specific provisions in the statute or by a general authority of the executive branch to make decisions about what issues to pursue through enforcement actions, call prosecutorial discretion. everybody agrees that the president does not or that you as internees to not have to enforce every statue to the full extent of the law, whenever a drug violation calms, let's give this one a pass. it is not important enough to devote the energy to. we have more important anti- terrorism issues. there is that kind of discretion. argument that presidents do not have the there is that fought that presidents do not have the power to exempt this by category. it is very is that

important to our distinction between ordinary exercises of discretion. law and larger ones that the president has been engaged in. we will eventually weigh in on that issue. my view will become insignificant. host: cases moving through now. what your out about the new challenges to the affordable care act which would've been talking about a lot this morning? what are going to be the things to watch in the coming year? guest: the supreme court had already granted review with a contraceptive mandate. the issue there is whether private for-profit operations whose owners have religious objection to providing access to contraceptives for insurance tons can be required purchase those plans for their employees. that issue is going to turn not

on the constitution but on a federal statute called the religious freedom act that said congress cannot impose substantial burdens on a religious exercise of individuals unless there's a substantial justification for it. whetherhe issues is these private conversation -- corporations are covered by the constitution or the religious restoration act with respect to religious conscience. ofre is resonance of united what people are saying. the opponents and supporters of the mandate are saying, how can corporations have religious conscience if they support speech but conscience is something internal to their head?

the court will decided that by the end of this year. the other issue that is still in the lower courts is a competent question about whether there can be subsidies for people who purchase insurance on the federal exchange and states over the states have not put out the exchanges. gethe texas, if you want to , purchase insurance, you have to go to the federal exchange. that itute is written provides subsidies to people who .uy them all state exchanges it is not clear it will provide subsidies to people who buy them on the federal exchanges. there is litigation about that going on in the lower court. on the latter when i would expect it eventually the federal changes will get the subsidies as well. host: victor is next on the line

for democrats. good morning. caller: good morning. merry christmas. i have two questions. is the -- the one that -- [indiscernible] me, it says that corporations being a person is an instrument by attorneys and makes them dots basically.- gods i do know that there has been a case or situation and the supreme court with a person with the oldest or the longest on the in the courts

automatically placed -- [indiscernible] and "-- opened up -- [indiscernible] guest: on the first question is important to emphasize that asking the question, are corporations people or persons is probably not the right way to frame the question. i want to emphasize from a constitutional lore yours point of view. there are prosecutions for engaging. -- constitutional lawyer's point of view. rightsve constitutional to a fair trial whether prosecuted for unlawful pollution. the real question is, do

corporations have constitutional force in a specific setting? and the contraceptive mandate, the issue is does a corporation have a right of freedom of conscience? was doesn'the issue have a right to free -- does it have a right to free speech? the answer will vary. underlyingn what the constitutional issue is. i should say that -- i have a chapter on united in the book as well and i say the bro problem is not as the corporation are persons part, straightforward to explain why corporations actually do have rights of freedom of expression. rather than the supreme court

doctrine that makes it extremely hard to limit the expenditures by anybody. if you're concerned about campaigns, the finance issues, that is the place to focus not on corporations. the court doctrine saying that again, it is really hard to justify restrictions on campaign expenditures. on seniority issue, the chief justice as nominated for the particular position. not to the seniormost member of the court. there are constitutional courts around the world that the chief justice is basically the most senior justice. therestem is one in which is a difference between the age of the chief justice and the most senior justice on the court. host: you talk about how justice roberts was originally going to be nominated with the intent of

moving into the chief justice spot. if you do talk about the history. guest: what happened was chief rehnquist was quite ill, had a certain kind of throat cancer. knew he was going to leave the court relatively soon. court.ed to stay on the justice o'connor had a husband who was quite ill and she wanted to leave the court, so that she could be with him and take care of him. she went to chief justice rehnquist and asked -- none of wanted to be two vacancies at the same time. they try to tame and dash time of their departures -- time

their departures. she asked if he planned to retire in in the coming year. he said, no, he planned to stay on. she announced her retirement. justice roberts was the on the court of appeals and was nominated initially to fill justice o'connor's position. justiceat, chief rehnquist passed away from his illness. that left two vacancies. been whenad always chief rehnquist left, roberts promotionme chief by or as it turned out directly. his nomination for her seat was withdrawn and resubmitted for the seat of the chief justice. justice alito was

nominated to fill the vacant o'connor seat. host: some discussion on twitter on the subject of the cameras in the court. video coverage would expose the justices and their questions and competence to being judged of by the public and they do not want to that. we have time for one more question. vida is waiting. you are on with mark tushnet author of the book "in the balance." guest: yes, good morning. what a wonderful time for me to say the decision by john roberts absolutely floored me. i never thought he was fitted to be a supreme court justice at all. to think you can tax the american people and to let the like bk gp --e on

the kgb, i no longer have faith in the court. this the absolute worst thing that is ever occurred. i saw earlier something on their that somebody sent in on twitter. or one of those. was justice roberts threatened? i have wondered that exact same thing. we have lost faith. anyone could make that type of decision and think it is ok. millions of people are against it. we wanted it repealed. that comes from a person who comes left or right. right now, i am leaning up. i do not know which way. think the only thing we

can say in response to that , thevation is that constitutional issues which is all i am concerned about about whether congress can impose a tax this year is like $95 on people who do not purchase issue --surance, that that constitution issue is relatively straightforward. judgmentters from that , they did not express a view on the constitutional question. what they said was that it was unreasonable to interpret the statute to impose a tax rather than be a regulatory mandate which is punished by failure to mandate is a punished by a financial exaction. chief justice roberts had a view

about interpreting statutes to make, constitutional. said, you can. he said it not the most natural reason statute. if you look at it carefully and , it has a lot of the characteristics of things we call it taxes. the statute does impose a tax and once you are over that hurdle from a constitutional lawyer point of view, imposing a is of not doing something fine. there are taxes -- there used to be, there was a court case about of peoplethe statues

who do not register as gamblers or register as people who sell unlawful drugs. they do not register. and the supreme court said that is fine. course, there is substantial disagreement with the affordable care act. we will see how it is working out as a matter of politics which is basically the way i system ought to work anyway. host: if you want to read more on his views, you could pick up the book that is "in the balance ." >> on the next "washington journal," henry smith discusses the top stories of 2013. you will also talk about his recent book, "who stole the american dream."

and we will welcome your comments on what the top news story of the year was. span. 7 a.m. eastern, on c- today, an encore presentation of "q&a." with the author who discussed his book, gift of the heart. here is more. asthe day that we arrived the new surgical team to take colleagues who , we saw the their first real casualty that i remember vividly. >> who was it? not the name. >> a young marine who had been injured by an ied, improvised explosive device.

man -- taking a quick step back, i was not kidding when i said that brooklyn was a formative place to grow up in, but it was also a formative place to train for medicine, trauma. i thought that i had seen the worst possible. gunshot wounds, stabbed moons, explosive injuries, motor vehicle accidents, anything. i felt very comfortable with my level of experience with trauma based on my experience. what i saw that day the first day that we were there, it is so hard to describe, even though i had been at walter reed for years before deploying and seeing individuals with extremity injuries, prosthetics, some of them still undergoing the additional surgeries they needed, i had not seen it wroth, in real-time, right after it

occurred. that is what i saw upon arriving. there was no delay. colleagues went to other areas where there were casualties for weeks or even months after. it the first day. >> that was a portion of the encore presentation of "q&a." you can see it today at 7 p.m. eastern, on c-span. says what he thinks, no matter what it is. i think you have to be political in a certain way. honest. to be but still, you have to cater to people. you have to know what they want and need in order to have them vote for you. is not being dishonest, it is just finding out what they want

and letting them know how you will help them with it. >> first ladies, influence and image, season two. on wednesday, highlights from our second season. weeknights, 9 p.m. eastern on c- span. a look at digital privacy and open source intelligence with remarks from a analysts,ecurity authors, and privacy analysts who spoke earlier this year at the annual chicago ideas forum for one hour and 40 minutes. >> ladies and gentlemen, please welcome our host this afternoon, ms. rebecca mackinnon.

>> good afternoon. thank you for coming. [applause] many people may not realize this, but 95% of people who are out there on the internet using their smartphones and so on can be identified and profiled by just for interactions through their mobile devices. if you post a tweet, check your bank account, send an e-mail, or check your facebook newsfeed, boom. some ad network is profiled you. the problem is that a lot of the companies collecting this data can not live up to their security claims. this data is vulnerable to hacking. security experts will tell you that any device connected to the internet can be hacked. that is not just your computers, or your smartphones, or your tablets. increasingly it becomes our cars that are connected to the

internet, your home security system, your medical devices, power plants, all of this is vulnerable to hacking. hacking is not just for criminals. governments all employee hackers. they dig up information on people outside of their country and people inside their country. as we have found from edward snowden who released a large trove of documents, our government, the nsa, exploits quite a lot of hacking techniques to acquire information. in a lot of cases, they do not

even have to hack you. if the company is in the jurisdiction of the government and they have the legal authority to act, they just demand it from the company. there we are. i am rebecca mackinnon. i am also the author of "consent of the networked." i am joined here today by five brilliant individuals. all of us will be telling you some things that are a little bit scary. the point is that knowledge is power. if we want to change the way things are today, if we want to build a world that we want to live in, you have to start by understanding how this digital environment works, what the threats are. with that, i will begin my little story. january 1990. was anybody using the internet in 1990? very good. in 1990, the berlin wall came down. these photographs are the ransacked offices of the stasi, the secret police. as east germany began to fall apart, protesters went into

these offices and ransacked the files. two years later, the unified democratic germany declassified all of the files. people could for the first time find out who had been spying on them for all of those years. people found out that neighbors, colleagues, sometimes lovers, symptoms spouses, sometimes parents or children were informing on them to the secret police. it was very traumatic. fast forward to 2009. the unified democratic berlin. a german politician exercises his right under german law to request data from his phone provider deutsche telekom on all of his movements over a six- month period. he takes is doing newspaper in a create an interactive graphic.

you can still visit it online. it has an entire log of all of his movements throughout that entire six-month period. this is the stasi's wet dream. it did not require neighbors and lovers to betray anybody. .this kind of digital dossier -- people can spy on all of us through our devices and platforms and networks that we are relying on for pretty much everything in our lives. the only difference between a dictatorship and a democracy in this digital age is going to be, do we have control over how information is collected over us? are we able to hold information collectors accountable?

do we understand who is collecting information and how it is being shared and with whom it is being shared? if there's accountability around that, and this is happening with some consent of the citizenry, then you have a chance of being a democracy. if not, you are going towards a dictatorship pretty fast. moving on to san francisco in 2006, a whistleblower named mark klein, who was a former employee of at&t, disclosed that the national security agency had built a secret room in that room building. a communications of millions of ordinary americans were routed through that building and were being siphoned off into the secret room as they pass through that building. a number of organizations try to see the government. those lawsuits have yet to go anywhere. the point being that we started to begin to get a picture of the surveillance that was going on.

how large that picture was and the extent of the surveillance, we are now coming to understand more fully, thanks to the leaked information by edward snowden. these nsa facilities are everywhere around the country. they're collecting data on a large percentage of americans. now of course, the internet is revolutionary. let's not deny that. the internet and mobile technology can be used by citizens to overthrow governments, to get opposition leader selected who would have no chance otherwise. this technology is very empowering. but at the same time, governments are doing everything they can to use their power over the commercial networks that are within their jurisdiction to

fight back. these photos are from state security headquarters outside of cairo in 2011. after the mubarak government fell, an activist got into the headquarters. some agents tried to shred documents, and people were posting them on twitter of course false however, there were rows and rows of files. people got in there and found their own files. there were reams and reams of e- mail transcripts. there were cell phone transcripts. there were conversation logs that people have thought had been secure. there was information about data that they have been uploading and downloading from the internet. it was all captured over their internet service providers.

using technology, the egyptian government -- they purchased the technology from a company affiliated with boeing. what is the point here? he point is that increasingly the relationship between citizens and their government is mediated through the internet. technologies are largely developed and operated by the private sector. you cannot assume that the internet is going to evolve in a way that actually empowers its citizens. if we want the internet to evolve in a way that is compatible with democracy, and compatible with human rights, compatible with the sort of society we want to live in, in which individual freedom is protected, we have to fight for it. just like you have to fight for freedom because you do not engage in the way in which your physical society is being governed. weber makes the most effort to shape that society will shape it

to their greatest advantage. this is what we need to be working on. as i mentioned, the internet is challenging. in a a lot of very important ways, governments are trying to fight back. interestingly, this is a map that was developed recently published recently by the oxford internet institute. they resized all of the countries on the planet based on their internet population. then they colored each country according to which website is the most visited website in that country. all of the red, those are countries where google is the most popular. all of the blue, countries where facebook is the most popular. china is a big green because that is baidu, a big internet company.

except for china, cause extent, iran, and russia, all of the other countries, the most dominant web services are american. knife you combine that information with what we are now learning about the nsa and the effect it has had and it's relatively unfettered access to information on communications happening on these websites -- arguably there are some controls over how they can access and what they can do with the information of american citizens and u.s. persons -- there is virtually no meaningful control over what they do and how they collect information of non-us persons. if you are not a u.s. person, and you are looking at this map, and you are thinking about this map in the context of what we have learned from edward snowden, you might be mad. you might feel that there is a

power imbalance going on here. a lot of government are pretty bad. this is the president of brazil. she recently spoke at the united nations. she accused the united states of breaching international law. they have completely failed to respect the privacy of anybody who is not an american on the internet. why does this matter? if you are an american, why do you care about non-americans and if their privacy rights are being disregarded? it relates to how we use the internet. this is something called the international telecommunications unit. they govern the international telephone and satellite system. last year, they tried to assert

control over how the internet is for native and how standards are developed. the u.n. body chose a block of governments. they came close to go, but another block of government, democracy is working with companies, working with citizens fought back. right now the way the internet is governed and coordinated is very decentralized. it involves engineers and companies and a lot of nongovernmental and fusions. there was an effort to say, governments need to reassert sovereignty over the internet. it was blocked last year, and unfortunately because of the nsa revelations, a lot of the governments that were voting for a more democratic centralized internet are starting to rethink. they are starting to talk about something called data sovereignty.

that means that governments are now discussing new laws that would require web services and internet services and telecommunications services who want to serve the citizens of a particular country -- the data needs to be stored and managed in that country. so what does that mean in practice? they're doing this because they do not want the nsa to have the outrage they have. there is a troubling side of that. there's one country that is already asserting sovereignty over data. it is called china. this is one of the results. facebook is blocked in china. this is what you get when you try to visit facebook on a chrome browser from within china. facebook will not housing services that are meant to serve chinese customers inside china. so you cannot access facebook in

china. this is the kind of world that would become more of a facsimile of the international telephone system, rather than a free and open internet. that is because you have a lot of people who feel that their rights are being violated. in my book, "consent of the networked," i argue that we need to start taking charge. we need to think of ourselves as citizens of the internet. citizens of this networked world and not just passive users. we need to start telling government and telling companies that run our services that we want our rights to be respected and also recognize that if only some people's rights are respected, and not others, ultimately no one's rights will be respected.

it is akin to the environmental movement. it is starting to emerge. very soon, there will be a march on washington to demand an end to unaccountable surveillance by the nsa. people can also begin to join a lot of international movements. there is global voices online, which i am part of. one way that an american can start to get involved with these issues is the electronic frontier foundation. you can go to esf.org and get a lot of information about what is going on and how to protect yourself in the future. there are a lot of drives and information about rallies that you can attend. there are a number of other organizations.

it is up to all of us to determine how our internet evolves. just as if you want chicago to be covered in a way that actually respects the rights of its citizens, is the citizens do not get actively involved in a governance, if the citizens have no idea how chicago is governed, who is exercising power and how, then you are not going to really be able to affect changes in that governance. you have to participate and be involved as. you have to make your views known. as a consumer, we can exercise a lot more power than we are doing right now is stop not only in terms of what you choose to use and not use, but is a vocal critic. a lot of these companies do respond to public criticism. lets exercise our power and not be passive users. let's become active citizens of this networked world we are in. moving on, there are some people who are so upset about the abuse of power in our digital lives

and to also have technical skills that they've joined a group called anonymous. i'm sure many of you have heard of it. their slogan is, we are anonymous. we are legion. we do not forget. expect us. that is their battle cry since they emerged in 2008 from a number of message boards where people began to post their conversations and opinions with anonymous not giving their real names. there's definitely a real ethic in that community about the importance of anonymity. they have also gone after a lot of organizations and governments that they do not like. laces that they feel are abusive. the church of scientology, government agencies in the united states, israel, tunisia,

uganda, the westboro baptist church, sony, etc.. one of our guest today is the author of "we are anonymous." new york magazine called this book the insider account of the hacker movement. she will share with us both some of her stories from her book, but also she will talk about some of her new work on mobile tracking. thank you very much. [applause] >> thank you. thank you. thank you so much for that introduction. it is a real privilege to be here at chicago ideas week. i am a journalist with forbes. i started off in radio journalism and i joined forbes in their london bureau writing about business and marketing currencies.

two years ago, i started focusing on technology. a couple years ago, i started writing about anonymous. i read a book about it. now forbes magazine probably isn't the kind of publication that you would expect one of their journalists to write about a bunch of young anarchic people who go around subverting things on the internet. they do not make much money at all. just to explain why and writing about anonymous, in 2010, forbes "the platform. that allowed journalists like me to focus on a topic that we were interested in and write about it with as much frequency as he wanted. i got lucky because in that same year, december, anonymous

carried out one of its most notorious attacks against a series of financial companies. they wanted to avenge wiki leaks and the arrest of julian assange. i have always been interested in disruptive figures and underground societies. i got tired of reading about rehashed articles online and i started interviewing some of the reporters. eventually, i made contact with some of the senior organizers and realized that this was not just a group. it was a whole culture with a history. they had etiquette and their own language. that fascinated me. i became obsessed of tracking these guys. i got in contact with some senior figures who created a splinter group, lulzsec. i would track what they were

doing in the public eye. i would track what they were doing with sony pictures and fox news and even the cia. it was a very hair-raising moment i had hackers threatening to destroy the company i work for. i saw my sources get paranoid. i was able to meet some of them face to face. some of them got arrested. it was quite emotional at times. i learned that a lot of these guys were young men, unemployed, quite isolated in society. they were extraordinarily intelligent, but they often lacked common sense. they were full of contradictions. for example, it is jake david lehman face to face while he was still part of lulzsec. online he was, topiary. he was one of the leaders of lulzsec. face to face, he was this scrawny young man who was not good at socializing and quite shy.

he is not like that anymore. this was a while ago. i also learned about a website called 4chan. you will hear about this for my colleagues. this is a website that anonymous started and it has been called, i will not say the word, but it is the armpit of the internet. it hosts a lot of graphic violence. it is a place where people come to discuss their fears and their proclivities and their inhibitions. one of my interviewees, who i call william in the book, he allowed me to take a picture of him by covering his face. he went on 4chan for many years every day. this was his life. it was a place where he could honestly talk about things in a way that he could not the off- line world. it was a real community for him even though he knew no names. let me give you a brief rundown of some of the key things i learned about anonymous and what it was. first of all, when we were first reading reports of anonymous, they were referred to as a group of hackers. that is not true.

it is not a group. it is a network of ever shifting nodes. most of them are not hackers. they were just good at trolling or knew the community very well. also the attacks that they carried out were very easy to do. they would download simple web tools from the internet, which had been previously created for penetration testing by i.t. security guys. it would support those tools and use them to launch cyber attacks. super easy to use. another key thing i learned was about the huge amount of year that exists in anonymous. red-hot paranoia, constant. part of that fear was about getting arrested. part of that fear was about getting doxed. to be doxed, is you have your online identity unveiled. they would sometimes spend more than a year cultivating a nickname online with a personality and everything else. as soon as you are real name is

revealed, the value of that identity was lost. this was a problem for people like jake davis when he was found out to be the real tell. nobody wanted to be doxed, but that threat was constantly being tossed around. that raises a lot of questions about privacy. for a lot of these guys, anonymity was the one way to experience privacy. anonymity was the one true way to experience privacy in an age when corporations and governments know more about us than ever before. last december, about two years after i wrote my book and researched unanimous, i moved from "forbes" in london to -- transferred to san francisco where i started studying and researching technology in silicon valley. and i can't begin to tell you what a jump into the deep end that was. and also how surprised i was by the blase attitudes i was

encountering among executives, startup, entrepreneurs about the privacy of consumers that they were building technology for. and i think a fundamental reason for that is because of the way our personal data translates into dollar signs. so it took an executive at a company called nuance, which is a voice recognition company, to put it succinctly for me, this particular attitude. he said that privacy was an economic consideration. now, this executive was helping nuance which does the voice recognition technology for the iphone siri to create a personal assistant technology separate to that, that could go beyond siri ins could referencing all the data between the different apps on our phones. kind of like a butler that has the keys to all the doors in your house and all the cup boards and every safe, just to make them that little bit better at what they do. i asked him about, wouldn't

consumers find that a little bit odd, to have their privacy unfringed like that? and he said, just again, i feel like this illustrates the attitudes in silicon valley, when do people feel their privacy has been breached? and then he said when information has been taken from them without value and exchange. all that have information that resides in the cloud can be anticipated and thought through and synergies made that i'd never thought about before. there's an astonishing amount of value in that information. people talk about value a lot. >> now, i think it's true that data goes a long way to defining us as individuals, as well as the things we own and say and think. but what does it mean for our individuality and our identities? if someone else knows about those things without our expressed permission? now, supporters of unanimous often weren't much better when it came to privacy infringement. they often said that information should be free but then the organizers of unanimous would

keep their names secret and also at the same time attack a company like sony pictures and release millions of passwords of consumers along with e mail addresses and names and cite that as collateral damage. so there's some complexity there about what kind of information should be free. information that's in the public interest? information about institutions, individuals? so, that debate's raging on. the one thing i know for certain is that information about us is being traded all the time more and more behind the scenes. increasingly even a price is being put on your head every time you open up a mobile app. like candy crush. i don't know anybody hear plays this. i have avoided actually downloading this game. but in the past, a developer of a game like candy crush, how

would they make money? they would sell ads through an ad network and this ad network would sell a few thousand impressions which is the proposition of being seen by a few thousand people to an advertiser like nike. so that model's changing now. app developers can insert a tool into their app that tracks how people are using the app, so they can make the app better. but also so that an advertiser can better target that person with ads and so the developer can make money. one of the biggest players in this game is a company called flurry. you might not have heard of them. they've got analytic tool which they give away to developers. because of that tool, flurry is now on 1.2 billion smart phones in the world today. that's an average of 10 apps on each of those phones, that means it has more mobile data than facebook and google. flurry triangulates all that data between the apps and creates personas and categories for people and aligns each smartphone with a category.

here's where it gets interested. flurry used to be an app network but it's now becoming an ad exchange, as are other similar companies, like a stock market for selling mobile ads. instead of showing an ad to thousands of iphone users at once, flurry holds an automatic auction to decide in a tent of a second which ad should be town to a single person the moment they open candy crush while they're sitting at the airport. the ad is isn't for 1,000 people, it's for one person. now, crucially, flurry knows a little bit about this person. it knows that she's a woman, that she's a new mother, she's a traveler, and that she likes fashion. and in a split second an ad for sunglasses shows up on her screen. flurry says, this is how you show the perfect ad it. has nothing to do with the ad itself. and everything to do with the person who is seeing it.

now, flurry says it doesn't know names, but it is possible as we heard earlier, cross reference one other piece of identifying information with another and a security breach and you can get names. flurry's c.e.o. told me last month that the persona it's creating about people are getting better for advertisers. it has 50 personas now. by the end of the year it will have 100. and who knows, at some point it might start taking in third party data like location data from other brokers to augment those personas. so i think it's often said in the debate about privacy in the western world that there is this tension between privacy and security. but what if there's a wider, potentially more sinister conflict between privacy and convenience? consumers love free. they love things to be convenient. more and more apps that are on the app store are becoming free and developers are increasingly making money through ads and ad exchanges like flurry. now i don't know how far certain technology companies in silicon valley will take their deep dive into our data and our individual identities, i don't know how far they're going to get to knowing

who we really are and docking us all. we might not be supporters of unanimous but our ability to compete an identity private boils down to the same thing that the unanimouses were trying to achieve which is a sense of control. how much control do i really have over my personal data anymore? what decisions are being made about me that i don't know about? how will these decisions affect my life in the future? now, unanimous in many ways was an unconscious backlash to all of that tracking as well as a huge diffusion of celebrity, of people taking their private lives public through platforms like facebook and youtube and vine. backlashes like this often come from young people because young people see things as they are. they're not bogged down by baggage and systems and

experience. a bunch of young people started unanimous in the mid 2000's as way to vent and bully and hack and protect, all of the wonderful and terrible things that make us uniquely human. and they did so at a time when it was becoming increasingly difficult to become unanimous online and in some pockets of modern society, to be human as well perhaps. with so many algorithms and trading desks that are helping to determine what we click on, what news articles we click on or what music we listen to or what movies we are going to watch or what we watch on tv. maybe by then if another network like unanimous is created by a new generation of people, my guess is they won't gather online anymore. because the very definition of going online will be to forego any privacy or anonymity at all. maybe they'll just shut down their devices, take off their augmented reality glasses, open the door and go outside and meet one another. face to face. thank you very much. [applause] >> thank you.

thanks. that was great, parmy. we go deeper and deeper into the subject. i was reminded as she was talking of a conversation i had with the person who worked as a company i won't name and i asked this person, why doesn't your company do this, that and the other thing that would help to protect the privacy of your users? and the response was really interesting. the response was, management doesn't want to devote resources to doing anything that our customers are not demanding. and because customers and users are not demanding these privacy protections, it was not prioritized. so, that's just a little crumb of food for thought. we're sort of silently allowing these things to take place. but, to come back to the whole issue of anonymity, because

that's -- we're going to delve even deeper into that in a minute, but think of the sentence, you know, you have ever thought, what would people out there think of me if they knew i loved fill in the blank, whatever it is. and of course if you can go online and be unanimous, you can meet other people who love that thing, that maybe it's just sort of an odd hobby that your friends might make fun of you about, maybe it's something that maybe it's a political preference you don't want your employers to know about, whatever it is, the ability to communicate and connect with people unanimously online allows groups to form around interests that people may have a very good reason not to want attached to their real-life identity and made public.

so, this is fishy. there are some people who argue anonymity means lack of accountability. we need identity to have accountability. but there's this other issue of can you escape pervasive surveillance and oversight and can you do that if anonymity is lost? and this is the angle that cole stryker is going to be exploring. he's author of the recent book, "hacking the future: privacy, identity and anonymity on the web." and he talks about the importance of being able to achieve anonymity for two primary reasons which i believe cole will very shortly explain. cole striker. [applause] >> thanks for having me. my name is cole stryker. i'm an author based in new york and i've spent the last couple of years of my life studying anonymity, first through the

similar stuff that parmy's been work on, studying unanimous and these communities that have chosen to operate under the veil of anonymity for various reasons, for good and bad. yes, so, i basically decided to talk about a history of anonymity. and there's a couple reasons. one, is because i think that there are probably a lot of people in this audience who are of the opinion that if i've done nothing wrong, i have nothing to hide. thanks widespread opinion in american society. shared by a lot of my close friends and family before my book came out. so that book was kind of dedicated to them. and then the other reason is i have a personal rule not to talk too much about technology when there's a guy with a ponytail talking after me. so i won't be talking -- i don't want to look too foolish. so i'll focus on the history. [laughter] so, yes, unanimous was this group of trolls and pranksters that basically were lighting up the internet right before i got my book deal and around that time they started to take this kind of pseudo political bent where they were going after people they thought were censoring the web, promoting surveillance, and this picture is just an example of what

unanimous was doing. where they invited the internet to name their new flavor of mountain due and the winner was hitler did nothing wrong which was basically a way of saying, if you come onto our internet and try to capitalize on our creativity, this is what you're going to get in return. they weren't big fans of my book. these quotes are from reviews on amazon. they basically don't like it when people write about them. or at least at the time before they became a huge media sensation this was basically the reaction that you would get. if you wrote about unanimous. and they gave me the same kind of treatment that parmy got where they tried to find out where i lived, they harassed my family, they sent me junk mail. they sent my aunt a letter under my name that was basically a deep confession of my sexual urges toward her. this woman's in her 60's. [laughter] basically my family and friends

couldn't understand. they're like, there ought to be a law that people shouldn't be allowed to say these kind of nasty things about you online. and just hide behind anonymity, it doesn't seem fair. i found that to be such a widespread view that that became the subject of my next book. even very powerful people, i kind of dedicated the book to randi zuckerberg, the sister of mark, who founded facebook. she said, i think anonymity on the internet has to go away. obviously a person in a pretty powerful position holds this belief. here's a couple other examples. they were saying the same things along the lines of, if you've done nothing wrong, you have nothing to hide. so, without further ado, i would like to get into the history of unanimous. a quote from emily dickinson. so there are a couple of reasons why someone might have wanted to be unanimous and one might be to uphold modesty. an example of like is the guy who wrote "amazing grace." he was someone who didn't want to associate his work with

himself because he didn't want to take attention away from his creator who he was trying to basically pray through this work. another example, we have alice in wonderland. the author, lewis carol, that wasn't his real name, basically didn't want to associate his stories with his serious academic work. and he was a painfully shy mathematician, didn't want those two worlds colliding. so they had a pragmatic point of his own identity, where in this person i'm this person and in this person i'm this person. another reason to be unanimous might be to stymie sexist. there's countless examples of this throughout history. two of my favorites are charlotte bronte who has a great quote here saying, i want to be judged as an author, not as a man or woman. in those days, being a woman author invited an unimaginable

amount of prejudice against one's works. another great example is mary ann evans who you all know as george eliott. she used her second identity as a tool that could be dropped at any moment were it cease to be useful for her. i have a friend who wrote for the political blog for some time under the pseudonym and spent over a year talking about the seedy underbelly of the lobbying industry in washington, d.c., cultivated a rabid following. and basically aye as soon as they found out she was a woman, immediately turned on her. her comment section became a land full of people calling her fat and ugly and a pig. basically something that would never happen to a man because men are valued more in our society on their ideas that they bring to the table and women are valued based on their looks. i think that to say that this is something that we no longer have to deal with is a position that can only be driven by privilege and ignorance.

the examples here are kind of like the godfathers of the unanimous group. "gulliver's travels" was throwing molotov cocktails at the establishment. he also wrote an essay about how the starving irish would eat their children as a way of using satire to attack the governing ways of the english people. that obviously would have gotten him killed or put in jail for life. had those sentiments been associated with his real name. and then most importantly in my opinion, this here is thomas payne. we'll get to him in a second. but i just -- i don't have a ton of time so i'm going to buzz through these bullet points. 1538, first licensing law in

everything has to be run by a royal analyst. later, printers. he was printing something new necklace on the line. . this is something by another french marriage. his name was doug. -- his name was stubbs so it almost is a perfect outcome for him. there 1589, martin was published. he used anonymity as offense. he named real people in power, basically criticizing them publicly in a way that they couldn't fight back because he

was unanimous. in 1643, another printing regulation where instead of the crown it becomes the state, it becomes the primary body for deciding what stuff can be published and what stuff gets someone killed or thrown in jail. john twyn was a printer who printed something by an unanimous author and had his head put on a spike and his body quartered and each of his body parts were put on the gates of london just as a sign to anyone who might try to pull something like that. and then things start to get better. you have john locke publishing "two treatises." in 1734 john peter zenger is acquitted. that's a turning point for people in governance saying they want to cool a little bit of putting all these people in

jail. and then of course 1776, a monumental year. thomas payne writes "common sense". and then over the course of the next century you have abolitionists, pacifists, also using anonymity or pseudo anonymity in order to speak out against the power that be. and then fast forwarding all the way up to the 1958, we've got a couple of court cases that were important. ncaap vs. alabama. alabama decides that it wants the membership list of the ncaap. the ncaap says, hell no. if you get this list, all of our members are going to have burning crosses on their lawns tomorrow morning. and the court favored the ncaap. in 1960, this was an antipamphlet hearing that said you can't distribute them unless there's a name on them and that was overturned here.

then skipping away ahead to 1994, you start to see this in the digital realm. really the first anti- scientology movement that we've seen blown up with unanimous 15 years later. and then a finnish unanimous remailer. these were guys that had their doors kicked in by the f.b.i., hard drives seized, things like that, which really was kind of the trigger for the hackers being really activists, was kind of born here, where they were fighting for freedom against censorship and for freedom of speech. and then in 1997, excuse me, aclu vs. zel miller. you have the state of georgia saying no one can use the internet under a sued anymore.

thankfully the state decided, georgia, you don't own the internet or run the show here, so just chill out. and then going alongside this history, we've got the history of cryptography. but it's a fascinating history of how basically cryptographic technology was lip rated from the few organizations that had access to it. mainly because it was used as a military tool. you have the public now able to conceal their messages, digital messages, and mainly this happened because there was an economic reason, banks needed to be able to secure financial data and then over time it got to the point where the everyman, provided that he has the tech savvy, can now use this information, this technology to conceal their information. so, today a lot of people in very powerful positions are basically saying, why do we need privacy? i think this is really

concerning. here's a guy, this is a very super journalist who says, if you're not a pedophile, you don't need privacy. he's never seen anyone using privacy for a good cause. i would hope if this journalist had at least just seen the last 10 minutes of my talk, would feel differently about it. here's somebody else. this is a microsoft research who are wants driver's licenses for the internet. and any hacker will laugh at you if you tell them that this is a possibility. but basically this would be an authentication law that would work like a log-in to facebook where you would log-in to the entire internet instead of just individual websites and everything you do online would be traced to you. unlikely that would happen but there are people who would like to see it happen. again, we come back to these questions, if i've dog done nothing wrong, i have nothing to

hide. another one i think is privileged related. isn't this just a fake problem that doesn't matter to people who have never had to worry about putting food on the table? my argument is that unanimity and privacy issues are of most concern to people that are on the fringes. most marginalized, least privileged people. if you're a homosexual teenager living in iran, you could very likely be rounded up and shot. that happened. so i wouldn't call that person someone who doesn't need it. then there's pedophiles, cyberthieves, cyberterrorists, things like that. what's going to happen if we allow for a world of unanimity, won't these people run rampant? i've got news for you. we live in that world. any kind of measures taken to track people are easily circumvented by people who have enough technical know-how to get around them. my opinion is that hackers are always going to be one step ahead of the feds and even the

feds employ very smart hackers, we should never underestimate the ability of people to break systems. then finally, the but i live in america. we don't have censorship here, you're not going to get your hands cut off if you speak out against obama. that might be true. but this presentation was written before those n.s.a. leaks. and i think that that's kind of the case in point here. we are far less secure than we thought our information was. and the fact that the n.s.a. has unfettered access into all of these technological platforms that we're using on a daily basis should be cause for concern. and even if we trust obama and trust basically our benevolent overlords today, who is to say what the landscape is going to look like 10, 20, 30, 40 years down the line? the decisions that we make now are far-reaching. so basically this is all setting up to what i like to call the identity wars which is the original title of my last book. where you have a bunch of lightly or loosely related

collectives like the electronic frontier foundation, wikileaks, and other activist groups. you have silent circle which are technological platforms that protect people's identities and you have wild cards like unanimous who are trying to create ways where people can perform commercial transactions unanimously. and then on the other side, you've got facebook, google, the n.s.a., the f.b.i., governments like chinese and then corporations like chevron and at&t. i threw chevron on there because they're trying to basically force corporations like yahoo! and google to divulge nine years' worth of email and web browsing history from people they are trying to fight in court. and so that's -- that kind of a threat could come from any powerful company. so, i guess the whole thesis here is that the i've done nothing wrong, i have nothing to hide is a position that is informed by privilege and that if that's how you think, you're

not thinking of the homosexual teenager who is living in iran or even the homosexual teenager who is living in alabama and doesn't want his parents to find out. there are plenty of good reasons to want to have different kinds of identities. thank are different on different platforms. and i'll leave you with this story. i just read a couple days ago that mark zuckerberg bought a piece of property adjacent to his home because he wanted more privacy. i think that says it all. thank you. [applause] >> thank you. thanks so much, cole. that story about zuckerberg and his property, that really does say it all, doesn't it? so, going deeper, particularly in this country we are really fascinated by what people like to call smart technology. technology that can think on its

own, artificial intelligence. but what happens when that technology starts to do things that you didn't know it could do. and that you didn't consent for it to do? what happens if the technology turns on you? turns against you? there's plenty of science fiction movies about that kind of thing happening. but it's actually not just the stuff of science fiction. robert vamosi is a digit cal security expert. he's written a book titled "when gadgets betray us: the dark side with our infatuation with new technologies." he has realized just how disconnected we are with the capabilities of the gadgets and services used all the time and that we've come to depend on and he believes it's absolutely important to educate people about the capabilities of the technologies we're using as well as the real risks to privacy and security that we must be aware of if we want to be empowered users of technology and not just

passive subjects for the technology to use us. so he's here to give us a glimpse of how this all works. robert, thank you very much. >> thank you. [applause] >> so i'm robert vamosi. i'm cissp which gives me the credit of being an expert. i'm also a security analyst for a corporation which is a device security company out of san francisco. as we just found out, i'm the author of when gadgets betray us and i'm also in a movie documentary about hacking called code 2600 which is now available from amazon. i'm also a graduate of the university so it's great to be back here in chicago. thank you. so i'm going to talk on the

subject that's a little bit different than what cole and parmy set up and still talk about privacy but i'm going to talk to you about the internet of things, this idea that all these gadgets that we have are being connected to each other and to the internet. and what those consequences might be. i see it as a new playground for digital feeds. with every new technology you are always going to have this trade-off between security and convenience. you want the cool factor but what are you giving up in the meantime? what sort of behavioral privacy might be collected by these new gadgets that are coming into our lives? we are in a time of great experimentation. if you think back 10 years ago when facebook was first around, people put their addresses and all sorts of personal information because they wanted to share it with the world. we realized it was a bad idea. what is going on passively with a lot of the gadgets that we own? what is being collected that we are not thinking about yet?

they are some gadgets that are designed to collect data and it is important. i am talking about medical devices. if you live in north dakota and you don't want to drive a four hours to get that medical practitioner to adjust something in your medical device, you could do it over the internet. that is great. that is more time you could live and not be in transit. how can -- how secure are those devices? there was a researcher and he looked into the security of an insulin pump. he looked at what was going on with particular bladers -- heart different realtors -- he did have an opportunity before he died to work with the medical device manufacturers and hopefully his legacy will be those manufacturers are including more security to make those devices resilient to pranksters who may want to throw a pacemaker into this state. my company in 2010 did a test on

commercially available pd's and what they found was the data that was found on these tvs were stored in the clear and data in transit was also being transmitted in the clear. there was no encryption going on. you might say what is the big deal. if you subscribe to a service like netflix now your username and password is available to

someone who could go on the internet and go in and now take your service and start watching shows that you are watching. that is theft of service. maybe not a big deal to you but we are going to see other examples of gadgets that collect information and the consequences get more severe. back in 2009, the government put an incentive in front of a lot of the utility companies and said roll this out. make sure every home and business has a smart meter. do we bother to test these devices before we roll about? no, we just rolled out and now it is out there. did we look at the basic security of them? did we find out what is being collected? now that they are out there,

what can we do with that data that is being collected? that is what is really interesting about these gadgets when they connect to the internet. we think of the convenience of immediately having access but five years or 10 years from now what can be done with the data? the bottom part of this slide is what you see from a smart meter. every 20 seconds, sometimes it is often as two seconds, it pulls the data of energy usage in your home. you see some steady blocks bear which is something like an air conditioner going on and off and you see these valleys when it is evening or when you are away from home. they are subjected peaks in there. researchers have now dealt then and found that digital tvs admit particular signatures. the researchers can actually say with maybe 80% accuracy what you

are watching just based on your power usage. wow. who knew? a lot of these devices do not protect data at rest or motion. some german hackers had some fun with it. the top chart is an example of that where they manipulated the readings from a smart meter that would display on the graph. if you can't see it, what they are saying there is -- you have been hacked. you can lower your energy usage at home. the neighbor that is causing you problems, you can raise their energy usage so they get billed more.

we are currently exhausting all of the ip addresses and we are not transitioning to something called ip6. consider all of the grains of sand in all of the beaches and sand, that is all the addresses that will be available under it. gadgets will start to use it. one company has started to roll out encoded using those addresses. this is great because you can use it and you can regulate the hue of individual light bulb in your home. it is an opportunity for someone to use drop. i can know when you are home or when you are not or maybe i want to know your preferences. we go further with that. if we have so many ip addresses out there, we will connect everything. i am talking about in my book a lot of different gadgets that we have around the home that we may not even think about as connecting to the internet. new digital cameras now had that

bunch of photographs from you, i can start to trace your behavior. i can plot on a map where you live, most likely where you work, what parks you like to go to just based on the photographs i've taken off of your camera. i don't even have to go to your camera. i can go to some website and pull down photographs because a lot of the mobile phones still track location data. you can turn that off so good news on that. let's leave the home and take a walk. in london recently, the company that makes digital displays on the side of garbage cans decided they wanted to go a step further and start collecting data about the people that passed by these particular garbage cans. they started collecting the mac address. every address that we have has a mac address.

it identifies the manufacturer and the last digits are the identifier. it will start to build a profile. you know that every day at 12:00, this device walks by this particular garbage can and then there was another can that picks up that same signature to it later. you can collect a path. you collect a lot of random data without knowing with that person is. what are we going to do with this data? i don't know. it is good to be aware that this type of data is being collected and that people like the mayor of london quickly shut this down once he found out it was going on in his city. they are conveniences and having dashboard navigation. there is a company in 2011 that actually used the data it was collecting from its navigation devices and handed it over to

the dutch police. they could tell by how fast you got to a destination how fast you were going. so we had virtual speed traps. they publicly apologized and said they would never do that again but think about that the next time you use google or some other navigation service. they have an idea of how far it is from point a to point b and if you suddenly get to point b faster than expected, you can infer that you are probably speeding to get there. the things that go one into your car are being recorded. from 2011, the president of the united states have black boxes and it. the engineers use the black boxes. in the 1970's, people died

because of the early airbags. black boxes are now in every single car and as of 2012 the owner's manuals have to declare it is the case. in 2014, they said that that 40 pieces of data in that black box. that includes if you are wearing a seatbelt, did you have your lights on, did you have your stereo on, how loud was the music in the car at the time of the crash. that candidate is being recorded so that assumption to think about the next time you are driving. you are being watched whether you want to or not. what can you do? you can't really stop data collection but you can minimize it.

you can turn off unnecessary settings in the device configuration. my data plan is pretty liberal so i turn off wi-fi. i feel a little more secure about that. i turn off photographs. if you are really paranoid, don't take the same path every day to work. shake it up a little bit. go a different route. the devices being tracked so maybe they think different people are doing that. turn off your devices occasionally. maybe not use technology so much. i love technology and i am not going to start doing that. my take away is think about what the device might be collecting and learn to live with it. be comfortable with what you are using and if you do not like it, pushed back. do not buy that device argues that technology. just push back a little bit. the gadgets don't control us, we control them. thank you very much.

[applause] >> thank you so much. one point of information -- if your cell phone battery is still in your cell phone, it can be turned on remotely and use as a tracking device even if you have it turned off. if you don't want to be tracked, and leave it at home. or get a cell phone that you can take the battery out. moving along swiftly and easily, we are now turning to -- sorry. who is concerned about the problem that companies make false claims about their security. they claimed they had their data secure, they claim they are taking these measures, but is it really all that secure? he is dedicated to holding

companies accountable for the claims they are making about your security and your privacy. as he said in his research, the level of anonymity that customers can expect is fundamentally unreliable. i turn it over to him who is going to explain this for us. thank you. [applause] >> thank you. rebecca doesn't mention i bought because i do not have one. i could talk about any privacy topic. what i found most useful to share with you today is online tracking and how companies are tracking is online when we browse. let me show you this cartoon. do you remember the famous tagline that but with this? that was the early innocent days of internet. it makes you feel nostalgic doesn't it? imagine what that would've sounded like if that cartoon was

published today. it would be something like -- it is the internet. they know your favorite brand of pet food. this is the reality that we live in today. this is what i wanted to talk to about. i want to give you batting good news. the bad news is that we live in a world with exploding complexity of online tracking. i have a team of students at princeton that i'm working with where i am a professor and we are reverse engineering the companies are doing online in terms of tracking us and our personal data. i want to give you good news. you have a lot of power in the situation. there are a lot of things you can do and i want to share that with you as well. what i want to talk about pacific league when i talk about

online tracking is what i call online tracking which i considered the most insidious form of online tracking. it is where sites other than the ones you are visiting that are typically invisible are collecting profiles as you are browsing. you might wonder how does this happen? let me show you a screenshot -- this is from a study at stanford of online tracking. this is from the new york times and you can see in the picture how many areas are highlighted in red and these are all content that are being served by sites other than the new york times. when this happens your browser connects to other sites that are concealed in all of these other sites now know you have visited the new york times and whatever other site you visited and that is how they compile information on you. one study revealed there are 64 independent tracking mechanisms

on one website. just to drive home this point of how subtle these trackers can be, let me show you a screenshot let me show you what these third-party trackers could be. it could be well-known companies. it could be companies that you probably have never heard of. there was one track at that we found in our database which is very prominent. you probably visited this site and they remember you because they are in the business of remembering you. here is a screenshot of the national health service and you are looking at their syphilis

page. a lot of information -- good information. there was a facebook like button on their and five people have clicked it. [laughter] the scary part is that not i table but -- like it, the people who visited was not aware there was a facebook tracker on this page and that facebook is watching what they browse online. facebook has your identity and knows who you are because you have left your browser locked into facebook like most of us do. if that does not convince you there are some invisible trackers, let me summarize why one may want to worry about this online tracking. there is basically our intellectual privacy because people behave differently when they know there are hundreds of people watching what you do. that is a freedom to protect. there is behavioral profiling and targeting. that is the level of targeting and profiling that this data can reveal about you. there is also polluting area

evidence that browsing can be used for price dissemination. you might be the type of person that does not care about this and you only being safe from the government. tell me about the nsa. i have news for you. in the recent nsa leaks, it was revealed that one of the things they're using to track you is double-click tracking cookies. these third-party companies are doing nsa's work for them. scary stuff. i have been working -- researching the online space for four years now. let me share with you some of the things i have found that with what works and what does not work in how you can protect yourself. one piece of good news is that something that does work is public opinion. this might seem logical that a lot of these companies really care if there is a privacy backlash. there have been many incidents because there was a backlash.

you might remember google buzz. let me give you an example that is closely related to third- party online tracking. there was this feature called facebook instant personalization. i consider this the most riotously privacy intrusive. facebook talk silently in the background and they tell you who you are and various things about you like your location and various movies that you like. many experts complained about this. organizations who we have heard about several times already picked up this. because of that, facebook limited to a very literary rollout and not happening today. the internet could be a worse place for privacy if this was allowed to happen.

we are living in the reality of facebook. that is one piece of good news. on the other hand, here is something that does not work. efforts for privacy advocates to sit down at the table do not seem to have worked. when they tell me the story of do not track. i am one of the research behind the do not track proposal. they are saying, if you're worried about tracking, we are ok with that because we believe most people will be convinced of the advantages of it. let's make a browser setting so that the browser can help you. browser vendors got on board with this. it is on every browser today. that is called the do not track. what happened? there was two years of constant

negotiations and what tracking companies are obligated to do and not obligated to do. everybody has finally agreed that these negotiations are going nowhere. this idea of being on the same page and talking about it together, that has not worked out. i would say that for do not track, it is time to move on. we are in a world where the interests of the tracking companies in the interests of consumers are misaligned. i am ok with that. we tried but it did not work. i want to tell you there was a bunch of these blocking tools from eye tracking and these blocking tools work really well. adblock plus is an example of

what i use. there are more. these are typically browser add- ons. when i tell people about blocking tools, one of the things they say is, this is not a good solution for me because there are new privacy intrusions all the time so i have to go and change the settings again or have to install another blocking tool. here is my answer to that. i do not necessarily on top of all the privacy intrusions that are going on. there are a lot of organizations that are in the business of staying on top of this and telling you about them. there is a privacy company that i like. there are others. one of the things you could do that is very powerful is just get on the twitter feed of these organizations that are in the business of always knowing whenever there is a new privacy intrusion and telling you in very simple steps what you have to install. that is a method that can work

for most people. to put it differently, the price of online privacy is vigilance. but we have today is that this eternal vigilance is a problem that can be solved by technology. people give up when they hear you have to keep changing your privacy settings all the time. i have been doing that and teaching people to do that and that is not hard. all you have to do is set aside an hour or two per month to stay on top of this. that is an easy tool everybody can use. in my years of researching, there is one other point that is come out which has been people get into an arms race. if it is an arms race, bring it on. the balance of power is with consumers. this is because of the legal nuance. safari had a feature to block

third-party cookies. google, in one of the tracking features, try to circumvent this tracking protection. an independent researcher found this out, who i am going to show you in a second, because of that the federal trade commission was able to step in and said this was a circumvention of the existing privacy tool. google was given a large fine. if he gets into an arms race, there are legal mechanisms to protect us such as the federal trade commission. go ahead, be comfortable in calling those privacy tools. a success story is that reverse engineering i independent researchers has helped a lot in

revealing the state of online tracking. these are a couple of guys who have been heroes in this new wave of research. let me summarize the three takeaways that i have for you. the first one is to support privacy groups because it is true these groups -- a lot of these tools are given news. the second one is going to be to voice her concerns to companies and regulators because we have seen that public opinion has been a powerful force for companies to change their privacy policies. the most important one is that these blocking tools really work. the only caveat here is you have to pick the right tools and stay updated. it involves effort. even though the price of privacy is eternal vigilance, that is not hard.

get on twitter, follow some of these privacy newsfeeds. that will almost take care of the problem for you. you will feel like you're in control because you will find out about things as soon as they happen anyone know how to protect yourself. i will leave you with that thought. thank you for your time. [applause] >> thank you so much. i use a few of those blocking tools on my different browsers and i have to say, yeah, they are impressive and how they work. last but not least, while google may be a household name, there is another search engine that most of you have not heard of. this is a search engine upper websites for devices that are connected to the internet.

this search engine is basically scanning the internet for the ip addresses of various devices and enabling people to search and locate these devices. our next speaker is going to be talking about the research he does to determine network security logistics and to perform testing for his clients using this search engine, among other things. he is here to share with us how we can use this information in empowering ways to carry out repetitive practices of our own. here he is the tell us about all of the rather amazing things that one can find just by searching the internet. thanks, dan. [applause] >> hello. i will be your ponytail for this evening. over the last two years, i have had this habit of finding things on the internet and displaying them in presenting them. this is a very short compilation

of some of the things i have found on the internet. it is easy to find interesting stuff online if you know where to look. you don't need special tools. you don't need special skills. you need a browser. a lot of stuff can be found by searching google, but even more so there is a search engine called showdown that is exposing to the internet versus a webpage. this is the front end of it. this is where you type your query. it is just like google essentially. it is to show you what is connected beyond web servers. you have to imagine the internet

like america's freeway system. if you were to get out and look around, if you are a step out over an overpass, you could look inside every truck bed and convertible car. the internet is the same way. people are exposing things either willingly or unknowingly and anybody can look at the know where to look. there are tons of internet cameras. i found 972,000 publicly accessible webcams. this happens to be in somebody's office. somebody put it on the internet. why? i have no idea. this is another system. this is a camera system i found on the internet. >> ok.

too much. this is a hydrogen fuel cell. why someone would want to put that on the internet is beyond my comprehension but it is there and you can get to it if you want to. these things tend to be found at the base of 4g cell phone towers. wind farms are connected to the internet. here is an interface or one, publicly accessible. it could be italian. some very large industrial system controlling something that looks like it could be under a lot of pressure publicly accessible to the internet. i can control the pumps. do not let me control the pumps. it is a bad idea. this is a private residence. this is a house. it is someone's home.

this thermostat might look familiar. this is a thermostat system that i think is made by honeywell. is a popular controller to do this kind of thing. these are connected to the internet as well and they have touch panels you can control using a vnc protocol over the internet. larger systems that could be in large buildings like this one, this is a system that controls the boiler room. this is contents under pressure situation where the system is publicly accessible online. you probably don't want nefarious people getting their hands on it. you have to ask yourself -- this system has been online for years and years. if a bad guy wanted to do bad stuff with it, why haven't they already? to take that a step further, some of today's other speakers have elaborated. you can start to confer things

based on this information that you find and you can cross-link information to find more interesting things. this is a short little example of that. this is a camera system that i found somewhere in the united states that is using another internet ash network phase -- network interface. i can control this over the internet using a browser. i can pan around and spy on the girl at the front desk and i can look around the room and a lobby. so i did. there is a cool tool you can put into chrome. it will tell you some small details about the website you are visiting, the the city is in, whether it is scary or not, it things like that. you can validate where this thing lives. in this case it is an newberry port, massachusetts. panning the camera over to the logo on the front door which laughably says security

integrators. using that information and their city, i was able to find out on google where they are and this is as close as google maps would let me get to them. this was done with a browser. i use nothing but google chrome to do this. no special tools, just playing on the internet. you can take it up a notch and do some simple social engineering. it is amazing when you can do and this was not me, but these were sent to me. it is amazing what you can do when you call a person working at a pizza place and say, we are watching you, you should do some stuff. i've been doing this talk for a while and based on what i've done, people on the internet have you some tools i released in one of them was inside of a

pizza place. they call the place and you see the monitor on the far left is covered in brown paper. they told the girl that was something wrong with the computer and that in order to fix it they had to put brown paper around it and she had to write "omg hax." massive cooling equipment could not be found on the internet. i never really worked on an industrial setting before but this is a building that has 15 youth average of coolers. this is the interface. it is publicly accessible. us talk about information linkage -- begins. this is a ui. if you can tell what the name of the guy is that at men's this when i am not doing it, i will give you one dollar.

he even mailed me because my computer's name appeared in the list when i landed on this controller. things in the world around you are keeping track of and loosely logging places in not a lot of people look. the protocol that was designed to bring together hvac systems and industrial systems that were running in businesses like this one. if you wanted the air- conditioning to talk to the garage or the alarm, you could use this to do that. echelon makes the system and they are stackable. there is a place in denmark that has one place controlling all the controllers in the city. the lower controllers were password-protected but the upper one that controls everything was not.

i found a place that was like a convention center under that basketball floor, i guess, is an ice rink that you can defrost if you are up to it. why these controllers are online, i am not sure. i am guessing it is for the convenience of the organization. they should have taken five minutes to think about what they were doing before they put it on the internet and i found it. they have conveniently placed their floor plans on their website so you want to mess with certain parts of the building, you can. other organizations that are controlled by this system -- another version of this talk has another dozen of these things that is controlled by the same unit. you get into one and can control the rest. it'd think your phones are safe, maybe, depends. this is a screenshot of an application you can install on

an android phone. this is a phone that someone has set up in the living room is publicly accessible that is monitoring their living room. you can sit there and watch what they are doing in their living room. not only can you watch the video, you can use drop on the room. if you really want to scare them, you wait until it gets dark and you can turn the flash on and off. you can morse code at them with the phone. you can tell that to these things and put them into test mode. you can mess with stoplights. i guess people went back to the 1990's, security, security, i will put it on the internet and no one will find it. you can scan the internet over and over again and keep finding

this stuff. i will keep doing it and keep laughing at the guys that do this. the idea that you can put something online it will be safe if you don't tell anyone about it is not a good idea. this is another fun find. it has a website, or i should say the units that are deployed that have web interfaces that look like this. they keep track of every single car that drives to the intersection. i thought the red light cameras but they actually take pictures of everyone. why that is, i am not sure. a c, you can change the destination place where they go. this is a french hydroelectric plant that i found it is directly connected to the internet. i did not let the job or run because i thought it was a malicious website.

yes, that does read kilowatt. this is a french hydroelectric plant on the internet that is still online today. i've a story that involved our government and the french government talking and he basically said, "eh," and left it. the french really like their hydroelectric plants on the internet. other people have found this hydroelectric plant and broken it and cause it to flood people. apparently it is still open and people can still get to it. i put that on twitter. the dhs called me, so police they are listening. the french really do like to leave their power plants online. here's another one, and a third, and a fourth. after four, i give up. satellite systems are online as well. storage arrays, emergency telecommunications equipment, home automation systems, you can control a guy's garage door if

you want. swimming pool -- why would you put a swimming pool on the internet? i don't know. why would you give me control of the acid pump controlled by the system? you can put it into manual mode" the acid into the pool. openly, publicly. anyone who knows the ip address of the system would be able to dump the acid into the pool. ge system that is meant to link together m.r.i. systems. wikipedia has an article that says it is like 27 of them that talk to each other. some genius thought it would be a good idea to put that on the internet. medical stuff, imaging. so, i went looking for it and i found a lot of them. direct the connected to the internet.

this is what it looks like when you search for ge centricity. when you look at this, it you can see some stuff. i looked it up and it turns out it is a breast, liver, and prostate imaging tools that is used is hospital. this is publicly accessible on the internet. why are people putting this on? i'm sorry, i'm like two minutes over. >> people are telling me i'm going to have to thank you very much. >> thank you for the time. i really appreciated. [applause] [captioning performed by national captioning institute] [captions copyright national cable satellite corp. 2013] is in primevision time beginning tonight with the books on law and the courts. starting at 830 p.m. eastern, marcia coyle discusses her book on chief justice john roberts.

looks at thesent first amendment and how was interpreted in an early 20th century to bring court case. military prosecutions of terror suspects with his book "the terror courts." it is american history in prime time. a look at the life of george washington and his lifelong interest in learning and education. that is followed with a look at his presidency. bruce talks about washington's defeat at the battle of brandywine. a lesser-known battle that was thought that spot during the early stages of the american revolution. >> he says what he thinks no matter what it is. i think you have to be political in a certain way. you have to be on this. you have to say the same things. you have to cater to people

sometimes i think and know what they want and need. it is not being dishonest. it is finding out what they want and letting them know how you're going to help them with the problem. first lady's influence and image season two. lady bird johnson to rosalyn carter. weeknights at 9:00 p.m. eastern on c-span. >> it is on fire. things are moving extremely fast. is after five or 10 years. no googles. new programming languages. what we have done is we have slid it into this.

we should have these on the same one. we should work in rest at the same time. haveves so fast we cannot this anymore. we have to stay up to date. >> new year's day on c-span. ceo's of twitter and others on the future of higher education and data of the new industrial revolution on book tv, unflinching courage. kay bailey hutchison on the women who helped shape texas. that is at 8:45 p.m. on american history television, daughter of american civil rights leaders share their memories of the civil rights era. health a look at insurance coverage under the health-care law. from " washington journal" this

is one hour. we're goingext hour to talk about the affordable care act, how things are going, where they are going in 2014. robin,sts are julie thank you for joining us. with theso talking national healthcare reporter. thank you for joining us. one of the screaming headlines from over the weekend, almost 1 million and rolled on the exchange this month. this came up yesterday. still short of the 3.3 million expected by year and. how are things going? everything in life is relative. it is better than it had been. there was the rollout of

healthcare.gov and the enrollment process was nothing short of a disaster. abledministration was only to enroll it further -- a few thousand people in the first few months. it is doing a lot better. it is still short of where they need to be. they do have another three months to enroll people. the momentum continues. perhaps you'll get a few more million by the end of the enrollment. a veryenerally first is important date coming. what will make a successful january 1? guest: guest: what they are most worried about is all those people for the last week, if you take the numbers apart, it looks like own -- almost half a million people enrolled -- and they extended again to christmas eve, to make sure people who signed up for a plan actually have insurance. they are all the people who want insurance then. if you keep signing up now, you will have insurance, let the people who signed up were really are to have insurance starting on the first of the year.

it is now important for the people who think they sign up for a plan actually have a plan. it is not just the front end of their website that works, but the back end, which means all of those get translated to all the insurance companies and the companies are able to follow through with the people who signed up, to make sure the people who signed up pay their premium. that is how you actually finish the process. they extended that deadline as