Highlights of Eben Moglen's Freedom in the Cloud Talk

February 10, 2010

Here are some highlights of the talk Eben gave on Freedom in the Cloud at the New York ISOC branch meeting last Friday, February 2. A full transcript is available here

The Problem [2:55] : "Our calendar is on the web. Our location is on the web ... The deal that you get with the traditional service called telephony now includes a thing you didn't know like spying. It's not a service to you. But it's a service. And you get it for free with your service contract for telephony. You get for free the service of advertising with your Gmail, which of course means there is another service behind, which is untouched by human hands, semantic analysis of your email ... And you get free email service and some storage which is worth exactly a penny and a half at the current price of storage...

What's that got to do with open source? [5:15]: "It doesn't have anything to do with open source but it has a whole lot to do with free software.."

From peers to Microsoft [5:36]: "So we need to back up a little bit, figure out where we are, how we got here, and whether we can get out and if so how. It's not a pretty story..We haven't lost. We've just really bamboozled ourselves. And we're going to have to unbamboozle ourselves really quickly or we're going to bamboozle a bunch of innocent people who didn't know we were throwing away their privacy for them forever."

[6:13] "It begins of course with the Internet. Designed as a network of peers without any intrinsic need for hierarchical or structural control and assuming that every switch in the net is an independent free standing entity who's volition is equivalent to the human beings who control it ... But it never really worked out that way."

The Software Problem [7:18]: "It was a simple software problem and it has a simple three syllable name. It's name was 'Microsoft'. Conceptually there was a network which was designed as a system of peer nodes, but the operating software ... that came to occupy the network over the course of a decade-and-a-half was built around a very clear idea that had nothing to do with peers. It was called 'server/client architecture'."

The Great Idea Behind Windows [9:22]: "It was the great idea of Windows, in an odd way, to create a political archetype in the net that reduced the human being to the client, and created a big centralized computer, which we might refer to as the server, that provided things to the human being on 'take or it leave it' terms. And unfortunately everyone took it because they didn't know how to leave once they got in. Now, the net was made up of servers in the center and clients at the edge. Clients had quite a little power and servers had quite a lot ... As storage gets cheaper, as processing gets cheaper, as complex services that scale in ways that are hard to use small computers for ... the hierarchical nature of net came to seem like it was meant to be there."

Logs [10:44]: "One more thing happened about that time ... Servers began to keep logs. That's good decision ... But if you have a system which centralizes servers, and the servers centralize their logs, then you are creating vast repositories of hierarchically organized data about people at the edges of the network that they do not control, and unless they are experienced in the operation of servers, will not understand the comprehensiveness of, will not understand the meaningfulness of, will not understand the aggregatability of."

The Recipe for Disaster [12:01]: "So we built a network out of a communications architecture designed for peering, which we defined in client server style, which we then defined to be the dis-empowered client at the edge and the server in the middle. We aggregated processing and storage increasingly in the middle and we kept the logs -- that is information about the flows of information in the net -- in centralized places far from the human beings who controlled or at any rate thought they controlled the operation of the computers that increasingly dominated their lives. This was a recipe for disaster."

Welcome to "The Cloud": [13:00] The word cloud doesn't really mean anything very much. The disaster we are having is not the catastrophe of the cloud. The disaster we are having is the catastrophe of how we misunderstood the net under the assistance of the unfree software that helped us to understand it. What cloud means is that servers have ceased to be made of iron. Cloud means virtualization of servers has occurred ... Iron no longer represents a single servers. Iron is merely a place where servers could be ... Cloud means servers have gained freedom. Freedom to move. Freedom to dance; to combine and to separate, re-aggregate, and do all sorts of tricks. Servers have gained freedom. Clients have gained nothing. Welcome to the cloud."

The Social Consequences of Technology [14:54]: "If you think about it, each step in that architectural evolution away from a network made of peers; to servers that serve the communication with humans beings to clients which are programs running on heavy iron; to clients, which are the computers that people actually used in a fairly dis-empowered state and servers are a high concentration of power in the net; to servers are virtual processes running in clouds of iron at the center of an increasingly hot galaxy and the clients are out there in the dusty spiral arms. All of these decisions architecturally were made without discussion the social consequences long-term."

Disempowering the people who own the clients [16:30]: "So we got an architecture that was very subject to misuse, indeed it was begging to be misused. Now we are getting the misuse we set up...There are a lot of reasons for making clients dis-empowered ... There are many overlapping rights owners, as they see themselves, each of whom has a stake in dis-empowering a client at the edge of the network. To prevent particular hardware from being moved from one network to another. to prevent particular hardware from playing music not bought at the monopoly of music in the sky."

What is a Platform? [18:00]: "What we have are things we call platforms? The word platform, like cloud, doesn't inherently mean anything. Thrown around a lot in business talk, but basically what 'platform' means is places you can't leave, stuff you're stuck to, things that don't let you off. Once the net become a hierarchically organized zone with servers in the center and increasingly dis-empowered clients at the edge, it becomes the zone of 'platforms' and platform making becomes the order of the day... Microsoft was never really a software company, Microsoft was a platform management company."

Late Google Stage One [20:00]: "Search is not a thing that we can easily distribute. It is a complex service that must be centrally organized and unilaterally delivered ... Search becomes an archetypal complex service and draws a business model for its monetization ... On the underside of the complex service of search is a simple service called advertising. But that's the innocent part of the story. We don't remain in the innocent part of the story. Where we are, is to the discovery that everything would be better if we have the logs to everything. The cloud means that we can't even point in the direction of the server anymore. We don't have extra-technical or non-technical means over this disaster. The stage we're in now is late Google Stage One."

Enter Mr. Zuckerberg [24:00]: "The human race has susceptibility to harm but Mr. Zuckerberg has attained an unenviable record. He has done more harm to the human race than anybody else his age. Because he harnessed Friday night, that is, 'Everybody needs to to get laid,' and turned into a structure for degenerating the integrity of human personality and he has to remarkable extent succeeded with a very poor deal, namely 'I will give you free web-hosting and some PHP doodads and you get spying for free all the time'. And it works. How could that have happened? There was no architectural reason. Facebook is the web with, 'I keep all the logs, how do you feel about that.' It's a terrarium for what it feels like to live in a Panopticon built out of web parts. And it shouldn't be allowed. That's a very poor way to deliver those services. They are grossly overpriced at 'spying all the time', they are not technically innovative. They depend on an architecture subject to misuse and the business model that supports them is misuse. There isn't any other business model for them. This is bad. I'm not suggesting it should be illegal. It should be obsolete. We're technologists we should fix it."

[27:30] "Facebook is a really good example of where we went wrong and what happened to us because. It's trickier with Gmail because of that magical untouched by human handsyness ... Facebook workers know who's going to have a love affair before the people do because they can see X obsessively checking the webpage of Y."

The Problem is the Cruft and Data Dandruff of Life [30:00]: "In fact the degree of potential informational inequality, and disruption and difficulty that arises from a misunderstanding, a heuristic error in the minds of human beings about what is and is not discoverable about them, is now our biggest privacy problem. My students ... show constantly in our dialog they still, think of privacy as the one secret they don't want revealed. But that's not their problem. Their problem is all the stuff that's the ... data dandruff of life, which they don't think of as secret at all but aggregates to stuff they don't want to know. Which aggregates not just to stuff they don't want other people to know, but to predictive models about them which they would be very creeped out to know exists at all. The data that we infer is the data in the holes between the data we already know if we know enough things."

Where we Live Now [32:58]: "So where we live has become a place in which it would be very unwise to say about anything that it isn't known if you are pretty widely known in the net ... and all of us are pretty known in the net. We want to live there. It is our neighborhood. We just don't want to live with a video camera on every tree and a microphone on every bush and a data miner beneath our feet everywhere we walk, and the net's like that now."

Freedom Box [34:31]: "We have to fess up. If we're the people who care about freedom, its late in the game and we're behind. We did a lot of good stuff and we have a lot of tools lying around that we built over the last 25 years ... I'm glad the tools are around but we have to admit we have not used them to protect freedom because freedom is decaying ... 'Open source' doesn't matter anymore. Free software matters a lot because free software is open source software with freedom ... Freedom still matters and what we need to do is to make free software matter to the problem that we have which is unfree services delivered in unfree ways really beginning to deteriorate the structure of human freedom. Like a lot of unfreedom, the real underlying social process that forces this unfreedom along is nothing more than perceived convenience."

Who Could Run a Web Server of Their Own and Keep the Logs? [38:00]: "So what do we need? We need a really good web server that you can put in your pocket and plug in any place. It shouldn't be any larger than the charger for your cellphone. You should be able to plug it into any power jack in the world or sync it up with any wi-fi router that happens to be in this neighborhood ... It should have a couple of USB ports that attach it to things. It should know how to bring itself up; how to start its web server; how to go and collect your stuff from all the social networking places you've got it. It should know how to send an encrypted backup of everything to your friends' servers. It should know how to micro-blog, It should now how to make some noise that's like tweet but doesn't infringe on anyone's trademark. It should know how to ... be your avatar in a free net that works for you and keeps the logs. You can always tell what's happening in your server and if anybody else wants to know they can get a search warrant.

"There's a little more we have to do but its all trivial ... We need some dynamic DNS. It's all stuff we've already invented. It's all there, nobody needs anything special. Do we have the server we can put in your pocket? Indeed we do. Off the shelf hardware. Beautiful wall warts with ARM chips ... How's the software stack? It's any software stack you want to put in there ... You ought to want the Debian, GNU/Linux, social networking stack.

"This is stuff we've got. We need to put it together ... I'm not talking about stuff that's hard for us. We need to make a free software distribution guys. We need to give a bunch to all of our friends and say, 'fool around with this and make it better.' We need to do the thing we are already really good at, because all the rest of is done. In the bag, cheap, ready. Those wall wart servers are $99 now, going to $79. When there are 5 million of them, they'll be $29.99. Then we go to people and we say, "$29.99 once, for a lifetime. Great social networking, updates automatically, software so strong you couldn't knock it over if you kicked it, and you know what, you get 'no spying' for free. We can do that ... When there is a competitor to 'all spying, all the time, whether you like it or not', the competition is going to do really well. Don't expect Google to be the competitor. That's a platform. What we need is to make a thing so greasy that there will never be another social networking platform again ... It's well within our reach. Are we going to do it before the Facebook IPO or after?"

"We don't have to live in the Catastrophe [4:40]: "It's not like we have to live in the catastrophe. It's not like what we have to do to begin to reverse the catastrophe is hard for us. We need to re-architect services in the net; we need to redistribute services back towards the edge; we need to de-virtualize the servers where your life is stored and restore some autonomy to you as the owner of the server. The measures for taking those steps are technical ... as usual the box builders are ahead of us. The hardware isn't the constraint. As usual, nowadays the software isn't a constraint either because we've made so much good stuff ... the bad architecture is enabled, powered, by us the re-architecture is too. And we have our usual magic benefit. If we had one copy of what I'm talking about, we have all the copies we need.

A technical challenge for a social reason [46:00]: "There is a technical challenge for a social reason...It's a frontier for technical people to explore. There is enormous social payoff for exploring it. The payoff is plain because the harm being ameliorated is current and people you know are suffering from it. Everything we know about why we make free software says that's when we come into our own. It's a technical challenge incrementally attainable by extension from where we already are that makes the lives of the people around us and whom we care about immediately better. In 25 years of doing this work, I have never seen us fail to rise to a challenge that can be defined in those terms. So I don't think we are going to fail this one either. Mr. Zuckerberg richly deserves bankruptcy. Let's give it to him, for free."

This is actually a story potentially happy [48:00]: "If we do it we will have quelled one more rumor about the irrelevancy of us ... We will not be rid of our problems by any means, but just moving the logs from them to you is the single biggest step that we can take in resolving a whole range of social problems. That I feel badly in what remains of my American constitution; and that I would feel badly about if I were watching the failure of European data protection law from inside instead of outside; and that I would feel kind of hopeful about if I were, oh say, a friend of mine in China. Because, you know, of course we really ought to put a VPN in that wall wart, and we probably ought to put a TOR router. And of course we got bittorrent and by the time we're done with all of that we got a freedom box ... We have a box that not only climbs us out of the hole we're in, but we have a box that actually puts a ladder up for people who are deeper in the hole than we are ... We're not going to win the war on Internet freedom with Facebook on our backs."

The Solution is Made of our Parts [55:00]: "It isn't that this gets all the problems solved. But the easy work is very rich and rewarding now. The problems are really bad and getting the easy ones out of the way will improve the politics for solving the hard ones and it's right up our alley. The solution is made of our parts. We got to do it ... We could put it off until Tuesday but how long do you really want to wait? Every day that goes buy there is more data we'll never get back; more inferences we can't undo ... It's not like we should say, 'one of these days I'll get around to it.' It's way more urgent than that."

Other SFLC news...