Hacker News new | ask | show | jobs
by DoctorOetker 2970 days ago
Personally I believe real world actions should be the focus of surveillance. The empires are simply trying to cheap out by focusing on surveillance of computer activity.

This is the most profound part of Matthew Green's piece in my opinion:

"While this mainly concludes my notes about on Ozzie’s proposal, I want to conclude this post with a side note, a response to something I routinely hear from folks in the law enforcement community. This is the criticism that cryptographers are a bunch of naysayers who aren’t trying to solve “one of the most fundamental problems of our time”, and are instead just rejecting the problem with lazy claims that it “can’t work”. "

I believe the most fundamental problem is how can we decentralize real world security? I am FOR mass surveillance but AGAINST centralized mass surveillance.

Assume every crook and cranny of the world was covered by community cameras, and the cameras encrypted the streams with treshold cryptography, such that the populace has different parts of the secret, then one needs "enough" citizens agreeing to reveal the contents seen by a specific camera at a specific time. This way its public for all or public for none. Every accident, every murder, ...

Suppose a body is found, then the group decides to reveal the imagery: oh yes, in this case the person was murdered! look the perpetrator is walking out of view to the next camera, then the next,... we can trace him to where he is now. Properly trained citizens (in a now authorized police role) go and arrest the guy. He is now in prison waiting for his trial (also with community cameras, so no broomsticks in prisoner ani). At trial time, if the person denies, or claims to be a different person from the arrested one, we can trace through all the imagery from his commiting a crime to his sitting in court right there and then.

So yes, there is a real conflict between cryptographers and centralized law enforcement. We dont need no spooks!

And the spooks can not decode the camera imagery: a large enough number of citizens (chosen at random by cryptographic sortition) running instance of good citizen client software need to release their part of the shared secret.

EDIT:

So there is broadly speaking 2 kinds of crimes:

* meatspace crimes (murder, negligence, rape, making childporn (automatically rape), ...)

* cyber crimes (copyright, child porn, ...)

I argue that not implementing such a community camera system is a form of negligence in itself.

It does not adress things like copyright infringement, but ... thats not exactly the most popularly supported concept.

Then there is the problem of child porn: fake and real.

I argue that with deepfake any faked child porn will eventually become indiscernible from real child porn.

Which leaves the problem of official child porn recorded by the community cameras used to apprehend perpetrators (since these also sign the imagery to testify authenticity!).

Due too taboo many victims of child abuse didn't realize, or only had doubts that they were suffering abuse, enabling the abuse to continue. Without concrete visual examples for them to explore, to asses if they are or are not suffering child abuse, how can they alert others of their situation? We send these children extremely mixed messages: absolutely tell us if you are being abused, but absolutely never falsely report a person. Merely asking someone else for advice is automatically interpreted as a child reporting child abuse. How can a child asses his or her situation? With abstract questions using words and connotations it does not know?

I believe the number of reported child abuses would go up if we used these community cameras for decentralized mass surveillance.

Also for crime in general (theft, murder, ...), the knowledge that you will with extremely high probability be caught, will decrease a lot of crime. I would not be surprised if the crime rate of "impulsive" crimes (where the criminal was supposedly not able to control his urges) would drop substantially, revealing that in the current system they often get off the hook.

There will still be rude people, getting fines for squeezing women in the ass while drunk. But for any actual crime in general, both victim and perpetrator would know that the victim can simply report this to the group, and that the perpetrator can not escape by lack of evidence. The current lack of evidence constantly discourages people from reporting crimes (as there is risk involved: financial: lawyers, emotional: potential incredulity at police station, ...).

One might think that this will cause criminals to escalate to murder: "if you rob a victim, you should kill her, or else she will report you" but hiding a body will be very hard, and if a person goes missing the friends and relatives will report this, and instead of following the criminal we can follow the missing person from the time and place she was last reported seen!

As long as cryptographers only draw the privacy card, the law enforcement community has a point. As long as the law enforcement community only draws the centralized power card, the cryptographers have a point.

Only when we have decentralized mass surveillance can we have both privacy (as long as you don't commit crimes or go missing) and real law enforcement.

Common FAQ:

What if say a stalker repeatedly reports his ex as "missing"? Cry wolf to many times, or be blocked to report a person missing, and the good citizen client software that the citizens individually run, will refuse to comply.

What if a stalker or group of them repeatedly reports a "murderer" in a celebrities bedroom? we can send a local but randomly selected properly trained (group of) citizen (in police role) to go check the room, if the supposed dead body is not there, no reason to unlock the imagery.

(I will add more as people ask)
3 comments
allenz 2969 days ago
Regarding your distinction between real and cyber crimes, digital evidence can certainly be relevant in a murder case, e.g. iMessages, location history, search history. Also, the read-only bricking chip tries to allow search but exclude ongoing surveillance, though I don't think it's technically feasible.
link
DoctorOetker 2969 days ago
"Regarding your distinction between real and cyber crimes, digital evidence can certainly be relevant in a murder case, e.g. iMessages, location history, search history."

But the cameras are supposed to completely cover society, so we don't need the cyber info. Indeed, perhaps the perpetrator has a secret paper diary, written in code, where he writes down his exploits. Who cares? We have signed imagery, of him commiting the crime. Any extra information is useful in the statistical sense (to understand what drives a person to do this or that, or to better prepare citizens on how to prevent falling victim to such and such crime), but should be unnecessary to convict a person. The most relevant are the actions themselves I think.

About location history: the camera system is more reliable than the cell phones since a cell phone may be given to a friend willing to provide an alibi, alternatively GPS spoofing etc.

The major reason these cell phone messages, search history etc are highly relevant is simply because we lack the community camera system.

Another problem is phone evidence is highly irregular: some people are more aware of mass surveillance then others (which is also highly correlated to status in society!) when communicating, some people refuse to have a cell phone on them, ...

When they lack enough evidence, the prosecution is forced to grab at straws (irrespective of guilt or innocence of the defendant), and then the value of computer/phone activity seems very high, especially if boots on the ground or scientifiic investigation of crime scenes is so much more expensive. Then it is easy to view this digital data as highly relevant and reliable.

link
zAy0LfpBZLC8mAC 2969 days ago
> * cyber crimes ([...], child porn, ...)

I find that a disturbing classification.

link
DoctorOetker 2969 days ago
Perhaps a miscommunication?

Suppose we talk about vehicles, and I could classify them by color (red, green, ...), or by type (cars, planes, ...)

What is a good or bad classification?

What is disturbing you? the mere topic?

We can't improve prevention of a problem without talking about the problem.

EDIT:

Note, I have added making child porn to meat space crime (even though that is obvious) specifically for you

Would you consider the "Napalm Girl" [0] to be child porn? Or evidence of the atrocities of the use of napalm in the Vietnam war? Did it eventually contribute to the end of public support for the war?

https://en.wikipedia.org/wiki/Phan_Thi_Kim_Phuc

link
zAy0LfpBZLC8mAC 2969 days ago
> What is disturbing you? the mere topic?

The fact that you seem to consider the act of looking at the resulting pictures to be the primary crime even though that is more or less victim-less, rather than the sexual abuse that children are subjected to in order to produce the pictures, which very obviously is not a "cyber" anything, while you at the same time put murder into the category of "meatspace crime", if, following the same logic, it would also belong into the "cyber crime" category, because there can also exist pictures of the act of killing a person that people could look at.

This seems to be an expression of the focus on the vilification of a sexual orientation that people have no control over, namely pedophilia, while almost ignoring the thing that actually hurts other people, namely the actual sexual abuse of children.

link
DoctorOetker 2969 days ago
Yes I see what you mean, but that was never the intended message, note the ellipsis!

So just to be clear, I think it is obvious you, me and nearly everybody regards the making of childporn as a crime, without making any statement on how we regard the crimeness of watching child porn.

link
zAy0LfpBZLC8mAC 2969 days ago
Well, I believe you that you didn't intend that message. But I think the way you put it still reveals how you think/thought about it, and you are almost certainly not alone with that, that seems to be an expression of a sort-of societal consensus--which is actually why I found it disturbing. Noone would ever even get the idea of putting murder into the "cyber crime" category, but somehow that seems to be a natural thing to do for sexual child abuse for many people.
link
DoctorOetker 2969 days ago
The real proble is that I classified subjects, instead of counts of crimes:

It should read:

* meatspace (a count of murder, a count of rape, ...)

* cyberspace (a count of distributing murder films, a count of distributing rape films, ...)

The reason nobody thinks of "actual" snuff murder films in cybercrime category, is because we are heavily bombarded with images of people dying: soldiers getting shot in the news are not considered snuff, cops and robbers shooting each other in movies are not considered snuff. But naked children are not that regular in news or movies (perhaps french/european movies, but thats just nudity in general not specifically children).

link
DoctorOetker 2969 days ago
EDIT:

Would you consider the "Napalm Girl" [0] to be child porn? Or evidence of the atrocities of the use of napalm in the Vietnam war? Did it eventually contribute to the end of public support for the war?

https://en.wikipedia.org/wiki/Phan_Thi_Kim_Phuc

link
zAy0LfpBZLC8mAC 2969 days ago
Really, I don't think it's sensible to even frame it that way.

Should she have the right to control where this picture of her naked is being used? Yes.

Is the picture evidence of sexual abuse? No.

Is the picture evidence of other human right abuses? Yes.

Why should it matter whether it "is child porn"?

link
DoctorOetker 2969 days ago
"Should she have the right to control where this picture of her naked is being used? Yes."

This is the hard question, I argue the group should not give her the right to censor this image.

Imagine she had the power to censor that image, then she might be bribed into censoring it. I think taxpayers have a right to know what happens with their money.

I think the next generations have the right to know what happened, and learn from the mistakes of the generations before.

Imagine such an image of a person abusing a child, encrypted and signed by community cameras and later decrypted to apprehend the perpetrator. I still think a lot of valuable information (for prevention) can be found: did the perpetrator make some kind of promises? or use fear? how exactly do they lure a child into that situation? how can we prepare children better to recognize such situations? etc...

Then there is also political activism, to the extent that conspiracies or power abuses arise, if the only way to politically imprison a person undetected is to prevent the "evidence" to be presented to the public, then we provide them with this loophole of censorship...

link
DoctorOetker 2969 days ago
Imagine we could all simply watch who how and when the double spy & daughter in Britain were possibly poisoned if so.

If they were, we can try to catch them if they are still on soil, or else publicly verifiably convince people elsewhere of what happened, and then continue with higher priorities like Grenfell Tower and how to prevent such events (where many more actually died, and never even worked for the Russians, never consented to the higher risk job of being a spy)

If it didn't happen, we can again focus on our real problems.

It would also generate unity within the community of citizens, instead of this constant contrarianism and doubt.

link
zAy0LfpBZLC8mAC 2969 days ago
> This is the hard question, I argue the group should not give her the right to censor this image.

Sacrificing people's dignity for the supposed common good it very much not a road I am willing to go down. If we are willing to sacrifice an individual's dignity, there is nothing left worth sacrificing it for.

Mind you that this is distinct from limited use for the purposes of prosecution.

> Imagine she had the power to censor that image, then she might be bribed into censoring it.

Yeah, and then imagine I could strip you of your human rights because I value a common good higher than your human rights. Also, no matter what the law, you cannot completely prevent that people will try to put pressure on other people. The solution is not to disregard the individual's dignity, but to create incentives that counter attempts to silence those who suffer. Create an environment where people will come to the conclusion that allowing their picture to be used is the thing they should do, all things considered.

As for your idea of "democratized mass surveillance", I guess it's a nice thought experiment, but not something that could realistically be implemented in a way that would actually be fundamentally better than what we have today. For one, the checks and balances we have today are a sort-of implementation of the same fundamental idea of decentralizing power, but also, total democratization is not a guarantee for humanistic outcomes: Witch hunts, oppression of minorities, and genocides are in a way highly democratic. The problem with the oppression of homosexuals, say, was not that the abuses were a secret, but that the majority opinion was that it was the right thing to do, and such mass surveillance would only have helped with it.

link
carapace 2969 days ago
I've been thinking along somwhat similar lines. Here's an old thing I wrote about it. I'd be curious to know what you think?

"Total Surveillance is the Perfection of Democracy"

For once I disagree with RMS, re: https://www.gnu.org/philosophy/surveillance-vs-democracy.htm...

I believe that it is fundamentally not possible to "roll back" the degree of surveillance in our [global] society in an effective way. Our technology is already converging to a near-total degree of surveillance all on its own. The article itself gives many examples. The end limit will be Vinge's "locator dust" or perhaps something even more ubiquitous and ephemeral. RMS advocates several "band-aid" fixes but seems to miss the logical structure of the paradox of inescapable total surveillance.

Let me attempt to illustrate this paradox. Take this quote from the article:

    "If whistleblowers don't dare reveal crimes and lies, we lose the last shred of effective control over our government and institutions."
(First of all we should reject the underlying premise that "our government and institutions" are only held in check by the fear of the discovery of their "crimes and lies". We can, and should, and must, hold ourselves and our government to a standard of not committing crimes, not telling lies. It is this Procrustean bed of good character that our technology is binding us to, not some dystopian nightmare.)

Certainly the criminally-minded who have inveigled their way into the halls of power should not be permitted to sleep peacefully at night, without concern for discovery. But why assume that ubiquitous surveillance would not touch them? Why would the sensor/processor nets and deep analysis not be useful, and used, for detecting and combating treachery? What "crimes and lies" would be revealed by a whistleblower that would not show up on the intel-feeds?

Or this quote:

    "Everyone must be free to post photos and video recordings occasionally, but the systematic accumulation of such data on the Internet must be limited."
How will this limiting be done? What authority will decide who gets to collect (archive!) what and when? And won't this authority need to see the actions of the accumulators to be able to decide whether they are following the rules?

In effect, doesn't this idea imply some sort of ubiquitous surveillance system to ensure that people are obeying the rules for preventing a ubiquitous surveillance system?

Let's say we set up some rules like the ones RMS is advocating, how do we determine that everyone is following those rules? After all, there is a very good incentive for trying to get a privileged position vis-a-vis these rules. Whoever has the inside edge, whether official spooks, enemy agents, or just criminals, gains an enormous competitive advantage over everyone else.

Someone is going to have that edge, because it's a technological thing, you can't make it go away simply because you don't like it. If the "good guys" tie their own hands (by handicapping their surveillance networks) then we are just handing control to the people who are willing to do what it takes to take it.

You can't unilaterally declare that we (all humanity) will use the kid-friendly "lite" version of the surveillance network because we cannot be sure that everyone is playing by those rules unless we have a "full" version of the surveillance network to check up on everybody!

We can't (I believe) prevent total surveillance but we can certainly control how the data are used, and we can certainly set up systems that allow the data to be used without being abused. The system must be recursive. Whatever form the system takes, it shall necessarily have to be able to detect and correct its own self-abuses.

Total surveillance is the perfection of democracy, not its antithesis.

The true horror of technological omniscience is that it shall force us for once to live according to our own rules. For the first time in history we shall have to do without hypocrisy and privilege. The new equilibrium will not involve tilting at the windmills of ubiquitous sensors and processing power but rather learning what explicit rules we can actually live by, finding, in effect, the real shape of human society.

link
DoctorOetker 2969 days ago
My proposal stems very much from nearly identical thoughts that you just described!

Just posting to say I have read your comment, and will most certainly edit this comment to reply tomorrow!

I will probably also want to be able to contact you (by some method acceptable for us both, email? IRC?) if I ever rewrite this in a more accessible format, or perhaps to collaborate on this subject?

link
carapace 2968 days ago
Cool. :-)

eff oh arr em ay en dot ess aye em oh en at

gmail.com

link