0 00:00:00,000 --> 00:00:30,000 Dear viewer, these subtitles were generated by a machine via the service Trint and therefore are (very) buggy. If you are capable, please help us to create good quality subtitles: https://c3subtitles.de/talk/677 Thanks! 1 00:00:13,950 --> 00:00:16,199 The next talk I want to 2 00:00:16,200 --> 00:00:18,419 ask you one 3 00:00:18,420 --> 00:00:20,819 thing, did you know that had been Crypto 4 00:00:20,820 --> 00:00:21,870 Wars 2.0? 5 00:00:23,790 --> 00:00:24,719 Who has known? 6 00:00:24,720 --> 00:00:25,920 Who has knowledge of that? 7 00:00:27,870 --> 00:00:30,119 OK, I see about three, four hands. 8 00:00:30,120 --> 00:00:32,399 So the most of us hackers even didn't 9 00:00:32,400 --> 00:00:34,679 know about Crypto Wars 2.0. 10 00:00:34,680 --> 00:00:36,779 And it seems like we kind of 11 00:00:36,780 --> 00:00:38,189 lost it. 12 00:00:38,190 --> 00:00:40,039 So what are we doing now? 13 00:00:41,400 --> 00:00:43,469 And one step 14 00:00:43,470 --> 00:00:45,629 to take would be 15 00:00:45,630 --> 00:00:48,119 to stopping law enforcement hacking 16 00:00:48,120 --> 00:00:50,159 and how can we do that? 17 00:00:50,160 --> 00:00:52,049 And this is why Christophers on stage. 18 00:00:53,250 --> 00:00:54,629 He will tell us a little bit about 19 00:00:54,630 --> 00:00:56,849 exactly that topic. 20 00:00:56,850 --> 00:00:57,850 Thank you very much. 21 00:01:04,500 --> 00:01:06,329 All right, thank you all for coming. 22 00:01:06,330 --> 00:01:08,789 This is a topic I've been researching 23 00:01:08,790 --> 00:01:10,859 for, I think, three or four years 24 00:01:10,860 --> 00:01:13,229 now, so I'm really excited to finally 25 00:01:13,230 --> 00:01:14,939 be able to talk to my community about 26 00:01:14,940 --> 00:01:15,869 this. 27 00:01:15,870 --> 00:01:17,969 So let me start by saying just a little 28 00:01:17,970 --> 00:01:18,989 bit about myself. 29 00:01:18,990 --> 00:01:20,909 My name is Chris Soghoian. 30 00:01:20,910 --> 00:01:22,409 For the last four years, I've been 31 00:01:22,410 --> 00:01:24,749 employed at the American Civil Liberties 32 00:01:24,750 --> 00:01:26,819 Union, a major NGO, and 33 00:01:26,820 --> 00:01:28,649 the United States. And I'm a computer 34 00:01:28,650 --> 00:01:31,259 scientist. I advise the lawyers 35 00:01:31,260 --> 00:01:33,359 who do our surveillance cases as I 36 00:01:33,360 --> 00:01:35,489 work hand in hand with the lawyers 37 00:01:35,490 --> 00:01:37,940 who sue the FBI and the NSA for spying. 38 00:01:40,560 --> 00:01:41,760 But. Well, thank you. 39 00:01:46,320 --> 00:01:48,699 So this is actually near 40 00:01:48,700 --> 00:01:50,279 the end of my job, I'll be leaving the 41 00:01:50,280 --> 00:01:51,280 ACLU 42 00:01:52,830 --> 00:01:54,749 at the beginning of January to spend a 43 00:01:54,750 --> 00:01:57,869 year in Congress advising 44 00:01:57,870 --> 00:02:00,659 politicians on technology. 45 00:02:00,660 --> 00:02:02,579 And so I want to emphasize one thing 46 00:02:02,580 --> 00:02:05,309 before I begin my talk, which is 47 00:02:05,310 --> 00:02:06,959 not only am I not speaking on behalf of 48 00:02:06,960 --> 00:02:08,579 my current employer, but I'm definitely 49 00:02:08,580 --> 00:02:10,228 not speaking on behalf of any future 50 00:02:10,229 --> 00:02:11,229 employer. 51 00:02:12,900 --> 00:02:14,549 Government hacking is an extremely 52 00:02:14,550 --> 00:02:15,899 controversial topic. 53 00:02:15,900 --> 00:02:18,449 There are mixed feelings even within 54 00:02:18,450 --> 00:02:19,859 the hacker community and within civil 55 00:02:19,860 --> 00:02:20,759 society. 56 00:02:20,760 --> 00:02:22,949 And so I recognize that my 57 00:02:22,950 --> 00:02:25,379 own views are definitely not mainstream, 58 00:02:25,380 --> 00:02:27,509 even within the community of 59 00:02:27,510 --> 00:02:29,579 people who fight the government and fight 60 00:02:29,580 --> 00:02:31,469 law enforcement surveillance. 61 00:02:31,470 --> 00:02:33,359 All right. So disclaimer number two, 62 00:02:33,360 --> 00:02:34,829 there's actually three disclaimers coming 63 00:02:34,830 --> 00:02:35,830 here, too. 64 00:02:37,170 --> 00:02:39,239 So this is a great quote from from 65 00:02:39,240 --> 00:02:40,619 a famous journalist in United States. 66 00:02:40,620 --> 00:02:42,149 I want to read it right quick. 67 00:02:42,150 --> 00:02:43,709 The trouble with fighting for human 68 00:02:43,710 --> 00:02:45,989 freedoms is that one spends most of one's 69 00:02:45,990 --> 00:02:48,119 time defending scoundrels, for it 70 00:02:48,120 --> 00:02:49,709 is against scoundrels that oppressive 71 00:02:49,710 --> 00:02:51,989 laws are first aimed and oppression 72 00:02:51,990 --> 00:02:54,059 must be stopped at the beginning if it is 73 00:02:54,060 --> 00:02:55,469 to be stopped at all. 74 00:02:55,470 --> 00:02:57,030 Really what he's describing here. 75 00:03:00,970 --> 00:03:03,039 So what he's describing here is the fact 76 00:03:03,040 --> 00:03:05,169 that many of the court cases that 77 00:03:05,170 --> 00:03:07,929 define our basic privacy rights 78 00:03:07,930 --> 00:03:11,049 come from cases involving drug dealers, 79 00:03:11,050 --> 00:03:13,299 people smuggling, alcohol 80 00:03:13,300 --> 00:03:15,429 and pedophiles. And so it 81 00:03:15,430 --> 00:03:17,799 can be very 82 00:03:17,800 --> 00:03:20,019 unpleasant for for people 83 00:03:20,020 --> 00:03:22,509 to sort of engage in these cases. 84 00:03:22,510 --> 00:03:24,609 But if you wait until 85 00:03:24,610 --> 00:03:26,529 the government is using its powers 86 00:03:26,530 --> 00:03:28,809 against journalists and freedom fighters, 87 00:03:28,810 --> 00:03:30,939 by that point, the case law is settled. 88 00:03:30,940 --> 00:03:33,189 And so if you care about 89 00:03:33,190 --> 00:03:34,959 our rights, you have to roll up your 90 00:03:34,960 --> 00:03:37,029 sleeves and get into some 91 00:03:37,030 --> 00:03:38,379 pretty unpleasant fights. 92 00:03:38,380 --> 00:03:40,509 And so that's, in fact what I've done 93 00:03:40,510 --> 00:03:42,009 this year. 94 00:03:42,010 --> 00:03:44,259 I volunteered in for 95 00:03:44,260 --> 00:03:46,809 child porn cases, for the defense 96 00:03:46,810 --> 00:03:48,159 in my personal capacity. 97 00:03:48,160 --> 00:03:50,469 I took time off from work. 98 00:03:50,470 --> 00:03:51,849 I didn't take any money. 99 00:03:51,850 --> 00:03:53,709 And I went and volunteered in these cases 100 00:03:53,710 --> 00:03:55,809 because I wanted to understand how the 101 00:03:55,810 --> 00:03:56,889 FBI hacks 102 00:03:58,360 --> 00:03:59,919 and these are the cases. 103 00:03:59,920 --> 00:04:01,629 The unfortunate fact is, is that child 104 00:04:01,630 --> 00:04:03,849 porn cases are the only cases 105 00:04:03,850 --> 00:04:06,069 we really know about where the most 106 00:04:06,070 --> 00:04:08,079 innovative and troubling techniques are 107 00:04:08,080 --> 00:04:10,599 being used. And if you want to 108 00:04:10,600 --> 00:04:12,459 help to decide what the law of hacking is 109 00:04:12,460 --> 00:04:15,069 going to be, this is where the action is. 110 00:04:15,070 --> 00:04:16,749 It's probably the most difficult thing 111 00:04:16,750 --> 00:04:18,910 I've ever done in terms of 112 00:04:20,620 --> 00:04:22,749 in terms of of forcing me to 113 00:04:22,750 --> 00:04:24,909 confront my feelings about the state 114 00:04:24,910 --> 00:04:27,009 and about the criminal justice system. 115 00:04:27,010 --> 00:04:28,929 I understand that there are many people 116 00:04:28,930 --> 00:04:30,339 in this community who would not go that 117 00:04:30,340 --> 00:04:31,299 far. 118 00:04:31,300 --> 00:04:33,489 And it's certainly kept me up at night 119 00:04:33,490 --> 00:04:36,189 on many evenings because 120 00:04:36,190 --> 00:04:38,709 I volunteered for the defense. 121 00:04:38,710 --> 00:04:41,109 In several cases, I've actually 122 00:04:41,110 --> 00:04:43,269 seen things that are not public. 123 00:04:43,270 --> 00:04:45,219 I've seen documents that are still 124 00:04:45,220 --> 00:04:46,389 sealed. 125 00:04:46,390 --> 00:04:48,549 I have copies of 126 00:04:48,550 --> 00:04:50,139 some software that the defense was 127 00:04:50,140 --> 00:04:52,299 provided, provided to the defense. 128 00:04:52,300 --> 00:04:53,559 That's still not public. And what I want 129 00:04:53,560 --> 00:04:55,599 to emphasize is that everything that I'll 130 00:04:55,600 --> 00:04:57,759 be describing today 131 00:04:57,760 --> 00:04:59,559 is based on public information. 132 00:04:59,560 --> 00:05:01,809 Although I've worked as a volunteer 133 00:05:01,810 --> 00:05:04,269 expert for several defense teams, nothing 134 00:05:04,270 --> 00:05:06,819 in this talk will rely on any information 135 00:05:06,820 --> 00:05:08,499 learned in that context. 136 00:05:08,500 --> 00:05:09,579 All right. And then disclaimer number 137 00:05:09,580 --> 00:05:12,639 three, this is going to seem 138 00:05:12,640 --> 00:05:15,189 very American centric and I apologize 139 00:05:15,190 --> 00:05:17,559 for that. I get from the audience here, 140 00:05:17,560 --> 00:05:18,639 I'm an American. 141 00:05:18,640 --> 00:05:19,959 I live in the United States. 142 00:05:19,960 --> 00:05:22,209 And the fact is, is that my government 143 00:05:22,210 --> 00:05:24,549 is has been more open about 144 00:05:24,550 --> 00:05:26,589 its use of hacking than many other 145 00:05:26,590 --> 00:05:28,179 governments. And that's not necessarily 146 00:05:28,180 --> 00:05:30,189 because we are a more open society. 147 00:05:30,190 --> 00:05:31,809 I think it's more that the FBI has been 148 00:05:31,810 --> 00:05:33,399 caught a few times. 149 00:05:33,400 --> 00:05:35,229 But the end result is that we've learned 150 00:05:35,230 --> 00:05:37,389 a lot more about law enforcement 151 00:05:37,390 --> 00:05:39,459 hacking in the United States than many 152 00:05:39,460 --> 00:05:40,449 other countries have. 153 00:05:40,450 --> 00:05:42,639 And I think there are many lessons that 154 00:05:42,640 --> 00:05:44,919 can be learned by what has happened 155 00:05:44,920 --> 00:05:46,899 in the US, even if you're not an 156 00:05:46,900 --> 00:05:48,279 American. 157 00:05:48,280 --> 00:05:49,869 All right. So what's the point of this 158 00:05:49,870 --> 00:05:51,579 talk? This is not a talk show. 159 00:05:51,580 --> 00:05:53,319 I'm going to give you the history of law 160 00:05:53,320 --> 00:05:54,320 enforcement hacking. 161 00:05:55,960 --> 00:05:56,859 This is not a talk show. 162 00:05:56,860 --> 00:05:58,779 I'm going to describe in real intimate 163 00:05:58,780 --> 00:06:01,329 detail how the technology 164 00:06:01,330 --> 00:06:03,519 of government malware works. 165 00:06:03,520 --> 00:06:05,739 The purpose of this talk is really to 166 00:06:05,740 --> 00:06:07,839 advance the debate around 167 00:06:07,840 --> 00:06:09,639 law enforcement hacking. 168 00:06:09,640 --> 00:06:12,549 When I first learned probably 169 00:06:12,550 --> 00:06:14,739 five or six years ago that the FBI 170 00:06:14,740 --> 00:06:16,569 had a dedicated team of hackers, 171 00:06:18,160 --> 00:06:20,619 my instinct was that I didn't like it. 172 00:06:20,620 --> 00:06:22,689 But beyond sort of the initial ick 173 00:06:22,690 --> 00:06:24,999 factor, it took me a while to figure 174 00:06:25,000 --> 00:06:27,669 out why I didn't like the idea 175 00:06:27,670 --> 00:06:29,349 of the government having the ability to 176 00:06:29,350 --> 00:06:32,049 control people's webcams or microphones 177 00:06:32,050 --> 00:06:33,669 or break into their mobile phones or 178 00:06:33,670 --> 00:06:35,229 laptops and steal information. 179 00:06:35,230 --> 00:06:37,869 It took me a while to come up with 180 00:06:37,870 --> 00:06:40,539 my own feelings and my own arguments. 181 00:06:40,540 --> 00:06:42,579 And the unfortunate thing is that many 182 00:06:42,580 --> 00:06:44,829 people in civil society in 183 00:06:44,830 --> 00:06:47,169 trying to push back against 184 00:06:47,170 --> 00:06:49,239 government hacking authority, have 185 00:06:49,240 --> 00:06:50,799 not advanced our arguments very much. 186 00:06:50,800 --> 00:06:53,709 Our arguments are very basic and 187 00:06:53,710 --> 00:06:55,719 really it's been focused on protecting 188 00:06:55,720 --> 00:06:57,069 the privacy of the targets. 189 00:06:57,070 --> 00:06:59,109 The government has violated the privacy 190 00:06:59,110 --> 00:07:00,819 of the pedophiles they're investigating, 191 00:07:00,820 --> 00:07:03,219 and that's a total loser in the political 192 00:07:03,220 --> 00:07:04,479 sphere. 193 00:07:04,480 --> 00:07:06,939 And so the purpose 194 00:07:06,940 --> 00:07:08,499 of this talk is to advance us beyond 195 00:07:08,500 --> 00:07:10,749 that. Right. If the best argument we have 196 00:07:10,750 --> 00:07:13,029 against government hacking is tied 197 00:07:13,030 --> 00:07:15,339 to the privacy of pedophiles, 198 00:07:15,340 --> 00:07:16,479 we're toast. 199 00:07:16,480 --> 00:07:18,579 Even if we think that everyone in our 200 00:07:18,580 --> 00:07:20,289 society deserves basic privacy 201 00:07:20,290 --> 00:07:22,269 protections. This is not a winning 202 00:07:22,270 --> 00:07:25,059 argument for people in Washington, 203 00:07:25,060 --> 00:07:27,159 for people in Brussels and in 204 00:07:27,160 --> 00:07:28,809 capitals around the world. 205 00:07:28,810 --> 00:07:30,909 And so if we would like to 206 00:07:30,910 --> 00:07:33,039 see laws passed, if 207 00:07:33,040 --> 00:07:35,319 we would like to see restrictions on 208 00:07:35,320 --> 00:07:36,969 government hacking or even a prohibition 209 00:07:36,970 --> 00:07:39,999 on it, we have to come up with arguments 210 00:07:40,000 --> 00:07:42,039 that politicians and the public will 211 00:07:42,040 --> 00:07:44,919 embrace to win 212 00:07:44,920 --> 00:07:46,449 to win the fight against government 213 00:07:46,450 --> 00:07:47,949 hacking, we actually have to change the 214 00:07:47,950 --> 00:07:50,109 debate. And so the purpose 215 00:07:50,110 --> 00:07:52,239 of this talk is to begin the process 216 00:07:52,240 --> 00:07:54,339 of reframing the debate around government 217 00:07:54,340 --> 00:07:56,499 hacking away from a 218 00:07:56,500 --> 00:07:58,779 privacy issue and 219 00:07:58,780 --> 00:08:00,989 to want to. Focused on collateral damage 220 00:08:00,990 --> 00:08:02,819 and in particular, the harm that 221 00:08:02,820 --> 00:08:05,129 governments impose on innocent 222 00:08:05,130 --> 00:08:07,379 third parties, the harm that governments 223 00:08:07,380 --> 00:08:09,479 impose on the Internet at 224 00:08:09,480 --> 00:08:10,480 large. 225 00:08:12,520 --> 00:08:13,479 All right, I'm going to run through 226 00:08:13,480 --> 00:08:16,479 about, I think, six different areas 227 00:08:16,480 --> 00:08:17,979 where hacking causes problems. 228 00:08:17,980 --> 00:08:20,469 And the goal really of this talk 229 00:08:20,470 --> 00:08:22,599 is to equip you 230 00:08:22,600 --> 00:08:24,729 and to equip those who will continue 231 00:08:24,730 --> 00:08:26,829 this debate with 232 00:08:26,830 --> 00:08:29,199 arguments that will actually work so 233 00:08:29,200 --> 00:08:31,389 that if you're seated with someone 234 00:08:31,390 --> 00:08:33,308 who thinks that, you know, hacking 235 00:08:33,309 --> 00:08:35,109 pedophiles seems like a really good idea, 236 00:08:35,110 --> 00:08:37,029 you can come up with convincing arguments 237 00:08:37,030 --> 00:08:39,189 as to why, even again, in 238 00:08:39,190 --> 00:08:40,629 those circumstances, it's not a good 239 00:08:40,630 --> 00:08:42,759 idea. So the first problem with law 240 00:08:42,760 --> 00:08:45,879 enforcement hacking is secrecy. 241 00:08:45,880 --> 00:08:47,979 When when the protests in 242 00:08:47,980 --> 00:08:50,109 Ferguson, Missouri, first took place 243 00:08:50,110 --> 00:08:51,309 a couple of years ago in the United 244 00:08:51,310 --> 00:08:53,979 States, I think many people were shocked 245 00:08:53,980 --> 00:08:55,450 to see images like this 246 00:08:56,620 --> 00:08:59,439 in news articles and on TV screens. 247 00:08:59,440 --> 00:09:01,599 Really what we have here are 248 00:09:01,600 --> 00:09:03,549 military technology is being used by law 249 00:09:03,550 --> 00:09:04,689 enforcement. 250 00:09:04,690 --> 00:09:05,949 For those who have been watching this 251 00:09:05,950 --> 00:09:07,449 space for a while, this is not a new 252 00:09:07,450 --> 00:09:09,999 phenomenon. But certainly in Ferguson, 253 00:09:10,000 --> 00:09:11,799 this was the most high profile 254 00:09:11,800 --> 00:09:14,379 demonstration of the militarization 255 00:09:14,380 --> 00:09:15,999 of law enforcement. 256 00:09:16,000 --> 00:09:18,099 Just a few months back, there 257 00:09:18,100 --> 00:09:20,709 was an armed standoff 258 00:09:20,710 --> 00:09:22,779 in Dallas, Texas, where the police ended 259 00:09:22,780 --> 00:09:24,909 up using a bomb 260 00:09:24,910 --> 00:09:27,009 disposal robot to kill 261 00:09:27,010 --> 00:09:28,110 an armed target. 262 00:09:29,140 --> 00:09:31,239 Of course, in recent years, law 263 00:09:31,240 --> 00:09:33,489 enforcement agencies around the country, 264 00:09:33,490 --> 00:09:35,499 in the United States and around the world 265 00:09:35,500 --> 00:09:37,599 have acquired drones and 266 00:09:37,600 --> 00:09:39,909 other sophisticated formerly military 267 00:09:39,910 --> 00:09:42,010 tools and. 268 00:09:44,110 --> 00:09:45,729 I think at this point, many people have 269 00:09:45,730 --> 00:09:47,469 probably heard of stingrays or as they're 270 00:09:47,470 --> 00:09:49,569 known in Europe, Mzee catchers, 271 00:09:49,570 --> 00:09:51,849 and these two are surveillance devices 272 00:09:51,850 --> 00:09:54,159 that were first designed for the military 273 00:09:54,160 --> 00:09:55,449 and the intelligence community and have 274 00:09:55,450 --> 00:09:57,189 trickled down to state and local law 275 00:09:57,190 --> 00:09:58,209 enforcement. 276 00:09:58,210 --> 00:09:59,379 So this phenomenon 277 00:10:00,550 --> 00:10:02,409 has really been described quite well by 278 00:10:02,410 --> 00:10:04,869 Radley Balko, a libertarian 279 00:10:04,870 --> 00:10:06,159 author and journalist in the United 280 00:10:06,160 --> 00:10:07,299 States. 281 00:10:07,300 --> 00:10:08,499 The phenomenon really is the 282 00:10:08,500 --> 00:10:10,659 militarization of police, 283 00:10:10,660 --> 00:10:11,660 the fact that 284 00:10:13,510 --> 00:10:15,729 sophisticated technology 285 00:10:15,730 --> 00:10:17,739 designed for the military, designed for 286 00:10:17,740 --> 00:10:19,449 the intelligence community eventually 287 00:10:19,450 --> 00:10:21,879 trickles down to law enforcement. 288 00:10:21,880 --> 00:10:24,009 And the problem with this 289 00:10:24,010 --> 00:10:25,569 is that it's not just the tools that 290 00:10:25,570 --> 00:10:26,709 trickle down. 291 00:10:26,710 --> 00:10:28,569 It's not just the arms that trickle down. 292 00:10:28,570 --> 00:10:30,849 It's not just tanks and machine guns 293 00:10:30,850 --> 00:10:33,459 and armored personnel carriers and vests 294 00:10:33,460 --> 00:10:35,649 and helmets. It's also surveillance 295 00:10:35,650 --> 00:10:37,809 technology, military and 296 00:10:37,810 --> 00:10:39,189 intelligence surveillance technology 297 00:10:39,190 --> 00:10:40,599 trickles down to state and local law 298 00:10:40,600 --> 00:10:42,789 enforcement. But because this the same 299 00:10:42,790 --> 00:10:44,949 technology remains in use 300 00:10:44,950 --> 00:10:47,049 both in the military, the intelligence 301 00:10:47,050 --> 00:10:49,299 community and in law enforcement, 302 00:10:49,300 --> 00:10:51,819 it also comes with a cloud of secrecy. 303 00:10:51,820 --> 00:10:54,159 That is, law enforcement tries 304 00:10:54,160 --> 00:10:56,529 to keep everything about their use 305 00:10:56,530 --> 00:10:58,809 of these kinds of technologies secret 306 00:10:58,810 --> 00:11:00,369 because they don't want to tip off the 307 00:11:00,370 --> 00:11:01,689 bad guys. 308 00:11:01,690 --> 00:11:03,339 And also they want to have to keep using 309 00:11:03,340 --> 00:11:04,839 it in the military and the intelligence 310 00:11:04,840 --> 00:11:05,739 community context. 311 00:11:05,740 --> 00:11:07,839 And so what we see time and time 312 00:11:07,840 --> 00:11:10,179 again, whether it's stingray's, whether 313 00:11:10,180 --> 00:11:12,159 it's hacking or other innovative 314 00:11:12,160 --> 00:11:14,199 surveillance technologies, is there a use 315 00:11:14,200 --> 00:11:16,449 by law enforcement comes 316 00:11:16,450 --> 00:11:18,549 with massive secrecy. 317 00:11:18,550 --> 00:11:20,799 And so the FBI has had 318 00:11:20,800 --> 00:11:23,229 a dedicated hacking team since 319 00:11:23,230 --> 00:11:25,319 at least 2001. 320 00:11:25,320 --> 00:11:27,429 It wasn't until the 321 00:11:27,430 --> 00:11:30,129 early 2010s when F F 322 00:11:30,130 --> 00:11:31,659 got a bunch of documents and put them 323 00:11:31,660 --> 00:11:33,189 online. And when I was reading them, I 324 00:11:33,190 --> 00:11:35,289 stumbled on this phrase, 325 00:11:35,290 --> 00:11:37,479 the remote operations unit. 326 00:11:37,480 --> 00:11:39,769 It wasn't until I think 12 327 00:11:39,770 --> 00:11:41,859 and 13 that 328 00:11:41,860 --> 00:11:43,959 I first learned the name of the FBI's 329 00:11:43,960 --> 00:11:45,909 hacking unit 12 years after it was 330 00:11:45,910 --> 00:11:46,910 created. 331 00:11:47,680 --> 00:11:49,779 The fact is, this unit has operated 332 00:11:49,780 --> 00:11:51,219 in near total secrecy. 333 00:11:52,570 --> 00:11:54,549 And this secrecy doesn't just affect the 334 00:11:54,550 --> 00:11:56,259 public's awareness of who is doing the 335 00:11:56,260 --> 00:11:58,779 hacking, but we're seeing pervasive 336 00:11:58,780 --> 00:12:01,029 secrecy entering our judicial system. 337 00:12:01,030 --> 00:12:03,849 Court orders related to 338 00:12:03,850 --> 00:12:05,799 government use of these technologies are 339 00:12:05,800 --> 00:12:08,199 routinely redacted. 340 00:12:08,200 --> 00:12:10,119 If they're ever released, they're sealed 341 00:12:10,120 --> 00:12:11,499 routinely. 342 00:12:11,500 --> 00:12:13,659 Defense lawyers may not know how their 343 00:12:13,660 --> 00:12:16,419 clients were identified or arrested. 344 00:12:16,420 --> 00:12:18,069 Judges may not know what they're being 345 00:12:18,070 --> 00:12:19,839 asked to authorize and may not know where 346 00:12:19,840 --> 00:12:21,549 the evidence in their own cases came 347 00:12:21,550 --> 00:12:22,479 from. 348 00:12:22,480 --> 00:12:25,809 We really have this this pernicious 349 00:12:25,810 --> 00:12:28,419 cloud of secrecy shrouding 350 00:12:28,420 --> 00:12:30,819 the criminal law enforcement landscape 351 00:12:30,820 --> 00:12:33,219 because the government wants to preserve 352 00:12:33,220 --> 00:12:35,559 the secrecy around these tools 353 00:12:35,560 --> 00:12:37,779 separately because 354 00:12:37,780 --> 00:12:40,059 of the desire to preserve the secrecy. 355 00:12:40,060 --> 00:12:41,799 We also have a circumvention of 356 00:12:41,800 --> 00:12:43,689 traditional legislative oversight that 357 00:12:43,690 --> 00:12:45,999 has yet to be a single congressional 358 00:12:46,000 --> 00:12:47,979 hearing focused on law enforcement 359 00:12:47,980 --> 00:12:50,289 hacking, even though for more than 15 360 00:12:50,290 --> 00:12:52,629 years law enforcement agencies 361 00:12:52,630 --> 00:12:55,029 have been engaging in and hacking. 362 00:12:55,030 --> 00:12:56,589 We need to have a debate around this. 363 00:12:56,590 --> 00:12:58,719 But a debate hasn't happened, in part 364 00:12:58,720 --> 00:13:00,729 because they don't want to highlight 365 00:13:00,730 --> 00:13:02,229 their use of this technology. 366 00:13:02,230 --> 00:13:04,239 All right. So, number one, the problem of 367 00:13:04,240 --> 00:13:05,109 secrecy. 368 00:13:05,110 --> 00:13:06,110 Number two, 369 00:13:08,020 --> 00:13:09,519 mistakes will be made. 370 00:13:09,520 --> 00:13:11,649 Hacking tools are designed by 371 00:13:11,650 --> 00:13:13,689 humans and deployed by humans. 372 00:13:13,690 --> 00:13:16,389 And humans are not perfect. 373 00:13:16,390 --> 00:13:18,069 So the first kind of mistake that will 374 00:13:18,070 --> 00:13:20,319 take place is that innocent users 375 00:13:20,320 --> 00:13:22,779 will be hacked. And this is not 376 00:13:22,780 --> 00:13:24,039 a theoretical issue. 377 00:13:24,040 --> 00:13:25,239 This has happened. 378 00:13:25,240 --> 00:13:26,919 So in twenty thirteen. 379 00:13:28,320 --> 00:13:30,869 And one of the first bulk hacking 380 00:13:30,870 --> 00:13:33,269 operations today, the FBI 381 00:13:33,270 --> 00:13:35,519 went after, I think twenty three 382 00:13:35,520 --> 00:13:37,709 sites on a dark Web, one of which was tor 383 00:13:37,710 --> 00:13:38,710 mail. 384 00:13:39,210 --> 00:13:41,399 Now, while I think sites one 385 00:13:41,400 --> 00:13:43,679 through twenty two, we're focused on on 386 00:13:43,680 --> 00:13:45,449 contraband activity, mainly child 387 00:13:45,450 --> 00:13:46,450 pornography sites. 388 00:13:47,520 --> 00:13:49,589 Formal was a service used by many 389 00:13:49,590 --> 00:13:52,469 legitimate users, journalists, 390 00:13:52,470 --> 00:13:54,959 activists or people who just like to 391 00:13:54,960 --> 00:13:57,329 maintain some privacy online. 392 00:13:57,330 --> 00:13:58,330 And 393 00:13:59,400 --> 00:14:01,709 although the government got a court 394 00:14:01,710 --> 00:14:03,569 order from a judge authorizing them to 395 00:14:03,570 --> 00:14:05,729 hack 300 particular 396 00:14:05,730 --> 00:14:07,949 terminal users the way 397 00:14:07,950 --> 00:14:10,049 they deployed their malware, that 398 00:14:10,050 --> 00:14:11,429 to them hacking innocent users, 399 00:14:11,430 --> 00:14:13,559 essentially anyone who visited the Tor 400 00:14:13,560 --> 00:14:15,809 mail homepage for a few days 401 00:14:15,810 --> 00:14:17,339 while the FBI was engaging in their 402 00:14:17,340 --> 00:14:19,529 hacking operation would get a 403 00:14:19,530 --> 00:14:20,999 piece of malware from the government. 404 00:14:21,000 --> 00:14:23,399 Now, I don't believe that the FBI 405 00:14:23,400 --> 00:14:24,389 intended to do this. 406 00:14:24,390 --> 00:14:26,519 I actually think they made a mistake. 407 00:14:26,520 --> 00:14:28,079 But the fact is, is that they 408 00:14:28,080 --> 00:14:30,689 accidentally exploited vulnerabilities 409 00:14:30,690 --> 00:14:32,459 in the browsers of innocent people, 410 00:14:32,460 --> 00:14:34,559 deployed malware to their computers, 411 00:14:34,560 --> 00:14:35,710 then never told them about it. 412 00:14:36,750 --> 00:14:38,069 Those individuals never got a letter in 413 00:14:38,070 --> 00:14:40,079 the mail. No apologies. 414 00:14:40,080 --> 00:14:41,519 To the extent that the malware ever 415 00:14:41,520 --> 00:14:43,019 caused damage to their computers, the 416 00:14:43,020 --> 00:14:45,059 government never volunteered to clean up 417 00:14:45,060 --> 00:14:45,959 the mess. 418 00:14:45,960 --> 00:14:48,089 And so as hacking 419 00:14:48,090 --> 00:14:50,339 becomes a routine tool, we 420 00:14:50,340 --> 00:14:53,129 should expect to see these mistakes 421 00:14:53,130 --> 00:14:54,839 take place and we should expect to see 422 00:14:54,840 --> 00:14:56,669 more and more innocent people getting 423 00:14:56,670 --> 00:14:58,679 hurt. And when that happens, the 424 00:14:58,680 --> 00:15:00,179 government will shrug their shoulders and 425 00:15:00,180 --> 00:15:02,099 say, oh, not our problem. 426 00:15:02,100 --> 00:15:04,229 In the terminal case for the first 427 00:15:04,230 --> 00:15:06,209 year, they refuse to even acknowledge 428 00:15:06,210 --> 00:15:08,459 that the FBI had been behind the hack. 429 00:15:08,460 --> 00:15:10,470 It was all a nudge, nudge, wink, wink. 430 00:15:12,310 --> 00:15:13,899 And so there's a complete lack of 431 00:15:13,900 --> 00:15:15,669 accountability when the government makes 432 00:15:15,670 --> 00:15:16,670 mistakes. 433 00:15:17,350 --> 00:15:19,569 Second problem in the context 434 00:15:19,570 --> 00:15:21,669 of mistakes being made is that 435 00:15:21,670 --> 00:15:23,829 when the government agencies use 436 00:15:23,830 --> 00:15:25,959 zero day vulnerabilities or use 437 00:15:25,960 --> 00:15:27,789 exploit, that the target is their 438 00:15:27,790 --> 00:15:29,859 vulnerabilities and they make mistakes 439 00:15:29,860 --> 00:15:31,389 and they get caught. 440 00:15:31,390 --> 00:15:33,519 Those zero days will be thrown 441 00:15:33,520 --> 00:15:34,520 out into the wild. 442 00:15:36,370 --> 00:15:38,799 This is, again, not a theoretical 443 00:15:38,800 --> 00:15:41,169 phenomenon. And when it has happened time 444 00:15:41,170 --> 00:15:43,329 and time again, the agencies 445 00:15:43,330 --> 00:15:45,009 responsible have disappeared. 446 00:15:45,010 --> 00:15:46,839 They've taken no responsibility. 447 00:15:46,840 --> 00:15:48,909 They've not paid for any cleanup 448 00:15:48,910 --> 00:15:50,619 or compensated the parties that have to 449 00:15:50,620 --> 00:15:52,179 actually clean up the damage. 450 00:15:52,180 --> 00:15:54,309 And so we have three high profile 451 00:15:54,310 --> 00:15:56,019 examples of this. 452 00:15:56,020 --> 00:15:58,839 When the US and Israel 453 00:15:58,840 --> 00:16:01,149 deployed their Stuxnet malware 454 00:16:01,150 --> 00:16:03,399 against Iran, they exploited several 455 00:16:03,400 --> 00:16:04,839 zero days and the Windows operating 456 00:16:04,840 --> 00:16:07,299 system. And when their Stuxnet malware 457 00:16:07,300 --> 00:16:09,759 was discovered and then publicized, 458 00:16:09,760 --> 00:16:11,889 criminals took advantage of those same 459 00:16:11,890 --> 00:16:13,719 zero days while people on the Internet 460 00:16:13,720 --> 00:16:15,819 were waiting to get the patch 461 00:16:15,820 --> 00:16:17,769 or waiting to install the patch 462 00:16:17,770 --> 00:16:19,449 separately. 463 00:16:19,450 --> 00:16:21,729 Earlier this summer, an 464 00:16:21,730 --> 00:16:23,139 entity we believe to be Russia 465 00:16:24,310 --> 00:16:26,889 released several of NSA's 466 00:16:26,890 --> 00:16:29,229 router hacking tools under the 467 00:16:29,230 --> 00:16:31,449 name of the shadow brokers. 468 00:16:31,450 --> 00:16:33,529 When that happened, what happened from 469 00:16:33,530 --> 00:16:34,509 NSA? Nothing. 470 00:16:34,510 --> 00:16:35,889 NSA said nothing. 471 00:16:35,890 --> 00:16:36,909 They did nothing. 472 00:16:36,910 --> 00:16:39,249 It was the engineers at Cisco and Juniper 473 00:16:39,250 --> 00:16:41,319 who had to work overnight 474 00:16:41,320 --> 00:16:43,449 and try and quickly develop fixes and 475 00:16:43,450 --> 00:16:45,549 roll them out. And then just 476 00:16:45,550 --> 00:16:47,709 last month, an unknown 477 00:16:47,710 --> 00:16:49,449 entity, probably a law enforcement 478 00:16:49,450 --> 00:16:51,579 agency, got caught engaging in 479 00:16:51,580 --> 00:16:53,769 a bulk hacking operation, targeting a 480 00:16:53,770 --> 00:16:54,909 dark male website. 481 00:16:54,910 --> 00:16:57,069 I saw a dark Web site called 482 00:16:57,070 --> 00:16:58,689 Gift Box, which was a child pornography 483 00:16:58,690 --> 00:17:01,179 site, and a Firefox's 484 00:17:01,180 --> 00:17:03,489 zero day was released into the wild 485 00:17:03,490 --> 00:17:05,739 when that operation was detected, 486 00:17:05,740 --> 00:17:07,328 who had to clean up the mess? 487 00:17:07,329 --> 00:17:09,818 Mozilla When 488 00:17:09,819 --> 00:17:11,858 governments lose zero days, it's the 489 00:17:11,859 --> 00:17:13,419 Internet that has to deal with the 490 00:17:13,420 --> 00:17:15,549 consequences. And it's the companies and 491 00:17:15,550 --> 00:17:17,409 developers who build the software who 492 00:17:17,410 --> 00:17:19,029 have to deal with the 493 00:17:20,170 --> 00:17:21,969 with the collateral damage. 494 00:17:21,970 --> 00:17:23,739 And so I really think the analogy to 495 00:17:23,740 --> 00:17:24,740 think of here 496 00:17:26,560 --> 00:17:28,629 is a bit like an oil spill, right. 497 00:17:28,630 --> 00:17:30,879 The oil companies tell 498 00:17:30,880 --> 00:17:32,499 us that they will work hard to ensure 499 00:17:32,500 --> 00:17:34,269 that they will not be accidents. 500 00:17:34,270 --> 00:17:35,949 But there are, of course, always 501 00:17:35,950 --> 00:17:37,779 accidents at oil drilling sites. 502 00:17:39,100 --> 00:17:41,679 And when those accidents take place, 503 00:17:41,680 --> 00:17:44,079 it's the people who live in the community 504 00:17:44,080 --> 00:17:46,099 who have to deal with the consequences. 505 00:17:46,100 --> 00:17:47,979 Right. It's the people who are fishing in 506 00:17:47,980 --> 00:17:51,099 those waters or who live on the coast. 507 00:17:51,100 --> 00:17:52,209 They're the ones who have to deal with 508 00:17:52,210 --> 00:17:54,580 the mess. The CEO of the oil company, 509 00:17:55,630 --> 00:17:57,699 his or her children are not eating fish 510 00:17:57,700 --> 00:17:58,899 from that water. 511 00:17:58,900 --> 00:18:00,279 And so I really think we should be 512 00:18:00,280 --> 00:18:02,349 thinking of of the government 513 00:18:02,350 --> 00:18:04,869 loss of zero days in the same way 514 00:18:04,870 --> 00:18:07,029 they are forcing the costs of 515 00:18:07,030 --> 00:18:09,069 their mistakes onto the Internet at 516 00:18:09,070 --> 00:18:10,419 large. 517 00:18:10,420 --> 00:18:12,819 All right. Problem number three, trust. 518 00:18:15,130 --> 00:18:17,199 The FBI has a bit of a tricky 519 00:18:17,200 --> 00:18:18,969 problem when it comes to deploying 520 00:18:18,970 --> 00:18:19,970 malware 521 00:18:22,210 --> 00:18:24,250 in the event that they're not able to do 522 00:18:25,540 --> 00:18:28,329 like a drive by attack or 523 00:18:28,330 --> 00:18:29,919 a watering hole attack where they know 524 00:18:29,920 --> 00:18:31,749 where someone is going to visit a Web 525 00:18:31,750 --> 00:18:33,849 page someone will log into in the 526 00:18:33,850 --> 00:18:35,169 event they're looking for a particular 527 00:18:35,170 --> 00:18:37,449 user, they have to get their malware 528 00:18:37,450 --> 00:18:38,859 onto that user's device. 529 00:18:38,860 --> 00:18:41,259 And the tool of choice, the first 530 00:18:41,260 --> 00:18:43,269 choice will always be phishing because it 531 00:18:43,270 --> 00:18:44,270 works so well. 532 00:18:45,310 --> 00:18:47,469 But most 533 00:18:47,470 --> 00:18:49,419 reasonably sophisticated targets are not 534 00:18:49,420 --> 00:18:51,399 going to open up an email if the from 535 00:18:51,400 --> 00:18:53,919 address says FBI dot gov. 536 00:18:53,920 --> 00:18:55,719 This is an obvious thing. 537 00:18:55,720 --> 00:18:57,939 No one will open an email from 538 00:18:57,940 --> 00:19:00,159 law enforcement and so they 539 00:19:00,160 --> 00:19:01,419 have to go undercover. 540 00:19:01,420 --> 00:19:03,879 Law enforcement has to trick someone 541 00:19:03,880 --> 00:19:06,279 into opening up an email and clicking 542 00:19:06,280 --> 00:19:07,659 on that attachment and looking at the 543 00:19:07,660 --> 00:19:09,399 PowerPoint or the PDF file. 544 00:19:09,400 --> 00:19:10,869 So how do they do this? 545 00:19:10,870 --> 00:19:12,939 They need to impersonate parties who are 546 00:19:12,940 --> 00:19:14,169 trusted in our society. 547 00:19:15,170 --> 00:19:16,969 They need to impersonate journalists, 548 00:19:16,970 --> 00:19:19,459 which the FBI did in 2007 549 00:19:19,460 --> 00:19:21,979 when it was trying to identify 550 00:19:21,980 --> 00:19:23,869 a teenager who had called in a bomb 551 00:19:23,870 --> 00:19:26,059 threat to his school, they impersonated 552 00:19:26,060 --> 00:19:28,759 the Associated Press, sent a 553 00:19:28,760 --> 00:19:30,829 an email to the teenager saying, hey, 554 00:19:30,830 --> 00:19:32,629 we're the Associated Press, we're writing 555 00:19:32,630 --> 00:19:34,759 about you. Please see the attached 556 00:19:34,760 --> 00:19:36,799 word file, which is a draft of the story 557 00:19:36,800 --> 00:19:37,459 we've written. 558 00:19:37,460 --> 00:19:39,739 Let us know if there are any mistakes. 559 00:19:39,740 --> 00:19:41,539 The kid double clicks on it. 560 00:19:41,540 --> 00:19:44,059 Malware installs, he gets arrested. 561 00:19:44,060 --> 00:19:45,949 But what about the press? 562 00:19:45,950 --> 00:19:48,409 What about the collateral damage 563 00:19:48,410 --> 00:19:49,909 caused to journalists? 564 00:19:49,910 --> 00:19:51,919 If sources think that when they're 565 00:19:51,920 --> 00:19:54,109 contacted by a journalist, it might 566 00:19:54,110 --> 00:19:56,290 be the government going undercover 567 00:19:58,070 --> 00:20:00,289 this this fall, 568 00:20:00,290 --> 00:20:02,779 Citizen Lab released a really devastating 569 00:20:02,780 --> 00:20:04,309 report showing how 570 00:20:05,660 --> 00:20:07,879 an Israeli company, the NSA group, had 571 00:20:07,880 --> 00:20:10,069 provided iOS 572 00:20:10,070 --> 00:20:12,049 malware to, I think, the Bahraini 573 00:20:12,050 --> 00:20:13,050 government. 574 00:20:13,820 --> 00:20:16,309 This got a lot of publicity because the 575 00:20:16,310 --> 00:20:17,239 word on the street is that the 576 00:20:17,240 --> 00:20:19,309 vulnerability cost a million bucks. 577 00:20:19,310 --> 00:20:20,779 What really sort of slipped below the 578 00:20:20,780 --> 00:20:23,509 radar was the NSA group, 579 00:20:23,510 --> 00:20:24,559 as part of their deployment 580 00:20:24,560 --> 00:20:26,809 infrastructure, was using a bunch of 581 00:20:26,810 --> 00:20:28,729 lookalike domain names, domain names that 582 00:20:28,730 --> 00:20:30,169 people might click on because they look 583 00:20:30,170 --> 00:20:31,249 somewhat legitimate. 584 00:20:31,250 --> 00:20:32,839 And there was a Facebook domain and there 585 00:20:32,840 --> 00:20:34,369 was a WhatsApp domain and a Google 586 00:20:34,370 --> 00:20:37,069 domain. But there are also two domains 587 00:20:37,070 --> 00:20:38,599 that look like the Red Cross. 588 00:20:40,730 --> 00:20:42,929 Now, I understand why 589 00:20:42,930 --> 00:20:44,479 governments might want to impersonate the 590 00:20:44,480 --> 00:20:46,609 Red Cross, but I would hope that we can 591 00:20:46,610 --> 00:20:49,099 all recognize that we do not want 592 00:20:49,100 --> 00:20:51,379 military, intelligence, community 593 00:20:51,380 --> 00:20:52,819 or law enforcement agencies to 594 00:20:52,820 --> 00:20:55,189 impersonate medics 595 00:20:55,190 --> 00:20:57,559 in our society. Medics and doctors play 596 00:20:57,560 --> 00:20:58,819 a vital role. 597 00:20:58,820 --> 00:21:01,069 And if you are worried that your doctor 598 00:21:01,070 --> 00:21:03,199 is secretly an FBI agent, you 599 00:21:03,200 --> 00:21:05,449 will not go to them when you need help. 600 00:21:05,450 --> 00:21:07,519 You will not tell them about your drug 601 00:21:07,520 --> 00:21:09,529 addiction or your suicidal thoughts, 602 00:21:10,580 --> 00:21:12,649 right. That even though it might 603 00:21:12,650 --> 00:21:14,899 be temporarily useful, the risk 604 00:21:14,900 --> 00:21:17,189 and the harm to the trust in our society, 605 00:21:17,190 --> 00:21:19,339 it could be devastating. 606 00:21:19,340 --> 00:21:21,649 Another example, just 607 00:21:21,650 --> 00:21:23,749 a few years ago, Flame, which is sort 608 00:21:23,750 --> 00:21:25,519 of the cousin of Stuxnet, was discovered 609 00:21:25,520 --> 00:21:26,719 in the wild. 610 00:21:26,720 --> 00:21:28,789 We believe this was the 611 00:21:28,790 --> 00:21:29,930 work of the US government. 612 00:21:31,700 --> 00:21:33,829 And Flame utilized 613 00:21:33,830 --> 00:21:36,019 a novel hash 614 00:21:36,020 --> 00:21:38,269 collision technique to actually 615 00:21:38,270 --> 00:21:40,039 allow the government to impersonate the 616 00:21:40,040 --> 00:21:41,959 Microsoft Windows Update service. 617 00:21:41,960 --> 00:21:44,659 Now, we've all permitted Google 618 00:21:44,660 --> 00:21:46,849 and an Apple 619 00:21:46,850 --> 00:21:48,709 and these other tech companies to deliver 620 00:21:48,710 --> 00:21:50,839 automatic updates to our browsers and 621 00:21:50,840 --> 00:21:53,209 automatic updates to our computers. 622 00:21:53,210 --> 00:21:55,369 And these these update mechanisms 623 00:21:55,370 --> 00:21:56,629 rely on code signing. 624 00:21:56,630 --> 00:21:58,819 We only allow Google to deliver 625 00:21:58,820 --> 00:22:00,799 updates to Chrome and we only allow 626 00:22:00,800 --> 00:22:03,259 Microsoft to deliver updates to Windows. 627 00:22:03,260 --> 00:22:05,419 What if governments can leverage that 628 00:22:05,420 --> 00:22:06,949 update mechanism? What if they can 629 00:22:06,950 --> 00:22:09,259 impersonate Microsoft or Google 630 00:22:09,260 --> 00:22:11,389 or Apple and deliver spyware directly 631 00:22:11,390 --> 00:22:12,439 to our computers? 632 00:22:12,440 --> 00:22:14,599 People may turn off automatic updates, 633 00:22:14,600 --> 00:22:16,489 which I think many of us don't want. 634 00:22:16,490 --> 00:22:18,979 We don't want to go back to the old days 635 00:22:18,980 --> 00:22:20,809 of Windows XP where people were not 636 00:22:20,810 --> 00:22:21,890 getting security updates. 637 00:22:23,210 --> 00:22:25,819 And in the Apple 638 00:22:25,820 --> 00:22:27,949 FBI case this spring, 639 00:22:27,950 --> 00:22:29,299 one of the arguments that the government 640 00:22:29,300 --> 00:22:32,239 made in that case was, look, 641 00:22:32,240 --> 00:22:33,589 we're being really nice to you. 642 00:22:33,590 --> 00:22:36,139 We're asking you to write the software. 643 00:22:36,140 --> 00:22:37,519 But if you don't want to do this, we can 644 00:22:37,520 --> 00:22:39,619 come back and demand your source 645 00:22:39,620 --> 00:22:41,479 code and your code signing keys and we'll 646 00:22:41,480 --> 00:22:42,949 do it ourselves. 647 00:22:42,950 --> 00:22:45,799 So we've seen a clear threat 648 00:22:45,800 --> 00:22:47,749 from law enforcement in the US that they 649 00:22:47,750 --> 00:22:50,119 believe that automatic 650 00:22:50,120 --> 00:22:52,489 update mechanisms are a fair target 651 00:22:52,490 --> 00:22:54,289 for law enforcement surveillance 652 00:22:54,290 --> 00:22:55,290 programs. 653 00:22:56,090 --> 00:22:57,709 So the trust thing, I think, should worry 654 00:22:57,710 --> 00:22:58,909 many people. All right. 655 00:22:58,910 --> 00:22:59,960 Problem number four, 656 00:23:01,670 --> 00:23:03,829 the economics of surveillance. 657 00:23:03,830 --> 00:23:05,419 So I love Chris Rock, the American 658 00:23:05,420 --> 00:23:07,609 comedian and 659 00:23:07,610 --> 00:23:09,859 possibly my favorite my favorite 660 00:23:09,860 --> 00:23:11,839 Chris Rock standard routine is where he 661 00:23:11,840 --> 00:23:14,089 talks about his views on guns. 662 00:23:14,090 --> 00:23:16,159 And, of course, American views 663 00:23:16,160 --> 00:23:17,699 on guns are very different from European 664 00:23:17,700 --> 00:23:19,909 views on guns. And I'm not taking 665 00:23:19,910 --> 00:23:22,249 a political position here about guns, 666 00:23:22,250 --> 00:23:25,159 but I just want to use Chris's 667 00:23:25,160 --> 00:23:27,169 routine to really drive home a point. 668 00:23:27,170 --> 00:23:28,999 He says that he thinks that guns should 669 00:23:29,000 --> 00:23:31,369 be legal, but bullets should cost 670 00:23:31,370 --> 00:23:32,509 a million dollars each. 671 00:23:33,650 --> 00:23:35,929 Right. And the idea here is let's 672 00:23:35,930 --> 00:23:38,389 make it really expensive for people 673 00:23:38,390 --> 00:23:40,459 to shoot others. And then it might 674 00:23:40,460 --> 00:23:41,659 happen every once in a while, but they'll 675 00:23:41,660 --> 00:23:43,339 only do it where it's really, really 676 00:23:43,340 --> 00:23:45,559 important. And I sort of view 677 00:23:45,560 --> 00:23:47,639 surveillance in the same light. 678 00:23:47,640 --> 00:23:49,489 I know that governments are going to want 679 00:23:49,490 --> 00:23:51,529 to hack and I know that governments are 680 00:23:51,530 --> 00:23:53,299 going to want to spy. 681 00:23:53,300 --> 00:23:55,309 But if we make it expensive, they'll have 682 00:23:55,310 --> 00:23:56,899 to focus their resources on the people 683 00:23:56,900 --> 00:23:58,849 who are really, really important, the 684 00:23:58,850 --> 00:24:00,289 real threats. 685 00:24:00,290 --> 00:24:02,659 And my concern is that the costs 686 00:24:02,660 --> 00:24:04,789 have gotten a little bit too cheap. 687 00:24:04,790 --> 00:24:07,339 This is one of my favorite quotes 688 00:24:07,340 --> 00:24:08,989 from a judicial opinion, from a court 689 00:24:08,990 --> 00:24:10,849 decision in the United States. 690 00:24:10,850 --> 00:24:12,919 This is a famous American judge, Judge 691 00:24:12,920 --> 00:24:14,349 Posner, talking about the economic. 692 00:24:14,350 --> 00:24:15,669 A surveillance, and he says that 693 00:24:15,670 --> 00:24:17,889 technological progress poses 694 00:24:17,890 --> 00:24:20,229 a threat to privacy by enabling 695 00:24:20,230 --> 00:24:22,299 an extent of surveillance that in earlier 696 00:24:22,300 --> 00:24:24,249 times would have been prohibitively 697 00:24:24,250 --> 00:24:26,169 expensive. And what he's talking about 698 00:24:26,170 --> 00:24:28,209 here is the economic cost of 699 00:24:28,210 --> 00:24:30,339 surveillance. When the government has 700 00:24:30,340 --> 00:24:32,409 to send a team of five agents to follow 701 00:24:32,410 --> 00:24:34,479 your car, they only have so 702 00:24:34,480 --> 00:24:35,589 many agents. 703 00:24:35,590 --> 00:24:36,879 There's only so many people they can 704 00:24:36,880 --> 00:24:38,469 simultaneously surveil. 705 00:24:38,470 --> 00:24:40,719 But when a GPS tracking device in your 706 00:24:40,720 --> 00:24:42,909 in your car or in your phone can 707 00:24:42,910 --> 00:24:45,429 enable that same degree of surveillance, 708 00:24:45,430 --> 00:24:47,559 a single officer from his or her desk 709 00:24:47,560 --> 00:24:49,659 can spy on hundreds or thousands 710 00:24:49,660 --> 00:24:50,559 of people. 711 00:24:50,560 --> 00:24:52,749 Suddenly, the government can spy on 712 00:24:52,750 --> 00:24:54,669 more people than it could before because 713 00:24:54,670 --> 00:24:56,919 technology makes surveillance easier 714 00:24:56,920 --> 00:24:58,149 and cheaper. 715 00:24:58,150 --> 00:25:00,549 So the most high profile 716 00:25:00,550 --> 00:25:02,859 FBI hacking operation to date, 717 00:25:02,860 --> 00:25:04,659 the playpen operation, the one that I 718 00:25:04,660 --> 00:25:06,009 described at the beginning where I 719 00:25:06,010 --> 00:25:08,559 volunteered a few of these cases, 720 00:25:08,560 --> 00:25:10,149 we now know that in that case, the 721 00:25:10,150 --> 00:25:12,009 government hacked the FBI, hacked more 722 00:25:12,010 --> 00:25:13,479 than eight thousand computers around the 723 00:25:13,480 --> 00:25:15,909 world by the thousands in the US 724 00:25:15,910 --> 00:25:17,559 and the rest abroad. 725 00:25:17,560 --> 00:25:19,509 So let's do a little bit of like back of 726 00:25:19,510 --> 00:25:21,459 the napkin math here. 727 00:25:21,460 --> 00:25:22,599 Let's say that. 728 00:25:22,600 --> 00:25:24,279 So we don't know for sure that the 729 00:25:24,280 --> 00:25:26,019 vulnerability of the FBI used was a zero 730 00:25:26,020 --> 00:25:28,059 day. But let's assume that it's Firefox's 731 00:25:28,060 --> 00:25:30,189 zero day and the average price 732 00:25:30,190 --> 00:25:32,349 seems to be about one hundred 733 00:25:32,350 --> 00:25:34,149 thousand dollars. That seems like a fair 734 00:25:34,150 --> 00:25:36,289 thing for this conversation. 735 00:25:36,290 --> 00:25:38,289 One hundred thousand dollars for a zero 736 00:25:38,290 --> 00:25:40,509 day in Firefox, divided by eight 737 00:25:40,510 --> 00:25:42,579 thousand targets equals twelve 738 00:25:42,580 --> 00:25:43,580 and a half dollars. 739 00:25:44,610 --> 00:25:46,049 Per target. 740 00:25:46,050 --> 00:25:47,050 So 741 00:25:48,720 --> 00:25:51,149 my concern with with the economics 742 00:25:51,150 --> 00:25:53,459 of hacking is that if the government 743 00:25:53,460 --> 00:25:55,829 hacks enough people, hacking 744 00:25:55,830 --> 00:25:58,229 not only becomes 745 00:25:58,230 --> 00:26:00,119 an attractive way of surveilling, it 746 00:26:00,120 --> 00:26:02,249 becomes the cheapest way of spying on 747 00:26:02,250 --> 00:26:04,979 people. Write two or three officers 748 00:26:04,980 --> 00:26:06,899 can conduct one of these operations and 749 00:26:06,900 --> 00:26:08,999 hack thousands, tens 750 00:26:09,000 --> 00:26:10,619 of thousands or hundreds of thousands of 751 00:26:10,620 --> 00:26:12,599 targets. And as long as the operation 752 00:26:12,600 --> 00:26:14,099 happens in a relatively short period of 753 00:26:14,100 --> 00:26:16,259 time, they'll be able to get 754 00:26:16,260 --> 00:26:18,299 that many people before the software 755 00:26:18,300 --> 00:26:20,339 industry finds out and rolls out a patch 756 00:26:20,340 --> 00:26:21,510 and deploys the patch. 757 00:26:22,530 --> 00:26:24,029 And so my concern is that 758 00:26:26,400 --> 00:26:27,989 when they hack enough people, 759 00:26:30,180 --> 00:26:32,249 surveillance becomes so cheap, it becomes 760 00:26:32,250 --> 00:26:34,619 cheaper than hacking, becomes 761 00:26:34,620 --> 00:26:36,869 cheaper than even a single hour of 762 00:26:36,870 --> 00:26:38,489 law enforcement overtime. 763 00:26:38,490 --> 00:26:40,349 That this will become the tool of first 764 00:26:40,350 --> 00:26:42,569 resort hacking will be the first 765 00:26:42,570 --> 00:26:45,029 tool in the toolkit that they reach for 766 00:26:45,030 --> 00:26:47,249 before they go undercover, before they 767 00:26:47,250 --> 00:26:49,439 try and convince someone the 768 00:26:49,440 --> 00:26:50,440 old fashioned way. 769 00:26:51,510 --> 00:26:53,429 My concern is that hacking is making 770 00:26:53,430 --> 00:26:55,529 spying far too cheap. 771 00:26:55,530 --> 00:26:57,149 All right. So that's the economics of 772 00:26:57,150 --> 00:26:59,369 surveillance. Problem number five, 773 00:26:59,370 --> 00:27:00,959 cross-border hacking. 774 00:27:00,960 --> 00:27:03,029 So it's not just the FBI that 775 00:27:03,030 --> 00:27:05,549 is engaging in law enforcement hacking. 776 00:27:05,550 --> 00:27:07,619 As Joseph Cox revealed in one of his 777 00:27:07,620 --> 00:27:09,779 stories a few months ago, the 778 00:27:09,780 --> 00:27:12,269 Australian police have engaged in 779 00:27:12,270 --> 00:27:14,309 hacking of Tor users, which led to them 780 00:27:14,310 --> 00:27:16,140 hacking some people in the United States. 781 00:27:17,430 --> 00:27:19,769 Companies like Hacking Team have 782 00:27:19,770 --> 00:27:21,569 have sold surveillance technology to 783 00:27:21,570 --> 00:27:22,949 governments around the world. 784 00:27:22,950 --> 00:27:24,869 And so this technology has been used not 785 00:27:24,870 --> 00:27:26,609 just for domestic surveillance by 786 00:27:26,610 --> 00:27:28,649 governments, but for cross-border 787 00:27:28,650 --> 00:27:29,189 surveillance. 788 00:27:29,190 --> 00:27:31,889 And the most high profile case involves 789 00:27:31,890 --> 00:27:34,319 the Ethiopian government hacking 790 00:27:34,320 --> 00:27:36,779 into American journalists 791 00:27:36,780 --> 00:27:38,879 of Ethiopian heritage living in the 792 00:27:38,880 --> 00:27:40,559 Washington, D.C. area. 793 00:27:40,560 --> 00:27:42,689 EFF is currently engaged 794 00:27:42,690 --> 00:27:44,279 in a lawsuit against the Ethiopian 795 00:27:44,280 --> 00:27:46,199 government. But it's it's an uphill 796 00:27:46,200 --> 00:27:47,200 struggle. 797 00:27:48,000 --> 00:27:50,099 This is not just a phenomenon of 798 00:27:50,100 --> 00:27:51,989 your government hacking you. 799 00:27:51,990 --> 00:27:54,089 We are now about to enter a world 800 00:27:54,090 --> 00:27:56,039 where plenty of governments will hack 801 00:27:56,040 --> 00:27:57,040 across borders. 802 00:27:57,960 --> 00:28:00,089 So so you might ask what's what's 803 00:28:00,090 --> 00:28:01,379 the problem with this? Maybe this is just 804 00:28:01,380 --> 00:28:02,380 where it's going. 805 00:28:03,930 --> 00:28:05,639 Cross-border law enforcement hacking 806 00:28:05,640 --> 00:28:07,979 raises a couple of really thorny issues. 807 00:28:09,190 --> 00:28:11,379 So when this when 808 00:28:11,380 --> 00:28:13,479 this incident happened, I 809 00:28:13,480 --> 00:28:15,969 think a year ago, this was in UC 810 00:28:15,970 --> 00:28:18,250 Davis, just north of San Francisco, 811 00:28:19,330 --> 00:28:21,459 a very, very iconic photograph 812 00:28:21,460 --> 00:28:23,859 of a police officer, tear gassing 813 00:28:23,860 --> 00:28:26,289 or massing nonviolent 814 00:28:26,290 --> 00:28:27,339 protesters. 815 00:28:27,340 --> 00:28:30,249 This photograph, of course, went viral, 816 00:28:30,250 --> 00:28:32,499 captured the world's attention. 817 00:28:32,500 --> 00:28:34,749 This officer ended up losing his job. 818 00:28:34,750 --> 00:28:36,879 And the controversy around it 819 00:28:36,880 --> 00:28:39,219 ended up actually costing the president 820 00:28:39,220 --> 00:28:40,869 of the university her job, too. 821 00:28:40,870 --> 00:28:43,179 So there were consequences associated 822 00:28:43,180 --> 00:28:45,189 with this event, in part because the 823 00:28:45,190 --> 00:28:46,839 people that lived in that community were 824 00:28:46,840 --> 00:28:48,879 disgusted by what happened. 825 00:28:48,880 --> 00:28:50,469 And the students at this university were 826 00:28:50,470 --> 00:28:52,539 outraged. And that led to 827 00:28:52,540 --> 00:28:54,249 political pressure and political 828 00:28:54,250 --> 00:28:55,629 accountability. 829 00:28:55,630 --> 00:28:58,039 Now, think about what happens when 830 00:28:58,040 --> 00:29:00,429 a government other than your own engages 831 00:29:00,430 --> 00:29:02,109 in an activity in your country that you 832 00:29:02,110 --> 00:29:04,089 don't like. So a classic, I think example 833 00:29:04,090 --> 00:29:06,729 here is the US government's campaign 834 00:29:06,730 --> 00:29:08,859 of drone assassination in Pakistan 835 00:29:08,860 --> 00:29:09,879 and Afghanistan. 836 00:29:09,880 --> 00:29:11,829 Now, the average person on the street in 837 00:29:11,830 --> 00:29:13,899 Pakistan is not happy about the 838 00:29:13,900 --> 00:29:16,029 fact that the American government is 839 00:29:16,030 --> 00:29:18,249 dropping bombs in their towns. 840 00:29:18,250 --> 00:29:20,379 But people in Pakistan don't 841 00:29:20,380 --> 00:29:22,869 vote in Iowa and California 842 00:29:22,870 --> 00:29:24,819 and New York. There's nothing that they 843 00:29:24,820 --> 00:29:27,489 can do about it through the normal 844 00:29:27,490 --> 00:29:30,049 powers of the political process. 845 00:29:30,050 --> 00:29:32,469 You cannot vote foreign police 846 00:29:32,470 --> 00:29:33,609 out of office. 847 00:29:33,610 --> 00:29:35,799 And so, you know, while I'm 848 00:29:35,800 --> 00:29:37,269 not completely comfortable with what the 849 00:29:37,270 --> 00:29:39,399 FBI is doing, I at least have 850 00:29:39,400 --> 00:29:41,859 a vehicle as an American voter 851 00:29:41,860 --> 00:29:44,289 to register my displeasure, 852 00:29:44,290 --> 00:29:46,089 but to petition my government to change 853 00:29:46,090 --> 00:29:47,109 the rules. 854 00:29:47,110 --> 00:29:48,549 But there's nothing that I, as an 855 00:29:48,550 --> 00:29:50,379 American, can do to stop the Australian 856 00:29:50,380 --> 00:29:52,209 government, to stop the French government 857 00:29:52,210 --> 00:29:54,279 or the Italian government from using 858 00:29:54,280 --> 00:29:56,409 these kinds of tools in my country. 859 00:29:56,410 --> 00:29:58,779 And I think we're we're going to find out 860 00:29:58,780 --> 00:30:00,609 that the cross-border hacking is going to 861 00:30:00,610 --> 00:30:03,249 be the most problematic and 862 00:30:03,250 --> 00:30:05,589 the most legally difficult form of 863 00:30:05,590 --> 00:30:07,359 law enforcement hacking. 864 00:30:07,360 --> 00:30:09,729 All right. And then the last problem area 865 00:30:09,730 --> 00:30:11,500 associated with law enforcement hacking 866 00:30:13,300 --> 00:30:14,709 is what I call the digital security 867 00:30:14,710 --> 00:30:15,969 divide. 868 00:30:15,970 --> 00:30:17,679 And really what that boils down to is 869 00:30:17,680 --> 00:30:19,779 that we are not all equally 870 00:30:19,780 --> 00:30:21,039 vulnerable to surveillance. 871 00:30:21,040 --> 00:30:22,809 Some of us use devices that are more 872 00:30:22,810 --> 00:30:24,099 secure than others. 873 00:30:24,100 --> 00:30:25,899 Some of us use Web browsers that are more 874 00:30:25,900 --> 00:30:26,829 secure than others. 875 00:30:26,830 --> 00:30:28,999 And some of us have up to date software. 876 00:30:29,000 --> 00:30:31,209 Some of us don't think about 877 00:30:31,210 --> 00:30:33,309 the average iPhone user. 878 00:30:33,310 --> 00:30:35,109 They have a 600 euro device in their 879 00:30:35,110 --> 00:30:37,179 pocket that gets automatic 880 00:30:37,180 --> 00:30:39,459 software updates supported for 881 00:30:39,460 --> 00:30:40,419 three or four years. 882 00:30:40,420 --> 00:30:43,269 After they buy the device, they 883 00:30:43,270 --> 00:30:45,549 have automatic disk encryption 884 00:30:45,550 --> 00:30:47,739 default, end to end encryption of text 885 00:30:47,740 --> 00:30:49,449 messages when communicating with other 886 00:30:49,450 --> 00:30:50,499 people who have iPhones. 887 00:30:50,500 --> 00:30:52,689 This is a device that out of the box is 888 00:30:52,690 --> 00:30:53,690 pretty damn secure. 889 00:30:54,700 --> 00:30:56,589 Now, think about the situation with 890 00:30:56,590 --> 00:30:58,299 Android phones. 891 00:30:58,300 --> 00:31:01,209 With the exception of the Nexus series 892 00:31:01,210 --> 00:31:03,069 and now the pixel series of Android 893 00:31:03,070 --> 00:31:05,259 phones, most Android phones rarely 894 00:31:05,260 --> 00:31:06,369 receive security updates. 895 00:31:06,370 --> 00:31:07,839 And if they do receive them, it's often 896 00:31:07,840 --> 00:31:08,840 very late. 897 00:31:09,610 --> 00:31:11,709 Android phones still 898 00:31:11,710 --> 00:31:13,869 do not use end to end encryption 899 00:31:13,870 --> 00:31:16,179 by default for text messaging 900 00:31:16,180 --> 00:31:18,009 or voice or video communications. 901 00:31:18,010 --> 00:31:20,379 And many 902 00:31:20,380 --> 00:31:22,209 Android phones still do not use this 903 00:31:22,210 --> 00:31:23,139 encryption by default. 904 00:31:23,140 --> 00:31:24,729 Even though Google has required it of 905 00:31:24,730 --> 00:31:26,769 newer phones, there's still a carve out 906 00:31:26,770 --> 00:31:29,859 for slower, older chipsets. 907 00:31:29,860 --> 00:31:31,959 And so the end result is that many 908 00:31:31,960 --> 00:31:34,149 people who have Android phones are more 909 00:31:34,150 --> 00:31:36,459 vulnerable to law enforcement hacking. 910 00:31:36,460 --> 00:31:38,979 Now, if Android phones cost 600 euros 911 00:31:38,980 --> 00:31:41,169 and iPhones cost six euros, then I'd 912 00:31:41,170 --> 00:31:42,789 say let the market decide. 913 00:31:42,790 --> 00:31:45,399 But the fact is, is the android dominates 914 00:31:45,400 --> 00:31:47,799 the middle and low end of the market, 915 00:31:47,800 --> 00:31:49,389 which means that the most vulnerable in 916 00:31:49,390 --> 00:31:51,669 our society, minorities 917 00:31:51,670 --> 00:31:53,979 and the poor, are more likely to be using 918 00:31:53,980 --> 00:31:55,599 devices that are easier for law 919 00:31:55,600 --> 00:31:56,950 enforcement agencies to hack. 920 00:31:59,000 --> 00:32:01,369 So that might mean that to have 921 00:32:01,370 --> 00:32:03,709 a middle class banker, 922 00:32:03,710 --> 00:32:06,499 the government needs a zero day in loss 923 00:32:06,500 --> 00:32:08,779 and to hack a poor immigrant. 924 00:32:08,780 --> 00:32:10,789 The government can use a two year old 925 00:32:10,790 --> 00:32:12,469 exploit they purchased for five thousand 926 00:32:12,470 --> 00:32:13,939 dollars online. 927 00:32:13,940 --> 00:32:15,679 My concern is that law enforcement 928 00:32:15,680 --> 00:32:18,409 hacking because of the inequality 929 00:32:18,410 --> 00:32:20,719 of software security, will actually 930 00:32:20,720 --> 00:32:22,429 further perpetuate the existing 931 00:32:22,430 --> 00:32:23,720 inequalities in our society. 932 00:32:25,700 --> 00:32:27,829 All right. So for those six 933 00:32:27,830 --> 00:32:30,289 reasons I described, there are serious 934 00:32:30,290 --> 00:32:31,969 collateral harms associated with law 935 00:32:31,970 --> 00:32:32,970 enforcement hacking, 936 00:32:34,250 --> 00:32:35,420 even if you think. 937 00:32:36,900 --> 00:32:38,819 There are justified reasons for the state 938 00:32:38,820 --> 00:32:41,249 to hack, you should at least now see 939 00:32:41,250 --> 00:32:43,259 that it's not necessarily a clean 940 00:32:43,260 --> 00:32:45,269 technique with no harm caused to third 941 00:32:45,270 --> 00:32:47,249 parties. So the purpose of the Titlist 942 00:32:47,250 --> 00:32:49,109 talk is stopping law enforcement hacking. 943 00:32:49,110 --> 00:32:51,209 How do we stop this practice or at 944 00:32:51,210 --> 00:32:52,649 least restrict this practice? 945 00:32:52,650 --> 00:32:54,719 So option one, of course, is to legislate 946 00:32:54,720 --> 00:32:57,719 to pass laws to regulate this. 947 00:32:57,720 --> 00:33:00,029 As I said before, the FBI in 948 00:33:00,030 --> 00:33:01,679 my country has been hacking for more than 949 00:33:01,680 --> 00:33:02,699 15 years. 950 00:33:02,700 --> 00:33:04,829 There's never been a law passed to 951 00:33:04,830 --> 00:33:05,999 regulate this. There's never been a 952 00:33:06,000 --> 00:33:07,019 congressional hearing. 953 00:33:07,020 --> 00:33:08,639 And it's only really in the last couple 954 00:33:08,640 --> 00:33:10,769 of years that the courts have started to 955 00:33:10,770 --> 00:33:13,409 struggle to to deal with this phenomenon. 956 00:33:13,410 --> 00:33:15,150 We need legislation, 957 00:33:16,500 --> 00:33:18,629 but that's a really tough and it's 958 00:33:18,630 --> 00:33:21,359 particularly tough when 959 00:33:21,360 --> 00:33:22,889 in this current climate. 960 00:33:22,890 --> 00:33:24,959 So in the US, there's been no 961 00:33:24,960 --> 00:33:26,459 laws at all. 962 00:33:26,460 --> 00:33:28,529 In the UK, they just recently passed 963 00:33:28,530 --> 00:33:30,509 the most sweeping piece of surveillance 964 00:33:30,510 --> 00:33:32,969 legislation in decades that clearly 965 00:33:32,970 --> 00:33:35,099 authorizes hacking in the 966 00:33:35,100 --> 00:33:36,100 U.K. They call it 967 00:33:37,170 --> 00:33:38,339 electronic interference. 968 00:33:40,360 --> 00:33:42,279 But I think part of the reason why that 969 00:33:42,280 --> 00:33:44,349 legislation sailed through 970 00:33:44,350 --> 00:33:46,359 so easily and why the government got all 971 00:33:46,360 --> 00:33:48,459 the hacking powers they wanted is we 972 00:33:48,460 --> 00:33:50,649 haven't done a good job of articulating 973 00:33:50,650 --> 00:33:51,909 the problems with hacking. 974 00:33:51,910 --> 00:33:54,219 And so that means that civil society, 975 00:33:54,220 --> 00:33:56,949 if we're going to get laws passed 976 00:33:56,950 --> 00:33:59,139 to regulate or restrict hacking, we have 977 00:33:59,140 --> 00:34:01,809 to do a better job about 978 00:34:01,810 --> 00:34:02,979 how we talk about it. 979 00:34:02,980 --> 00:34:05,049 So we cannot change the law 980 00:34:05,050 --> 00:34:06,309 until we change the debate. 981 00:34:06,310 --> 00:34:09,069 And as long as this is a debate around 982 00:34:09,070 --> 00:34:10,899 the government violating people's privacy 983 00:34:10,900 --> 00:34:13,359 through hacking, we lose. 984 00:34:13,360 --> 00:34:15,529 We have to talk about damage 985 00:34:15,530 --> 00:34:16,599 to the Internet trust. 986 00:34:16,600 --> 00:34:18,309 We have to talk about the government 987 00:34:18,310 --> 00:34:19,359 losing zero days. 988 00:34:19,360 --> 00:34:20,799 We have to talk about the government 989 00:34:20,800 --> 00:34:22,178 hacking innocent people. 990 00:34:22,179 --> 00:34:24,339 We have to talk about the 991 00:34:24,340 --> 00:34:26,109 government hacking. Poor user is more 992 00:34:26,110 --> 00:34:27,189 than rich users. 993 00:34:27,190 --> 00:34:29,408 That's the only way that we 994 00:34:29,409 --> 00:34:31,479 create political support for 995 00:34:31,480 --> 00:34:34,419 hacking legislation that will benefit 996 00:34:34,420 --> 00:34:36,279 the Internet and that will restrict these 997 00:34:36,280 --> 00:34:38,559 tools. Otherwise, any hacking legislation 998 00:34:38,560 --> 00:34:40,388 will give law enforcement everything they 999 00:34:40,389 --> 00:34:41,619 want. 1000 00:34:41,620 --> 00:34:44,138 All right. So the legislative landscape 1001 00:34:44,139 --> 00:34:45,459 may be a little bit depressing. 1002 00:34:45,460 --> 00:34:47,349 What are some other ways that we can 1003 00:34:47,350 --> 00:34:49,178 restrict or prevent law enforcement 1004 00:34:49,179 --> 00:34:50,179 hacking? 1005 00:34:50,929 --> 00:34:52,539 Well, this is a technical conference and 1006 00:34:52,540 --> 00:34:54,408 this is a community of nerds. 1007 00:34:54,409 --> 00:34:56,529 Let's talk about how tech can 1008 00:34:56,530 --> 00:34:58,690 restrict government malware 1009 00:34:59,920 --> 00:35:02,379 so we can do a better job of increasing 1010 00:35:02,380 --> 00:35:04,179 the security of the platforms that we all 1011 00:35:04,180 --> 00:35:06,459 use. If if 1012 00:35:06,460 --> 00:35:08,619 we make our devices more hardened, if we 1013 00:35:08,620 --> 00:35:10,719 make our software more secure, then it 1014 00:35:10,720 --> 00:35:12,279 will be more difficult for governments to 1015 00:35:12,280 --> 00:35:14,499 hack. They will have to spend more money. 1016 00:35:14,500 --> 00:35:16,599 And when they do lose a zero day, it will 1017 00:35:16,600 --> 00:35:17,600 really hurt them. 1018 00:35:19,020 --> 00:35:20,909 So one of the big problems in this space 1019 00:35:20,910 --> 00:35:23,129 is that the privacy software we use 1020 00:35:23,130 --> 00:35:25,439 is often such a soft target, 1021 00:35:25,440 --> 00:35:27,719 it's so in many ways 1022 00:35:27,720 --> 00:35:29,429 the privacy software is often more 1023 00:35:29,430 --> 00:35:31,499 vulnerable than regular off the shelf 1024 00:35:31,500 --> 00:35:33,419 software. And I really think there's no 1025 00:35:33,420 --> 00:35:35,969 better example than Firefox. 1026 00:35:35,970 --> 00:35:37,829 I think this photograph really sort of 1027 00:35:37,830 --> 00:35:38,819 sums it up. 1028 00:35:38,820 --> 00:35:40,379 So the Firefox is otherwise known as the 1029 00:35:40,380 --> 00:35:42,539 red panda, and this panda is 1030 00:35:42,540 --> 00:35:44,639 barely hanging on this branch with just a 1031 00:35:44,640 --> 00:35:45,869 single push. 1032 00:35:45,870 --> 00:35:47,759 It would fall down. And really, that's 1033 00:35:47,760 --> 00:35:49,859 about the security posture of the 1034 00:35:49,860 --> 00:35:50,909 Firefox browser. 1035 00:35:52,230 --> 00:35:54,539 Firefox is not hardened, 1036 00:35:55,710 --> 00:35:58,139 which means that although 1037 00:35:58,140 --> 00:36:00,179 there are techniques, there are well 1038 00:36:00,180 --> 00:36:01,799 known techniques that Mozilla could 1039 00:36:01,800 --> 00:36:03,629 employ that would make it harder for the 1040 00:36:03,630 --> 00:36:05,489 Firefox browser to be hacked. 1041 00:36:05,490 --> 00:36:08,159 They have not employed those techniques. 1042 00:36:08,160 --> 00:36:09,599 So this is a chart 1043 00:36:10,710 --> 00:36:12,779 that much the famous American hacker put 1044 00:36:12,780 --> 00:36:15,059 together with his cyber independent 1045 00:36:15,060 --> 00:36:16,289 testing lab. 1046 00:36:16,290 --> 00:36:18,779 And this chart compares Chrome, 1047 00:36:18,780 --> 00:36:20,999 Safari and Firefox based 1048 00:36:21,000 --> 00:36:23,039 on the exploit mitigation techniques 1049 00:36:23,040 --> 00:36:25,489 they've deployed, things like ACEL 1050 00:36:25,490 --> 00:36:27,599 are he protections that guards 1051 00:36:27,600 --> 00:36:29,219 what you can clearly see here, and this 1052 00:36:29,220 --> 00:36:31,379 is from a few months ago, but you can see 1053 00:36:31,380 --> 00:36:33,539 the Firefox was lagging behind the other 1054 00:36:33,540 --> 00:36:35,049 two browsers. 1055 00:36:35,050 --> 00:36:37,139 Many of these are simple 1056 00:36:37,140 --> 00:36:39,989 compile time options that can be enabled 1057 00:36:39,990 --> 00:36:42,179 with a few changes in 1058 00:36:42,180 --> 00:36:43,769 the build process and then make it 1059 00:36:43,770 --> 00:36:45,869 significantly harder for an 1060 00:36:45,870 --> 00:36:48,239 adversary to hack Firefox users. 1061 00:36:48,240 --> 00:36:50,459 And I should be clear, this is not just 1062 00:36:50,460 --> 00:36:52,379 about the hundreds of millions, millions 1063 00:36:52,380 --> 00:36:53,369 of Firefox users. 1064 00:36:53,370 --> 00:36:54,839 This is about people using the Tor 1065 00:36:54,840 --> 00:36:57,029 browser, which is a variant 1066 00:36:57,030 --> 00:36:58,859 on Firefox. 1067 00:36:58,860 --> 00:37:01,019 So one of the key techniques 1068 00:37:01,020 --> 00:37:03,149 that Firefox has been missing and in 1069 00:37:03,150 --> 00:37:05,550 many ways is still missing until now 1070 00:37:07,080 --> 00:37:08,549 is the security sandbox. 1071 00:37:08,550 --> 00:37:10,829 And the impact of the security sandbox 1072 00:37:10,830 --> 00:37:13,019 is that it makes it harder for an 1073 00:37:13,020 --> 00:37:15,269 attacker to use a single 1074 00:37:15,270 --> 00:37:17,189 vulnerability to take control of your 1075 00:37:17,190 --> 00:37:18,190 computer. 1076 00:37:19,050 --> 00:37:20,729 I apologize for my really shitty 1077 00:37:20,730 --> 00:37:21,730 Photoshop skills. 1078 00:37:23,940 --> 00:37:25,799 This is not my area of expertize. 1079 00:37:25,800 --> 00:37:28,109 In many ways, the Chrome browser, 1080 00:37:28,110 --> 00:37:29,969 although it is clearly the most privacy 1081 00:37:29,970 --> 00:37:32,459 invading browser, is also 1082 00:37:32,460 --> 00:37:33,509 the most secure browser. 1083 00:37:33,510 --> 00:37:35,729 And Google has spent a huge sum 1084 00:37:35,730 --> 00:37:38,009 of money to to really 1085 00:37:38,010 --> 00:37:40,139 armor their browser and make 1086 00:37:40,140 --> 00:37:42,269 it more difficult for governments 1087 00:37:42,270 --> 00:37:44,879 to exploit. And really we can see 1088 00:37:44,880 --> 00:37:47,010 the fruits of that and Google's 1089 00:37:49,080 --> 00:37:50,879 bug bounty program, where they pay 1090 00:37:50,880 --> 00:37:53,459 researchers for four for 1091 00:37:53,460 --> 00:37:55,649 successful compromises of their other 1092 00:37:55,650 --> 00:37:56,639 products. 1093 00:37:56,640 --> 00:37:58,709 This is from the chromium blog, 1094 00:37:58,710 --> 00:38:00,959 the Google Chrome team's blog in 2012, 1095 00:38:00,960 --> 00:38:03,269 talking about a chain of vulnerabilities 1096 00:38:03,270 --> 00:38:05,699 that that a researcher named Pinkie Pie 1097 00:38:06,840 --> 00:38:08,869 delivered and got a prize for. 1098 00:38:08,870 --> 00:38:10,859 So how does one get full remote code 1099 00:38:10,860 --> 00:38:13,169 execution and chrome in the case 1100 00:38:13,170 --> 00:38:14,669 of pinkie pies? 1101 00:38:14,670 --> 00:38:16,919 It took a chain of six different bugs 1102 00:38:16,920 --> 00:38:18,419 in order to successfully break out of 1103 00:38:18,420 --> 00:38:19,420 chrome sandbox. 1104 00:38:21,060 --> 00:38:23,729 In the same same month, 1105 00:38:23,730 --> 00:38:25,919 what's clear is that Sergei's certainly 1106 00:38:25,920 --> 00:38:27,839 earned his sixty thousand dollar podium 1107 00:38:27,840 --> 00:38:30,149 award, he chained together a whopping 1108 00:38:30,150 --> 00:38:32,249 14 bugs quirks and 1109 00:38:32,250 --> 00:38:34,169 missed hardening opportunities. 1110 00:38:34,170 --> 00:38:36,269 And so what we see here is that 1111 00:38:36,270 --> 00:38:38,309 in the case of the Chrome browser, 1112 00:38:38,310 --> 00:38:40,709 researchers cannot in many cases 1113 00:38:40,710 --> 00:38:42,209 take over the browser with one 1114 00:38:42,210 --> 00:38:44,609 vulnerability. They need six 1115 00:38:44,610 --> 00:38:45,900 or 10 or a dozen. 1116 00:38:47,280 --> 00:38:49,559 Now, to be clear, that is 1117 00:38:49,560 --> 00:38:51,479 possible for researchers to find six or 1118 00:38:51,480 --> 00:38:53,849 10 or a dozen bugs or 1119 00:38:53,850 --> 00:38:55,319 vulnerabilities. But that's certainly 1120 00:38:55,320 --> 00:38:56,459 more difficult. 1121 00:38:56,460 --> 00:38:59,589 And if we force governments to 1122 00:38:59,590 --> 00:39:01,979 to up their game, it'll 1123 00:39:01,980 --> 00:39:04,229 make exploitation more expensive. 1124 00:39:04,230 --> 00:39:05,549 And it'll mean that when they do get 1125 00:39:05,550 --> 00:39:06,809 caught, they'll be 1126 00:39:08,130 --> 00:39:09,719 maybe more reluctant to engage in those 1127 00:39:09,720 --> 00:39:10,769 operations in the future. 1128 00:39:12,000 --> 00:39:14,129 And so, as I said before, the 1129 00:39:14,130 --> 00:39:16,769 Tor browser currently 1130 00:39:16,770 --> 00:39:18,869 uses a variant is a 1131 00:39:18,870 --> 00:39:20,759 form of the Firefox browser. 1132 00:39:20,760 --> 00:39:23,369 And so the the lack of a sandbox 1133 00:39:23,370 --> 00:39:25,619 in Firefox directly affects 1134 00:39:25,620 --> 00:39:27,749 the Tor browser and those users 1135 00:39:27,750 --> 00:39:29,939 who depend on TOR for their safety and 1136 00:39:29,940 --> 00:39:30,940 security. 1137 00:39:31,650 --> 00:39:33,859 So one method, as I said, is to is 1138 00:39:33,860 --> 00:39:35,969 to sort of harden the software that we 1139 00:39:35,970 --> 00:39:36,509 all use. 1140 00:39:36,510 --> 00:39:38,639 Another method that we could employ 1141 00:39:38,640 --> 00:39:40,709 to make hacking 1142 00:39:40,710 --> 00:39:42,929 more difficult is to actually target 1143 00:39:42,930 --> 00:39:44,999 the specific methods that we know that 1144 00:39:45,000 --> 00:39:46,319 governments are employing. 1145 00:39:46,320 --> 00:39:48,809 So in the case of Tor users 1146 00:39:48,810 --> 00:39:50,160 and governments. 1147 00:39:52,130 --> 00:39:53,569 Governments are not trying to steal 1148 00:39:53,570 --> 00:39:56,389 Bitcoin from users. 1149 00:39:56,390 --> 00:39:58,670 Governments are not trying to install, 1150 00:39:59,960 --> 00:40:02,029 you know, ransomware on 1151 00:40:02,030 --> 00:40:04,309 your computer if your Tor user and 1152 00:40:04,310 --> 00:40:06,199 you are likely to get hacked by law 1153 00:40:06,200 --> 00:40:08,089 enforcement. The one thing they want more 1154 00:40:08,090 --> 00:40:10,189 than anything else is your IP address, 1155 00:40:10,190 --> 00:40:11,989 your IP and then your Mac. 1156 00:40:11,990 --> 00:40:14,089 So they need to gain the 1157 00:40:14,090 --> 00:40:15,949 ability to to execute code on your 1158 00:40:15,950 --> 00:40:17,779 computer. They want to learn your IP 1159 00:40:17,780 --> 00:40:19,129 address and then they want to send it 1160 00:40:19,130 --> 00:40:21,349 back to an FBI or 1161 00:40:21,350 --> 00:40:22,429 GC HQ computer. 1162 00:40:23,690 --> 00:40:25,789 And so if we want to make 1163 00:40:25,790 --> 00:40:28,009 law enforcement hacking more difficult, 1164 00:40:28,010 --> 00:40:30,109 why not focus on 1165 00:40:30,110 --> 00:40:31,249 the way that they hack? 1166 00:40:31,250 --> 00:40:33,079 Why not focus on or rather the 1167 00:40:33,080 --> 00:40:34,549 information they're seeking to extract? 1168 00:40:34,550 --> 00:40:36,769 And that's, in fact, what some folks 1169 00:40:36,770 --> 00:40:38,629 are doing right now. 1170 00:40:38,630 --> 00:40:40,759 Just a couple of months ago, the Tor 1171 00:40:40,760 --> 00:40:42,949 project announced that they had deployed 1172 00:40:42,950 --> 00:40:45,259 a new experimental 1173 00:40:45,260 --> 00:40:47,359 technique using something called 1174 00:40:47,360 --> 00:40:49,159 Unix domain sockets. 1175 00:40:49,160 --> 00:40:51,559 But essentially the Tor browser, 1176 00:40:51,560 --> 00:40:53,539 if you're using this experimental build, 1177 00:40:53,540 --> 00:40:56,059 cannot talk to the Internet. 1178 00:40:56,060 --> 00:40:57,889 All communications go through the Tor 1179 00:40:57,890 --> 00:41:00,199 browser. And so there's no way 1180 00:41:00,200 --> 00:41:02,539 for malware on 1181 00:41:02,540 --> 00:41:05,359 on that computer to call home. 1182 00:41:05,360 --> 00:41:08,029 We just saw the first experimental build 1183 00:41:08,030 --> 00:41:09,889 from that project, I think released maybe 1184 00:41:09,890 --> 00:41:11,799 a week or two weeks ago. 1185 00:41:11,800 --> 00:41:14,299 And so that is a direct, 1186 00:41:14,300 --> 00:41:16,609 direct effort to take on the exploitation 1187 00:41:16,610 --> 00:41:17,899 techniques that law enforcement agencies 1188 00:41:17,900 --> 00:41:18,900 are using. 1189 00:41:19,430 --> 00:41:22,039 There's also projects like cubes 1190 00:41:22,040 --> 00:41:24,219 and sub graph these 1191 00:41:24,220 --> 00:41:25,729 these these projects that are sort of 1192 00:41:25,730 --> 00:41:28,039 trying to build penetration resistant 1193 00:41:28,040 --> 00:41:30,319 operating systems or a more secure 1194 00:41:30,320 --> 00:41:31,309 operating system. 1195 00:41:31,310 --> 00:41:32,810 And the idea here is 1196 00:41:34,370 --> 00:41:36,229 that we will get hacked and how do we 1197 00:41:36,230 --> 00:41:37,459 survive a hack. 1198 00:41:37,460 --> 00:41:39,649 And in both cases, with both cubes 1199 00:41:39,650 --> 00:41:41,809 and sub Grof, although it 1200 00:41:41,810 --> 00:41:44,299 might be possible for law enforcement 1201 00:41:44,300 --> 00:41:46,879 to hack your browser, that necessarily 1202 00:41:46,880 --> 00:41:48,829 won't lead to the discovery of your real 1203 00:41:48,830 --> 00:41:51,229 IP address, because 1204 00:41:51,230 --> 00:41:53,539 the the browser is either contained in 1205 00:41:53,540 --> 00:41:55,519 a container or virtual machine that 1206 00:41:55,520 --> 00:41:57,050 cannot see a real IP address. 1207 00:42:00,110 --> 00:42:01,849 And then this brings me to my final 1208 00:42:01,850 --> 00:42:02,850 technical point. 1209 00:42:05,600 --> 00:42:07,689 The Linux community has not 1210 00:42:07,690 --> 00:42:09,909 been great in embracing 1211 00:42:09,910 --> 00:42:11,889 security techniques. 1212 00:42:11,890 --> 00:42:12,890 There is a 1213 00:42:15,400 --> 00:42:16,810 free people over there who really care. 1214 00:42:18,220 --> 00:42:20,019 So there's there was a devastating 1215 00:42:20,020 --> 00:42:22,929 article written last summer, a year ago 1216 00:42:22,930 --> 00:42:25,029 in The Washington Post about the toxic 1217 00:42:25,030 --> 00:42:26,439 relationship between Linux kernel 1218 00:42:26,440 --> 00:42:28,749 developers and developers 1219 00:42:28,750 --> 00:42:31,239 and the security project. 1220 00:42:31,240 --> 00:42:33,339 So I've been using Linux since I was, 1221 00:42:33,340 --> 00:42:35,469 I think, 11, 10 or 11 years 1222 00:42:35,470 --> 00:42:37,929 old. I remember as a child 1223 00:42:37,930 --> 00:42:39,939 debating with friends and family members 1224 00:42:39,940 --> 00:42:42,129 about which operating system was better. 1225 00:42:42,130 --> 00:42:44,439 And I always sort of felt superior 1226 00:42:44,440 --> 00:42:45,440 as a Linux user. 1227 00:42:46,960 --> 00:42:49,149 It's embarrassing that so 1228 00:42:49,150 --> 00:42:51,399 many of the exploit mitigation 1229 00:42:51,400 --> 00:42:53,649 technologies like Asla were 1230 00:42:53,650 --> 00:42:56,079 designed first in the Linux community, 1231 00:42:56,080 --> 00:42:58,119 but are still not deployed by default in 1232 00:42:58,120 --> 00:42:59,529 the Linux community. 1233 00:42:59,530 --> 00:43:02,109 Windows has taken the best of our ideas 1234 00:43:02,110 --> 00:43:04,239 and deployed it to their users. 1235 00:43:04,240 --> 00:43:06,369 Apple has followed and 1236 00:43:06,370 --> 00:43:08,649 the fact is there are 1237 00:43:08,650 --> 00:43:10,629 we don't need to wait for next generation 1238 00:43:10,630 --> 00:43:12,999 R&D to make exploitation 1239 00:43:13,000 --> 00:43:14,049 harder. 1240 00:43:14,050 --> 00:43:16,299 The security projects and others have 1241 00:43:16,300 --> 00:43:17,889 pioneered some really amazing 1242 00:43:17,890 --> 00:43:18,939 technologies. 1243 00:43:18,940 --> 00:43:21,069 But then there's this toxic, toxic 1244 00:43:21,070 --> 00:43:23,379 relationship between the security 1245 00:43:23,380 --> 00:43:25,539 community and the kernel community, 1246 00:43:25,540 --> 00:43:28,209 which means that basic 1247 00:43:28,210 --> 00:43:29,949 protections that other operating systems 1248 00:43:29,950 --> 00:43:32,229 have already deployed are still missing 1249 00:43:32,230 --> 00:43:35,229 from mainstream Linux distributions 1250 00:43:35,230 --> 00:43:37,509 and from the Linux kernel 1251 00:43:37,510 --> 00:43:39,309 mainline project itself. 1252 00:43:39,310 --> 00:43:41,019 Now, things are getting better 1253 00:43:42,520 --> 00:43:44,799 after that Washington Post story 1254 00:43:44,800 --> 00:43:47,199 came out. And it's really it's a long 1255 00:43:47,200 --> 00:43:49,359 fun read, but it's not every day 1256 00:43:49,360 --> 00:43:51,099 that a five thousand word story about the 1257 00:43:51,100 --> 00:43:52,749 Linux kernel appears on the front page of 1258 00:43:52,750 --> 00:43:54,159 The Washington Post. And so I strongly 1259 00:43:54,160 --> 00:43:56,439 recommend that you read 1260 00:43:56,440 --> 00:43:58,599 Craig Timberg story. 1261 00:43:58,600 --> 00:44:00,489 Everyone in that story comes away looking 1262 00:44:00,490 --> 00:44:01,449 like shit. 1263 00:44:01,450 --> 00:44:03,849 There's egos as far as the eye can see, 1264 00:44:05,260 --> 00:44:06,969 so things are getting slightly better. 1265 00:44:06,970 --> 00:44:08,829 There's a kernel hardening project now 1266 00:44:08,830 --> 00:44:10,809 that's trying to strip off individual 1267 00:44:10,810 --> 00:44:12,939 features from G.R. security and get them 1268 00:44:12,940 --> 00:44:15,219 up. Streambed But our 1269 00:44:15,220 --> 00:44:17,439 community needs to do a much better 1270 00:44:17,440 --> 00:44:19,569 job of getting 1271 00:44:19,570 --> 00:44:21,489 these these mainstream security 1272 00:44:21,490 --> 00:44:23,089 technologies upstream. 1273 00:44:23,090 --> 00:44:25,839 And it shouldn't be this easy 1274 00:44:25,840 --> 00:44:28,129 for governments to hack 1275 00:44:28,130 --> 00:44:30,549 the users who depend on technologies 1276 00:44:30,550 --> 00:44:31,550 and. 1277 00:44:33,770 --> 00:44:36,019 You know, non-technical users can only 1278 00:44:36,020 --> 00:44:38,329 be expected to do so much and we 1279 00:44:38,330 --> 00:44:40,039 have created these tools for them, 1280 00:44:41,490 --> 00:44:43,669 and then many of them still 1281 00:44:43,670 --> 00:44:46,639 get hacked successfully by governments, 1282 00:44:46,640 --> 00:44:48,559 even though the users are doing the right 1283 00:44:48,560 --> 00:44:50,659 thing. We've delivered software 1284 00:44:50,660 --> 00:44:52,339 that lets you shoot yourself in the foot 1285 00:44:52,340 --> 00:44:55,489 a bit too easily or that self-destruct 1286 00:44:55,490 --> 00:44:56,419 too easily. 1287 00:44:56,420 --> 00:44:59,239 And we know how to build 1288 00:44:59,240 --> 00:45:00,919 hardened software because many of the 1289 00:45:00,920 --> 00:45:02,719 people in this room have, you know, 1290 00:45:02,720 --> 00:45:04,639 custom builds of software or custom 1291 00:45:04,640 --> 00:45:06,049 patches installed. 1292 00:45:06,050 --> 00:45:08,089 We need to make the default software that 1293 00:45:08,090 --> 00:45:10,219 we're delivering more secure. 1294 00:45:10,220 --> 00:45:12,769 We know how to do this, but 1295 00:45:12,770 --> 00:45:15,259 people need to get over their egos and 1296 00:45:15,260 --> 00:45:17,469 their hate of each other. 1297 00:45:17,470 --> 00:45:20,599 In many cases, it really seems like 1298 00:45:20,600 --> 00:45:22,039 these communities have hated each other 1299 00:45:22,040 --> 00:45:23,029 for so long. 1300 00:45:23,030 --> 00:45:24,829 They've forgotten why they originally 1301 00:45:24,830 --> 00:45:25,830 started hating each other. 1302 00:45:26,990 --> 00:45:29,149 And I'm hoping that, you 1303 00:45:29,150 --> 00:45:32,029 know, in two or three years 1304 00:45:32,030 --> 00:45:33,799 that Ubuntu will have some of these 1305 00:45:33,800 --> 00:45:35,239 protections and the Debian will have some 1306 00:45:35,240 --> 00:45:36,199 of these protections turned on by 1307 00:45:36,200 --> 00:45:37,099 default. 1308 00:45:37,100 --> 00:45:39,349 All right. So to sort of wrap this up. 1309 00:45:41,410 --> 00:45:43,359 Even though the title of this talk is 1310 00:45:43,360 --> 00:45:44,650 stopping law enforcement hacking, 1311 00:45:45,730 --> 00:45:47,229 we're not actually going to have to stop 1312 00:45:47,230 --> 00:45:48,369 all law enforcement hacking 1313 00:45:49,870 --> 00:45:52,329 because it's too useful and government's 1314 00:45:52,330 --> 00:45:53,469 like tools that work. 1315 00:45:54,820 --> 00:45:56,629 But we can make it more expensive. 1316 00:45:56,630 --> 00:45:58,869 We can make it much, much more expensive. 1317 00:45:58,870 --> 00:46:00,969 And as I think I've outlined and 1318 00:46:00,970 --> 00:46:03,699 explained, law enforcement hacking 1319 00:46:03,700 --> 00:46:05,409 is not just cheap. 1320 00:46:05,410 --> 00:46:07,539 It may become the cheapest form of 1321 00:46:07,540 --> 00:46:09,540 surveillance when deployed at scale. 1322 00:46:10,690 --> 00:46:12,219 And if we don't do something about the 1323 00:46:12,220 --> 00:46:14,349 cost, I think we're going to see 1324 00:46:15,700 --> 00:46:17,859 hacking not just be an obscure 1325 00:46:17,860 --> 00:46:20,019 tool used for special cases against 1326 00:46:20,020 --> 00:46:22,179 special targets, but becoming the 1327 00:46:22,180 --> 00:46:24,320 first tool because it works so well. 1328 00:46:25,390 --> 00:46:26,390 Thank you very much. 1329 00:46:39,700 --> 00:46:41,649 So now it's time for questions and 1330 00:46:41,650 --> 00:46:42,879 answers. 1331 00:46:42,880 --> 00:46:44,589 Does anybody know if you have a question? 1332 00:46:44,590 --> 00:46:46,149 Yes, I'm free. 1333 00:46:46,150 --> 00:46:47,150 I see one. 1334 00:46:47,930 --> 00:46:50,109 I don't I'm very content 1335 00:46:50,110 --> 00:46:51,609 with what you say, but I'm kind of 1336 00:46:51,610 --> 00:46:53,109 confused. 1337 00:46:53,110 --> 00:46:55,209 Also, you say 1338 00:46:55,210 --> 00:46:57,699 that it's about law enforcement. 1339 00:46:57,700 --> 00:47:00,279 And I would argue that Australia 1340 00:47:00,280 --> 00:47:02,859 hacking in the US is not law enforcement, 1341 00:47:02,860 --> 00:47:03,939 it's espionage. 1342 00:47:03,940 --> 00:47:05,919 And drone bombings are not law 1343 00:47:05,920 --> 00:47:06,909 enforcement. 1344 00:47:06,910 --> 00:47:08,199 It's warfare. 1345 00:47:08,200 --> 00:47:10,209 So please help me with that 1346 00:47:10,210 --> 00:47:12,309 misunderstanding or tell me what 1347 00:47:12,310 --> 00:47:14,529 do I get wrong or where's the distinction 1348 00:47:14,530 --> 00:47:16,779 between law enforcement and 1349 00:47:16,780 --> 00:47:19,299 other activities of the government? 1350 00:47:19,300 --> 00:47:21,429 When the Australian police hacked 1351 00:47:21,430 --> 00:47:23,319 to our users, that wasn't an espionage 1352 00:47:23,320 --> 00:47:25,689 case. That was a case designed 1353 00:47:25,690 --> 00:47:27,219 to identify people who would then be 1354 00:47:27,220 --> 00:47:28,479 arrested and put in jail. 1355 00:47:28,480 --> 00:47:30,099 That's law enforcement. 1356 00:47:30,100 --> 00:47:31,899 Yes. The Pakistan, for example. 1357 00:47:31,900 --> 00:47:34,829 That's definitely either the military or 1358 00:47:34,830 --> 00:47:36,759 or the spies. 1359 00:47:36,760 --> 00:47:38,949 But the reason I brought up that example 1360 00:47:38,950 --> 00:47:41,049 is simply to show that when a foreign 1361 00:47:41,050 --> 00:47:42,519 government does something in your country 1362 00:47:42,520 --> 00:47:44,019 and you don't like it, you have a lot 1363 00:47:44,020 --> 00:47:46,839 less ability to get things changed. 1364 00:47:46,840 --> 00:47:48,519 You cannot call up your elected official 1365 00:47:48,520 --> 00:47:50,349 and tell them to stop doing it. 1366 00:47:50,350 --> 00:47:51,350 Thank you. 1367 00:47:54,130 --> 00:47:55,539 The question from the Internet, 1368 00:47:56,920 --> 00:47:59,289 the Internet wants to know, does 1369 00:47:59,290 --> 00:48:01,419 the government ever remove the 1370 00:48:01,420 --> 00:48:03,249 malware from a PC? 1371 00:48:03,250 --> 00:48:05,379 In the for example, in the case of 1372 00:48:05,380 --> 00:48:07,719 Tahl mail, if they found out, 1373 00:48:07,720 --> 00:48:09,819 oops, not the person we 1374 00:48:09,820 --> 00:48:10,820 are looking for. 1375 00:48:11,500 --> 00:48:14,109 My understanding, at least in the 1376 00:48:14,110 --> 00:48:16,359 three or four bulk hacking 1377 00:48:16,360 --> 00:48:18,339 operations that have come become public 1378 00:48:18,340 --> 00:48:20,409 so far, that none and none of those 1379 00:48:20,410 --> 00:48:21,999 cases was the malware permanently 1380 00:48:22,000 --> 00:48:22,959 installed in your computer. 1381 00:48:22,960 --> 00:48:24,759 So it ran it collected some information 1382 00:48:24,760 --> 00:48:26,319 and sent it home. 1383 00:48:26,320 --> 00:48:27,320 There are 1384 00:48:28,420 --> 00:48:30,489 scenarios where law enforcement 1385 00:48:30,490 --> 00:48:32,379 have asked courts for permission to 1386 00:48:32,380 --> 00:48:34,749 install more permanent or persistent 1387 00:48:34,750 --> 00:48:36,729 malware on computers that would collect 1388 00:48:36,730 --> 00:48:39,069 video footage or webcam 1389 00:48:39,070 --> 00:48:41,199 information for a period of like 30 or 60 1390 00:48:41,200 --> 00:48:43,059 days. And in that case, the software 1391 00:48:43,060 --> 00:48:45,099 would stay on the computer until it was 1392 00:48:45,100 --> 00:48:46,509 removed. 1393 00:48:46,510 --> 00:48:48,849 But again, we know very little 1394 00:48:48,850 --> 00:48:51,459 about how these technologies are deployed 1395 00:48:51,460 --> 00:48:52,359 in the US. 1396 00:48:52,360 --> 00:48:54,459 Law enforcement has had malware 1397 00:48:54,460 --> 00:48:56,799 for 15 years and we know of maybe 1398 00:48:56,800 --> 00:48:59,509 10 or less cases where it's been used. 1399 00:48:59,510 --> 00:49:01,719 I don't think this team is sitting 1400 00:49:01,720 --> 00:49:03,549 around twiddling their thumbs with 1401 00:49:03,550 --> 00:49:05,499 nothing to do. I think they are very busy 1402 00:49:05,500 --> 00:49:07,179 that most of the operations they engage 1403 00:49:07,180 --> 00:49:09,279 in remain sealed or 1404 00:49:09,280 --> 00:49:10,809 hidden from the public. And so we don't 1405 00:49:10,810 --> 00:49:12,819 know enough about how these tools are 1406 00:49:12,820 --> 00:49:13,820 used. 1407 00:49:14,470 --> 00:49:15,470 Number two, please. 1408 00:49:17,100 --> 00:49:18,549 Do you believe them, the United States, 1409 00:49:18,550 --> 00:49:20,999 that there's a public perception 1410 00:49:21,000 --> 00:49:23,639 that government hacking might be 1411 00:49:23,640 --> 00:49:25,829 good and civilian 1412 00:49:25,830 --> 00:49:27,539 or black hat hacking might be bad, and 1413 00:49:27,540 --> 00:49:29,339 that might contribute to why we're not 1414 00:49:29,340 --> 00:49:32,309 able to legislate against it effectively? 1415 00:49:32,310 --> 00:49:34,379 I mean, I certainly think that 1416 00:49:34,380 --> 00:49:36,239 the average person probably doesn't know 1417 00:49:36,240 --> 00:49:37,859 that law enforcement hacking is taking 1418 00:49:37,860 --> 00:49:41,099 place at all. Most Americans are busy 1419 00:49:41,100 --> 00:49:42,959 trying to put food on the table or get 1420 00:49:42,960 --> 00:49:44,000 their kids through school. 1421 00:49:45,390 --> 00:49:47,159 But I think to the extent that you have a 1422 00:49:47,160 --> 00:49:49,289 conversation with the average person, 1423 00:49:49,290 --> 00:49:51,419 yeah, I think no one 1424 00:49:51,420 --> 00:49:52,589 is going to be sympathetic with criminals 1425 00:49:52,590 --> 00:49:54,659 hacking. And like many 1426 00:49:54,660 --> 00:49:57,089 forms of violence, you know, 1427 00:49:57,090 --> 00:49:59,469 it's not OK for me to tell 1428 00:49:59,470 --> 00:50:01,679 someone, but the government 1429 00:50:01,680 --> 00:50:03,029 is supposed to have a monopoly on 1430 00:50:03,030 --> 00:50:04,030 violence 1431 00:50:05,370 --> 00:50:06,989 and maybe they should have a monopoly on 1432 00:50:06,990 --> 00:50:09,149 hacking. If that's a thing that has to 1433 00:50:09,150 --> 00:50:10,199 happen, then we need to have a debate 1434 00:50:10,200 --> 00:50:11,879 about it. But as I've tried to explain 1435 00:50:11,880 --> 00:50:14,279 this talk, just like 1436 00:50:14,280 --> 00:50:17,359 law enforcement use of so-called less 1437 00:50:17,360 --> 00:50:19,469 less lethal weapons like 1438 00:50:19,470 --> 00:50:21,689 like Tasers, just like they can have 1439 00:50:21,690 --> 00:50:23,699 collateral harms, they can accidentally 1440 00:50:23,700 --> 00:50:24,809 kill people sometimes. 1441 00:50:24,810 --> 00:50:27,419 So, too, can law enforcement hacking 1442 00:50:27,420 --> 00:50:28,919 lead to unintended consequences. 1443 00:50:29,940 --> 00:50:32,279 Number four, I wonder, 1444 00:50:32,280 --> 00:50:34,559 in many cases, terrorism is used 1445 00:50:34,560 --> 00:50:36,689 as a reason for espionage, especially 1446 00:50:36,690 --> 00:50:37,739 in France and Europe. 1447 00:50:37,740 --> 00:50:40,079 Now, I wonder if fighting 1448 00:50:40,080 --> 00:50:42,179 the dirty war on terrorism is a good 1449 00:50:42,180 --> 00:50:44,789 strategy to fight this idea of 1450 00:50:44,790 --> 00:50:46,649 law enforcement hacking. 1451 00:50:46,650 --> 00:50:48,539 So the question is whether we should use 1452 00:50:48,540 --> 00:50:49,829 the terrorism rhetoric or that we should 1453 00:50:49,830 --> 00:50:51,149 allow the other side to use the terrorism 1454 00:50:51,150 --> 00:50:52,150 rhetoric. 1455 00:50:54,420 --> 00:50:56,249 He's still fighting the idea of law 1456 00:50:56,250 --> 00:50:57,389 enforcement fighting. 1457 00:50:57,390 --> 00:50:59,579 The reason why people don't want 1458 00:50:59,580 --> 00:51:02,369 to use law enforcement, often terrorism, 1459 00:51:02,370 --> 00:51:04,499 I mean, I 1460 00:51:04,500 --> 00:51:07,529 think the average person doesn't want 1461 00:51:07,530 --> 00:51:08,819 doesn't want terrorist attacks take 1462 00:51:08,820 --> 00:51:09,179 place. 1463 00:51:09,180 --> 00:51:10,439 The average person also doesn't want 1464 00:51:10,440 --> 00:51:12,389 pedophiles to be able to do horrific 1465 00:51:12,390 --> 00:51:13,769 things to children. 1466 00:51:13,770 --> 00:51:15,869 I think if we allow the debate to be 1467 00:51:15,870 --> 00:51:18,059 framed as the government going 1468 00:51:18,060 --> 00:51:20,189 after bad people, then we lose the 1469 00:51:20,190 --> 00:51:21,809 debate. The conversation really needs to 1470 00:51:21,810 --> 00:51:23,879 shift to even if the 1471 00:51:23,880 --> 00:51:25,799 government has good intentions, what is 1472 00:51:25,800 --> 00:51:28,529 the the secondary effects of 1473 00:51:28,530 --> 00:51:30,599 their techniques? And if they're looking 1474 00:51:30,600 --> 00:51:32,189 for a terrorist in an apartment building 1475 00:51:32,190 --> 00:51:34,169 and they burn down the building, that's a 1476 00:51:34,170 --> 00:51:34,529 problem. 1477 00:51:34,530 --> 00:51:35,669 If there are lots of innocent people 1478 00:51:35,670 --> 00:51:37,529 living in that building in addition to 1479 00:51:37,530 --> 00:51:40,229 what they do to the target, we 1480 00:51:40,230 --> 00:51:42,479 it's it's very tempting 1481 00:51:42,480 --> 00:51:44,549 to engage on the specifics 1482 00:51:44,550 --> 00:51:46,469 of how the government is using it, 1483 00:51:46,470 --> 00:51:48,689 whether to discuss the pedophiles 1484 00:51:48,690 --> 00:51:50,699 or the terrorists or the drug dealers. 1485 00:51:50,700 --> 00:51:52,529 And if we get sucked in there, it's a 1486 00:51:52,530 --> 00:51:53,459 trap and we lose. 1487 00:51:53,460 --> 00:51:55,529 We have to stay back and focus 1488 00:51:55,530 --> 00:51:57,779 on the harms to the Internet and the harm 1489 00:51:57,780 --> 00:51:58,780 to innocent people. 1490 00:51:59,580 --> 00:52:01,319 Another question from the Internet, if 1491 00:52:01,320 --> 00:52:02,320 there's one. 1492 00:52:04,730 --> 00:52:06,829 Would it be feasible to initiate a 1493 00:52:06,830 --> 00:52:09,019 class action lawsuit against the FBI or 1494 00:52:09,020 --> 00:52:11,179 other agencies, and would we find 1495 00:52:11,180 --> 00:52:13,129 enough sufficient evidence or enough 1496 00:52:13,130 --> 00:52:14,479 people for such an initiative? 1497 00:52:16,280 --> 00:52:18,799 I'm not a lawyer and so 1498 00:52:18,800 --> 00:52:19,800 I don't know. 1499 00:52:20,690 --> 00:52:22,819 But it's hard enough to sue the 1500 00:52:22,820 --> 00:52:23,899 government when you can prove what 1501 00:52:23,900 --> 00:52:26,089 they're doing. It's even harder when you 1502 00:52:26,090 --> 00:52:28,759 cannot prove. And as I've described, 1503 00:52:28,760 --> 00:52:31,009 in many cases, it's really difficult just 1504 00:52:31,010 --> 00:52:32,719 to prove which agency was doing the 1505 00:52:32,720 --> 00:52:34,099 hacking even when they get caught. 1506 00:52:35,900 --> 00:52:36,949 Number three, please. 1507 00:52:38,930 --> 00:52:40,999 I've been talking to someone in 1508 00:52:41,000 --> 00:52:42,109 the police and 1509 00:52:43,220 --> 00:52:45,709 he was saying that, you know, 1510 00:52:45,710 --> 00:52:48,109 we already decided 1511 00:52:48,110 --> 00:52:49,999 that the police can quietly go into 1512 00:52:50,000 --> 00:52:52,009 people's homes sometimes and search 1513 00:52:52,010 --> 00:52:53,299 everything they want to. 1514 00:52:53,300 --> 00:52:55,369 So I would we just make 1515 00:52:55,370 --> 00:52:57,349 legislation that says they can do the 1516 00:52:57,350 --> 00:52:59,299 same to computers and other devices. 1517 00:52:59,300 --> 00:53:01,669 But I wasn't thinking, well, maybe 1518 00:53:01,670 --> 00:53:03,739 there is a little bit more to perhaps 1519 00:53:03,740 --> 00:53:05,389 your phone, for example, 1520 00:53:06,650 --> 00:53:08,509 than there would be in your home and it 1521 00:53:08,510 --> 00:53:10,249 would be searched. 1522 00:53:10,250 --> 00:53:11,809 How would you view that? 1523 00:53:11,810 --> 00:53:13,969 And how would you convince him that it 1524 00:53:13,970 --> 00:53:16,069 might be the other might 1525 00:53:16,070 --> 00:53:17,239 be some other way? 1526 00:53:17,240 --> 00:53:18,739 Yes, I think you bring up to sort of 1527 00:53:18,740 --> 00:53:20,119 really interesting questions there. 1528 00:53:20,120 --> 00:53:22,249 The first is that there 1529 00:53:22,250 --> 00:53:24,379 was a public debate, at least in my 1530 00:53:24,380 --> 00:53:27,019 country, about whether or not the police 1531 00:53:27,020 --> 00:53:28,369 when and why the police should have the 1532 00:53:28,370 --> 00:53:29,809 ability to search people's houses. 1533 00:53:29,810 --> 00:53:31,609 That debate took place at the founding of 1534 00:53:31,610 --> 00:53:33,649 our of our country because we were we 1535 00:53:33,650 --> 00:53:35,959 were concerned or my forefathers 1536 00:53:35,960 --> 00:53:37,579 were concerned that the British had 1537 00:53:37,580 --> 00:53:39,709 abused their authority to conduct general 1538 00:53:39,710 --> 00:53:41,869 warrant searches of entire neighborhoods. 1539 00:53:41,870 --> 00:53:43,819 So we've had a debate about that. 1540 00:53:43,820 --> 00:53:45,859 And as a result of that, we got laws 1541 00:53:45,860 --> 00:53:47,929 passed and there a specific legal 1542 00:53:47,930 --> 00:53:50,149 framework that the side that governs 1543 00:53:50,150 --> 00:53:51,709 when the police can kick down your front 1544 00:53:51,710 --> 00:53:53,509 door and search your living room. 1545 00:53:53,510 --> 00:53:55,369 We haven't had that debate around law 1546 00:53:55,370 --> 00:53:56,299 enforcement hacking. 1547 00:53:56,300 --> 00:53:58,789 Instead, the existing search 1548 00:53:58,790 --> 00:54:00,649 tools, the existing search authorities 1549 00:54:00,650 --> 00:54:02,749 are used for a very different kind 1550 00:54:02,750 --> 00:54:04,669 of search. And when you think about, you 1551 00:54:04,670 --> 00:54:06,829 know, why we need a debate 1552 00:54:06,830 --> 00:54:09,259 and why we actually need specific hacking 1553 00:54:09,260 --> 00:54:11,629 rules, if the government fucks 1554 00:54:11,630 --> 00:54:13,909 up a normal law enforcement search, 1555 00:54:13,910 --> 00:54:16,219 maybe they search the wrong house, maybe 1556 00:54:16,220 --> 00:54:18,949 they shoot your dog or 1557 00:54:18,950 --> 00:54:20,899 ransack your living room. 1558 00:54:20,900 --> 00:54:23,359 But the harm is limited to a relatively 1559 00:54:23,360 --> 00:54:25,009 small area. Maybe they got the building 1560 00:54:25,010 --> 00:54:26,299 above you instead of the building instead 1561 00:54:26,300 --> 00:54:27,529 of your apartment. 1562 00:54:27,530 --> 00:54:29,509 But in law enforcement hacking cases, 1563 00:54:29,510 --> 00:54:31,669 when they make a mistake, they could 1564 00:54:31,670 --> 00:54:33,439 be searching an entire neighborhood. 1565 00:54:33,440 --> 00:54:35,539 They could release a tool onto the 1566 00:54:35,540 --> 00:54:37,279 Internet that criminals could then use to 1567 00:54:37,280 --> 00:54:38,209 hack innocent people. 1568 00:54:38,210 --> 00:54:41,059 And so modern 1569 00:54:41,060 --> 00:54:43,339 bulk surveillance technologies, the 1570 00:54:43,340 --> 00:54:45,289 the worst case scenario for when things 1571 00:54:45,290 --> 00:54:47,599 get are when they make mistakes 1572 00:54:47,600 --> 00:54:50,269 are so much worse than a traditional 1573 00:54:50,270 --> 00:54:52,369 physical search of a home that we do 1574 00:54:52,370 --> 00:54:54,079 need to have a conversation about this. 1575 00:54:54,080 --> 00:54:56,269 We do need to ensure that those we elect 1576 00:54:56,270 --> 00:54:58,279 to office are politically accountable for 1577 00:54:58,280 --> 00:54:59,989 enabling this kind of technology. 1578 00:54:59,990 --> 00:55:01,639 And then we need to keep it under close 1579 00:55:01,640 --> 00:55:03,439 watch, because when it when they make 1580 00:55:03,440 --> 00:55:05,209 mistakes and even when they don't make 1581 00:55:05,210 --> 00:55:07,489 mistakes, they can still harm 1582 00:55:07,490 --> 00:55:08,780 innocent users on the Internet. 1583 00:55:16,710 --> 00:55:17,710 Number two, please. 1584 00:55:19,080 --> 00:55:21,389 Don't you think that it's still 1585 00:55:21,390 --> 00:55:23,789 pretty unlikely if you use Linux 1586 00:55:23,790 --> 00:55:25,709 to be hacked by the government because 1587 00:55:25,710 --> 00:55:28,289 it's way less affordable for them, 1588 00:55:28,290 --> 00:55:31,139 because they're way less Linux users, 1589 00:55:31,140 --> 00:55:33,239 because so they're a 1590 00:55:33,240 --> 00:55:34,290 smaller target. 1591 00:55:35,790 --> 00:55:37,859 So the question is, do I think Linux 1592 00:55:37,860 --> 00:55:39,539 users are safer because you're a small 1593 00:55:39,540 --> 00:55:41,340 enough minority, know 1594 00:55:43,110 --> 00:55:45,629 there are enough Linux users, 1595 00:55:45,630 --> 00:55:47,849 that it's that it's cost effective 1596 00:55:47,850 --> 00:55:50,009 for the companies who sell the tools 1597 00:55:50,010 --> 00:55:52,109 to governments will sell a Windows 1598 00:55:52,110 --> 00:55:54,989 version of Linux version and 1599 00:55:54,990 --> 00:55:56,309 an iMac version. 1600 00:55:56,310 --> 00:55:59,039 And we've seen the FBI deploying 1601 00:55:59,040 --> 00:56:01,269 all three flavors of malware 1602 00:56:01,270 --> 00:56:03,269 and in hacking cases today. 1603 00:56:03,270 --> 00:56:05,399 So this idea that 1604 00:56:05,400 --> 00:56:07,499 you're somehow safer because you 1605 00:56:07,500 --> 00:56:09,389 use Linux, I think is a myth. 1606 00:56:09,390 --> 00:56:11,459 If you if you want to compile 1607 00:56:11,460 --> 00:56:13,319 your own version of your browser with 1608 00:56:13,320 --> 00:56:15,299 custom compiler options to make yourself 1609 00:56:15,300 --> 00:56:16,589 a little bit more unique. 1610 00:56:16,590 --> 00:56:18,749 Yes. In that case, maybe you 1611 00:56:18,750 --> 00:56:20,549 can achieve protection by using a custom 1612 00:56:20,550 --> 00:56:23,099 built, but not just by using a Debian 1613 00:56:23,100 --> 00:56:25,379 or Ubuntu ISO image. 1614 00:56:25,380 --> 00:56:26,380 Thank you. 1615 00:56:26,990 --> 00:56:28,530 The question from the Internet, please. 1616 00:56:31,320 --> 00:56:33,659 The question is, what is your 1617 00:56:33,660 --> 00:56:35,979 opinion regarding law enforcement agency 1618 00:56:35,980 --> 00:56:37,799 hacking on the accountability of evidence 1619 00:56:37,800 --> 00:56:39,929 acquired by Hacking and Dabby, the impact 1620 00:56:39,930 --> 00:56:42,599 of usability as proof in court? 1621 00:56:42,600 --> 00:56:45,239 So there is an entire question 1622 00:56:45,240 --> 00:56:46,979 or the entire debate to have around how 1623 00:56:46,980 --> 00:56:49,109 reliable malware evidence, malware 1624 00:56:49,110 --> 00:56:50,099 derived evidence is. 1625 00:56:50,100 --> 00:56:51,479 And that's something that's being litigated 1626 00:56:51,480 --> 00:56:52,919 in the United States. 1627 00:56:52,920 --> 00:56:55,019 The FBI in the 1628 00:56:55,020 --> 00:56:57,239 playpen operation did not use tools 1629 00:56:57,240 --> 00:56:59,399 to transmit the information it collected 1630 00:56:59,400 --> 00:57:00,839 back to the FBI server. 1631 00:57:00,840 --> 00:57:02,219 And one of the arguments the defense 1632 00:57:02,220 --> 00:57:03,989 lawyers made was that it could have been 1633 00:57:03,990 --> 00:57:06,089 tampered with as it was sent 1634 00:57:06,090 --> 00:57:07,739 back to the government servers. 1635 00:57:09,180 --> 00:57:11,279 You know, there are 1636 00:57:11,280 --> 00:57:13,379 forensic standards used 1637 00:57:13,380 --> 00:57:15,599 and established by 1638 00:57:15,600 --> 00:57:17,189 the industry and by the government for 1639 00:57:17,190 --> 00:57:19,049 searching laptops and extracting data 1640 00:57:19,050 --> 00:57:20,849 from them. There are no forensic 1641 00:57:20,850 --> 00:57:22,619 standards for malware. 1642 00:57:22,620 --> 00:57:24,329 And because the government wishes to 1643 00:57:24,330 --> 00:57:26,579 preserve the secrecy around their tools, 1644 00:57:26,580 --> 00:57:29,339 they are very reluctant to even disclose 1645 00:57:29,340 --> 00:57:31,109 the shell code that they're using, let 1646 00:57:31,110 --> 00:57:33,149 alone the exploits that first break into 1647 00:57:33,150 --> 00:57:35,339 a computer. So it's very hard for 1648 00:57:35,340 --> 00:57:37,259 the defense in a case to really 1649 00:57:37,260 --> 00:57:39,269 understand what took place and what 1650 00:57:39,270 --> 00:57:41,399 mistakes may have may have 1651 00:57:41,400 --> 00:57:43,349 taken place while the search was going 1652 00:57:43,350 --> 00:57:44,350 on. 1653 00:57:45,180 --> 00:57:46,320 Number four, please. 1654 00:57:47,730 --> 00:57:49,919 Speaking of framing the debate, 1655 00:57:49,920 --> 00:57:51,659 I think there's one point that wasn't 1656 00:57:51,660 --> 00:57:53,819 really made and it's 1657 00:57:53,820 --> 00:57:55,889 the collateral damage that is done by 1658 00:57:55,890 --> 00:57:56,879 just zero days. 1659 00:57:56,880 --> 00:57:59,009 If you have a zero day, it 1660 00:57:59,010 --> 00:58:00,689 doesn't even matter if it goes out to 1661 00:58:00,690 --> 00:58:02,549 somewhere somebody else. 1662 00:58:02,550 --> 00:58:04,619 In the meantime, while you're using that, 1663 00:58:04,620 --> 00:58:06,749 they could have developed 1664 00:58:06,750 --> 00:58:09,149 the same capabilities and use it against 1665 00:58:09,150 --> 00:58:11,639 targets. So in 1666 00:58:11,640 --> 00:58:13,949 the end, police forces are 1667 00:58:13,950 --> 00:58:16,289 actively putting 1668 00:58:16,290 --> 00:58:18,679 the public and the public, 1669 00:58:18,680 --> 00:58:21,269 I mean, other government agency, 1670 00:58:21,270 --> 00:58:23,699 the army hospitals, 1671 00:58:24,750 --> 00:58:27,839 power stations and so on, in jeopardy 1672 00:58:27,840 --> 00:58:29,759 to be attacked with the same with the 1673 00:58:29,760 --> 00:58:31,859 same me in the measures that 1674 00:58:31,860 --> 00:58:33,659 the police already knows of. 1675 00:58:33,660 --> 00:58:35,759 So it's totally irresponsible for 1676 00:58:35,760 --> 00:58:38,009 any law enforcement agency 1677 00:58:38,010 --> 00:58:40,649 to use any zero days at all. 1678 00:58:40,650 --> 00:58:42,009 That's that's my that's my point. 1679 00:58:42,010 --> 00:58:43,559 I think it's an important point for 1680 00:58:43,560 --> 00:58:44,759 framing the debate. 1681 00:58:44,760 --> 00:58:46,769 So I'm definitely aware of that argument. 1682 00:58:46,770 --> 00:58:48,839 And it's certainly an argument we made 1683 00:58:48,840 --> 00:58:51,419 and the Apple FBI case and 1684 00:58:51,420 --> 00:58:52,530 our ACLU brief, 1685 00:58:53,880 --> 00:58:55,559 I don't think it's a winning political 1686 00:58:55,560 --> 00:58:56,609 argument. 1687 00:58:56,610 --> 00:58:58,979 If there was only one zero 1688 00:58:58,980 --> 00:59:01,079 day in the Firefox browser, then 1689 00:59:01,080 --> 00:59:03,419 yes, if law enforcement discovered 1690 00:59:03,420 --> 00:59:05,129 it and didn't tell Mozilla, it's possible 1691 00:59:05,130 --> 00:59:07,289 that another entity, a foreign government 1692 00:59:07,290 --> 00:59:08,849 or a criminal gang, could discover that 1693 00:59:08,850 --> 00:59:10,829 same vulnerability. And by not telling 1694 00:59:10,830 --> 00:59:12,989 Mozilla, we're all left vulnerable 1695 00:59:12,990 --> 00:59:14,489 to those foreign governments using the 1696 00:59:14,490 --> 00:59:16,589 same tool, that argument makes sense when 1697 00:59:16,590 --> 00:59:18,779 there's one zero day to be found 1698 00:59:18,780 --> 00:59:20,999 in Firefox. But let's be honest, 1699 00:59:21,000 --> 00:59:23,159 the Firefox browser is a target rich 1700 00:59:23,160 --> 00:59:24,869 environment when it comes to 1701 00:59:24,870 --> 00:59:25,949 vulnerabilities. It is not 1702 00:59:27,150 --> 00:59:29,549 a particularly secure piece of software. 1703 00:59:29,550 --> 00:59:31,829 It's very complex with very old software. 1704 00:59:31,830 --> 00:59:33,239 They're still paying off their technical 1705 00:59:33,240 --> 00:59:34,259 debt. 1706 00:59:34,260 --> 00:59:36,389 And I'm not going 1707 00:59:36,390 --> 00:59:38,669 to say zero days in Firefox are a dime 1708 00:59:38,670 --> 00:59:40,109 a dozen, but there are certainly enough 1709 00:59:40,110 --> 00:59:42,269 of them that I don't think it's 1710 00:59:42,270 --> 00:59:44,279 as convincing to say that governments are 1711 00:59:44,280 --> 00:59:45,209 leaving us vulnerable. 1712 00:59:45,210 --> 00:59:47,909 I get the rhetorical strategy, 1713 00:59:47,910 --> 00:59:50,039 but I think the argument of governments 1714 00:59:50,040 --> 00:59:52,109 losing zero days, I then them being 1715 00:59:52,110 --> 00:59:54,359 instantly used by criminals is a much 1716 00:59:54,360 --> 00:59:55,439 more convincing argument. 1717 00:59:55,440 --> 00:59:57,569 And we now have enough examples of 1718 00:59:57,570 --> 00:59:59,489 that taking place that I think it makes 1719 00:59:59,490 --> 01:00:01,709 sense to focus there, because 1720 01:00:01,710 --> 01:00:04,079 everyone, even the least technical 1721 01:00:04,080 --> 01:00:05,939 person, understands that the government 1722 01:00:05,940 --> 01:00:07,679 makes mistakes. 1723 01:00:07,680 --> 01:00:09,069 Thank you. 1724 01:00:09,070 --> 01:00:10,199 Number three, please. 1725 01:00:11,660 --> 01:00:13,259 I think your point about changing the 1726 01:00:13,260 --> 01:00:15,659 debate is as important as often missed 1727 01:00:15,660 --> 01:00:17,069 in especially in this community. 1728 01:00:17,070 --> 01:00:19,499 I think that we focus on technical 1729 01:00:19,500 --> 01:00:21,239 solutions to social problems very often, 1730 01:00:21,240 --> 01:00:22,799 and we kind of miss this part. 1731 01:00:22,800 --> 01:00:24,479 So thank you for this very much. 1732 01:00:24,480 --> 01:00:26,369 But I do have a question. 1733 01:00:26,370 --> 01:00:28,349 I think part of this debate is language 1734 01:00:28,350 --> 01:00:30,839 also. And so the question is, 1735 01:00:30,840 --> 01:00:32,909 do you think that perhaps we should find 1736 01:00:32,910 --> 01:00:35,039 a better word for maliciously 1737 01:00:35,040 --> 01:00:37,169 using, you know, exploits to break 1738 01:00:37,170 --> 01:00:39,179 into things than hacking? 1739 01:00:39,180 --> 01:00:41,129 And this is an honest question, right? 1740 01:00:41,130 --> 01:00:43,379 Because I think that with 1741 01:00:43,380 --> 01:00:45,539 this with this word use it being 1742 01:00:45,540 --> 01:00:48,089 used in two different meanings. 1743 01:00:48,090 --> 01:00:50,579 We miss a lot of opportunities to explain 1744 01:00:50,580 --> 01:00:52,709 the difference between a hacker who is 1745 01:00:52,710 --> 01:00:55,079 opposed to to 1746 01:00:55,080 --> 01:00:56,669 law enforcement using and abusing 1747 01:00:56,670 --> 01:00:58,919 exploits or the militarization 1748 01:00:58,920 --> 01:01:00,209 of exploits. 1749 01:01:00,210 --> 01:01:02,429 And the people, 1750 01:01:02,430 --> 01:01:04,109 the people on the other side of this of 1751 01:01:04,110 --> 01:01:05,819 this discussion, I think that makes it 1752 01:01:05,820 --> 01:01:08,069 this discussion muddied and harder 1753 01:01:08,070 --> 01:01:10,409 to actually engage in 1754 01:01:10,410 --> 01:01:12,869 and to actually change the debate, as 1755 01:01:12,870 --> 01:01:13,979 you suggest. Thank you. 1756 01:01:13,980 --> 01:01:16,409 Yeah, I think that's a fantastic point 1757 01:01:16,410 --> 01:01:18,689 that you bring up. The power of language 1758 01:01:18,690 --> 01:01:20,969 is is extremely important and 1759 01:01:20,970 --> 01:01:22,439 often overlooked. 1760 01:01:22,440 --> 01:01:24,959 In the US, for example, the FBI 1761 01:01:24,960 --> 01:01:26,819 came up with their own special term for 1762 01:01:26,820 --> 01:01:28,559 malware, which is called a network and 1763 01:01:28,560 --> 01:01:30,059 investigative technique. 1764 01:01:30,060 --> 01:01:32,429 And every time defense lawyers 1765 01:01:32,430 --> 01:01:34,529 use the term malware in court 1766 01:01:34,530 --> 01:01:36,149 or in briefs, the government freaks out. 1767 01:01:36,150 --> 01:01:37,769 They say, no, no, no, malware is 1768 01:01:37,770 --> 01:01:39,989 something that criminals use when we do 1769 01:01:39,990 --> 01:01:41,639 it. It's called a network investigative 1770 01:01:41,640 --> 01:01:42,640 technique. 1771 01:01:43,590 --> 01:01:45,779 So from my position, if 1772 01:01:45,780 --> 01:01:47,969 a gun is held by a police officer, it's 1773 01:01:47,970 --> 01:01:49,619 a gun. And when it's used by a bank 1774 01:01:49,620 --> 01:01:51,309 robber, it's still a gun. 1775 01:01:51,310 --> 01:01:53,069 The person who's holding it doesn't 1776 01:01:53,070 --> 01:01:54,479 change the physical object. 1777 01:01:54,480 --> 01:01:56,999 But the Department of Justice 1778 01:01:57,000 --> 01:01:58,829 has contorted themselves into a strange 1779 01:01:58,830 --> 01:02:01,079 shape to insist that their 1780 01:02:01,080 --> 01:02:02,819 malware is not really malware because a 1781 01:02:02,820 --> 01:02:04,289 judge who didn't really understand what 1782 01:02:04,290 --> 01:02:06,329 she was authorizing gave them a piece of 1783 01:02:06,330 --> 01:02:07,330 paper. 1784 01:02:08,310 --> 01:02:10,539 I think that for them, one of the benefit 1785 01:02:10,540 --> 01:02:12,989 or a few benefits of redefining 1786 01:02:12,990 --> 01:02:14,399 the term malware. 1787 01:02:14,400 --> 01:02:16,589 The first is that many judges who 1788 01:02:16,590 --> 01:02:18,419 are being given applications for a 1789 01:02:18,420 --> 01:02:20,579 hacking warrant may not really 1790 01:02:20,580 --> 01:02:22,019 understand what they're being asked to 1791 01:02:22,020 --> 01:02:24,119 authorize when it uses this clinical 1792 01:02:24,120 --> 01:02:25,409 made up term. 1793 01:02:25,410 --> 01:02:27,719 You know, until two years ago, 1794 01:02:27,720 --> 01:02:29,069 a Google search for network, an 1795 01:02:29,070 --> 01:02:30,299 investigative technique would reveal 1796 01:02:30,300 --> 01:02:32,699 nothing. And so a judge encountering 1797 01:02:32,700 --> 01:02:34,079 one of these applications for the first 1798 01:02:34,080 --> 01:02:36,479 time would have no way of knowing 1799 01:02:36,480 --> 01:02:37,739 really what they were being asked to 1800 01:02:37,740 --> 01:02:39,719 authorize. And still to this day, you 1801 01:02:39,720 --> 01:02:42,119 don't see a zero day 1802 01:02:42,120 --> 01:02:44,519 or shortcode or exploit 1803 01:02:44,520 --> 01:02:46,389 and. Anywhere in the warrant application, 1804 01:02:46,390 --> 01:02:48,549 and so they really use this this 1805 01:02:48,550 --> 01:02:50,619 sort of clinical language to make it seem 1806 01:02:50,620 --> 01:02:52,569 like what they're doing is really not a 1807 01:02:52,570 --> 01:02:54,429 big deal, doesn't have any risks. 1808 01:02:54,430 --> 01:02:56,499 They don't talk about what 1809 01:02:56,500 --> 01:02:58,389 happens if they make a mistake. 1810 01:02:58,390 --> 01:03:00,879 And so I think that's really useful 1811 01:03:00,880 --> 01:03:02,499 when it comes to convincing judges or at 1812 01:03:02,500 --> 01:03:04,149 least making sure that judges don't know 1813 01:03:04,150 --> 01:03:05,859 what they're being asked to authorize. 1814 01:03:05,860 --> 01:03:07,929 And then I think that 1815 01:03:07,930 --> 01:03:10,059 also impacts the political debate when 1816 01:03:10,060 --> 01:03:12,159 there is one, our community needs to 1817 01:03:12,160 --> 01:03:14,229 do a better job of 1818 01:03:14,230 --> 01:03:15,369 using language 1819 01:03:16,390 --> 01:03:18,099 in our in our favor. 1820 01:03:18,100 --> 01:03:19,839 And we, unfortunately, often let the 1821 01:03:19,840 --> 01:03:22,029 government define the terms and then we 1822 01:03:22,030 --> 01:03:24,099 use their terms, whether it's, you 1823 01:03:24,100 --> 01:03:26,529 know, the increased adoption 1824 01:03:26,530 --> 01:03:28,299 of sort of intelligence community terms 1825 01:03:28,300 --> 01:03:29,949 into our surveillance debate, like things 1826 01:03:29,950 --> 01:03:32,260 like implants, operators, 1827 01:03:33,850 --> 01:03:35,649 I think we use the terms because we think 1828 01:03:35,650 --> 01:03:36,699 they're cool. 1829 01:03:36,700 --> 01:03:39,549 But then we miss the opportunity to 1830 01:03:39,550 --> 01:03:41,559 take the power that comes from defining 1831 01:03:41,560 --> 01:03:43,089 them in favorable terms for our side. 1832 01:03:43,090 --> 01:03:45,639 So we all need to do a better job 1833 01:03:45,640 --> 01:03:46,629 with that. But thank you for bringing 1834 01:03:46,630 --> 01:03:47,630 that up. 1835 01:03:48,000 --> 01:03:49,589 So thank you very much and I have to 1836 01:03:49,590 --> 01:03:51,959 close this talk now, give a warm 1837 01:03:51,960 --> 01:03:53,069 applause. 1838 01:03:53,070 --> 01:03:54,070 Thank you.