Thursday, March 27, 2014

On SXSW 2014 : Data Privacy after Edward Snowden.

Photo by Jack Plunkett/Invision/AP
First things first:  this post is not a judgement for or against Edward Snowden.  What this is going to be is an analysis of the impact, response, reality of the aftermath of the documents that have been shared, and what we should be doing about it.  There is a direct impact upon the technology community.  One that touches the very basic responsibility we have as the builders and stewards of the software and data that are driving the 21st century's economic engine.

At SXSW, Edward Snowden was present for his interview virtually, using a Google Hangout.  He was piped through seven proxies in an attempt to keep his location as secure as possible.  While this caused the video to be very choppy, the audio was clear.

Christopher Soghoian, a technologist of the ACLU, and Ben Wizner, Snowden's legal adviser from the ACLU, conducted the interview.  Before I dig into the meat of the discussion, I want to level-set the scope of the NSA files released to date.

What has been revealed in the NSA files?
This timeline is derived from the EFF's comprehensive list of events.  I will bold particularly troubling attacks on tech privacy.
The list is extensive and startling.  Having attempted to pay close attention to this issue, I'm sure I experienced some "NSA fatigue" and ignored or missed a bunch of stories.  Now looking back to the actual timeline and information published in the media, my eyes cross and my stomach sinks.  The penetration is thorough.  It goes to the very base of the software in the encryption keys, to the very base of the physical infrastructure in tapping the fiber lines directly.

Slide published by the Washington Post detailing PRISM.
Point One - It's way too easy.
First and foremost, the level of penetration indicates one thing:  it's been too easy.  What's more is that we don't know who else is listening to our data.  And let's be clear, that data represents just about everything:  telephone conversation, email conversation, instant messenger conversation, video chat, what websites you browse and therefore what your interests are, your location, who you pay and how much you pay them, who you associate with, who your friends are and how close you are to them, what products you buy and what stores you buy them from, and what TV shows and movies you like.

It is your identity and the keys to your identity.

That all the NSA, GCHQ, and other agencies had to do was tap into the network reveals a disturbing truth about the internet that we've built:  it's too easy to snoop.  It's incredibly easy to snoop.  The first hurdle for anyone, government or not, to eavesdrop on our data should be how they're going to snoop.  Someone can always tap the physical fiber lines moving data between servers.  That so much of the data is "in the clear" is the problem.

Even Google was caught with its pants down.  Nevermind Yahoo! and Microsoft.

We should be encrypting everything.  Yes, the NSA has the keys to the RSA , who provides many of our encryption keys.  But now that we know, separate groups can begin providing them - groups not affiliated with any particular government or corporation.

This is, in fact, what's happening.  Mr. Soghoian pushed the point that these revelations have radicalized segments of the IT world.  Individuals are building better systems to provide better data  privacy.  In his words, there are lots of engineers that are "pissed".  It should be very hard for the government or anyone to siphon any meaningful data from our networks.

This quote stresses this:  "data should not be collected without people's knowledge and consent."

More importantly, perhaps, is that decryption does not scale.  The amount of compute cycles needed to decrypt a message without the key is vastly greater than that needed to encrypt it.  As the amount of encrypted data increases, the computation horse power needed to brute-force decrypt all of it rises exponentially.  It is our greatest defense of our digital presence.

Point Two - You Are Stewards Of User Data.
To bring this back home to the "every man" working for some web/mobile app company, we need to clean up our acts.  Snowden stresses the point that Privacy should be first and awareness that we are the stewards of our user's data should be second in how we construct our systems.

Once a user gives consent to hand their data to us, it is our responsibility to protect it.

We do this by only asking for the minimum data we need to perform our services.  Only retain that data for the minimum amount of time necessary.  All of the data we collect should have a time to live attached to it.  Once that time frame has passed, the data is purged.

The crucial point here is:  encrypt everything and all data expires.

This helps secure our user's privacy and security not just from a government agency, but also anyone who may break into our systems.  Let's not forget what happened to Target.  We have a tendency to think that once inside our firewalls, all data is safe.  Target's failure indicates that once a malicious organization gets past your firewall, they can very easily cause catastrophic losses.

NSA slide published by Washington Post detailing how they are syphoning internal Google data.  Note the SSL encryption note.
Point Three - Google is not your friend.

I use quite a few Google products and while this point seems obvious, I found it eye-opening.  Google is what?  An advertising company.  By nature, Google's goal is to analyze your behavior and expose that data to various services.  At some point using those services you are served advertisements.  That is, after all, how Google makes their billions, right?

This inherently makes their software vulnerable to attack.  Google would never build a browser that provides end to end encryption.  If they did, they couldn't read the data being sent back and forth and build an analysis of your habits.  It would make Google Now useless.  GMail could serve no advertisements to you.

I use Google as an example here.  Microsoft, Yahoo!, neither of these guys are really our friend either.  It is going to take some group in the tech community to get together and build an OpenSource end to end encrypted browser.  If Google or IBM were to take on this task, as Mr. Soghoian stressed, you better believe that it will not be free.  They would have to make up the lost revenue dollars somehow and charging a monthly fee for access to the software is a likely avenue.

Point Four - The NSA is too focused on cyber-offense and not on real-world clues.
This portion of the conversation elicited some groans from the audience.  Snowden was making the point that the NSA's single-minded focus on gathering as much data as it could has made it blind to the data that matters most:  what's happening in the real world.  His argument followed these lines :

Before the underwear bomber ever got on a plane, his father went to the United States embassy and told them to watch his son and get him help.  Before the Boston bombings, Russia told the U.S. Government to watch Tamerlan Tsarnaev.  What the NSA should be doing is working to make our networks the most secure they can be.  Instead they're focused on weakening them through back doors, compromised hardware, and direct taps.  Perhaps if they worried more about security than attempting to gather every piece of data they could, strong signals like those from the underwear bomber's dad or the Russian's embassy would not have been ignored.

With two reports, one from left-leaning New American Foundation and the other from the right-leaning Hoover Institute, having come to the same conclusion of the system's ineffectiveness in stopping any terrorist attacks makes one wonder at the the amount of money spent and scope of the data collection.  The processes have borne no fruit and yet we are spending 55 billion on them?

We should focus those dollars on a more-secure internet and real-world police work, not exploiting every vulnerability that can be found.

Point Five - Why is all of this bad?
The question came in from the audience:  "Why is it bad for a government to have your private data, but okay for a company?"

The answer came in two parts, the first from Snowden:  governments can take away your Rights, companies cannot.  Google can't send the police to your home for violating some new law, but the U.S. Government could.

The second part of the answer is that it's not good for corporations to have all of your data either.  If their systems become compromised, there goes your data and maybe your identity.  Which is exactly how the NSA and other agencies around the world have acquired these vast amounts of information.

Don't forget that even if you're okay with who is running the government today, you may not tomorrow nor do you know what laws may be passed tomorrow.  The only way to be truly secure in your privacy is for your data to not persist anywhere.

Point Six - Change starts with technology.
Snowden and Soghoian stressed this point several times.  While there is certainly a political response necessary to unfettered government access to our data, the primary response will come from the technologists.  It will be us who constructs secure systems to ensure the privacy of our data.  If we improve our standards, then it won't matter who is trying to access our data, it can remain secure.  We'll be the ones who build the next generation browsers and network protocols.

It was this point that Snowden said is why he spoke to SXSW Interactive.  It was the best way to reach the most technology professionals and send this specific message.

This point resonated with me.  There's a cultural change that needs to happen in technology.  Security and privacy cannot be tertiary thoughts.  It has to be our primary thought in our designs.  Those measures have to be agnostic of who is trying to access the data.  Our Right to Privacy is not just privacy from a neighbor, it's privacy from anyone, including the government.

Closing Notes.
Snowden ended the interview on an interesting note.  I'll share the quote (with link to clip) :
"...the interpretation of the Fourth Amendment has been changed - in secret - from no unreasonable search and seizure to 'hey, any seizure is fine, just don't search it' and that's something public ought to know about. "

Just this month Google has finished updating their infrastructure to encrypt all of the internal data.  Earlier last year Yahoo promised to do the same by March of this year.  Large American tech companies have faced significant losses and are spending billions to move their data centers off of U.S. soil.  These disclosures will continue to reverberate throughout the technology, political, and economic worlds.  The pressure has pushed the United States Government to consider ending its bulk surveillance.

Regardless of what you think of Snowden, these reverberations, while painful in the short term, will only make our software and networks more secure.  The better they become, the more secure we can feel about our online privacy.  Our "papers" as referenced in the Fourth Amendment have evolved into digital documents and correspondence.  They should be as private as the same papers that are sitting in your filing cabinet, free from search and seizure.  They should be as private as the letters you put in the mailbox.

We technologists are in a very unique position to shape the digital future.  We should be thinking of and implementing methods that can improve our privacy and the security of our networks rather than waiting for a political response.  It is clear that the government will break the rules in secrecy to get what they want.  If we want to defeat that we need to build better defenses so no one can collect our digital identities.

It starts with you and me.

Interview Video

Monday, March 17, 2014

On SXSW : 2014 Retrospective

This year's SXSW Interactive was a unique opportunity.  It was an opportunity to experience Neil deGrasse Tyson's enthusiasm for science, to see and listen to Edward Snowden's first public interview, see Adam Savage be quirky and engaging, and as always, open my brain up and let people dump things in.

These retrospectives help me filter out all that was poured in and find some of the key nuggets within the themes.  Each person's SXSW is a little different:  an amalgamation of the talks they listened to and who they met while experiencing the night life.  Still, given that, there are themes that resonate through-out the experience that you'll hear talked about whether on the shuttle ride or over the tables at the food truck court.

These themes fell into these categories:
  • Privacy of your data.
  • Where are the Apps and Responsive design.
  • Wearable tech.
  • Continuing Simplicity.
  • Experiment. Be scientists.
As usual, I will write some deeper dives on each of these following this summary!

There is a renewed focus on privacy, specifically privacy of your data.  With figures like Julian Assange and Edward Snowden making live virtual appearances, it would be hard to say that privacy wasn't a major theme for SXSWi 2014.  Both of these names tend to polarize individuals whether you believe them traitors, patriots, or something in between.  I won't comment on that, but what I will comment on the effect of Wikileaks and the NSA files have had:  technologists are pissed and are actively working to build better security solutions.  Perhaps one of the more salient points made by Snowden was that it wasn't difficult for the NSA to start vacuuming up data from across the web.  That was easy.  The hard part is processing the data in a meaningful way.  That there was little challenge in seizing the data means that many of us have failed in our roles as stewards of user data.

Photo by Jack Plunkett/Invision/AP
This isn't just a message about governments, but about corporations, too.  What are you doing to better secure your user's data?  Do you delete it when you're done?  Do you only ask for and keep the absolute minimum that you need?  Is it encrypted?  These should be active questions for all of us, whether we're writing the code, managing the data, or designing the interfaces.

An additional point driven home:  while a political change is necessary, more so is a change in the technology and its standards.  The drivers of that change to secure our data will be thought-leaders in technology.  Whatever the politicians do, we need to push the boundaries on security.

Not just because the NSA may be spying, but because anyone may be spying.

Apps or Responsive?
Noticeably absent were big pushes for Apps.  While people talked about building Apps in a greater context, the "Oh my God, you must have apps!" reaction has passed.  In its stead is a cautionary tale about company after company that has built an App for one reason or another and not gained any tangible benefits.  And don't forget the hassle that App approval presents.

Many companies have built whole teams centered just on App development, sunk gobs of cash, and haven't realized a windfall of money or users.  People are still trying to figure out what the rules are around what to build and what not to build as Apps.  This is leading towards a trend of building flexible, scalable sites using Responsive methodologies as a stop-gap.  Even then there is sub-context since most Responsive techniques are fairly immature and certainly not optimized for speed.  While most technologists today will tell you to build Responsive, there are arguments to be made for device-optimized sites.

The biggest concern around device-optimized sites is the scalabilty of maintenance.  With the growing number of wearable devices coming, can you reasonably build for each device you want to be available on?

Which leads me to...

Wearables, Wearables Everywhere
Shocker, right?  Not likely.  With numerous conversations about wearable tech, there is definitely an air of excitement around the potential.  But the experience with Apps has left many people cautious.  A common thought in conversations around SXSW was that wearables will be awesome once dynamite Apps are built for them.  But who is building the Apps?  The software community is cautious while the hardware community is bullish.

The end result, I'm predicting, is not going to be good for many of the wearable manufacturers.  The ultra-specific devices have to be incredibly good at their one task to remain relative.  How many of you, or people you know, jumped onto the FitBit band wagon only to ditch it after a few months?  This type of use and discard mentality is a carry-over from the Apps phenomenon.  Apps that did their job very well stick around on your device.  Those that don't or lose novelty collect dust until they're eventually deleted.

Therefore most of the software people are adopting a wait-and-see approach.  Don't get crazy trying to be present everywhere.  Be selective and husband your resources.

Simplicity, assisted by Body Cognition
Last year I was rather impressed with the combination of AI advancement with the No UI movement.  The crossroads of those axis of advance is a nice sweet spot where good software delivers relevant services without requiring much interaction from you.

A great addition to this No UI concept is the integration of Body Cognition principles into the design of software.  Body Cognition is the science investigating how physical inputs to your body influence your perceptions at a subconscious level.  I'll do a whole lot better explaining this by using some examples.

Being in a room of strangers with a warm cup of coffee is more likely to make you more comfortable than if you had ice water.  A heavy clipboard and lab coat is more likely to make you take a science experiment more seriously than if you just had a notepad and board shorts.

When it comes to software, this is more about pleasing visual cues or cues that evoke other physical senses.  Clean, fresh lines and colors are more likely to be found attractive than a messy, disheveled presentation the same way a fresh apple is more appealing than an old one.

Applying this line of thought is a challenge for me.  With sites that are data-heavy, finding a "clean" presentation that is also informative is not always straight-forward.  Applying some of these ideas can help make the optimal path a bit more obvious.

Science means experiment, experiment, experiment!
If there is anything Neil deGrasse Tyson and Adam Savage represent, it's the scientific method.  Their keynotes spent a bunch of time talking about this and stressing why it is important for our future.  Adam took it another step forward emphasizing that Art is Science and Science is Art, that one cannot live without the other.

A few of you may roll your eyes at this, but he has a subtle point.  The scientist cannot create a hypothesis without being creative enough to think of one.  The artist cannot find what is most pleasing to them without trying different techniques.  In my business we exercise our creativity every day - whether designing a new interface, data model, architecture, or attempting to find a solution to a bug, it's creative thought that drives.  It's the scientific method that takes a creative idea and molds it into a design pattern.  It's the computer science that optimizes its performance.

This means you have to experiment and allow your teams to experiment.  Which also means you may have to budget some padding for that experimentation time.  Scott Cook of Inuit fame encourages this behavior in his development teams.  With a business infrastructure designed around percolating the best ideas into experiments, they spend significant amounts of money/time testing ideas understanding that the end result will be a better product.  The success of TurboTax and QuickBooks speak for themselves about the potential of this type of business management.

At the end of the day, as Neil stated, we can only be a competitive nation in the 21st century if we continue to teach science and be scientific minded.

Other Details
There were several other interesting talks I sat in.  One had the first 3D-modeled live fly-through of an active human brain.  There were a few API conversations that had some tid-bits to bring back.  I'll try to wrap these up into a "miscellaneous" post.
A GIF of the 3D active brain-fly-through.
All in all - another fun & challenging SXSWi, despite the ridiculous traffic!