Cypherpunk Bitstream 0x05: Security I

<p>We <a href="https://cdn.taz0.sirion.io/cdn/cypherpunk-bitstream/episodes/CypherpunkBitstream-0x05-Security-I.mp3">talk</a> about security and the current state of the security system (police, intelligence services, and the military).</p> <h2 id="subscribe">Subscribe</h2> <ul> <li><a href="https://pca.st/5ytdtii7">Pocket Casts</a></li> <li><a href="https://open.spotify.com/show/3o97A7VYhX2lDKyktXXsBG">Spotify</a></li> <li><a href="https://www.stitcher.com/podcast/cypherpunk-bitstream">Stitcher</a></li> <li><a href="https://podcasts.apple.com/us/podcast/cypherpunk-bitstream/id1488466327">Apple Podcasts</a></li> <li><a href="https://overcast.fm/itunes1488466327/cypherpunk-bitstream">Overcast</a></li> <li><a href="https://podcasts.google.com/?feed=aHR0cHM6Ly90YXowLm9yZy9iaXRzdHJlYW0vaW5kZXgueG1s">Google Podcasts</a></li> <li><a href="https://player.fm/series/cypherpunk-bitstream">PlayerFM</a></li> <li><a href="https://www.youtube.com/c/TAZ0Transmissions">YouTube</a></li> </ul> <h2 id="show-notes">Show Notes</h2> <h3 id="what-is-security">What is security</h3> <ul> <li>00:02:05 What is security: Security VS Safety. <ul> <li>Security: unexpected events that go back to an actor,</li> <li>Safety: maintaining a status.</li> </ul> </li> <li>00:07:20 Entropy: things decay. Security is not a natural state, but must be maintained.</li> <li>00:09:10 Evil people: psychpaths, predators.</li> <li>00:09:50 Circumstances: acting irrationally.</li> <li>00:10:25 Hackers: Red Hats, joy of overcoming security systems.</li> <li>00:11:11 WASP Privilege: no exposure to threats, stuff works most of the time, no incentive to learn about security.</li> </ul> <h3 id="systems">Systems</h3> <ul> <li>00:12:29 High trust society VS low trust society: Low trust comes with high cost and less functional societies.</li> <li>00:16:16 Symptoms of societies with low trust: different environments are what make them.</li> <li>00:16:50 Universal core values of humans: self-preservation, protecting family and friends, private zones, no drama.</li> <li>00:18:05 High trust society needs maintenance, will get eroded quickly by few “bad actors”.</li> <li>00:19:05 How can you turn a low security, low trust environment into a high security, high trust environment? Parallel developments also possible: high security, low trust societies.</li> <li>00:19:40 Trust builds from history of interactions.</li> <li>00:20:13 To change, bad memories must die (social memory). See Thomas Kuhn (1962): The Structure of Scientific Revolutions</li> <li>00:22:10 Western states want to make people dependent on security (stateism) and increase state control. Thus, individuals externalize security, and state is presented as the White Knight.</li> <li>00:25:15 Are we being played/gamed/manipulated by the state and state actors?</li> <li>00:27:38 Just doing our jobs.</li> <li>00:29:50 Machiavellianism: concepts how states can work.</li> <li>00:31:20 Hegelian concepts: totalist and collectivist states and politics.</li> <li>00:33:20 Look at systemic issues.</li> </ul> <h3 id="institutions">Institutions</h3> <ul> <li>00:33:30 Inspecting institutions: 1) Police.</li> <li>00:39:00 Policemen’s selection bias: everyone is a potential criminal or at least a suspect.</li> <li>00:40:20 Documentation work of police activity by example of firing weapons.</li> <li>00:42:30 Bureaucracy can work.</li> <li>00:47:30 Police in uniform VS civilian police: both are for peace preservation.</li> <li>00:48:00 Military is directed outwards.</li> <li>00:49:00 Carl von Clausewitz: war is the extension of politics [original: war is the continuation of politics by other means].</li> <li>00:49:39 Border guards are the middle layer between military and police (control of territorial boundaries VS maintaining territorial integrity VS maintain security within the borders).</li> </ul> <h3 id="intelligence-services">Intelligence services</h3> <ul> <li>00:50:00 Intelligence services:</li> <li>Classification: Intelligence service for proper and covert action</li> <li>00:51:00 Similarities and differences to Journalism: Are intelligence services also ad-driven?</li> <li>00:51:48 Intelligence Agencies report only news that can be actionable.</li> <li>00:53:40 Domestic and Foreign Intelligence Services.</li> <li>00:54:20 Objective reporting: Not mission driven, but report driven.</li> <li>00:54:41 Two classes of intelligence services: Report requests coming out of intelligence circle, or mission driven services (Bundesverfassungsschutz, for example).</li> <li>00:56:30 FBI: police organization plus intelligence aspect.</li> <li>00:57:05 Intelligence services are about information, other services are about action.</li> <li>00:57:40 Staatsschutz and German Intelligence: police is for prevent and investigate crimes.</li> <li>00:59:05 Forensics is for police, subversive or maybe illegal actions are for intelligence work. In Germany, it’s clearly seperated; in USA, not so much.</li> <li>01:02:15 CIA: Considered as Intelligence Agency. Gather information is their mandate, not catch criminals.</li> <li>01:05:10 Sending in intelligence to change things: huge toolkit to act available.</li> <li>01:05:50 Intelligence and Military Covert Actions are not Security, but political action. However, it‘s a security issue for the other side.</li> </ul> <h3 id="international-organisations">International organisations</h3> <ul> <li>01:06:47 International Security Organizations (Europol, Interpol). No police powers, limited investigation powers.</li> <li>01:08:45 Working groups: example SIS (communicating warrants in EU).</li> <li>01:09:58 Organizations: example Le Circle (high-ranking intelligence chiefs), Munich Security Forum (conference with high-level security chiefs).</li> <li>01:15:00 Why is their image so skewed in the public? (The „Spy Story“)</li> <li>01:18:00 Rubicon Series (2010)</li> <li>01:19:25 CSI Series (2000) - all about forensic analysis of crime scenes, but in reality it‘s not the dominant part, only few questions can be answered.</li> <li>01:21:28 Playbook crime following the standard model VS outliers.</li> <li>01:22:55 Being secretive about methods means keeping the advantage from opponents: intelligence agencies VS intelligence agencies from other countries; police VS criminals.</li> <li>01:23:40 Sources 1) Scientific Fields: Criminalistics, Criminology. (Education Material for people that train police, manuals and coursework can be brought on Amazon, also check out libraries).</li> <li>01:25:34 Sources 2) Reports: Indictments, Warrants (a lot are public, depending on country). Caveat: contains successes and legal processes only.</li> <li>01:27:08 Sources 3) Private Conversation with Policemen, Investigators, Intelligence People to get a more accurate picture about their work.</li> </ul> <h3 id="public-private-partnerships">Public private partnerships</h3> <ul> <li>01:29:39 Private Security Services.</li> <li>01:30:45 Cybercrime Investigations: Takedown of Cyberpunker 2 (200 servers in a German bunker).</li> <li>01:32:25 Private Companies helping the police in Cybercrime Investigation.</li> <li>01:32:40 Analyzing digital evidence: Given to a lab from a private company. (Cyberforensics, not done by police)</li> <li>01:34:18 White-Collar Crime: Fraud, Commercial Fraud cases etc. Corporate Investigators for hire: Forensic Accountants, etc. (Police work only for special investigator power, or force powers.)</li> <li>01:37:10 Corporations can use private security services when police are bound legally (for example, in bribing), then sanatize the data and give it to the police.</li> <li>01:41:28 Informal communication lines&hellip; like in every other industry. (But with special privileges: Police, Military, Intelligence)</li> <li>01:43:04 Presumably Cardinal Richelieu: „If you give me (three, or two) six lines written by the hand of the most honest of men, I will find (seven reasons) something in them which will hang him.“, this quote might be originated by memorialist Françoise Bertraut de Motteville (1723), and was later paraphrased.</li> <li>01:44:46 Real-life cases have a lot of ambiguity going on. It‘s a work of probabilities, not a binary process.</li> <li>01:45:45 Can you cover up a crime as a non-corrupt policeman?</li> <li>01:46:50 Private Security Services exploit the ambiguity of policework (someone bringing you from outside a full case, only verification needed, negative evidence often gets lost).</li> <li>01:48:21 Political Aspect: which crimes are deemed important?</li> <li>01:49:20 Lobbying and capital power: Intellectual Property Crimes.</li> <li>01:50:44 Industry identifies perpretators and delivers them to police.</li> <li>01:50:58 Filesharing: Machine investigating and filing reports, backchanneling, automated sting operation (example, IP-Echelon).</li> <li>01:56:08 Private Agencies provide: Analysis of evidence, production of leads, investigation.</li> <li>01:56:26 Money Laundering: not based on investigative results, but on information provided by for example NGOs (example, Transparency International).</li> <li>01:59:28 Chain Analysis Companies produce risk scores for Cryptocurrency Adresses (public keys).</li> <li>02:01:05 Face recognition to identify suspects: example, Clearview AI (finding people software)</li> <li>02:02:20 Police relies on outside, unchecked influence: Private Actors (non-illegmitate).</li> </ul> <h3 id="private-intelligence">Private Intelligence</h3> <ul> <li>02:03:25 Recap of Episode: <ul> <li>What outside input is influencing the police</li> <li>Policy definition</li> <li>Intelligence field</li> </ul> </li> <li>02:04:22 Tax crimes: special investigators who actively try to find criminals.</li> <li>02:04:39 Organized Crime: preventitive task of police (dismantling organizations, Staatsschutz).</li> <li>02:05:35 Civil Disobedience: infiltration by police and private companies.</li> <li>02:07:00 Private Security: 3 categories <ul> <li>private intelligence services</li> <li>private security services</li> <li>private military contractors.</li> </ul> </li> <li>02:09:38 Private Intelligence is information gathering.</li> <li>02:09:53 Private Intelligence VS corporate espionage.</li> <li>02:11:11 First example.</li> <li>02:15:00 Why is there so much cheap spy tech for sale?</li> <li>02:19:53 Second example: credit suisse incident.</li> <li>02:21:12 Some serious health concerns for the operators and middlemen (in-betweens).</li> <li>02:24:05 Birds of a feather flock together: blurry lines of corporate, state, and private decision makers (different sides of the law).</li> <li>02:26:29 Book/Thesis: Stephan Blancke (2011): Geheimdienstliche Aktivitäten nicht-staatlicher Akteure (private intelligence activities by non-state actors)</li> <li>02:27:11 Private inflitrators, informants and agent provocateurs.</li> <li>02:28:10 Extinction rebellion and very active activists.</li> <li>02:30:30 Capture bounties.</li> <li>02:32:45 A quiet business: private infiltration intelligence services (IMSI-catchers) are often ex police, ex military etc.</li> <li>02:34:40 Sharing information services between intelligence: 4 eyes, 14 eyes.</li> <li>02:38:05 HCPP and game theory: will the cryptoanarchists ever get something done?</li> <li>02:39:00 Today’s security system is like antique byzantine, easy to understand from outside, inside not easy to understand- even for the players themselves.</li> <li>02:40:25 Ross Ulbricht and Silk Road made agents run with money&mdash;is it the only case, only in this direction?</li> <li>02:42:00 State systems’ marketing: “protect and serve” by angels? But, ACAB is also wrong.</li> <li>02:45:55 Take personal responsibility for own security.</li> </ul> <h3 id="outlook">Outlook</h3> <ul> <li>02:48:40 Developments/outlook: technologies that make globalization possible, organizational technologies, reporting and communication.</li> <li>02:50:25 Old days: reporting was sampling (today: big data, AI).</li> <li>02:51:00 New incentive structures: financial markets. Old: financial markets were not global, slow. Today: Global financial markets mean indirect profit from activities like war, markets can be complex, distributed, longer reach.</li> <li>02:52:50 Even dumb criminals can use smart technologies (Dropgangs).</li> <li>02:54:00 The mastermind/ intelligent criminals VS random criminals: attribution becomes problematic (witness problem, no review pointers).</li> <li>02:57:24 Book: Evan Ratliff (2019): The Mastermind. Drugs. Empire. Murder. Betrayal. (Paul LeRoux)</li> </ul> <h3 id="wrap-up">Wrap up</h3> <ul> <li>03:00:59 Donation Report</li> </ul> <h2 id="reading-recommendations">Reading Recommendations</h2> <ul> <li>Thomas Kuhn (1962): The Structure of Scientific Revolutions</li> <li>Machiavelli</li> <li>Hegel</li> <li>Carl von Clausewitz</li> <li>Rubicon Series (2010)</li> <li>Stephan Blancke (2011): Geheimdienstliche Aktivitäten nicht-staatlicher Akteure (private intelligence activities by non-state actors)</li> <li>Evan Ratliff (2019): The Mastermind. Drugs. Empire. Murder. Betrayal. (Paul LeRoux)</li> </ul> <h2 id="discuss">Discuss</h2> <p>We&rsquo;re on <a href="https://bbs.anarplex.net/">bbs.anarplex.net</a> with our own board to discuss!</p> <h2 id="hosts">Hosts</h2> <ul> <li><a href="https://opaque.link">Smuggler</a> (<a href="https://twitter.com/TheRealSmuggler">Twitter</a>)</li> <li><a href="https://frankbraun.org">Frank Braun</a> (<a href="https://twitter.com/thefrankbraun">Twitter</a>)</li> </ul> <h2 id="contact">Contact</h2> <ul> <li>Email: <a href="mailto:[email protected]">[email protected]</a></li> <li>PGP fingerprint: <code>1C4A EFDB 8783 6614 C54D E230 2500 7933 D85F 2119</code> (<a href="../../key/bitstream.asc">key</a>)</li> </ul> <h2 id="snail-mail">Snail mail</h2> <pre tabindex="0"><code>Bitstream Scanbox #06965 Ehrenbergstr. 16a 10245 Berlin Germany </code></pre><p>Please send us feedback letters, postcards, and interesting books. You can also send us your dirty fiat by cash in the mail! We take <em>all</em> currencies.</p> <h2 id="support">Support</h2> <p>Please support Cypherpunk Bitstream by donating to:</p> <p><strong>Bitcoin</strong>: <a href="bitcoin://38mzCtXHjgq6RusYQsFy2TQiLvLK7vN5JF"><code>38mzCtXHjgq6RusYQsFy2TQiLvLK7vN5JF</code></a> (also via <a href="https://coinos.io/cypherpunkbitstream">lightning network</a>)</p> <p><strong>Bitcoin Cash</strong>: <a href="bitcoincash://qrpwhtsag0u4rnuam9a5vwmqnly96znas5f5txjc35"><code>qrpwhtsag0u4rnuam9a5vwmqnly96znas5f5txjc35</code></a></p> <p><strong>Decred</strong>: <a href="decred://Dsi9j7SdwZrHtCfUmxTNgpVGx2YAboZc7ve"><code>Dsi9j7SdwZrHtCfUmxTNgpVGx2YAboZc7ve</code></a></p> <p><strong>Monero</strong>: <a href="monero://87UPx5sBS6g6wTvyRqqSMfFM6DzfHCPtFE25VC62vfohZVv4RRNcwif1XAPWTF27U1BKZEsrEXzDr6bMnGoTcThATvamE73"><code>87UPx5sBS6g6wTvyRqqSMfFM6DzfHCPtFE25VC62vfohZVv4RRNcwif1XAPWTF27U1BKZEsrEXzDr6bMnGoTcThATvamE73</code></a></p> <p><strong>NEAR</strong>: <a href="near://bitstream.near"><code>bitstream.near</code></a></p> <p><strong>Zcash</strong>: <a href="zcash://t1ewcXqQ9Uog5gMYjeeV46WiWB5j2SwD9Sv"><code>t1ewcXqQ9Uog5gMYjeeV46WiWB5j2SwD9Sv</code></a></p>