Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Encryption Security Your Rights Online

The Encryption Wars 148

Posted by michael from the blown-away dept.
Occasionally I read works that simply defy description. This is one of them, an interview with Eben Moglen, general counsel of the Free Software Foundation. It isn't short, but if you read one article referenced from Slashdot this month, this should be the one. Part 1. Part 2.
This discussion has been archived. No new comments can be posted.

The Encryption Wars More

The Encryption Wars

Comments Filter:

  • Re:FYI (Score:1)

    by cduffy ( 652 )
    No, Tempest refers to the shielding to protect against it.
  • There is a lot of good stuff in this interview covering many areas. This is IMHO a really interesting point that no one has mentioned yet. It explains why Linux and Free software in general maybe one of the most important things to happen to poorer nations trying to moving into the "Information Age", and also why they might end up kicking our butts in the West...

    MOGLEN: Well, if you look at the computer science 101 syllabi of universities in India, Southeast Asia, Indonesia, if you go on the web and look at these, the CS 101 curriculum in these universities assumes that people are using a Linux based computer rather than a Windows based computer. I mean, it's free. So, Singapore and Thailand and Malaysia are going to produce a lot of young adults who learned about computers using free software; the computers in their homes are going to be free-software computers; their children are going to grow up with free software computers. Which bunch of people are going to be the talented, engaging, aggressive programmers, busy making changes?

    WORTHINGTON: So, culturally, you see the collective decision to use Windows as one which forecloses the possibilities of generations down the road?

    MOGLEN: Well, it's a decision to have fewer programmers. The whole point of free is freedom to change, not low cost, and the whole point of the world towards which we are moving is that the primary power distinction, the class line, is between those people who know how to change the behavior of computers and those people who don't. Because that kind of knowledge, in particular, the ability to interact with complex technological systems to alter their behavior, is power over ordinary daily life in a profound way.

    --
    Simon

  • It's interesting to see Moglen and other posters recommending that we encrypt as much as possible. I wonder how this is proposed to be done:
    • We can't encrypt when browsing the web unless the remote site supports SSL so we basically don't get a choice here.
    • We can't encrypt everything in general using something like IPsec because of the administrative overhead required at BOTH ends.
    • We can't habitually encrypt our email unless the person we are emailing have a public key (and one that we can trust!). I can't think of anyone I know personally who has a public key and/or uses PGP et al.
    I appreciate the overall purpose of the recommendation but encrypting everything is just not possible today. Even encrypting small amounts (like email) is awkward and inconvenient in the RARE situations where it is possible. It seems like people who know nothing about cryptography like to jump up and down and say how encryption solves all these problems and we should all be using it. Encryption doesn't solve any problems, it just moves them around -- often at considerably increased overhead costs.

    As a side note, it's interesting that Moglen seemed to suggest that SSH is secure while SSL is not when, in fact, it would appear to be the opposite. SSL as a protocol is much better designed and more secure than SSH. Defeating the SSH protocol would probably require significantly less work for an attacker than trying to break even 40-bit RC4 SSL.

  • It's also known as Tempest.
  • It is, however, extremely CPU-intensive (yes, you'll notice the speed difference on pentiums). Now consider serving a few hundred connections with SSL on top of the normal load and you'll realize why e-commerce websites simply cannot encrypt everything. One trick is to keep the images unencrypted, but you can only buy yourself so much, particularly when I find myself downloading 200k - 500k web pages from Slashdot.

    What you say about most browsers having SSL support now is correct. Even lynx has patches for SSL.

  • No, I think he really means "property", in the sense that Windows and Back Street Boys albums are property production, whereas Linux and Chris Johnson mp3s (just fr'instance) are non-property. Although proprietariness is a close cousin to property - maybe just close enough to use the wrong word for emphasis?

  • Oh, yes, these are also my feelings and the admirably expressed. I had always the impression that the MacOS/Windows/whatever thing was a great way to foster computer use but also computer illiteracy: you should not know how it works and we (the big software companies) want the customer to be completely ignorant of how it works. This also allows to put completely unknowlegeable people which tell complete bullshit on the support lines (in the interest of the software vendor which charges by the time you are on phone). I've made one support call in my life, I'll never try again, too dangerous for my health to try to stay polite.

    I'll say I almost buy this conspiracy argument. However, I think that the idea that the computer *could* be a common home appliance that nearly anyone could use was and still is a compelling argument for the simplification of computer interfaces and usage, if only for the businesses that sell them.

    The apparent success of this idea has only furthered its reach. That business embrace this for their employees, who often have poor education to begin with isn't surprising. The need to automate requires either a hypereducated workforce or easy to use machines.
  • Who administers the network? You have thousands of computers that need to be refurbished and installed with the proper software, not to mention who fixes the bad things that will eventually happen to the network. That takes manpower (and I don't think conscript soldiers can build email servers) and more importantly, money to pay for that manpower.

    Keep in mind that military service is manditory in Israel, so you should have plenty of CS majors doing their service that could act as sys admins.
  • You're right - there's a lack of clarity - it's not theoretically impossible, in the same way as proving Fermat is not impossible, but since mathematicians have been trying to do it since pretty much the dawn of mathematics with no success, it's fair to say it's impossible for us at the moment.

    Uh, I guess you don't keep up too much on mathematical happenings [best.com], but you should know that Fermat's last theorem was proved in 1995.
  • use the radiation emission from your monitor (can't remember the name of it right now)

    Van Eck phreaking
  • I hate it when alleged cryptographers make silly comments like this.


    What he obviously means is "if somebody figures out a shortcut to factoring the product of two large primes" - as the mathematical impossibility of this is the basis for the RSA algorithm.


    Speaking of silly comments, you've made one yourself. You really want to say that no one has yet found such a shortcut - there's no way to prove that it's "impossible" to easily factor the product of two large primes.

  • The real point he was getting at is that user-friendly systems often discourage people from exploring the depths of their computers, in the same way that modern high school boys don't tinker with cars the way boys did in the 50s. (note: "boys" is in the original article). If the interface is easy and the guts are not user-serviceable, then fewer people will become hackers (in the positive sense of the word).

    This is a problem with MacOS, Windows, and most Wimp GUIs, but NOT with the original Parc GUI that he complains about. The Parc GUI came with full source, code browsers, compiler, etc., and encouraged people to tinker. Everything was user-serviceable.

    The "caveman interface" was only the surface representation. The real language (Smalltalk) was there when you were ready for it. I agree with him that seeing and copying only the look and feel was a "terribly socially retrograde thing to do". But it doesn't have to be that way.
  • Wow, this may be the first time in history that a slashdot editor actually read an article befor posting it

    I seriously doubt it. I submitted this story TWICE yesterday.

    The first time I submitted it, it was rejected so quickly that no editor could possibly have read the article.

    Now, a day later someone else posts it and it gets in.

    Standards, Standards ... /. is big on applying them to others, its a shame they don't have many for themselves.

    • 2000-12-14 14:19:58 Moglen on Eschelon, Crypto, DeCSS and more (yro,Privacy) (rejected)
    • 2000-12-14 14:40:10 Right, lets try this again (articles,news) (rejected)
  • Your default may well be 3DES, try changing to Blowfish.
  • Hmmm. Seems like you may not have finished that last thought, but you earlier said,

    People like us need to start to devote some time to serious personal, grass roots activism, to widen the pool of people using encryption.

    and I couldn't agree more, but I want to add a few ideas.

    Convince a minor political activist group that protection against "dirty tricks" on the internet entails using the strong authentication function of good encryption, or talk to people about privacy. Maybe even try to convince them of the (occasional) value of anonymous speech, and tell them about the folks who give their valuable time to do things like run anonymous remailers or write free privacy-enhancing software. Try to get them to support EFF or one of the other groups if you can.
    JMR
  • I sometimes wonder how true it is that you "need" those computers and sensors in a car. With the exception of some things the computer controls, I wonder if all those other sensors are really needed. Case in point:

    My GF had a 1986 Mustang - it of course had a computer. The thing ran well. However, it had a secret. If you opened the hood, you noticed that a lot of wires and hoses to various sensors were NOT hooked up. The computer was, to whereever it controlled - but almost every sensor was disconnected...

    Now, why was it this way, you may ask? Well, my GF's brother-in-law bought it for her when she was going to college, as an auctioned vehicle. When he got it, it had a lot of problems with it, so he ended up working and working on it, removing this, that, and the other thing - fixing and tweaking stuff, and realized that once he got it running, many things were still disconnected... He's of the "if it works, leave it alone" crowd - so he simply removed what wires/hoses he could, and left the rest to dangle.

    The car always ran good after that - making many long and short trips all over Arizona. Now, you may say "Sure - but what about emmisions?"

    It passed! Every single time. Sure, not with flying colors, but it was better than a lot of other vehicles.

    In the end, the car eventually died (transmission failure), and ended up getting towed away after we left it in a no-parking area (long story). At the time, it wasn't worth the money to get it out of impound - probably has been crushed by now...

    Worldcom [worldcom.com] - Generation Duh!
  • (please ignore this line -- it's entire purpose is to satisfy the lameness filter)

    g/<fuzzy logic>/s/propert/proprietary/

    This is the hypothesis of "Anarchism Triumphant" and part of what I'm writing about in "The Invisible Barbecue." We're going to have a competition in certain sectors of the economy between property and non-property production and non-property production is going to win. But the same can't be said when the goods are not functional and there is not an objective evaluation of betterness or worseness, and where the level of collaboration in production is less. We will see art forms in the next generation that are just as collaborative in production
    . . . . .

    --
  • Thanks. I kept coming up with 'Van Allen', which is a radiation belt but not associated with anyone's monitor as far as I know. Of course, I could have just looked it up, but I was typing in a hurry and I figured everyone would know what I was talking about anyway.
    --
  • Demographics; it's a consequence of where Macs and PCs are deployed, not their users.

    Microsoft has spent alot of time and money selling PCs to schools and corporations, while macs have always been strong in art and communications. This explains everything appart from the 45 YO mac users. I would have guessed mid thirties.
  • sometimes you gotta stop, look, and listen before you correct someone. The previous poster is pointing out that a prime number is obviously not factorisable (by definition of prime), so the article must have meant factor into primes.

    RSA does infact rely on the two factors being relatively prime (I believe this is used in the chinese remainder theorem, but I looked into that a very long time ago). I don't know if they have to be absolutely prime, or whether the exponent needs to be either. I don't think so.
  • Hey now, I wanted to use a mac because I wanted to, not because I was stuck in the early 90's with a IBM clone.
    And there are a heck of smart, and artistic people who use macs too. Applemasters [apple.com]
    And smart guy, ever read the bottom of the article you were quoting? Mac users are twice as likely to have a girlfriend or be in a relationship, and I forget the rest, as well as the link.
  • It is, however, extremely CPU-intensive

    That's true, but you don't have to use SSL everywhere. For example /. could use SSL when sumbitting posts and entering passwords, while keeping the article pages unencrypted.

  • "if somebody figures out a way to factor prime numbers..."

    Not in my lifetime. Nor anyone else's. This sounds like the same mistake [caltech.edu] that Bill Gates [greenspun.com] made.
    --
    Paul Gillingwater

  • excellent point. you do realize that Mac OS X addresses everything you've said here, right?

    OS X may not be perfect, but i'd say it'll be the best operating system for the "use everyday" computer (unfortunately due to my heavy reliance on Adobe apps and high-end Audio, i can't use Linux on my primary work machine). i'm definitely looking forward to it.

    and hey, if you find another TCP/IP bug, then just download the Darwin source and fix it yourself. it's definitely a step in the right direction.

    - j

  • You're missing the point of the argument by a mile. It applys to Windoze as well as the Mac OS, although 'doze does admittedly compensate somewhat through crap design. Oh, and since when is intelligence measured by the cost of one's wardrobe and being between 18 and 24?

  • No, but I do know that independant groups have run through the source code routinely - and I do for some programs. The OpenBSD team has gone through some (ssh and sshd), and the Debian team others (packages with Debian-specific versions). That's more than you can say for Windows. Yes, most companies don't care - but many individuals should.
    -RickHunter

  • Another issue with closed-source encryption programs - it can be hard to verify that its doing what it says its doing. How do you know the NSA or CIA hasn't muscled Microsoft into including a backdoor they can exploit? Can you prove they haven't, without source code access?


    -RickHunter
  • As always, the article is more often quoted than read. One of the main points of the article is that more and more computer users, especially those who have grown up around them since birth, will be dissatisfied with the inability to putz around and understand fundamentally how their machines work (hence the car analogy).

    An entirely GUI-based system can only take you so far towards that goal. Yes, learning is done very often in non-linguistic ways, and the initial stages of someone's growth involve sight and touch and not speech. As an introduction to computers, this should be lauded. But how often have you learned something beyond that non-linguistically, audially? I'd be interested in hearing how many people don't have a terminal running on their desktop under X.

    Further, he seems very optimistic in believing that knowledge of computers will be part of the standard education of the future; everybody will need to know something about them. So it's not just technocrats, but everyone's desire to learn and interact on a linguistic level.

    Anyway, he never made an objection to GUI's in general...he objected to a system which never lets you go beyond the GUI. Mind, I'm not saying I agree with him (I believe, and I think this is implicit in the article, that OS-choice is a product of the free market; you choose the one that suits your needs, and I have no right to determine what your computing needs are or how to fill them), but I believe that is his point. Oh, and yes, I think datajacks are a bad idea; the mere thought of someone cracking my disturbed little mind makes me shudder.

  • Nonsense; how do you know your system doesn't have backdoors now? Do you routinely run through the source code of every one of the thousands of applications you have installed? Source code makes this easier, but not that easy.

    And the article seems to imply a more important point than simply 'ra! ra! linux! goooo...free software!'. Linux is now on the free market, with only two advantages to get it going: free access, and open source. A multi-national company with several times the liquidity of the U.S. government isn't going to care much about the purchase price, and the open source isn't going to win the hearts of the people, since most just don't care. Better than that, Linux is a viable alternative, and can now compete on the levels a product should: reliability, suitability for a task, etc.

  • it breaks down on the same level the car analogy does; yes, many people these days want to work on their cars and tinker around, but many still buy jettas with those plastic hood covers and bright neon oil caps, and don't even consider that there might be other stuff under there. in the end, i'm not quite so optimistic; linux is a product, and will fail or succeed in the same way others do.

    And in response to Mr. Hunter, I run debian. it's nice, and i get those neat little messages from the debian security mailing list. do i think my box is more secure than a windows box? hell yes. do i have a fully secure system? hell no. i could perhaps point out only a few more security holes in my system than i could on a windows box.

  • my apologies; you are correct that he's proposing command-line interfaces as the essential aspect of computer-user interaction. however, i'm not sure how far he wants to push it. he uses x-windows, and i'm sure he doesn't do everything out of a prompt. i agree with him to the extant that the two should co-exist; i dislike not being able to interact 'linguistically', hence my general objection to MacOS. context-sensitive language i also have no problem with.

    curious as to how you differentiate thought and linguistic interaction. isn't a computer's translation of thought a 'linguistic' interaction on a more direct level?

  • Any change has to happen transparently. She has to send the letter to joe@foo.com, the public key for joe@foo.com needs to be automatically looked up in one or more global databases, and it needs to be encrypted and sent. All without her even noticing. If joe@foo.com hasn't registered a public key then it should tell her the mail is insecure and to tell the other user to register a public key. The other user should also get a warning. Probably at the start of the email.

    Why ask a central server? Modify sendmail to include a key generator and database and put together an encrypting/decrypting email client that interfaces tightly and securely with the new sendmail. The email client queries keys.foo.com (the sendmail database) for joe's public key and encrypts the message accordingly. The fun part is that the public key is created and assigned when joe's account is created on the mailserver. From then on, the encryption process is transparent.

    All this requires is a little marketing at the ISP level... Anything I'm missing here?


    --Fesh

  • Re:Holy shit! (Score:2)

    by Anonymous Coward
    Oh, yes, these are also my feelings and the admirably expressed. I had always the impression that the MacOS/Windows/whatever thing was a great way to foster computer use but also computer illiteracy: you should not know how it works and we (the big software companies) want the customer to be completely ignorant of how it works. This also allows to put completely unknowlegeable people which tell complete bullshit on the support lines (in the interest of the software vendor which charges by the time you are on phone). I've made one support call in my life, I'll never try again, too dangerous for my health to try to stay polite.

    Personally that's why I want to use open source software. I have no problem with paying for software, as long as it comes with the source (and if I tweak it to my needs I'm ready to give up support).

    I once had a problem (in 1992) with the TCP/IP stack of a closed source (pseudo) real-time OS: there was obviously a bug with ethernet broadcast messages. The upgrade to the package was on its way so I waited for it. When it arrives I take the first floppy to look at the release notes: the very first statement in the list of changes/improvents/bugfixes was that "broadcast messages are now handled correctly. So I install it, try it and ... same bug as before. I could not wait 3 months or so for the next upgrade down the road so I (illegally) disassembled the whole thing, sifted through the whole text (50Mb of text was a painful thing to handle at the time on a 25MHz 486 DX with 4Mb of RAM), found the bug in about 2 days, fixed it by patching 6 bytes with a hex editor, and the system worked flawlessly for over 7 years until these (68030) processors were replaced by faster ones (PPC under Linux) end 1999.

    Needless to say, after such an experience, if you still believe in software vendors and closed source systems for critical operation you should have your head examined (as I said the problem was not paying for the software in this case, it was paying for support which looked like anti-support, outright lies, and being unable to fix the problems myself when some were simply endangering production at my workplace while of course the vendor was not even liable for the plain wrong statements in a list of bugfixes).

    GUI do exactly the same for user interface, hiding the way it works. GUI have their place, but within limits: a computer which has only a GUI without a command line interface and a decent scripting language is completely castrated (that's the last point which makes Windows as it comes from Redmond not even qualify as an operating system).

  • Motivation for Microsoft to ignore piracy (Score:2)

    by Anonymous Coward
    If Microsoft were to ignore piracy in the developing world, or at least take only ineffective steps against it (as can be argued they are doing), then the threat to them of non-commercial OS/Software domininance is mitigated to some degree.

    The fact is, from living in Asia for years, I've seen more pirated software in business and personal use than you can poke a stick at. If MS truly hated piracy in Russia and East Europe, then they would fight it more there too. The fact is, they know as well as us that those markets are important tomorrow.

    The people who can't afford the software they need today can still become hooked, trained, proficient, what have you. It's important to realize that it's not a simple fight overseas, and we can't just say that since software is too expensive they will gravitate toward free software. We wish. It's just not true.

    Compare the education systems and standards of the EE, Russia, Southeast Asia, and see what you come up with. That's where the success of BSD/Linux may lay. They have a shockingly higher standard. I don't know why Russia is so poor with so many nuclear physicists running around, nor India, with so many doctors and technologists. The undeniably initial learning curve with complex software systems, unlike your standard Windows installation, gives an edge to those who except more from their kids in the first place.

    Summarizing: the interviewee mentioned education, and I really think that's where the progress will lay. Lets not hope too much that cheap software will be the answer.

    Don't forget that commercial/closed operating systems are getting cheaper than ever. I can buy a fully commercially useable (and copyable to some extent) Solaris for about $70. And educational/non-profit institutions can pick up a license for Win 2000 Advanced Server for about $300 in the States. Lets not depend on price alone to save us.

  • The ideal is to take the middle road -- to give the users their dumbed-down interface, but have the advanced features easily available. A prime example of this is LyX, which allows a (dare I say it?) almost Word-like graphical point-and-clicky interface to LaTeX. If users want the complexity, however, they can still add arbitrary LaTeX commands themselves. It is this, the system which retains all the (complex, difficult to learn) functionality despite its ease of use, that many of us want. It's not the GUI we (all) see as the path to destruction, but rather those OSes which offer the GUI but don't additionally provide any more powerful interfaces.

    Similarly, WYSIWYG HTML editors are fine if they permit parts to be hand-coded. The thing is, the easy way should never be the only way, and there should always be a straightforward path from the easy way to the powerful way.

  • He believes that full human/computer interaction should take place in the impoverished region of context-free languages. And I believe it should take place in the far richer area of GUIs, natural (context-sensitive) languages, and eventually thought.

    The problem is, GUIs often sacrifice richness and capability for a simple analogy. The user becomes restricted to doing the tasks that were anticipated by the programmer. For all it's bells and whistles, Windows still doesn't seem to have a GUI way to say 'do this with each one of these'

    Meanwhile, it is possable to implement a simple (and slow) but functional relational database using shell scripts and command line utilities in Unix. The Windows approach is particularly bad for handling anything automatically (Just try searching a log file for a specific event and emailing that to you every night at 3:00 A.M.).

    I don't condemn GUI, I'm running X and using Netscape right now. It is just as big a mistake to forego CLI for GUI as it is to forego GUI for CLI. Of course, it's easier to build a GUI on top of a CLI program than it is to build a CLI on top of a GUI program.

  • Some people will raise the issue of needing to decentralize the storage of the keys, etc, but isn't that an incredibly minor concern considering the state of things now?

    That's easy to do. The key should be fetched from the server that will recieve the mail. To keep things honest, there can be a more global server as well. Every so often, compare the keys fetched from both.

  • The point of a GUI is to get work done quickly.

    If I sit and dig through manuals on specifics of syntax, and grind on scratch paper and eventually work up a script to do something. yeah. my brain gets some excercise. I'm a human, I'm thinking. I can join mensa now. Proud of me mom? yay.

    But if I drag an icon onto another icon, and I get results - I'm getting work done, and quickly.

    It's a tool, stupid!
  • moron.

    Nobody said that there wasn't a stage in the process where everything was reduced to numbers.

    But at the same time, did someone sit down at a computer, open up Excel, and enter numbers in cell after cell?

    Hell no! the datasets were captured by digitizing actors movements, scenes were tacked together with graphically driven editing equipment. Some data, of course, was derived from procedural animations generated entirely by computer, but most of the procedures were based on motion capture, or formulized versions of motion capture.
    I'm not saying that nobody opened up a spreadsheet and massaged or tweaked data by hand. That's the beauty of the process. You can do both. But to say that in order to use a computer everyone ought to learn how to enter data on a keyboard with two buttons (1 and 0) or they're not worthy of your respect - is lame, and shortsighted.
  • Check out what ham-radio operators are doing with APRS [aprs.org] - basically automated location broadcasting with some messaging features tacked on, using packet radio.

    -Isaac

  • Sometimes it is a good idea to interact with technology at a low level.

    I get instant physical feedback from a car. I can use muscle memory and habit to make driving unconscious. It would be painful and ridiculous to drive via voice commands.

    Programming something is different, I think, to operating it. When we start writing shell scripts and pipelines we're programming. When we type up and format a document, we're just operating.

    There is a fuzzy line past which it becomes easier to use language than physical movements, which is why I like OSs that offer both.

    So I see the neccessity for CLIs. But the fact that GUIs offer interaction at a more primitive level does not make them a bad thing.
  • I can't say I agree.

    Language is great. But it's not always the best approach. In real life, people don't generally sit there, in one place, and _just_ talk all day. People move around, handle objects, and interact with the world through physical means. In fact, we're kind of evolved to seek out and use physical feedback in our interactions with the world around us. Merely talking at the world isn't enough for most people, in most applications.

    Now, there _are_, of course, some cases where people can get away with just 'talking' at the world and be productive. Like programming, generally, and writing, and perhaps things like theoretical physics and mathematics, where you write strings of formulas (language!). But this already gets borderline, because you have to start visualizing these things, drawing graphs, and then you end up _building_ physical models to test your equations.

    If an activity is heavily abstaracted from the physical, then just language can be enough. The closer to the physical you get, the more you need to use other ways of interaction, like touching, or seeing, or smelling, or pointing, or whatever.

    Some people, in some professions, rely on abstract 'language' heavily. The mathematicians, physicists, the engineers in some ways - people like that. To them, this abstract way of interacting with the 'world' is simple, natural, elegant, and powerful. I lean that way myself. These sorts of people were the ones who _invented_ computers, who created the first user interfaces. And naturally, these interfaces were very heavily language oriented. (The fact that anything else was basically not feasible on the hardware of the time was of course another factor).

    But it is very important to see that most people are _not_ in professions that are heavily abstracted from the physical. They do _not_ use abstract thought, abstract language to interact with their world, not nearly as much as the coders and scientists. Their lives are far closer to the physical, and abstract text, memory-based commands, atomicity, etc, etc, are just _alien_. They aren't trained to think in these ways. They prefer more visceral interactions, like taking things in through vision (and not just the 'vision' that is used to see text, which then has to parsed and absorbed - vision as in seeing things move, seeing data visually represented, actually _seeing_ your tools, and seeing them in some more-or-less familiar form). They want to be able to grab things and drag them to where they want them to be. And so on, and so forth.

    And so some sort of graphical user interface becomes necessary. And command-line interfaces are 'bad' here, because these people aren't familiar with the very modes of thought it takes to use one, and they don't want to learn - they don't see why they should have to, if there's another, more comfortabe way. And so we have the spectacular success of the Mac model of GUI.

    This drastic change in user interfaces, from the heavily abstract to the far more 'intuitive', visceral interface allowed great numbers of people to use computers in their daily lives who hadn't a hope of doing so before. This was far from a 'dumbing down'. That's rank elitism. This was the 'eligatarinization' (not a word, I know) of computing. And computers _were_ useful to these people's lives. Word processors, spreadsheets, drawing, games, email, the internet, and the many 'killer apps' did a lot of good for a lot of people.

    These people that rushed into computing with the coming of the Mac-style interfaces were not, and are not, any dumber than the geeks that had been using them before. They were, and are, simply _different_.

    And there are a hell of a lot more of them then of us geeks. To deny them the means to use computers easily so that we can hang on to our elite self-image, trying to remold them in our own image ("Our way or the highway") strikes me as wrong.

    Command-line interfaces have their strengths and weaknesses. So do GUIs. The problem is, some people just _can't_, or won't (which is really the same thing) use the command-line interfaces. In fact, it's not 'some', it's 'most'. Which is why there's such a dominance of GUI-emphasis OSes.

    And until Linux and its ilk learn to be so GUIfied that essentially any typical-user-land task can be done in the GUI, without having to go the command-line, it will not become mainstream. You don't have to give up the CLI, of course. You just have to make the GUI good enough that people don't _have_ to use the command-line to work productively. Until then, Linux will not be a big success on the desktop. And the elitism displayed by the community only serves to turn potential users away.

    Cheers,
    -Geon

  • Your great-grandparents could all sing in tune and in harmony, and many of them played an instrument. They were music-makers. Sheet music sales were big business. In the days before radio, TV, and records, people had to entertain themselves, and they did. Few people wrote original music, but almost everyone sang and far more people could play the piano.

  • Toy Story was, in fact, made with tools that would shock you by their 'primitiveness'. All of the animation is done in spreadsheets and procedural languages. Even their lighting scheme in Toy Story is procedural and not interactive. It remains the best CG movie ever made, and I maintain that it is because of that proceduralism encoding the will of the animators and technical directors into the characters.

    Now, it is true that other people at the apex of my computer graphics effects industry have a hard time accepting this; so I won't hold it against you. But, nevertheless, it's true. Toy Story, Toy Story II, A Bug's Life, and Antz were all animated with spreadheets. You can look it up.

    thad

  • Would be a better title for this inteview.

    How many people here feel the moral obligations mentioned in the text? Every DMCA, RIAA, MPAA ruling seems that much closer to corporate money buying fascist control over every aspect of your interaction with intellectual property.

    I hope this is a wake up call for a large portion of /. readers.
  • The problem is if/when quantum computers become available.

    The computation performed by quantum computers is able to find the exact solution to a problem with many many possiblities (NP-complete for example) with a single operation.

    The only contraint on the size of the problem which can be solved by quantum computers is the size of the quantum elements configured for a single operation.

    Right now this is a handfull of atoms, but before long it may be enough to crack 128bit keys in a single collapse of a quantum set.

  • or 2048bit public keys. (which is what we were discussing until I had a brain fart.)

  • Another thing he guessed wrongly about is the interest of people who grow up with computers in hacking. Maybe I'll be proved wrong, but I haven't been yet. People who grow up with computers don't gain any magical insight or understanding of them.

    Other parts of the article touched on that: It's because of the GUI dragging things down to the caveman level.

    Outside of North America, Linux use is considerably higher. Using Linux and other *nix OSes tends to encourage understanding, because the nuts-and-bolts are more visible.

    Reading between the lines, the interviewee seems to be suggesting that the nations that are currently the most high-tech could eventually lose that edge because of their dependance on expensive (>$0) point-and-drool software, and that the Linux-loving people in the second-world countries will produce free software to drive out the evil MicroSoft corporation, and all will live happily ever after under some post-industrial economic model. Or something.

  • as the mathematical impossibility of this is the basis for the RSA algorithm. Factoring two primes, no matter how big, is not mathematically impossible. It's just really really hard. Encryption is based on the fact that it will take longer to break the encrypted message than the message being valid.
  • I don't know whether it takes fifteen or twenty years to do Microsoft in - what difference does it make? They're going down. You can't make less good stuff and sell it at high prices indefinitely when the good stuff is free.

    Microsoft makes $400 billion a year selling stuff, than which there is better available for nothing. In the pure microeconomics of this you would expect it to go away.

    I think there's two possibilities here.

    1) MS is doing enough things right -- and the right things right, for the largest available market -- that they're not going down. And they'll continue to. You know that attitude -- it doesn't have to perfect

    2) People don't optimize well. For lots of human reasons, not the least of which is flow of information.

    Moglen seems to pick up on #2....

    Now, there are a whole lot of things that can be done to stave off the law of supply and demand - you can advertise heavily; you can give people fear, uncertainty and doubt; you can do all sorts of things

    And they do. Plus there's the simple fact that people frequently make wrong choices. The theme of being deceived and chosing something of lesser value over something of greater value is VERY old.
    Isaiah "Wherefore do ye spend your money for that which is not bread? and your labor for that which satisfieth not?"

    Of course, there's themes of redemption, too, and maybe that fits in with the MLK quote he throws in "The moral arc of the universe is long, but it bends towards justice".

    And so might it be a long time before MS goes down.
  • Moglen is a very smart guy, but like most of programmers he is very linguistically oriented. [Ah? Yes, I know he is a law professor at Columbia, but he used to be a programmer before that and it still shows. Not that it's a bad thing.] He also doesn't understand user interfaces.

    Sure, there is a place for language interfaces (aka command line). For example, it's quite hard to get arbitrary information out a database by point-and-click/grunt/drool methods. However, there is also definitely a place for non-language interfaces, as well. You don't drive your car by typing (or even speaking) "turn left", "slow down", "aiiieeeeee!".

    Inventing a language to allow humans to think more precisely is not a new idea. The reason Latin was taught in all elite schools a hundred years ago is that people thought that one can think more clearly and coherently in Latin.

    Moglen is enamoured with language ("regressing away from language", "infantilized, return to a pre-linguistic condition") and does not understand that it's not necessarily appropriate to all human-computer interaction. Do you want to play Quake by typing "run forward, shoot guy"? Besides, human interaction with systems is quite more complicated than a simple "pre-linguistic" -&gt "lingustic" ("stupid" -&gt "smart") line.

    People at PARC knew what they were doing. The WIMP (windows-icons-menus-pointer) environment has many well-documented advantages over a command line and Moglen should know better than to air his prejudices in public.


    Kaa
  • What counts as "critical operation?" Most people use computers for e-mail, surfing the web, word processing, porn, and wasting time - hardly anything critical.

    A "critical operation" is one which the organisation needs to do to function. Which could very easily include "web surfing" and "wordprocessing"...
  • Code - plain and simple. Keep coding. Build a portfolio, and shop it around. Make sure that whatever code you have is clean and well thought out. If you can show a spec, going from design to implementation, in a portfolio, so much the better. Comment heavily, and neatly. But most importantly, keep coding.

    I worked as a cashier at Osco before I got my first "professional" coding job. It isn't impossible (one trick I learned was to ask them to let me work for free - if they liked my work after a trial period, of say, 2 weeks, then they could hire me - this is easily something you can do if you are living at home, harder or impossible if you have a family to support)...

    Worldcom [worldcom.com] - Generation Duh!

  • he makes this point that GUI's dumb down the user by removing the usage of language. he says that people should want to operate their computers through language, not infantile pictures. Im not sure how he can *not* see that users would *definitely* prefer to use language over pictures, except that that language must be their own native speaking tongue.

    Popular culture from the 1950's right through 2001: A Space Odyssey and ST:TNG portray the most powerful computers as being operated strictly through human-spoken English dialogue. It is obvious to everyone that human-spoken languages are the most intuitive interfaces of all. However, since the native lanaguages of operating computers are things like Bash, DOS, C, whatever, end-users feel like learning these other languages just as much as they would feel like learning Japanese in order to operate their computers. Computer enthusiasts like us and Moglen do not see command-line systems as anywhere nearly as complex as learning Japanese, but I bet to the majority of end-users it appears as a similar amount of effort.

    So if we presented Moglen with a computer that had only an interface in Japanese, he wouldnt have any issue with that, right?

  • And how many people consciously apply formal mathematics on a communication basis? For the large part it is solely reserved for math problems, which, probably counter to many mathemeticians' opinions, most people don't interpret the whole world as! Just like most people don't interpret the whole world as a programming or logic problem to be solved algorithmically. We are wetware. We do strange fuzzy things like "feel" and "sense". We have moods. We think and behave irrationally. Trying to stuff us into some rigid formal box is just futile. We *want* to point and grunt dammit! Perhaps for you and I it may seem naturally to express ideas and wishes in concise semantic-rich arcane syntax, but to most people it doesn't. We have to realize that we are just as much a product of computing as computing is a product of humans. Would you have had the same opinion before computers were even invented (physically throwing away this file is so primitive! Why can't we just say "R.M. slash-cabinet-slash-reports-slash-two-thousand-dot -12"...it's SOOO much easier)? They would have thrown you in the loony bin.
  • but what exactly do you have against the CIA/FBI identifying and stopping terrorists and the like? I mean, what you're saying here is that people should use encryption so there are so many encrypted messages that the agencies we pay to protect us can't decrypt all of them. I mean really, what these keyword searches are doing is picking out of the pile all the messages that may be validly scary. Then, assumably, someone looks at these messages and determines whether or not there really is something here. Turn on the encryption for every little thing and that small bit of security disappears. Obviously not a big thing, but it could be a crucial issue in your national security. Now the things that I personally have a problem with, is the companies and marketing jerks who are doing this sort of monitoring. They arn't doing keyword searches, their goal is to build a very big database with every little bit of information they can get on you. Presumably this is to protect their intellectual property or sell you stuff, two things I really don't want them doing. So if there ever was a reason to encrypt everything you send it is to protect you from these ilk (criminals?) and not your own intelligence agencies.
  • An excellent case for the irreducibility of visual and spatial
    intuitions to linguistic ones is made by John Etchemendy in his paper
    "Computers, visualisation and the nature of reasoning" (PDF file [stanford.edu]).
    John Etchemendy is a smart chap, a formal logician working at the
    Stanford CSLI, and a close colleague of the late Jon Barwise.
  • It is a good read, but a lot of the rhetoric's a little short on meat. Let me give an example, his proposing a "free" countrywide network for Israel:

    "MOGLEN: There's no question. But the world economy would not necessarily be better off if nobody needed to buy any PCs any more. The fact that the hardware market actually saturated with all the computers we really needed years ago is not really an argument for why the society would be so much more prosperous if we stopped making them.

    Rather, this is the digital divide problem in a serious way. I made a proposal to the Israeli government a year ago that went like this: Take every computer that you threw away in the state last year, just the ones you scrapped, and put free software on them. They are now the routers, bridges, switches and e-mail servers for an entire free broadband network for all of Israel. The only thing you don't have is the cable. But you have required annual military reserve duty. Take one cycle and say everybody not performing militarily essential service is laying fiber, for one year. You are now finished. Free software, scrapped computers, one year of conscript labor, and the physical cost of the fiber and you're done."

    Questions:
    • Who pays for the fiber? It's not like laying a couple thousand miles of fiber optics is pocket change.
    • Who administers the network? You have thousands of computers that need to be refurbished and installed with the proper software, not to mention who fixes the bad things that will eventually happen to the network. That takes manpower (and I don't think conscript soldiers can build email servers) and more importantly, money to pay for that manpower.
    • How much electricity is this network going to suck up? It's not like Israel is bursting at the seams with extra kilowatt-hours.
    • Exactly how many soldiers on duty do you think Israel feels is doing nothing important? Especially now?
    No wonder the Israelis were laughing behind his back. To hear Mr. Moglen say it, he was offering to wire up every Israeli for free...minus certain obvious necessities. He has some good thoughts to offer on almost everything, but I wish he would spend a little more time thinking through his proposals.
  • A good start would be for Hemos & Co. to set up SSL on their servers, so that those who wish to increase the encrypted traffic on the Internet could do so by reading Slashdot over a secure(ish) link.

    Furthermore, rather than using Geoshitties, you could support a great little Web-Mail provider called ZKey.Com [zkey.com], who provide free mail and other services over SSL as standard.
    --
    Paul Gillingwater

  • One idea I've suggested often is for Slashdot to offer an "enhanced" membership, with an annual fee, that would provide additional services to paying users-

    • Browsing via SSL.
    • Better page load times by giving SSL traffic a higher priority at Slashdot's servers and routers.
    • Access to a SSL'ized caching proxy server, providing cached copies of slashdotted pages from all current stories.
    • Other services that are too 'costly' to offer with the current free site.

    By calling it a "subscription", I can get work to pay for it. Just keep the rate under USD $100/year :-)

  • My suggestion (see my other reply to the parent article) is for Slashdot to offer SSL as part of an enhanced "subscription" service, charging an annual fee.

    Along with SSL, they could provide faster response time than the free service (give port 443 higher priority on the routers and servers), and offer access to a caching proxy server to avoid the slashdot effect.

    As a "subscription" to a "journal" related to my job, I can get work to cover the cost.

  • I've been trying to express this thought for years and haven't been able to phrase it half as well. The mac gui really does emotionally and intellectually regress those that use it.

    Yes, I saw this demonstrated quite effectively on THE MACHINE THAT CHANGED THE WORLD. The Xerox PARC people were mentioning how the GUI was designed so that even 2 or 3 year old children could use it.

    The researcher then brought his 2 year old daughter in, and she then sat down at a machine, used a simple paint program to draw a ball and change the color of the ball.

    Rich...

  • That question has now been answered. If the NSA can develop quantum computers, if this, if that, if somebody figures out a way to factor prime numbers... something might destabilize this new environment in a deep way.

    Indeed, this does defy description. I am continually surprised at the lifetime of this annoying factoring prime numbers meme.

  • The extra CPU needed to do SSL is about 2-5% over what it would normally take to load the web page. This is about the same on both the browser and the web server, slightly higher on the web server mainly because the web server doesn't have to render images.

    I don't consider this a huge cost. Encryption naysayers have been bugling the CPU costs for years, but they just don't bear out in benchmarks or in real-world application.
    --

  • A massive winding down, regressing away from language, in order to address the technological nervousness of the user.

    And this is avoided by making any and all use of the computer handled through cryptic commands, then treating anyone who asks a question about it as though they were a moron? More importantly, at the time, this was a bad thing???

    Things today have gotten (somewhat) better, but lets face it, people who were absolute beginners, knew nothing about DOS or Unix, had a very hard time learning unless they could find someone to take them under their wing back in the 80's. That's a big part of the reason I ended up starting out with Macs. I could mount disks, add hardware, format a page, save a document, open a program with a quick click on the icon which showed up on the desktop. I wholeheartedly admit that at the time, as a newbie, I wanted to do... not spend hours or even weeks learning. Yes, that is an evil thing and yes, I now feel that everyone should learn as much as they can, but remember that at that time computers were still this mystical device that only wiz kids knew how to use, or socially inept perverts... hmmm... well... some things haven't changed much ;) but you get my point. They were not nearly so common nor as easy to use, and finding someone to help you who wouldn't treat you like crap was difficult.

    Yes, I admit that the command line, once learned, is faster and more... well, I wouldn't know how to describe it, perhaps more logical is a good description. But now I prefer it because I've learned how and books on the subject of Linux/Unix had become more geared toward the newbie. And while I'm sure that 5 years ago, when I started getting interested in *nix, there were people willing to help, but finding them seemed impossible at the time for someone who was a "blue collar", po' white trash.

    MacOS may have been (and may still be) a "dumbed down" computer interface to some. But if I am ever asked by someone who has never used a computer what they should buy, if they have the money I still say "start with a Mac".

    I am not saying I think the MacOS is better or worse... No flame wars going on here :-) But I am saying I disagree with the assertion that the MacOS keeps a person stupid or is designed for morons. I think it is designed to be easy to learn, to be comfortable. And I'm glad that Apple did take on Xerox PARC technology, because it allowed people like me, with little money and little education, to get started.
  • Wouldn't the world be a better place if (as is increasingly happening) everything we ever did was logged and stored? Maybe we'd all stop pretending we never go faster than 54, officer, never looked at dirty pictures, never downloaded from Napster. We will have to come to terms that no-one is a model citizen, and become a lot more realistic in how we deal with people.
  • Americans listen to music; they don't make music
    That is a generalization of people that has always been true about all socities.

    That isn't true at all. Why do you think that just about every agricultural society has harvest songs, planting songs, and for all I know weeding, watering and fruit picking songs? Herding societies have songs for hauling water from the wells for their cattle. Potters sing while they turn pots, Woodsmen sing while they saw logs, and weavers sing while they make cloth. It isn't the select few with the best voices who sings these songs, it is every worker.

    To make repetitive work more enjoyable, they sing songs whose rhythm is that of the work at hand. Not only do they make the work more pleasant, they often help people get into the rhythm of the work. This is especially true of cooperative work - when you have to hand a bucket of water to the guy above you exactly when he is reaching down and passing you an empty bucket, it sure makes it easier if you're always trading buckets on the same beat in the song.

    Incidentally, some of the coolest sounding music I've heard is a rice planting song. The 'drum beats' are made by people slapping the water of the paddy with their hands as they reach down to plant the rice shoots (or something). I don't understand the words at all, but it sounds a bit like a round.

  • Moglen is enamoured with language ("regressing away from language", "infantilized, return to a pre-linguistic condition") and does not understand that it's not necessarily appropriate to all human-computer interaction.

    What makes Windows and the Mac UI "regressive" and "infantilized" is not their GUI nature, but their WIMP-only nature. A GUI is a powerful tool, but it only goes so far. At some point, most heavy computer users need to express their desires in language. For example, my employer has an internal web page listing all the employees, with their phone number and a thumbnail photo in a table. What happens when you want to add or remove an employee from the table? With the drool and click interface, you have to manually rearrange the entire table. The person doing this hadn't even considered the possibility that a simple script could regenerate the page from a database: the impoverished Windows environment had trained her that manual repetition is the only way to accomplish work.

    Contrast this with a Linux desktop: the machine I'm typing this on has GUI gadgets and widgets coming out of its ears. But they are not based on the read-only binary dictatorship of MSFT. My Gnome toolbar has a variety of icons and useful applets on it (try putting a volume control next to the Start button on the Windows toolbar). The clock applet I chose shows not just the time but the date, and in a large, easy-to-read font (the Windows clock is hard wired time-only, and is also hard wired to a single-pixel font that is virtually unreadable at 1600x1200). Whenever I have to do something over and over again, I write a little script. Sure, it takes several hours to become competent at scripting, but it pays off the first time you don't have to waste an hour repetitively clicking some unscriptable Windows junk. I administer this machine with Webmin, which provides a slick GUI interface, yet is written in easily altered perl. (Try adding blink tags to the Windows administration utilities. ;-)

  • A very interesting article, if a bit optimistic at times. The absolute certainty that free software has been better than non-free alternatives for at least five years, for instance. But I liked the talk of how the content industry wants to make everything into property, and how that model won't work in the end. Interviewer seemed to agree with him. And then, at the end of the article:

    © Immaterial Incorporated

    That freaked me out. Of course, it's absolutely normal for them to do that, I might put that there myself. But that's the point, isn't it? this stuff has already gone too far, that guy is too optimistic, everything is already property, and we all already play along.

  • "you point and you grunt. A massive winding down, regressing away from language, in order to address the technological nervousness of the user"

    Yeah, nothing keeps the old grey matter in shape like a pointlessly over-complicated interface.
  • SSL is expensive, and it has nothing to do with CPU power. SSL requires the server to provide a signed certificate, and the browser expects the signature to match against one of a small number that are hard coded into it. Netscape 3.x and up, and IE 5 (but not IE 4, still in widespread use) can accept certs not signed by a recognized certification authority, but the user is confronted with a sequence of dialog boxes, that contain disturbing language. In IE, the default is to not allow the page to load. Netscape's default, after 5 or 6 dialogs, it to proceed, but not store the cert on the hard drive. This basically boils down to the website using SSL needing to obtain a cert from one of the trusted (by the browser's author) certification authorities.

    Verisign charges a minimum of $350/year. That's right, you have to pay the Verisign Tax every year. Of course, if someone captures your cert, they can only impersonate you until it expires. Thawte (which has been bought by Verisign) still provides certs for $125/year, and that's what my site uses (I hope they don't raise the Thawte price, though I can't see why they wouldn't now that they've got a near monopoly). Netscape comes loaded with several others certification authority keys, but all of those folks seem to only offer certs in conjuction with their hosting or their (expensive) software.

    SSL certs aren't cheap, because represent a significant effort to verify the business contact info [verisign.com] for the operators of the site. For e-commerce, it's a really good idea, that little lock icon closing means two things... your data is encrypted, and the sight you're communicating with really is who they claim to be. The certification authority's process is thoughly audited by a big-five accounting firm (KPMG for Verisign, I think), and those folks ain't cheap (I know because Robin works for one of the big-five).

    Getting a huge portion of the web to click the non-default choices to allow a untrustworthy certification authority would be a serious reduction in the overall security of e-commerce, and it's probably open a huge opportunity for spammers to appear as reputable business. Not a good idea.

    If you want to fill the net with encrypted data, what's really needed is a protocol that doesn't require either side to incur a monetary cost. SSL is (or at least seems, not being an cryptanalyist) a good e-commerce protocol. SSL's barrier to entry and reoccuring cost will prevent if from being useful for the social goal of filling the net with encrypted streams.

  • "Gone Jackal" believes:
    the open source isn't going to win the hearts of the people, since most just don't care.

    If I read Eben Moglen's words correctly, it seems like you and he have exactly opposite opinions here. He believes kids will grow up with "freedom" and won't even consider closed source.

    Personally, I'm skeptical it'll turn out that way, though it'd sure be nice if it did.

  • PC users are... more likely to go out on a romantic meal... Mac counterparts who would rather be at a dinner party.

    PC users are 50% more likely to prefer romantic films than Mac users.

    PC users ... [are] three times more likely to spend more than £200 per month on their wardrobe.

    you're more likely to find PC users out clubbing than Mac-sters

    This generally matches my experience, too. All the PC people around here spend all their time trying to get laid, but end up doing everything but getting laid -- they dink around with clothes, and romantic dinners, and romantic movies, and clubs, and everything but the actual sex. They're generally not sure what they actually want, but they've managed to convince themselves that it must be really complicated to get it. Boy, are they a frustrated lot.

    The Mac people, on the other hand, know what the want to do, and the best way to get it. They seem pretty happy.

    The less said about the linux users, the better.
  • Your comparision is flawed in comparing the lack of privacy in unshredded trash to a communication that is already in an easily machine readable form on a public network. Sure, someone could go through your trash, but the government or other entity can install a few small extremely cheap boxes at each city dump and have them automatically categorize and sort through everyones trash, and map it all back to the household of origin.

    You're point on credit cards is valid, however. Credit card transactions can say a lot about a person, leaving an audit trail of their economic interactions [at least when using them]. Of course, this is unlikely to come near the level of personal exposure that one's writings, one's supposedly private communications with friends, collegues, family, potential buisness partners, etc, would have.


    ---
    man sig
  • I have way too much heavy reading to catch up on. This part was interesting, and something I have agreed with for awhile.
    MOGLEN: If you want to gain knowledge, you need to know these things. If you want to convey knowledge, if you want to help other people learn, you have to help them to know these things. If you want to be living in contact with the real issues, you're going to have to know enough about the technology to see where the real issues are. If we wrote down on a list the eight or the ten most important political issues in this society at the moment, my guess is that three or four of them would be issues that you can't understand, let alone have a good opinion about, unless you know a good deal about technology. If we wrote down the issues that we feel most nervous about, of those ten we'd probably find that three or four are places where we think that people are getting rushed out of the question already, because the guys who know are racing to lock it up beforeeverybody else figures out what's going on.

    Now, in an environment where both of those things that I have just said are true, civic duty is to learn what you need to learn in order to make the decisions in a democratic society in a grown-up way. That's the same civic duty that Thomas Jefferson or George Washington believed in. The people who think that we need to have a democratic society are always people who are worried about whether the voters who control the society know enough, and it's not a question of taking power away from them, it's a question of helping them to become knowledgeable and engaged. We've got a duty to try and explain this stuff clearly. We've got a duty to learn these technologies so that we can ourselves participate, and most importantly we have a duty to look at the educational system to find out whether it teaches people who grow up in the society what they need to know.

    given the quality of the leadership we have these days (check out your local politicians) we have a long way to go.

    But what are you going to do otherwise?

  • ... that they don't want to look under the bonnet.
    MOGLEN: Absolutely. In the same way, kids, boy kids particularly of course, they wanted the engines of automobiles to be malleable.
    WORTHINGTON: What fraction of Americans actually knew how to tinker with the insides of their cars?

    There is a neighbor of mine who has a car which, on a good day, runs on three, bad day, runs on 2 - 2.5. It sounds sick as hell. Yet every morning he gets up, starts it, revs the tits off it as soon as it fires, sits doing this for five minutes, then drives off.
    How many people do you know who's computers run on 3 cylinders? Do *they* know? Do they CARE?

  • I was then working on the development of APL2, a nested array, algorithmic, symbolic language, and I was committed to the idea that what we were doing with computers was making languages that were better than natural languages for procedural thought.

    I assume APL2 is a descendant of APL. APL is one of the most cryptic languages ever invented, just ridiculously dense. If this is this guy's idea of a good computer language...

    The idea was to do for whole ranges of human thinking what mathematics has been doing for thousands of years in the quantitative arrangement of knowledge, and to help people think in more precise and clear ways.

    There is no "mental logic". This is one of those common fallacies. There is no evidence that teaching children logic, latin, logo, or whatever subject people at the time think exercises the "mental muscle" improves thinking in any general sense. Read any textbook on cognitive psychology for the details. Of course, because most computer programmers are rather good at abstract and mathematical thinking, they egocentrically think this is the way all people think, or all people should think, or that is best.

    What I saw in the Xerox PARC technology was the caveman interface, you point and you grunt.

    sigh.I just finished a recent book on the history of Xerox PARC, Dealers of Lightning by Hiltzik. It traces the motivation behind the development of the GUI. I recommend it to you all for more insight than this quote offers.

    For what it's worth, I see the GUI as a win over command languages in many situations because it makes the intentions of actions clear. The desktop metaphor works because people know the purposs of the various objects on one's real desktop, and so there's no need to infer the consequences of the paralle objects of their GUI. On the other hand, to learn the intentionality of key combinations is to start from scratch. As far as the visual versus linguistic nature of GUIs versus command languages, well, the folks at Xerox were trying to capitalize on the tremendously higher bandwidth of human vision versus the teletype keyboard. They weren't trying to make artifacts for pre-linguistic, primitive cultures.

    This was to my mind a terribly socially retrogradething to do, and I have not changed my mind about that.

    And why would you? It's quite easy to cling to one's initial, elitist impressions, isn't it?
  • Firstly, I do disagree with you, and I also have mod points, but it's far more constructive to say why I disagree with you rather than simply moderate your post down. Hopefully other moderators will take this position too.

    Anyway, let me address your points in turn

    Has anyone considered the cost of encrypting the majority of Internet traffic? I always encrypt terminal sessions, but the cost of servers encrypting web traffic would be very high. I wouldn't mind; my PC has enough power to encrypt all MY traffic, but how about a busy web server? How much new hardware would slashdot need to support encrypting everything? If slashdot is going to blow that stupid smoke, then slashdot should encrypt all its traffic.

    Incase you hadn't noticed hardware companies are producing faster and faster processors all the time, and the price of this increased technology is falling. We are very rapidly approaching (in fact it could be argued were are there) a time in which CPU speed routinely exceeds requirements. Encrypting data produces no overhead in terms of bandwidth, only in terms of CPU time. I'd wager that if the slashdot cru were to go out and replace the hardware they currently have, spending exactly the same amount as they did last time they upgraded, the extra CPU power they'd gain would be enough to add SSL.

    Second, is his explicit assumption that Linux is the best thing available, and that free software is always better than proprietary software in quality. Linux does have a lot of good points, and in some cases is the best solution. MS Windows has strengths also. Sometimes Microsoft solutions solve a problem better. Sometimes one of the other systems he ignores is better.


    What you say at first is incorrect; the interviewer says Linux is the best thing avaliable, he actually says that free software is the best thing avaliable, which happens to include Linux. The point that is being made is that even if the Microsoft implementation of something were to be technically better (and I'm not going to get into whether or not that is the case), the fact that it is not free makes it inherently worse. Microsoft may make something better, but time does not stand still. If something is free, anyone is free to improve it, and with the potential billions avaliable to improve it, there is no way proprietary software can compete.


    --
  • In 1979, when I was working at IBM, I wrote an internal memo lambasting the Apple Lisa, which was Apple's first attempt to adapt Xerox PARC technology, the graphical user interface, into a desktop PC. I was then working on the development of APL2, a nested array, algorithmic, symbolic language, and I was committed to the idea that what we were doing with computers was making languages that were better than natural languages for procedural thought. The idea was to do for whole ranges of human thinking what mathematics has been doing for thousands of years in the quantitative arrangement of knowledge, and to help people think in more precise and clear ways. What I saw in the Xerox PARC technology was the caveman interface, you point and you grunt. A massive winding down, regressing away from language, in order to address the technological nervousness of the user. Users wanted to be infantilized, to return to a pre-linguistic condition in the using of computers, and the Xerox PARC technology's primary advantage was that it allowed users to address computers in a pre-linguistic way. This was to my mind a terribly socially retrograde thing to do, and I have not changed my mind about that.
    I've been trying to express this thought for years and haven't been able to phrase it half as well. The mac gui really does emotionally and intellectually regress those that use it.

    While the objective of "help people think in more precise and clear ways" is admirable, the methodology (censorship) is not. Essentially he is promoting the idea that access to computers should be limited to those who have passed the exam of procedural thought. This is not unlike withholding citizenship from those who hold a certain religious or ideological viewpoint.

    Firstly the GUI should be lauded, as it has enabled the introduction of computers, the simple directory structure of which requires logical thought, to a set of people who otherwise would have remained in the computer and logical dark.

    Secondly, it is the zenith of arrogance to assume that the sum objectives of computers can be met with procedural languages. Would Toy Story have been done without GUI-based art programs? No.

    Finally, if the purpose of a computer language (and extrapolated to a GUI) is to translate human intent (rich language) into computer action (poor language), should not as much of that work as possible be done by the computer, and not by the human? Is there anyone reading Slashdot who thinks that datajacks, which would translate human thought into computer action, would be a bad idea?

    I think their opinion is principally head by would-be techocrats bitter when they saw their technology lead and investment eroded by a better interface.

  • I really don't know what the costs of encryption are. I'm basing my claim on personal experience, on a system that is far below what anyone would even consider using for a web server. My poor gateway box (a slow 486) can easily handle routing the full bandwidth of my cable modem, but try to transfer a file to or from it via scp, and it chokes at about thirty kilobytes per second, which is only a tenth the peak bandwidth otherwise. I'm sure you can reduce the overhead a lot by changing the encryption algorithm, but there it was tremendous.
  • Users wanted to be infantilized, to return to a pre-linguistic condition in the using of computers, and the Xerox PARC technology's primary advantage was that it allowed users to address computers in a pre-linguistic way. This was to my mind a terribly socially retrograde thing to do, and I have not changed my mind about that.

    Of course users want to be infantilized. It seems that Molgen is bemoaning the fact that a simple, non-precise interface ended up being more popular with Joe User than a rigorous, procedurally sound language interface. That's akin to bemoaning the widespread use of the dumbed-down word "sphere" to denote some unknown representation of the equation [f(x, y, z) = ax + by + cz + 2dxy + 2eyz + 2fxz + 2gx + 2hy + 2jz + k = 0], or using the imprecise and general "Taco Bell" to represent the global coordinates of (93W 14' 41", 44N 57' 47"). Would you enjoy living in a world where everything you did was bound to a precise, exhaustive and accurate lingustic definition? Why the heck would you want a computing experience to be exclusively defined in the same way?

    It's important to note, too, that though he uses the Lisa memo as the subject, he specifically addresses the problem as being "Xerox PARC technology, the graphical user interface". This would imply that all the GUIs derived from the PARC model that exist today (Mac, Windows, X, KDE, Gnome, etc.) fit the same ug-me-bash label. As fun as it was to give them thar silly Mac users a kick in the ribs, Moglen's protest would extend quite handily to, well, pretty much anything that has mouse pointers and dialog boxes. Funny group that Gnome team is, so damn bent on the intellectual and emotional regression of Linux...

    $ man reality

  • Everyone knows that encryption is a good thing. Even my mother knows because the media has been hyping the lack of security on the net for years now. For example, while not at all a savy user, she has actively asked me to show her how to know when a connection is secure enough to send her credit card number. All this from just listening to the media.

    The problem isn't awareness. The problem is the user interface. My mother knows how to make her postal mail secure. She simply opens an envelope, puts in the letter, and licks it shut. The person on the other end also knows how to get at the letter. She doesn't need to explain to them how to open the envelope. This isn't true for email. I can't even explain to her how to send encrypted mail because it's just too difficult. And there's absolutely no way she could explain it to her friends. So even if she could send it, it couldn't be read by the recipient.

    Any change has to happen transparently. She has to send the letter to joe@foo.com, the public key for joe@foo.com needs to be automatically looked up in one or more global databases, and it needs to be encrypted and sent. All without her even noticing. If joe@foo.com hasn't registered a public key then it should tell her the mail is insecure and to tell the other user to register a public key. The other user should also get a warning. Probably at the start of the email.

    Why this functionality isn't already built into every single mail reader in existence, I just don't understand. Some people will raise the issue of needing to decentralize the storage of the keys, etc, but isn't that an incredibly minor concern considering the state of things now? People make secure connections all the time on the net. They do this because SSL is built into every browser and encryption happens transparently and automatically. Until we have the same for email, we won't have secure email.

    Devon

  • MOGLEN: Mapmaking is a very interesting subject in general, because when everybody in the country is carrying GPS equipment, one kind of mapmaking that will be absolutely possible consists of the whole structure of what we think of as free data. That is to say - people voluntarily walking around with GPS equipped cell phones donating the stream of their information to a mapping database which will be a very accurate map of everywhere all the time. Every bridge, every road, every place in the country will be repeatedly measured by people moving around with GPS equipment.
    WORTHINGTON: Have you heard of any project like this today?
    MOGLEN: I'm not aware of any. But you can see that it will happen, because that data stream will exist, and there will be a kind of decentralized geographic information service structure, but I don't think anybody has yet thought about what will happen. You have lots of people thinking about it from a commercial point of view - Pizza Hut guys wondering how soon they'll be able to advertise to you on your cell phone where the closest Pizza Hut is.
    WORTHINGTON: It sounds like you were going in more of an open-source direction, though. MOGLEN: That's right, and indeed, lots of open-data possibilities of all sorts exist out there that we will begin to see. But like a lot of free-software activity, this organizes as people perceive the need or the possibility. It doesn't organize ahead of that perception. We get, in our world, accustomed to the idea that what people think is neat, or needed, they'll do. As the net makes possible various kinds of collaborations that have never been possible before they'll do things, collaboratively, in new ways. Part of what I'm trying to do is understand what the political economy of a world full of that kind of content sharing is, and this is just one tiny little example of such a process.

    Exactly! I'm working on a project like this, and am in way over my head... It _must_ be open source to the core. Anybody else interested in working on this kind of real-time mapmaking? It is a huge project, and I know where it needs to go, but I haven't got the skills to pull it off within ten years alone. -jared@dctkc.com, a.k.a. Water Paradox

  • Remember getting the secret decoder in the cereal box? Remember making up secret codes in school to pass notes? I wonder when the encryption laws are going to get so strict in some places that even that will be illegal.

    A=ZYX
    B=YXW
    ...


    GFESRQVUT123TSRLKJEDCVUTIHGMLKNMLVUTMLKGFE123HGFFE DXWVPONHGF
  • His argument was that if everybody routinely used encryption for their communications, the ability of Big brother to monitor communications would be severely weakened. Your post has no relevence to the discussion.
  • On the other hand, maybe this particular plan isn't terribly practical, but with a little tweaking, maybe it could work, somewhere, somehow.

    /hypothesis mode/ Suppose someone put a plan something like this to work in India, where government initiatives, particularly in states like Andhra Pradesh, are already providing the fibre cable (and want to wire ALL the villages in the next 10 years or so), and where there is massive unemployment coupled with enough resources to create a huge "make-work" project along these lines...not to mention all those hungry IT professionals coming out of Hyderabad with the ink on their diplomae barely dry...

    Suddenly, if you add "junked" computers, Linux and /or your-free-OS-here, an NGO or two and maybe the Indian Post Office (once they get off strike) or some similar large organizational structure, and free software, you have the infrastructure, the personnel, and the means to implement just such a programme. /hypothesis mode off/

    Considering that my current company does educational development work (and is especially interested in the digital divide) in India and South Asia, I've forwarded that section on to the boss. You'd be surprised what someone's hare-brained idea can do -- even seventeen incarnations later.

    Interrobang, the former Mrs. Tesla

  • Re:Holy shit! (Score:3)

    by Anonymous Coward on Friday December 15, 2000 @04:22AM (#557216)
    So the two-button mouse allows you to grunt at two different pitches, making a disctinction to the Mac cavemen?

  • Music Makers (Score:3)

    by bluGill ( 862 ) on Friday December 15, 2000 @07:53AM (#557217)

    Americans listen to music; they don't make music

    That is a generalization of people that has always been true about all socities. From the days of Homer (who may or may not have been a musician setting the Odyisey to music) on today most people do not make their own music, they listen to music others create. We all need enertainment, some like it more then others. Some feel compelled to create it. The best of those make money at it. (Homer probably made his money going village to village singing the same song/stories, spreading news. Of course he wasn't paid in money so much as food, shelter and other necessities.

    Today some people feel compelled to make music for their own enjoyment. Some familys still gather in the living room at least weekly for their family jam sessions. (I've knowns such folks but they are closed sessions and i'd have to marry into the family to join). Others have open Jams with friends. Some put on a concert for friends/family, some put on a public concert (generally for money).

    It has never been true that the majority of people have every done everything. Go look at metalwork news groups (rec.crafts.metalworking amoung others) and see the cirticism about people who do not know how to fix things in general. Check out the wood working news group and you will find people who can't understand why anyone would buy a bookshelf (either junk from walmart of a quality model) when they can make their own. They don't pause to consider many of them make book shelves for others. Those who take part in the above two groups have favorite clothing they like to wear (xyz make better welding gloves then abc), but none of them even consider butchering their cow (which they don't have anyway) to get leather to make their own welding gloves.

    Or to put it anouther way: I'm ccapable of doing many things, but I don't have time to learn how to do them all. I can paint a house, but a professional painter can do the same job in 1/4th the time, and make less of a mess. I can do a, I can do b, or I can do c; however the time it takes to learn each means I cannot do a, b, and c. At best I might live to be 110, and be healthy along the way, and so perhaps I could do a and b, but I still won't have time to learn c. Now add in the fact that c bores me and suddenly it makes sense why I wouldn't do it.

    My grandpa doesn't care about comptuers except as it relates to keep our family tree. He uses the web for research, email to contact relatives in the old country. He has a specialized genology program that he enters all that data into, which is much nicer then his files that he used to keep pre computer. (He started this hobby long before computers existed, he is making progress much faster now) When he has problems with the computer he calls me. When I want to know where in Germany my ancestors imigrated from I call him.

  • Re:I prefer 'Never Encrypt. Ever.' (Score:3)

    by jafac ( 1449 ) on Friday December 15, 2000 @01:39PM (#557218) Homepage
    The ironic thing here, is that this is one of the central tennants of Christianity.

    Nobody is perfect. Everyone is a sinner. And therefore - nobody has a right to judge anybody, and if you do notice that another person has made a mistake, you better forgive them.

    I agree, the world WOULD be a better place if everybody would accept these facts. Jeez, that Jesus guy was smart!

    Unfortunately, Christianity's strongest proponents seem to have missed the point.

  • Choice Quote (Score:3)

    by MoNickels ( 1700 ) on Friday December 15, 2000 @03:46AM (#557219) Homepage
    "It's a paradox of the way the U.S. government works that the secret agencies spent hundreds of millions of dollars building Echelon and all the rest of the interception gear, but when it came down to defending the export controls over encryption in the federal courts you had a couple of assistant U.S. attorneys."

  • Re:Holy shit! (Score:3)

    by frankie ( 91710 ) on Friday December 15, 2000 @07:11AM (#557220) Journal
    Moglen's objection to the mac gui is amazing

    Note, of course, that Moglen is referring to the entire category of WIMP GUIs [cnn.com], not just MacOS. In fact, he reserves his harshest criticism for Slashdot's favorite whipping boy:

    I lost that war in the early 1980s, [...], because the fundamental turn in the technology - which we see represented in its most technologically degenerate form, which is Windows, the really crippled version.

    The real point he was getting at is that user-friendly systems often discourage people from exploring the depths of their computers, in the same way that modern high school boys don't tinker with cars the way boys did in the 50s. (note: "boys" is in the original article). If the interface is easy and the guts are not user-serviceable, then fewer people will become hackers (in the positive sense of the word).

    His obvious mistake is that if the interface is difficult, fewer people will use computers overall, so the absolute hacker count won't be much different. The key is not an interface that forces people to get their hands dirty just to use it, but instead design the whole system so it's easy to modify. An OS that comes with full documentation, editors, and a compiler pre-installed will encourage the development of more programmers, no matter how nice a GUI [eazel.com] you put on top.

  • Re:Use encryption needlessly, constantly! [MUCH MO (Score:3)

    by pallex ( 126468 ) on Friday December 15, 2000 @03:59AM (#557221)
    Perhaps SlashDot could publish a public key for comments, and you`d get a +1 bonus for encrypting your comments to that key?

  • Holy shit! (Score:4)

    by Shoeboy ( 16224 ) on Friday December 15, 2000 @03:21AM (#557222) Homepage
    Occasionally I read works that simply defy description. This is one of them, an interview with Eben Moglen, general counsel of the Free Software Foundation
    Wow, this may be the first time in history that a slashdot editor actually read an article befor posting it.
    The apocalypse is near.
    Seriously though, Moglen's objection to the mac gui is amazing:
    In 1979, when I was working at IBM, I wrote an internal memo lambasting the Apple Lisa, which was Apple's first attempt to adapt Xerox PARC technology, the graphical user interface, into a desktop PC. I was then working on the development of APL2, a nested array, algorithmic, symbolic language, and I was committed to the idea that what we were doing with computers was making languages that were better than natural languages for procedural thought. The idea was to do for whole ranges of human thinking what mathematics has been doing for thousands of years in the quantitative arrangement of knowledge, and to help people think in more precise and clear ways. What I saw in the Xerox PARC technology was the caveman interface, you point and you grunt. A massive winding down, regressing away from language, in order to address the technological nervousness of the user. Users wanted to be infantilized, to return to a pre-linguistic condition in the using of computers, and the Xerox PARC technology's primary advantage was that it allowed users to address computers in a pre-linguistic way. This was to my mind a terribly socially retrograde thing to do, and I have not changed my mind about that.
    I've been trying to express this thought for years and haven't been able to phrase it half as well. The mac gui really does emotionally and intellectually regress those that use it.
    --Shoeboy
  • Bruce Sterling was talking about individual privacy, not the larger issue here of a kind of 'civil disobedience'. If everyone were to use encryption all the time, ECHELON and its ilk would become useless.

    On a personal level, it's not really relevant. If someone wants to know all about you, they'll put in keyboard sniffers, or use the radiation emission from your monitor (can't remember the name of it right now) or any number of other social engineering techniques. Shredding your trash only stops your neighbor. Anybody serious can just call up the credit bureaus, phone companies, utilities and own you.

    Short of living in a shack in the woods or having bazillions and living your life through the screen of lawyers and accountants, any ordinary shmoe, on an individual level, is pretty much unable to safeguard their privacy. It wouldn't take much of a 'black bag' operation to break into your doctor's office and copy your medical records, either. On an individual level, you're screwed.

    On a large level, everyone using encryption would put a serious crimp on the NSA, CIA, and corporate espionage. Of course, right now, using encryption in all your communications makes you stick out like a sore thumb.

    So it's OK to participate in this civil disobedience if you have nothing to hide (ooh, a catch-22) and you only communicate with people who are willing to deal with the pain and bother of encryption. There you go.

    --

  • difficulties with his dreams (Score:4)

    by Pink Daisy ( 212796 ) on Friday December 15, 2000 @06:53AM (#557224) Homepage
    I thought that was a really silly article. He proposes thins that are not practical. If it were not so verbose, it would actually be funny.

    Has anyone considered the cost of encrypting the majority of Internet traffic? I always encrypt terminal sessions, but the cost of servers encrypting web traffic would be very high. I wouldn't mind; my PC has enough power to encrypt all MY traffic, but how about a busy web server? How much new hardware would slashdot need to support encrypting everything? If slashdot is going to blow that stupid smoke, then slashdot should encrypt all its traffic.

    Second, is his explicit assumption that Linux is the best thing available, and that free software is always better than proprietary software in quality. Linux does have a lot of good points, and in some cases is the best solution. MS Windows has strengths also. Sometimes Microsoft solutions solve a problem better. Sometimes one of the other systems he ignores is better.

    Another thing he guessed wrongly about is the interest of people who grow up with computers in hacking. Maybe I'll be proved wrong, but I haven't been yet. People who grow up with computers don't gain any magical insight or understanding of them. Nor do they desire such. They use them as familiar tools, just like adults at work. The difference is how familiar and what they do. Some people will become hackers; probably more. Definitely not everybody.

    So, I think the article is nonsense, but if Michael thinks this is the most significant article of the year, then he should put slashdot on the same track by encrypting all its traffic.

  • Bruce Sterling on encryption (Score:5)

    by Pseudonymus Bosch ( 3479 ) on Friday December 15, 2000 @05:56AM (#557225) Homepage
    From the Bruce Sterling FAQ [well.com]:
    What's your PGP key?


    Don't use 'em. I never knew a real-life computer crime cop or investigator who paid any attention to deciphering encryption. I regard this as a 99% theoretical form of "security." Using big number-crunching high-tech to protect the brief transmission of Internet email gives people a false sense of security. If you get in trouble, it won't be because you were tapped and cracked by the NSA. It'll be because somebody you trusted ratted on you (or because you bragged). Trust me on this. If you're really worried about your privacy, stop using credit cards and shred your trash.

    __

  • Re:Holy shit! (Score:5)

    by Kaa ( 21510 ) on Friday December 15, 2000 @07:40AM (#557226) Homepage
    The real point he was getting at is that user-friendly systems often discourage people from exploring the depths of their computers, in the same way that modern high school boys don't tinker with cars the way boys did in the 50s.

    Well, there is a good reason for this, a reason which Moglen ignores completely. It is called complexity.

    Do I know how Linux works? Kinda. I can get around and even sysadmin a small network. But do I have a clue about the internal workings of the kernel? No. And why? Because it's big and complicated. I cannot dedicate my life to studying it -- there are other interesting things in life to do.

    Moglen comes from time when you had 4K of memory and everything had to fit in there. Operating systems were small and simple. You could learn them and know them very, very well without spending months and years studying them.

    Look at cars. In the 50s (hell, in the 70s as well) cars were simple mechanical devices. I could (and did) take much of the engine apart with a bunch of wrenches, fix it, and put it back together. It even worked after that. Cars were simple and easy to understand.

    Now, there are electronic black boxes all over my car. To adjust ignition I don't turn a screw any more -- I have to plug some electronic thingie into another electronic thingie in my car and adjust something on screen. If a black box breaks, I cannot fix it -- I throw it out and buy a new one.

    So, my point is that it's complexity that is the real problem. Complexity discourages people from exploring "the depths of their computers" because it takes too long and you cannot hold the whole thing inside your head like you used to be able to do. Complexity prevent modern high school boys from tinkering with cars because [electronic] tools are expensive, change all the time and you don't really understand the internal workings anyway.

    And, no, it doesn't have anything to do with GUIs or user-interface systems.

    Kaa

  • OK -- So when's /. going to HTTPS ??? (Score:5)

    by redelm ( 54142 ) on Friday December 15, 2000 @06:39AM (#557227) Homepage
    An interesting an important article. One key point is to invalidate keyword filtering by massive redundant use of encryption.

    So when is SlashDot going to do it's bit and make everything HTTPS? Almost all browsers have it, and it's a simple and transparent way to increase encrypted traffic to nullify keyword filters.

  • If there is one most singularly important lesson to learn from this, it is USE ENCRYPTION CONSTANTLY, WHENEVER YOU CAN, AS MUCH AS POSSIBLE (Pardon the theatrics)

    To be honest, if you are the sort who has been reading slashdot for a while, you already know this arguement well, and I see no need to hash it out as if I have anything brilliant to add to it, except for this little nugget of nike-ism. Just DO it. It's one thing to sit around on your buttocks [face it, you generally are when you are at a terminal] and do nothing about it, reveling in the possibilities of this marvelous new [well, sort of ;) ] networked media demense we inhabit, knowing full and well that privacy and anonymity are extremely important issues as society as a whole continues to evolve in it's relation with and reaction to the possibilities of abbundant internetworked end to end communications between private citizens [and don't forget to throw in the presence of rapidly increasing affordable bandwidth].

    It's easy for many of us to say, yes, encryption is important certainly, not enough people are using it such that resources could concievably be targetted at those few who actually bother, but it's someone elses problem.

    It's too much of an inconvienience to use PGP or GPG with any regularly, and besides, what's the point when most people you dialog with in email don't use it? There is a point, and an important one. Either the citizinry will manage to somehow wake up and start taking it's privacy and security into it's own hands, or personal privacy will continue to wither away. Too many other people have some feeling that their interactions on the net are anonymous, when this is so far from the truth.

    If the U.S. postal system were to work as the internet, where every letter sent can be readily and [at virtually no cost in human labor] inspected thoruoughly by the government or other bodies, people would be outraged. But they feel that these sorts of things just don't happen, that it won't happen to them. And, frankly, many people are hopelessly confused about how computers or networks work at all. To them a computer is often just a fancy typewriter and info kiosk.

    People like us need to start to devote some time to serious personal, grass roots activism, to widen the pool of people using encryption.

    Becuase it's only at the grass roots level that their is any liklihood of it actually happening. Perhaps something could be established vaguely [in spirit, certainly not implementation, I'm talking in sweeping generalities about the possible social dynamic] like the RBL. I don't mean a central server or list of people who do/don't use encryption, I mean instead a system whereby people would feel some penalty or disinsintive if they are not using encryption themselves.

    ...Perhaps some sort of extension to sendmail and friends, whereby a simple script configuration could activate a mode wherein outgoing emails [probably only of willing participants, I wouldn't want to be overbearing or myself lessen anyones freedom to use the network as I choose, no matter how foolishly]

    ...wherin outgoing emails would initially be automatically encrypted [say, as a mime attachment to another, autogenerated email, whose body would inform the recipient that they have recieved an email from so-and-so, but that this person values their privacy and dosen't want anyone with good network or social/political real-estate to be able to read their personal communication to them. It could include perhaps a link to an advocacy site, explaining the whole purpose and ideas behind encryption being a Good Thing, as well as simple and transparent to use backend clients to download for all the major platforms, that could just as transparently decrypt and deliver the message as if it had never been encrypted.

    For those who chose [probably most, for I probably wouldn't want all of my email to be completely unreadable by those who didn't agree to run software I liked, even if it was free and open], there could be additional details in the email message to allow for the recipient to respond in a certain way and recieve the unencrypted version. Something akin to the process of confirmation from a mail server, for instance.

    The inconvinience would be a key aspect, for it would turn the tables; wheras now it is more inconvienient for someone to bother with setting up encryption.

    Now I know this is asking a lot, and I don't imagine very many of you have bothered to read this far, but it's something to think about. lesson to be learned from this, it is a l

  • Uh! (Score:5)

    by Vic Fountain ( 228241 ) on Friday December 15, 2000 @03:43AM (#557229)
    [...] if you read one article referenced from slashdot this month, this should be the one.

    So you tell me this now, when half of the month is already over...

Slashdot Top Deals

"Don't drop acid, take it pass-fail!" -- Bryan Michael Wendt

Close