moxie marlinspike

moxie marlinspike

intro’d to Moxie via social good summit 2015 – his insight/work with encryption: (para) can’t hack if don’t have info.. got my head spinning back to a natural encryption (perhaps) of 1\ idiosyncratic jargon (rather than babel izing some elitist bespeak) along with and because of 2\ everyone doing something else (usefully preoccupied)

_______

looking into him…

webstock 2015 – april:

open whisper – making private communications simple

link twitter

https://whispersystems.org/

@csoghoian @JuliaAngwin @headhntr @mattblaze I love Google’s security team, but only an idiot would pick Google’s services over Signal.

6 min – 80s – all films cold war.. nothing till 95 – braveheart.. against govt.. hackers…… matrix… ultimate story of oppression – against their reality… 2000… bourne series.. govt out of control…..90s – power vs people………2001 – change again … and all about terrorism….. superheroes to save us.. because they are virtuous… taken – cia saves the day…

9 min

moxie image

10 min – cyber war – cyber punks vs eaves droppers… shift from ultimate control to no control..

11 min – clipper chip – into every device… to establish secure sessions.. but govt had master key to decrypt..

14 min – 2000 – game over – won the war ? –  first we see: info wants to be free.. they thought surveillance et al would become impossible.. predictions: 1\anonymous digital cash will flourish 2\intellectual property will disappear 3\surveillance will become impossible 4\govt’s unable to continue collecting taxes 5\govt’s will fall

fast forward 20 yrs… and not so much… surveillance at all time high, privacy at all time low

15 min – all we got was pgp – future cypherpunks saw was proximate surveillance… instead got oblique surveillance.. ie: cell phone.. as surveillance.. via choice..

17 min – in some ways .. choice to not have a phone is choice to not participate in society

19 min – on public key vs private key

21 min – what do we need – 1\ limited damage from key compromise 2\opinionated defaults 3\opportunistic, transparent encryption 4\mobile oriented, multi-device, modern world….. basically…. need to make the lock icon a thing of the past

one click encryption is one click too many – Bruce Schneier

22 min – axolotl

24 min – tofu – trust on first use

25 min – since we are open.. no patents.. gave this to whatsapp

27 min – until all communication is .. ( )

________

Next Generation Threats 2014 – march 2015

13 min – pgp world (total nightmare – 100 p tutorials w/links to learn more) vs otr (off the record) – any secure protocol needs: confidentiality, integrity, authenticity

________

2011

DEFCON 19: Whitfield Diffie and Moxie Marlinspike

3 min – on being locked into trust

4 min – trust agility – should be easy to trust and untrust somebody.. initiated by client

7 min – it wouldn’t make any sense for dhs to issue web cert’s for chinese websites.. moxie – and i disagreed with it..

12 min – on notaries and trust anchors (pre defined by someone that wasn’t the user)

13 min – doesn’t make sense that one organization decides certification… should be up to users

16 min – graduated decisions on trust.. not all or nothing

that’s where i don’t see it.. perhaps in business ness.. which i’m questioning as well.. ie: client ness

trust – partial is no.. ness

19 min – from audience.. i don’t see this not ending in similar cycle as komodo (sp?) – people buy based on cost

21 min – released convergence.. stab at inverting this trust relationship

23 min – on multiple notaries – whitfield

27 min – on trusting someone to set your trust mechanisms…

29 min – audience – speaking of trust in too broad context

34 min – the way i wish this term worked is that term expired every second.. at any moment you can decide

indeed – voting ness – approaching the limit of 24/7 ness

encroaching singularity ness of trust.. and.. back to the dance of all or nothing ness..

keeping us awake. rev of everyday lifest as data

seems the partial ness of trust comes when money is involved.. no? i don’t know.

like trust thought… none of us if one of us.. has to be all of us.. in sync.. usefully preoccupied, et al

a nother way

audience – on users wanting to set it and forget it – don’t want to decide every moment..

but do want to be able to decide (change mind) every moment

________

find/follow Moxie:

http://www.thoughtcrime.org/

link twitter

wikipedia small

Moxie Marlinspike is the pseudonym of a computer security researcher. His research has focused primarily on techniques for intercepting communication, as well as methods for strengthening communication infrastructure against interception. He is a member of the Institute for Disruptive Studies, former head of the security team atTwitter, founder of Open Whisper Systems, and a fellow at the Shuttleworth Foundation. He runs a cloud-based WPA cracking service, manages the GoogleSharing targeted anonymity service, and is the author of theConvergence SSL authentication system.

________
encryption

idiosyncratic jargon

ps in the open

_______

jul 31 2016

@ageis

K.M. Gallagher (@ageis) tweeted at 9:19 AM on Sun, Jul 31, 2016:
Profile of @Moxie Marlinspike, the anarchist bringing encryption to all of us https://t.co/5xsZZ1bqXa by @a_greenberg
(https://twitter.com/ageis/status/759770367766310913?s=03)

Marlinspike designed Signal to bring uncrackable encryp­tion to regular ­people.

[..]

The standoff quickly becomes the topic of the RSA panel, and Marlinspike waits politely for his turn to speak. Then he makes a far simpler and more radical argument than any advanced by Apple: Perhaps law enforcement shouldn’t be omniscient. “They already have a tremendous amount of information,” he tells the packed ballroom. He points out that the FBI had accessed Farook’s call logs as well as an older phone backup. “What the FBI seems to be saying is that we need this because we might be missing something. Obliquely, they’re asking us to take steps toward a world where that isn’t possible. And I don’t know if that’s the world we want to live in.”

Marlinspike follows this remark with a statement that practically no one else in the privacy community is willing to make in public: that yes, people will use encryption to do illegal things. And that may just be the whole point. “I actually think that law enforcement should be difficult,” Marlinspike says, looking calmly out at the crowd. “And I think it should actually be possible to break the law.”

[..]

A few days after Snowden’s first leaks, Marlin­spike posted an essay to his blog titled “We Should All Have Something to Hide,” emphasizing that privacy allows people to experi­ment with lawbreaking as a precursor for social progress.

[..]

Marlinspike views encryption as a preventative measure against a slide toward Orwellian fascism that makes protest and civil disobedience impossible, a threat he traces as far back as J. Edgar Hoover’s FBI wiretapping and blackmailing of Martin Luther King Jr. “

[..]

To a bored middle schooler, it was all a revelation. “You look around and things don’t feel right, but you’ve never been anywhere else and you don’t know what you’re missing,” Marlin­spike says. “The Internet felt like a secret world hidden within this one.”

[..]

“I got interested in experimenting with a way to live that didn’t involve working.”

a nother way (short) – hosting-life-bits – as the day..

[..]

Even today, Marlinspike describes those reckless adven­tures in the itinerant underground as a kind of peak in his life. “Looking back, I and everyone I knew was looking for that secret world hidden in this one,” he says, repeating the same phrase he’d used to describe the early Internet. “I think we were already there.”

If anything can explain Marlinspike’s impulse for privacy, it may be that time spent off society’s grid: a set of experi­ences that have

driven him to protect a less observed way of life.

ps in the open.. where 7 billion people are doing something else..

marlinspike less observed law

“I think he likes the idea that there is an unknown,” says Trevor Perrin, a security engineer who helped Marlinspike design Signal’s core protocol. “That the world is not a completely surveilled thing.”

[..]

merely going to demonstrations never felt like the right way to challenge the world’s power structures.

Instead, around 2007 he turned his political interests back to the digital world, where he’d seen a slow shift toward post–Patriot Act surveillance. “When I was young, there was something fun about the insecurity of the Internet,” he says, with its bounty of hackable flaws available to benign prank­sters. “Now Internet insecurity is used by people I don’t like against people I do: the government against the people.”

[..]

Marlinspike dreamed of bringing his encryption tools to millions of people, an ambition that required some sort of business model to fund them. He moved back to San Francisco to promote Whisper Systems as a for-profit startup. The company had barely gotten off the ground when Twitter approached him with a buyout offer, hoping to use his expertise to fix the shambolic security that had led to repeated hacks of celebrity and journalist accounts.

[..]

A normal person might have quit sailing. Instead, Marlinspike quit Twitter. A year and a day after he had started, he walked away from over $1 million in company stock.

[..]

“The big win for us is when a billion people are using WhatsApp and they don’t even know it’s encrypted,” Marlinspike says. “At this point, I think we’ve already won the future.”

[..]

Marlinspike surprises me by admitting that he looks forward to the moment when he can quit. “Someday Signal will fade away,” he states unsentimentally. Instead, he says, Open Whisper System’s legacy will be the changes Signal will have inspired in better-funded, for-profit communi­cation apps.

That time may not be so far off. “I don’t really want to do this with the rest of my life,” Marlin­spike says. “Eventually, you have to declare victory.”

But cypherpunks like Marlinspike—let’s be honest—haven’t yet won the crypto war. In fact, the war may be unwinnable by either side.

unless.. we make all that irrelevant.. so that .. everyone can not work..

[..]

Marlinspike, she says, seeks the “zero point, when you have nothing to lose, when you have no property, no lover, nothing to hold you back.”

Advertisements