telematics

User-Verifiable Telematics at the University of Washington Rome Center

Today at the Rome Center of University of Washington, the premiere state university of the state of Washington, located in Seattle, USA, the Founder of Telematics Freedom Foundation - Rufo Guerreschi - gave a talk about the User-Verifiable Telematics project.

The event took place at UW's Rome Center at 95 Piazza del Biscione, 3rd floor with post-graduate students.

You can:

Why citizens should fully control certain telematics services, and how they can actually do it!

It is not enough for citizens to be told to have certain rights as users of a given telematic service, under a license (such as FLOSS), or a legislations (such a national and global privacy protection regulations) or under a contract with the service provider (such as Terms of Use). To actually control a telematic service, or a web service, a user needs reasonable practical means to verify the software AND the hardware of all servers which run at and beyond the point of decryption of his communications with such service (or “end servers”).

 

If such “end servers” interact with other external network services, he will know - by having access to the code of the “end servers” - which services, and all the details and conditions of such interactions.

It is not at all feasible, nor necessary for most user scenarios, to control servers and networks in between the client device and the “end servers”, as we can extensively rely on decades-old tested encryption protocols and FLOSS software to secure from third-party interference through software, hardware and cables in between. True, there is a possibility that even those protocols may have been broken by some powerful third party through undisclosed computers and alghorythms, but it is a "very" remote possibility for a host of reason. We therefore advise it's use, even in the political arena, except for governmental elections and primaries.

In fact, the communication could be intercepted in between, but the content could not be read. It could be stopped or deviated in between, but there is free software that, installed on both client and server can certainly verify that it did happen.

This is not new. Democracies, for centuries now, have always provided citizens with reasonable means to verify that key constitutional rights were not widely abused. When I go to vote, I do not simply have the right that my vote be secret and fairly counted, but I rely on a good number of other citizens, randomly selected or with conflicting interests, which prevent the bad guys to put in place large scale abuses of such rights. There are also a number of process regulations, such as recounts, that further prevent such frauds.

In fact, in order to provide such concrete control over telematics, server rooms (or “cages”) hosting a such “free” telematic service could be physically managed applying those same (or enhanced) physical security provisions that are currently applied to ballot boxes during an election. In practice, physical access to such server room would be enabled only while 4 or more randomly selected or elected users (or citizens) are physically present.

According to this model of telematic service provisioning, anyone could deploy a “free” telematic services, by developing new software or freely installing or extending any publicly available FLOSS software, and running those according to such hosting requirements.

Anyone can do this, without breaching any FLOSS license, by requiring the signing of a copyright assignment, or similar statement, whenever users, or anyone, wants to access the software source code.

Here is a practical example of how a foundation or government can do that. We have in fact deployed such Code Access Policies for our telematics service for democratic organizing at do2gether.com.