Table of Contents
Comments
Commenters1
This chapter is dedicated to Anderson’s Bookshops, Chicago’s legendary kids’ bookstore. Anderson’s is an old, old family-run business, which started out as an old-timey drug-store selling some books on the side. Today, it’s a booming, multi-location kids’ book empire, with some incredibly innovative bookselling practices that get books and kids together in really exciting ways. The best of these is the store’s mobile book-fairs, in which they ship huge, rolling bookcases, already stocked with excellent kids’ books, direct to schools on trucks — voila, instant book-fair!
This chapter is dedicated to Anderson’s Bookshops, Chicago’s legendary kids’ bookstore. Anderson’s is an old, old family-run business, which started out as an old-timey drug-store selling some books on the side. Today, it’s a booming, multi-location kids’ book empire, with some incredibly innovative bookselling practices that get books and kids together in really exciting ways. The best of these is the store’s mobile book-fairs, in which they ship huge, rolling bookcases, already stocked with excellent kids’ books, direct to schools on trucks — voila, instant book-fair!3
What would you do if you found out you had a spy in your midst? You could denounce him, put him up against the wall and take him out. But then you might end up with another spy in your midst, and the new spy would be more careful than the last one and maybe not get caught quite so readily.
What would you do if you found out you had a spy in your midst? You could denounce him, put him up against the wall and take him out. But then you might end up with another spy in your midst, and the new spy would be more careful than the last one and maybe not get caught quite so readily.4
Here’s a better idea: start intercepting the spy’s communications and feed him and his masters misinformation. Say his masters instruct him to gather information on your movements. Let him follow you around and take all the notes he wants, but steam open the envelopes that he sends back to HQ and replace his account of your movements with a fictitious one. If you want, you can make him seem erratic and unreliable so they get rid of him. You can manufacture crises that might make one side or the other reveal the identities of other spies. In short, you own them.
Here’s a better idea: start intercepting the spy’s communications and feed him and his masters misinformation. Say his masters instruct him to gather information on your movements. Let him follow you around and take all the notes he wants, but steam open the envelopes that he sends back to HQ and replace his account of your movements with a fictitious one. If you want, you can make him seem erratic and unreliable so they get rid of him. You can manufacture crises that might make one side or the other reveal the identities of other spies. In short, you own them.5
1
This is called the man-in-the-middle attack and if you think about it, it’s pretty scary. Someone who man-in-the-middles your communications can trick you in any of a thousand ways.
1
This is called the man-in-the-middle attack and if you think about it, it’s pretty scary. Someone who man-in-the-middles your communications can trick you in any of a thousand ways.6
2
Of course, there’s a great way to get around the man-in-the-middle attack: use crypto. With crypto, it doesn’t matter if the enemy can see your messages, because he can’t decipher them, change them, and re-send them. That’s one of the main reasons to use crypto.
2
Of course, there’s a great way to get around the man-in-the-middle attack: use crypto. With crypto, it doesn’t matter if the enemy can see your messages, because he can’t decipher them, change them, and re-send them. That’s one of the main reasons to use crypto.7
But remember: for crypto to work, you need to have keys for the people you want to talk to. You and your partner need to share a secret or two, some keys that you can use to encrypt and decrypt your messages so that men-in-the-middle get locked out.
But remember: for crypto to work, you need to have keys for the people you want to talk to. You and your partner need to share a secret or two, some keys that you can use to encrypt and decrypt your messages so that men-in-the-middle get locked out.8
1
That’s where the idea of public keys comes in. This is a little hairy, but it’s so unbelievably elegant too.
1
That’s where the idea of public keys comes in. This is a little hairy, but it’s so unbelievably elegant too.9
In public key crypto, each user gets two keys. They’re long strings of mathematical gibberish, and they have an almost magic property. Whatever you scramble with one key, the other will unlock, and vice-versa. What’s more, they’re the only keys that can do this — if you can unscramble a message with one key, you know it was scrambled with the other (and vice-versa).
In public key crypto, each user gets two keys. They’re long strings of mathematical gibberish, and they have an almost magic property. Whatever you scramble with one key, the other will unlock, and vice-versa. What’s more, they’re the only keys that can do this — if you can unscramble a message with one key, you know it was scrambled with the other (and vice-versa).10
So you take either one of these keys (it doesn’t matter which one) and you just publish it. You make it a total non-secret. You want anyone in the world to know what it is. For obvious reasons, they call this your “public key.”
So you take either one of these keys (it doesn’t matter which one) and you just publish it. You make it a total non-secret. You want anyone in the world to know what it is. For obvious reasons, they call this your “public key.”11
The other key, you hide in the darkest reaches of your mind. You protect it with your life. You never let anyone ever know what it is. That’s called your “private key.” (Duh.)
The other key, you hide in the darkest reaches of your mind. You protect it with your life. You never let anyone ever know what it is. That’s called your “private key.” (Duh.)12
Now say you’re a spy and you want to talk with your bosses. Their public key is known by everyone. Your public key is known by everyone. No one knows your private key but you. No one knows their private key but them.
Now say you’re a spy and you want to talk with your bosses. Their public key is known by everyone. Your public key is known by everyone. No one knows your private key but you. No one knows their private key but them.13
You want to send them a message. First, you encrypt it with your private key. You could just send that message along, and it would work pretty well, since they would know when the message arrived that it came from you. How? Because if they can decrypt it with your public key, it can only have been encrypted with your private key. This is the equivalent of putting your seal or signature on the bottom of a message. It says, “I wrote this, and no one else. No one could have tampered with it or changed it.”
You want to send them a message. First, you encrypt it with your private key. You could just send that message along, and it would work pretty well, since they would know when the message arrived that it came from you. How? Because if they can decrypt it with your public key, it can only have been encrypted with your private key. This is the equivalent of putting your seal or signature on the bottom of a message. It says, “I wrote this, and no one else. No one could have tampered with it or changed it.”14
Unfortunately, this won’t actually keep your message a secret. That’s because your public key is really well known (it has to be, or you’ll be limited to sending messages to those few people who have your public key). Anyone who intercepts the message can read it. They can’t change it and make it seem like it came from you, but if you don’t want people to know what you’re saying, you need a better solution.
Unfortunately, this won’t actually keep your message a secret. That’s because your public key is really well known (it has to be, or you’ll be limited to sending messages to those few people who have your public key). Anyone who intercepts the message can read it. They can’t change it and make it seem like it came from you, but if you don’t want people to know what you’re saying, you need a better solution.15
So instead of just encrypting the message with your private key, you also encrypt it with your boss’s public key. Now it’s been locked twice. The first lock — the boss’s public key — only comes off when combined with your boss’s private key. The second lock — your private key — only comes off with your public key. When your bosses receive the message, they unlock it with both keys and now they know for sure that: a) you wrote it and b) that only they can read it.
So instead of just encrypting the message with your private key, you also encrypt it with your boss’s public key. Now it’s been locked twice. The first lock — the boss’s public key — only comes off when combined with your boss’s private key. The second lock — your private key — only comes off with your public key. When your bosses receive the message, they unlock it with both keys and now they know for sure that: a) you wrote it and b) that only they can read it.16
It’s very cool. The day I discovered it, Darryl and I immediately exchanged keys and spent months cackling and rubbing our hands as we exchanged our military-grade secret messages about where to meet after school and whether Van would ever notice him.
It’s very cool. The day I discovered it, Darryl and I immediately exchanged keys and spent months cackling and rubbing our hands as we exchanged our military-grade secret messages about where to meet after school and whether Van would ever notice him.17
But if you want to understand security, you need to consider the most paranoid possibilities. Like, what if I tricked you into thinking that my public key was your boss’s public key? You’d encrypt the message with your private key and my public key. I’d decrypt it, read it, re-encrypt it with your boss’s real public key and send it on. As far as your boss knows, no one but you could have written the message and no one but him could have read it.
But if you want to understand security, you need to consider the most paranoid possibilities. Like, what if I tricked you into thinking that my public key was your boss’s public key? You’d encrypt the message with your private key and my public key. I’d decrypt it, read it, re-encrypt it with your boss’s real public key and send it on. As far as your boss knows, no one but you could have written the message and no one but him could have read it.19
Now, the easiest way to fix this is to really widely advertise your public key. If it’s really easy for anyone to know what your real key is, man-in-the-middle gets harder and harder. But you know what? Making things well-known is just as hard as keeping them secret. Think about it — how many billions of dollars are spent on shampoo ads and other crap, just to make sure that as many people know about something that some advertiser wants them to know?
Now, the easiest way to fix this is to really widely advertise your public key. If it’s really easy for anyone to know what your real key is, man-in-the-middle gets harder and harder. But you know what? Making things well-known is just as hard as keeping them secret. Think about it — how many billions of dollars are spent on shampoo ads and other crap, just to make sure that as many people know about something that some advertiser wants them to know?20
There’s a cheaper way of fixing man-in-the-middle: the web of trust. Say that before you leave HQ, you and your bosses sit down over coffee and actually tell each other your keys. No more man-in-the-middle! You’re absolutely certain whose keys you have, because they were put into your own hands.
There’s a cheaper way of fixing man-in-the-middle: the web of trust. Say that before you leave HQ, you and your bosses sit down over coffee and actually tell each other your keys. No more man-in-the-middle! You’re absolutely certain whose keys you have, because they were put into your own hands.21
So far, so good. But there’s a natural limit to this: how many people can you physically meet with and swap keys? How many hours in the day do you want to devote to the equivalent of writing your own phone book? How many of those people are willing to devote that kind of time to you?
So far, so good. But there’s a natural limit to this: how many people can you physically meet with and swap keys? How many hours in the day do you want to devote to the equivalent of writing your own phone book? How many of those people are willing to devote that kind of time to you?22
1
Thinking about this like a phonebook helps. The world was once a place with a lot of phonebooks, and when you needed a number, you could look it up in the book. But for many of the numbers that you wanted to refer to on a given day, you would either know it by heart, or you’d be able to ask someone else. Even today, when I’m out with my cell-phone, I’ll ask Jolu or Darryl if they have a number I’m looking for. It’s faster and easier than looking it up online and they’re more reliable, too. If Jolu has a number, I trust him, so I trust the number, too. That’s called “transitive trust” — trust that moves across the web of our relationships.
1
Thinking about this like a phonebook helps. The world was once a place with a lot of phonebooks, and when you needed a number, you could look it up in the book. But for many of the numbers that you wanted to refer to on a given day, you would either know it by heart, or you’d be able to ask someone else. Even today, when I’m out with my cell-phone, I’ll ask Jolu or Darryl if they have a number I’m looking for. It’s faster and easier than looking it up online and they’re more reliable, too. If Jolu has a number, I trust him, so I trust the number, too. That’s called “transitive trust” — trust that moves across the web of our relationships.23
1
A web of trust is a bigger version of this. Say I meet Jolu and get his key. I can put it on my “keyring” — a list of keys that I’ve signed with my private key. That means you can unlock it with my public key and know for sure that me — or someone with my key, anyway — says that “this key belongs to this guy.”
1
A web of trust is a bigger version of this. Say I meet Jolu and get his key. I can put it on my “keyring” — a list of keys that I’ve signed with my private key. That means you can unlock it with my public key and know for sure that me — or someone with my key, anyway — says that “this key belongs to this guy.”24
So I hand you my keyring and provided that you trust me to have actually met and verified all the keys on it, you can take it and add it to your keyring. Now, you meet someone else and you hand the whole ring to him. Bigger and bigger the ring grows, and provided that you trust the next guy in the chain, and he trusts the next guy in his chain and so on, you’re pretty secure.
So I hand you my keyring and provided that you trust me to have actually met and verified all the keys on it, you can take it and add it to your keyring. Now, you meet someone else and you hand the whole ring to him. Bigger and bigger the ring grows, and provided that you trust the next guy in the chain, and he trusts the next guy in his chain and so on, you’re pretty secure.25
1
Which brings me to keysigning parties. These are exactly what they sound like: a party where everyone gets together and signs everyone else’s keys. Darryl and I, when we traded keys, that was kind of a mini-keysigning party, one with only two sad and geeky attendees. But with more people, you create the seed of the web of trust, and the web can expand from there. As everyone on your keyring goes out into the world and meets more people, they can add more and more names to the ring. You don’t have to meet the new people, just trust that the signed key you get from the people in your web is valid.
1
Which brings me to keysigning parties. These are exactly what they sound like: a party where everyone gets together and signs everyone else’s keys. Darryl and I, when we traded keys, that was kind of a mini-keysigning party, one with only two sad and geeky attendees. But with more people, you create the seed of the web of trust, and the web can expand from there. As everyone on your keyring goes out into the world and meets more people, they can add more and more names to the ring. You don’t have to meet the new people, just trust that the signed key you get from the people in your web is valid.28
“Just tell them it’s a super-private party, invitational only,” I said. “Tell them not to bring anyone along or they won’t be admitted.”
“Just tell them it’s a super-private party, invitational only,” I said. “Tell them not to bring anyone along or they won’t be admitted.”29
Jolu looked at me over his coffee. “You’re joking, right? You tell people that, and they’ll bring extra friends.”
Jolu looked at me over his coffee. “You’re joking, right? You tell people that, and they’ll bring extra friends.”30
“Argh,” I said. I spent a night a week at Jolu’s these days, keeping the code up to date on indienet. Pigspleen actually paid me a non-zero sum of money to do this, which was really weird. I never thought I’d be paid to write code.
“Argh,” I said. I spent a night a week at Jolu’s these days, keeping the code up to date on indienet. Pigspleen actually paid me a non-zero sum of money to do this, which was really weird. I never thought I’d be paid to write code.31
“So what do we do? We only want people we really trust there, and we don’t want to mention why until we’ve got everyone’s keys and can send them messages in secret.”
“So what do we do? We only want people we really trust there, and we don’t want to mention why until we’ve got everyone’s keys and can send them messages in secret.”32
Jolu debugged and I watched over his shoulder. This used to be called “extreme programming,” which was a little embarrassing. Now we just call it “programming.” Two people are much better at spotting bugs than one. As the cliche goes, “With enough eyeballs, all bugs are shallow.”
Jolu debugged and I watched over his shoulder. This used to be called “extreme programming,” which was a little embarrassing. Now we just call it “programming.” Two people are much better at spotting bugs than one. As the cliche goes, “With enough eyeballs, all bugs are shallow.”33
1
We were working our way through the bug reports and getting ready to push out the new rev. It all auto-updated in the background, so our users didn’t really need to do anything, they just woke up once a week or so with a better program. It was pretty freaky to know that the code I wrote would be used by hundreds of thousands of people, tomorrow!
1
We were working our way through the bug reports and getting ready to push out the new rev. It all auto-updated in the background, so our users didn’t really need to do anything, they just woke up once a week or so with a better program. It was pretty freaky to know that the code I wrote would be used by hundreds of thousands of people, tomorrow!35
I thought back to our Harajuku Fun Madness days. There were lots of social challenges involving large groups of people as part of that game.
I thought back to our Harajuku Fun Madness days. There were lots of social challenges involving large groups of people as part of that game.36
“OK, you’re right. But let’s at least try to keep this secret. Tell them that they can bring a maximum of one person, and it has to be someone they’ve known personally for a minimum of five years.”
“OK, you’re right. But let’s at least try to keep this secret. Tell them that they can bring a maximum of one person, and it has to be someone they’ve known personally for a minimum of five years.”37
Jolu looked up from the screen. “Hey,” he said. “Hey, that would totally work. I can really see it. I mean, if you told me not to bring anyone, I’d be all, ‘Who the hell does he think he is?’ But when you put it that way, it sounds like some awesome 007 stuff.”
Jolu looked up from the screen. “Hey,” he said. “Hey, that would totally work. I can really see it. I mean, if you told me not to bring anyone, I’d be all, ‘Who the hell does he think he is?’ But when you put it that way, it sounds like some awesome 007 stuff.”38
I found a bug. We drank some coffee. I went home and played a little Clockwork Plunder, trying not to think about key-winders with nosy questions, and slept like a baby.
I found a bug. We drank some coffee. I went home and played a little Clockwork Plunder, trying not to think about key-winders with nosy questions, and slept like a baby.40
Sutro baths are San Francisco’s authentic fake Roman ruins. When it opened in 1896, it was the largest indoor bathing house in the world, a huge Victorian glass solarium filled with pools and tubs and even an early water slide. It went downhill by the fifties, and the owners torched it for the insurance in 1966. All that’s left is a labyrinth of weathered stone set into the sere cliff-face at Ocean Beach. It looks for all the world like a Roman ruin, crumbled and mysterious, and just beyond them is a set of caves that let out into the sea. In rough tides, the waves rush through the caves and over the ruins — they’ve even been known to suck in and drown the occasional tourist.
Sutro baths are San Francisco’s authentic fake Roman ruins. When it opened in 1896, it was the largest indoor bathing house in the world, a huge Victorian glass solarium filled with pools and tubs and even an early water slide. It went downhill by the fifties, and the owners torched it for the insurance in 1966. All that’s left is a labyrinth of weathered stone set into the sere cliff-face at Ocean Beach. It looks for all the world like a Roman ruin, crumbled and mysterious, and just beyond them is a set of caves that let out into the sea. In rough tides, the waves rush through the caves and over the ruins — they’ve even been known to suck in and drown the occasional tourist.41
Ocean Beach is way out past Golden Gate park, a stark cliff lined with expensive, doomed houses, plunging down to a narrow beach studded with jellyfish and brave (insane) surfers. There’s a giant white rock that juts out of the shallows off the shore. That’s called Seal Rock, and it used to be the place where the sea lions congregated until they were relocated to the more tourist-friendly environs of Fisherman’s Wharf.
Ocean Beach is way out past Golden Gate park, a stark cliff lined with expensive, doomed houses, plunging down to a narrow beach studded with jellyfish and brave (insane) surfers. There’s a giant white rock that juts out of the shallows off the shore. That’s called Seal Rock, and it used to be the place where the sea lions congregated until they were relocated to the more tourist-friendly environs of Fisherman’s Wharf.42
6
After dark, there’s hardly anyone out there. It gets very cold, with a salt spray that’ll soak you to your bones if you let it. The rocks are sharp and there’s broken glass and the occasional junkie needle.
6
After dark, there’s hardly anyone out there. It gets very cold, with a salt spray that’ll soak you to your bones if you let it. The rocks are sharp and there’s broken glass and the occasional junkie needle.44
Bringing along the tarpaulins and chemical glove-warmers was my idea. Jolu figured out where to get the beer — his older brother, Javier, had a buddy who actually operated a whole underage drinking service: pay him enough and he’d back up to your secluded party spot with ice-chests and as many brews as you wanted. I blew a bunch of my indienet programming money, and the guy showed up right on time: 8PM, a good hour after sunset, and lugged the six foam ice-chests out of his pickup truck and down into the ruins of the baths. He even brought a spare chest for the empties.
Bringing along the tarpaulins and chemical glove-warmers was my idea. Jolu figured out where to get the beer — his older brother, Javier, had a buddy who actually operated a whole underage drinking service: pay him enough and he’d back up to your secluded party spot with ice-chests and as many brews as you wanted. I blew a bunch of my indienet programming money, and the guy showed up right on time: 8PM, a good hour after sunset, and lugged the six foam ice-chests out of his pickup truck and down into the ruins of the baths. He even brought a spare chest for the empties.45
“You kids play safe now,” he said, tipping his cowboy hat. He was a fat Samoan guy with a huge smile, and a scary tank-top that you could see his armpit- and belly- and shoulder-hair escaping from. I peeled twenties off my roll and handed them to him — his markup was 150 percent. Not a bad racket.
“You kids play safe now,” he said, tipping his cowboy hat. He was a fat Samoan guy with a huge smile, and a scary tank-top that you could see his armpit- and belly- and shoulder-hair escaping from. I peeled twenties off my roll and handed them to him — his markup was 150 percent. Not a bad racket.46
He looked at my roll. “You know, I could just take that from you,” he said, still smiling. “I’m a criminal, after all.”
He looked at my roll. “You know, I could just take that from you,” he said, still smiling. “I’m a criminal, after all.”47
I put my roll in my pocket and looked him levelly in the eye. I’d been stupid to show him what I was carrying, but I knew that there were times when you should just stand your ground.
I put my roll in my pocket and looked him levelly in the eye. I’d been stupid to show him what I was carrying, but I knew that there were times when you should just stand your ground.48
“I’m just messing with you,” he said, at last. “But you be careful with that money. Don’t go showing it around.”
“I’m just messing with you,” he said, at last. “But you be careful with that money. Don’t go showing it around.”50
His smile got even bigger. “Ha! They’re not even real five-oh. Those peckerwoods don’t know nothin’.”
His smile got even bigger. “Ha! They’re not even real five-oh. Those peckerwoods don’t know nothin’.”51
I looked over at his truck. Prominently displayed in his windscreen was a FasTrak. I wondered how long it would be until he got busted.
I looked over at his truck. Prominently displayed in his windscreen was a FasTrak. I wondered how long it would be until he got busted.53
I smiled and waved at him as though he was walking back to his truck, which he should have been doing. He eventually got the hint and drove away. His smile never faltered.
I smiled and waved at him as though he was walking back to his truck, which he should have been doing. He eventually got the hint and drove away. His smile never faltered.54
Jolu helped me hide the coolers in the rubble, working with little white LED torches on headbands. Once the coolers were in place, we threw little white LED keychains into each one, so it would glow when you took the styrofoam lids off, making it easier to see what you were doing.
Jolu helped me hide the coolers in the rubble, working with little white LED torches on headbands. Once the coolers were in place, we threw little white LED keychains into each one, so it would glow when you took the styrofoam lids off, making it easier to see what you were doing.55
It was a moonless night and overcast, and the distant streetlights barely illuminated us. I knew we’d stand out like blazes on an infrared scope, but there was no chance that we’d be able to get a bunch of people together without being observed. I’d settle for being dismissed as a little drunken beach-party.
It was a moonless night and overcast, and the distant streetlights barely illuminated us. I knew we’d stand out like blazes on an infrared scope, but there was no chance that we’d be able to get a bunch of people together without being observed. I’d settle for being dismissed as a little drunken beach-party.56
1
I don’t really drink much. There’s been beer and pot and ecstasy at the parties I’ve been going to since I was 14, but I hated smoking (though I’m quite partial to a hash brownie every now and again), ecstasy took too long — who’s got a whole weekend to get high and come down — and beer, well, it was all right, but I didn’t see what the big deal was. My favorite was big, elaborate cocktails, the kind of thing served in a ceramic volcano, with six layers, on fire, and a plastic monkey on the rim, but that was mostly for the theater of it all.
1
I don’t really drink much. There’s been beer and pot and ecstasy at the parties I’ve been going to since I was 14, but I hated smoking (though I’m quite partial to a hash brownie every now and again), ecstasy took too long — who’s got a whole weekend to get high and come down — and beer, well, it was all right, but I didn’t see what the big deal was. My favorite was big, elaborate cocktails, the kind of thing served in a ceramic volcano, with six layers, on fire, and a plastic monkey on the rim, but that was mostly for the theater of it all.57
I actually like being drunk. I just don’t like being hungover, and boy, do I ever get hungover. Though again, that might have to do with the kind of drinks that come in a ceramic volcano.
I actually like being drunk. I just don’t like being hungover, and boy, do I ever get hungover. Though again, that might have to do with the kind of drinks that come in a ceramic volcano.58
2
But you can’t throw a party without putting a case or two of beer on ice. It’s expected. It loosens things up. People do stupid things after too many beers, but it’s not like my friends are the kind of people who have cars. And people do stupid things no matter what — beer or grass or whatever are all incidental to that central fact.
2
But you can’t throw a party without putting a case or two of beer on ice. It’s expected. It loosens things up. People do stupid things after too many beers, but it’s not like my friends are the kind of people who have cars. And people do stupid things no matter what — beer or grass or whatever are all incidental to that central fact.59
Jolu and I each cracked beers — Anchor Steam for him, a Bud Lite for me — and clinked the bottles together, sitting down on a rock.
Jolu and I each cracked beers — Anchor Steam for him, a Bud Lite for me — and clinked the bottles together, sitting down on a rock.63
We drank in silence. The Bud Lite was the least alcoholic thing in the ice-chest. I’d need a clear head later.
We drank in silence. The Bud Lite was the least alcoholic thing in the ice-chest. I’d need a clear head later.65
He turned to me. “No man, I don’t get scared. I’m always scared. I’ve been scared since the minute the explosions happened. I’m so scared sometimes, I don’t want to get out of bed.”
He turned to me. “No man, I don’t get scared. I’m always scared. I’ve been scared since the minute the explosions happened. I’m so scared sometimes, I don’t want to get out of bed.”67
He smiled. “About that,” he said. “Maybe I won’t, not for much longer. I mean, it’s been great helping you. Great. Really excellent. I don’t know when I’ve done anything so important. But Marcus, bro, I have to say. . .” He trailed off.
He smiled. “About that,” he said. “Maybe I won’t, not for much longer. I mean, it’s been great helping you. Great. Really excellent. I don’t know when I’ve done anything so important. But Marcus, bro, I have to say. . .” He trailed off.69
“I can’t do it forever,” he said at last. “Maybe not even for another month. I think I’m through. It’s too much risk. The DHS, you can’t go to war on them. It’s crazy. Really actually crazy.”
“I can’t do it forever,” he said at last. “Maybe not even for another month. I think I’m through. It’s too much risk. The DHS, you can’t go to war on them. It’s crazy. Really actually crazy.”71
“I’m not criticizing you, man. I think it’s great that you’ve got the bravery to do this all the time. But I haven’t got it. I can’t live my life in perpetual terror.”
“I’m not criticizing you, man. I think it’s great that you’ve got the bravery to do this all the time. But I haven’t got it. I can’t live my life in perpetual terror.”73
“I’m saying I’m out. I’m going to be one of those people who acts like it’s all OK, like it’ll all go back to normal some day. I’m going to use the Internet like I always did, and only use the Xnet to play games. I’m going to get out is what I’m saying. I won’t be a part of your plans anymore.”
“I’m saying I’m out. I’m going to be one of those people who acts like it’s all OK, like it’ll all go back to normal some day. I’m going to use the Internet like I always did, and only use the Xnet to play games. I’m going to get out is what I’m saying. I won’t be a part of your plans anymore.”75
“I know that’s leaving you on your own. I don’t want that, believe me. I’d much rather you give up with me. You can’t declare war on the government of the USA. It’s not a fight you’re going to win. Watching you try is like watching a bird fly into a window again and again.”
“I know that’s leaving you on your own. I don’t want that, believe me. I’d much rather you give up with me. You can’t declare war on the government of the USA. It’s not a fight you’re going to win. Watching you try is like watching a bird fly into a window again and again.”76
He wanted me to say something. What I wanted to say was, Jesus Jolu, thanks so very much for abandoning me! Do you forget what it was like when they took us away? Do you forget what the country used to be like before they took it over? But that’s not what he wanted me to say. What he wanted me to say was:
He wanted me to say something. What I wanted to say was, Jesus Jolu, thanks so very much for abandoning me! Do you forget what it was like when they took us away? Do you forget what the country used to be like before they took it over? But that’s not what he wanted me to say. What he wanted me to say was:83
“I hate to say it, but you’re white. I’m not. White people get caught with cocaine and do a little rehab time. Brown people get caught with crack and go to prison for twenty years. White people see cops on the street and feel safer. Brown people see cops on the street and wonder if they’re about to get searched. The way the DHS is treating you? The law in this country has always been like that for us.”
“I hate to say it, but you’re white. I’m not. White people get caught with cocaine and do a little rehab time. Brown people get caught with crack and go to prison for twenty years. White people see cops on the street and feel safer. Brown people see cops on the street and wonder if they’re about to get searched. The way the DHS is treating you? The law in this country has always been like that for us.”84
It was so unfair. I didn’t ask to be white. I didn’t think I was being braver just because I’m white. But I knew what Jolu was saying. If the cops stopped someone in the Mission and asked to see some ID, chances were that person wasn’t white. Whatever risk I ran, Jolu ran more. Whatever penalty I’d pay, Jolu would pay more.
It was so unfair. I didn’t ask to be white. I didn’t think I was being braver just because I’m white. But I knew what Jolu was saying. If the cops stopped someone in the Mission and asked to see some ID, chances were that person wasn’t white. Whatever risk I ran, Jolu ran more. Whatever penalty I’d pay, Jolu would pay more.87
I could see people walking down the side trail toward us. They were friends of Jolu’s, two Mexican guys and a girl I knew from around, short and geeky, always wearing cute black Buddy Holly glasses that made her look like the outcast art-student in a teen movie who comes back as the big success.
I could see people walking down the side trail toward us. They were friends of Jolu’s, two Mexican guys and a girl I knew from around, short and geeky, always wearing cute black Buddy Holly glasses that made her look like the outcast art-student in a teen movie who comes back as the big success.88
Jolu introduced me and gave them beers. The girl didn’t take one, but instead produced a small silver flask of vodka from her purse and offered me a drink. I took a swallow — warm vodka must be an acquired taste — and complimented her on the flask, which was embossed with a repeating motif of Parappa the Rapper characters.
Jolu introduced me and gave them beers. The girl didn’t take one, but instead produced a small silver flask of vodka from her purse and offered me a drink. I took a swallow — warm vodka must be an acquired taste — and complimented her on the flask, which was embossed with a repeating motif of Parappa the Rapper characters.89
“It’s Japanese,” she said as I played another LED keyring over it. “They have all these great booze-toys based on kids’ games. Totally twisted.”
“It’s Japanese,” she said as I played another LED keyring over it. “They have all these great booze-toys based on kids’ games. Totally twisted.”90
I introduced myself and she introduced herself. “Ange,” she said, and shook my hand with hers — dry, warm, with short nails. Jolu introduced me to his pals, whom he’d known since computer camp in the fourth grade. More people showed up — five, then ten, then twenty. It was a seriously big group now.
I introduced myself and she introduced herself. “Ange,” she said, and shook my hand with hers — dry, warm, with short nails. Jolu introduced me to his pals, whom he’d known since computer camp in the fourth grade. More people showed up — five, then ten, then twenty. It was a seriously big group now.91
We’d told people to arrive by 9:30 sharp, and we gave it until 9:45 to see who all would show up. About three quarters were Jolu’s friends. I’d invited all the people I really trusted. Either I was more discriminating than Jolu or less popular. Now that he’d told me he was quitting, it made me think that he was less discriminating. I was really pissed at him, but trying not to let it show by concentrating on socializing with other people. But he wasn’t stupid. He knew what was going on. I could see that he was really bummed. Good.
We’d told people to arrive by 9:30 sharp, and we gave it until 9:45 to see who all would show up. About three quarters were Jolu’s friends. I’d invited all the people I really trusted. Either I was more discriminating than Jolu or less popular. Now that he’d told me he was quitting, it made me think that he was less discriminating. I was really pissed at him, but trying not to let it show by concentrating on socializing with other people. But he wasn’t stupid. He knew what was going on. I could see that he was really bummed. Good.92
“OK,” I said, climbing up on a ruin, “OK, hey, hello?” A few people nearby paid attention to me, but the ones in the back kept on chatting. I put my arms in the air like a referee, but it was too dark. Eventually I hit on the idea of turning my LED keychain on and pointing it at each of the talkers in turn, then at me. Gradually, the crowd fell quiet.
“OK,” I said, climbing up on a ruin, “OK, hey, hello?” A few people nearby paid attention to me, but the ones in the back kept on chatting. I put my arms in the air like a referee, but it was too dark. Eventually I hit on the idea of turning my LED keychain on and pointing it at each of the talkers in turn, then at me. Gradually, the crowd fell quiet.93
I welcomed them and thanked them all for coming, then asked them to close in so I could explain why we were there. I could tell they were into the secrecy of it all, intrigued and a little warmed up by the beer.
I welcomed them and thanked them all for coming, then asked them to close in so I could explain why we were there. I could tell they were into the secrecy of it all, intrigued and a little warmed up by the beer.94
“So here it is. You all use the Xnet. It’s no coincidence that the Xnet was created right after the DHS took over the city. The people who did that are an organization devoted to personal liberty, who created the network to keep us safe from DHS spooks and enforcers.” Jolu and I had worked this out in advance. We weren’t going to cop to being behind it all, not to anyone. It was way too risky. Instead, we’d put it out that we were merely lieutenants in “M1k3y”’s army, acting to organize the local resistance.
“So here it is. You all use the Xnet. It’s no coincidence that the Xnet was created right after the DHS took over the city. The people who did that are an organization devoted to personal liberty, who created the network to keep us safe from DHS spooks and enforcers.” Jolu and I had worked this out in advance. We weren’t going to cop to being behind it all, not to anyone. It was way too risky. Instead, we’d put it out that we were merely lieutenants in “M1k3y”’s army, acting to organize the local resistance.95
“The Xnet isn’t pure,” I said. “It can be used by the other side just as readily as by us. We know that there are DHS spies who use it now. They use social engineering hacks to try to get us to reveal ourselves so that they can bust us. If the Xnet is going to succeed, we need to figure out how to keep them from spying on us. We need a network within the network.”
“The Xnet isn’t pure,” I said. “It can be used by the other side just as readily as by us. We know that there are DHS spies who use it now. They use social engineering hacks to try to get us to reveal ourselves so that they can bust us. If the Xnet is going to succeed, we need to figure out how to keep them from spying on us. We need a network within the network.”96
I paused and let this sink in. Jolu had suggested that this might be a little heavy — learning that you’re about to be brought into a revolutionary cell.
I paused and let this sink in. Jolu had suggested that this might be a little heavy — learning that you’re about to be brought into a revolutionary cell.97
“Now, I’m not here to ask you to do anything active. You don’t have to go out jamming or anything. You’ve been brought here because we know you’re cool, we know you’re trustworthy. It’s that trustworthiness I want to get you to contribute tonight. Some of you will already be familiar with the web of trust and keysigning parties, but for the rest of you, I’ll run it down quickly –” Which I did.
“Now, I’m not here to ask you to do anything active. You don’t have to go out jamming or anything. You’ve been brought here because we know you’re cool, we know you’re trustworthy. It’s that trustworthiness I want to get you to contribute tonight. Some of you will already be familiar with the web of trust and keysigning parties, but for the rest of you, I’ll run it down quickly –” Which I did.98
“Now what I want from you tonight is to meet the people here and figure out how much you can trust them. We’re going to help you generate key-pairs and share them with each other.”
“Now what I want from you tonight is to meet the people here and figure out how much you can trust them. We’re going to help you generate key-pairs and share them with each other.”99
This part was tricky. Asking people to bring their own laptops wouldn’t have worked out, but we still needed to do something hella complicated that wouldn’t exactly work with paper and pencil.
This part was tricky. Asking people to bring their own laptops wouldn’t have worked out, but we still needed to do something hella complicated that wouldn’t exactly work with paper and pencil.100
I held up a laptop Jolu and I had rebuilt the night before, from the ground up. “I trust this machine. Every component in it was laid by our own hands. It’s running a fresh out-of-the-box version of ParanoidLinux, booted off of the DVD. If there’s a trustworthy computer left anywhere in the world, this might well be it.
I held up a laptop Jolu and I had rebuilt the night before, from the ground up. “I trust this machine. Every component in it was laid by our own hands. It’s running a fresh out-of-the-box version of ParanoidLinux, booted off of the DVD. If there’s a trustworthy computer left anywhere in the world, this might well be it.101
“I’ve got a key-generator loaded here. You come up here and give it some random input — mash the keys, wiggle the mouse — and it will use that as the seed to create a random public- and private key for you, which it will display on the screen. You can take a picture of the private key with your phone, and hit any key to make it go away forever — it’s not stored on the disk at all. Then it will show you your public key. At that point, you call over all the people here you trust and who trust you, and they take a picture of the screen with you standing next to it, so they know whose key it is.
“I’ve got a key-generator loaded here. You come up here and give it some random input — mash the keys, wiggle the mouse — and it will use that as the seed to create a random public- and private key for you, which it will display on the screen. You can take a picture of the private key with your phone, and hit any key to make it go away forever — it’s not stored on the disk at all. Then it will show you your public key. At that point, you call over all the people here you trust and who trust you, and they take a picture of the screen with you standing next to it, so they know whose key it is.102
“When you get home, you have to convert the photos to keys. This is going to be a lot of work, I’m afraid, but you’ll only have to do it once. You have to be super-careful about typing these in — one mistake and you’re screwed. Luckily, we’ve got a way to tell if you’ve got it right: beneath the key will be a much shorter number, called the ‘fingerprint’. Once you’ve typed in the key, you can generate a fingerprint from it and compare it to the fingerprint, and if they match, you’ve got it right.”
“When you get home, you have to convert the photos to keys. This is going to be a lot of work, I’m afraid, but you’ll only have to do it once. You have to be super-careful about typing these in — one mistake and you’re screwed. Luckily, we’ve got a way to tell if you’ve got it right: beneath the key will be a much shorter number, called the ‘fingerprint’. Once you’ve typed in the key, you can generate a fingerprint from it and compare it to the fingerprint, and if they match, you’ve got it right.”103
They all boggled at me. OK, so I’d asked them to do something pretty weird, it’s true, but still.
They all boggled at me. OK, so I’d asked them to do something pretty weird, it’s true, but still.
Man-in-the-middle attack is an actual counterespionage method that involves the interception of messages from one party and the transmission of different information to another party. For more, see http://en.wikipedia.org/wiki/Man-in-the-middle_attack
For a dissertation on how best to counteract man-in-the-middle attacks using cryptography and other methods, see this dissertation: http://www.cs.ucla.edu/~rafail/STUDENTS/katz-thesis.pdf
Public-key cryptography revolutionized the encryption of messages in the 1970s when algorithms with special properties were discovered. These algorithms are so computationally complex that they allow a public key, which can be released widely, to be used in conjunction with a secret key that is mathematically related and virtually impossible to decode because of the computational difficulty involved. For more, see http://en.wikipedia.org/wiki/Public-key_cryptography
The concept of “transitive trust” has been much studied. In a nutshell, it involves ways in the interactive computer world of establishing whom to trust. In the physical world, people discovered how to develop and establish trust, whether through handshakes or written contracts or just reading people’s body language, but in a world where communication is instantaneous, transient and no longer face-to-face, different protocols are called for. For an explanation of various ways to establish transitive trust, check out this paper from Trinity College in Dublin, Ireland: http://persons.unik.no/josang/papers/JGK2006-WIAS.pdf
The concept of a “web of trust” is also much studied. Trust has several different components and can change over time and in different situations. For an excellent introduction to the concept of developing trusted networks, go to http://persons.unik.no/josang/papers/JIB2007-DSS.pdf
Key signing parties are an acknowledged way of exchanging keys with others from a trusted group. For instance, see this explanation: https://www.cs.tcd.ie/David.OCallaghan/phd-thesis/thesis.pdf. For tips on what to do before attending a key signing party, look here: http://commandline.org.uk/command-line/ten-steps-for-attending-a-keysigning-party/
There actually is a website at http://www.indie-net.com, but it is rather mysterious. It merely asks the Web site user to type in his name, address, phone number, email address and Website or domain name and to leave a message. No doubt the group that uses the site knows what this all means, but it is unclear to the casual user. To see the site, go to http://www.indie-net.com/
Studies have shown “extreme programming,” also called “pair programming,” has significant benefits over coding done by individuals. The code tends to have fewer errors and uses fewer lines, plus the people learn from one another and have a better understanding of the overall project, according to this study: http://jacques.dsc.ufcg.edu.br/cursos/map/recursos/XPSardinia.pdf
“the new rev” is geek speak for “the new revision,” as can be gleaned from the following note: http://osdir.com/ml/os.solaris.blastwave.user/2008-07/msg00020.html
The baths featured one fresh water and six salt water pools, but high operating costs kept it on the brink of failure before its ultimate demise. For pictures of the Sutro baths today and in 1896, and for further descriptions of its history and dimensions, go to http://en.wikipedia.org/wiki/Sutro_Baths
A map showing where Sutro baths is located within San Francisco can be seen here: http://maps.google.com/maps?hl=en&um=1&q=Sutro%20baths%2Cmap&ndsp=20&ie=UTF-8&sa=N&tab=il
One such drowning apparently occurred three years ago, though the body was never recovered and it appears that alcohol was a factor. For details, see http://sfist.com/2006/03/31/missing_person_at_sutro_baths.php
Seal Rocks, as it is rightfully called, does just out of the sea on the north side of Ocean Beach near San Francisco. The rocky island gets its name from the sea lions that congregate there. For more, including a photo, go to http://en.wikipedia.org/wiki/Seal_Rocks_(San_Francisco,_California)
Seal Rocks, as it is rightfully called, does just out of the sea on the north side of Ocean Beach near San Francisco. The rocky island gets its name from the sea lions that used to congregate there. For more, including a photo, go to http://en.wikipedia.org/wiki/Seal_Rocks_(San_Francisco,_California)
Hash brownies are not made from hashish, but from marijuana, according to several sources, including the Urban Dictionary. For details, go to http://www.urbandictionary.com/define.php?term=hash%20brownies
Anchor Steam Beer is brewed in San Francisco by the Anchor Brewing Company. “Steam” became a generic name for beer made on the West Coast under primitive conditions more than a century ago. No one knows for sure why. For information, go to http://www.anchorbrewing.com/beers/
Anchor Steam Beer is brewed in San Francisco by the Anchor Brewing Company. “Steam” became a generic name for beer made on the West Coast under primitive conditions more than a century ago. No one knows for sure why. For information, go to http://www.anchorbrewing.com/beers/
Bird-window collisions are more likely to occur from sunrise to 1 p.m., and about a quarter of all bird species have been reported to have rammed into windows. There are no studies about birds that might fly into a window over and over again, but one major study indicated that clear windows and reflective windows are most likely to lead to bird strikes. See http://www.windowcollisions.info/public/klem_collisions_1989.pdf
Some (shameful) statistics from: http://www.mediastudy.com/articles/incarceration.html
According to the Substance Abuse and Mental Health Services Administration, African Americans make up 13% of illicit drug users in the United States. However, according to the Sentencing Project, a policy research institute funded in part by the Department of Justice, African Americans constitute 35% of all arrests for drug possession, 55% of all drug possession convictions and a whopping 74% of people sentenced to jail for drug possession. White people, by comparison, make up 74% of illicit drug users but roughly account for only one fifth of those serving jail time for drug possession. Put simply, this means that if a white man in Amherst and a Black man in Buffalo both personally consume illicit drugs, the Black man is over 20 times more likley to wind up in jail.”
Ocean Beach is indeed “way out past Golden Gate Park.” Here’s a map for your reference: http://maps.google.com/maps?hl=en&source=hp&ie=UTF-8&q=ocean+beach+san+francisco+ca&fb=1&split=1&gl=us&cid=14730513978262927510&li=lmd
For more details on Ocean Beach, visit the Golden Gate National Parks Conservancy: http://www.parksconservancy.org/visit/park-sites/ocean-beach.html
According to “Earth-Easy,” the benefits of LED lightbulbs include that they are “long lasting, durable, cool, mercury free, more efficient, and cost-effective” They also provide “light for remote areas.” For more information, visit http://www.eartheasy.com/live_energyeff_lighting.htm#led