[...] Groups like the ACLU and People for the American Way
have used a mythical 'separation of church and state' argument to
drive the knowledge of God out of our classrooms.
As far as I'm concerned, their misdirected efforts -- and the failure of
God-fearing persons to challenge them -- are a major reason our
schools, and our society, are in the fix they are.
[...] Our own Congress voted in 1956 to make "In God We Trust" our national
motto. It's a patriotic issue, not a religious issue.
(Don Wildmon, AFA)
The worst part: Wildmon says "libertine" groups have been "mysteriously
silent" on church/state issues since September 11. Hmmm, could it be that
the civil liberties community was too preoccupied with tracking surveillance
legislation?
I showed up early and did a conference call for one of EFF's legal cases.
After that, I found our booth on the show floor. My first impression was
that the show was very tiny compared to LWCE; there seemed to be only
about two dozen exhibitors.
I ran into Bill Pollock and his colleague from
No Starch Press as they were
setting up their booth; I gave them some BBCs and they gave me some
Red Hat manuals.
Wednesday was a set-up day, so I saw the familiar scene of forklifts,
masking tape, packing crates, carpet rolls, and cabling. I'm getting
entirely too accustomed to the trade show set-up experience. It's
always funny to see the contrast between a show floor's appearance
one day and its final form the next morning.
Marc turned up with all of our booth stuff in his car -- panels,
bumper stickets, t-shirts, hats, press releases, and so on.
We unpacked it and got the booth into shape; I'd also brought some
BBCs, which I set out on the table.
I dropped by the LANL booth and
got a demonstration of LinuxBIOS
and netbooting a cluster (which used BProc -- very, very impressive).
Those folks are real cluster wizards, and very friendly.
Ronald Minnich gave
me the story on everything that was going on; I was also interested
to learn that Erik Hendriks (the author of Two-Kernel Monte, whom I'd
lost track of for two years) is working at Los Alamos in their
cluster group.
I finally got to tell Erik about my idea of making a procmail recipe
which allows you to boot kernels by e-mail -- sending them as attachments
with a certain subject line. He was amused.
(Later on, I wrote to Michelle about the fact that LANL is a weapons
lab, and their funding comes from a nuclear weapons engineering agenda.)
Nearby the LANL booth (well, everything was nearby everything
else) I found the FSF booth, containing
Steve Bibayoff and Bradley
Kuhn. (It turns out that FSF is now making their classic GNU shirts
in two new colors; I used to have one shirt in each color in which
they were issued -- beige, black, maroon, green -- but now I've fallen behind.
I bought the new blue version but held off on the gray until a future
show.) I also ran into Scott McNeil -- who arrived to set up the
Free Standards Group booth,
right next to EFF. And I saw Chris DiBona and Don Marti and was reminded
of the good times in 1999 over at the CoffeeNet.
Steve and Bradley and I got a quick dinner together and wandered up to the
BOF rooms where Lee and I did the evening EFF BOF session on the effects
of antiterrorism legislation on civil liberties. Lee gave a thorough
explanation of the legal rules surrounding communications surveillance
in the U.S. and how they had been altered by the USA PATRIOT Act. I
wrote things on transparencies and tried to fill in details.
I also did the "CIPA, COPA, COPPA, CPPA" contest -- "Each of these
pieces of legislation pertains to children and the Internet. What is
each act's full name, and what does each one do?"
After this, I had dinner again with a group at a Chinese restaurant.
At one point, some of the folks at our table got into an extended
discussion of PC hardware. A man at the next table asked whether he
could ask us a computer question. We said he could, but then he asked
something about the Windows "Add/Remove Programs" feature, and we had
to interrupt him and let him know that we were all Linux users (except
for Bradley, who was a GNU/Linux user).
The show floor opened, and people came by all day; Marc and I were
working in the booth, and some volunteers, too. Biella did a number
of interviews with developers who were in town; lots of people stopped
by our booth and asked questions about our cases.
I met some people from LinuxTag
who knew Klaus Knopper and who gave
me two CDs -- an "OpenMusic" audio CD and a LinuxTag conference CD
based on the Knoppix distribution (which is astonishingly good, among
the best software products I have ever seen).
I caught part of the conference presentation on lobbying, and then went
to the Debian BOF session, in which people had a protracted argument.
(I ducked out briefly to see the "Linux 10th Birthday Party" -- not to
be confused with Linux10 -- which
featured Linus Torvalds and was hosted by Maddog. I didn't actually
stay around for the party, which was going on at the same time as the
Debian BOF, but I did try both kinds of birthday cake.)
After that, we walked out to 19th street and had a big group dinner at
a very nice Indian restaurant there. I sat opposite Bradley Kuhn, a
fellow left-handed vegetarian, and we ordered together (to get a $20
two-person dinner special). Don tried to figure out under what conditions
a certain set of people, some of whom are vegetarian and some of whom
are left-handed, can arrange themselves at a table so that no right-handed
person sits to the left of a left-handed person, and no vegetarian sits
opposite a non-vegetarian.
David Thompson from UW
Madison made a kind offer to host the LNX-BBC download site on
mirror.cs.wisc.edu, which I think we will take.
I watched Drew playing NetHack during a slow moment in the FSG booth,
and he and I traded NetHack tips. He might be the most knowledgeable
NetHack player I know; unlike me, he regularly consults spoilers and
source code.
Duncan and Drew and I went out for lunch to a street fair/farmers'
market which was in progress right outside the convention center. There
was some nice stuff on sale; I got a black and white cookie and some
Indian food (samosas, naan, and an interesting chutney).
Drew had organized a PGP BOF session which was billed as a keysigning.
Manoj of Manoj's
Key-Signing Protocol fame was to be there -- and so, the rumor
went, was Phil Zimmermann.
I helped Drew print out the key fingerprint sheet in the conference
office, and as we were working on stapling them together, a man walked
up, looking for all the world like the pictures of Phil Zimmermann you
see in the magazines.
Man: Hi, can you tell me where the BOF sessions will be?
Seth: Up that escalator, turn right, past the elevators, up the stairs,
around the corner, through the door, and then find the room you're
looking for. [Yes, that is actually how you get to the hotel's
meeting rooms from the convention center lobby.]
Man: Do you know which room the PGP BOF is in?
Seth: I think the Oakland room -- that's his BOF [points at Drew].
Drew: That's me. It starts at seven.
Man: What's going on until then? Are there other BOF sessions?
Drew: There's the historian --
Seth: Yeah, Peter Salus, who wrote A Quarter Century of UNIX,
is speaking over in that ballroom [points down hallway] about the ten years,
the ten year history of Linux, since 1991. That should be interesting.
We just have to get ready for the keysigning.
[Man walks toward ballroom; we continue stapling. After a minute or two,
he comes back up to the table.]
Man: What's the PGP BOF about? Is it just a keysigning?
Drew: Actually, we're going to have a keysigning, but I thought I'd start
out at the beginning with a brief introduction, about fifteen minutes,
explaining the concepts of keysigning, the keysigning protocol, what public key
cryptography is all about, for the benefit of people who haven't been to
one of these before.
Man: Is there time for any general discussion of PGP?
Drew: Well, I thought we could take about 30 to 40 minutes before the
keysigning for social stuff, for issues about the uses of PGP. So we
might have the social and general part first, and then move into a
keysigning. We're hoping that Phil Zimmermann will come.
Man: [Raises hand.] That's me.
Phil and Drew proceeded to have a very interesting conversation about PGP,
which drew a small crowd -- everyone nearby who'd heard Phil identify himself
as Phil Zimmermann -- and when it was about time for the BOF, we wandered
upstairs and Phil walked off briefly to get some dinner.
The BOF session was packed, partly because people have such a fierce
competition to improve their
keyanalyze rankings, and
partly because they heard Phil would be there. He gave a long
disquisition on the recent history of PGP (and his experiences at NAI),
with his speculations on the future of the software now that NAI is
getting rid of it. It was very colorful and very interesting and
probably all new to the people there -- technical experts and hard-core
cryptography enthusiasts though they were -- because they were all in
the free software orbit, GNU users,
and hadn't been following the adventures of the original commercial
code base.
Phil took a number of questions and asked the audience not to publish
some of his answers -- so I won't. As I was about to ask Phil opinion
of Brad
Templeton's e-mail encryption idea, Phil mentioned the very
problem Brad identifies in his essay: e-mail encryption is too hard
for most people to use, or at least more trouble than they think
it's worth. (It might be better to say that most computer users could
learn, and could do it, but they don't make a priority of it, because
it doesn't seem beneficial enough to them.)
The biggest problem, Brad and Phil observe, is that key infrastructure
is such a pain; most prospective users don't understand it at all, and
in any case aren't willing to go through the steps involving fingerprints
and fingerprint verification and looking at trust paths and so forth.
They probably would be willing to do a one-time step to generate a key,
but then they would expect other people to be able to get and use that
key automatically, transparently, without any additional steps. And
we all know that this is impossible, but Brad insists that it's
got to happen if the general public is going to use cryptography.
(He doesn't even endorse the idea that a user would be willing to
explicitly generate a keypair in the first place.) Now, Phil and
Brad suggest that perhaps this problem could be addressed by
streamlining and automating key exchanges...
Manoj and Phil got into a notable argument at this point in Phil's
talk. Manoj is well known for thinking that most users of cryptography
don't do enough thinking about security precautions. (He
suggestions physical isolation for machines which store private keys --
not connecting them to a network -- as well as the use of more
stringent key-signing protocols, and more attention to the details
of key validity and trust paths.)
So here Phil started to talk about threat models and how uncommon
were MITM attacks and how useful PGP might be to the general public
even without the whole web of trust. And Manoj was just
shocked; you could see it. He asked, in a very polite and
reasonable way, why it was necessary to undermine the security
that PGP was capable of attaining. He didn't see the benefit.
Phil and Manoj went back and forth on this for a bit and clarified
that they were talking about distinct ways of using the technology;
there was a certain trade-off between security and convenience
and Manoj did not want to give up any security. Phil maintained
that some users would want to give up some security so that they
could use cryptography at all -- otherwise they wouldn't get any of
its benefits. He's always been very keen on spreading "encryption's
bounty" (as the Ninth Circuit described it in the Bernstein
case) as far and wide as possible.
Phil's specific proposed solution is different from Brad's -- Phil is
talking about a "robot CA" which performs an automated protocol to
verify that a certain private key is owned by someone who also has
control over (can send and receive mail using) a certain e-mail
address. It doesn't verify identities, just the mapping between
e-mail addresses and keys. (So, for example, the robot CA could
verify that this key 0167CA38 with a certain fingerprint does
belong to the person who reads mail at schoen@loyalty.org --
but not that the person who reads mail at that address actually
is Seth Schoen. The former assurance is good enough for
many purposes, e.g. when you only know somebody through
e-mail, or when you have an out-of-band way to verify somebody's
e-mail address.)
After this discussion, Phil went home, and we did a keysigning.
Manoj didn't sign my key (because I don't have government
issued photo ID) and everyone else did (because I showed them
my bank cards and stuff, and many of them knew me from other
contexts). After the keysigning, many of us went to dinner at
the Thai restaurant across the street from the convention center.
It's really delicious.
One great thing was that two high school students were there. I
already knew both of them from before, so it's not that the pool of
high school students who are into free software is necessarily
expanding rapidly. But I just thought that going to something like
ALS was exactly the kind of thing I would have loved to do in
high school.
As it turned out, though, I also loved the things I did do in high
school.
I gave away our copy of the Bunner appellate decision to a law student
who stopped by. She promised to let her classmates know about summer
internships with EFF.
It started to rain on Saturday, and the exhibition hours were shortened
slightly because it was the last day of the conference. Duncan gave
me a ride over and back, and ended up transporting EFF's booth, too.
A much larger number of local Linux hackers and LUG members turned up
at the show on Saturday, and I saw at least a dozen people I knew from
the Bay Area. It was probably a matter of people having to work and
then being free for the weekend.
I had a party on Saturday to celebrate the Bunner decision. It went
well; attendees included some of the people behind
NTK,
FSF,
and nmap.
I had a lot of help from Dmitriy "I'm Not Sklyarov" Ivanov (who actually
wore a "Not Sklyarov" name tag to the party). Zack and some of the earlier
guests did an amazing job of cleaning up my room a dozen times faster
than I could have, by throwing lose items into boxes to clear floor and
table space. It looks great! My room hasn't been this
orderly since I first moved in here.
Biella came by and we worked on her laptop (network and mutt
configuration) and my bike. I also played a lot of
NetHack on Drew's server, and had some fantastic games, including
the first time I've ever made it all the way through the Sokoban
levels. (A pet water troll is cool -- my water troll actually
got killed by a shopkeeper and then rose from the dead still
tame!)
With some help from Katy (more than a year ago), Zack, and Biella, I
managed today to change the tube in my bike tire and get the bike
working again. (The brakes still need some calibration.) I rode my
bike down to Cesar Chavez, and I was amazed at how much faster it is
than walking. It felt like practically no time at all.
I'd like to ride it to work, but that will have to wait until Tuesday
because of the rain.
