FLOSS Weekly 748, Transcript

Please be advised this transcript is AI-generated and may not be word for word. Time codes refer to the approximate times in the ad-supported version of the show.

Doc Searls (00:00:00):
This is Floss Weekly. I'm Doc Searls. This week Simon Phipps and I talk with Nathan Freitas who runs The Guardian Project and is working on a huge number of things, but the main thing right now is something called Proof mode. Is something real or is it not? How do you prove it? How is it? A lot of great questions. Simon Phipps asked a lot of those. He's on this show too. And that is coming up Next.

[00:00:30] This is Floss Weekly, episode 748, recorded Wednesday, September 6th, 2023. Show me the proof mode. Hello again everyone everywhere. This is Floss Weekly. I am Doc Searles and this week I am joined by Simon Phipps web Mink himself. [00:01:00] There he is.

Simon Phipps (00:01:03):
Gring do know it's got hot over here in Southampton. It's nearly up to really 30 degrees in the modern numbers. I dunno whether that is in the old numbers. Yeah, so you can imagine in the UK that means that everyone just doesn't want to move at all. That's like it's a hundred over in the US

Doc Searls (00:01:26):
And you probably don't have air conditioning in your house, is that

Simon Phipps (00:01:29):
Right? I do [00:01:30] not have air conditioning. I have a fan over to my left and a fan over to my right and I've just been getting complaints and there being too much wind noise in my microphone.

Doc Searls (00:01:40):
And you have fans online as well, so have you done any homework on our guest?

Simon Phipps (00:01:46):
I had a little look. I installed proof mode, had a little look at it. I've got questions so I should be asking them and I gather that you have prior on this particular guest.

Doc Searls (00:02:00):
[00:02:00] Well, we are colleagues as it turns out as it is, we're both affiliated in different ways with the Burman Center where I was a fellow, he was too, and I think he's an affiliate now and he's actually here in town. I'm in Boston, not in Boston. I flew into Boston, but I am at Harvard University right now next to the cyber law clinic at Harvard Law School, which is just a great place, one of my favorite places on earth.

Simon Phipps (00:02:28):
I see. [00:02:30] See all the books have been impounded. Mind you.

Doc Searls (00:02:35):
Yeah, I know we were talking before the show that this may be a metaphor for what happens if the copyright maximal is get their hands on the internet archive. It'll look like this

Anyhow, so I don't want to delay any further and get to it. Our guest is Nathan. He [00:03:00] has been with and is still with the Burman Klein Center here at Harvard where I am physically now because it's the 25th anniversary of the next three days of the Burman Klein Center, which was just the Burman Center when I was here from oh six to 10 and then hanging out a few years after that, I closed. I have so many windows open, but a small screen and I'm trying to [00:03:30] find, Nathan runs the Guardian Project. He works in something called Proof Mode. He has a build of particulars, a zillion things he's done with the Berkman Center. So welcome aboard Nathan while I try to get the soup back up front. I

Nathan Freitas (00:03:48):
Was just sharing the super awesome, geeky, nerdy U R L of the Berkman Center, which is cyber Do

Doc Searls (00:03:57):

Nathan Freitas (00:03:57):
Know. And we all get emails. We used to get cyber [00:04:00] Harvard, now we get law school emails or something, I don't know. But we used to have a cyber Harvard email

Doc Searls (00:04:06):
Before that it was Cyber Law dot Harvard and that was the email address that I had for like six years.

Nathan Freitas (00:04:12):
You're right, it was a double sub

Doc Searls (00:04:14):
Domain Harvard and then it detached itself administratively from the law school but then located itself architecturally inside the law school now. So it's

Nathan Freitas (00:04:26):
A great place and I'm glad you're in town.

Doc Searls (00:04:29):
So much

Nathan Freitas (00:04:29):
To celebrate [00:04:30] and yeah, we can talk about what it is and how it's maybe nurtured our open source work. And in particular,

Doc Searls (00:04:36):
It was started by a law professor and a law student, Charlie Nessen and Jonathan Zirin and a bunch of friends here back in, well 25 years ago exactly, because the 25th anniversary of it, Larry Lessig was an early fellow, I remember that. [00:05:00] And John Perry Barlow and Jimmy Wales, but lots of other people. Dave Aaron Schwartz, who's going to be here, Aaron Schwartz, was he ever, he hung out. He

Nathan Freitas (00:05:12):
Was hung out. Yeah,

Doc Searls (00:05:14):
He hung out. Mean

Nathan Freitas (00:05:15):
Blurry. There's a lot of people that just hang out and sometimes you get an ID card and sometimes you're just hanging out. Especially us folks that are building and doing and not, I'm not an academic in a formal way. I was an N Y U adjunct professor [00:05:30] I've worked on, did some graduate work, university of California. I've been in academic system, but I don't have tenure, I don't publish papers, I don't write books. I write code, I write open source code, I lead open source projects and we a unique role and it's fun to be in that community because the majority of people are pure academics or people writing books or journalists or researchers. So having those of us trying to make stuff I think is an important role [00:06:00] to play in that space.

Doc Searls (00:06:05):
I have another grad degree and that's it and I'm lucky to get out. When I did a thousand years ago, I did one book while I was here and it was a worst seller. But then I was at an internet archive event called A de WebCamp where Tim Bergers Lee blurted out that that's what inspired Solid, which is his project. And I was just blown away by that. [00:06:30] I thought, well one reader, we got the right guy. So start with the Guardian Project and we'll fan out to some of the many other things you've done. And I know Simon has questions, so we'll start with,

Nathan Freitas (00:06:43):
Well let's see. I grew up in Northern California, so definitely I sort of in the twit sphere and was lucky as a kid to have Apple two computers and Commodore 60 fours and hand me down things from schools. This t r s 80 [00:07:00] that my mom, I think dumpster dived from the business department of a school.

Doc Searls (00:07:04):
You must have a bingo there. I mean

Nathan Freitas (00:07:07):
I have a gear closet, but the TS eighty's gone sadly. But I've been writing code in different ways for fun and no profit for a long time and had some early on work in actually at uc. Santa Barbara was one of my spots. So in decentralized digital libraries [00:07:30] and working in early web tech or working in early Java apples and just thinking about open source, decentralized systems, building things for good for earthquake tracking and humanitarian relief and that kind of just in my twenties, God in my blood and mind that wow, we can build these kinds of systems that use open code and open platforms in the web and not mobile yet. But at the time, [00:08:00] here's my other branch, I love the Apple Newton. I was an early Newton user and then I became a palm user and then I became a programmer for mobile and eventually I built a company that was doing security and privacy for mobile devices in New York.

I relocated and we got acquired by Palm actually in this sort of trio, tungsten era of Palm and for our security work. And we were a competitor Blackberry. So I've got some [00:08:30] cred on the security front, but I got really frustrated at Palm because they would shut stuff down. They wouldn't let me open source. I was trying to build open source developer frameworks. I was trying to do all this stuff. I almost worked on the web OSS project, but I decided to leave in 2004 and sort of bring my life together, my interest in human rights humanitarian applications with mobile tech and I was working on it with a number of activist groups and global [00:09:00] movements, environmental movements, human rights. And it really came together in 2009 when the smartphone thing started happening. And I said, wait, Android is just Linux. I know Linux, I know how to port stuff.

I can get tour pg p SQL site for all this stuff now running on a phone for real that anyone can just install anywhere in the world. And that sort of was our creation catalyst like spark moment. And so a lot of what we've done at Guardian Project is like [00:09:30] get tour on phone. So if you ever use Tor on your phone, that's us or Bot Onion browser tor browser for Android. That's kind of work that my team has been behind. If you use Signal, the database, SQL Cipher, we were the ones that ported that to Android and convinced them they needed to use that as their database encryption layer for storage on the device. If you use foid, we were the catalyst behind scaling that project up. Hans Christoph Steiner who was on recently is a Guardian project team member [00:10:00] who now shepherds Foid. So lot of the work we do is just trying to build the right security privacy capabilities into different needs that we identify and do it all with open source and it's kind of works. So we're almost at 15 years of doing this, which is our own anniversary moment coming next year and pretty excited.

Simon Phipps (00:10:29):
So [00:10:30] let me dive into proof mode because that's in the, that's why

Nathan Freitas (00:10:36):
We're here.

Simon Phipps (00:10:36):
That's why we're here. So tell me in four sentences what is proof mode?

Nathan Freitas (00:10:48):
Our focus has mostly been on reducing data, increasing privacy, stopping surveillance. But we had this idea of what if we flip that around and there's this idea of surveillance. What if you could gather [00:11:00] extra data that would prove something that would say this photo is real, this video is real. It came from a real camera at this place in time and you can trust it because there's a cryptographic chain of custody. But every time you talk about that, someone tries to build it in a centralized corporate closed source system. And so our goal was how can we do this without being harmful and doing it in a decentralized way where people retain control. So proof mode is meant to be used by journalists, human rights defenders, people [00:11:30] documenting war crimes, but also maybe documenting a car accident or you're an insurance claim or anything. That's what it is.

Simon Phipps (00:11:41):
So I've had a good look at proof map. I have questions as I said earlier on. So the first question that I've got is how can I tell that you are telling me the truth about your picture? Is it something which I can verify independently of any authority [00:12:00] or do I have to trust an authority to be able to verify that your picture is real?

Nathan Freitas (00:12:08):
So on the proof website, there is a verify tab and actually we have apps, we have a proof check web tool. So someone sends you a photo and you can say, Hey, did you use proof mode to capture that? And if they say yes, then you can say, well can you send me the proof mode bundle, the zip, and that has all this stuff, all the proof and say, okay, here's the original [00:12:30] proof zip. You could drop it into our proof check tool. But also you could just manually look at each piece of data. So in that file there's PGP signatures that are signed and timestamped to a specific, this photo at this time was signed. Second, there's data from a site called Open Timestamps. And Open Timestamps is a independent third party hash notarization service built on the Bitcoin blockchain, but it has its own [00:13:00] side chain calendar ledger that says this fingerprint of this photo existed at this time.

The other thing you'll find in that bundle is if it's on Android, a Google safety net file that verifies it came from unmodified hardware from a real device, again at a certain time signed by Google. So we build up this bundle of metadata and we give you a gui. Again, you could go to the proof check web tool and just drag the zip in there [00:13:30] and it will do this all for you. But there's no secret proprietary thing. There's just a set of files that you can verify using open source tools to say these bits existed at this time from this device and pg p key.

Simon Phipps (00:13:50):
So at a minimum I'm going to have to rely on open timestamps because the reason I ask this is because this is a great question in Europe at the moment [00:14:00] where people are proposing digital IDs and there's a bunch of us who say, I don't want to have an ID which have my identity anchored in the state. I would like to have my ID anchored in me. And so the conundrum with any of these proof systems is how do you prove that something is true without trusting an authority for any of the data? Sounds like you've thought about that and you're kind of close but still relying a little bit on [00:14:30] external authorities. Would

Nathan Freitas (00:14:31):
That Yeah, I mean open timestamps is itself open source and you could run your own calendar instances. All it does is provide a pathway to the Bitcoin blockchain. It runs its own ledger that says signs it, but that you could run on your own. Now we built a prototype of proof mode built into signal itself, which I can talk about. It's not going to ship anytime soon, but we have had meetings and in that case they said we don't want to use [00:15:00] open timestamps, we have mobile coin, we have our own cryptographic ledger. Can you notarize onto the mobile coin ledger? And we did it. So then that case you had a very different model where it's encrypted, but again, you can point to the block and say this block is where the notarization is, and anyone who's part of that transaction can now see that notarization.

So we have a pluggable system there. A lot of our activists simply use signal groups or maybe WhatsApp groups depending where they are in the world or telegram [00:15:30] groups if they have to. And they will post the proof bundle and that's essentially notarizing it to your own circles, your own communities. And lastly, you can do a basic share of proof, which is essentially the hash, the timestamps, the PGP key, and post that to Mastodon to the fedi verse and then it'll be logged and synced to many, many different servers. So that's our same concern. Another interesting part of this is the identity of proof mode is an ephemeral automatically generated [00:16:00] P G P key. It's not meant to be your long-term identity. You could then vouch for that key or sign that in a web of trust and say, I vouch for this key, it's me. But we don't think of proof mode as a long-term strong identity system for the very reasons that you said we didn't want to do that. And we will talk later about the new C two PA standard because it's a little bit more looking like certificate authorities, which makes us nervous.

Simon Phipps (00:16:28):
So then to flip that [00:16:30] on its head, my other question when I looked at all this was to say sometimes you do want the state to be able to validate the data. So how ready is proof mode to be used as evidence in court and has it been used reliably as evidence in court to the satisfaction of a legal system yet?

Nathan Freitas (00:16:52):
So we've been working on that problem for 10 years. First with the partnership with the International Bar Association, [00:17:00] and then more recently and then also with the International criminal court. I went to the Hague and I learned how they handled chain of custody and digital evidence. And it's funny, the term they use is open source investigation. That means scraping. They literally scrape files from YouTube using scraping tools and they burn them to a CD and that's how they gather their open source data. They don't use digital signing. In fact, their standards of chain of custody are very much [00:17:30] based in physical kind of evidence gathering from a previous era or a current era. So we have in the last two years, well really year and a half since the invasion of Ukraine by Russia in that unjust war.

And the work we've done there is with the Starling Labs who's out of Stanford and the U S C Annenberg School, they used proof mode to document the school bombings in kke. [00:18:00] I don't think anyone died, fortunately no children. But the school itself was targeted because they said it was a military base. They've sent out investigators who've documented with proof mode that was sent over signal to a secure chatbot running on signal that then ingested it into another backend system which had additional signing using a hardware identity token. That was their identity, right? So it went from the ephemeral proof mode identity to an official [00:18:30] system with a vouch for hardware token that could have been a state ID linked to that such as Estonia or others. And then that was also submitted in a cryptic graphic evidence dossier to the international criminal court. So I'm hoping in however long it takes that Putin and other folks that are accused will be put to justice and the evidence gathered will be tested. It's a slow [00:19:00] process and I've tried to, I've met with amazing judges who start to fall asleep when I explain it because they're overwhelmed by the digital world and forensics and all of this in the same way they were with D N A. So yeah, I'm hopeful and I think we have a process. We know what it takes and I think our standard of security, as I said before, is already pretty far beyond what a lot of evidence gathered is at.

Doc Searls (00:19:28):
Well, I'm overwhelmed myself [00:19:30] and I know that we want this thread to continue. Simon I know has more to pursue on it and we'll get to it right after this.

Simon Phipps (00:19:39):
Okay, well after all that, Nathan, one more question on that. So the first part of my questioning was about maintaining your independent ability to prove. The second question was about evidential [00:20:00] quality. The third question is about the ability of users of proof mode to remain safe while proving the validity of their materials. Because the sort of people who are going to be using proof mode are going to be people who are not going to want the F S B to find their friends. They're going to be the sort of people who are going to want to have the minimum necessary information to be able to prove the integrity of the material [00:20:30] is proof mode lined up to protect the safety of its journalists.

Nathan Freitas (00:20:38):
And this is where we work with partners like Freedom of the Press Foundation Witness who is the leading human organization from Peter Gabriel that's focused on video and media capture. The Thompson Foundation, we just did a training with journalists through them there is where we fall into the kind of journalistic newsroom, [00:21:00] whistleblower things like Secure Drop. And we mentioned Aaron Schwartz before and projects that he started around this global leaks where none of the data we provide is tied to a real name. I'm sure if you got enough of it you could de anonymize because there is a lot of rich signals in there. That said, you'll see in the app when you use it, you can disable a location, you can disable carrier phone identity stuff, you can [00:21:30] disable a lot of the metadata that people may be nervous about, and then you just have the notarization and that the signing, which could be good enough.

We also though believe in the workflows that have been pioneered by journalists and human rights organization in doing sensitive work with interviews and human rights research. I mean, we just talked to a Chicago University of Chicago professor who works in [00:22:00] discovering and documenting mass graves in conflict zones and early on in their work before they send in a team to really go out and document these things, they have a lot of field people, participants who need a simple app on their phone just to go and capture something with a little more evidence and assuredness around the data and send that safely over signal just to one person who can then verify enough to maybe start the legal process to send in a whole team. So by being decentralized and [00:22:30] by giving our users precise control over what data they share, we ensure that they can sort of decide, I'm going to use Signal with disappearing messages and disable the G P SS location feature. That's fine, it'll still work. This is a huge difference from some, I won't call them competitors. There's some commercial options out there that of course are closed source that don't give this kind of control and their whole model is trust us, we'll keep you safe. And of course we know how that goes. Yeah,

Simon Phipps (00:22:58):
I mean presumably their business [00:23:00] model is also around protecting IP rather than protecting truth.

Nathan Freitas (00:23:04):
Exactly. Yeah,

Simon Phipps (00:23:06):
I did have a good look at the proof mode website. I looked for your white papers and your rationales and your algorithmic explanations and I didn't find them. Where are they?

Nathan Freitas (00:23:19):
Yeah, so I mean there's information on our metadata, our three layer verification process and also again, how the verification works [00:23:30] and the different pieces there. If you go to, I think the one thing we're missing is there should be links to GitLab. We've migrated everything over there and there is a documentation repo on there. We also have a number of presentations that are not in white paper form. So I would say, I know this sounds like we're doing so much and we're so great and all of these things we do screw [00:24:00] up or not screw up. We do have our limits and there's definitely areas where a project like this turns from a lab project and something we're noodling on to something that's more formal. And that's happened pretty fast in the last two years with both adoption and funding. So there's definitely areas where we're not as well organized.

So I will ensure that any links we have should be more apparent. I do really want to point out, if you go through our blog post, [00:24:30] there's quite a bit there from Jack Fox Keen, who's our data science lead, and this is someone that I brought in specifically to help us think bigger thoughts about harm data, feminism verification from different areas of perspectives, looking at some data analysis. So that's all in blog posts that maybe you just have to dig through a bit more. And then we're doing red team auditing of all of our systems now, so that trying to get people [00:25:00] to generate fake data and break it. So we'll publish the results of our security audits, which we do. So yeah, you're spot on. Things aren't as organized as they should be. You're decentralized. We have decentralized,

Simon Phipps (00:25:16):

Nathan Freitas (00:25:16):
You go to GitLab, I mean project has all of our stuff. And then if you go to slash proof mode, and I can put that in the chat too.

Simon Phipps (00:25:26):
Yeah, I'm already there. It's on this screen [00:25:30] over here, the one I'm not looking.

Nathan Freitas (00:25:33):
But yeah, and I think we probably do need a few more writers and documentation folks on staff because we're like, it's in the code, it's all there, but of course that's not good enough. Now the flip side of this that I do want to touch on is the content authenticity initiative. So this is an interesting kind of open source story to talk about, and that's at content [00:26:00] So just before the pandemic, Sam Gregory, who's now the director of Witness said, we got to talk to Microsoft and Adobe and all these folks because interested in a standard around proof mode type stuff. And this is an area where in other cases you'd be like, oh no, our VCs would be worried and our competitors and they're going to wipe us out. And my response is, great, that is fantastic. They're the ones that can scale this up for the world and I hope that they can just learn [00:26:30] from what we've done.

And so in that case, Sam and along with us worked very deeply on the specification process for this new standard called, well, it's the Coalition for Content Providence and authentication C two PA for short. And if you go there and look at, you will find all of the, and look at search C two PA because it's a different website, it has the specs you're looking for and [00:27:00] it has and it's pretty amazing what they've come up with. And in fact, many ideas we had for future proof mode work are in there now it's open source, you can implement it in different ways. They have a rust toolkit that is great. It bends towards using usage in the Adobe Creative Cloud with the Adobe tools for instance. But we are now interoperating with it. So our goal is basically to have proof mode become the premier sort of open source decentralized [00:27:30] implementation of the C two PA standard in this way. Maybe proof mode is like Gopher and this is like H T M L. I don't know if that's a good analogy, but this is a big moment and it provides an interoperable standard. Our fear is just that it will only work in a centralized manner and only with Adobe and Qualcomm stuff. So we're trying to make that not happen.

Doc Searls (00:27:55):
So I want to dig a little bit farther into this and look at the future [00:28:00] a little bit, but we'll go to that right after this.

Okay, so we've got C two P A, we've got content authenticity, we've got proof mode, we've got the Guardian project. You just said something pretty interesting where one thing is Gopher and another is H T M L. I first was aware of that the early nineties, the late eighties, early nineties, [00:28:30] and we've come a long way since then. But in certain ways I feel like we haven't because a lot of what you're working on should be part of the, having proof of something should just be automatic. We're digital now we have the internet. It seems to me like I'm trying to get a sense of as you look downstream, I mean sometimes things take a very long time, sometimes they don't. But there's this Ameris law where we overestimate [00:29:00] in the short term and underestimate in the long, where are we going to be in five or 10 years knowing that that probably isn't long enough with you doing the work that you're doing. Well,

Nathan Freitas (00:29:14):
The story of Signal is a great one to kind of pick apart. And when I started Guardian Project, I was in a chat with Moxie and he was like, I'm thinking about doing some secure phone stuff. And I said, I'm too. And I said, well, I'm want to work on getting tour on phones. And he said, I want to [00:29:30] work on encrypted text messaging. And we did, and we both have the work. I started then has millions, tens of millions of users of tour running on phones around the world. And obviously Signal has not only produced Signal, but it has provided the double ratchet encryption system for WhatsApp and many other systems and kind of forced end-to-end encryption, not because of a standard, but because of just excellence in code openness, [00:30:00] smart thinking. And I believe that we can through just great solutions that can reach a lot of people in need signal like Tor browser, like other projects, I mean Linux itself, you can move faster to create something that is the world you want to exist while the standards also need to happen to kind of pick up that trailing line behind you.

[00:30:30] But as we've seen with R C s, the interoperability and the encryption, all of that does take a bit long time. So the reason we're still working on proof mode, we're still looking at building a proof mode into different apps and things is there is a need today, right? And Don be asked about what are the needs of journalists and activists and it's like there's a war where there's war crimes happening and these need to be documented in a way that people won't say that's generative AI that's made up, right? This needs to happen. Now there's [00:31:00] indigenous activists in southern Mexico who are losing their land to climate change to development by the government and they need legal documentation that can stand up in court of this happening that is audio visual. There's other people we're working with in increasingly journalists who are not trusted that they're really in a place and they're really telling that story.

And again, generative ai, but also just editing and that in general news is not trusted at first [00:31:30] glance and we have a huge election coming up. There's always huge elections. So we keep building usable things as much as we can that can be trustworthy for the now. And we just hope to bend the arc of the future in the right way. And every once in a while you get a signal, but there's also a lot of other small victories of open source out there. Many, so many wonderful stories that have not been the ideal perfect outcome [00:32:00] but have made things better. Linux. The fact that Linux existed in the state that Android could be based on Linux and then all of the years of knowledge we had about Linux and how it worked could then be brought to a phone is amazing because before then you had 50 different proprietary phone operating systems that were all junk and now you have Linux on the phone essentially. And so there's so many wonderful moments to talk about where open source has sped things up and that keeps me optimistic.

Simon Phipps (00:32:30):
[00:32:30] So I'm very interested by this kind of open proof mode because I see a massive problem coming with generative ai, which is it's a machine that's trained to lie convincingly and it's very good at creating mechanical artifices to go with its lies. Do you think this proof system you've got here is going to be AI proof? Is it going to be able [00:33:00] to prove that something's been done by people and not being built by an AI or AI is going to be able to fake this as well?

Nathan Freitas (00:33:09):
Well, we are actively working to test that and see what's possible. So I and others have been using G P T 3.5 and four feeding it proof mode data, right? Training it on proof mode data so it knows what it looks like and how to do it. And then saying generate a proof mode, proof file from this time [00:33:30] and place on this camera doing this right? And it pretty much can. And then I'll go to stable diffusion and say, generate a photo of a bomb going off in this public place, taken on this kind of phone with this kind of weather. And then I'll go back to chat G P T and say, now generate an exit file that I can inject in there.

And then you could feed it into just [00:34:00] some other workflow where you're signing with PGP keys, you're doing the open timestamps thing, but all of that. And our goal is to find the glitches of that alternative adversarial workflow that is using generative AI instead of a real camera. And they're there, the holes are there. So as an example, I mean it's key that we do authentication of the hardware itself and the [00:34:30] mobile hardware manufacturers give you this capability as a developer in order to stop cheating in games, cheating on your banking money. So we're using this infrastructure that is about commerce and games and things like that. Second, we also authenticate the application itself. This proof actually came from the real compiled proof mode app signed by my developer key. You can also do that, which is really cool. So that say, no, this didn't come from the official app, maybe [00:35:00] that's okay, but at least we know this came from some variant that someone self compiled.

So we have those checks sums in place specifically to do that. And Bruce Schneider actually posted about proof mode a few years ago in his blog. And of course the comment section was amazing because there's a lot of brilliant people being like, I break it this way. I'd break it this way even before generative ai. But yeah, we are actively, there's a blog post on our site about generating [00:35:30] fake photos of when Trump was going to be arrested and saying that this might happen and it did and how journalists can counter it. So yeah, top of mind issue, and you're right, it can not only generate the visual pixels, but all of the other signals convincingly. And a few years ago we would say humans can't do that. I mean it was not possible a few years ago to generate the mass amount of data in sync in that way. And now it is. So we're on it.

Simon Phipps (00:36:00):
[00:36:00] It's scary. I'm listening to all that being anchored in harbor IDs and then in secured spaces. And then I can hear in the back of my head, Cory Dro telling me how that's all part of the war on general purpose computing and it all needs to die. And I can see a conflict. I see a conflict here between you needing the hardware to be ultimately trustworthy because it's a unique ID is on a blockchain somewhere and I hear [00:36:30] Corey saying that in that world, none of us is free. Does that worry you as well?

Nathan Freitas (00:36:37):
An important part of the way we do verification is not binary, is not fake real. We flag things, we say, this looks like this, this pass, this is here maybe should look at this. This is also that we, as I mentioned before, we root trust often in journalistic and human rights workflows [00:37:00] because there's cases where people will turn off some of that data or maybe a lot of the phones in the Africa, Latin America are like Chinese phones that come rooted and are not verified by Google. They don't have Google play. They're Android variants from China. And so that doesn't mean those people are not trustworthy eyewitnesses to events of the world. So all of this needs to be backed by some human piece, but we're just trying to make [00:37:30] the jobs of those people easier. I'll give you another case story. I was involved in a whole human rights documentation meeting at Carnegie Mellon after the first Ukraine, the ma don Revolution, right when Ukraine kind of went democratic and pushed out some of the Putin folks and there was hundreds of thousands of bits of evidence of photos and videos and they were trying to document cases of extra judicial [00:38:00] killing of people that was illegal by any law or militia or whatever.

But because the metadata was screwed up and the sources and there was no way to automate and sync at a high level. And so part of proof mode is just trying to create a system of high quality metadata that has some way of verifying it so that when you have these incidents you can human rights organization, legal groups can really be more efficient. But we still need lawyers, we still need journalists, we still need [00:38:30] affinity groups of activists because of, yeah, this can't all be ultimately backed by the state control and closed spaces and hermetically sealed machines.

Doc Searls (00:38:46):
I think this might be a good time for a break and come back to the questions that we have on the back channel. So we have a very active back channel here [00:39:00] with two questions. You just pick one. What are some of the challenges you're hearing from folks on the ground or implementing or using and improving proof node human rights folks, journalists, activists. Another one is who are some of your partners in those domains? Basically activists you're working with or hope to work with. So you may have touched on some of that

Nathan Freitas (00:39:29):
A little

Doc Searls (00:39:29):
Bit before [00:39:30] Travelers. Yeah, I

Nathan Freitas (00:39:31):
Mean we have great partners like the hyper cooperative and Starling Labs who've used proof mode as part of these investigative journalism and war crimes documentation efforts. We have the indigenous groups in Mexico, elte who are using it for documenting the challenges they're facing with their land. We have Fila, who's a media organization in Middle East and [00:40:00] North Africa using it as part of their journalistic workflow to create verifiable B-roll and context, inter news open tech fund. We have funders like that. We also have funding from the Filecoin Foundation for the decentralized web who make I P F Ss or it's Protocol Labs. So they're interested in ensuring we're decentralized. They run partly the Dwe camp with the internet archive. [00:40:30] So we have lots of different partners that are keeping us both grounded in very real everyday life, but also expanding our minds to what's hopefully possible technically more and more in the future as well as ensuring we have funding to keep this work going.

The challenges are, here's a really interesting challenge. People have almost muscle memory around their cameras on their phone and journalists still [00:41:00] want to use SS l r real cameras of course, I know Ant Pruitt is a great photographer and there's others in the twit network and the smartphone camera doesn't always cut it. So thinking about those needs, how we work with built-in cameras versus saying you have to use a proof mode camera, how we work with external cameras and tandem just what is the need of the person using this and an extreme situation. We worked [00:41:30] with Brazilian activists in the favelas in Sao Paulo and in Brazil, and they were literally under gunfire from the very aggressive policing forces in Brazil. And this was to document again at killing by cops of innocent people mostly and they would get shot at while trying to use a earlier version of proof mode.

They said, we just want to use our regular camera. So we used to have a super secret activist [00:42:00] camera with encryption and all these things that was too slow and too hard. And so proof mode is a stripped down version that you can actually on Android, just use your regular camera and it works in the background in the future. The goal is to just build it into something like Signal to get it built into every device in the world so you don't have to think about it. We also have partners like Save, these are all other open source human rights app who build our code in and they have different communities [00:42:30] that use their stuff. So we just want this to not be something another bit of burden on the user to worry about.

And if we can be invisible and sort of disappear into the background, I've learned this from my activist friends first you need to always be having more fun and enjoying yourself more than your adversary in some way. You got to keep your spirits going in all of this kind of work. The second is your goal is to put yourself out of business. [00:43:00] Your goal is to not be needed anymore. And so this is what we're doing and I'm excited about these new standards. I'm excited about other people taking these concepts. I'm excited about this just existing in a way that and as Simon's question that fits our view and supports what Corey prognosticate so well and lives up to the Bruce Schneider blog readers. So that's our hope. But it's a challenge because yeah, real people are trying to use [00:43:30] this stuff and it's just got to work.

Doc Searls (00:43:32):
So there's a number of threads we can follow here. And not too much time we have left when is a photographic one? I've just pulled this out of my bag. This is my fancy Sony s l r going out as a reporter. I'll be shooting people with this at Anne's recommendation by the way, with this particular one. But I also have, I've got my phone and they say [00:44:00] the best camera is one you have with you. I generally carry both of those. The phone has a G P S in it and the phone tells you where I was. I'm very geographical. I want that. I want to be able to turn all kind stuff, all kinds of exit stuff on and off. There are times they do want to be secretive. There are times they don't want to be secretive and there's a sense, there's a sense, I don't sense I have any control over most of that stuff actually.

And there's so much stuff that is collected about me that I would like that [00:44:30] my phone is busy knocking on my location to Google Maps, which is fine. I am glad to help with knowing where the traffic is. I'd like to have been asked in the first place though I didn't get asked and I'd like to be able to get that data, tell me where I was, that'd be interesting for me to know. And so there's this large, almost an infinitude of variables about our lives that we would like to turn on [00:45:00] and off, which in the everyday physical world are pretty easy to manage. I'm in this building now, I'm somewhere else another time, but in virtual space here we are in this zero distance and with lots of stuff going on that we don't even know about in many cases it seems. And at the same time, by the way, there's all this stuff going on with self-sovereign identity, which is [00:45:30] you only want to present a verifiable credential. And that strikes me as having something to do with proof mode as well. So I'm wondering, I'm kind of all over the map on this stuff, but I'm kind of looking what are the paths toward a livable future where we can moderate our privacy in a proven, not proven kind of way?

Nathan Freitas (00:45:51):
Well, I mean the workflow you describe of having this great camera, I mean having a smartphone, this is what the journalists who are really working with more intensely now [00:46:00] are telling us. And they have their iPad, they have their camera and they plug the memory card in, they load it and they want to have more control. And so we're trying to look at what tools are needed there specifically for that workflow. But our work with TOR on the OR bot app and other things for instance informs a lot of our understanding around metadata and surveillance and data that's coming in and out of your device. And so we are always thinking about that. We also are playing with this, I just got [00:46:30] this, it was a Kickstarter called the Cutie Pie and it's a raspberry pie tablet that has a really cool form factor. And so this has a camera.

So this essentially could be an open source proof mode device that you would have full control over. And we dabble in those things because in work with folks like the Calyx Institute who produce Calyx oss a more secure Android and that foid built into it, so is [00:47:00] our path is just to keep iterating and listen to what users want and make sure we're helping them there. B, to think about all the signals that are happening. And as I think I mentioned at the beginning when Simon asked for my elevator pitch, there's some parts of this which are like, look, all of this data exists anyway and is going out to third parties. What if you could capture it for your own benefit for the [00:47:30] causes and things you care about and use it for this purpose? We worked with labor organizers and workers the same thing.

They say, look, I know my boss is tracking me in my workplace, there's increased surveillance of workers, but if when the worker wants to defend themselves and get some better pay or get something that they're owed, using proof mode can help them even though the surveillance is happening, it's surveillance they control and the data they control. So I think there's part of it which is [00:48:00] a little bit like it's going to happen whether you like it or not, but let's shift the stream so that you retain some control. So I think we're working on all these different threads and directions as well constantly, and we will keep at it as long as we can. And I think again, by having different environments as well, there's going to be [00:48:30] some people that are happy with the Adobe and Nikon's going to add C two PA support they might've already had.

They're going to add this standard. You're going to be able to load it into Adobe, into Lightroom and have all of this authentication signed with a commercial X 5 0 9 certificate. You buy from a certificate authority and then that signature is backed by Adobe Creative Cloud and that's going to be enough for a lot of professions and that's going to exist, but you won't have all the control and the transparency and you're going to be reliant on the [00:49:00] subscription to the Adobe Cloud. But I think that will help in some ways. Meanwhile we'll be at the other end ensuring that there's this alternative that still can operate, be interoperable as much as possible, be free, be verifiable, be audited, and give that option as always for the people that have some of the time and privilege and opportunity to adopt open source tools while others just may not. And that's okay.

Simon Phipps (00:49:30):
[00:49:30] So the hot question in the back channel, Nathan, is with all of these great things that you're doing and you've been doing them for a long time, who's paying for all this? Who is it that is bankrolling good things to happen? Because most of the time it seems to be bad things happening that get bankrolled?

Nathan Freitas (00:49:50):
Well, when Palm acquired my company, I became fabulously wealthy and I'm sort of a

Bruce Wayne of the Internet Freedom Space. No. [00:50:00] So we have on the Guardian project website a page about funding and I'm good at piecing together gigs and hustling in different ways. We do have funding from all sorts of organizations. The Open Technology Fund is in part funded by the US government, but then they get money that then goes transparently to grants and other partners. We have funding from NL net as a European version of that, from Filecoin Foundation for the decentralized web, which is essentially [00:50:30] cryptocurrency I guess through Protocol Labs. They have a different source of money we have. Yeah, it's all there. So I got an email from the Eric and Wendy Schmidt Foundation saying, we want to give you a hundred thousand dollars. It happens. It's weird. We always work open source. We don't take money for defense or military, anything that kind of has a more violent or militaristic end.

I mentioned to Doc that essentially we are the industrial [00:51:00] light and magic of the human rights and internet freedom space. A lot of people write these amazing grant proposals to whoever their funder is and say, we're going to do all this cool stuff. And then they get the money and don't know how to do it and they come to us. And so we do a lot of work on others' behalf under their funding. And then right now we have a big job with unicef, helping them evaluate the security of the civil registration and vital statistics platforms that they are pioneering around the world for tracking birth and death [00:51:30] certificates in places where that's still on paper. So yeah, we work for others, we do work like this sometimes. I mean File Coin Foundation three years ago, two years ago came up out of the blue, it was like Covid and Easter break and someone who I met through the Berkman Klein Center bringing this full circle, Rainey Wrightman, who's an amazing activist and lawyer, knew my work through Berkman, through the networks I had built through being transparent through blogging through [00:52:00] shows like this and said, I think you're probably the right organization that is they're looking for.

And as a board member, I'm going to recommend you. Now you have two days to write a 50 page proposal and do a budget. And I did it and I said, sorry, kids go to the beach without me, but I did it and now I have three years of funding to pay for their school and holidays and stuff. So it's hard, hard work and Foid similarly has benefited [00:52:30] from this kind of work, but they're now also using Open Collective and they've really moved to that open model of funding. So yeah, it's really across the board. The best thing is diversity of funding because we don't want one funder to have any sort of influence. They don't, but they have influence because they will decide what they want to fund. And the question is, do we jump and pivot to try to fit into, well, we like proof mode, but can you do it for this part of the world or for this cause or for this thing? And I don't [00:53:00] like to jump around like that. So yeah, so hard work and great networks and places like the Berkman Klein Center are special for that to create these networks and opportunity to access a network like Harvard where I couldn't afford to go to school there and I probably wouldn't have gotten in, but they still appreciate what I do. And so yeah, looking forward to seeing talk in I R L over there.

Doc Searls (00:53:27):
We still have that. It's still supported [00:53:30] the fleshy existence on the back channels. Gumby wants to borrow $5. He sweetens up by saying he's thoroughly impressed by your work.

Nathan Freitas (00:53:44):
If I ever see it, I'll buy you a $5 coffee or beer or sandwich or tea.

Doc Searls (00:53:50):
Gumby iss a regular on here. I don't actually know who he is

Nathan Freitas (00:53:54):
Or anything. We met at uc, Berkeley, apparently.

Doc Searls (00:53:56):
Oh, you did? Really

Nathan Freitas (00:53:57):
Sold at the new machine conference in the early days [00:54:00] of our work. So that was really super cool.

Doc Searls (00:54:03):
So you guys know each other better than you do. That's great.

Nathan Freitas (00:54:07):
Yeah, it's awesome. And yeah, and of course Doc, yeah, I'm impressed with your work and I have a great Leo story, which is when I worked at Palm, I saw Leo, I was on JetBlue with Leo from New York to San Francisco or the other way, and he was holding a, at the time it was a open source, P D [00:54:30] A that ran Java and Linux. It was, what was it called? It was a really weird device and had a Blackberry keyboard. And I had one and I had never seen anyone else with one except there was Leo LePort sitting in the JetBlue with one. And I was like, yeah, the future is like

Doc Searls (00:54:47):
Linux. Did you interact at all? Did you? Yeah,

Nathan Freitas (00:54:48):
I went up to him, I was like, Hey, I knew he was even then, and this is a long time ago, and I was like, I think the future of mobile is Linux with Java on it, which is what that device had. And at [00:55:00] the time, that's what I was trying to convince Palm to switch to was a Linux throw out PO oss Linux core Java on top and then run a palm emulator next to it for the old apps. And if we had done that, that would've been Android. All that Android eventually is, and we even looked at the company that became Android. So weird times, but I always remember that funny moment of like, yeah, Leo's pretty legit. He's like a legit nerd who's carrying some random device in the airport. So appreciate all the shows here. For that reason.

Doc Searls (00:55:30):
[00:55:30] I'm going to say gum says we've met and I'm sure we have. I've met so many people, but everybody, you play roles, right? So Gumby is one of the guys in the back channel along with Chicken head and mashed potato. It's all still CB Radio in a way. So we probably only have several minutes left. What have we not touched [00:56:00] on? You've done so much stuff. You started so many things here. Yeah,

Nathan Freitas (00:56:05):
Well if you go to the homepage of Guardian Project, I'll mention, I'll just do a quick rundown. I'll do the quick elevator pitch because there's a bunch of cool things on our homepage. Well first, clean Insights, this is built on omo. It's a privacy preserving measurement layer for the web and mobile devices. So we don't like to put analytics in, but eventually people said, well, can you build something [00:56:30] that would be okay? So we built our own privacy preserving measurement system. Again, open source built to omo. If you go to clean, we're looking for people to, it's like a timeshare thing. If you go to our call, if you have a call with us, you see get free coffee. We have free delicious coffee that we roast and tea coming soon. So sign up for a session with us because we just want to talk to more people about how they're doing analytics.

We [00:57:00] have tracking the trackers and a lot of work that the Foid team and Hans has done on that. Go watch the show from a few days ago on how Foid handles open source app distribution. We have a project, I'll skip down called circulo, which is built on the matrix protocol, which we also love. This is an app designed for women journalists primarily. Everyone can benefit, but it's like one of these apps that you might use to track your kids and check in with your family. You can go to the English tab too. It is there, but we built it originally for Latin [00:57:30] America users. It's like a good version of Life 360 where it's private, you're in control, there's no phone numbers, there's no weird tracking. But my daughter and my wife and I use this to check in and keep tabs on where we are and if we're safe and it's all end to end encrypted.

So this is a project led by our Latin America team, but I do architecture and planning. And then we have Convene, which you should also check out. It's sort like Crypto Cat, if you remember that. Web-based encrypted [00:58:00] chat also built on Matrix. And then we have all the tour stuff, which is or bot app, if you haven't heard of that. And Onion Browser and or Bott is now on iOS, which people sometimes don't know. So now there's a tour V P N, that's official last. Lastly I should check out or bot. That's a fun one. And we have a new design and launch coming that's done with another team. This is again, our I L M model. We have a big [00:58:30] house with a bunch of different people and folks that I put in vet and they worked on different projects with different partners and it's really exciting.

The last thing I'll mention is with fdr, we're really interested in the use of foid in off-grid situations. So there's a peer-to-peer app swap feature in after Android. So you can share apps even if there's not internet. And we're working for looking in, we actually got a Mozilla National Science [00:59:00] Foundation grant against another funding process. We had to compete for that one. It was months of work, but we got a grant to work, apply the stuff to post hurricane situations in Puerto Rico. So stuff in the US helping people in other situations where they have these smartphones but nothing to connect to. So if you could build an app store, if you could build a map server, if you could build a chat room and have it all run off a tablet device like this, powered by a solar panel, [00:59:30] that would give some place for people to share information. Again, that's a whole other project we have going on. Lots going on. If any of this sounds interesting to people and you want to contribute to our code or contribute to our work or maybe see if we have work, always happy to talk to people about that and help you apply our tech in different ways. So we're on matrix at Guardian project channel on around I R C in different places, [01:00:00] but we're mostly Matrix based these

Doc Searls (01:00:01):
Days. That is great. And we could sort of hit the post right at the end of this thing. So we always close with two questions, which are kind of our control questions. What are your favorite text editor and scripting language?

Nathan Freitas (01:00:20):
I still open a shell and use Vim. So I had an 18 year old intern and I realized I was doing that in front [01:00:30] of him and he was just looking at me and what is he doing? I was like, just do this. So that was funny. And then scripting language, I guess I'll say bash in that environment. So I still do a lot of work in the show. So there we go. Ding,

Doc Searls (01:00:45):
Dinging. Yeah,

Nathan Freitas (01:00:46):
VIM and Bash.

Doc Searls (01:00:48):
Vim and Bash. Well, it has been awesome having you on the show. I look forward to seeing you in real life soon. Tomorrow I'll

Nathan Freitas (01:00:58):
Bring you a proof mode button. [01:01:00] This is Oh,

Doc Searls (01:01:00):
Wonderful. Oh cool.

Nathan Freitas (01:01:01):
I can prove it. I

Doc Searls (01:01:02):
Can prove it. Excellent, excellent. Bring one. So thanks so much for being on the show. You have doing so many things. We're going to have to have you back and other people and work with as well us guests. Thank you.

Nathan Freitas (01:01:18):
Thank you. Simon and you can reactivate your fans. Now I'm facing the same heating situation here, so let's do it. Okay,

Doc Searls (01:01:26):
Thanks a lot. See you soon. [01:01:30] So Simon, you were well prepared. Better than me actually. I think

Simon Phipps (01:01:37):
Again, it's one of those areas where I am paying attention to what's going on. I think there are some very hard problems in that area because it turns out that surveillance isn't all bad and what matters much more is the use that you put it to and how you prove that that's what you're doing with it. [01:02:00] And most of the problems I've seen with surveillance are to do with scope creep and anchoring trust on a party that ends up being replaced by someone or something unreliable. And so that's the fascinating question behind all of this stuff, is all of this proof against those two risks against the trusted party being replaced by someone unreliable, and the context shifting so that the thing that was bringing you safety is now bringing you [01:02:30] risk. And it's obvious that Nathan and the team there are all thinking about those things as well. So that's very impressive. Very pleased he's doing it.

Doc Searls (01:02:40):
Yeah. When I hear about these things and I read about them, my reaction is that maybe we're not totally screwed. It's sort of where I go with these things. It gives me hope. It gives me hope. And also realize that it's almost a mantra with me that we're still in the early days [01:03:00] of whatever this is going to be. And it is just so essential to have people working on this stuff. And because, as you said in this show and say, often the bad guys are hard at work and and they don't even know they're bad, which makes it even more scary. And it's a fight and it's a fight. But I find myself being optimistic about it.

Simon Phipps (01:03:28):
I'm trying very hard to be [01:03:30] optimistic about it. I'm finding that the big thing that's happened for me if it wasn't climate change is the discovery that so much of Western democracy is anchored on having somebody who has the society's interests heart as the chief executive and see what's happened in the US and the UK where it's turned out, the big flaw in our system isn't the system, it's the fact that it's all anchored on the integrity [01:04:00] of the leader. I don't see a solution for that problem. I don't see how you can guarantee the integrity of the leader without creating another tool to take down democracy when it gets weaponized. So I find all that is kind of worrying and it's good to look at some of these things that are where somebody good is doing something good. It makes a real change to see good things happening. Honestly,

Doc Searls (01:04:28):
It is human history though. I mean, [01:04:30] I was listening on my way to the airport this morning in Indiana where I was this morning to an account of conflicts between Jefferson and Madison on the role of federal authority and what happens when you get the wrong guy in charge and stuff like that. This is old stuff. It's been around forever. I think the human diaspora is based on people not getting along, [01:05:00] going somewhere else. And then,

Simon Phipps (01:05:06):
So it's interesting to take that perspective doc because then you look what was the fix for those things, those bad things that happened in America in the past? Well, you amended the Constitution to protect it from ever happening again. It's called the 14th Amendment. And now everyone's looking at it going, Hey, we can't use this. This weapon is too powerful. We can't use this

Doc Searls (01:05:24):

Simon Phipps (01:05:24):
Protect ourselves against what's going on. So the history of repeating itself, one of the things [01:05:30] that keeps the loop going is being afraid to fix the problem that you correctly diagnosed and correctly worked out how to solve last time.

Doc Searls (01:05:39):
It's tough and it is interesting. We'll fix it all. We'll make a list, doc.

Simon Phipps (01:05:47):
Our voice is off doc. Voice is off.

Nathan Freitas (01:05:50):
Am I off? Can you hear me?

Doc Searls (01:05:52):
We can hear you. One quick thing we got to get off.

Nathan Freitas (01:05:55):
I was just going to say yesterday, Jay-Z, Jonathan Zitron gave his [01:06:00] opening day talk to the new fellows, and it's really changed quite radically in the last few years about optimism of the internet and what have we been doing all this time and what we thought. And so that's been sort of my barometer of where things are. I mean, again, I think he always has hope and he's always partly in the center, in the people and these gatherings and these connections, but he's a great barometer for just optimism on this stuff. So anyway,

Doc Searls (01:06:28):
I first knew of Jay-Z [01:06:30] when he was a cisman as a kid on CompuServe, so I'm old enough to have been active in that. Okay, so Simon Whisper plug.

Simon Phipps (01:06:41):
So remarkably, after a year of actually three years of just sitting at a home, not going anywhere, I have a travel cycle coming up. I'm giving a keynote at the next cloud conference, which is happening in Berlin soon. And if you're going to be there, I'd love to see you. I'm speaking on the Sunday, I'm also speaking [01:07:00] at the open sim Get together that's happening. And I'm also going to be doing a talk for Aperio. So if you'd like to follow all of those things, if you follow me on social media, the only social media that I'm actively using is Mastodon. Now you'll find me as web link at Mesh Cloud. It's been in the bottom bar. And I would love to connect with you on there and talk about the things that I'm noodling around. One [01:07:30] of which is related really to today's theme, which is how we are seeing a fourth sector of society emerging, which is not corporate or labor or consumer. It's actually also the connected individual and empowering and protecting and growing the connected sector is going to be the subject of my talk at the next cloud conference.

Doc Searls (01:07:57):
Anyway, we have to wrap this [01:08:00] next week as is my custom. I'm not looking at what next week is. And so here, I'll look at the schedule. Kyle Rankin, of course. Okay. Kyle Rankin is coming up. Kyle is an old colleague from Linux Journal. He was the c e O of Purism most recently. He's independent at this point, always deep, always [01:08:30] interesting, always working on good stuff. So he's a great guy. He'll be up next week. So until then, I'm Doc Ss and we'll see you.

Jonathan Bennett (01:08:39):
Hey, we should talk Linux. It's the operating system that runs the internet, bunch of game consoles, cell phones, and maybe even the machine on your desk. And you already knew all that. What you may not know is that Twit now is a show dedicated to it, the Untitled Linux Show. Whether you're a Linux Pro, a burgeoning sissy man, or just curious what the big deal is, you should join us on the Club Twit Discord every [01:09:00] Saturday afternoon for news analysis and tips to sharpen your Linux skills. And then make sure you subscribe to the Club TWIT exclusive Untitled Linux Show. Wait, you're not a Club Twit member yet? We'll go to twit tv slash club twit and sign up. Hope to see you there.

All Transcripts posts