Privacy (by alaric)

I have a looser attitude towards privacy than most people, but I have began to reconsider that lately.

Generally, I believed (and still do) that anything I do in public is pretty much exempt from privacy. I have no privacy objection to pervasive CCTV, because if I do anything in a public place, somebody could be watching me anyway. The fact that my enemies can now just consult massive archives of CCTV to find me rather than having to get somebody to follow me around isn't, in my view, a huge deal. Indeed, I quite like the idea of sousveillance, having my own recording of what happens around me. It might be inappropriate to be doing that in circumstances that the people around me consider "private", so I'd turn it off for their comfort when it seemed right to do so, but I would still assume that anything I do in the presence of other people is basically recorded to some extent - after all, it's in their memory, at least!

Likewise with monitoring my network traffic at my ISP; I have never had any illusion of privacy there. I encrypt traffic that matters, and accept that the existence and destination/origin of encrypted traffic might be used by my enemies for traffic analysis.

So, I didn't really have any objections to mass surveillance; I had far more objection to the facts that encryption is far from ubiquitous and that information security is not taught in schools. My feeling was that if I can't stop an enemy that doesn't abide by the law (eg, organised criminals) from performing traffic analysis on me, then I can't assume it's private; I can stop them reading my stuff or impersonating me by using public key cryptography, so as long as the law doesn't hinder that, I'm content.

As such, I always wished that Web browsers would just include some kind of unique user ID in the headers, ideally backing it up with a public-key signature of the entire HTTP request. Then we could dispense with session cookies, logins, and even things like OpenID; we'd just authenticate to our browser by supplying the keypair in some browser-dependent way, and then head out onto the secure-single-sign-on Web. There's no loss in privacy compared to the current status quo that people are happy to identify themselves to web sites with email addresses, but it'd be a whole lot simpler for users and for developers. And so that, basically, is the security model I developed for ARGON.

However, I am starting to change my mind.

I've always felt that the "hole" in my approach to privacy was that it depended on my own knowledge of security and my enlightened use of encryption; I wanted sufficient education to bring everyone to that level. Encryption tools are generally a bit clunky, but if more people wanted to use them, that would create demand for better tools (or, more pertinently, better integration into the tools they already use). I felt that if we could just get people to encrypt and sign their communications, and encrypt their storage, and use Tor for things where the cost is worth the protection against traffic analysis, everything would be fine.

However, what has made me start to change my mind is the move towards storing one's data on third-party servers. By which I mean, living your life through Facebook, or letting Google store your email and your documents. People are moving away from having a computer full of their stuff, and communicating semi-directly with their peer's computers, towards letting third parties hold all their stuff. Often third parties they don't pay money to and are in no contract with, so they have little or no leverage over.

It's easy to say that educating people in computer security would make them realise that's a bad idea, but I use many of these services despite not trusting them one bit; I do it because network effects force me to. I could run my own StatusNet server on my own hardware, but instead I use Twitter in order to make it easy for people to communicate with me. I use Facebook because it's the easiest way to keep up with my many peers that do, and sometimes because I am forced to; an organisation I am a member of uses a Facebook group for important announcements. Many people do not publish an email address, but instead require me to contact them through various third-party services.

In effect, we are being forced to hand our information to third parties, and to trust them with it. Variations on these services that store your information on hardware you control exist; variations on those services where you actually pay a service provider to store it on their hardware (in exchange for them looking after maintenance, amortizing up-front costs, and so on for you, and where they are more incentivised to keep your stuff secure so you trust them than to try and find ways to make money out of it) also exist.

But they are not popular, as the big "free" providers have the vast majority of the users, and the value of these services is in all your peers already being on them. Now that worries me.

I'd really like to see more push-back against this. If enough people used decentralised software like Diaspora or ran their own mail systems, then the network effects would benefit those, rather than centralised commercial outfits. Clearly, some large incentive needs to be found to push people over, and an unpleasant transition period where everyone needs to be on both. Eventually, organisations like Facebook, Twitter and Google would find themselves forced to interoperate with the decentralised protocol or lose their place in the market, and then would find themselves having to compete on points such as "privacy" when the same ease-of-use and functionality can be had elsewhere for little cost.

But, we need technical measures as well. Build sensible public-key infrastructure into the core of applications (including Web browsers). Ditch cookies, and replace them with explicit authentication: provide a system of public-key-signing HTTP requests as I suggest, but turn it off by default, and force web servers to request it with a status code, as is already done for HTTP authentication (not that that is used for web applications, alas). Let browsers seamlessly support multiple identities, and when a web site requests identification, let the user choose which identity to use; and then colour the border of the Web page according to the identity in use so they don't forget. And while providing identity management through that (controlled) mechanism, try as hard as possible to remove all other means of identification - don't send headers leaking lots of information about the user-agent and its capabilities and settings, and disallow Javascript from querying that sort of thing. Bundle Tor with browsers, so it can be turned on and off with the click of a button, as part of the "private browsing mode" found in many browsers.

I still don't think there's much point in trying to fix this with making information gathering and retention illegal (the recent PRISM scandals suggest that legitimate authorities will find ways to work around limitations on their information gathering, and organised criminals simply won't give a damn anyway); we need better technology that makes us anonymous by default and pseudonymous when we want to be. But there may be some value in legislation helping to break the stranglehold on the social software market held by big centralised organisations!

I'm updating the ARGON security model to work like this (not that that makes a difference to the Real World, mind...)

Gender (by alaric)

A friend on Twitter opined:

hey i am really confused abt my gender right now but not in a bad way i guess

— Budget Skeleton Arm (@corpsehands) July 17, 2013

Ahhh, gender; it's an interesting topic, and one I've felt like blabbering about for a while, so this seems like a good opportunity to do so!

There's a whole academic field of gender studies, and to start with, let me make this clear: I've never studied any of it. This blog post is purely my own thoughts on the matter, based on my own personal experience. I've not even read that Wikipedia page! So my amazing insights will probably just be a tiny subset of the corpus of knowledge held by proper gender academics. On the other hand, I am hoping that therefore my thoughts will be more accessible to normal people.

As I see it, gender is almost entirely a social concept, like "democracy" and "fashion".

Don't get me wrong, I have a penis, don't have significant breasts, have a deepish voice and get lots of stiff facial hair; I've fathered children; I'm undoubtedly biologically male (although I haven't had my chromosomes checked).

And I'm lucky in that I don't mind that. Some people feel very wrong in their bodies, and suffer greatly with the feeling of "being trapped in the wrong body". I sometimes feel something similar about the fact that I'm blind in my left eye (so, medical advances aside, will never know what it's like to perceive depth directly, and will always be rather poor at catching thrown objects), so I can relate somewhat to that being very unpleasant. Luckily, it's possible to have surgery to swap the bits around, which provides great relief; however, complications remain further up the stack - full legal recognition of a change in gender can be hard to obtain.

Anyway, being happy with my body's gender means I get to call myself a "cisgender male".

I'm not sure if I'd feel uncomfortable in a female body; my first thought is that it would probably be quite interesting. I'm honestly not certain if I'm not uncomfortable in my male body because I'm inherently male inside, or because I'm just easy-going about it. Perhaps if medical technology advances to the point where sex changes can be had on a whim and easily reversed later, I'll give it a try.

But there's more to being male than just having a willy. I'm also romantically and sexually attracted to women (It's handy that I'm consistent in both kinds of attraction; is this always the case? Do some people fall in love with members of one sex, but not want to have sex with them, and instead have sex with members of the other sex?). So I also get to call myself a "heterosexual cisgender male" (I'm white, able-bodied and educated, too; thanks for asking!).

And that, pretty much, is my actual gender.

However, I live in a society with a whole load of stereotypical ideas about other attributes I'm supposed to have because of the above. And, pretty much, I reject them all.

Yes, I'm a nerd; I like computers and maths and science fiction and engineering and metalwork. These are stereotypically male pursuits, but that's not why I like them; I'm just fortunate to have a bunch of interests that society doesn't consider wrong for my gender. My interest in making things extends to cooking, crochet, and sewing, as well, which are stereotypically female pursuits; but apart from the technical details, I don't see any fundamental difference between those fields and my other interests that should justify a gender divide. Cooking is largely applied chemistry combined with some construction skills. Sewing and crochet are just another means of making objects from materials, another technique alongside other such as casting metal or routing wood.

Society also says that, as a heterosexual male, I mustn't be affectionate with other men, and certainly not have sex with them. Well, I'm quite an affectionate person at heart, and I'll gladly hug whoever wants me to (one of the best things about having gay friends is that they'll warmly hug me without worrying that it "makes them gay"). And I'm not excited by the thought of sex with men, but that doesn't mean it repulses me, either; if a horny male male-fancying friend asked me to Do Them A Favour I'd give it a go, and I'd be rather intrigued to see what it was like. No big deal. I'm certainly not afraid that it would "make me gay".

Society certainly has ideas about how it's acceptable for me to dress. Although, in my society, it seems to be perfectly fine for females to dress just like males (perhaps with the exceptions of formal garb such as top hats and tails), the opposite is considered rather unusual; I'm not allowed to wear dresses and lipstick. Thankfully, I don't like make-up much (on myself or on others) so that doesn't bother me much, but I find being told I'm not allowed to wear a dress a bit annoying. I've no interest in the rather unpractical "pretty female clothing" that actual transvestites might want to wear, thankfully (as that would put me in opposition to society's expectations, which can be awkward), but I do hanker for a kilt. And when I get one, I'll wear it, even though it will attract occasional ridicule, because I'm not easily cowed.

More subtly, society seems to think that, as a male, I should generally be dominant and take charge of things. I quite like taking charge of things, but that's because I enjoy the challenge of problem-solving and helping a team of people to work together towards a common goal; it doesn't seem to involve my penis at all (although... it might be interesting if it did). I'm not particularly dominant, though; I think that the "macho" male stereotype of always being in charge and never "letting anyone push you around" is really just borne of insecurity, that to respect somebody's leadership is to "admit to being weaker than them". The strongest shouldn't be in charge. In general, the strongest should be out there doing stuff, while those better suited to planning are in charge. There is no shame in either position.

My daughter find this frustrating, too. She often complains that people tell her some things are "boy's things" and some things are "girl's things", which she finds limiting. She introduces herself to people as a "tomboy" as this justifies her being interested in both. When she seems concerned about people saying she can't do something because it's "for boys", I often ask her this simple (and tension-releasingly-amusing to a seven-year-old) litmus test question: "Ok, do you actually need a willy to do this thing/play with this toy?", and the answer is almost certainly going to be no.

So, what of my twitter-friend feeling confused about their gender?

I don't know exactly what they are going through. They look female in pictures, and have occasionally expressed a weak preference for a more masculine identity, but have generally spoken of gender non-comformity and confusion, so I'm going to hedge my bets and stick to the gender-neutral pronouns "them", "they", "their", etc for this blog post (and if they ask me to refer to them with any given set of pronouns, I will endeavor to do so (although the pedant in me would like to add that I restrict this offer to pronouns that (a) can fit into tweets and (b) only use characters on my keyboard and (c) do not break any local or international laws)).

But I have a suspicion that being confused about ones' gender is probably a consequence of social pressure. I've worked hard to reject the social pressures on me, and have concluded that I'm a heterosexual cisgender male, but I've also found that that's quite a "weak" alignment; it's not a huge part of me, it doesn't really define much about me that matters to people who aren't trying to have sex with me, and I don't see it as excluding me from anything.

However, I think that if I took the social stereotypes and stigma to heart, I might find myself a bit confused about why I don't seem to feel strongly about them in my own right. I might then "worry" that I was secretly gay or bisexual (as society would like to tell me that this is at least slightly wrong). However, even if I was a homosexual cisgender male, there's a stereotype for that in society that is now largely accepted (if still rather second-class), so if I was that way inclined, at least I'd see myself conforming to a standardised place in society.

But if I really didn't fit into any of the Standard Places, and I took society's expectations seriously, I can imagine myself feeling pretty confused. I can imagine myself thinking or feeling something along the lines of "I have observable trait A, which means I should also have trait B, but I don't. So what am I?".

And so, on the assumption that this is the problem facing them, I would encourage my confused twitter-friend to see if they can separate their own model of themselves - based PURELY upon objectively observing their own feelings and body - from social stereotypes. Find out who you are, and only once you're sure about that, worry about where you fit into social expectations of gender. And try to keep the worrying down because, really, it doesn't matter that much. Unfortunately, life can be awkward for people who buck social expectations; I hug male friends (and hope to wear a kilt) knowing that this will sometimes attract negative comments, because I can do so from a position of otherwise being secure in my life; indeed, to some people, the content of this blog post alone will mark me as INCURABLY FILTHY GAY. Somebody who is struggling to get by, and who faces a real risk of violence or other abuse if their community fails to accept them, may well have to wear masks for more of the day than I do. This is bad, and needs fixing, but we'll have to live with it for now.

But this is starting to lead towards a later tweet in the conversation that ensued:

@endofthepath ha oh god no i can't find anyone weird enough for me.

— Budget Skeleton Arm (@corpsehands) July 17, 2013

(in which they are suggesting that nobody will enter into a relationship with them).

NO. No no no. Dear God, no. I only know them from what they say on Twitter (although, to be fair, that is rather a lot), but the pictures they post of themselves look quite fanciable to my tastes, and the things they say have generally made me like and respect them; if I wasn't married and on a different continent and all that, I'd certainly like to ask them out (I probably wouldn't, but that's just because I'm stupidly shy about that sort of thing, alas...). Their "weird"ness, to me, comes across as "not being a boring conformist". And there's something I admire about somebody who has undergone the stress of realising that they "don't fit", but not let it destroy them - they come out stronger, and with a deeper understanding of reality. I'd definitely hug them if we met and they seemed to like that idea (regardless of what gender they looked on the outside, or felt like inside). To me, what they see as "weird" is attractive.

However, I understand they live in a rather conservative Christian community. This feeds my suspicion that the source of their confusion is, at least partly, having a strong conformist social expectation model shoved down their throat at every turn; and it also leads me to suspect that they feel very, very, alone in "being different", which is sad, and "locally true" in their community, but unrepresentative of the sheer breadth and depth of humanity out there in the larger world.

And so, I wish them luck in escaping the confines of their community, be it physically, or purely emotionally.

See also: wise words on "labels"

2019 UPDATE

I've decided to come back to this post and edit it. Not that I've changed in any way, but because I've learnt more about gender thanks to more trans people coming out and talking about their experiences, which has had two consequences:

1. A better description of me would be something along the lines of "agender heterosexual cissexual-male"; I don't have an innate feeling of gender, I have male sexual characteristics and don't feel any dysphoria about them (although I don't feel any euphoria about them either, it means no more to me than eye colour), and I'm attracted to people with female sexual characteristics (regardless of their gender).

2. When I wrote that, out trans people were a rarity in my circles, but it turns out this was because they were all closeted. That's changing now and lots are coming out, and talking of their feelings of having gender that doesn't match their sex! Now, when I wrote the above, I thought that gender was a purely social construct that I found mildly annoying because society's expectations of me only loosely fitted me, and trans people were people who happened to find it VERY annoying because society's expactations strongly didn't fit them. But statistically significant numbers of trans people reporting a feeling of innate gender can't be a coincidence; it must be a thing for at least some people.

That means I'm actually OFFICIALLY A BIT QUEER in being agender; reading up on this a bit (mainly, /r/agender on reddit), agender people have a self-image that seems very consistent with my self-image, but it seems like most agender people follow the same sort of path of self-discovery as trans people - complete with stressful coming-out experiences (I have opinions on that!). My story is entirely different...

I grew up as the only child of a single mother, so my household had no comparison between sexes/genders; the axis was "small child / adult parent", rather than any "mother / father" or "boy brother / girl sister" comparisons. My mother never implied any gender expectations of me; there was no "you should do this because you're a boy" or "you can't do that, it's for girls". I saw social expectations of gender in others, and in fiction in books and on TV, but whenever they were apparent, my mother was disdainful of it as sexism. I remember her fury when she and another parent were discussing their children's likely careers; I was very interested in science and technology so seemed set for a career in those fields (correct!) - and the other parent responded "Oh, of course [their daughter] won't amount to much, she's only a girl". I grew up in a world with a female Prime Minister and a female monarch; it seemed clear to me that people had physical sexes, but the idea that those sexes had relevance beyond their direct biological consequences was just a hold-over from a darker age, like racism and homophobia, still lingering in dark corners of humanity where forbidden jokes were quietly snickered but denounced in all public discourse. Grammatical gender in the English language, and gendered clothing expectations, were things that carried on through social inertia but would fade with time. To put those views - in hindsight, rather progressive for the 1980s - in perspective, we lived next door to a gay couple and a transvestite guy lived a few houses down the other way!

So the surprising revelation for me wasn't that I was agender, but that everyone else wasn't...

Of course, I base this position on other people's reported sense of gender, and this always comes from trans people; I don't think I've ever heard a cisgender person say "I feel totally and definitely male" or whatever. So perhaps - just perhaps - being cisgender is actually no more commonplace than being transgender; a small fraction of humanity have the misfortune to be innately gendered, and have a 50% chance of that gender matching their sex! 🙂

Public key cryptography wish list (by alaric)

I have opined in the past about how I'd like better support for public key infrastructure in applications and user interfaces, and a few ideas for how to generalise the signature infrastructure a bit, but I've since been accumulating even more things I think should happen to bring the benefits of strong public-key crypto to the masses.

• I should be able to use a PGP key to sign my HTTP requests, as an HTTP authentication mechanism. For web apps that support it, the option of choosing a PGP key from my private keyring should appear on login boxes.

• I mentioned before that I'd like to be able to sign blog comments and posts and other content I submit to web apps in text areas; but I feel like re-iterating it, and point out that this could be handled more neatly by having an extra HTML attribute on the <textarea> suggesting that it accepts signed content, thereby causing my browser to send a detached signature in the submission (as if placed in a second text area, whose name is the value of the attribute, but which does not need to actually exist as an HTML element) if I opt to take it up on the offer. That would be better than the hack recommended in my previous post.

• Seamless support for signing all, or part, of a Web page, using an element wrapping the content which also refers to the signature (as a URI, or including it inline). For cases like where Markdown has been used to process the original entered content to make it into a Web page, the app should offer a link to the original content wrapped in the original signature; the app could have access to its own private key in order to sign the generated HTML as well, but that's orthogonal to the issue of the original author of the content signing it. Indicating to the user that a region of the page is signed needs to be done in a way that the page itself can't fake with CSS and JavaScript! Given the presence of canvas elements, this will presumably mean it has to involve some UI element outside of the rendering area of the web page - eg, in the browser toolbar.

• Signing should really be the default state for files, messages sent via various means, etc - my user interface should be marking unsigned messages and files in red!

• Public key management user interfaces should learn from Petnames, in order to provide a nice user interface while making impersonation attacks hard to do.

• Seamless support for PGP-signed tar files. No need for a detached signature to download (it's in the tar file itself). Basically, I'd like to have tar able to detect a signed file and check the signature and seamlessly unwrap it to feed into the decompressor and then onto the actual tar file reading itself. This would be particularly pleasing, but in general I'd still argue for every app that reads a file to silently accept PGP-signed files without needing to explicitly unwrap them!

Needless to say, I am mulling infrastructure in ARGON to make public-key infrastructure an integral part of CARBON, and I'd suggest a Petname-based user interface for the management of entity IDs and CARBON global names!

Roof repairs (by alaric)

For some time, I have been spending much of my free time trying to make my workshop more habitable.

Back in April last year, I started putting up shelves and putting things away; when we moved in, I had been able to set the furniture up and put things away on them, but without shelves up, much remained in boxes on the floor.

I've since made another shelf and installed that, meaning that everything is finally put away to my satisfaction, but most of my effort has been going into fixing the leaking, draughty, and ivy-penetrated roof. This has involved two parallel jobs: sealing the eaves - now all done, and air vents installed for controlled air flow to avoid condensation - and repairing the leaking roof itself.

I started the latter by building a wall-mounted ladder, to make it practical to actually get up on the roof to work on it. This was four days of work (1 2 3 4). With that in place, I've been able to nip up onto the roof and - more importantly - get down again easily. This is no mean feat, as I'm not at all happy about heights; and the plastic sheet that had been stapled to the roof by the previous folks in an attempt to fix the leaks was quite slippery when wet. Being on a slippery surface sloping down to a drop of several meters suddenly made me remember a series of recurring childhood nightmares I had about having to escape terrible peril by climbing up steep, slippery, slopes, which wasn't much fun...

The intolerably wet weather of last summer (and this one is starting off little better) had caused lots of damage in the workshop. Water came in through the roof by the pint; I tried to position buckets underneath the places where it dripped, but on several occasions these overflowed and I had to move furniture to mop up the huge resulting puddles. Where water had splashed its way onto tools and furniture and supplies, there was rusting and water stains, that I have done my best to clear up; and the high humidity in the building from all the pools of standing water led to fungus problems.

Clearly, something had to be done. The problem was that most flat roofing processes seemed to require a period of dry weather to execute them, and generally required that the wooden deck underneath the roof surface was dry to begin with. With gaps in the rain being unpredictable and short, this didn't seem to be an option for my roof, so I used the ladder to keep performing temporary repairs to the plastic sheet (with little success), and nailing it back down whenever the wind caught it and tore it up at one end or the other.

However, I recently found out about a roof repair material by the name of Acrypol+, which advertises as a feature that it can be applied to damp surfaces; it's able to adhere and cure in a wet environment, being a thick oily liquid when applied. Basically, it's a form of thick acrylic paint, with fine fibres mixed into it that provide structural integrity to the coating once it has dried. It's not recommended to apply it to wood, but my roof is still covered by the (cracked, single layer of) felt underneath the plastic sheeting, so it would be fine to pull the plastic sheet off and apply Acrypol+ to the felt. In effect, the felt would just become the backing for a new sheet of waterproof material covering my roof.

One end of the plastic sheet was easily pulled up, so I applied the first can of Acrypol+:

You can see the exposed felt towards the bottom; it's in pretty poor shape, and has many small tears and holes in it. Also, the rate at which bits fall out of the trees is quite something.

From a little further away (and in more typical weather), you can see that in comparison to the rest of the roof:

I couldn't get all that junk (particularly the large yellow bag, which is full of trimmings from the trees above) down single-handedly, so I had to wait for a friend to come and visit. Andy is a confident rock climber so is much less worried about heights than I am, so was able to be a lot bolder! Together, we made short work of removing all the weights and junk on the roof, and removing the plastic sheeting.

Underneath, I could finally see that various routes by which water had been getting into the workshop. There were a few places where the gaps between the boards comprising the roof coincided with tears in the felt; water made its way under the plastic sheet through rips in it, or through the join where the two halves of the plastic sheet met in the middle (which was not sealed at all, just slightly overlapped and stapled down), and then run along to these places and dripped through. We nailed spare bits of felt over all the major tears, then set about painting the entire roof with Acrypol+. Before long it was done, shining brilliantly in the sun:

There's still a gap at the far right (look near to where the TV antenna is mounted); the edge of the roof has a sizeable gap between it and the upright board that forms the rim around the roof (which is called a "soffit board" if you want to get technical). I couldn't get the Acrypol+ to bridge across this yawning chasm, so I waited several days to let it cure enough to walk on, then went and squirted a load of roof-repair sealant along the gap.

When I get a chance, I'll paint Acrypol+ across that sealant (it's not a perfect seal, as I found when it rained a few days later, and some water still oozed down through that route). I will also paint more along the seams between the overlapping sheets of felt and around the felt patches we added, as they are the most likely points of failure; thermal expansion or other movements on the roof may cause the sheets to try and pull apart, so they could do with reinforcement.

Acrypol+ is sold as a repair system for leaking flat roofs, rather than as a coating for new ones; that, and the fact that it's a lot cheaper than a whole new roof, tells me that this is to be considered a temporary repair rather than a whole new roof. But if it works for a few years, it will give me time to save up for a proper re-surfacing with something like Sealoflex 10, and will hopefully mean that the wooden deck beneath is nice and dry!

With that out of the way, there's a few more things I want to do to the workshop itself - but they can wait; with the water kept out, there's fun projects to work on. First of all will be resurrecting my furnace, and getting some aluminium melting again!

Felix Winkelmann interviewed in Atomic Spin (by alaric)

Here's an interview with my favourite Scheme implementer!