this space intentionally left blank

June 17, 2009

Filed under: politics»the_new_protest

Unity Is the Problem

There's been a cycle between client-server and peer-to-peer as long as there have been computers. We've been stuck in the former for a while now, as AJAX and web browsers became the new "thin clients." Opera's newly-announced Unite technology is a hint that we might be swinging back: it embeds a JavaScriptable web server into the browser, turning the thin client into a server as well. Opera hopes this'll be a return to the ideals of a decentralized, peer-to-peer web. I don't know personally if they'll be the ones to do it--we're talking about a company with an x86 market share that's practically a rounding error outside of Europe--but I think it's an exciting move in the right direction. Mostly.

Granted, Opera's not the first company to try this. They're not even the first Scandinavians to do it: I wrote a while back about Nokia's Mobile Web Server, which does something very similar using a dynamic DNS service and ports of Apache and Python to S60. It's kind of funny, actually: even when I wrote that post, I thought a lot of the applications I proposed--data collection apps, location-aware multimedia blogs, peer-to-peer REST APIs--might be a little far-fetched. Now you could practically drop my post into Opera's Unite pitch without changing anything other than the brand names. It'd blend right in.

Given my interest in digital activism, the first thing that came to mind was the usefulness of this technology for dissidents. Sadly, Unite suffers from the same problems as most Web 2.0 communication technologies: its idea of decentralization, isn't. In repressive environments, that makes it potentially vulnerable.

Opera claims that Unite is decentralized--and it is, to a certain degree. In theory it moves user data away from repositories like Facebook and Flickr, and leaves them on your individual machine. But in reality, Unite simply moves the centralization into the network channel itself. Despite the claim of creating an "interpersonal web," the service doesn't actually connect users to each other directly. Instead, to handle the problem of addressing dynamic servers, as well as providing some degree of security, all Unite traffic goes through Opera's proxy servers and is routed to its actual destination.

Having a proxy server, of course, is not a bad idea. For activists it might even make a lot of sense: it adds a layer of obfuscation, and means that the data server can't immediately be physically located via its IP address. And Opera has a lot of experience in proxy technology: its Java-based Opera Mini browser provides a fantastic web experience on resource-constrained devices by running page requests through a proxy that compresses them. I don't use it for anything secure, but it's astonishing how much faster it is for basic reading compared to a full Webkit mobile client. Opera probably also has a way to monetize the Unite accounts required to use its service, and which serve as the subdomains for users.

In a repressive environment, however, this strategy is disastrous. Take China, for example: you may have heard that a few weeks ago, on the anniversary of the Tiananmen protests, China simply shut down Twitter, Facebook, YouTube, Flickr, and a number of other social networking tools. For all its talk of decentralization, Opera Unite could be shut down just as easily, simply by blocking access to unite.opera.com. Suddenly that "interpersonal" web collapses. Likewise, if anything goes wrong--or if Opera caved to governmental demands--any traffic moving between Unite servers through their proxy would be vulnerable. So much for security.

Granted, not every regime is as competent--or as concerned--as China when it comes to ICT. We're all aware of how Twitter (among others) has become a part of communication in and out of Iran. Why hasn't it been shut down? As Evgeny Morozov argues, it may simply be a matter of priorities: when you've got real riots in the streets, riots on a microblog service probably seem relatively inconsequential--probably are relatively inconsequential, being more useful for publicizing protests than for actually organizing them. My cynical side also notes that (if they've thought about it this far) Iranian authorities may see an advantage in allowing the rest of the world to see this as a dramatic electoral struggle, rather than merely a dispute between two Shah-chosen figureheads--but then I know nothing about Iran, and you should certainly take my opinion with a ton of salt.

Despite my doubts, I think a Unite-ish system could be very useful for activists if combined with a user-run proxy system. It makes information dissemination flexible, simple, and mobile: as easy as sitting down near a wireless hotspot and opening up a browser. Adding some kind of discovery mechanism for the proxy--maybe via a distributed, browser-based darknet--or a process for spamming its location to blogs/e-mail/messaging when online would make this a powerful way for activists to share their data without giving up ownership to a third party. There's no reason Opera themselves couldn't lead the way on this, based on what they've done with Unite so far--but it looks unlikely.

March 9, 2009

Filed under: politics»the_new_protest

Good Reads

I keep adding "New Protest" feeds to my reader, in the hopes of eventually studying the topic for a graduate degree. Here's a few of the interesting blogs on the topic that I've found lately, although the list is always growing.

  • Afrigadget: Covers all kinds of inventions and clever hacks across Africa.
  • Afromusing: Juliana Rotich is a Kenyan working for Ushahidi who writes about tech, conflict, and environmental issues.
  • Daily EM: Notes on censorship, cyberwar, and open society from Evgeny Morozov.
  • Global Guerrillas: I still think John Robb may be slightly crazy, but it's usually interesting reading. Stay away from the comments.
  • International Values and Communications Technologies: A blog by the Yahoo! Fellows at Georgetown. Ranges from development to protest to censorship.
  • ICT for Peacebuilding: Sanjana Hattotuwa comments on conflict management and organizing, often focusing on Sri Lanka.
  • iRevolution: Graduate student Patrick Meier studies conflict and ICT at Tufts University. He's working on a dissertation on the impact of information technology under authoritarian governments.
  • Magical Nihilism: Ex-Nokia designer and futurist Matt Jones.
  • MobileActive: "A resource for activists using mobile technology worldwide."
  • Open the Future: Worldchanging's Jamais Cascio.
  • RConversation: Rebecca MacKinnon is an Open Society Fellow and former CNN journalist who focuses on China's Internet censorship, and the ways that activists attempt to circumvent it.
  • Smart Mobs: From the book of the same name.

February 20, 2009

Filed under: politics»the_new_protest

Bay Leaves

Pirate Bay Testimony knock-knock jokes probably aren't going to catch on:

Knock knock!

Who's there?

The Pirate Bay.

The Pirate Bay who?

We don't know!

If you don't get it, well, that's kind of the point. Ars reports that the Pirate Bay's legal strategy has taken a turn for the bizarre: when questioned about who owns the site, whose name is on the contracts, and who wrote their public material--in short, who bears the responsibility for the all those torrents--they basically insisted that the answer is "nobody."
The prosecutor kept trying to pin [Pirate Bay staffer Gottfrid Warg] down on who ran the site, how it was organized, and who paid for (and received the revenue from) site operations. Warg kept insisting that the project wasn't a "top-down" business, but that interested users volunteered time and effort to make different pieces of it work. The prosecution appeared not to believe this and continued asking questions to tease out the relationships between everyone involved. Warg continued to insist it was a "loose project"--even the moderators who took down material that didn't match its stated description were volunteers.
Now, like the prosecution, you may believe that the defendents are lying. After all, it's not like they've shown any other signs of taking the trial seriously, treating it instead as a combination of publicity stunt and performance art. But the fascinating possibility--one that has intriguing implications for social movements--is that they're not lying at all. It's entirely possible that their site really isn't "run" by any particular people in the sense that we normally think of the word. And far from being a weakness, this is a tremendous advantage for them.

It's not a coincidence that The Pirate Bay's raison d'etre, BitTorrent, gets its power from massive, distributed parallelism. From Google's Map/Reduce (which splits enormous tasks across equally enormous datacenters), to the multi-core processors that have become commonplace, to BitTorrent's use of "seeds" to spread files across networks, parallelism is one of the biggest advances in computer technology for the last five years. I'd argue that it also carries similar implications for social movements.

Start with the basic idea of organizational decentralization and open-source organizing. Could an operation like The Pirate Bay be run without central leadership, as the defendents insist is the case? Absolutely. For a digital community, moderation and management can certainly be split into a set of distributed actions, carried out by autonomous actors that coordinate via software and modern communication tools. That's one of the secrets behind the Obama political effort: instead of directing all efforts from the top down, it granted a high degree of autonomy and initiative to middle levels of the organization, and reserved the upper layers for support and communication--tasks that were, whenever possible, automated. It wouldn't be hard to design or cobble together a simple system for distributed, consensus-based decision-making. At that point, who's responsible for the movement? In a sense, everybody is. In another, as Pirate Bay staff claim, nobody is.

The decentralization of (nonviolent) social movements is not a new idea, but in the distribution of agency we begin to see how it creates an asymmetrical approach that gives the authorities fits. The prosecution in the Pirate Bay case has found themselves frustrated when their targets stand up and engage the legal system on terms prosecutors can understand. It's unlikely that this is a sound legal strategy for the defendants, but then civil disobedience rarely relies on legal reasoning. Nonviolent tactics are inherently based around the idea that it's foolish to engage the opponent where he is strongest (i.e., through violence and forceful coercion). Distributed parallelism extends this idea further into the political sphere, by removing the known pressure points that authorities might normally use to control organizations.

Consider: if a social movement has leaders, they can be discredited, bribed, jailed, or otherwise influenced. But if (from the perspective of the authorities) it doesn't have any, there's no weak place to apply power against the movement. If it has a structure, that structure can be disrupted at its links--but if each member is a peer in the network (and, to borrow BitTorrent jargon again, they're capable of seeding new political action), then each one has to be disrupted individually. In addition to its value as international legal comedy, this is clearly a powerful development in social movements, one that's made possible by new networking innovations.

Even in organizations that retain a central leadership structure, the advantages of distributed action are hard to deny. Consider a movement that has its own version of Amazon's Mechanical Turk service, which provides a marketplace for piecework. If the movement can break even just a few menial tasks (call lists, processing organizational data, collecting data) into bite-sized parts and pass those out to volunteers, it not only frees up staff for more creative tasks, but it gives a large number of people a chance to work for--and identify with--the organization. Since movements derive their force from the sympathetic bodies that they're capable of motivating, that identification, however slight, is a powerful thing.

Undoubtedly, there are also potential drawbacks to the distributed approach. The most obvious of these is the difficulty of forming and maintaining consensus--how does the movement bargain? How does it develop a plan of action? When does it decide to stop? If anything, I suspect that these are problems that arise from "too much of a good thing": what activist wouldn't want to be faced with the challenge of directing a massive, widely-spread, perpetually-restless populace? Besides, the problems of coalition-building have always been at the heart of political action (it makes up a significant portion of Randy Shaw's Activist's Handbook, for example). Ironically, one scenario for distributed activism comes from fourth-generation warfare theorist John Robb, who has written about what he calls "open-source warfare," or a network of insurgent groups that work separately but coordinate effectively when their goals align (I must note that I see 4GW theory, with its emphasis on asymmetric conflict and bottom-up organization, as armed conflict finally catching up to nonviolent political theory). In this model, it's true that coalitions are transient--but they form with dizzying rapidity when a common goal is found.

In short, there's tremendous power in applying distributed parallelism and decentralization to social movements, and not just as a fanciful legal strategy. We're just starting to see the potential applications of this kind of organizing model. Although the Pirate Bay defendants seem to have hit on their courtroom gambit as a media ploy, there's no reason we have to treat it as a joke.

January 22, 2009

Filed under: politics»the_new_protest

Protest and the Distribution Problem

Let's say you're part of a social movement in an authoritarian country. You're not even a leader--just a participant, albeit an empowered and adaptable example (perhaps your movement doesn't even really have leaders, per se, as many spontaneous protests don't). It's in your best interest, as well as the best interest of your organization, that you be able to communicate quickly and effectively with other members, probably using some kind of moderated broadcast network. Normally, you'd use one of many Internet services--Twitter, e-mail, blogging, etc. But of course, living in an authoritarian regime, it's not that simple.

It's not that you need to use a channel for confidential communication, since if you've read your Gene Sharp you know that excessive secrecy is as much a liability as an advantage. And you don't need it to be capable of high-bandwidth miracles: reliability and technical compatibility are more important than rich audio and video or message length. What you do need is complete decentralization. And that's the rub, because I can't find any software solution to that particular problem.

Decentralization is important because centralized resources are vulnerable. They can be censored (see: China), hacked, or hit with denial-of-service attacks (see: the takedown of Estonian and Georgian government sites). A dissident under authoritarian rule can't count on services vulnerable to these attacks--they can't even necessarily count on the infrastructure on which those services are based, since it's likely controlled by the authorities as well and could be targeted or cut off completely (see: Burma's disruption of all Internet access in 2007, or China's ability to censor SMS messages based on content).

Barring the total collapse of the underlying infrastructure (but not excluding scenarios in which it is heavily filtered or isolated), what's needed is effectively a peer-to-peer network. This is not, unfortunately, something on which web trailblazers have been concentrating. After all, the advantages of Web 2.0 have been fueled in part by centralization (at least from the point of view of the client). Google may be massively decentralized on its backend through the application of map/reduce programming, but the front end is useful to people because of the data shared across *.google.com. Break the connection to that domain, and we don't just lose GMail: there goes all the remotely-invoked JavaScript, code mashups, and programs built on Google Apps. That's a lot riding on a relatively simple point of failure, which would be better served by moving to the edge and using lots of redundant mirrors. Indeed, this is exactly what Chinese dissent bloggers have been forced to do.

Take a less extreme example: e-mail and IM. E-mail is not what we would typically think of as "centralized." Anyone can set up a mail server, or rent one, instead of using the big webmail providers. And all of those servers can talk to each other. But in the end, they're a client-server relationship that usually has to remain stable over time if they're to be of any real use--i.e., people can't just change e-mail addresses constantly, leaving them vulnerable to attack on the hosting server. Even if they did change addresses regularly, perhaps using a mailing list to maintain connections, it only moves the vulnerability to the mailing list. There's an implicit assumption that something is going to act as the coordinating hub--an assumption shared by even the most decentralized IM network, Jabber (or its federated microblogging counterpart, laconi.ca). It takes more effort to shut down or censor a multi-server network, as opposed to one sitting under a single domain. But it's not an impossible task by any stretch of the imagination.

What you, our anti-authoritarian dissident, might find really useful is a kind of ad-hoc mesh network--one that discovers nodes nearby and synchronizes to the latest data available. It doesn't have a central server. There's no addresses or domains that could be shut down. Some networks like this do, in fact, exist: Gnutella can be run as a strictly peer-to-peer setup, and BitTorrent has support for a trackerless system using distributed hash tables. We'd have to solve problems of reliability and speed, but at least it's a lot harder to shut this down.

But wait: haven't we just moved the problem around again? Now we have a peer-to-peer channel for transferring information without relying on vulnerable central transfer points, but now we have to make sure that the information itself isn't being altered or tampered with as it makes its way across the mesh. Maybe we could sign messages with an encryption key, so that their author can be verified. Better hope that the private key never falls into the wrong hands--and how do you get the public key out to people in the first place? Any given security solution is only as good as its weakest link--and the weakest link in social movements, I think, is never the communication channel itself, but the people who run it.

There are probably lots of other issues undermining the idea. I'm not a security expert, and already this is seems like an increasingly complex problem. When faced with a technological spiral like this, I sometimes find that the solution is to step back and rethink the problem itself--especially since this solution is probably way too complicated for typical users restricted by technical know-how and budget.

I'm reminded instead of a post at Perspective 2.0 that imagines the process of writing physical letters as an adjunct to information technology--another layer in the protocol, so to speak. It's easy to get captured by the glowing promise of ICT in democratic societies, and from there spin off into a dreamworld where protesters coordinate over an open-source Twitter clone via their smartphones, but that's just not realistic (or possibly even desirable). But the lessons of organizational communication are conceptual: they can often be back-ported to other, less-efficient media. So maybe the question isn't how to bring social protest to the Net, it's how to bring the Net's security innovations (including decentralization and peer-to-peer communication) and bring those over to the movement.

July 15, 2008

Filed under: politics»the_new_protest»nonviolence

Moon Festival

From The Methods of Nonviolent Action by Gene Sharp, quoting from Edmund Stevens (1967):

...each morning an entire platoon of Chinese soldiers would march out on the ice and lowering their trousers train their buttocks towards the Soviet side, the ultimate in Chinese insults. This exercise continued until one morning just as the Chinese assumed their positions the Russians set up large portraits of Mao facing in their direction. The Chinese hastily covered themselves and retired in confusion. There were no repetitions.
Sharp includes this under discussion of nonviolent method #30: rude gestures.

June 11, 2008

Filed under: politics»the_new_protest

Simple Sabotage

This declassified 1944 manual on sabotage (via the Joho Blog) is filled with awesomeness, particularly in the parts that have to do with political defiance instead of just smashing machines:

(9) When training new workers, give incomplete or misleading instructions.

(10) To lower morale and with it, production, be pleasant to inefficient workers; give them undeserved promotions. Discriminate against efficient workers; complain unjustly about their work.

(11.) Hold conferences when there is more critical work to be done.

I'm pretty sure that they've handed this out at several past employers, perhaps retitling it "Management 101."

(i) Cry and sob hysterically at every occasion, especially when confronted by government clerks.

My next visit to the DMV is going to be the best ever.

May 29, 2008

Filed under: politics»the_new_protest

Where They Cut

In our technology story arc meetings at CQ, we've tried to find ways of looking at the direction of ICT, particularly for hotspots like open access or network neutrality--so for example, maybe you look at it as "new vs. old business" or "content providers vs. network providers." A frame that I've found particularly helpful is to look at these controversies as two basic philosophies: software people and hardware people.

Software people are Google, Microsoft, NBC, etc. They want to sell you information, with or without DRM, but when push comes to shove they are probably more likely to say that information should be "free." They only care about the network insofar as it can move content. On the other side are the hardware people, like Comcast or Verizon. The hardware people want to sell you physical objects, or hook you up to physical networks, through which you will be connected to content at the hardware provider's whim--and when push comes to shove, they will prioritize the health and performance of the network (such as it is, in the case of US broadband) over the intangible information inside it.

These aren't hard and fast categories--some hardware people want to be software people, and vice versa--but it helps me, at least. It applies the old question of "What would you rescue from a burning house?" to the actors in this drama: would they save the content? Or will they save the pipes?

If you're a dissenting voice using new media, I suspect the question is similar, but it's not about what they'll save. It asks "where will they cut?" Ultimately, that's the bottom line.

Clay Shirky's Here Comes Everybody offers an intriguing glimpse of Internet-enabled political protest, with examples of flash mobs in Belarus and twitter-enabled dissidents. It also explores, to some extent, the possibility that police or counter-movements can eavesdrop or disrupt (through firewalls and censorship) those tools. These are the software problems.

In 2005, Nepal's president took power, cutting off phone lines and Internet connections as he did so to silence and disorient dissenters. In 2007, during a vicious crackdown on protestors, the Burmese government shut down all Internet traffic for several days and did not fully restore it (for certain values of "restore" that include censorship and firewalling) for almost two weeks.

Those are the hardware problems. All the proxy servers and chat rooms in the world won't help when the phones are turned off. It's something I want to keep in mind while I'm looking up cool examples of technology and political/social movements: above all, when the movement becomes too much of a nuisance to the powers that be, where will they choose to cut it off? Ignorance of this point is a profound failure of the rhetorical strategy.

Future - Present - Past