[Plura-list] Surveillance electoralism; Blueleaks; Congress wants to read all your DMs; A/B Seattle; Against AI phrenology
Cory Doctorow
doctorow at craphound.com
Tue Jun 23 12:07:30 EDT 2020
Today's links
* Surveillance electoralism: Comparing the surveillance of the Biden and
Trump apps.
* Blueleaks: Dox the police.
* Virtual Ignite talks: Weds at 6PM.
* Congress wants to read all your DMs: The EARN-IT Act doesn't mention
encryption, but it still bans encryption.
* Privacy in tracing tokens: Bunnie Huang's parameters for a
privacy-respecting contact-tracing system.
* A/B Seattle: Design your own urban grid.
* Against AI phrenology: Stop publishing machine-learning "race science."
* This day in history: 2010, 2015, 2019
* Colophon: Recent publications, upcoming appearances, current writing
projects, current reading
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Surveillance electoralism
Writing in MIT Tech Review, Samuel Woolley and Jacob Gursky take a deep
dive into the data-gathering in the apps from the Trump and Biden
campaigns. It's quite a study in contrasts!
https://www.technologyreview.com/2020/06/21/1004228/trumps-data-hungry-invasive-app-is-a-voter-surveillance-tool-of-extraordinary-scope/
The Trump campaign is like Cambridge Analytica Mark II: invasive even by
the standards of 2020, with Bluetooth access so your movements can be
tracked by sleazy data-brokers, as well as endless-scroll propaganda
channels to feed white nationalists' grievance complexes.
It's a feature-for-feature clone of the app used by Indian PM Modi,
another authoritarian strongman with serious genocidal ambitions, and
Modi has used the app to create regional propaganda clubs and feed them
everything they need to push his narrative, to the brink of war.
By contrast, Biden's app is built around exploring your social graph and
connecting you to people you have a genuine personal connection with in
order to have a meaningful political conversations.
It's an evolution of the grassroots organizing tactics that the Obama
campaign used to great effect in 2008 and especially in 2012.
But when I read about the tactics in use, I have another touchpoint.
Back in 2010, I was working on Homeland, the sequel to Little Brother.
I knew I wanted the plot to turn on a next-generation, networked
election campaign, but I was stumped for how that would work.
For weeks, I interviewed top electoral strategists, people who'd been
praised as high-tech svengalis for the campaigns they'd run.
I'd call them and say, "OK, pretend you've got a candidate who'd do
anything you asked, and the smartest technologists in the world working
for you. What would you build?"
The responses were so dull, the thrice-brewed teabags left over from the
Dean campaign.
Then, on a lark, I asked Aaron Swartz what to do. I sent him a brief
email outlining the challenge. A few hours later, he sent me a
shovel-ready, complete plan - a plan that encompasses everything Obama
did in 2012, and everything Biden is doing in 2020, and then some.
I basically just pasted that passage into the book. I also included it
in my obit for Aaron when he killed himself in 2013, two weeks before
the book came out. I toured that book across the USA, and everywhere I
went, I talked about Aaron.
https://boingboing.net/2013/01/12/rip-aaron-swartz.html
We're reissuing Homeland this summer, in a new omnibus edition with
Little Brother, with an intro by @snowden, who also cites Aaron as an
inspiration, and who risked his life to reveal the connection between
commercial and state surveillance.
https://us.macmillan.com/books/9781250774583
We're including the afterword Aaron wrote for the book, too.
Meanwhile, I see his fingerprints all over the things that give me hope
in 2020. The Trump and Biden apps represent a stark contrast in
approaches - one that sees supporters as marks, and the other as supporters.
Aaron's plan would create a tireless, committed army of supporters that
would help their candidate govern: "I agree with you, I want to do it,
now make me do it."
When Obama took office in 2012 he shut down his network, not willing to
govern ahead of an activist rabble.
Meanwhile, the Tea Party held the TGOP's feet to the fire for four
years, not letting them give a nanometer. They made Obama's life hell,
and blocked virtually all of his agenda.
The GOP in Congress and the Senate make the TGOP look reasonable by
comparison. They're fucking orcs. If Biden wins in November, his only
hope of governing is that activist rabble.
So for me, as interesting as the contrast in surveillance approaches is,
the real action is going to be in what happens afterward: will Biden
shut down his app and tell his activists to stand down? Or will he
govern with the activist rabble holding his feet to the fire?
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Blueleaks
On Juneteenth, the Distributed Denial of Secrets campaign released
BlueLeaks, the "largest published hack of American law enforcement
agencies": 269GB of "emails, audio, video, and intelligence documents,
with more than a million files in total."
https://www.wired.com/story/blueleaks-anonymous-law-enforcement-hack/
Distributed Denial of Secrets founder Emma Best told Wired's Andy
Greenberg that the docs came via someone flying the Anonymous banner,
and hinted heavily that it leaked from the web development company
Netsential, and came from several fusion centers.
DDoSecrets maintains download links for all its leak troves:
https://ddosecrets.com/data/north_america/#united-states-of-america
Meanwhile, there's a widespread effort to catalog the contents of the
leaks, which span 200+ law enforcement agencies (local, state, fed):
https://twitter.com/hashtag/BlueLeaks?src=hashtag_click
So far, the leaks don't reveal unlawful activity by police, but they do
demonstrate a partisanship with white nationalists, who are described as
"anti-antifa" rather than as fascists and genocidal authoritarians.
Best: "The underlying attitudes of law enforcement is one of the things
I think BlueLeaks documents really well....Part of what a lot of the
current protests are about is what police do and have done legally."
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Virtual Ignite talks
In a Pechakucha presentation, a speaker talks to 20 slides for 20 second
each; the format came the USA and became the Ignite Talks, a beloved
speaker series whose formal constraints make for spectacular and
dazzling rhetoric.
Obviously, Ignite talks have been curtailed by the pandemic and
lockdown, but they've gone virtual, and are hosting an event on Weds,
Jun 24 at 1800h Pacific:
https://www.youtube.com/watch?v=EQa12O-3wVY
Here's the speaker roster:
* Hope Williams - Coordinated Acts of Civil Disobedience
* Monica Guzman - 7 words to keep your world from shrinking
* Cecily Mak - C L E A R L I F E
* Kelly Jensen - Fancy Pigeons Are a Thing
* Chris Taylor - The how, what and why of microdosing
* Jeremy Conrad - The History of Cocktail
* Paula Chowles - The Art of Documentary Filmmaking in a Streaming World
* Mya Roberson - When COVID-19 and racism collide
* Inga Bard - Birthing a Renaissance
* Robert Strong - Learn How the Brain is Tricked While Learning a Trick
* Connie Yang - Modern matriarchal societies
* Kevin Kelly - Journey in a Time Machine
* Mellina White Cusack - Attention White People: Your #BLM memes are not
enough
FUN!
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Congress wants to read all your DMs
EARN IT is a bill that takes away online service providers' "safe
harbor" (a rule that says that the company that provides your messenger
app isn't liable if you use it for slander, obscenity, etc) under
Section 230 of the Communications Decency Act.
That is, unless...
Unless the service follows "best practices" - meaning rules set out by a
commission chaired by the Attorney General, AKA Bill Barr.
If this sounds ominous to you, you're absolutely right.
https://www.eff.org/deeplinks/2020/03/earn-it-bill-governments-not-so-secret-plan-scan-every-message-online
The first EARN IT Act hearings were yesterday. The bill's sponsors -
Lindsey Graham and Richard Blumenthal - kicked things off by insisting
that they had been maligned by the bill's opponents, who keep insisting
that it bans working encryption.
Blumenthal: "This bill says nothing about encryption. Have you found a
word in this bill about encryption?"
But as my EFF colleague Joe Mullin points out, this is an inept shell
game indeed, even by Congressional standards.
Because the commissioners who will set out the EARN IT Act's best
practices are crystal clear that the iron-clad condition for messenger
apps' safe harbor is allowing law enforcement to spy on their users'
messages, something that is only possible if you ban encryption.
Mullin: "You can’t have an Internet where messages are screened en
masse, and also have end-to-end encryption any more than you can create
backdoors that can only be used by the good guys. The two are mutually
exclusive."
Graham and Blumenthal have pitched Barr's commission as a place where
tech policy will get made, but as Mullin says, "The Commission won’t be
a body that seriously considers policy; it will be a vehicle for
creating a law enforcement wish list."
Barr is a cryptocidal maniac, who has made attempts to ban encryption
for decades. The pretence that "we're not banning encryption, we're
merely enabling Bill Barr to do whatever it takes to keep us safe, which
starts with banning encryption" is tissue-thin.
It's not just bad policy, it's idiotic policy. The world is full of
working, open, free encryption code that can be downloaded and run by
anyone, including the Four Horsemen of the Infocalypse (mafiosi,
terrorists, child pornographers and drug dealers).
The only way to prevent people from downloading and running this code is
to erect a national firewall around the USA that blocks all sites by
default, and then creates an unblock list of sites that promise to
comply with EARN IT.
You'd also have to replace all the computers in circulation in the USA
with trusted computing devices that refuse to run working VPNs and other
firewall circumvention tools. And you'd have to seize all non-compliant
devices at the border.
You'd have to ban math and computer science textbooks, because they
explain how to make your own working encryption.
Anything less than this doesn't interdict bad guys, it just interdicts
lazy, unmotivated bad guys.
The war on encryption is just the War on General Purpose Computation by
another name:
https://boingboing.net/2012/01/10/lockdown.html
Of course, none of that stuff is going to happen. For one thing, it
would be unconstitutional, a thing that was firmly established in 1995
with EFF's precedent-setting Bernstein case, whose conclusion was and
is: "Code is speech."
https://www.eff.org/deeplinks/2015/04/remembering-case-established-code-speech
EARN IT is not a system for interdicting criminals and predators. It's a
system for enabling and maintaining the capacity for mass surveillance
of *everyone*, *except* criminals and predators and anyone else with the
motivation to circumvent it.
Here's the petition against EARN IT. Go fill it in. Because as 2020 has
taught us, merely being pigheadedly stupid and unworkable does not
disqualify a thing from happening.
https://act.eff.org/action/protect-our-speech-and-security-online-reject-the-graham-blumenthal-bill
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Privacy in tracing tokens
One of our generation's greatest hardware hackers is Andrew "bunnie"
Huang, and lucky for all of us, Huang is also a serious privacy
advocate. He's been tapped to audit the security of Singapore's
Tracetogether hardware token.
https://www.bunniestudios.com/blog/?p=5820
(Background on Huang: as an MIT student, he broke the Xbox's firmware
locks and published despite the cowardly refusal of MIT to defend him
against Microsoft; today, he's a plaintiff in a lawsuit to overturn the
DMCA's prohibition on this activity)
https://www.eff.org/cases/green-v-us-department-justice
Huang hasn't had the opportunity to teardown a Tracetogether token yet,
but in a blog post, he sets out the means by which such a token could be
effective at transcending mere exposure notification and attaining true
contact-tracing, while still verifiably protecting privacy.
Early in the lockdown, Huang and Xobs were invited by the EU to design
such a token; their design, the Simmel, approaches a platonic ideal of
how it would work; what's more, it reflects Huang's manufacturing
expertise. It's production-ready.
https://simmel.betrusted.io/
Huang's starting assumption is that you can't do privacy-respecting
tracing in a phone. Phones just have too much attack surface. They emit
too much data. They hold too much data. They are opaque and unauditable
and complex.
Hardware tokens literally make people stewards of their data: it lives
on the token, which is in their pocket. Simmel is designed to be easily
disabled: "By simply twisting the cap of the token, users can power the
token down at any time, creating a gap in their trace data."
This is really important for compliance: there's a lot of overlap
between people at high-risk for spreading and people who face
legal/social sanction for some of their movements (drug addicts, some
sex workers, etc).
The Tracetogether token's retail cost is capped at S$20, which precludes
hiding a lot of sneaky spyware in the production model. But it wouldn't
stop a state (or supply-chain poisoners) from making a few tokens that
did sneaky stuff.
To mitigate this risk, Huang falls back on physics. A token with a
1000mAh battery has limits that can't be overcome by trickery: "no
amount of money invested by the government can break the laws of physics."
Huang: "If Singapore could develop a mass-manufacturable battery that
can power a smartphone sensor suite for months in that form factor –
well, let’s just say the world would be a very different place."
Huang closes with a to-do list of things to verify in a hackathon - that
the BLE radio can't be repurposed for data-readout, etc, and warns that
much of the privacy protection can be obliterated through laws requiring
people to carry tokens, and the mass seizure of tokens.
Meanwhile, Huang's collaborator Xobs has done a full teardown of a
Tracetogether token:
https://xobs.io/trace-together-token-teardown/
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ A/B Seattle
A/B Street is a traffic simulator that models Seattle's actual traffic,
using real Seattle traffic data, created by Dustin Carlino, whose
"ultimate goal is for your changes to become a real proposal for
adjusting Seattle's infrastructure."
https://github.com/dabreegster/abstreet/#ab-street
The idea is to feed residents' lived experience of traffic dysfunctions
("the one left turn lane that always backs up or a certain set of poorly
timed walk signals") into planning discussions.
Your changes to Seattle traffic rules ripple out through pedestrians,
public transit, cyclists and private vehicles, which you can both
visualize and quantify through a dashboard.
Carlino has a standing offer to help you recreate this for your city:
"If you want to bring this to your city or if you're skilled in design,
traffic simulation, data visualization, or civic/government outreach,
please contact Dustin Carlino at dabreegster at gmail.com"
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Against AI phrenology
The iron law of computing is GIGO: Garbage In, Garbage Out. Machine
learning does not repealit. do statistical analysis of skewed data, get
skewed conclusions. This is totally obvious to everyone except ML
grifters whose hammers are perpetually in search of nails.
Unfortunately for the human race, there is one perpetual, deep-pocketed
customer who always needs as much empirical facewash as the industry can
supply to help overlay their biased practices with a veneer of
algorithmic neutrality:
Law enforcement.
Here's where GIGO really shines. Say you're a police department who is
routinely accused of racist policing practices, and the reason for that
is that your officers are racist as fuck.
You can solve this problem by rooting out racist officers, but that's hard.
Alternatively, you can find an empiricism-washer who will take the data
about who you arrested and then make predictions about who will commit
crime. Because you're feeding an inference engine with junk stats, it
will produce junk conclusion.
Give the algorithm racist policing data, and will pat you on the back
and congratulate you for fighting crime without bias. As the Human
Rights Data Analysis Group writes: predictive policing doesn't predict
crime, it predicts what the police will do.
https://hrdag.org/2016/10/10/predictive-policing-reinforces-police-bias/
As odious as predictive policing technologies are, it gets much worse.
Because if you want to really double down on empiricism-washing, there's
the whole field of phrenology - AKA "race science" - waiting to be
exploited.
Here's how that works: you feed an ML system pictures of people who have
been arrested by racist cops, and call it "training a model to predict
criminality from pictures."
Then you ask the model to evaluate pictures of people and predict
whether they will commit crimes.
This system will assign a high probability of criminality to anyone who
looks like people the cops have historically arrested. That is, brown
people.
"Predictive policing doesn't predict crime, it predicts what the police
will do."
It would be one (terrible) thing if this was merely the kind of thing
you got in a glossy sales-brochure. But it gets (much) worse:
researchers who do this stupid thing then write computer science papers
about it and get them accepted in top scholarly publications.
For example: "Springer Nature — Research Book Series: Transactions on
Computational Science and Computational Intelligence" is publishing a
neophrenological paper called "A Deep Neural Network Model to Predict
Criminality Using Image Processing."
The title is both admirably clear and terribly obscure. You could
subtitle it: "Keep arresting brown people."
A coalition of AI practitioners, tech ethicists, computer scientists,
and activists have formed a group to push back against this, called the
Coalition for Critical Tech.
As its inaugural action, the Coalition for Critical Technology has
published a petition calling on Springer to cancel publication of this
junk science paper.
https://medium.com/@CoalitionForCriticalTechnology/abolish-the-techtoprisonpipeline-9b5b14366b16
The petition also calls on other publishers to adopt a promise not to
publish this kind of empiricism-washing in the future.
You can sign it too.
I did.
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ This day in history
#10yrsago A Canadian author's perspective on "radical extremism" and
copyright https://boingboing.net/2010/06/23/a-canadian-authors-p.html
#10yrsago Viacom v Internet: round one to Internet
https://web.archive.org/web/20100627080644/http://news.yahoo.com/s/ap/20100623/ap_on_hi_te/us_tec_google_youtube_viacom
#10yrsago Captain Long Ears: kids' comic is part Calvin and Hobbes, part
Tekkonkinkreet https://boingboing.net/2010/06/23/captain-long-ears-ki.html
#10yrago Canadian Heritage Minister declares war on copyright reformers
https://www.michaelgeist.ca/2010/06/moores-attack-on-c-32/
#10yrsago Gate guarded McMansion suburb in Walt Disney World
https://insidethemagic.net/2010/06/disney-unveils-golden-oak-luxury-homes-offering-a-chance-to-live-in-the-walt-disney-world-resort/
#5yrsago Outstanding paper on the impact of ebook DRM on readers,
writers, publishers and distributors
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2620354
#5yrsago Tie your shoes the Ukrainian way
http://shnurovka.com/en/step-by-step-instructions-english/
#1yrago Good Omens is amazing
https://boingboing.net/2019/06/23/shocking-bad-hat.html
#1yrago Man-Eaters Volume Two: Fleshing out the world where girls turn
into lethal werepanthers when they get their periods
https://boingboing.net/2019/06/23/period-piece.html
#1yrago Texas Instrument's post-#taxscam budget for financial
engineering is $5B -- triple its budget for actual engineering
https://www.dallasnews.com/opinion/commentary/2019/06/23/thanks-uncle-sam-after-tax-cuts-texas-instruments-spent-5-billion-on-stock-three-times-more-than-rd/
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ Colophon
Today's top sources: Christopher Brown (https://christopherbrown.com/),
Four Short Links (https://www.oreilly.com/feed/four-short-links), EFF
Deeplinks (https://www.eff.org/deeplinks/).
Currently writing:
* My next novel, "The Lost Cause," a post-GND novel about truth and
reconciliation. Yesterday's progress: 510 words (30196 total).
* A short story, "Making Hay," for MIT Tech Review. Yesterday's
progress: 361 words (2612 total)
Currently reading: Goliath, Matt Stoller.
Latest podcast: Someone Comes to Town, Someone Leaves Town (part 07)
https://craphound.com/podcast/2020/06/22/someone-comes-to-town-someone-leaves-town-part-07-2/
Upcoming appearances:
* In Conversation with Hank Green, Jul 10,
https://www.magersandquinn.com/product_info?isbn_id=26578312&products;_id=163359157
Upcoming books: "Poesy the Monster Slayer" (Jul 2020), a picture book
about monsters, bedtime, gender, and kicking ass. Pre-order here:
https://us.macmillan.com/books/9781626723627. Get a personalized, signed
copy here:
https://www.darkdel.com/store/p1562/_Poesy_the_Monster_Slayer.html.
"Attack Surface": The third Little Brother book, Oct 20, 2020.
https://us.macmillan.com/books/9781250757531
"Little Brother/Homeland": A reissue omnibus edition with a new
introduction by Edward Snowden:
https://us.macmillan.com/books/9781250774583; personalized/signed copies
here:
https://www.darkdel.com/store/p1750/July%3A__Little_Brother_%26_Homeland.html
This work licensed under a Creative Commons Attribution 4.0 license.
That means you can use it any way you like, including commerically,
provided that you attribute it to me, Cory Doctorow, and include a link
to pluralistic.net.
https://creativecommons.org/licenses/by/4.0/
Quotations and images are not included in this license; they are
included either under a limitation or exception to copyright, or on the
basis of a separate license. Please exercise caution.
_,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,__,.-'~'-.,_
🤹🏿♀️ How to get Pluralistic:
Blog (no ads, tracking, or data-collection):
Pluralistic.net
Newsletter (no ads, tracking, or data-collection):
https://pluralistic.net/plura-list
Mastodon (no ads, tracking, or data-collection):
https://mamot.fr/web/accounts/303320
Twitter (mass-scale, unrestricted, third-party surveillance and
advertising):
https://twitter.com/doctorow
Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):
https://mostlysignssomeportents.tumblr.com/tagged/pluralistic
*When life gives you SARS, you make sarsaparilla* -Joey "Accordion Guy"
DeVilla
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20200623/0ea908d4/attachment.sig>
More information about the Plura-list
mailing list