ignorant about things as they pretended to be.
That said, IBM wasn't the only company profiteering on the war. My recollection was that GM & Ford sold Germans vehicles, Coca-Cola may have branded them the Fanta drink, ITT made the fuses for German artillery that killed Americans, and so on. The IBM Nazi thing is more a story about profits trumping ethics than it is an IT oppression story: computers were a convenience more than necessity.
Nassim Nicholas Taleb argues in his new book "Antifragile" that top-down centralized systems are inherently more fragile than decentralized bottom-up systems. The internet is a decentralized system for exchanging information. The missing link is a decentralized system for exchanging value (money).
Why is this important? Because without a decentralized system for exchanging money, decentralized systems for exchanging information cannot be funded in a decentralized way, so they become more centralized over time (a few large backbone providers, ISPs, etc.) and are therefore sitting ducks for government and corporate control. The decentralized systems that were invented (such as i2p and cjdns) could not be profitably funded, depended on volunteers, and thus suffered a tragedy of the commons.
But now Bitcoin is changing all of that. While Bitcoin is still in its infancy, the ecosystem growing up around Bitcoin will enable profitable censorship-resistant mesh networks via distributed automated micro-transactions. And many more new types of infrastructure, products, and services that operate in a completely decentralized, p2p way that makes it extremely difficult for any person or entity to control them.
And the final piece of the new decentralized paradigm is also falling into place now: decentralized production via 3D printing.
Put together, decentralized information exchange, value exchange, and production will completely change the social and political landscape and spell the end for large centralized systems. As John Robb says, the future is small, networked, resilient communities (and Taleb makes a similar case). They will be part of large trading networks, but these will be governed bottom-up on the subsidiarity principle.
Bottom line: The internet is young and the decentralization revolution has barely begun. The growing government and corporate abuse of information technologies to limit freedom is merely a temporary step back on a "two steps forward, one step back" trajectory. The next great step forward is taking shape as we speak...
There's a limit.
We went through this with radio and television too. And the printing press. The pattern is the same every time:
* A communication technology is invented
* Early adopters proclaim it as a creator of utopia
* Oppressive governments learn to use it for control
* Everyone notices
* The state-run medium is reviled and ignored by the public.
People aren't stupid: when state-run television began to push propaganda in Eastern Bloc countries, it was shunned and mocked, it became a joke. Governments can ruin the Internet and make it a pointless laughingstock, but there's a limit to how much they can use it against us. If it gets too oppressive, we'll find a new way to speak.
@ Nick P,
I do remember those points sticking out If they are accurate, it's hard to believe IBM was as ignorant about things as they pretended to be.
As far as I'm aware they are true, but the point I was making is Hitler and the Nazi's were the major source of large contracts in Europe in the early to mid 1930's and everybody wanted a slice of the cake and Hittler was glad handing whoever was chosen for whatever reason.
But certainly in Europe many people were aware of what was going on with gypsies, jews, blacks and all sorts of other racial minorities, and they regarded it not with revulsion but either with a lack of interest or favourably, either because iit was not happening to them or they saw it as a way of improving life for themselves.
In one Norther European country for instance it was the policy to pick up gypsies for any possible minor offence, they would then be given extreamly harsh sentences by the courts. They would a little while into their sentence be offered in return for being sterilized a short "good behaviour" release, if they refused they would be treated more harshly. This Northern nation was not Germany nor did it have much in the way of Nazi interest.
Both Fascist and Communist parties were politicaly getting stronger because WWI and the following economic problems and social disarray and increasing crime had shown people that the established governments were not working. There was the seductive idea of planing society, that those who knew best (by their own opinion) would structure ssociety and some form of utopia would follow as night follows day.
The equivalent of todays "chattering classes" and "ladies who lunch" with their pretensions were divided those who belonged to the plutocracy tended to favour fascism while those of the artistic sets tended to favour communism. Likewise the working classes were attracted to Fascism and Communism and much violence ensued. The middle classes however still tended to favour the Establishment. And the establishment did themselves no favours, they tended to allow the violence to happen and then crack down on it in significantly politicaly biased ways whilst the plutocracy and in many countries the Monarchy were dining at the fascist tables. Germany was seen as strong because industry was working and the populous was being fed and clothed and housed. But it was all payed for by sleight of hand and theft. But this was not apparent and it was fashionable to be seen with the German elite and military classes, because that was where the money was. In contrast America was still suffereing from the depression and the rest of Europe with the effects of WWI and the depression.
So I would be very surprised if there were not photos of Watson with the German elite, or that he was pushing hard to get contracts from Germany. You could argue that if he had not he would have been behaving irresponsibly to the share holders.
The problem these days is not that the companies and people did this but that they try to "air brush it out" of history. It leaves "prize target" companies vulnerable to journalists, writers and those who seek financial recompense and it gives the rest of us a false sense of history which endangers our future, because it makes it difficult to learn the leasons that we need to learn.
One tthing we havee to do when looking at the past is to not see through the eyes of today but the eyes of the time. Back then Hitler and the Nazi's were not seen as monsters or evil but progressive and strong leaders draging the world out of it's troubles caused by what was at the end of the day seen by many as racial conflict from Eastern Europe and Russia.
As with the sleight of hand of the German state finances by the Nazi party, the evil was likewise hidden, but even if it was more visable at the time it would not have been seen by many as evil, just an unpleasent but necessary solution to a scourge that was blighting Europe, that like a canncer had to be surgically removed.
Much of the horror that was going on was reported at the time by those that had escaped it, but it was simply not believed. It was not untill ater D-Day as allied troops reached the camps that the true horros started to come out, but it was still not believed for some time. And as we now know some of those liberaters of the camps went back home eastwards to yet bigger and worse camps under Stalin.
Not understanding this can only cause us problems today as we see the same sort of problems arising that acted as drivers in the 1920's
And that is the problem with the book on IBM it makes what they did appear exceptional rather than the norm and the message is a "few bad apples" not as it was "a whole rotten crop".
I don't know if you've seen this yet or not,
But it's an opinion piece from a recently convicted hacker/troll about zero day attacks and what discoveres of them should do with them.
Put simply he is of the mind that they should keep them to themselves otherwise they will end up being sold to opressive regimes through people reverse engineering vendor patches and then developing exploits. Apparently research has shown that 100% of analysed malware used by criminals used "whitehat exploits"...
@ Clive Robinson re IBM & Nazis
The argument has been made on more than one occasion that society cannot effectively judge or act upon individual grievances, without taking into consideration all possible viewpoints and contexts. That argument commonly suggests a discriminatory perspective in search of an evidentiary platform from which to promote itself.
And if the matter of using technology to leverage socially irresponsible regimes were a matter of pure science, that argument would hold considerably more water.
But using technology to leverage a heinously oppressive regime is itself, and identifiable and reprehensible act; a tree bearing poison fruit that cannot be effectively hidden amongst the very many other trees in the forest.
Such misuse of technology seems alway subordinate to some vile agenda: killing off the European Jews being the context here.
And so why would it be anything but appropriate to have an opposing agenda at the root of any effort to illuminate such otherwise dark chapters in the human condition?
That the Nazis left behind such a prolific collection of literal and figurative dead men's bones, seem to suggest the necessity to eschew a panoramic view of the forest, in order that one might root out the one, diseased specimen for closer observation.
That the world stood largely by at that time, taking in the forest at large, pretending not to hear the screams of its constituent subgroup for fear of what it might find if it zoomed in, seems to have been the less logical and responsible choice.
Or so I say.
@triangulating and shelling amateur radio:
That can't possibly be a good idea. It just takes a few rogue dissenters (or criminals with completely unrelated motives) to realize that his allows them to essentially build bombs without explosives (or even getting their hands dirty). Even in a civil-war situation like in Syria, a government's days are counted when it starts killing its own people indiscriminately and on a large enough scale to notice (which can, in this case, be easily helped).
Someone thinking like Mao (or anyone else who knows his Sun Tzu and isn't picky with his means) could certainly put such a practice to good use.
@Tor, VPN and Encryption in general:
Most of this stuff just provides plausible deniability. Which is quite nice if your government cares about principles like "innocent until proven guilty", but won't do jack when they randomly arrest and torture people just because they look odd. Its use is greatly diminished even for small violations of a fair process (which can also be observed in western "democracies", like the UK law to force you to surrender encryption keys to anything that looks like encrypted data, whether it actually is or not).
The only thing that might work in such a situation is stego, and that has to be used cleverly and creatively, or it will draw suspicion.
@johan. You are far more optimistic than I am at the moment, well actually my whole adult life. Teasing. You must be pretty young to be that fired up for change.
@clive et al IBM and Nazis
I'm sure you and agree that tech is agnostic (jab from earlier). It's the use not the equipment. IBM can be traced to helping Nazis, so? (talking to others here) Thiessen built the ovens and is in a lot of cities. BMW made...well the point is made.
I am a little ticked that EU/American companies sold DPI to the Syrians and Chinese, well what the Chinese didn't steal. They should have known what was going to be done. Instead, they wanted the sale. This is different than companies selling stuff to businesses and then a dictator arises in Germany.
I do find it interesting that the Germans came out against the latest UN declaration about DPI.
DPI can be used to help or hurt. Protect from attacks, malware, etc. or to call in mortors as was discussed earlier.
So we circle back. Stop them, bypass them, substitute internet communication?
OT. Always thought it interesting that Jim Jones talked about camps that the government was going to send everybody to and then kill them. Now discussions in right wing (far right) corners about FEMA camps. Really? I am more in fear that they would van fat people. Michele, don't you know? After all they are raising everybodys health care cost. Hmm. when did vanning. oh, well maybe the Germans will protest it. Irony there.
I say again, those who fail to learn history are doomed to repeat it, those who fail to learn history correctly are simply doomed.
Learn history and you can glean the future...why orwell was so good.
A quick web search reveals the text:
Bukharin referred to Stalin as "Genghis Khan with a telephone".
I recall being told that the USSR telephone system (as of 1955 or so), was basically star-shaped, with all LD going through Moscow. I don't know if this is true, but such an architecture would facilitate eavesdropping and denial of long-distance service.
Technologies facilitate types of activities---not ethics or morality.
> Prob with radio, satellite and mesh
> networking is the Syrian army locks
> on to the signal and mortars it
That's a big problem for broadcast-style radio transmitters located within the country. (Information can be got _into_ the country by transmitting from across the border, of course. Radio receivers are much harder to track down than transmitters. But people located behind enemy lines are well advised not to broadcast.)
However, satellite-based communications should be fine, provided the ground station uses a directional antenna to narrow-cast outgoing transmissions to the satellite and provided the attacker doesn't control the satellite(s) you're using. I suppose you'd want to watch for enemy planes flying overhead and avoid transmitting when they're directly between you and the satellite, but that shouldn't be very difficult.
However, satellite-based communications should be fine, provided the ground station uses a directional antenna to narrow-cast outgoing transmissions to the satellite...
It's actually a little bit more difficult tthan that.
Firstly nearly all antenna's have "side lobes" and where they and the main lobe (or bore sight lobe) point is not just dependent on the antenna but any other structures around it, depending on their conductivity and dialectric values (yes you can make a directional microwave antenna out of just bits of plastic with specific dialectric properties).
There is also the issue of the antenna's beam being reflected off of the ground and sky, causing phase changes that cause other problems.
Even full metal parabolic antenna's have issues with being under / over / fully illuminated. Basicaly the edge of the dish acts somewhat like a knife edge and causes refraction etc. Further the mount for either the radiating horn or secondary reflector will cause some of the signal to go "whizzing off" in strange directions as will signal on the outside of the feeder (coax and even wave guide leaks). that might also couple into other cables and structures.
One way to reduce these effects are to broadcast from a "hole" either in the ground or between buildings or use a distant object such as a tall building as the equivalent of a mirror (look at early troposcater systems to see what can be done by an inventive mind).
There is a problem with aircraft though, in that they are considerably closer in height (under 5Km) than the satellite (usually over 100Km) and the level of signal is usually inversly proportional to the square of the distance. Meaning in this case an aircraft has a 400 to 1 or 26db better chance of detecting the edges of the beam which may well be 20 or 30 degrees wide at the -3db point (or getting on for 120degrees at -26db). Thus an aircraft that is neither visable or audible to you at the TX antenna may well be getting the whole signal.
The US Military has EW surveillance aircraft that fly at 4-6 miles up (21000ft/6500m to 32000ft/9750m) that can usually detect and pinpoint all active earth to satellite uplinks in a country without actually going inside of it's airspace...
Whilst most countries don't have such a sophisticated systems with phased array antennas etc, the appropriate wide band test kit and low noise amps and broad band horn antennas etc can quite cheaply be purchased and fitted into an old 1980's 747-200 cargo/freight aircraft (between 2M-4.5M USD second hand), that has been appropriatly modified to take it and even had an appropriate radar absorbing coating etc added to it all for around the "Dictator Pocket Change" cost of 5million USD (a new set of low noise ducted turbo fan engines would add quite a bit more ;)
What about IT used for oppression in the work environement or elsewhere ?
In fact, any tool could be used for good or evil...
And then their is the moral compass, which countries are evil, which are good, which are neither...
... political oriented posts are good but it always lack honesty.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.