These are a few pieces I've written recently.
I have a Patreon, here, where you can subscribe to support my security and systems-focused writing. You sign up for a fixed amount per essay (with an optional monthly cap), and you'll be notified every time I publish something new. At higher support levels, you'll get early access, a chance to get in-depth answers to your questions, and even for more general consulting time.
© Friday, 20-Sep-2019 17:07:45 UTC Eleanor Saitta.
A number of countries are currently trying to pass laws that will coerce development teams to destroy the security of their systems and build in backdoors. This is a terrible idea, so here are a few ways that we may be able to design around it.
What if we could build secure systems that didn't depend on central servers or even Internet access to let people collaborate? What would a system like this mean for political organizing, disaster relief, or even civic infrastructure? The Briar app and the Bramble framework are an attempt to find out. Briar has been in the works for a number of years now, but we haven't properly explained our vision to the world, and it was high time we did.
The 21st century will be defined by sociotechnical infrastructural systems, and our toolkit for understanding them is incomplete. In this piece, I lay the foundations for what I see as one of the big missing parts of that toolkit — the tools we need to diagnose and embody affect and social scripts. Long-time readers will be unsurprised to hear that I think Nordic larp has some of the answers. This piece was originally written for the 2016 Solmukohta book, and is based on my 2015 Nordic Larp Talk, but it's been adapted here for a broader audience. This piece, like much of my recent writing, was supported by Patreon. It's a different strand of my work than the security pieces I've released here so far, but it's just as important and intimately tied in with the way I think about security. I hope this acts as a reasonable introduction to this line of thinking.
Building secure software is hard, especially if you don't know where to start. This is the final part of my four-part Patreon-supported series intended to provide an overview of the process of secure application development. In this section, we'll look at everything that happens after you ship code, including field trials, updates, training, feedback, incident response, and operational security for development teams.
Building secure software is hard, especially if you don't know where to start. This is the third part of my four-part Patreon-supported series intended to provide an overview of the process of secure application development. In this section, we'll look at development and security testing.
Building secure software is hard, especially if you don't know where to start. This is the second part of my four-part Patreon-supported series intended to provide an overview of the process of secure application development. In this section, we'll look at everything that comes between design and actually writing code.
Building secure software is hard, especially if you don't know where to start. This is the first part of a four-part Patreon-supported series intended to provide an overview of the process of secure application development. It won't tell you how to do the work, but it should leave you with a good understanding of how the pieces fit together so you know what you need to learn. While I've had NGOs in mind while writing it, every organization that's starting out to build software, especially smaller teams writing higher-risk tools, should find something useful here.
We have enough secure messaging tools (kind of), but we need so much else. This is my first Patreon-supported essay, which went out a week early to my $10 and up subscribers. In it, I talk about the gaps I've seen in tools intended to support high-risk users and what solutions to fill them might look like. I also outline the set of properties that I think new secure messaging tools should support. This was written in part in response to issues with the IWMF check-in tool, but it's something I've been concerned about for some time.
What kinds of stories do the lives of high-risk users actually tell? One of the most difficult things for a security engineer or a designer to understand is the life of someone living under very different circumstances, and high-risk, specifically targeted users (whether targeted by a big adversary or a small one) often have needs that are both the hardest and most critical to understand. I'm intending to come back to this essay over time and collect more user cases, but I've started it off with just two.
Encryption is a better safeguard of our civil liberties than the law. In this piece for The Nation I talk about the tools that are more likely to effectively curtail mass surveillance. Sadly, the rule of law only plays a supporting role.
There is significant confusion as to the reach of the Wassenaar Arrangement. This was written just after the 2014 language became publicly discussed to try to explain what it actually covered and why.
In which we discuss Silicon Valley through a frame, or perhaps just talk about magic. This piece was written in conjunciton with the first @HauntedMachines conference at Future Everything in Manchester, where I also gave a similar talk, now transcribed by the wonderful Open Transcripts folks.
What does it mean to be a civilization faced with extinction? This piece was written for the 2014 Serpentine Marathon on extinction.
In Which Civil Society is Caught Between a Cop and a Spy. I continue to be worried about some of the tactical decisions that civil society is making in attempting to fight the scope of intelligence surveillance, as revealed in the Snowden and other leaks. In this piece, I try to explain that discomfort and what I think might work more effectively. This was a brief, unlikely to be repeated experiment with writing on Medium; it's nice, but I'll keep my future work here where I control the site.
Knowing where to start in the Nordic larp discourse can be challenging; it's a large volume of material, some of which is now much more core to the discourse than other bits, but it's also an amazing world that I want share with others. This is my index to that material, intended as an introduction to Nordic larp for non-larpers and/or non-Nordic folks. If you like this, what you probably really want is The Foundation Stone of Nordic Larp, the book-length reprints volume inspired by this piece that I edited for the 2014 Knutpunkt conference.
An essay on the US run of the game Mad About the Boy, concentrating on the differences between US and Nordic larp culture as presented by this game run and as they may impact the larger Nordic larp scene. Written for the 2013 Knutepunkt book Crossing Physical Borders. The full version of the book is available online here.
An essay on the game Just a Little Lovin', concentrating on the function of time and event in the game, written for the 2012 Solmukhota book States of Play: Nordic Larp Around the World. The full version of the book is available online here.
On storytelling, network culture, protocols, heroes, and legibility. This piece was originally written for the Net Narrative show organized by Harry Burke.
A review of Molly Crabapple and Laurie Penny's Discordia, including rambles on resilience, time, and sustainability.
Reflections on the year 2011: On Becoming an Adult. Originally written for the first New Public Thinking book, Despatches from the Invisible Revolution, available from PediaPress and featuring the work of many other fascinating folks, all reflecting on the year that was 2011.
What happens when we can't afford democracy any more? Originally written for the magazine Powision, published out of the University of Leipzig, for their November 2011 issue, “Wege aus der Demokratie?” or “Ways out of democracy?”. Also available in German.
A piece on the false promised of situated computation with respect to the way we live our lives and what the word “local” means in a modern, digitally mediated city.
This piece is part of Tim Maly's #50Cyborgs, a celebration of the 50th anniversary of the term "cyborg", first used in print in September of 1960 in an article published by the newly formed NASA, discussing the possibility of adapting humans to space. For the other posts in the series, see the 50 Cyborgs blog, or Tim's main blog, Quiet Babylon.
The Call for Essays for an (now-halted) project on what will become incomprehensible about media culture for the natives of network culture.
Architecture and urban planning define the world we interact with. This has many deep and not always obvious effects — everything from what we can do in public spaces to the kinds of families we can live with. The cities end up with rarely allow us the flexibility and humanity we want.
Cities, buildings, infrastructure are heavily politicized systems with embodied power structures on many different levels. We can intervene, alter those structures, and create the spaces we need and want. Architecture is generally the domain of the rich and powerful, but it doesn't have to be — we can intervene and hack the city.
In this talk, we'll explore modern urban power structures and look at different ways we as individuals can subvert the city. We'll move outside the design-culture consumer conversation around architecture and urban futurism, and explore how to change our cities, one brick at a time.
Published in monochrom (volume 26-34, “Ye Olde Self-Referentiality”, ISBN 3950237267) and also the forthcoming proceedings of the 2009 Paraflows conference: URBAN HACKING. Full text.
Originally presented as a talk at Arse Elektronika 2009 in San Francisco, Saturday, October 3 2009, and again at Notacon 7 in Cleveland, Saturday, April 17 2010. Talk description:
Humans use tools, and the tools we use change us. This is true for everything we do, and we're rarely more inventive than where sex is concerned. To understand the future of sex, we need to think like designers, and look at the future of sexual technology. The most basic frontiers of sexual technology are relatively well-trodden. An IP connected dildo is boring — fun to use, and certainly not an exhausted category, but theoretically less interesting. Let's explore new territory, ask questions, and answer them with design fictions.
The essay version of the script, to be published in the proceedings (forthcoming) is here.