Sunday, December 13, 2015

Pablo F. Iglesias: "Massive tracking does not help against terrorism"

Pablo F. Iglesias. Digital watchman.


If you look for Pablo F. Iglesias in Google you will find his Twitter account, his website, his Linkedin account, his YouTube account, his About.me profile, his Facebook profile and another one on Google+. There are a lot of Pablo Iglesias in the world, but this one is a 'crack' of the social Internet and that is why he occupies the first page Google. And what are we doing talking about him, when this is a computer security blog? OK. Pablo also manages about it, hugely.

Pablo AKA PabloYglesias, was born 28 years ago in Mieres, a small mining town of Asturias. He studied Telecommunications Engineering degree, but the third year he was so bored and turned for Fine Arts. Affable man, proud dad of two cats, the beard can not hide his good person face. He works on analytical and digital surveillance for SocialBrains and advises SMEs on what is called "digital transformation". He still has time to write on his blog, placed just fourth in the Spanish Bitácoras' Blogs Awards for Best Information Security Blog.

- To talk about you is to talk about your blog.

- The blog was born and more than 3 years and a half ago, and now it has 30,000 monthly users. What encourages me to go on is the Community of New Technologies and Information Security, up to more than 1,000 members. We have recently implemented a micropatronage system to have more direct contact with patrons and to hold objectivity in technological analysis.

- You are a rare specimen: someone who knows about security and social networking, networking, reputation... Which one was the first one?

- Believe me! It is not the first time anyone calls me weird. But I'll tell you a secret... Weirds are the others! Seriously, I think in XXI century any individual should be interested in more and more areas of greater knowledge. It is something we should learn from classical Greek culture.

Now society values ​​specialist profiles over generalist ones, but it should be neither one nor the other. Moreover, this is happening really now, for example in this industry: there is already a lack of expertise in humanities at scenarios that were intended exclusively for engineers, such as artificial intelligence and computer security.

It's useless a purely objective system installed in a car when it must decide who will be damaged in an unavoidable accident. Here ethical factors also comes into play. They must be considered in the design, and unfortunately engineers are not ready for this (it is not their competence).

On the other hand, tell me the good of having the best securized, if in the end the bad will apply social engineering against the user, harming the whole system. Would not it be better to spend some of that work in training users, in the democratization of technology?

- I mean, computer security lacks networking :)

- It is not only is networking, it lacks communication. We need more proposals like this one, CIGTR, carrying technology to the masses. Because in the end, those of us that we're in on it, we like "tinkering" and spend hours troubleshooting, but the rest of society is expecting technology as a mere tool to improve their lifes, not a problem requiring prior learning and further hindering anything to be done.

Take an example: most security systems are based on actions by the user (dual factor authentication, setting questions to recover passwords...). If we want security becomes critical for business and affordable for the customer, it should work at the expense of them. It should stop being a problem and become a solution, something that is not annoying, but sirable.


- You are also devoted to privacy. Do you think it's dead, as some guru said long ago?

- It is not dead. It is part of our instincts as human beings. The identity of the individual would be meaningless without those limits drawing privacy. However, and let me act as the devil's advocate, what is going to change (it has changed and it will change), is the concept of privacy itself, how far these limits will reach. A few years ago it seemed unthinkable that someone would accept willingly a 24/7 device in the pocket. that allows keeping in touch with everyone. So now it seems unforgivable that a large company exploit all our digital history to improve a service that is given "for free"... Time to time.

The boundaries of what we consider private or public are malleable and depend heavily on the confidence from these new agents. Today they are the social networks, the great internet services, the governments, but tomorrow will be others. Everything is based, therefore, on what guarantees they provide.

- I love your blog because you always have an alternative and insight view of the great topics. May I ask for some of them and you give me your opinion in a few lines?

- Come on, shoot!

- First one: electronic monitoring of states to thir citizens.

- Heavy strong, haha. Well, they try to sugar the pill to us, but mass monitoring does not help to fight terrorism or to protect the security of our children. The only reason for a Control System is precisely to control the citizenry.

Whether deliberate or not, watch out. Workers intelligence agencies are not demons. But you start with that, and then you go on spying on conversations, and then leveraging that knowledge to pervert the vote of citizens, or to manage the speech on specific topics more effectively.

Fighting terrorism requires financial suffocating, and creating a well-educated society that is able to prevail over the recruitment systems of these groups. Massive monitoring will not do, since bad guys will always have tools to coordinate.

- Second one, license requesting (hacker card) to computer security companies.

- A measure exactly like the one by the Russian government to force any blogger to be identified in a list with its real name. Just like the mesured that Cameron government tried to set up in UK to specifically ask anyone who would consume pornography at home to be in a list, so that its ISP give access to such content.

I'll just say one thing. Between 1940 and 1942 Holland performed a census that, among other things, took information about religious preferences of each citizen. The government did with all the goodwill in the world (roughly allocate financial resources for the construction of churches or synagogues). When the Nazis arrived they found all the intelligence work done. Only 10% of Dutch Jews survived the Holocaust. The problem with these is not only with the uses nowadays, but which one will be performed tomorrow.

- Third one, that hacking tools are considered weapons under exports treaties, and with imprisonment for possession.

- Absurd, as usual. As some of the points of the TPP, which prohibits modifying technological products that are already yours because you bought them. It is aimed precisely to criminalize hacking in its primary definition: exploring the boundaries of reality and find alternative ways not covered by the system.

That, in a society based on the static movement (to pretend that everything changes when everything is exactly the same) is annoying. It iis dangerous, they think, citizens with tools to show abuses of the establishment, so it must be eradicated at all costs. By the way, hackers, run to get listed. You will see really soon the benefits for you :)

- Fourth one: Google.

- Hahaha, I rock them hard, but I'm the first to use most of their services. The knowledge that Google has form each of us is the best gasoline to improve other services they offer, and that is a vicious circle that ultimately make you explode the head. There is no privacy at Google, but for now I do believe that Google provides guarantees to yield some of that privacy. Because, as a corporation, it is interested in the user feeling to have those guarantees, and it will not hesitate to strengthen and securize their systems to prevent others (whether a government or their own workers) to take advantage of the gold mine under the skirt.

- Fifth one: adblocker, malware... what way remains for Internet advertising?

- A lot of ways, as long as the industry is able to place the common sense before sales departments say. The user does not care to consume advertising if the advertising is aimed to provide value, and it does so with appropriate tools and noninvasive channels. Advertising works on Instagram or Snaptchat. Sponsored articles and videos, while they are made thinking in the audience and not in the one financing them, too. The Internet business goes on, and it presumably will remain advertising business, but it must find ways not to be annoying and not to track the user everytime, everywhere.

- Finally... is there any sentence guiding your steps, that has not yet become a password?

- How about this?

"Access to information is the best weapon the people have to own their future."


Text: Mercè Molist

0 comments:

Post a Comment