How to break the Internet, destroy democracy and enslave the human race (or not)

Quote
""

Content
https://www.youtube.com/watch?v=4ZqodxGufR8

Download
Haven't found a place to download this. Please add it if you do.

Published
March 17, 2014

Website
Verbraucherzentrale Bundesverband's YouTube

About
«Keynote of Cory Doctorow, science fiction author and journalist, held at the World Consumer Rights Day 2014 in Berlin. There's only two sides to the fight over technology's destiny: either you believe that you should never, ever design computers to betray their owners; or you believe that some problems are important enough to build "I Can't Let You Do That Dave" into our gadgets. If you're on "I Can't Let You Do That Dave" side, you're dangerously wrong.»

License
Creative Commons Attribution-Noncommercial-Share Alike 3.0

Machine transcription – Start helping here
'''The following is a machine transcription. Please help out with fixing errors and adding paragraphs, subheadings and time stamps to make it easier to read and use! To do this download the audio file from the top of this page and listen to it while you edit this page. Do as much or little as you like, then please move the heading and this message to the place where you drop off. Thank you!'''

As I came into this event today someone asked me what the connection was between my work and consumer rights, and it struck me that this connection may not be obvious on its face. My history is working in civil liberties and traditional freedoms and their importation into the digital world. This has become increasingly a matter of product design and of product regulation things like privacy are inherent to the design of our products products that are designed to leak your privacy. Our products that have both a civil liberties dimension and consumer rights dimension products that are designed to buy by intention not allow you to secure them. How about a consumer rights dimension and is over reason dimension. Now it's very bad today, the world of civil liberties and consumer rights. It's very bad today, the world of product design in this talk is really a quick history of how we got to this very bad place. This place where a single wiretap on a fiber-optic line can compromise the privacy of everyone in Europe on how the NSA can be contemplating surveillance of millions of people at once through infections of their computer carried on on an automatic basis on how a single companies can trigger compromise and harming hundreds of millions of people through the disclosure of their financial information and so on. But it's also a talk about how we can make it better. I believe that the story starts with the transition of policing into the digital world. When the police investigate crimes. They often want to listen in on the suspects, telephone, and for understandable reasons. Now, before digital phone switches came along. This is a very difficult undertaking. You would have to get a court order and then you would have to bring a court order to the phone company and you have to ask them to attach a special piece of apparatus to a switch that would allow the policeman to listen in on the phone conversation. One person at the phone company after digital switches, things changed radically all, it's up to reroute a phone call from anywhere to anywhere else was a few keystrokes. The keyboard. Now that sounds like good news for the police, but the bad news is that digital telephones ushered in the era of digital encryption mount digital encryption is an amazing and difficult to get your head around thing we sometimes see techno- thrillers in which someone has encoded a message and the good guy you can decode the message and so they bring in the codebreakers in the codebreakers have some really big computers. They do everything they can. And after some suitably dramatic interval. The messages decoded the paths on how cryptography works. There is something amazing underway in the world of mathematics. We have discovered over the last fifty or so years that it seems that the universe wants us to have secrets that if we scramble a message using average technology in a realistic amount of time that we can make it so hard to descrambling that are adversaries, could convert every atom of hydrogen extent into a computer that did nothing until the heat death of the universe. But labor to crack our code, and they would never, ever be able to crack there is something amazing artwork in the universe, we can keep secrets from any adversary, provided that our technology does what it's supposed to do, and this was very bad news for the police. It's a weird irony, the moment at which it becomes vastly simpler and cheaper to listen in on anyone and also became impossible to find out what they were saying so in the early nineteen nineties governments around the world took action on this, and in particular the administration of the Democrat President of the United States Bill Clinton brought two bills before Congress. The first one was called the communications assistance for Law enforcement act of nineteen ninety four or the Leah McAleer said was that if you made a phone scratch, you would have to put a backdoor in an backdoor would allow the police from the police station to remotely says the phone companies, equipment type a few commands enter a password and listen in on any conversation underway on the phone companies, equipment eventually: Young was actually expanded the data switches, as well as voice reaches a compromise that allowed police to get past in nineteen ninety four, was that would only impact switches that carry voice calls by the early two thousand 's voice over IP was a reality and so this mandate was extended to all switches and it is present in virtually every switch available commercially on the market because if you want to serve the American market, or any other market has a similar initiative. You have to build this backdoor entry the other outlaw that they tried unsuccessfully to pass was a law regarding something called the clipper chip, the clipper chip was supposed to solve the understanding what people are saying problem. The idea of the clipper chip was that if he was without there would be a legal mandate requiring anyone who made a scrambling system to give the keys to the government and the government would keep those keys in escrow and if the police ever needed to listen in on intercepted message, they could go to the key escrow service retrieve your keys and descramble your message so they wouldn't have to try to brute force the keys to your message. The state would maintain a set of keys. It's like giving a set of keys to every door of every house to us to a centralized authority. And then, if the police want to come in without you knowing it, they could get a warrant that your key walk into your house search her belongings and leave again without you ever knowing that they were there but Khalil did not pass now years have gone by since these two legislative fights. It's been a little more than a decade, and in that time, the world been completely transformed by digital computers. Everything we do today involves a networked computer and everything we do. Tomorrow will require a networked computer and so the risks about computer code, have become more and more clear. For example, in November two thousand and twelve are a young Manning. Barnaby Jack went to Australia and gave a presentation at a security conference on his research into implanted defibrillators implanted defibrillators are probably save the life of someone you know or love. If you have a heart problem. Your heart doesn't keep to its rhythm. You can see your doctor and she will cut you open to spread your ribs and regions your chest and attach a computer with a powerful battery to your heart and will listen to your heart beating. If your heart stops beating. The battery will give you a shock that brings you back to life. Now, doctors want to be able to monitor your implanted defibrillators want to know how often the shop is taking place. They want to be able to update the software. And since this defibrillator is lost inside your chest cavity attaching a USB cable to it is impractical and messy, so has a wireless interface because everything is wireless interface. This room is basically a microwave oven. Barnaby Jack's demonstration showed that from ten meters away. He could hijack your defibrillator. He could reprogram, he could cause it to seek out other defibrillators say when he went to the hospital to the word where they check up on patients who have defibrillators, he could cause them to reprogram all of those other defibrillators and then deliver lethal killing shocks to everyone. His defibrillator had been compromised whether or not your computer works has ceased to be an issue of whether or not you can get a memo to all and is the as you life and death in a million ways we can be compromised by her computers consider that your laptop or tablet in your phone are devices with cameras and microphones that know who all of your friends are that knows everything that you say to them, and knows every private moment of your life that you keep using your bedroom, you take them with you into the toilet and their always on the beauty queen who won the Miss teen USA pageant last year, Cassidy, what call the FBI when she started getting mysterious e-mails from someone who would hijack your computer using what's called a remote access Trojan he had covertly operated the camera on her computer and he used it to photograph her in the nude as she moved around her room. He had hijacked the past was for her social media. And he sent her e-mail saying in less you perform live sex acts on your camera for me. I will put your naked photos on the Internet so she called the FBI and the arrested him and he had hundreds of victims, including children, including children in the EU and he is just one of many people who been arrested for a practice called routing remote access Trojan creepily enough riders call their victims. Their slaves. They gather on forums in which they trade tips on how to trick their slaves into installing the remote-access Trojans. We have our computers in our bodies, but we also put our bodies and computers. The night before last, I flew back from SXSW in a Boeing seven forty seven jet, a Boeing seven forty seven is a flying Sun Solaris workstation in a in a very fancy aluminium case connected to some very badly secured start controllers happens to hurtle through the area. Hundreds of kilometers per hour words are computers that hurtled down the motorway at hundreds of kilometers an hour with us trapped inside them. Most modern buildings are computers in fancy cases. If you take the computers of the building they become immediately uninhabitable and in many cases, if you leave the computers out of the building for any length of time. Those buildings will never be habitable again will be cheaper to knock them down and start over again. That will be to try and move back in. We have computers in our bodies we have bought and we have our bodies and computers we have computers in our bodies. It's not just implanted defibrillators. If you're my age and growth with the Walkman are for your little younger and you grow up with the iPod, you will have logged enough punishing earbud hours of the time you reach a certain age that you will almost certainly need a hearing aid, and it is vanishingly unlikely that that hearing aid will be a retro beige hipster analog transistor hearing aid. It will be a computer that you put in your body and depending on how it works, it can make you hear things that aren't there and can make you not hear things are there and can tell other people what you've heard, so we've got to get this right, and over the last couple of decades, we've had a steady drip of stories that have shown us what happened to Kalinga and clipper and how they sent us wrong, so I mentioned before that, it doesn't matter whether or not your government has a law that allows for the kind of wiretapping that the American government does all the switches have the facility for American-style wiretapping built-in and you either turn it on or don't turn it on when you install the switch is much simpler than making different switches with different software for different markets. No increase they don't have a lawful interception, while like the American one, and there is no reason for their switches to have a backdoor his access. So when they install the switches and other major national phone companies. They did not activate their wiretapping backdoors during the two thousand and five and two two thousand and six Olympic bidding process. Someone broke into the Greek phone companies from the wiretapping on and listened in on Prime Minister, the president. The cabin. The Olympic Committee captains of industry and then they turned back off again and it's only because they forgot to erase the log file that we know that it happens when you design devices with insecure backdoors it should not surprise you to find the people going in and out of those backdoors without permission, but that isn't the end of the Khalifa and Clippers story. As we've heard from Snowdon, it's much worse than the but we've known for a lot longer than we've known about selling the things getting back in two thousand and five and AT&T technician Mark Klein walked into the offices of an NGO in San Francisco called the electronic frontier foundation 's is my former employer for whom I was the European director, Mister Klein said I am a retired AT&T engineer when I was working for AT&T. My boss ordered me to build a secret room at our forces street switching center, which is their main switching center on the American West Coast to install a beam splitter into our fiber-optic trunk and to make a copy of all of our Internet traffic directed into a secret room operated by the national security agency and since two thousand five, the electronic frontier foundation has been suing three successive for presidential ministrations for access to information about this program. This information has only become clear in the last year, though, because since the snow and revelations we've been able to actually find out what's going on without the American government saying this is a secret very hard to claim that something is a secret when it's on the front page of the New York Times. So there's a connection here between mass surveillance and mass decryption and if the companies that supply the lawful interception equipment to governments and increasingly, those are companies from Europe. Companies like the French firm Buchanan, glucose, which operates out of the UK and many others. These firms. All are in the business of selling malicious software, software, like the software that was used to compromise the beauty Queen Cassidy Wolf to governments that they can use them to implant them on the computers of people they don't like in Germany you have a very intimate experience with this sort of technology you have the one destroyed under the destroyer was a not very sophisticated version of this kind of technology, and since then it's only ramped up now all of these companies in order to implant their remote-access Trojans must seek out vulnerabilities in commonly used system they seek for them, and when they find them, they use them to leverage in their attack becomes that coaching in the armor through which they can slide their attacks and so they all have a stake in keeping these vulnerabilities secret because the longer these vulnerabilities are secret and not patched for structural level in her switches and also the personal level of your phones and computers. The more criminals. There are another persons of interest whom states can, in fact with the mystery donors and other Trojans in two thousand and eleven on American activist and Jacob Applebaum, who now lives here in Berlin and is in exile because of his accident is activities with WikiLeaks op bought a ticket in the major tradeshow for this industry, which is called the lawful interception industry and trade show in Washington DC. Everything every year that they call the wiretap personal and somehow the superspy didn't notice that someone from WikiLeaks had bought a ticket for their show under his own name after publicly announcing himself to be a spokesman for WikiLeaks and so they N and in two thousand eleven. He walked around, gathering information about their products and then the British newspaper the Independent published at all. What he found was that common software like iTunes and operating systems like Windows and Mac OS were out widely exploited by these companies. They hoarded enormous couches troves of vulnerabilities in these commonly used programs that rather than disclosing and repairing. They had kept as secret as possible so they could use them to deploy their products of this is alarming because security is a very different kind of discipline to most others. It is unlike most engineering trades and that it is a process and not a product now with engineering. We have experimental methodologies for testing and engineering hypothesis. If I say I plan on putting a structural steel beam in this room of such and such a dimension in so many centimeters and of the following impurities and charities. We can test whether or not this means the whole of the ceiling. Generally we get it right. The ceilings don't fall down, but insecurity. There is no way to test the hypothesis, except to invite other people to invalidate it. Anyone can design a security system that works so well that that person can think of a way of breaking, but all that tells you that you developed a security system that works against people who are stupider than you, unless you're the smartest person in the world, you have to tell everybody else how you do it anyway, for them to come forward with flaws in your thinking security is a process that requires continuous repair in order to make a secure his new vulnerabilities are discovered, they are hatched and we all become more secure. In this regard. Security is a lot more like public health menus like engineering. Now it's true that engineers have to contend with powerful adversaries, hurricanes, Frost wins, floods, but those adversaries are indifferent to the engineers. You don't experience of flawed because the water is angry with you or wants to defeat you. You experience a flood because of physics, but you experience an attack because your attacker is looking at what you've done and trying to figure out a way around, and in that regard. An attacker is much like a pathogen in a public health context and attacker is someone who is always trying new techniques to slide past your defenses in the way that germs are always trying new ways of sliding panels are health defenses and when governments and the firms that serve the Lord information about vulnerabilities. It's like hoarding information about dangerous pathogens in our water in our air and westernizing them as part of our military-industrial efforts instead of endeavoring to cure them as part of our public health efforts now. Last spring, Edward Stoughton came out of the coals and we have had one revelation after another. It is the mark find story on steroids in two thousand and fourteen and September we got to my mind the most shocking of all of the revelations from Edward Snowden and I was the revelation that the American spy agency, the NSA and British spy agency GC in HQ have been spending one quarter billion dollars a year on programs call for in whose objective is to sabotage the security of her information technology they have infiltrated standards bodies in order to undermine the standard, so it is as though they have gone into a standards body that specifies the characteristics of the structural steel and even sure that they were weak points that they could attack to make buildings folding, we can understand it this is a bad idea. They've infiltrated companies have been deliberately weaken their products and again. It's as though you bought a law from a company like slaves or Yale, only to discover that that won't have deliberately being mean vulnerable to walk text so that the police could get into there into your house if they needed to come to you and clipper have come to mean the insecurity is a feature not a bug from a national security perspective, our spies consider the risks of making technology insecure. The risks to all of us and decided on all of our behalf. But those risks are something that we should bear in order to help them catch their enemies, now a year ago I gave a talk like this while I was touring with a novel called homeland is all about many subjects in the first stop on the tour was in Seattle at the library. Their negative talk much like this one about defibrillators that can be hijacked and give lethal shocks to their owners about beauty queens were being side on in their bedrooms or computers that betrayed him at the end, the woman put her hand up and she said well you scared me. Now what do I do this if you don't even ask us if I'm just giving you an hour-long talk about waterborne parasites. You're not her psychologist and unknown parapsychologists, but we both understand that if our government decided that when analyzing waterborne parasites were more important was more important than addressing them in curing them we would need a new government. I was a systems administrator fifteen years ago today that barely qualifies me to plug-in a Wi-Fi router. I can't make my systems secure and neither can you, because no matter how many steps you take to secure your personal computer. It exists in ecosystem and epidemiological ecosystem of devices, networks and users who all have the power to compromise your security, if the water that came out of your tap was drinkable, but the water that came out of your neighbors, was full of cholera, you would get cholera. If your e-mail is secure and private, but your neighbor 's e-mail is being stored on Google 's servers and all the messages passing in and out of Google servers are being tapped on undersea fiber-optic cables. Your e-mail will be read by spotless. I if we when we attack information technology systems with the intention of keeping well-known vulnerabilities in them, instead of improving them. We attacked the health of our whole society, and increasingly our cyber war efforts are aimed at some of the most critical of our computers or embedded systems. The kinds of systems that were attacked by stocks and these are the controllers that are at the interface of the material world and the digital world. The controllers that run our phones or cars or airplanes are nuclear power plants and these controllers when we find vulnerabilities in them. It is especially important that those vulnerabilities be reported and patched and not recognized out recognizing a vulnerability in an embedded system makes it less secure. So if you fly if you live near a nuclear power plant. If you drive your life depends literal on the security of those embedded controllers. The problem is that any zero day any vulnerability that is discovered by the good guys, and kept a secret, will also be independently discovered by the bad guys and weapon. I doesn't matter if you trust your spies. So vivid example of this was that this year the Edward soon revelations just before Christmas, they published a league that is the time along all the attacks. The NSA has for all of its agents if you want to talk someone who has an iPhone server catalog that lists all of the different ways they can attack an iPhone if you are in attack someone who is using a Cisco switch in the catalog shows you always protect the systems which each one of these builds on some vulnerability, some defects in the underlying code. So every year in Hamburg. There's a conference call Chaos communications Congress is a very good technology and security conference, and on one morning to programmers set up and said we have discovered this fatal flaw in the iPhone, and here's how it works. We've independently discovered that we have thought we expect Apple now to fix it because it compromises everyone with an iPhone. The next day. Jacob Applebaum stood on stage and said I have the new catalog of the NSA 's expects the lights and Internet business vulnerability that was presented yesterday. It was independently discovered. We don't know how many times it was independently discovered. We don't know what other entities independently discovered it. We know that smart people work for criminals. We know that smart people work for other governments and my forwarding that vulnerability instead of responsibly disclosing it. Apple, the NSA put every single iPhone user in the world at risk of exploitation. So security is a public health issue and the willingness to trade in a moment instrumental convenience for the long-term existential risk is endemic and affects every realm of our computer use. It's not just about security. Many of us are willing to put up with anti- copying technology was sometimes called digital rights management technology in order to gain access to some movie or book or game that we want to see, so we buy a book for the Kindle, even though we know it's long and will only play on a Kindle device. Even though we know that our Kindle device will probably be landfilling two years and by then we might've bought a computing device, but we say it's good enough for now it works fine. It works fine but it fails very, very badly and over and over again. We have been willing to make that trade-off, but the trade-off is worse than it appears on its face, digital rights management is a very fraught proposition because digital rights management by definition treats the owner of the computer as its adversary. The only reason you need digital rights management in the computer is to stop the owner of the computer from doing something she wants to do it. If you don't want it. If all you want to do is keep honest users honest, you don't need it at all honest users don't need a law on something that belongs to them. The only reason to put it on there is to stop the owner from doing what she wants to do now. We don't have a theoretical model in computer science for a computer that can run every instruction, except for instruction. We don't like all computers can run every instruction that's what it is to be a general purpose computer, and so you can make a computer that can run all the programs except for the program that exports a Kindle book to a non- Kindle device. You can't make an iPhone that can run every program, except for the ones that didn't come from the app store in order for these devices to work. They have to be designed so that there is some program that watches while you use them, and waits for you to ask them to do something that's on the forbidden list. And when you try to do the things on the forbidden list. That program swims to the foreign says I can't let you do that, Dave, and none of us want the I can't let you do that day program on our computers and if we find that we delete it and so in order for I can't let you do not day program to be sustainable. It has to be hidden from us. The operating system in the file system need to be designed so that there are programs and files that are revealed to you under normal circumstances. If you say to your computer is there a file here: I can't let you do that, Dave, your computer has to say no, even if there is such a thing, otherwise you'll delete and if you ask your computer. Is there a program running, I can't let you do that, Dave, your computer has to say no, even if there is such a program running, otherwise you'll delete, but in order for that to be sustainable. You have to make it illegal to tell people about how the eye can't let you do not leave program works. Otherwise, though. Go to Google and the type, then how do I delete the I can't let you do that a program and they will find a file that says it's here it's called best. And here's the command you enter, and so under European union copyright directive two thousand and the American Digital millennium copyright act of nineteen ninety eight. Under Canada's Delsea eleventh two thousand and twelve and under laws that have spread like an infection all over the world. It is illegal to tell people information that can be used to remove a Digital rights product and this means that it's illegal to tell people about long one vulnerabilities in the programs and services and devices that they use every day and I have the power to compromise them in a thousand ways, large or small. This is terrible, terrible, terrible policy, so excuse me, I just lost my placement here. There is a huge this is a recurring problem in the way that we evaluate technology and its students are especially relevant. We talk about consumer rights and consumer reviews, because when we review products, we tend to discount the potential harms arising from this kind of failure to about zero and we tend to elevate other values like elegance and ease of use more or less to infinity on the first person to say that we need to make our secure owner respecting technologies easier to use than morality. But the problem is that magazines and services that review consumer technology tends to ignore any potential risks arising from using devices where it's illegal to tell people about bad things going on in them, and because there's no way the manufacturer can be comprehensively certain that there's nothing bad at the time of manufacture, that means that we tend to put our users and the people who put their trust in us at risk. We need to fix that on information and communications technology are that are not just another example of an area where we underweight of future risk for an present value that happens all the time we do it in environmental cost. The dual meet cheesecake, we do it. We smoke a cigarette works were always underrating some future risk for some present value, but the problem with information and communications technology is that they are the very infrastructure the world. They are the nervous system of the twenty first century and under waiting those risks at policy level as well as an individual level posting hierarchy of our civilization risk. It is an existential risk to our species. So this is from my struggle with every day, and I'm involved in want of initiatives to try make a secure stuff better and easier to use, but we need your help. We need the help of consumer agencies and consumer rights, agencies and review agencies because we need you to help rate and review these things appropriately to make people aware of the dire risks that they enter into when they use software and hardware where it's illegal to tell them about the vulnerabilities we need you to address space on our behalf as respected on projects for consumers and tell them that it is desperately inappropriate and a huge moral hazard for them to rely upon the industry honor and its progeny as part of their policing strategies that there the amount of vulnerability that we should deliberately insert into the communications technology, the world is zero. Anything less puts us all in terrible danger. Thank you all secure questions him and thank you to the interpreters even think you guarded it is said to have presses the mail was returned to well the police. I do have a question that the oldest, most companies of those people. The leaders said always been described. Where can all say well broken on all levels, from increasing systems of PCs some way to really fix the problem is I do. I think that it requires a shift in how we view these things from a kind of instrumental use of environmental view that that that sat that I talked about it and looking at is not as an engineering problem, but public health problem. I think the underlying issue in part from a policy perspective is that before general-purpose computers. We are accustomed to thinking of complicated things as being special-purpose so powerful example is relatively special-purpose while Lille is very general purpose and you might say to an auto manufacturer, you have to design a car that doesn't have a phone in it because people talk on the phone. There distracted and a half car accidents from the manufacturer. So, yes, that sounds okay, but you would never say to a wheel manufacturer every bank robber uses a car with four wheels on it. Can you design a car 's wheels can't be used by because we understand the wheels are general purpose and they are not tractable by that kind of regulatory intervention, while cars having a special-purpose nature can have features added and removed, but computers have the special nature of this sustainment computer scientist called Turing completeness name for all entering the code breaker and computer scientist entering completeness is the property of a computer that can execute all instructions that can be expressed symbolically and that is really the only model for computer we happening. Maybe somewhere out there working, and potential as the computer that runs all programs except one week. We don't know about that computer. We only have this one computer, and I think regulators are constantly thinking of computers features as being like their software so please say old making a computer that doesn't have spreadsheets on, they think of that as you just go when you delete spreadsheet program. Computer from being able to run spreadsheets. It just means that the spreadsheet is gone for now, the only way to keep the spreadsheets that a computer is for the spyware on it, and we've treated not as functionally equivalent to a computer that doesn't have a spreadsheet function, but it's not the same. A tall pseudonym of questions and if possible, so that post- policy movement that had about what people put everything online, all the data they looking at second happy with our and so anyone can file photo, anything they do, but do you think about the reaction learning that there are also people who don't like wearing clothes. Right. I think that the Dean jerks. You observe that some people don't care about their privacy and therefore decide that nobody deserves to have privacy. The statement that privacy is dead is is often a demand and not an observation, and it's often a demand by companies that would make a lot more money if privacy was dead, you rarely hear people who don't have a financial stake in your willingness to kill your privacy announcing the privacy is dead. I think particularly when it comes to young people. We tend to overestimate how intentional their actions are and Dana Boyd is this amazing American sociologist who studies how I marginalized young people use the Internet in his just published a brilliant book on this that's open access: it's complicated from your press sheet. She talks about him that the hazard of the phrase digital natives and you've heard this phrase, but it ascribes to adolescence a kind of ninja like perfection in their use of the Internet, and she says we see people using the Internet in a way that compromises the privacy assume because they must be digital natives that they are doing so because they have a like a near mystical understanding of the future privacy and that it doesn't matter anymore and she says that there is another hypothesis that a lot more plausible in the hypothesis is that their kids. He made a mistake and in fact when you look closely, what you find is that young people are extremely jealous of their privacy but in ways that reflect a narrow understanding of privacy. That's quite a mature, very worried about the privacy from their parents and the very word about the privacy from their teachers and they are very worried about privacy from Belize and are very worried about privacy for people that the romantically interested in whether they're not worried about privacy from the police and are not worried about privacy from governments and are not worried about privacy from news agencies who periodically find young children drinking beer or something and put it on the newspaper and say, look at how horrible our children are and if I think much more plausible to think that at kids are not post privacy and rather just not very good on again. Brightness is one of those things that separated from the consequences are separated from the action plan moment of time and space those the kinds of things that we have a hard time getting good at smoking is a really good example of this. You know it. If you smoke, you won't get a tumor right away if you smoke long enough, you'll get a tumor and the tumor will come fifty years after you start smoking very hard to make a good decision. The next time around when it's Re: fifty years of gone by, and you got cancer right cheesecake if every time you took a forkful of cheesecake you got an ounce of cellulite. We would reload cheesecake. This is huge. Between cause and effect that makes us by counting calories and privacy is another as I was five years old. I had an elementary school teacher who went to the hospital to have his first baby with his wife as he did in Canada. In those days, and when the baby was born, as was common in those days, a representative from a marketing firm came up to him and his wife and their newborns that have a basket of gifts for you from from companies that sell products to the newborn. Parents of newborns I I have snappy uses and creams and updating process on how I want from you is your baby 's date of birth and anime in your address and will stay in touch with you and it's a very small privacy bargain for son is clearly valuable, so they took the deal. Now I happens sometimes. A few weeks later the baby unexpectedly died and then every year on their babies birthday. They got a package in the mail from this marketing company and its partners, and it's hard to say that they should have just understood better what the privacy consequences were when they made the trade is somewhat monstrously disabled wanting to think about your baby dying as he sat there in the maternity ward with your newborn. Why was that on your mind before you get your information to marketing company right, having had a very hard lesson. It's hard to imagine how they might generalize that lesson and use it to get better in the old days of free digital cameras, we would take about two rolls of pictures a year to do one of our annual vacation. We do want to Christmas and birthdays. We get them back from the lab. Some will be good in some of the terrible and some of the guns will be turbaned Lastacaft notes with each picture. You wouldn't know what you did to make everyone's good and the bad ones… now we take a picture right away. We see what happened. We got so good at taking pictures through no deliver actionable runs by closing the cause-and-effect link between now by filters to make our photos look like they were taken in the nineteen eighties by someone using a film camera because they look to closely look they look like they came in the news zero not like I don't not like I'm a family vacation. I don't know how we do that for privacy, but so we can so we can close that cause-and-effect link more tightly. I think that it's far too early to declare privacy dead in particular, I think that we struggle with this when it comes to kids because we want to spot minor children in our schools and libraries one and up, and even parents want to put filters on the network that actually collect to make sure they're not looking at bad pages. Those filters don't work very well noticed several billions of webpages on the Internet. If they make a mistake. One percent of the time that means tens of millions of pages that they shouldn't block that you get locked in means tens of millions of pieces of eye watering pornography that got through. And so they are by no means an effective remedy for what they do, by definition 's capture, reflect, make sure it's not a click for one of the prohibited websites and these are operated by companies that we have no insight into their often offshore and often their major customers, repressive governments in the Middle East and the just repackage this for schools and libraries. There really some of the worst people in the world and we give them our entire kids entire click streams, but the worst part of this is offensive position wherever kids do anything to protect their privacy. We have to punish them because we decided that in order to keep them safe. It must have no privacy at all. We must know every click. They seem to make sure they don't look at the bad webpages. If we really cared about whether or not kids cared about privacy. Our school curriculum would consist of teaching kids to jailbreak every device breakthrough every sensor won't use proxies mean that's how you stay private and instead were like the parents whose spells out a cigarette lights another one and says, you mustn't ever smoke. Thank you so having him to