Rewire: software against fascism
“That one. Austin. Get him!”
It was the Spring of 2012. Occupy Wall Street had captured the world’s attention, and months after our eviction from Zuccotti Park, daily marches were still shaking the streets of New York City’s Financial District. I’d left my job to get involved in the burgeoning social movement brought to world attention after footage of police pepper-spraying peaceful protesters went viral. Shortly after first setting foot in Liberty Square, I had become a core member of Occupy’s Direct Action Working Group.
“Get him!”
No sooner had the barked orders left the mouth of the grim-faced commanding officer, than two adrenaline-saturated, muscle-bound men lunged into the crowd, grabbed my arms from both sides, and dragged me into police custody. I had been doing nothing but walking amidst the crowd, chanting “Banks got bailed out, we got sold out!” But the point was not what I was doing. The point was that I had been identified as a leader. And as such: a target.
As the months progressed and the social fabric of our movement unravelled, the stories piled up: coordinators unnerved by noticing the same undercover cop car had parked outside their house for weeks; friends developing anxiety disorders after being arrested before dawn as they stepped out of their houses; friendships torn apart after insinuations that a colleague was a “snitch;” journalists documenting the systematic infiltration and surveillance of our movement from public agencies like the FBI to private ones like Stratfor.
Over time, Occupy Wall Street’s direct action wing ceased to function as we were systematically surveiled, identified, and bullied. What functioning communication channels we had were cast under continuous suspicion and paranoia until we no longer felt safe talking over them. This was the heavy blow of surveillance and infiltration: it took away from our movement’s ability to talk to one another and trust one another. It robbed us of freely flowing discourse, the lifeblood of any democracy.
Independent Media Under Threat
Fast-forward six years later. I woke up to read a newspaper headline that the Trump Administration had issued FISA warrants to intercept the communications of the Associated Press, allowing all communications of the AP to be targeted for surveillance. The warrant was issued by the same secret courts that approved the NSA’s mass surveillance of Gmail. According to the article’s sources, the goal of the warrant was to to incriminate leakers smuggling out the truth of the White House’s actions to the public. The repressive machine we had seen develop against activists was now being aimed at the media itself.
Under Trump, the free press has become an enemy of the state. Previously, journalists and many others considered themselves safe, exercising their constitutional rights to report on the wrongdoings of government. Today, President Trump has openly declared journalists — and nearly anyone else who opposes him — as a public enemy. While journalists outside the United States have long had to fight threats of torture and surveillance in countries from Mexico to Morocco to Myanmar, the war against the free was being brought home.
Recently, our co-founder Harry Halpin was advising a course at Harvard when the former Director of Compliance of the NSA came into give a guest lecture. After the public lecture ended, he admitted that while NSA mass surveillance programs had hoovered up the data of ordinary Americans, their focus had always been on foreign nation states. No longer. The former NSA agent feared that tremendous surveillance powers were about to be handed over from the NSA to the FBI and local police, with the goal of destroying domestic dissent against Trump.
If the powerful forces of big data are being turned against domestic protest and the free press, we can see why even the NSA is panicking.
Traditional Silicon Valley can’t save us
Once upon a time, we were promised an internet that would emancipate humanity and allow us to connect with one another more directly. The internet’s decentralization, we were told, made it fundamentally democratic. Unlike all previous forms of communication that relied on centralized models, the internet would usher in new possibilities for people to communicate in their own voice.
Something strange happened on the way to information utopia. It turned out the decentralized infrastructure that offered so much promise was also good at gathering information. Every click, every like, every purchase, every walk down the block — ‘store-it-all’ became the new mantra as MapReduce-inspired databases and machine learning allowed us to make rational sense, for the first time, of a tidal wave of captured information.
But now we know that the lines are blurred between government surveillance and surveillance as a business model. Now we know that exporting this model to repressive regimes results in people being tortured and murdered. Now we know that systems of total surveillance built under a benign regime can look quite different under a malevolent one.
Can internet companies save us from themselves?
Of the titans, the monopoly rents enjoyed by Google and Facebook rely on information capture. Microsoft’s monopoly position did not require surveillance, but it recently decided its fate lies in copying Google. Amazon’s feudal kingdom could function fine without endless tracking, but it has chosen to embrace the model nonetheless. Apple continues to flirt with privacy-enhancing technology, but as a hardware company that happens to write software, their attempts are limited to the walled garden of their own devices.
What about the up-starts? There are dozens of companies old and new promising to save us. They will all fail. The scope of the problem requires a much deeper approach than directing users to a single application, or selling their behavior, or only supporting enterprise, or custom-rolling proprietary crypto that no one can trust.
Closed-source software, even if run on your own computer, is by definition a “black box” that could be doing anything — including spying on you by turning on your microphone and video-camera without you knowing. Only open-source software can be audited by experts to make sure it’s not secretly spying on you or vulnerable to malicious cyberattacks.
In order to revive the old promise of a democratic internet, we need to solve some of the hard problems that have kept truly secure tools marginal and difficult to use. No one yet has solid, scalable solutions for public key validation, secure cloud storage, or preventing metadata from revealing our social networks. These are not minor problems: they are essential requirements for a technology to support true information security.
We are the change we’ve been waiting for
Luckily, there have been activist programmers fighting mass surveillance and defending independent media since 1999. Through decades of experience, they have worked together to defend hundreds of thousands of high-risk activists via technology collectives such as Riseup.net, Indymedia and May First. From Laura Poitras breaking Snowden’s NSA leaks to the YPG fighting ISIS in Syria, the most at-risk reporters and freedom fighters have depended on infrastructure set up and secured by these information activists. These techno-activists have set up encrypted connections between email providers long before Gmail, fought off requests for user data in court that Silicon Valley would easily cave in on, and provided VPN services to prevent Internet censorship.
For years, many people thought that these activists were perhaps being overly paranoid. No longer. Today the threats facing a minority of high-risk activists are going mainstream. The threats facing a law-abiding liberal in the USA may soon be the same that faced activists in the Arab Spring. Now is the right time to bring solutions from open-source hackers, cryptographers and anti-surveillance activists to everyone coming under threat. Open-source technology reaches maturity and widespread adoption only when there is strong backing by businesses invested in back-stopping the technology’s development and maintenance, as shown by the relationship of Red Hat to Linux.
Right now, Silicon Valley claims that there aren’t large markets for privacy-enhanced technologies that don’t rely on tracking and advertising for revenue. We believe there is a real demand that far outstrips supply. It’s not just journalists and activists that need privacy and security. Governments and enterprises in Europe and the Global South know they are under surveillance by government powers including not only the United States but also Russia and China. They have no trustworthy options to turn to. For example, the main provider of VPNs globally is Cisco, whose routers were shown to have surveillance software installed by the NSA.
The Rewire solution
Rewire is a new company founded to bring open-source security to market. Our mission is to create tools for the consumer, media, enterprise and government markets that ensure everyone has the right to secure and private communication. Based on decades of experience and collaborations with the world’s best cryptographers and privacy experts, we’re ready to bring secure communication to a mass audience.
Our easy to use and “always on” VPN encrypts all data from the client to the internet, preventing anyone from a hacker in a cafe to the local authoritarian regime from spying on your connection. Our encrypted email service allows email to be encrypted and synchronized across your devices without making you understand obscure cryptographic jargon like key validation and fingerprints. In most situations, the map of who is talking with whom is incredibly sensitive information, so we’re also working on cutting edge mix-networking software that can defeat metadata tracking even more robustly than Tor against nation-state level adversaries with NSA-level capabilities.
Unlike other “secure” services that simply ask for you to trust them, we secure and upgrade your own existing infrastructure. We’re creating simple APIs to allow for authentication, registration and federation for privacy-enhanced software so all of these technologies can be easily self-hosted and integrated with existing software used by your organization without having to hire a staff security expert and cryptographer. And if you do need to talk to us, we are happy to provide appropriate technical support and modify the software to suit your needs. As the software is all open-source, you will have access to the code for eternity, as will third-party auditors, so you know you’re being protected.
The need has never been greater. When humans are watched, they self-censor their thoughts. If freedom of expression is the lifeblood of democratic discourse, it is no exaggeration to say that our current path of increasing surveillance in all aspects of our lives is on a collision course with the concept of democracy itself. We believe that by creating the kinds of software that defends our right to communicate with each other securely and privately, we are creating the foundations for a free and democratic society. Software may be one of our last, best hopes against fascism, and democracy is worth more than any amount of money.