Report from Trustycon: like RSA, but without the corruption


Seth Rosenblatt reports from Trustycon, the conference formed as a protest against, and alternative to the RSA security conference. RSA's event is the flagship event in the security industry, but the news that RSA had accepted $10M from the NSA to sabotage its own products so that spies could break into the systems of RSA customers led high profile speakers like Mikko Hypponen to cancel their appearances at the event.

Trustycon sold out, raised $20,000 for the Electronic Frontier Foundation, and, most importantly, got key members of the security industry to come to grips with the question of improving network security in an age when spy agencies are spending hundreds of millions of dollars every year to undermine it.

"I wasn't expecting anyone else to cancel, wasn't expecting American speakers to cancel," he said, saying at the time that it was an issue of national pride.

To his surprise, he told TrustyCon, "the ones with the balls have canceled."

His TrustyCon speech focused on the simmering international conflict. He pointed out that thanks to Snowden and to the Stuxnet revelations, we've learned that governments were actively writing and delivering malware.

"Ten years ago this would've been science fiction," he said.

He noted that he wasn't against all government spying and said that high-profile political leaders such as Angela Merkel of Germany have a reasonable expectation to be the targets of surveillance.

"The problem," he said, "is listening to the traffic of people on the street. Why is it being collected? Because it's technically possible. We created the monster."

Other speakers also focused on the issue of trust, and of otherwise trustworthy computing systems exploited by governments, including the US.

TrustyCon's RSA Conference rebels promise more to come [Seth Rosenblatt/Cnet]

(Image: Seth Rosenblatt)

Notable Replies

  1. "Why is it being collected? Because it's technically possible"

    i love that "why is it being collected? because they can" fair enough...

  2. And that, friends, is what real patriotism looks like

  3. You should read David Brin's "The Transparent Society" - while it's a bit dated (~1997), and a bit over-optimistic about our ability to get organized and influence government policy, one of his main points is that technology makes universal surveillance cheaper at roughly Moore's Law speeds.

    The only real balance we're going to get is by convincing government to let the public watch them also, or by having the public widely carry recording tools (which happened, not as part of a deliberate civil liberties campaign but because iPhones are shiny and because including cameras in phones lets carriers sell more data service.)

    I didn't go to TrustyCon this week - it sold out pretty quickly.

  4. It was "interesting" in a half-baked, cornucopian, techno-paradise, liberdelusional, poorly thought out way. Anyone doing a serious reading back then realized the following non-exhaustive list of flaws

    1. It assumed the ability to spy would be symmetrical. It isn't.
    2. It assumed governments would allow equal surveillance of their
      activities "just because". This flies in the face of all of human
      history
    3. It assumed that some kind of perfectly fair and even-handed
      Marketplace of Privacy would magically come into being. To label
      this a fantasy is so understated as to be actively misleading
    4. It assumed that the technology to spy would be distributed evenly.
      This isn't even vaguely real
    5. It assumed that corporate interests could never influence government
      to achieve surveillance asymmetry over regular people. This is
      balderdash to put it mildly
    6. It assumed that the Marketplace of Privacy would work because people
      would have enough money to protect their privacy to the degree they
      valued it, just like people in poor countries could bribe corporate
      polluters if they really cared about their miserable lives.

    In short, Brin was so convinced he was the smartest guy in the room that he said a bunch of stupid careless things which are only plausible if you completely take leave of your critical faculties. A lack of privacy is embarrassing to, say, Exxon or the Chamber of Commerce. It is potentially life-destroying to the rest of us. The Libertarians, Randroids, Market Fundamentalists and so on are allergic to strong institutional and regulatory safeguards for the public good and the concerns of the powerless. These things are, nonetheless, necessary to prevent serious harm. Defining good as bad and night as day doesn't make it so. Framing the debate by saying "It's impossible. Don't even try. Don't even consider the possibility of trying" is cowardly and worse

    As a friend put it "You look at America and see Athens. I look at it and see Rome."
    My reply was "Work like hell for Athens and you might get Rome. Aim for Rome and you'll end up with Mordor"

  5. Brin? Libertarian/Randroid? I think he'd laugh louder about that than I would; he'd probably call himself a sensible liberal, and thinks libertarians are naive and that a Libertopia would immediately get invaded by neighbors. (I'm saying this as a Libertarian.)

Continue the discussion bbs.boingboing.net

1 more reply

Participants