No Such Weblog

I'm in Berlin, at 23C3. Day 1 is getting late. So far, it's one of the best conferences I've been to this year. Packed lectures with attentive audiences; thought-provoking talks; good hallway chats.

Today, I heard about a probabilistic trust model for PGP (which is apparently based on theories that deal with reasoning in the face of uncertainty; this looks like one of those cases where the really interesting stuff was left out of the talk); about user interface designs (and what geeks might be tempted to do and rather shouldn't; great talk and an even more packed room); about surveillance in hotel rooms (and why not to use big brandname hotels); about voting machines in Netherlands (and making them play chess; my "best talk of the day" award goes to this one). I got to catch up with some old friends whom I haven't seen in a while (and missed some sessions), and I got to talk to the folks at CAcert.org for a bit.

Right now, Caspar Bowden is giving a nice presentation about Cardspace; unfortunately, I've seen some very similar talks a number of times in the past. During the Q&A, Caspar brings up an interesting question: What implications does Data Retention (more about that later tonight) have for Identity Providers in systems like Cardspace?

Day 2, yesterday, was less exciting than day 1. That might be a function of the talks that I actually attended: The guy who presented an analysis of the Linux kernel-mode PRNG botched his answers to some questions from the audience. Steffen Meschkat gave a nice tutorial about JSON, but ran over his allotted time and skipped the authentication and authorization related part of his talk -- pity.

The best talk that I got to listen to was in the RFID hacking session; Henryk Plötz showed how to replicate an access-control card with home-grown technology and an ipod. Bonus points for hack value.

Now, day 3.

At 23C3, Larry Lessig is speaking on "free, the difference between code and culture". His main point: Different communities need to articulate different freedoms and restrictions in licenses. What the GPL uses as a defense against free riding for code (sharing alike) might not be enough for photos or music or text. The non-commercial restriction that CC licenses are able to express is one tool that might serve as such a defense. Lessig also notes the importance of communities respecting other communities' needs in terms of licenses, instead of imposing their terms and notions on others. Doing otherwise would be "imperialism," says Lessig.

Barlow, from the floor: Civil disobedience will be important to break the current copyright system. Teenage geeks win the technical side of the war, and recording industry will lose battle for their hearts and minds.

Lessig: Don't doubt technical community's ability to crack DRM, but doubt their ability to deal with the politics that are created. Don't lose the opportunity to convince people why we are right. MGM vs. Grokster got thought about as "should people be allowed to steal," and was lost. If there's a perception that community doesn't take on the political side of the argument, but just wants free stuff, then it'll continue to lose.