In fact, I’d gotten so tired of explaining twitter’s promise at the time that I wrote blog posts in 2008 and again in 2009 about how powerful twitter was as an outreach tool to convince people about its value.
2009 was also the first year of “twitter revolutions” around the world. My 2009 post from June of that year highlighted how twitter delayed some planned downtime to work around Iranian protests leveraging twitter. This would be the seed of many many things to come - Tunisia’s revolution, #Jan25 in Egypt’s Tahrir Square, and the “Arab spring”, the Moldovan #pman Twitter Revolution, and countless cracks in the control of traditional, often state-controlled, media.
2009, not coincidentally, also was the year of Clinton’s famous speech on Internet Freedom, launching investment in anti-censorship, digital safety, and digital rights support that continues with substantial impacts to this day.
As Twitter changes to X, cementing its new form of existence, I reflect on my writing from that decade with a deep sadness. We had this glimpse of hope around people using the Internet - and often Twitter specifically - to connect, build, and organize to improve their lives and their countries. Truly, this was the scaled, more equal and global promise of the Internet that I grew up with.
That energy and excitement is gone, and as I (unfortunately) predicted at the time, the SMS/twitter honeymoon ended and the authoritarians caught up. The world has become a darker and more divided place. We have seen a metastasizing spread of digital authoritarianism worldwide, and the tools we saw as liberating are just as often now surveilling or censoring us.
The world has changed, and our approach needs to evolve and adapt. The core promise of an open, interoperable, resilient and secure Internet still exists. In fact, the community-run, interoperable fediverse feels particularly well-aligned with this vision.
So as we say goodbye to Twitter, which captured the world’s imagination and opened so many doors for us in advancing an open and global Internet, We need to be thoughtful in our next steps.
How we achieve an open Internet is deeply tied to the goal of an open Internet itself. As an Internet Freedom and Digital Rights community, it’s time to move over to the fediverse. It’s imperfect - much like the 2009 twitter – it is confusing, weird, and just different. Unlike the 2009 twitter, it’s open source, non-profit, and community-run. It both needs - and can actually benefit from - our hands-on help. (A huge thanks in particular to some community members who have built instances specifically for the NGO / rights community )
Better worlds are possible - but sometimes it is us who have to do the work. Let Twitter’s end turn into a better - and different - beginning.
]]>Exclusionary hatespeech can (and does) fester on its own servers, but we have no responsibility to help it spread across the rest of the fediverse. I wrote about this last year, but it will be critical, immediately, to stand together (and listen to!) with victims of harassment as Mastodon scales. Failing to do that might not immediately impact the cis-white-techy-early-adopter culture, but it will eat at the community and kill it off sooner than you might think. This is hard, and early adopters like myself (see above) will need to face some bitter truths relatively quickly and repsectfully.
Griefers, trolls, hatespeech, and personal attacks will build. They are already and will continue to disproportionatly target women, BIPOC, LGBTQIA+, and marginalized communities in the fediverse as elsewhere. I’ve seen a variety of advice basically saying “block early, block often” – and I think that’s great. Let us all – as users and admins – start fresh, in allyship, and with a clear signal that we’re not here to deal with bullshit. Mastodon has a better starting position as a platform with built in moderation tools, ways to export and import block lists at the user and server level, content warnings and (overly complex) post privacy settings show an amazing amount of thought baked in, which will serve the growing community well.
…but this itself won’t be enough.
Mastodon does not have a seasoned, scaled, round-the-clock, multilingual content moderation team. Each server has its singular admin and maybe some (likely volunteer) moderators. Without diverse voices, Mastodon will not thrive. We are going to have to adapt to leveraging the tools Mastodon does have, but in ways that don’t continue to alienate communities. I think there is a path through here, but it is going to take people doing moderation work to be careful, and educate themselves on some sharp corners of our world.
On top of that, we’re already starting to see a few community divides on policy issues around who to allow in, and what servers have done de-federating-level offenses in increasingly fuzzy areas. I think these are to be expected, and will point the way to some visualizations and features help users and administrators understand what federation looks like.
As trolling gets worse, it will tax server admins, driving increased needs for support strategies for them to manage disputes and build up moderation support.
At the same time, relatively boring but impactful attacks will probably start targeting instances – from just griefers to people angry at instances for blocking their server, objections to policy calls, and so on. These will be DDoS attacks of varying levels, as well as targeting well-trodden vulnerabilities. Skilled server admins already have some good tools to deal with this, but it will add another layer of noise, cost, and complexity for admins.
Both of these will reduce hobbyist hosts (like myself) and cause some level of centralization in larger, more resourced instances – though it would be great to see tool suites built up to help defensive work on this continue to scale to the entire server host community.
Incentivized adversaries will get beyond where user and instance blocking is sufficient if there’s value in doing so.
The fediverse needs to start building processes and systems for semi-automated threat information sharing and management, and find ways to build it to thrive in a closed community among trusted server admins, with a process to feed it out, openly, to all admins. This system will provide the speed and trust to tamp down malicious actors while also building a high-trust community which can also respond to future emergent attacks. (Yes, this is something I’ve been hammering on for human rights tech for a while.)
First, consensus on complex policy calls on emergent, rapidly-evolving problems will be hard. Sure, each instance can decide independently, but this further squeezes small and medium sized instances. The best option will be information and policy sharing among instances, but openly dealing with subtle operations by well-resourced adversaries — at scale and across instances — is going to be ROUGH. We’re not even talking nation-state actors, merely dedicated scammers/spammers.
Looking further forward, the Mastodon fediverse will need to figure out how to deal with user-data requests, subpoenas, and all sorts of challenges which can directly impact the livelihoods of server admins as well as the code contributor community. These will come from all sorts of places, and make the open policy consensus and threat information sharing problems vastly more complex.
Both democracies and authoritarian states around the world have made it clear that they will straight up imprison people who are refusing access to data, good faith code contributors, as well as try to implant bad faith ones to get their way. This will impact where admins can live and where they can travel. It impacts where they host their servers, and whose code they accept. Again, there are some ways to minimize impacts on this for most users/servers – from moving to reproducible builds and really tight code to app security processes, log minimization, regular public security audits, and maybe (while drawing in its own risks) somehow adding e2ee for DMs to simply erase what data a server admin has access to that isn’t public. But again, this also adds steep further requirements onto instance hosts.
All of this is not to be discouraging, but to think about what we need for this crazy experiment to work, and to scale enough to keep working. We all deserve it.
And I get it. Mastodon is different. It can be a bit unpolished. It can be slow. There are some confusing parts of it, in comparison to other social platforms. The DM system is … not a DM system – it’s also something different, and it’s own unique feature, but the usability for a DM experience for users, it is not.
Moving to Mastodon will require learning a new system and re-building your network and recreating lists and and and… There is absolutely privilege in having the time to bother with this all.
But look, first off – you don’t have to use it. I too am sad about what is happening to twitter, but it will probably (OK, maybe at this rate?) limp along for quite some time. There are other options out there if you’re OK with a more photo- or video- centric life.
Mastodon is not a drop-in twitter replacement. It shouldn’t be. It’s a federated group of server admins banding together to give something that’s currently algorithm, tracker, and ad free. Will that work out? I dare not hope. There is such a vast opportunity in this moment.
Is there more to fix? Oh hell yes. Will it have scale problems? Yes. Will trolls, spammers, and more complex adversaries come and cause problems? Way more than most realize. Will we have harassment, sexism, racism, and all the rest, targeting women, BIPOC, LGBTQIA¸ and vulnerable and under-represented people using the platform? Yes, and it’s already happening. Mastodon is still just technology, and won’t fix these problems by being different technology.
But Mastodon deserves our patience, support, and a bit of grace.
Today, it is a lot of burnt out mostly or wholly volunteer sysadmins, working long hours, trying to manage the user influx while also patching code and optimizing systems, funding server hosting costs from their pockets and donations.
But, here we are, using a community managed and owned, open source social network. This is happening. And, it is with tool that has a strong focus on code of conduct, content warnings/consent, user and admin-level content moderation tools already built in, accessibility tools, decent translations, and a path to try and sustain this by keeping each server’s community to a manageable size (theoretically).
All these things we as human rights advocates have been hoping for and asking for, and here we have an open source platform which listened, and which is facing a daunting onslaught of people trying to replace twitter with it all at once.
It is on all of us to help support and shape it to be the platform we want. Let us not give up this incredible opportunity because it is not delivered as immediately perfect.
]]>We were conflicted. The project was important, deeply aligned with our mission, and unrelated to their industry. They’d get some good PR out of it, to be sure – but should we accept?
We called up our colleague to discuss the ups and downs of it, ready to accept turning this down and deciding that the money was too dirty. She interrupted us in the middle of our “pitch” and told us something to the effect of this:
“Take their money. Take as much as you can – take every goddamned cent you can get and then go and do good with it, because they cannot and will not.”
This has since guided my take on funding for many years. I’m solidly on record for against getting caught up too much in restricting oneself to only “pure” money when seeking grant funding sources for your work. This is partially because I simply don’t think that there is such a thing as “pure” funding sources. However, I do strongly believe that there are important moral lines in doing grant-funded work that we should be careful to either never cross, or cross with extreme caution.
Let’s start with “purity” in funding. Depending on your specific sector, you may be looking at some collection of local/regional/topical/huge foundations, companies, governments, or people. Let me run through these, with two caveats up front - there are exceptions on both sides for each of these, and there is a deeper structural issue we perhaps should focus more on.
The vast majority of foundations are spun up from the wealth of large companies or people, and while the foundation itself may (or may not) be an independent entity, it’s not like the money just “appeared” and is not tainted by where it came from. The benefit here, especially for established, older foundations, is that the wealth is simply self-sustaining at this point, as opposed to being continuously replenished from ongoing corporate practices. Foundations (and/or corporate social responsibility offices) which are connected to companies are no better than the company they are providing tax benefits and good PR for. This may be well aligned with your work and a mutually beneficial relationship, and that’s great when it happens.
Governments are a popular target for “pure” projects to reject funding from, and in my opinion this is equally morally ambiguous as taking money from corporations. Almost every government (and most corporations) is certain to be doing something abhorrent.
Finally - people. Arguably the “purest” form of funding would be that of your peers, pitching in on a project. My distaste here is that success stands upon a project’s ability to become visible and to continue to receive enough attention it can leverage for funding. The first step is strongly propped up by privilege of being able to volunteer time to a project until it is stable enough and exciting enough to go viral, and the second step often ends with organizations using clickbait tactics to drive outrage and engagement.
Similarly, (until we begin wresting with more structural issues) - why double charge individuals, who have already paid to corporations and governments with their privacy, health, or earned income? This also risks relying on the attention and philanthropy of privileged individuals, which can be just as much of a pressure of scope creep as the above. Finally, on the extreme end of the spectrum, we have hyper-rich individuals, who for the most part fall in the moral scope of foundations and corporations, looking to do good (or simply white-wash) their reputation.
A final option is to not go for funding. Volunteering is a wonderful thing; but it is also a choice of privilege that you have the spare income and time to commit to doing more than you’re already doing. It can also kill projects when this “Extra time” comes to an end due to life changes. It’s great, but it’s not a base to build a long-term project out of. Again, caveats as always.
So if all funding has downsides, how do you do good work?
1) Have a vision. Write it down. Share it maybe! Build a public and a private, detailed version of it. Stick to it. What work do you do? Why? How do you do it well? What do these reasons mean to you? Spell these things out.
2) Transparency – There is often value in anonymous donations, but opt for transparency where possible and have clear rules about what reasons allow for anonymity. I’d think that this doesn’t need saying, but obviously it does: don’t use anonymity to skirt laws or your other rules/morals you’ve laid out. Transparency should also apply to being clear when you are changing your vision or adjusting any of the rules you set out for yourself.
3) Reflection – Create and sustain processes around decision-making for funding. Does the money come with explicit or implicit requirements that pull you away from your vision? Is there an agenda (hidden or well-defined) in the funding source? Is the source in direct opposition to your work in any way? Can your accepting this funding be used in opposition to your work - by white-washing other misdeeds or tainting your work? The answers here are often impossibly fuzzy, but in concert with your vision and transparency decisions, a balance can be worked out.
If you run into snags here, are they ones you can mitigate or do you walk away? What are the implications of not taking the money - for your organization and its work, as well as what else will it get spent on?
These are not easy questions, and they never will be. If you don’t believe in the value of the work you are doing, they will be impossible to answer. On the flipside, if you don’t reflect and seek less biased input on your work, they may be too easy to answer. If you’re struggling but finding a path forward, though, welcome, and it’s OK, none of us are perfect here.
]]>Access to space technologies during the Ukraine invasion has been a crucial aspect of the conflict, from providing communications which are resilient to attacks on terrestrial infrastructure, to providing near-real-time, public verification of atrocities and troop movements by the Russian government to push back against disinformation. With the laudable efforts behind launching SIFU / Space Industry For Ukraine, this looks poised to continue and even pick up further momentum.
However, this role has not gone unnoticed. Ukraine has been a harsh wake-up call around the power of satellite technologies – as well as their fragility in times of crisis. Services from connectivity and communications to remote sensing are critical to protecting human rights and as such are now a target of authoritarian actors.
Satellite Infrastructure has its own resiliency problems Since February 2022, there have been significant attacks on space-based communications and related infrastructure connected to defending Ukraine:
CISA’s March 17 alert, “Strengthening Cybersecurity of SATCOM Network Providers and Customers” (AA22-076A) was incredibly pointed about the multiple vulnerabilities satellite operators – and the users of satellite communications – should be tracking and mitigating. From default passwords to limiting remote access capabilities to using encryption, it’s a laundry list of problems you don’t want to see on what is increasingly critical infrastructure for crises.
But it’s bigger than just infrastructure security and reliability. That’s today’s problem, and companies are responding to it.
The gravity of terrestrial laws is hard to escape.
We should expect to see the same authoritarian attacks on satellite technology providers across the spectrum of services from communications to remote sensing of radio and cell signatures to detailed imagery. Beyond the technical attacks already happening above, we should expect these all to be subject to government demands to hand over subscriber data, metadata, and potentially even communications content or the precise location of active users. This will be made even more complicated by the complicated reseller markets for satellite communications services.
These demands can be leveraged by business licenses (“do this or you’re blocked from selling in our country, or banned from lucrative gov contracting”), and potentially regulation of gateways / satellite earth station locations (and their upstream, terrestrial, Internet access). For some more extreme actors, the threat or even use of more direct force could be in play - from jamming (downlink jamming / locally or the much more aggressive form, uplink jamming, directed at the satellite itself), to laser dazzling, or even potential of damage to the satellite(s). Secure World Foundation tracks such Counterspace Capabilities in annual reports.
So how do we deal with this?
Immediately, our human rights community needs to tech up on satellite technology from a more adversarial lens - what risks are we not thinking about, what mitigations or tolerances do we need to agree on?
One of my last projects at Internews was launching the Satellite Safety Guide to provide an overview of known threats at a global, adversary-neutral level that can be a reference to help contextualize risk in specific situations by local experts. The core recommendations are currently translated into Burmese and Ukrainian, and the team is working to use the research there to refresh the 2012-era operational security guide by Small World News for wider consumption by end-users.
That’s tactical. Strategically, we need to be thinking about what known threats to communications providers and platforms we see today will apply to satellite communications and technologies. Most likely, the satellite industry will be facing off with local user data laws, splinternet/sovereign internet issues, and user record “requests”, and will probably get entangled in end-to-end encryption debates as well.
The satellite companies appear interested and willing to support humanitarian efforts such SIFU, and I believe we should take this momentum and make this a 2-way street, and bringing them in to spaces like RightsCon, GNI, and other bodies where we’ve dealt with these tensions.
Our human rights and technology community is painfully familiar with the need for policies and practices such as transparency reports) and accountability efforts like Ranking Digital Rights to create - and track - industry norms. Combined, these help deter overreach, and at a minimum provide public insight into who is asking for what.
UPDATE:
This article provides further context and depth on the value of space in conflict, and specifically as an infortmational asset: War in Ukraine highlights the growing strategic importance of private satellite companies – especially in times of conflict . A worthwhile thought exercise would be to take all the capacities discusses here and flip them to an adversarial context.
]]>The community of people working to support human rights defenders and at-risk communities as they navigate emerging risks of being online has expanded, diversified, and evolved significantly over the past decade. Many valuable community norms have become increasingly required standards, from an expectation that tools in this community use some form of open source license to an increasing requirement to go through a formal security audit before being rolled out to vulnerable populations. These are representative of some hard lessons learned around sustainability and responsibility in this space.
It’s time to start formalizing some more recent lessons learned - tool development that harbors abusers, rapists, and racists is not aligned with human rights.
To make tools that are more responsive to the threats faced by activists and marginalized communities around the world, we need to ensure this work is meaningfully inclusive. Not just in training, not just in outreach, not even just in usability testing, but in core development and ideation. This isn’t to say that many tools are not already doing this, but it should be the norm to build with, not for.
Choices around licensing, security audits, user engagement, and yes, even (especially) Codes of Conduct, provide critical signals to communities that their threat models are accounted for, and that their community is “welcome”. Open source (atop of many other benefits) provides an indication that the development is prioritizing long-term sustainability over profit and exclusion. Audits put user safety over speed of deployment. Any level of positive user engagement, from a welcoming “issue queue” to active engagement and feedback gathering provides a clear sign as to which communities the tool is focused on and responsive to.
We also must realize that this will be a change, and that as a community we need to build in support and help identify resources along the way to actively support this, not simply mandate it. A failure to do this will turn it into a box-checking exercise instead of meaningfully contributing to both high-quality work and actively building stronger, more diverse and inclusive tool creator/user teams. This means templates or even tools like the Code of Conduct builder, programs like Internews’ BASICS, and direct monetary support from funders in this space to support and encourage this work long before making it a condition.
This certainly is not new, and I’m certainly not the first to think this – the Code of Conduct builder alone has been working on this since 2015, and countless tool developers, funders, digital safery trainers are already working and quietly tracking which tools have responsibly dealt with (or prepared for having to deal with) finding an abuser in their ranks, and which ones have papered it over. It is long past time to formalize this.
We’ve had amazing people pass through the doors of our DC office(s), and the strength of global team we are today is one of the reasons I know it’s a great time for me to bounce without fear that I will leave a hole that the team cannot fill.
For the full story, follow my thread on Mastodon
None of this amazing work happened in a vacuum, though – our work is amazing because of our team and our partners are epic. Out of fear of forgetting to name drop someone, and respecting both teammates and partners who keep a low online profile, I won’t name names here. Our commitment to building and mentorship has meant we’ve supported staff on career journeys from program assistants to project leads and threat analysts, and have made welcomed “competitors” (if only from a funding perspective) out of partners.
There are a lot of really hard problems, and our only chance is to share, work together, and support each other - from building open content and code to seeing each other as equals. This is hard and I know I’ve failed at times, but the successes are systems-changing.
Showing up for each other, sometimes quietly and invisibly, but forcefully, matters. A special call-out to Babette and Haley, who have been amazing allies, confidants, leaders, fixers-of-all-the-things, and friends throughout my entire decade at Internews.
OK OK you’ve been very patient. I’m joining @seanwbrooks to help grow threat ideation at Meta. This work leverages threat intel to lead adversarial design and prepare for sophisticated attacks both against new products and based on world events.
I want to see and do this work at scale. It’ll be a huge change and learning opportunity, but I hope to bring my community-centric, pragmatic, and long-term approach with me.
My heart will forever be with the Internet Freedom community, so expect to see me back (professionally). Until then, most of you have my Signal already - if not, slide into my DMs.
]]>This is (hopefully!) the last post on my joncamfield.com drupal instance and will be the first on my new jekyll-bases static site. JonCamfield.com started many years ago (almost exactly 16 to be precise – 2006-03-30T16:30:22Z, according to whois), as I transitioned my online presence from my 90s-era handle to a more professional one.
JonCamfield.com got to start where my old blog let off, with a lot of hand-coded HTML, some server-side include magic, and MovableType to generate semi-static blog entries with some comment and trackback support. It’s probably worth noting that my first blog was actually a collection of artisanal, hand-coded perl scripts maximized to a workflow that centered on limited access to the Internet via cybercafes, where I would carry a floppy with photos and text files composed offline, FTP them to my website, and have these perl scripts ready to detect and HTML-ify into a blog post automagically. Yes kids, I’m that old.
ANYHOW. I’ve been at this blogging thing for a while. At some point around 2009, when I was also doing a lot of drupal work professionally, I moved my entire joncamfield.com site to Drupal (version 6 at the time). I dragged my feet but eventually had to upgrade to Drupal 7, and lost a ton of my favorite plugins along the way (SIMILE blog / http://simile-widgets.org/exhibit/ ), and rather soon thereafter also had to make the transition to Drupal 8.
I am no longer a “webmaster” in any real sense of the word anymore. I very much do not do websites professionally, and while I have been willing to manage my own Drupal site for 13 years (!!) now, I am facing having to do yet another substantive move to Drupal 9.
My webhost setup is not able to support D9, even though it is not adding any new functionality. The pace of these breaking changes, vast over-complication (for my use case) of features, and the substantively higher management needs are I hope balanced for professional use cases where there is a better scaled return.
But for this loyal Drupal sysadmin, I am tired, I have more important things in my world to focus my energy on, and I need something that just works, that is and stays secure, and that is simple. I am however super happy that Drupal survives and has a strong, ongoing support team on security improvements.
Overall I guess I am a bit sad about this. I know Wordpress solves this niche that can stretch from hobbyist user to professional, but I am sad to see Drupal feeling more and more like a professional-only, increasingly -as-a-service level tool. Perhaps I’m sad that I am not prioritizing time (and additional hosting costs) to keep up with where Drupal is going, but I feel I stuck it out over 13 years of upgrades and have paid my dues to have this opinion.
That said, I’ve been using static site generators for my professional sites for years now. I love the majority of their simplicity. Much of it feels like returning to my super weird server-side-html tricks from the 90s, but with better people than myself managing the codebase.
So, goodbye Drupal – it’s been good.
]]>Internet shutdowns continue to be used to silence voices, limit freedom of expression, restrict access to information, and disrupt the efforts of civil society, political opposition, and marginalized populations during political and social unrest. The past year has been a stark reminder of the willingness of governments to use complete Internet blackouts to exert illegitimate, authoritarian control over citizens, use political violence with impunity, restrict media coverage, and hamper human rights documentation efforts.
Through the use of intentionally timed blackouts, and violent attacks on human rights defenders (HRDs), protesters, media, and civil society, these shutdowns impact all citizens, even those trying to stay out of conflict. Everyone is put at risk when their ability to communicate is removed.
However, no one technology is a silver bullet. While satellite-based Internet is receiving increasing attention and continues to offer a unique solution to connectivity that is less reliant on local infrastructure, its use during crises is complicated, and absolutely not risk-free.
During a crisis, threat models are hyperlocal and evolve rapidly. Responding appropriately and effectively is simply beyond the abilities of any static document, international organization, or technology. This resource is built to provide on-the-ground digital and operational security experts with a reference of well-documented research into known capabilities a wide array of potential adversaries could leverage against satellite communications users to intercept or block their communications or even locate the device being used.
With this information and some suggestions for mitigating each risk, local experts will be able to more rapidly provide contextualized and nuanced guidance and help make risk-informed decisions.
As this is the first comprehensive risk review of satellite communications in a dexage, this first public draft is intended to help draw additional reviews and refinements, so feedback is welcome.
Next steps beyond this review stage are:
I hope maybe some people will maybe at least partially follow me out. You don’t have to leave – I know I also have friends who I only keep up with in facebook – but maybe we can also find other, truer parts of ourselves outside of the world of corporate surveillance?
Did we used to have out there conversations in LiveJournal threads? Get into philosophical arguments on a certain web forum/BBS system our friends held together? Did we walk around staring at the sky and caring for each other on 9/11? Have we traveled together, fallen down mountains together, had a good meal, a good drink, or even just a long email/DM/SMS/ytalk chat/IRC convo/USENET fight/ or whatever was the right communication channel of the day?
If so, I would /love/ to spend more real time sharing what’s happening with my life and learning about yours. This is an experiment to be both more social, and less on “social media”. I have created a personal and private account in what’s called Mastodon. It’s a federated, mostly-volunteer-led, decentralized social media/microblogging/twitter-ish thing. You can find me at https://social.joncamfield.com/@jon , but what you see there (unless you create an account and follow me, keep reading) will be only the public posts, visible to the world.
I am diving into deep water first and also hosting my own server, but please check out https://joinmastodon.org/ on how you can create an account on any of a number of community led and peer-managed sites, and use those to interact! It’s magical that way, in that any server can interact with any other server (unless Bad Things happen, but that is a feature of a decentralized world!)
I truly hope to see you sending me a follow request soon, and would love to answer any questions on how to get set up on this “fediverse” of accounts – or if this is too much, I’d also simply love to hear from you, see some photos, and hear how you’re doing.
]]>