2012-12-30

29C3 - 29th Chaos Communications Congress

Once-the[rockets/are-up..who/cares-where.they/come-down.That's N.O-T/MY-D/E.PA/R.T-ME-N/T
(see the song)

References

 

Day -1

  • Following Google maps, lost on the way the the apartment, really lost, and carrying a really heavy bag with unexpectedly heavy Xmas gifts... Finally had to give up and ask directions, go back take an S-bahn then a U-bahn, then a short walk to a pretty nice little place!
  • Realizing that I had no toiletries, I went out in search of shops, only to find a dark confusing world, with nearly everything closed.  Luckily after an extensive search, I found a small supermarket nearly across the street from my apartment and stocked up on toothbrushes and shaving cream.
  • That little adventure left me freezing cold, and still sick with a cold, I found myself more and more comfortable and  ready to have some pasta and call it a day....
  • ...But no! With slightly warmer clothes, I ventured back out into the incomprehensible wilderness where one small street contained all my hopes for nourishment! And I was not disappointed, I located a cheap pizza joint with a crowd of drug dealers out front, and I went for it. No death spiral situation for me. A few minutes later I was sipping a Beck's and chewing crust with my back to the radiator, which was turned off, alas.
  • How surprising to hear English at the next table, and to see a guy with a Noisebridge T-shirt. Of course, 2 months ago I wouldn't have known that Noisebridge is the San Francisco Hackerspace founded by Mitch Altman. So after listening a bit to see if they were ok, I went over and invited myself into their conversation.
  • They were pretty fun and interesting, Praveen, Gavin, a guy from SF, and "Tulip" (names to be filled in later when I can remember or learn them). Each had a lot to say and we talked about many subjects of interest : why hacking was mainly white middle class male, how to change that to more balanced, and lots of other stuff that I since forgot...  Didn't get home until 2am.

 

Day +1 : It's all politics

  • First, arrival at the center only to find a queue of over an hour, outside in the cold wind and rain... Lots of nerds, but I saw that self-organisation is not at the top of their list of priorities. I could imagine at least 3 strategies that would have made that process a lot better, but I just chatted in the line to a German kindergarten teacher who had made a long trip and was hoping for great things....
Jacob Appelbaum
  • The video of his great talk.
  • So, with the long wait to get in, I missed 1/2 the keynote speech by a Wikileaks guy (and co-founder of Noisebridge with Mitch Altman)  named Jake Appelbaum. he talked about what happens to whistle-blowers, himself and others, and how freedom on the net is.  He is a big player in the Tor project which provides tools to allow you to access Internet untracked, as an anonymous client.  The presentation was moving, but scarey. He's been "detained" (arrested?) in various countries for his activities which prevent their secret police from gathering data on citizens.
Bits of Freedom - ccc link - video
  • Next up was "Bits of Freedom" and 2 guys who gave a very convincing, almost inspiring talk about the importance of  net neutrality etc and how they have gotten decent laws passed in NL to protect the net. And that protesting is not good enough, you have to propose sustainable solutions, to help the deciders make the right decisions... It was certainly a demonstration of positive actions in favour of ensuring "Freedom of the Net".
  • Then in some breaks I spoke to the Quadrature du Net and heard about this talk, which seems like it may be worth watching. That's all about the GPL (I guess the speaker Moglen, wrote it?). In the meantime, I did watch the talk. It passes as "mild" compared to what I have heard here at CCC.
EU Data Protection Reform  - ccc link - video
  • Finally after sleeping through a really boring talk, came the EU data protection reform presented by Jan Albrecht (MP) and supported by the EDRI and Panoptykon. This was all about the upcoming regulation on data protection and how the big data players are heavily lobbying to reduce/eliminate all those nasty "civil liberties" that prevent them from doing whatever they want to your info.  The stakes are very high, and it looks like the lobbyist are incredibly strong, the MP's weak & ignorant, and that there is a great need for smart Geeks to support the few smart lawmakers... I hope to do some cool stuff with these people back in Brussels.
  • Protect My Data is s site devoted to understanding the EU data protection law
  • It seems that only 10 European MP's understand the data protection issues, and the rest just listen to lobbyists;
  • There is a huge battle for access to personal data which is said to be worth HUGE MONEY  to the businesses that want to exploit it.
A Most Distributing Talk on the consequences of Whistleblowing in the US by
Thomas Drake & William Binney formerly of the NSA, and their lawyer Jesselyn Radack
  • ccc link
  • video
  • Now, at 20:30, I am about to sit down to listen to some "US whistleblowers" tell their tale of being hunted, their families, their friends etc.  This is a sort of extension to the keynote this morning, but more focussed on how the US goes after those who make too many waves in the "fabric of society"... more soon...
  • This late, long presentation was most disturbing to me. It was 3 stories of how 3 govt employees' integrity lead them to inform on the activities that their government agencies had performed in violation of US law and how that government then pursued them in the most nasty of fashions trying to ruin their lives and set an example so that none of their ex-colleagues would do the same.
  • I should mention that none of them were left-wingers, before the events. They were all Republicans and conservative.
  • The first, a lawyer in the Justice dept. learned of the torture of the "American Taliban" and then of the destruction of her emails advising the FBI to allow him to have lawyer, then of the investigation opened about her. She resigned and went public in Newsweek and then the Justice dept got her fired from 2 jobs, and put on the "No Fly" list as a potential terrorist (Yale Lawyer, married with 3 kids). This meant full body searches every time she took a plane, and necessarily missed the flight. She was forced to drink her own breast milk at airport security! She then dedicated her life to defending other whistleblowers.
  • Tom Drake and Bill Binney were top level spies at the NSA, and became aware that the Constitution was being trampled. They followed official "whistleblowing procedure" and were both arrested, along with their families, at gunpoint by the FBI. They were threatened with life imprisonment for espionage, even though they only followed the official govt procedure.
  • All these stories were very distressing, disturbing, in that there is no limit what the US govt can and will do to anyone who becomes a "target".
  • These people all support the Tor project, or the protection of your privacy in the virtual world. But they say that if you are targetted, for whatever reason, then every thing you do is recorded, including all telephone, internet, banking, healthcare, etc. And there is a ton of data, available and the technology is such that the new US NSA data centers can store 5ZB each, representing 100 years of telecom for the whole planet!
  • This was a very sad and depressing presentation. Even if I applaud them for their courage - I remember denouncing my own hierarchy to the financial control dept at e-ctrl and how scared I felt then... But the amplitude of the loss of civil liberties since 9/11 is terrifying and sad and seems like the people in the world will never comprehend it enough to push politicians back to freedom of speech etc.
  • I will have a hard time falling asleep now at 1:15 in the morning...

 

Day +2 : lots of things suck, but not everything...

Hamburg Public Data Transparency Law and its making - ccc link
  • They wanted to make everything the city did public, and published, no requests needed
  • What data:
    everything except perso data, a white list, with provision for future additions
  • Who's data:  
    everyone's ! public authorities, and private ones acting in public service  provision, anyone providing service as natural monopoly
  • How:
    a data register, open data stnds, machine readable (not scans),open anonymous access  for ANY purpose! cf. slovakia, Berlin examples
  • Got an ex-supreme court judge interested, he wrote the V-1 law in a week,
  • They used the coming elections to leverage politicians to accepting their stuff,   at first the politicians didn't like it
  • Law written, presented to MPs for their input, to get them to buy in, and suggest improvements,
  • V-2 incorporated some of the suggestions; MPs had no more comments,
  • So they asked that the law be voted! with threat of referendum at election time, this scared MPs fearing that the Pirate party would use referendum to get votes, thus kicking the current MPs out.
  • In the end, all parties supported the law, claiming parenthood,
  • Voted in Unanimously,
  • Info register will be hosted by National Archive! (2014)
  • But who will pay for it?
    • cost of non-transparency -> last corruption case cost €60M!
    • inter-agency comms cost huge amounts, and time,
    • serving info requests costs ++
    • so it will pay for itself;
    • Bottom line: when the MPs opposed, the cost was a HUGE issue, once the MPs found the law to their liking, they would "just take the money from the IT budget" no problemo!
  • Moral of the story:
"In a democracy, nothing is too complicated to be solved by ordinary citizens."


HTTPS regulation by EU - ccc link - video
  • HTTPS is broken in many ways, not safe at all, we were "sold out" by the regulators...
  • There is a value chain to consider: CA, browser, website, users,
  • EU reg wants to put all the burden on CA
  • Very naive, and most likely make things much worse.
  • cf. IETF and Harry Halpin
  • cf. Ross Anderson of Cambridge University, Security Economics.

==========================================================
Some meta-thoughts:
  • lots of things are wrong/broken in the world
  • lots of the broken things need fixing desperately
  • laws are mostly made by ignorant people influenced by lobbies, good and bad, and in the worst case the lawmakers are self-interested and even corrupt
  • it's the same in all domains, even if here we see only Internet, & tech stuff:
    • Agro
    • telecom Internet
    • Ecology
    • Health
    • transport
  • Everyone uses FUD: "Fear, Uncertainty & Doubt" to scare ignorant people into their way of thinking; same here at CCC.
  • This has been a disturbing event, causing sad realizations for me.
  • The question are:
    • Where can I focus my energy to have the greatest positive impact?
    • How to inform the tech-illiterate masses of the importance of what is going down on the Internet?
==========================================================

Polish open education & open textbooks - ccc link
  • Open Educational Resources
  • like free software
  • The Broken Window Fallacy:
    • Jon breaks a window - it's a good thing!
    • Window repair man makes money,
    • Glass maker makes money,
    • taxes are incurred,
    • economy booms,
    • solution: break more windows!
  • contact rysiek@fwioo.pl
    • Free and Open Software Foundation
    • Open Educational Coalition
  • why not start a school-book publishing service in Poland? or use wikibooks?
  • Afterwards, had a very pleasant talk with the guy. He seems like a genuine nice human-being, we exchanged on ideas about how to enhance the open books stuff in PL.  Maybe put Agnieszka in touch with him?

TOR Project - ccc link
  • I missed the start, because SO MANY people are interested in this project. (thousands!)
  • It's about providing a safe, secure, anonymous way of accessing the Internet, particularly for people who live in a censured or surveilled envt. like China, Tunisia, etc. can also be used to access sites that filter on IP, for example, if you lived in the US you couldn't watch the Olympics on-line because of your IP address, TOR would allow you to spoof a UK IP address and thus gain access.
  • Main lead is Jacob Appelbaum (cf keynote speech above)
  • Presentation was about getting more people involved in coding key components.
  • They like the "Go" language.
  • Project was (is?) funded by US and CIA and has produced a huge amount of tools and stuff:
  • These tools are used by everyone who wants to do stuff undetected:
    • law enforcement
    • spies
    • businesses
    • people (paranoid or not)
    • people living in repressive regimes, like China and the US douhhh... i.e. with reasons to be paranoid...
  • This has been the hottest topic at the CCC so far! I am very excited about it!
  • Maybe everyone reading this should consider Volunteering?
  • Indeed, I am very much convinced that this is a good and important thing. I need to read about it!
  • They have an open position!

 

Day +3 : Surfing the indirects + still more politics = optimism! (with some knitting, too!)

Hamburger Kunsthalle
  • Globally: really boring and not great value for money at 12€ a pop,
  • A couple of nice pieces:
    • Renoir's Madame Hériot - I found this spectacular!
    • in the temporary exhibits, something cool from Sophie Calle where she paid a private detective to follow her for a day, without him knowing she had paid him. She puts her version of the day in words and photos, next to his version, also in words and photos. There was something magically interesting in the contrast between her version which provides her motivations for what she did, and his version which just gives the facts and some details, like the approx. height and weight of the people she talked with and their behaviour. This quote is from her webpage:
      "Although much of her work employs voyeurism, Sophie Calle has allowed her own life to be put on display as well. She became so intrigued by following her unwitting subjects that she wanted to reverse the relationship and become the subject herself. She asked her mother to hire a private detective to follow her, without the detective knowing that she had arranged it, with the hopes that his investigation would provide photographic evidence of her existence."

      This work was the highpoint of my day before hitting the CCC.

Crowdsourcing Legislation - really good slides will be available someday on slideshare - ccc link
  • This was a "workshop" rather than a talk which means it was a small group of people who really wanted to see it since it's not easy to get the workshop schedule or find where they actually take place!
  • It was presented by a cool German woman Anke Domscheit-Berg who is a Pirate-party MP  somewhere in Germany. Her details are available in German at opengov.me
  • She talked about what it means to participate in legislation:
    • Monitor creation/application of Laws
    • Prevent creation of bad laws
    • Create good laws yourself
  • These depend on:
    • Transparency of data and processes
    • Collaboration among ONG and authorities
    • Participation of the population as a whole, i.e. getting people's input
  • She explained how laws get made, using lots of good numerical data!
    • Politicians generally don't have a clue,
    • Lobbyists work for industry,
    • they throw money at what they want,
    • voilà: the politicians propose the laws copy/pasted from the lobbyists.
    • conclusion: Money makes Laws.
    • check open congress in the US to see some numbers.
  • The EU has budgeted €100Million to push Open Data!
  • How to track that money?
    • This tool allows you to make official information requests to nearly all govts and agencies.
  • There are some projects on Github to track changes in laws to the politicians who supported them.
  • Prevent a law:
    • first you have to be aware of it! Not always easy unless you are an elected official...
    • then you have to understand it, make it understandable to the normal citizen
    • then use DIFF like tools to show what this new law actually does to their rights/lives.
    • take action: send mails to elected officials, even if they don't read them, they count them and the numbers make changes in their positions, cf. result of SOPA actions! some great visuals on this!
  • Create a Law:
    • the Hamburg Govt Transparency law is a model for all in this domain! The whole process took only 11 months from kickoff to unanimous vote by MP's! It includes a very clever "Not my department clause" which says that a citizen can ask any govt. authority for some info, and the authority is then legally bound to get that info, i.e; they cannot say "it's not our department" This is possible because of the requirement for an "information register" where *everything* is kept and is full-text searchable...
    • Why did Hamburg succeed?
      • timing: a collection of appropriate circumstances
      • multiple expert groups collaborated to start it off
      • only 1 SINGLE GOAL
      • expert advice readily available (ex-supreme court judge gave his time)
      • support from many other groups interested in open government came on board early on.
    • The new Iceland Crowdsourced Constitution
      • This amazing story is filled with details which are all passionately interesting and very optimistic for humanity. I don't have good notes, but there are tons of articles on the web to read about this. For example: Scientific American, NY Times, Open Democracy, etc.
      • They used a very Open Process, selecting a forum of 1000 people at random early on,
      • Created a constitutional council where anyone could be candidate,
      • everything all the time was published for comment open to the entire world, not just Icelanders,
      • actively used social media to interact with the people directly,
      • Remember, Iceland was the only country who refused (by referendum) to bail out its banks during the last crisis, braving the entire world's opinion that they would take 100 years to recover, but proving that the world was wrong since they have recovered faster than anyone else!
      • The new Constitution distributes power more clearly and wider, while making transparency a fundamental right (civil rights, media rights, duty of govt to inform, freedom of info), - they copy/pasted these ideas from an extensive worldwide search of laws in that domain, and the Protection of personal data! => thus making Iceland a haven for for your data (yes, that's a business model!) and these rights are ensured against changes by external agreements (trade, telecom, etc.), and the document is clear, transparent and easy to read by normal people - no legal mumbojumbo! It starts with this phrase, which I find incredibly inspirational:"We, who inhabit Iceland, want to create a fair society, where everyone is equal."So it is clear that the constitution applies to *everyone* in Iceland, be they citizens or not!
      • check this out on the Comparative Constitutions Project (U of Texas, Chicago, London)
    • What does all this mean?
      • If you allow people a say, then they will say more and more!
      • If you open government to citizen involvement you get:
        • better laws
        • forced transparency
        • reduced impact of money (lobying)
        • laws people really want to have!
      • "This is never going to be different again!"  <- an="an" formulation="formulation" odd="odd" what="what">
Knitting Hidden Images!
  • Yes, this is about knitting with yarn and needles!
  • Apparently, some mathematicians have found ways of hiding images in knitted stuff so that under the right lighting you can see them or not...  I saw this and was shocked!
  • This is truly incredible stuff!
  • also of interest to Mathematical knitters:

 

Day +4: aftermath

How the 29th CCC was run:
  • 500 "Angels" - volunteers during conf - all run by volunteers - Angel system is scaleable, software too!
  • avg Angel workload was 10 hours/4 days.
  • in weeks before, over Xmas, many helped to do the setting up
  • 111 hours of talks
  • 108 talks
  • 300 proposed talks
  • 104 workshops
  • 96 assemblies
  • 71 lightning talks
  • 18 fahrplan updates
  • children hacking side-event:
    • 70 kids
    • youngest 5yrs old
    • 110 kits soldered
    • 4 dedicated talks
    • you can help next year!
  • 35 km of bottles of drinks consumed
  • 35 injuries treated, 2 required outside medical help
  • huge amount of perso DECT phones used inside the conf - great idea!
  • GSM network worked mostly?
  • streaming 1.1TB thanks to "FEM"
  • Congress sent more than received on the network, peak upload at 8GB (capacity was 30GB)
  • All German talks were simultaneously translated on DECT (or somehow)
  • 6604 tickets sold
  • 1/3 of presale tickets were "supporter" + 200 business tickets!!  So that everyone can come even those with not much money! Presale helped estimate participation and pre-finance event!
  • only 2 network attacks found and blocked
  • 20 harassment calls, one person expelled, one Nazi removed as well
  • the yellow cards were someone from outside the conf, not part of the CCC !
  • oddity: one Star Wars storm trooper was present - I saw him!  There was a no-weapons policy, so he allowed that his laser gun be checked.
  • not enough sofas, hard to rent!
  • 3000 chairs, beyond the halls
  • giving away all furniture (tables chairs etc bought from IKEA being given away for the taking)
  • What an event!