1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
Joi Ito
He is the director of the MIT Media Lab. He served as the chairman of the Creative Commons and is on the board of the Mozilla Foundation.
Just so that I can get a sense of the room, how many people here would say that you are technical? Most of you. How many of you were on the cypherpunks mailing list? How many of you have been threatened by Timothy May? How many of you know Timothy May? Okay.
It's interesting. If you go back, this isn't really a new thing. I have been paying attention, I was paying a lot more attention in the 90s. We setup one of the first ecast servers. I hanged out with the cypherpunks at the hacking conferences. I have been interested in this space for a while. What's interesting is if you think about the arc of attention and the sudden increased attention in cryptocurrency. I am looking at other types of technology and platforms and how they proliferated in those curves. I will talk about the community.
I don't know how many of you have read this, this went out on the developers list. The research perspectives and perspectives for challenges on cryptocurrencies. I am sort of influenced by this at the moment. A lot of the stuff you already know, it sort of systematically and neutrally goes around all the various types of attacks and weaknesses and strengths. We need to bring in the non-, how do you call it, the traditional computer scientists to look at this in a robust way. In addition to all the regulators, there are a lot of people that aren't sure how safe this is.
As we start to look at the security and think about formal proofs, I guess it was Kevin Mitnick. The human in the loop is the weakest part of the loop. You can have a secure algorithm that you can provably secure but it is only as weak as the weakest part. Obviously human beings. And also hardware. So I find it fun and ironic that Zappo has to put your Bitcoin into deep freeze with the power off to make sure it is secure. So we end up in the physical world.
And then you have to watch it through the manufacturing process because of the possibility of tampering. I think that is one of the weakest links. We have been working in Shenhzen lately at PCB factories, and I am standing on that floor and there's people you trust, and working with them is an essential element of that. We need to make sure that we don't forget, I used to run an ISP and lots of people talked about cyberspace as if there was no physical element. But there are really routers and stuff sitting around. There's intermediaries.
The physical hardware is really quite exposed. In addition to thinking about ,ti's not the bitcoiner's job, but we are putting more targetable risk into the hardware devices that we have right now. I think that thinking about secure hardware and network security is important. We have to think about secure people. Do you trust the person on the factory floor? Do you trust the person carrying it across the border?
The human brain is pretty hackable. It is more insecure than any software system we have. This guy has an experiment where he wires up your brain, and you click this button. Click and a light goes on, and if the light goes on already, then you don't have to click it. Three seconds after they see you getting ready to make the decision, they turn the light on and you click it anyway because you don't realize the light is on. And so there's a five second window in your brain after you have decided to do something, before you realized you decided to do something, I think that is a big security hole. Because he is sitting there behind you, knowing before you know what you are going to do. And what happens when you trigger that free will neuron? And we're learning more and more about how we are going to be manipulating brains. We have a great deal of self-deception. You may feel trustworthy, but somebody may embed an exploit, like through hypnosis or something. I may have many friends that I completely trust, but I wouldn't trust that their brains haven't been tampered with.
Last week we did a gut biome discussion. Much of our personality is driven by the bacteria in our gut. In certain diseases, a fecal matter transplant (basically a poop transplant) fixes diseases but you also get the personality and the allergies that you get the FMT from. So if you could imagine stealth FMTs, and you wake up and suddenly you are a different person. So we are going to need tamper-proof assholes. So we know experimentally that you can copy personality from one person to another with a fecal matter transplant, but what's interesting is when the NSA begins to design bacteria to make you behave in different ways. Perhaps this can solve depression in a few ways; so that means it will be funded. You have to be aware of the different levels and layers where attacks can occur.
There's a, there's another part which is when you think about the hardware, it's really important to remember that, this could all be a simulation. We could all be sitting inside a big AI, and then any security we think we have is just an illusion. I don't know if you guys know Bunnie Huang, but he had this idea, this Chinese GSM chip sitting on a board built into his laptop. The chip had all of its pins wired up. So for all the chip knew, it was being a phone. But it was on a little card in his computer where he could manipulate any input or output. But he was completely monitoring it and creating a simulation. All of our hardware has concentric rings of vulnerability. For that chip he was reverse engineering it. We should think about these shells. Regulation has a lot to do with what we can and can't do with Bitcoin.
One thing to think about is the community and the architecture of the community. If you think about the technology we use today, like ethernet, it was probably not the best thing that could have been devised at the time. Because of a variety of factors, it got to the right place at the right time. You can use game theory in retrospect to explain why ipv6 is not switched on everywhere. But in advance it would have been hard to predict TCP/IP and ethernet. Those are probably more to do with community architecture and personality than with technology.
Bitcoin wants to be widely accepted and scale in terms of impact and proliferation. It is not necessarily the only success case. Take the tor network for instance. It is extremely important and valuable for a small subset of people. That could be a possible endgame for the blockchain. It could be a small isolated community of people. I don't think that's what most people think here. They want it to scale. So when you think about scaling, you should look at the different things that have scaled and why they were able to scale.
I was at a conference recently with Tim Berners-Lee. He got a question he always get. Why did you get it all away? Why not try to make money on the web standards? And we all kind of know the answer, but he said it eloquently: well, it wouldn't have become the standard if I had patented it and tried to make money. I put all the slashes there because that's how people worked with filesystems, and tags were for SGML and the markup community, but I was trying to design a standard that was most likely to be adopted, by not encumbering it with intellectual property, and trying to give it away. And the other part is that you had Tim. And on the internet you had John Pascal(?) with initial names and numbers. And you had Linus Torvalds that drew a line around the kernel and said what's in and out. Most of these communities have ways of making decisions and having core values.
I think one of the things that is tricky is you either have a personality or it evolves over time. Pieces of the internet after John passed away, ICANN does not work perfectly but it sort of functions and it somehow allows the commercial and government interests... when I was on the board of ICANN, the governments are only advisors. They have an advisory committee. The government does not control ICANN. Nobody controls it. It's consensus (what?). It's able to protect the technical people from the financial interests. Engineering reasons win out.
I think this is important, and I may be biased, but there are tremendous number of people who are highly technical but not motivated by money or government at all. The internet is not run by the government. A big chunk of the root nodes are crazy people that you have never heard about, because they are bale to attract technical talent that want to work on the right thing.
I think that what's interesting is that as financial interests get involved in regulation, commerce, funding, it starts to skew the interests of people from doing it because it's right or correct, to doing it for other reasons. In places where the money has come in quickly and the technical people have run away, you see huge failures. Or in the worst cases where there wasn't any technical people in the first place. I think the government on the internet realized that it can't control it. It needs to depend on these non-commercial hippies at some level. They are okay with this idea at some level. They are not in charge. It took a lot of wrangling. I think technical people underestimate how important it is to cut deals with corporations and governments.
The web and the internet was similar. Remember the bubble just before 2000. Late 90s. It was a mess. It was technically turning into crap. You had big companies. AOL merging with Time Warner. It was turning into a big pile of whatever. And it is interesting that after the crash, Douglas Roschoff said the stock price to before the internet existed. The market just said it's worth nothing, basically. Douglas called this the internet fending off an attack by the venture capitalists. Because that's kind of interesting. An attack. That's how we think about network robustness. I think that's how we should think about protecting this community and shepherding to technical things and getting technical things right.
Right after the crash, you had blogs. Most blog software was written by people who were recently unemployed. They wanted to say stuff, so they wrote code. You had healthy stuff emerge after the crash because you didn't have money people to accelerate stuff. I am a venture capitalist and I invest, so I am not against business. There's a timing that is very important. As a startup, you should not take money if you don't know the direction. It's not a good thing. I distinctly remember there was a thing called the web two point oh summit that Tim O'Reilly used to run. It was trying to get people together after the bubble crashed and to talk about it. It was a cool conference. I can't remember which one.
The fourth or fifth one, there were 2 sales people in front of me on an elevator. They had just joined their companies. They were trying to sell each other shit. I looked over and there was a trade floor of booths of people trying to sell people stuff. Great, some of my favorite companies exist, but my job is done here. I am going to move on. And they made money from me. But there is a phase that goes through when you have figured it out, then you hire the sales people and then they sell it to each other. I think the tricky part about Bitcoin is that everything happens at the same time. We're still trying to prove that the thing even works.
I think the biggest risk right now is that the architecture of the community is not... we don't even have Linus Torvalds. What do you call in and out? I used to have these licenses at Creative Commons, anything that looked like CC but wasn't one was bad because it was a fork. So when you start to build the network you want to stamp out forks, but if you are in the innovation phase you want forks. I think we're in one of those periods where you can't tell whether forking is good and bad. Because people are already using it while we are still in the experimental phase. I think there's a tremendous amount of risk. We should think about how this architecture gets created. How does the community work?
This is more of a question. I don't think it's ICANN. I think there's enough difference between internet and Bitcoin. There are many differences. I think we need to think about how to think about it.
One of the things that I think is important, and which is why I like amiller's paper, you need a substantial chunk of people that everyone trusts to be involved not for commercial reasons but because you want to make things work properly. You don't know if they are being exploited, maybe they have conflicts of interest, maybe they work for the NSA, maybe you can build this trust. There is so much blurring because of so much venture capital money, it's hard to find a safe space.
I want to end by proposing that everyone joins #bitcoin-wizards on freenode. I think academic institutions could help. I think this paper was Stanford and Princeton and maybe another one. What we are going to try to do is that MIT should also have a role to play here... I cannot officially announce, that we are starting to, we don't have a name for it yet, but we have a MIT cryptocurrency initiative, and .. we've had pieces and others working on Bitcoin stuff. I've met with central administration to go to Bitcoin a little bit broader. Simon Johnson who is a good economist joined this initiative. Ron Rivest, a great cryptographer, so what we are going to try to do is draw upon well known neutral players who do not have a stake in Bitcoin to try to think about the economics and the technical aspects of Bitcoin. I know about the policy side, yes that's there too. I think at the beginning that the academic institutions should serve as a place for people to hang out. We will also be reaching out to other people. Brian/Bryan who just.. he was at the whitehouse originally, but he wrote the internal whitehouse memo on Bitcoin. Now he is the project manager to pull the resources together at MIT. If you want to get involved, talk with him. To finish by cycling back to the security discussion.
I do think that real security, not security for just our friends, but from our friends and others when we talk about true trustless networks. Well that requires hardware that we can really trust. I think that's another area that we should start working on at MIT because we can sort of justify saying we are going to try to research pure security without making it sound like we're cypherpunks afraid of black helicopters.
So anyway, that is what we would like to do. Anybody who would like to be more involved, I would like to coordinate. That's a new project that we will be starting. Thanks everyone for coming.
|