 And now we can start, so I would like to introduce Ruben Blungarten from the Netherlands and he wants to talk about his project Choke Point project. Give him a warm round of applause. Okay, the Choke Point project. I don't have a lot of time, so what I intend to do is just very quickly go over the what and the how and hopefully skip into the why and leave enough time for some Q&A. The intention of the project is to create a near-time global censorship monitoring system. Okay, so actually it has multiple aspects. It's a global near-time censorship monitoring system. As you can see over here, the intention is to have whenever an incident happens, it show up on a map. Now, there are a number of problems with Jesus Christ. Okay, can I start again? Okay, hold on. I think next time I'll just write everything out, that'll be easier. Okay, the project has various aspects. The idea is to first of all collect a massive amount of data from various data sources. These could be either to create a connection map, a reliable near-real-time connection map, which would be created by parsing large data sets into the system. Another aspect is to create a... I think 15 times in the past four days with a bunch of people, but for some reason I'm just getting stuck here. So please bear with me. Okay, so we have all this data everywhere, right? Wow, I'm really stuck. Maybe I need to drink a little bit more. Okay, the point is to visualize specifically for non-technical people the actual current state of the internet. Now, one aspect is the connection map like I just previously tried to mention. Okay, hold on. Maybe I should actually read my notes. I'm just having a complete blackout here, so again, bear with me. But I talk very fast, so I hope I'll be able to tell you everything in the time I have left. Okay, so first thing, we're trying to collect near-real-time technical information from what actually happened on the network in various countries. We're trying to aggregate that with contextual information, so legal information, what laws are existing in what country, circumvention information, what circumvention measure is actually existing in what country, what is the current status of that circumvention measure. Because for most people out there, they might have heard of some kind of measure, but they're not aware of whether or not that is actually still usable and what the legal status of that circumvention measure is. So they might use something thinking that they're safe, and it turns out that they're not. So this is all very changeable information. Most of the audience here keeps up with the latest developments in that regard, but most people do not. So actually, I think maybe I should just go to the next slide because I'm getting confused again. Here we go. Of course, now I'm in my office thing. Okay, so let's go step-by-step. So this is an overview of a country. The first bit you see is the connectivity status. That will be derived from an aggregation of large datasets from already existing large distributed systems such as Google, Facebook, MLab, so forth and so on. Then there's transparency data, which right now is just being generated from the Google transparency information, which is very limited, but at least it provides some contextual information. There's the currently functioning circumvention information, which is what I just referred to. There's current legislation, which is something that is going to be hard to parse manually. Then there's lobbying activity. Now there we're looking for corporations with other organizations such as journalists with our borders that had a talk in room one before me. Now, Jesus. Okay, so here this would be the transparency data. This is actual data that we have important, but as I mentioned, this is very slow data, so there's nothing near real time about this. Actually, maybe I should turn the entire thing into a Q&A. Maybe I can just start answering questions instead of rambling on. It's a planned project. We have some elements already functioning. We have the transparency data, which is already being parsed into the system. We have the connectivity status, which is also already being parsed into the system, but currently we only have one dataset. That one dataset is the MLab data. What we did is we took one specific element of their data, which is the fact that they received a connection from a specific geography. Now that is something that is very repeatable with many large datasets that are out there. So the more datasets we have, the more reliable this will become, and it's fairly trivial to do it in near real time. So if at any point a country gets cut off, it will show on the map fairly immediately. Of course, we won't be able to differentiate between whether that is done on purpose or whether it's done through some natural disaster or someone making a mistake. So that is in fact information that other people will then have to go and look into. All the data sources that we intend to collect will be published in a publicly accessible database. So the idea is that we choose what we feel is important. We will visualize what we feel is important, and then anyone else can go and have a different opinion, look at our data and come to different conclusions or come up with new ideas. First of all, I would say that please hold up your hands when you have a question, and then I would probably give my first question to you. What is the general aim of your project? Could you explain it to me in a few sentences? The general aim of the project is geared towards journalists, politicians, researchers, activist groups. One aspect of the project is to have it function as an early warning system for organizations such as AccessNow that would really like to know what is happening in that country right now. Another aspect of it is to have it be an archival system, so you can go to the dataset related to a specific country and then figure out what is the history of this country. Is there an increase of malevolent behavior? Is there a decrease? Maybe a new government has come to power and you would like to see are they actually implementing new policies or are they not implementing new policies? Another question, will there be one database that is a single point of failure? No, but there will be a publicly reachable database so that that database will be updated and published, which can be accessed through an API. But that will not be the database that we publish, for Access will not be the database that we use to render the information. That will simply be a duplicate. I have another question. Where does the data come from? The data will come from multiple sources. As I stated for the connection map, that's fairly simple. Now for the more specific censorship information, we actually need a data collection system. Now there is currently a data collection system being developed called Uniprobe, which intends to do exactly that. So that would be a system that could for instance verify whether the DNS reply that someone gets from a specific country is actually giving the IP address that it's supposed to give. When you make the visualization, you will try also to aggregate different contexts like security tools or political context or pornography. Is it possible to make this kind of aggregation? Yes, it's definitely possible. At the moment we don't have plans to do all of that. We're fairly limited in our scope right now. But the whole intention is to collect, we're assuming that we'll collect so much data that is not specifically relevant for what we intend to do today that we will be able to continuously create new contextual information. And this is the second question. A possible list of context updated where should be obtained? Come again? A list of context for automatically understand that a specific site censored is rated on a political context or not an example. How should be obtained? How would that contextual aggregation be taking place? Well, the datasets are coming in basically through timestamp. So if you have a specific idea, you can access the source data and try and correlate various datasets one to another. An example is like we had a discussion yesterday with the people from journalists without borders. And we figured out that there would be an opportunity for them to create an XML feed based on tags whenever they get reports of certain specific things. Now if we have such a feed and we then have the technical data about the fact that in a certain area there was a massive drop in connectivity, or we have detected that there's been hijacking of Gmail or something of that sort, you would be able to correlate those incidents to that technical information. Any more questions? For the connectivity status, do you intend to run servers in many, many countries? No, for the connectivity status, because the thing is what we're interested in is whether people can reach the systems that they want to reach. That's what we're interested in. And that is information that already exists because those systems have that information. Those systems are aware of the amount of connections they're getting per day, per hour, per minute, and they know how many connections they're supposed to expect, and most of this is all logged and already existing. So by taking multiple of these massively distributed systems, such as Google, such as Facebook, such as Twitter, my assumption is that we can reliably create a connection map. What about corporate information which is secret? So can somebody drop information which is normally left behind, for example, large DDoS attack on a site which is not reported in the public, or something which has not the awareness it should have because it's behind the corporate firewall? I'm not sure I understand the question. Is it only about public information, or is it also about something somebody gets knowledge of? For example, some secret actions behind the corporate firewall, which should be public? If we cannot verify the source, we cannot use it in our dataset. So a single report, for instance, the example of journalists without borders would be that they would not be the only instance, and there would be a big caveat saying that we have a report but we have no verification. Now if you have, on average, one report without verification and all of a sudden you get 100 reports without verification, you can then fairly safely assume that something might be going on. But again, we're not making absolute statements, so we're not saying that if you see it on this map, it is absolutely happening. So in your example, no, there would be one source, so we would not be able to process that. I just have a small question. Could you probably go back one slide because I think then the whole information about one country would be visible? Here we are. Ah, I see. Thank you. Right. Next question. Do you know how much resources you will need to keep this project going, sort of once you have it set up? And do you have a plan for funding or otherwise making those resources happen, people and computers? Yeah, but we're currently talking to a number of parties to acquire funding. The Dutch Ministry of Foreign Affairs is one they're currently explaining to us how to get funding from them. And we have some other organizations as well that we are talking to. Now as the amount of resources, obviously they will be quite extensive. We are aware of this, but currently we're specifically looking into the acquisition of the data sources and not so much into the resources that will be needed. But we are in the design that we've made for the environment we have incorporated some level of scalability. More questions? A wonderful one question from the IRC. The IRC wants to know what is the institutional background from the project? Come again? What is the institutional background from the project? Is it a sociology, university, or a company, or is it just you interested in it? It's me and another 15 people or so. Okay, my personal background is... Well, what is my personal background? Okay, so the concept of the project came from Egypt being turned off, basically. Egypt being turned off and then some people said, well, you know, why didn't we know about that? Can't we see that? Is there a faster way of doing that or like, what can we do? I was not part of that group at that time. At a certain point we met and it turned out that they had a mostly conceptual interpretation of the project. I have a technical background and started thinking about how can we actually acquire all this information, what kind of information we need, from what sources, and how can we relate them one to the other. So no, we are not a company. There are a number of organizations associated with it. So that's the institutional background. Hi, maybe I can add something to that and part of the project. The very, very beginning of the project began just before the whole Egypt thing. Douglas Rushcroft in New York had begun asking about the control of the internet, that the internet was now not a yes or no, is it good, is it bad, it just is. And who was having the control of that at that moment in time, then we in an organization called the Peer to Peer Foundation were involved in investigating that. When the Egypt event happened that just confirmed or seemed to confirm that status and we began to look at okay, we're in this situation, how can we actually see what's going on? We thought that would be easy. Clearly we were very, very naive. And then we began to look around for people that had the experience and the ability to do that and then the project has gone, it's taken on its own life since then. So there's no one institution or organization behind it now. It's just a group of people that came together that were concerned about this issue. And at the moment we're also reaching out to other organizations, for example, as we were saying reporters without borders or whoever, that can provide the other contextual information. So it would actually, what we're looking for in that sense is partnerships with existing groups and other groups that can provide us information that we can provide back a useful resource that anybody can access. And there's another really big problem with this type of data. If you don't have the background, it's very hard to make understandable why it is important to know what's going on on this level, hence all the contextual information. Because we have a big problem at the moment with legislators, judicators, reporters. Basically anyone involved in the four states of our societies believing that something fundamentally new is going on with the internet or with anything that is digital. Hence we have misnomers such as digital crime, such as digital rights, internet freedom. All of these are horrendous misnomers because we're obviously talking about freedom, we're talking about civil rights, we're talking about human rights and they are no different. The only thing that is different now is the way the elements of society are presented. And there is no fundamental problem but because there is that essential misunderstanding, we are actually ending up with legislators that believe that they need to apply new legislation. Take secrecy of correspondence for instance. If I would now propose a piece of legislation which would say that all postal services would be obliged to take the letter that you're sending to that they're receiving from someone, write down who sent it and who it's addressed to, maybe even open it to making a copy of it, sticking it into a big physical file and then sending it onto everyone everywhere, whether it's a 96 year old granny or someone who doesn't even know how to read or write, we'll be aware of the fact that that would be absolutely ludicrous and we'll say no, we cannot tolerate that. The problem is that with something like the data retention law, this is already the case. This legislation has already been implemented. Now I believe a lot of the people involved are not acting out of malevolence, but they're acting out of a fundamental misunderstanding. And we're hoping to be able to, by being able to present this type of information in a contextualized way, we could hopefully remove this essential misunderstanding. So we have time for two or three more questions, any signs? I will ask my question first and your audio angel is coming over. Well, I'm not that deeply into how the internet works. I study bioinformatics, so I have one question. How do I hack your system, at least part of it when I'm in an evil country? Well, that's a very good question. Well, you could of course start sending bad data, definitely. And apart from that, I really wouldn't know how to. But the thing is the bad data should show up as aberrant information, because like I said, we are relating various data sources to each other. So again, a single source of data is not going to tell you very much. And to make any type of conclusion from a single source of data is not going to be valid. Now, I'm sure there's going to be much smarter ways of polluting the data set, but at the moment we're not at the stage where this is an issue. Another question. Connectivity status. I understand it's quite easy to find out like Egypt has been switched off. They had a lot of contact before and then you don't have a lot of contact anymore. But what about if a certain country has a dictatorship and has had it for years and people just couldn't or only one percent of the population could only reach the service they wanted to, how would that show up on your map? Well again, the only thing that would show up if there's a relative drop of connectivity, so then it would be this privileged group of people that would no longer have connectivity. Now the assumption there of course is that that's most likely a technical problem because they're not going to be cut off for political reasons. However, you could potentially relate the amount of internet users in context to the population with other sources of information such as those of journalists without borders, such as various legislation that has been published about that country. So again, it's about context. So, one more question somewhere? None anymore? Then thank you very much. It was very interesting. Okay, thank you. And I think we managed it, I would say. So, give him a really big round of applause for his work.