net.wars

Virtual worlds have been with us for a long time. Depending who you listen to, they began in 1979, or 1982, or it may have been the shadows on the walls of Plato's cave. We'll go with the University of Essex MUD, on the grounds that its co-writer Richard Bartle can trace its direct influence on today's worlds.

At State of Play this week, it was clear that just as the issues surrounding the Internet in general have changed very little since about 1988, neither have the issues surrounding virtual worlds.

True, the stakes are higher now and, as Professor Yee Fen Lim noted, when real money starts to be involved people become protective.

Level 70 warrior accounts on World of Warcraft go for as little as $10 (though your level number cannot disguise your complete newbieness), but the unique magic sword you won in a quest may go for much more. The best-known pending case is Bragg versus Second Life over virtual property the world's owners confiscated when they realized that Bragg was taking advantage of a loophole in their system to buy "land" at exceptionally cheap prices. Lim had an interesting take on the Bragg case: as a legal concept, she argued, property is right of control, even though Linden Labs itself defines its virtual property as rental of a processor. As computer science that's fine, but it's not law. Otherwise, she said, "Property is mere illusion."

Ultimately, the issues all come down to this: who owns the user experience? In subscription gaming worlds, the owners tend to keep very tight control of everything – they claim ownership in all intellectual property in the world, limit users' ability to create their own content, and block the sale of cheats as much as possible. In a free-form world like Second Life which may host games but is itself a platform rather than a game, users are much freer to do what they want but the EULAs or Terms of Service may be just as unfair.

Ultimately, no matter what the agreement says, today's privately owned virtual worlds all function under the same reality: the game gods can pull the plug at any time. They own and control the servers. Possession is nine-tenths of the law, and all that. Until someone implements open source world software on a P2P platform, this will always be the way. Linden Labs says, for what it's worth, that its long-term intention is to open-source its platform so that anyone may set up a world. This, too, has been done before, with The Palace.

One consequence of this is that there is no such thing as virtual privacy, a topic that everyone is aware of but no one's talking about. The piecemeal nature of the Net means that your friend's IRC channel doesn't know anything about your Web use, and Amazon.com doesn't track what you do on eBay. But virtual worlds log everything. If you buy a new shirt at a shop and then fly to a distant island to have sex with it, all that is logged. (Just try to ensure the shirt doesn't look like a child's shirt and you don't get into litigation over who owns the island…)

There are, as scholars say, legitimate reasons. Logging everything that happens is important in helping game developers pinpoint the source of crashes and eliminate bugs. Logs help settle disputes over who did what to whose magic sword. And in a court case, they may be important evidence (although how you can ensure that the logs haven't been adjusted to suit the virtual world provider, who is usually one of the parties to the litigation, I don't know).

As long as you think of virtual worlds as games, maybe this isn't that big a problem. After all, no one is forced to spend half their waking hours killing enough monsters in World of Warcraft to join a guild for a six-hour quest.

But something like Second Life aspires to be a lot more than that. The world is adding voice communication, which will be interesting: if you have to use your real voice, the relative anonymity conferred by the synthetic world are gone. Quite apart from bandwidth demands (lag is the bane of every SLer's existence), exploring what virtual life is like in the opposite gender isn't going to work. They're going to need voice synthesizers.

Much of the law in this area is coming out of Asia, where massively multi-player online games took off so early with such ferocity that, according to Judge Unggi Yoon, in a recent case a member of a losing team in one such game ran to the café where the winning team was playing and physically battered one of its members. Yoon, who explained some of the new laws, is an experienced online gamer, all the way back to playing Ultima Online in middle school. In his country, a law has recently come into force taxing virtual world transactions (it works like a VAT threshold – under $100 a month you don't owe anything). For Westerners, who are used to the idea that we make laws and export them rather than the other way around, this is quite a reality shift.

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

Posted by wendyg at 02:27 PM | Permalink | Comments (0) | TrackBacks (0)

Was Whitfield Diffie robbed when he failed to win a Big Brother Award or even secure a nomination?

It was Diffie himself who complained, and even being given the first annual Computers, Freedom, and Privacy Distinguished Innovators award didn't quite make up for the slight (pleased as he seemed to be by that recognition, which he shared with fellow cryptography inventor Ron Rivest, the 'R' in RSA).

Why does one of the key inventors of public key cryptography think he deserves to be publicly shamed for privacy invasion?

"I was thinking that cryptography is a two-edged sword," he explained, "and technology, especially complicated technologies, tend to serve the people who can invest in them." People with power – governments, large companies, big organisations – can afford to invest substantially in developing and deploying cryptography, where individuals and small outfits can't. "Use follows the structure of society. It supports the powerful and suppresses the weak."

This conference, in the mid-1990s, was a hotbed of impassioned crypto activism. One of this year's actual BBA winners was Stewart Baker, the former general counsel to the National Security Agency, whom Simon Davies, executive director of the awarding organization, Privacy International, noted was behind the US's most heinously invasive policies. Though here at CFP Baker is chiefly identified with deriding the 1994 conference by saying that the only people opposed to key escrow were those who couldn't go to Woodstock because they'd had to stay home to do their math homework.

Fortunately, Diffie waited until now to argue that crypto could be a bad thing.

Nonetheless, he has a point. Cryptography is deployed by banks, the military, and the mobile phone companies. Hardly any individuals install it personally. The most widespread use of crypto is probably SSL – the security that protects credit card details and other personal information in transit to ecommerce Web sites. Second, if not now then soon, is the trusted computing module in computers.

"My original vision was 100 million secure telephones," said Diffie. "That's come nowhere near true, and most of the secure telephones – less than a million – are in the hands of governments."

Besides key escrow, the other big crypto issue of the mid 1990s was the Clipper Chip, a government effort to create a standard for strong cryptography. Clipper was supposed to go in all kinds of things – phones, modems – but it included key escrow, and so everyone despised it. But had Clipper been deployed, consumers and businesses would in general have far more secure telephones than the wholly insecure ones they have now. This may soon change with the rise of VOIP and the understanding that data in progress across the Internet is insecure. But it's entirely arguable that the government was right in the mid 1990s when it said that deploying Clipper would enable greater general security for the masses. Certainly, nothing has arrived to do replace it.

Still, in the next decade telephony will be so completely reinvented that Diffie's old dream of the secure telephone will have little relevance. Sure, VOIP traffic may be routinely encrypted. But, he said, "Within a decade no significant program will be secure in the sense that we talk about secure computing today."

Why? Outsourcing.

In the sense that: "Nobody in the country can avoid making trade secret queries using Google." Within a decade, most of the time if you want a computing service you'll buy it in from someone you find via some form of search.
"Phone calls," added Ron Rivest in the post-award discussion, "will be kept as documents by the phone company." They'll be searchable. "The whole nature of what a phone call is is going to change in very interesting ways. It means trusting another party to manage all the data, though it's yours in principle."

(Think of your voicemail now. Technically, you own the messages, but if you use the service supplied by your telco, those messages are stored on their server, and possession and all that.)

Crypto also solves only one type of security problem; it does not defeat traffic analysis, which earlier sessions at this conference showed requires as little as 6 percent of the nodes in a network – providing they're the right 6 percent. Nor does it make clear in and of itself whom you should trust.
"I've thought for a while," Diffie said, "that the word 'trust' is not quite the right thing. There's nothing you can do about relying on people – but with mounds of traffic data, what can you protect? And that depends on how much you're willing to invest in that protection."

In Montreal, it's well known that people are not willing to invest very much. The one company that really tried to commercialize privacy software, Zero Knowledge, was based here before it crashed and burned.

"My view," he concluded, "is that we're entering a heyday of intelligence."

So does he really think he deserves a BBA? Does his name truly belong up there with Baker, the UK (worst government), ICAO (most appalling project), and "the common good" (the justification for every heinous proposal)?

"I realized I wasn't even a runner-up."

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

Posted by wendyg at 01:58 PM | Permalink | Comments (0) | TrackBacks (0)

So this is the pitch:

Do you still recognize the country you grew up in? In Britain, the home of habeus corpus and the Magna Carta, the London 2012 Olympics are serving as the excuse to give police powers to inspect postal packages for drugs, track individuals through the use of CCTV and electronic travel passes, and identify suspects through their relatives' DNA stored among the 3 million samples held in the nation's DNA database. In the US, it's now extremely difficult to travel, even on a Greyhound bus, without presenting photo ID, a government agency maintains a list of who is not allowed to fly, and your most private medical records are open to inspection by a raft of people from medical personnel to insurance companies and prospective employers.

The Australian Parliament has a compendium of anti-terrorism legislation from Australia and elsewhere, much of it passed since 2001.
It seems as though in every country surveillance is on the rise, backed by legislation granting more and more powers to law enforcement.

What's it like in your country? The 2007 Computers, Freedom, and Privacy conference wants to know. You have nothing to lose but your homes, jobs, freedom...

Something like that. (Do get in touch if you want to hand over examples.) The losers will be featured somewhere on the CFP program.

About that reference to the 2012 Olympics. It's generally true that the World Trade Center/Pentagon attacks of September 2001 gave security forces everywhere a chance to dust of the failed proposals they had in their bottom drawers that no politicians would ever accept previously and get them through before the first shock faded. Every subsequent event – such as the July 7 London bombs, or last summer's mixed-liquids-on-a-plane madness – has fueled another round of Add the Police Powers. But the 2012 Olympics? They're harmless, right? (Except for the ever-mounting bill; the Evening Standard this week put it at £10 billion, four times the original estimate, and counting. For the record, I was always against the Olympics coming to London.)

Not so much harmless. And they're almost open about it.
The Telegraph discovered a leaked memo in late January that specifically suggested that public support for increased surveillance (scanning postal packages, location tracking via enhanced CCTV, mobile phones, and smart travel cards) could be increased by piloting them during the Olympics. The documents, prepared for the Number 10 Policy Review Working Group on Security, Crime, and Justice, also revealed that the DNA database that Blair is so proud of and its 3 million samples could be used for familial tracing. Your DNA may not be on the database, but if your father's is identifying a familiar connection might help lead the police to you. Oh, yeah, and while we're at it, why don't we conceal X-ray cameras in lampposts everywhere?

I know how much this sounds like bad science fiction, and since the X-ray camera bit came from The Sun, who knows? And the fact that something is being discussed doesn't mean they won't see sense and not implement it or that the technology will work in the first place. But these are thoughts that only a few years ago would have been unthinkable, and now they're not only being thought they're being outlined in policy memos.

And even that is relatively trivial compared to part 2A of the Serious Crime Bill, which creates Serious Crime Prevention Orders, to be granted by the High Court or Crown Court, that will grant the power to do data matching between, from the sounds of it, any and all data held about you anywhere – within different government departments, outside it in commercial databases, travel data, ISP logs, whatever. The bill is at the committee stage in the Lords but has yet to be introduced in the Commons. A friend of mine has taken to calling this scenario "data fusion".

What this all signifies is very precisely and carefully laid out in a just-published book, Illusions of Security by Canadian author Maureen Webb. In it, Webb makes the carefully documented case that in the years since 2001 a massive shift has taken place from reactive policing to preemption of risk (which seems a logical extension of the sort of nervousness that requires warning labels on bags of marbles). She primarily writes about Canada and the US, but she could be writing about many other countries: you could be guilty at any time and so you should be watched, just in case. Instead of giving us greater security, Webb argues that increased surveillance is counter-productive because it alienates the very communities we most need help from – and that in fact it makes us all more insecure because our lives could be abruptly turned upside down at any moment. Whose life doesn't look suspicious if it's examined in great detail?

So: send your examples and I'll enter them in the Chamber of Legislative Horrors contest. You could be a loser!

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

Posted by wendyg at 02:05 PM | Permalink | Comments (0) | TrackBacks (0)

If it's Christmas it must be time to come up with program proposals for Computers, Freedom, and Privacy, the 17th edition of which will take place in Montreal, May 1-4. Submissions (via email or the Web system) are due on January 20. It's something to think about after you've finished listening to the Queen's Speech (UK)) or watching It's a Wonderful Life (US). Who needs trivia quizzes when you can think up and propose speakers for CFP?

CFP is a cross-disciplinary oddity of a conference. Others focus more tightly on privacy, data protection, cryptography, software, hardware, games, music, new technology...but CFP is the only one where, as I'm so fond of saying, for four days you never want to finish anyone else's sentence.

The 2007 theme is autonomy, which should include one of the subjects CFP has long neglected, disability. Generally speaking, redesigning anything to make disabled access easier has benefited many other people (curb ramps, for example, help not only people in wheelchairs but those dragging luggage or pushing babies in strollers). But it's been contentious in designing electronic voting systems, especially when you're trying to design a paper trail voters can verify – how does a blind person verify the paper?

It's worth noting, by the way, that the UK, apparently refusing to believe the stories it reads about snafus (PDF) everywhere else, has decided to run trials in 2007. Look for a talk by Rebecca Mercuri on the problems encountered in the last US elections on February 8 in London as part of a conference on e-voting that will attract speakers from Ireland and Italy; it's being organized by Jason Kitcat for the Open Rights Group.

The disabled, the elderly, and even the seriously ill, figure in another trend: one of the promises people talk about with respect to ubiquitous computing is the ability to monitor people at risk and make sure they're all right. It sounds so warm and fuzzy: install a bunch of sensors in Grandma's house so you can check in every day via a Web interface and make sure she's still alive. Or give her a robot to make sure she eats every day and doesn't spend all day sitting around in that one stained bathrobe. Is that the life you want when you're 87? (I can hear my mother saying even now, of her old robot that's been replaced, "It never calls, never writes…")

Autonomy is also an umbrella for the many trends that, compared to the glamour days of the file-sharing wars, sound too dry or remote to be dangerous. What could be harmful about putting medical records on a centralized database? Wouldn't it be better if emergency personnel can quickly find out the medical history of an unconscious person – what medications they take, what allergies they have, what their health problems are? Speaking as someone with almost no medical records at all (most of my doctors are dead; those that aren't shredded their records rather than show them to me), that sounds appealing. But who will have access? How will that information be used and protected? Where will it go once it's collected? The UK's proposals in this area are so weak that Ross Anderson is heading a movement to help people opt out of having their patient records uploaded.

As much data as is now collected about us all – credit card trails, online shopping, medical data, government dealings, phone bills, Web logs – it's nothing compared to what's coming our way. Location-tracking (primarily but not solely via mobile phones), national identity databases, border controls that require fingerprinting and other biometrics will all generate far more data than anything we have now. And that's without RFID. A friend points out that in the US foreigners are required (although it's rarely enforced) to carry their I-94 entry forms with them at all times; trials are underway to include RFID chips in these, and the privacy flaws are already being reported.

Which leads to another strand: technologies that don't work. Despite the fact that everyone who's ever installed new software has had the experience of having it utterly fail to work, hope seems to spring eternal that any IT project will do what its vendors promise if only it's sufficiently large and commissioned by a government. In a way, we have to be grateful when those hopes are crashed; an identity database that fails obviously, frequently, and undeniably is much less damaging to the person who is the object of that failure (the failee?) than one that fails subtly and rarely. The real problem is not that technology fails – all technologies fail sometimes – but our faith that it can be trusted.

The Hitchhiker's Guide to the Galaxy summed up the three stages of civilization thus: How can we eat? What shall we eat? Where shall we have lunch? There is a similar thread running from the natural desire for greater safety for ourselves and our children (warning labels on bags of marbles) to surrendering control over our own lives (a database to make sure that marbles aren't sold to anyone who isn't bright enough to know not to eat them).

Enjoy the holidays.

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML).

Posted by wendyg at 01:54 PM | Permalink | Comments (0) | TrackBacks (0)

“Everyone seems depressed,” someone said a half-day into this year’s Computers, Freedom, and Privacy conference.

It’s true. Databases are everywhere this year. FEMA databases made of records from physicians, pharmacists, insurers. The databases we used to call the electoral rolls. Choicepoint. The National Health infrastructure they want to build. Real ID. RFID tracks and trails – coming soon to a database near you. And so on.

The only really positive moment is when Senator Leahy (Democrat – VT) bounds in to deliver a keynote, saying that the society we are creating is “a different US society than the one we know”. He ringingly denounces the claim that voting for the resolution to pursue Al-Qaida included voting for warrantless wiretapping, and everyone applauds.
Wait. CFP is being bucked up by a senator? Ten years ago, this conference thought it could code its way out of anything. PGP and Internet architecture could beat any lawmaker.

Now, someone says, “The governments are moving in in a big way” and there is a sense that the only hope lies in policy-making and persuasion. Privacy advocates are brainstorming legislative proposals. The Electronic Frontier Foundation is opening an office in DC.

Even the government types are depressed. Stewart Baker, who in 1994 baited this group by claiming that opposition to key escrow was coming only from those who couldn’t go to Woodstock because they had to finish their math homework, is now at the Department of Homeland Security, and tells us that in an emergency we should save ourselves.

Actually, that was one of the few moments of levity. What he did was ask how many libertarians were there in the room who believed that a government governs best that governs least. About ten percent of the crowd raised their hands (another major change from minus ten years, when at least half would have done so). How many actually had provisions of food and water for 72 hours? Most hands dropped. “Who,” Baker asked, “are you expecting to rescue you?” Gotcha.

The science fiction writer Vernor Vinge, who’s been wandering the conference to sample the zeitgeist preparatory to delivering his wrap-up late Friday, summed it up in an advance sample.

“The angle that’s somewhat discouraging,” he says, “is the sense I have in many of these issues that they do reflect an almost implacable advance and on many different fronts on the part of the government in support of the fundamental government idea that total information awareness (no trademark) is absolutely essential to the national interest. I see that as clearly and explicitly recognized by the government as essential to national security, so that in the long run opposing it is at best a matter of slowing its advance down and at worst giving it the appearance of slowing its advance down.”

Vinge was last at CFP in 1996, when he, Bruce Sterling, and Pat Cadigan all participated in a panel called “We Know Where You Will Live”. I remember it as one of the best CFP panels, ever. It was, to be sure, somewhat gloomy. I remember, for example, predictions that a supermarket might know what foods you had been eating from your sales records and, in cahoots with your medical insurer, order you off the potato chips and onto the celery sticks. But being able to imagine this dysfunctional future gave the sense that we would be able to avert it. And without, as one prominent CFPer has done since last year, moving to Canada.

This year, Katherine Albrecht, the leading campaigner against RFID tags and their prospective use to tag and track goods and people, presented her latest findings. Some of her scenarios are far-fetched enough to be truly lame (for example, the idea that someone could sit next to you in a plane and scan your bag so they could steal exactly what they wanted while you were in the lavatory) and others are too clearly chosen to try to manipulate emotional hot buttons (such as the idea that someone passing on the street could point a cellphone reader at a woman and be able to tell what model and color bra she was wearing; I mean, so what?). But the tracking, storing, and eventually sharing of data are all logical consequences of the infrastructure her research shows they are building. I’m not convinced we will go there. But the possibility is no longer outlandish enough for me to feel empowered by considering it any more.

“We haven’t,” a privacy activist now in the corporate sector said to me over dinner, “had one single success. It’s just a long list of failures.”

It is the health care situation that is particularly depressing. The UK has its flaws, but one benefit of nationalized health care is a real reduction in the number of people and organizations who are intensely interested in your medical records. In the US, it seems as though everyone is lining up hoping to get a glimpse of what might be wrong with you.

In one panel we learn that medical identity theft is one of the biggest and fastest growing problems. Now, I wouldn’t mind that so much if they’d take my ailments, too. Such as this growing sensation of being surrounded, spied upon, watched by cameras…

Wendy M. Grossman’s Web site has an extensive archive of her books, articles, and music, and an archive of all the earlier columns in this series. Readers are welcome to post here, at net.wars home, at her personal blog, or by email to netwars@skeptic.demon.co.uk (but please turn off HTML)

Posted by wendyg at 12:35 PM | Permalink | Comments (0) | TrackBacks (0)