Hacker News new | past | comments | ask | show | jobs | submit login
Transcript of meeting between Julian Assange and Google CEO Eric Schmidt (wikileaks.org)
348 points by chasingtheflow on Apr 19, 2013 | hide | past | web | favorite | 73 comments

Say whatever you will about Assange; it's clear he puts a great deal of thought and effort into what he does. I highly recommend his essay on the nature, structure, and weaknesses of conspiracies he wrote shortly after starting Wikileaks:


It's not exactly a pg classic, but it does give good insight into his motivations and thought processes.

JA: " I have been told actually that VeriSign, by people who are in the know, although I am not yet willing to go on the public record, cause I only have one source, just between you and me, one source that says that VeriSign has actually given keys to the US government. Not all, but a particular key."

Thats not surprising in the least bit, In fact if you're really paranoid you can assume most of the signing authorities have given up some of their private keys....

As a non-crypto-literate web denizen, does an individual (in this case, governmental organization) possessing the "root" CA private key mean they can decrypt messages that were encrypted by derived 'child' certificates/keys?

I might be completely off base and confusing certificates and keys here, though...

Having the private key of a trusted root CA lets you create leaf certificates (or intermediate CAs) that your computer will trust implicitly (because the root is trusted). This would allow someone to man-in-the-middle your connection to, say, gmail (with help of your ISP) and you would not be able to easily detect it.

Gibson Research Corporation created a page that shows the real signature for some common websites (and lets you check any site you want). You can then connect to them and view the signature in your browser and compare them. This is what you would have to do to know if you were being MITMed with a "real" certificate.


There's also Convergence, in which multiple independent notaries vouch for a certificate's authenticity. Here's a good summary - http://security.stackexchange.com/questions/5967/convergence...

That's a nice enough idea, but how do I know I'm looking at the real grc.com? They use an SSL certificate from a US CA too.

If you ever listen to Security Now, you'll know that Steve has real issues personally with the scammy SSL system. Hongkong Post is always used as the example, but check your root cert list sometime. You'll see all sorts of entities that your browser implicitly trusts and you will have absolutely no idea who they are.

Here's a current list of Moz's http://www.mozilla.org/projects/security/certs/included/

This is the implicit weakness of the SSL system. The question is always "how do I know I can trust those people?"

Relevant, "Reflections on Trusting Trust": http://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thomps...

You don't, really. You would need to download the details for services you care about now, and hope they're not already compromised, and compare offline at a later date when you fear they might be.

Certificate pinning can help with this some.

JA: there was this fantastic video that came out of Stanford in about '69 on nuclear synthesis of DNA. Have you seen it? It's on youtube. It's great. A wonderful thing. So it is explaining nuclear synthesis through interpretive dance.

Here it is: http://www.youtube.com/watch?v=u9dhO0iCLww Skip to 3:30 and, um take something to get in the mood of the era...

I wonder if one could automate a process to find articles that has been removed (censured) from news papers, but which still exist in libraries.

Is there any project which digital store some index of news articles outside the control the publishing newspaper? Maybe Google could give such index (and only index), so as to enable investigating reports and citizens to notice when articles get pulled.

This is incredibly fascinating. If you are trying to figure out whether this is worth a read or not, I don't think you'll be disappointed spending an hour or two following along through the interview. For those of you that are tight on time, here are some heavily paraphrased notes I've been taking, referencing some of the more thought provoking parts of the interview. (And I'm only half way through! I'll need to finish reading this tomorrow):

- We should create human readable (memorable) hashes to map names to specific data, so people can trust the documents they have are not tampered with and so that such documents can't be removed from the public record. Sort of an immutable DNS system for data built on hashes. Readability is important so the keys can be transmitted independently of computer networks. Bitcoins may be a good reference technology for this. (See: "So this Bitcoin replacement" and passages leading up to that)

- We need secure, robust communication systems for medium sized groups of people (think revolutionaries) that don't need to rely on centralized (government owned) networks. Possibly use UDP to message someone (since without ACKs you can send to many hosts, and a listening host looks the same to the network as an unrelated host). More ideas about this in passage: "Right, so you send it to random internet hosts"

- The internet lets one hear their own beliefs echoed back with such force that it drowns out any other input. It reinforces (makes extreme?) the person's original thought. This creates a "radicalization of internet educated youth," makes us highly political.

- The US doesn't need to care as much about free speech since free speech won't change the fiscal outlook of those at the top (US is in a "rigid fiscalized structure"). China and Egypt are a more political society though, so they still need to control free speech. (See passage:"I am not going to say governments")

- "censorship is always cause for celebration. It is always an opportunity, because it reveals fear of reform. It means that the power position is so weak that you have got to care about what people think."

- Censorers don't care what information exists in darknets. They only care that their bosses don't find out about the darknets. (See: "Even the censors in China" passage)

- There is a second type of censorship beyond overt government censorship: "Censorship through complexity." Harkens back to the earlier discussion in the interview about the 'self-censorship' pyramid for journalists.

- Journalists should give all of their source data, not just choice quotes, so that people can make up their own minds. (See: "scientific journalism")

- "Most wars in the 20th century have started as a result of lies. Amplified and spread by the mainstream press. And you go, well that is a horrible circumstance, that is terrible that all these wars start with lies. And I say no, this is a tremendous opportunity, because it means that populations basically don't like wars and they have to be lied into it. And that means we can be truthed into peace."

"We need secure, robust communication systems for medium sized groups of people (think revolutionaries) that don't need to rely on centralized (government owned) networks. Possibly use UDP to message someone (since without ACKs you can send to many hosts, and a listening host looks the same to the network as an unrelated host). More ideas about this in passage: "Right, so you send it to random internet hosts"

This is why sender spoofing should also be considered a feature and not a flaw.

And, since there seems to be interest in these notes, here are my paraphrased notes from the second half on the interview (once again, only including the parts I found especially thought-provoking):

- Systematic crime/injustice requires a paper trail. The threat of making documents public disrupts that paper trail, which causes mass ineficiency in an organization. ES: "So it's exactly your point, so that in order to kill six million Jews, you actually have to write it down." JA: "It's a big logistical process"

- "Fundamental justification [For Wikileaks] is that, there is really two. First of all, the human civilization, its good part, is based upon our full intellectual record, and our intellectual record should be as large as possible if humanity is to be as advanced as possible. The second is that in practice releasing information is positive to those engaged in acts that the public support and negative to those engaged in acts that the public does not support." [Ok, I don't really buy this. Small groups are just as capable as large groups of harbouring secret plans that the public is opposed to. Secrecy is a double edged sword for both those in power and those outside of it.]

- If you support these ideas, you should "give money to WikiLeaks [Laughter]". But seriously.

- "Courage is not the absence of fear. Only fools have no fear. Rather courage is the intellectual mastery of fear by understanding the true risks and opportunities of the situation"

- "because we all only live once, we all suffer the continuous risk of not having lived our life well. Every year. Every year that is not used is 100% wasted, it's not a risk of that, it is a dead bet"

- Assange's response to accusations that wikileaks causes harm, is interesting. See: "Up until Collateral Murder"

- Interesting aside about the purpose of the Pentagon's posturing, see: "WikiLeaks became the status quo"

- A great story straight from Firefly, episode "Our Dear Mrs. Reynolds" See dialogue after: "The woman from Catalonia"

- Leading through values instead of through command and control allows an organization like WikiLeaks to be better protected against two types of organizational attacks: infiltration and getting members plucked off (scared away?). This creates a P2P network of people instead of a classic client/server hierarchy.

- Wikileaks does premature redactions not because there is a "risk of producing harm as a result of disclosure", but because "there is a probable risk that if we don't engage in that sort of behaviour, our opponents will opportunistically attempt to distract from the revelations that we have published." Once again goes back to "controlling the story" conversations they had earlier. Interestingly, Assange failed to control the story w.r.t. rape allegations, and that is now what he and wikileaks is known for. Resulting discussion on the slippery slope of redaction is interesting. Assange would ideally like the source of the material to provide the redactions.

- "If it is true information we don't care where it comes from. Let people fight with the truth, and when the bodies are cleared there will be bullets of truth everywhere, that's fine"

- Lisa asks "How do you know if you've won?" JA: "... [insightful comments snipped]...I think we can make some significant advances and it is perhaps, it is the making of these advances and being involved in that struggle that is good for people. So the process is in part the end game. It's not just to get somewhere in the end, rather this process of people feeling that it is worthwhile to be involved in that sort of struggle, is in fact worthwhile for people."

There's a lot to think about here. Regardless of Assange's actual character, he has some amazing ideas. I think I may have a new answer to "If you could have dinner with one person in the world..."

I agree with many of Assange's positions, but I disagree on one fundamental position: anonymity.

Anonymity is where wikileaks breaks down. All of the lies and deception Julian speaks of are possible because there is no systemic transparency or accountability in the information ecosystem. All of those lies are abstraction events in the cognitive plane of existence and require action in the physical plane to manifest any outcome.

At the end of the day, I think people must step up to the plate and say, "no, this happening, it needs to stop and I am cosigning this information with my community identity on the line." At that point, a wise community should support that person through any life interruption or transition, if the individual cannot.

The thing about living a lie is that it is extraordinarily expensive to sustain or scale because the lie must defy nature and reality. The internet news information systems make it easy to proliferate small/trivial lies in/for a short period of time, but it makes any non-trivial lies much more expensive to sustain. People need more information, more transparency and more accountability.

If you have the accountability, you won't have the "boy crying wolf" problem at scale because of the individual cost of lying.

Ironically, one such platform exists and is six months into beta, but this community hell-banned it in week one. Think about how that will look, PG, in a couple of years. I have screenshots and the record won't be going away. nwzPaper is lean and will be here, it will continue getting better as an application and stronger as a community.

The fundamental flaw with an anonymity-structuree news information system as acknowledged by Assange:

"There is many ways for people to transmit anonymously. One of the greatest difficulties for sources is their proximity to the material. So if they have high proximity to it and it's a limited number of people know it. It actually doesn't matter what technical mechanism you then apply at the top. It would be quite difficult for them to evade scrutiny. And it doesn't matter what country or regime you are in."

> We should create human readable (memorable) hashes to map names to specific data...

Can anyone elaborate on this? I don't quite get how the whole system could possibly be implemented. Also, it's been two years, are there any papers/projects related to the idea?

DNS converts something memorable to something arbitrary, but unfortunately it can be hijacked and all historical records can be removed, potentially burying the truth. What is needed is a global database that is mirrored automatically and cannot be overridden without an overwhelming consensus (ideally not at all, but a democratic barrier would be better than none), and even then the prior record should not be expunged, only overridden as in an append-only file.

Namecoin, for example, achieves this by leveraging Bitcoin's historical journal (in a separate blockchain): https://en.bitcoin.it/wiki/Namecoin

Namecoin and the system Assange is suggesting is unnecessary and highly complex, if it could be achieved and adopted to any meaningful level at all.

The obvious hammer for this nail is just a radically transparent information system with accountability for public information an individual contributes to the public record.

Search algorithms are, largely, a commodity code now. Before you argue otherwise, the complexity and proprietary nature only arises when you try to show preference to less desirable content before other content information consumers desire. Ie - advertising

Even with advertising in the mix, it is trivial for a search company to append a query score with its query results. With a transparent query score and a transparent algorithm, the community has a trustworthy third-party between the content producer and consumer.

Transparency and that includes the information source!!!

Very interesting. I'm curious about the role Eric Schmidt and Google play in this, however.

From the looks of it, Eric definitely seemed to be a supporter (especially considering how he mentioned getting in trouble for being against Patriot I and Patriot II), yet Google hasn't spoken out against CISPA. Seeing as how Assange mentioned how important funding was for the movement, I would think it'd be very easy for Google to funnel a few million dollars to Wikileaks if they truly wanted to help.

Too bad there's not more about those aspects being discussed.

The impression I got from the interview is that Eric Schidt feels there is some common ground between what Google does and what Wikileaks does. Some of his reactions seem like "that's the missing idea we needed".

That may also relate to the book they were working on, now called the "The New Digital Age" and to be released in 3 days apparently ( http://www.amazon.com/The-New-Digital-Age-Reshaping/dp/03079... ) - this interview is great marketing for the book then.

The Draw Shop has a nice summary of what's in the book - http://www.youtube.com/watch?v=39tvjOATrCA

My impression was that Eric tried (successfully), to keep Google completely out of the picture, while only talking about issues from a personal perspective. A lot of the technical challenges JA mentioned would arguably be trivial for Google to solve, or attempt to solve (creating a name-hash network tree architecture like the one JA mentioned he'd liked to have seen become popular).

The problem I think is two-fold: 1. Google aligning with Wikileaks/JA will be seen as a political landmine for Google, since Wikileaks' agenda is very much at odds with many governments. This would obviously be something Google will have little interest in pursuing.

2. It's not in Google's best interest to propagate anonymity (as of now). Google's core revenue model derives from its ability to track people on the Internet. Making it easier for them to don anonymity will undermine and possibly destroy this model.

Whether Google's/Eric Schmidt's ultimate goals are good or evil is anybody's guess, and I don't think I gained any new insights into it based on this interview. It does appear that Eric/Google do have an interest in seeing freer access to information, as evidenced by them pushing for faster Internet, more secure/private browsing (https, 2-factor authentication, fighting official requests for access to user accounts [2]), access to the Internet in North Korea, etc. The more people are on the Internet, and the more they browse, the greater Google's revenues.

Google's upper management have also allegedly (and secretly) played a part in the Arab springs, which I would hazard a guess was a altruistic move, rather than a purely political one, but that's speculation [1].

Oh, and BTW, the timing of this 'leak' a few days before Eric Schmidt's book is highly suspect, no? :)

[1]: http://thepassionateattachment.com/2012/03/23/stratforleaks-... (sorry this is not the best source, but Googling around will get you the actual Wikileaks cables and analysis)

[2]: http://www.theinquirer.net/inquirer/news/2259557/google-figh...

Edit: formatting

After reading the interview, I have zero interest in reading any book from Eric Schmidt, but I am thoroughly fascinated by what Assange has to say. This interview is probably going to be much more insightful than any book Schmidt will write.

why would Google as an organization want to funnel money into WikiLeaks?

For starters, they have the SolveForX project going.

Pretty good summary by the Verge, but definitely worth reading the whole thing: http://www.theverge.com/2013/4/19/4241486/eric-schmidt-and-j...

[LS spills water all over her note taking laptop]

[JA quickly grabs her laptop and turns it upside down]

JC: Ha ha ha! Why do I feel that has happened before?

LS: Did you see how fast he was? It was like an impulse.

Great discussion in there about Bitcoin, Namecoin, alternative CA system, anonymity, censorship, etc.

Well now I'm looking forward to the book.

I greatly appreciate Julian Assange's views, even if his approach runs afoul of the law.

I don't believe Julian Assange's approach to Wikileaks-related issues has put him on the wrong side of the law. He is charged with rape, not with publishing what people sent him, AFAIK.

He wasn't charged with anything.


"Assange has not yet been formally charged with any offence.[62] The prosecutor said that, in accordance with the Swedish legal system, formal charges will be laid only after extradition and a second round of questioning. Observers note however that Assange has not yet been interviewed about several of the allegations,[63] including the most serious, and that Swedish law allows interviews to be conducted abroad under Mutual Legal Assistance provisions.[64]"

So he is stuck in Trial? http://en.wikipedia.org/wiki/The_Trial

Perhaps not quite as extreme as Kafka's vision, but some parts of the case does seem about as ridiculous. (anyone who haven't read The Trial should, Kafka is fairly accessible)

It's more like he's a fugitive.

Usually fugitives are at least charged with a crime...

He'd have to show up to be charged.

When fighting the institutions that write these charges, you are implicitly a target. Wouldn't be the first time someone was put in jail for the wrong crime. (I'm not convinced he's innocent but I have no problem believing the charges are made up)

Which is why "not being in accordance with the law" makes little sense in such cases, as the laws can be abused if the government really wants someone (i.e. Aaron Swartz & CFAA).

What has he done that is illegal?

Does it matter? When your adversaries make the laws, it is not meaningful to debate legalities.

Instead, ask, what has he done that is unjust?

[Sorry, I accidentally downvoted you when I meant to hit reply.]

This is an awesome quote

Which has the - entirely intentional - side-effect of making you out to be a martyr, whether or not you are deserving of such title.

We don't know. That's kind of why they want to have a trial and stuff.

On "putting people at risk":


So if we look at the attacks on us, they always talk about the words "placed people at risk." But risk relative to what? Is it a proportionate risk? Is it a risk that is significant enough that it is even worth speaking about?

So these rhetorical tricks are often used by people who are making their argument in relation to security. What has to be done is people need to engage in an intellectual defense against manipulation by rhetoric by understanding that if someone mentions that there is a risk without saying the risk is higher than crossing the road, or the risk is twice that of being stung by a bee, then you must ignore it. Similarly with possibility versus probability.


Definitely worth a read. Its like reading a wonderful short story that just works on so many levels. It has many layers - interesting ideas on technology, free-speech, values & idealism, information flow, bitcoin - plus the personalities involved themselves (JA, ES). Fascinating indeed.

In particular, I am intrigued by JA's thoughts on a peer-to-peer mobile network. For those who understand this well, can you explain how feasible it is to do this today? What are the challenges involved? Why isn't a startup doing this? It would be nice to one day, bypass the telecom company towers to transmit data directly to another person/phone.

> Why isn't a startup doing this?

There is no financial incentive. A recurring theme throughout the interview.

Eric Schmidt is not google ceo, he is google chairman

I was about to reply that when this meeting took place in 2011 Schmidt was still CEO. But in fact you're right, he was not: he'd stepped down a couple of months previously.

There are some interesting comments in here, namely:

"So, on the one hand we have live dynamic services and organizations... well there's three things. Live dynamic services. Organizations that run those services, so that you are referring to a hierarchy. You are referring to a system of control. An organization, a government, that represents an organized evolving group. And on the other hand you have artefacts. You have human intellectual artefacts that have the ability to be completely independent from any system of human control. They are out there in the Platonic realm somehow. And shouldn't in fact be referred to by an organization. They should be referred to in a way that is intrinsic to the intellectual content, that arises out of the intellectual content! I think that is an inevitable and very important way forward, and where this... where I saw that this was a problem was dealing with a man by the name of Nahdmi Auchi. A few years ago was listed by one of the big business magazines in the UK as the fifth richest man in the UK. In 1980 left Iraq. He'd grown rich under Saddam Hussein's oil industry. And is alleged by the Italian press to be involved in a load of arms trading there, he has over two hundred companies run out of his Luxembourg holding unit. And several that we discovered in Panama. He had infiltrated the British Labour political establishment to the degree that the 20th business birthday in London he was given a painting signed by 146 members Commons including Tony Blair. He's the same guy who was the principal financier of Tony Rezko. Tony Rezko was the financier and fundraiser of Rod Blagoyevich, from Chicago. Convicted of corruption. Tony Rezko has been convicted of corruption. And Barack Obama. He was the intermediary who helped Barack Obama buy one of his houses and then the money not directly for the house but it bouyed up Tony Rezko's finances came from that... [indistinct]. So during the - this is detail, but it will get to a point. During the 2008 presidential primaries a lot of attention was turned to Barack Obama by the US press, unsurprisingly. And so it started to look into his fundraisers, and discovered Tony Rezko, and then they just started to turn their eyes towards Nadhmi Auchi. Auchi then hired Carter Ruck, a rather notorious firm of London libel solicitors, whose founder, Carter Ruck, has been described as doing for freedom of speech what the Boston strangler did for door to door salesmen.

And he started writing letters to all of the London papers who had records of his 2003 extradition to France and conviction for corruption in France over the Elf-Acquitaine scandal. Where he had been involved in taking kickbacks on selling the invaded Kuwaiti governments' oil refineries in order to fund their operations while Iraq had occupied it. So the Guardian pulled three articles from 2003. So they were five years old. They had been in the Guardian's archive for 5 years. Without saying anything. If you go to those URLs you will not see "removed due to legal threats." You will see "page not found." And one from the Telegraph. And a bunch from some American publications. And bloggers, and so on. Important bits of history, recent history, that were relevant to an ongoing presidential campaign in the United States were pulled out of the intellectal record. They were also pulled out of the Guardian's index of articles. So why? The Guardian's published in print, and you can go to the library and look up those articles. They are still there in the library. How would you know that they were there in the library? To look up, because they are not there in the Guardian's index. Not only have they ceased to exist, they have ceased to have ever existed. Which is the modern implementation of Orwell's dictum that he controls the present controls the past and he who controls the past controls the future. Because the past is stored physically in the present. All records of the past. This issue of preserving politically salient intellectual content while it is under attack is central to what WikiLeaks does -- because that is what we are after! We are after those bits that people are trying to suppress, because we suspect, usually rightly, that they're expending economic work on suppressing those bits because they perceive that they are going to induce some change."

Is there a recording of the talk? I would much prefer that to the transcript.

How odd. I usually find myself thinking exactly the opposite when someone posts a video or audio clip.

I wish I had time to read but I don't. I listen to everything I can though; books news etc. while commuting and working.

I wish I had the time to watch and listen to things but I don't. I skim read everything I can though; books, news etc. It's much quicker for me than listening watching!

I can't get over the Fiji comment. I'm from there you see and I'd never heard of this particular theory regarding the CIA.

SC: This is a fantastic tree. It keeps us totally dry.



Ugh, is Eric Schmidt really that non-technical that he can't remember the right name for TOR?

I mean I don't expect him to write code or know the implementation details of TCP/IP but as Google CEO he should at least know a little about the field his company is playing in and the right names for the more important technologies.

Or is this some kind of practical joke I don't get?

Eric Schmidt has a Ph.D. in Computer Science, wrote Lex [1], and just spent 10 years running one of the most important software companies in the world, while generally retaining the respect of the thousands of engineers in his company. His credentials are as close to unimpeachable as, say, PG's.

Tech is massive, multifarious, and constantly growing. It's easy to believe one's parochial corner is the center. Tor, it's safe to say, is not the center.

[1]: http://en.wikipedia.org/wiki/Lex_(software)

Well, Ok, I didn't know that. Thanks for clarifying that for me.

So I guess it really was a practical joke I didn't get.

Also, "Tor" is the Scandinavian spelling of Thor. He probably thought of that when he saw the name, and mentally hashed it as "that anonymous routing software that's named for the Germanic god of thunder". I can imagine making that mistake.

Still surprised that he did not Tor though.. maybe over expectations ?

Tor is 'Tor' and not 'TOR'.


> In fact, we can usually spot people who haven't read any of our website (and have instead learned everything they know about Tor from news articles) by the fact that they spell it wrong.

Accuracy is important when you're complaining about the failures of other people.

I wouldn't be surprised if Eric Schmidt has forgotten more about the implementation details of TCP/IP than most of us have ever known. Keep in mind, he ran software development at Sun, which means he was in charge of one of the major teams of Unix developers in the pre-Linux days, while TCP/IP was growing in importance.

Give the guy a break.

Why? Because expecting a tech CEO to know about tech is unreasonable?

And he probably knows detailed stuff about things you have no idea about.

The guy has been an (excellent?) engineer, then a CTO and later on a CEO of a major multinational corporation. And AFAIK, he did each of his jobs vastly better than the norm.

Who are you with your pretentiousness?

Edit: With your original post you clearly displayed your ignorance in the open, the ignorance of not even being bothered to check the background of the person you are attacking for their background.

Am I ignorant of tech, because I barely know anything about electronics and bitcoin?

> Am I ignorant of tech, because I barely know anything about electronics and bitcoin?

If you want to write a book about it then yes.

> Who are you with your pretentiousness?

Also please let's keep the discussion polite and non-personal.

Your willingness to talk about stuff you have no idea about is astounding.

If I want to write a book, I needn't have any competence in the domain. Often, indeed most of the time books about societal topics start with the author having little to no knowledge about the specifics. And the biggest part of writing a book is doing research about the domain. And this transcript is exactly that. Research.

And I believe that this book is going to be about society and people, not a technical manual.

And even if it were. Quality of the book is never judged, by the amount of knowledge the author had about the domain at the start of the process. What matters is the quality of knowledge within the book.

And even that quality is pretty much relative to the knowledge of the intended audience. I am pretty sceptical that either you or Julian Assange are the prime audience.

Also having a clueless author at the start of the process about a specific domain gives room for interesting observations and conclusions down the road.

Edit: Calling you out on your pretentiousness is hardly personal. I am merely observing a fact. Maybe it is redundant as I am certain that other readers are aware of it on their own.

> Your willingness to talk about stuff you have no idea about is astounding.

Sorry, you're a little bit too aggressive for me. Please excuse me as I won't reply to your posts anymore.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact