26C3: internet politics 2010, defence of the digital habitat, internet utopia, decentralized technologies and implementing Cryptonomicon  6.1.10

“It seems like the Crypt is their worst nightmare.”

(Neil Stephenson, Cryptonomicon)

China spearheads the anything-goes movement of technology-based societal control, authoritarian countries worldwide follow suit, and we yet don’t know whether western democracies will manage to at least remain in their currently mediocre shape if one of the many ongoing global developments and crisis should ever have a major and disruptive societal impact. From the perspective of the freedom and unhindered flow of information, the internet makes a bad expression these days and things haven’t changed for the better in the last year and the naughties.
John Perry Barlow’s “fuck them” against the dark priests of internet regulation has died away, the rejected kings have given a dam, the doers of power moved on – internet governance has covered a long distance in the last decade. Yet, the fundamental conflict is still ongoing and presumably will, as long as the Internet remains the world’s leading communication infrastructure and the constant flux of innovation raises again and again new opportunities that actors consider to take advantage of pursue their agenda.

Just as every year, the Chaos Computer Club has held its annual Chaos Communication Congress. Being the 26th instance of this post-Christmas meeting, it was aptly named 26C3. The motto of the congress “Here be dragons” was, as Frank Rieger explained in his keynote (summed up in a CCC blog, video streams of all presentations), a text-label used on old sea maps to mark uncharted territory where dangers, dragons, sea monsters or treasures were assumed. According to this analogy, the CCC community aims at playing a more avant-garde of a role, an exploratory force with “small ships ahead of the masses” looking into potential traeasuries and dangers lying the yet not fully charted territory of societal and cultural usage of information technology.
Whereas other actors contemplate launching military invasions to fight the unknown unknowns, 26C3 prefers a more playful search for truths of and possibilities for the use of information technologies. Playful indeed was the scenery on the floors and in the basement of the Berlin Congress Center with all these flying quadrocopters, Lego-based machines and robots and all these blinking hackerspaces. And Berlin couldn’t have welcomed the geeky crowd better than with the mystique of a freezing, snowy, quiet post-cristmas days setting.

Rieger outlined his ideas of a political agenda for the CCC and the hackers’ community for the months and years to come. He called for nothing short of a roll-back of data breaches and mass data collection, individual liabilities of business and public administration executives for “data crimes”, data protection quality ratings by publicly funded research institutes. He explicitly excluded the German Federal Office for Information Security (BSI) from the list of possible organisations to excert such ratings. While formally responsible for enhancing user security on the internet, the BSI had, accroding to Rieger, recently been granted the right to intercept inter-administrative traffic in Germany — a development one should have in mind when discussing the cooperation between German internet providers and the BSI.

The community should, Rieger asked, start activities to upgrade and invent systems needed for the “technical defense of our communicative habitat” — just in case. My impression that no one really doubts that the judicial, business and political sphere will put more pressure on the that “digital habitat”. Thus, the conceptualization of internet security from the perspective of the CCC congress is very different from what is usually discussed on conferences where the majority of attendees has an LE, policy or business background. (I wonder whether my Giganet paper, in which I have tried to conceptualize internet security, will ever go online :-/)
Rieger, who has a strong technical background in cryptography for mobile communication, asked the crowd to technically improve tools and software, e.g. to correct OpenSSL, to speed up and increase the scalability of Tor, and to find ways to technically circumvent the presumably upcoming mass usage of deep packet inspection. Decentralized technologies would be the route to go.

Austrian journalist Erich Möchel has covered IT politics and European data surveillance policies for more than a decade. In the late 1990s, he was the first to cover Enfopol, the then emerging transatlantic Europol-FBI surveillance system. On 26C3, he gave a follow up on US-EU data retention activities.
In the last couple of years internet security politics would have changed in a way, that Möchel describes as an ongoing “militarization of cyberspace”. The working group of the European Technical Standards Institute (ETSI) that is responsible for defining technical standards for exchange of data retention data has been staffed with personnel with significant military intelligence background. Möchel concludes that the British GCHQ is in a key position to control activities within these working groups and influences technical standards.
The technical standards for exchanging data gathered via data retention comprises data fields that are forbidden to collect according to current legislation in most EU states. The ETSI standards go way beyond what is defined as mandatory by data retention laws, comprising optional data fields such as lists of all the devices with which a user uses a service, ring duration of failed attempted calls, billing details such as customer numbers at the billing provider or the list of billing numbers used to pay the providers services. The resulting list of BIC and IBAN numbers can then be used to link retention data with SWIFT data.

Möchel’s investigations on the realities of internet surveillance could indeed have enticed the audience to daydream about how it all could be if only…. Sandro Gaycken, technology thinker, philosopher and regular speaker at CCC events, used the opportunity to link Hackers’ visionary thinking with Utopian theory in an inspring, thoughtful and relaxedly academic presentation. (Christian Scholz has the details and a transcription of the presentation.)
Unfortunately, utopia and dystopia are related, and the features of today’s information technologies could too easily be combined with authoritarian forms of governance and result in a real 1984. The recent trends in internet politics make a dystopian outcome more and more feasible. Historically, the emergence of authoritarian or totalitarian regimes would happen every once in a while, Gaycken said.
On the other end of the spectrum is, what Sandro Gaycken calls the “Hacker’s utopia” of the “Free Information society”. Its genuine agenda is derived from the idea that major societal problems could be overcome by establishing a free flow of knowledge and information. This leitbild of a free information society serves as a powerful idea that structures activities against an IT-powered decay of our societies into more authoritarian (I prefer this term over the term “totalitarian” used by Sandro) systems — activities such as the anti-surveillance, anti-censorship or open source movements.
Sandro contrasts the idea of a “‘Free Information’ society” with the idea of a “free ‘Informatized Society'”, in which hackers ought to address any societal problems as soon as ICT is involved. The latter idea leads to an overstretch of hackers responsibilities. Sandro obviously advises hackers to be careful about extending their activities into too many societal territories and political conflicts. “Hackers’ utopian ideas were never meant to constitute a full-fledged social utopia”. As a consequence, an extension of the agenda of hackers’ ethics into more political arenas would “blur the agenda” and create entanglement in left-right infopolitics conflicts.

The politicization of illegal downloads would serve as an example of an overstretch of the hackers’ agenda. While striving for a property rights reform would be a legitimate goal, Gaycken is doubtful whether Christina Aguilera’s albums should be considered as important societal knowledge and thus be part of the public domain. He pointed at how an extended hackers’ agenda aiming at free-beer-not-free-speech filesharing would lead to conclusions about the role of the state and of law that are detrimental to the free information interests that are at the core of the Hacker’s ethic. In short: “Filesharing politicization promotes the surveillance of the internet.”
Instead, Sandro proposes the Hackers’ agenda to be clarified. Concentration on hackers’ core idea of a “free information society” and on neutral and clear infopolitics would be favourable and necessary in order to not get hampered by right-wing/left-wing-types of conflicts.

I have an idea what Sandro might be up to: ensuring the coherence of the hackers’ coalition by selecting “things we can change” — that’s what utopias are about, as he said in his introduction. And never get engaged in fight you can’t win or that would bust the coherence of your troops, one could add. While there might be a difference between the “hackers’ core agenda” and hackers’ extended agenda, I would love to see a more elaborated and precise elaboration about these two concepts beyond the filesharing discussion.
Apropos filesharing. In the advent of 26C3, there has been a bit of a quarrel between Sandro and official CCC representatives around Frank Rieger about filesharing in the German weekly Zeit. An inattentive reader probably has the impression, that Sandro Gaycken considered filesharing not worthy to be politicized whereas Rieger&Co had argued that filesharing is a politically important technology.
In his 26C3 presentation, Sandro Gaycken stated that “filesharing politicization promotes the surveillance of the internet.” Of course, the “politicization of filesharing of copyrighted material” would be politically stupid or hyper-bold, but has it ever been proposed anywhere but in teenagers’ forums? But my impression is, that the alleged ‘politicization of filesharing of copyrighted material’ would more likely be a defensive reaction to copyright holders’ strategy of equating filesharing of copyrighted material with robbery and their attempts to criminalize filesharing in general. Filesharing, i.e. the distribution of files based on peer-to-peer technologies, is indeed a technology that is highly valuable. Peer-to-peer technologies are indispensable for the “hackers’ core agenda” (Sandro Gaycken) and the goal to ensure “free communication with any protocol” (Frank Rieger). Sandro’s argumentation slightly suffers from his definitional looseness and the at least implicit equation of the “politicization of filesharing” to the ‘politicization of filesharing of copyrighted material’. These two things are quite a different thing, just as “filesharing” and “filesharing of copyrighted material” are fundamentally different, politically and economically and judicially.
Having followed Frank Rieger’s presentation, my impression is that the hackers’ community feels being forced into the defensive. Why else should Rieger announce that CCC will come up with a financial concept for artists in the next couple of months. While I’m curious to see the plan, my hunch is that it is going to be a piece of cake for the content industry to get a dozen of talking heads and fora to squash the plan. I couldn’t imagine anything more remote from the hackers’ agenda than the development of a business plan for a whole industry, and anything fitting less to the forthcoming general political agenda than rhetorics like “the state has to guarantee the income of artists” (Rieger at 26C3). Content managers must be cheering for joyful anticipation.

Christian Bahls was a major pillar of the German anti-filtering movement last year, which urged the newly elected coalition of conservatives and free-market partisans to distance itself from its predecessors web-fiiltering legislation to allegedly promote child-security. Christian gave a short summary of last years activities and identified the centralized ownership of critical internet infrastructures such as DNS servers as a major security threat for internet freedom. As providers like Vodafone block port 53, alternative DNS server would not always an option to circumvent illegitimate filtering attempts. Thus, Bahls proposed and briefly showcased stumbling code that implements three technical approaches to counter the vulnerabilities that are intrinsic to DNS as a scarce internet ressources: 1) DNS-via-HTTP(s)-Tunnel, 2) DNS-with-Cache-in-DHT (distributed hash tables), 3) HTTP-Prody-with-Cache-in-DHT.
The latter two approaches reminded me of Yochai Benkler‘s 2004 paper on “Peer Production of Survivable Critical Infrastructures“, in which he proposed the use of peer-to-peer systems for three critical internet components, namely networks, storage and computing ressources. While network connectivity should be ensured by using ad hoc mesh wireless networks, resilient distributed data storage is to be implemented by peer-to-peer file services and the availability of computing ressources by distributed computing. In a sense, Bahls extends this peer production approach of technical internet security to secure “information freedom”, which is threatened activities of national governments ironically pursued in the name of enhancing internet security.

Daniel Schmitt and Julian Assange of Wikileaks rocked the floor at 26C3 last week in Berlin by revealing a plan to use to cooperate with Icelandic politician to turn the island into a “Switzerland of Bits”. Icelandic population, threatened by IMF’s widely feared euphemistically called structural adjustment programmes, is highly supportive of Wikileaks’ recent activities to keep documents in the public sphere that were gagged by Icelandic jurisdiction.

Wikileaks describes itself as a “disclosure portal for classified, restricted or legally threatened publications” and an “anonymous safe harbour for the submission and uncensorable provisioning of documents”. According to “The National”, an Emirates based e-magazine, “Wikileaks has probably produced more scoops in its short life than The Washington Post has in the past 30 years”.

Their track record for 2009 is indeed impressive: Trafigura, Toll Collect contracts, the Kunduz Feldjaeger report, the 911 pager messages, the EUISS report proposing a built up of European military and police forces to protect alleged European interests abroad and seal off Europe for migrants, US special forces manual on unconventional warfare for special forces units and intelligence staff.

And now this: a plan for an “offshore publication centre” that “provides a specialized set of laws”, which would “fit the freedom of information needs of the information society”. In short: “a safe haven for data and communication”. While Avi and Randy in Stephenson’s legendary novel were in for a “thick river of gold”, Daniel and Julian want to provide the public with streams of information and make sure that publicly relevant information cannot be hidden from the public by inept court activities or economic or political pressure against media publishers.

As again displayed by the presidential decision to block payments to Dutch and British savers, Iceland is playing a tough political game these days, anyway. According to Roubini.com, the economic analysis website of Noriel “Dr. Doom” Roubini, Iceland is flirting with doom: “Not passing the bill could even lead to Iceland defaulting on its debt.” (Roubini.com Daily Newsletter, 6 Jan 2010) Has Iceland started a campaign of vengeance or would they use the leaking data center as capital that could be traded in in negotiations with EU countries?

Neil Stephenson’s Cryptonomicon figures faced a similar dilemma with their plan of a “data haven”, a “secure, anonymous, unregulated data storage”.

“What if … the good Sultan changes his mind, decides to nationalize your computers, read all the disks? What is needed is not ONE data haven but a NETWORK of data havens–more robust, just like Internet is more robust than single machine.” Neil Stephenson, Cryptonomicon

Decentralisation technologies might indeed be the way to go.