[00:00:00] Katherine: Hey everyone. Welcome back to Reality 2.0. I'm Katherine Druckman, and Doc Searls and I are talking again to Kyle Rankin because we love talking to Kyle Rankin. And we have, we have a few things to plug, which we will get to, Related to Kyle and other things, frankly, but I also wanted to remind everybody to Yeah, exactly.

To, uh, to check out our website at reality2cast.com, where you can find all of our links and, and sign up for newsletters that someday we'll send out and all of those things. But, uh, yeah, so today we're talking, we're gonna talk a little bit about cryptography because. , we're security nerds here and we like to talk about that and we're gonna talk about content and authentic authenticity and AI and a lot of really good stuff.

But before we get into that, I wanted to plug something real quick. Um, if you'd like listening to us here, you might like li listening to my new podcast that I do in my work life. It is called Open at Intel, and you can find it on any podcast player and if you're interested in security, you might be into it.

So please check that out. The other thing I wanted to plug, Not to put Kyle on the spot, but Kyle just published a book that we, uh, talked about in our last podcast episode and it's now available. I'll have a to that in this episode as well. I included in the previous, but in case you didn't see it, it's gonna be there, it is called, remind me the exact title, Kyle.

[00:01:20] Kyle Rankin: The exact title is the Best of Hack and slash Linux Admin Crash course.

[00:01:24] Katherine: definitely go buy one of those please. Uh, because it's good. , my

[00:01:30] Kyle Rankin: Well, and, and listen to the and listen to the previous podcast if you haven't, because it goes into like the process behind it. Not just the thought about the book, but what it means to, to go through a process of publishing something yourself too.

[00:01:42] Katherine: I ordered the premium hardcover edition so that I can get Kyle to sign it next time I see him. So

it's

gonna go have a position of, uh, honor on my bookshelf. So, um, with that in mind, so I'll tell you how this, this conversation started. Doc as usual reads a lot of cool stuff and sends us cool links.

So I will pass

[00:02:02] Doc Searls: Yeah, and, and I scan a lot more and I'm, I'm guilty of. Reading too many things in a shallow way. This is one of the ones where I've read it, but there's a lot of stuff I don't know that's in it that you guys will know better. Like

[00:02:15] Katherine: that's why we're how we're

talk through 

[00:02:16] Doc Searls: why we're

gonna 

[00:02:17] Katherine: that's why we invite Kyle . 

[00:02:19] Doc Searls: Yeah 

[00:02:19] Katherine: Cause we

[00:02:20] Doc Searls: We, we, we, we bring in our

[00:02:22] Katherine: know what he's

[00:02:22] Doc Searls: like, like the, uh,

Yeah. like

in Dune.

He's our minta.

[00:02:26] Katherine: So, so the premise of this, this link, which I hope you'll check out and is linked in the notes, um, is that, ai, large language models are gonna create a lot of crap content.

Basically a lot of junk content. There's no way to really authenticate it and, and it will fundamentally change probably the world. But for today's purposes, the internet and, and web content as we know it, and the proposal is that signing things much like you do with. Software and other things, um, we'll fix it.

And we have a lot of varying opinions and we're gonna talk through that. But really quickly, I thought it would be a, a good place to start would be to kind of go of an overview over what, what is public key crypto cryptography? When do we sign things? When do we not sign things? What, how, how do we use this right now today?

[00:03:20] Kyle Rankin: maybe even before talking, like just briefly before I talk about that, it's probably worth saying that like, because we're talking about that specifically, because this, uh, public key cryptography and in particular hashing and signing things is being proposed as a way. to authenticate, um, and, uh, the, the providence of someone, something that you create on the internet, I guess.

And so probably, so let's back up and talk a bit about why we use public key cryptography today and what, what it the point is. uh, In particular when we're talking about signing and it's, it's essentially a digital form of what you do. you get a when. Back in the olden days when you would get a check and you would actually put your signature, your physical, with a pen, uh, signature on a check, and the idea there was that you and only you, Have this unique way of signing your name, um, or it's at least unique enough.

It's actually bio. enough, it's biometric authentication. But you're saying, I, um, sign in a unique way that it's really hard to duplicate. And if you see a check with this signature that looks this way, to have been the one that signed it. All right, so that's the idea behind signatures. Now, the digital form of that You use public key cryptography?

So I have, um, a private key that only I have, I don't share with anyone else, and I have a public key that I can and do share with the whole world. And it's not a secret. My public key is not a secret. My private key is a secret. So, if I have some sort of content, say it's a block of code that I've written, say it's an email that I've sent or something else, I can sign it with my private key.

And then, uh, share the thing, whatever it is, along with a signature and someone else can take that thing and that signature. and use my public key to see whether or not with access to my private key did create the signature. Now, what does that, what, so say you do all of those steps, uh, what does that prove?

Uh, it proves that I someone with access to the private key, ideally the person that you think it's supposed to be, took whatever the document was or whatever the code block was or had access to it. and put their seal of approval, put their signature on it, saying this is something that I have, and when I sent it to you along the way, it hasn't been modified.

Um, so, and that's the important part. When you're signing something digitally, the, the critical piece that you're trying to prove is, um, I'm vouching for the contents of this thing, and it hasn't been changed. It hasn't been tampered with or modified in any way from when I sent it to when you received it.

So an email, this is useful if you want to make sure that someone in between the, um, handoff of email from your email server to someone in between. No one's modified it. This is important in code signing you want to have some way to say, okay, this particular developer made this particular change and they signed it to say that yes, this is the change I made.

Um, and that someone else along the way can't change that code, uh, patch, whatever it was. Uh, without the signature braking. So it's been unmodified from the point that it left the, the, um, developer's computer, to where it goes into a software repository. You can trace those things. Now, there are things it doesn't do.

So for instance, you can take an email that I sent, the contents out, and then, um, remove my signature and sign the same exact email with your signature. and send it to someone. It's sort of like taking, you can take a check and you can sign it with your name. Um, and what that proves is that you, uh, your signature that you have approved whatever the message is or that this, it was under your control in some way.

So that's sort of, that's important to keep track of because it's not, can't necessarily strictly use sig code signing and sig or signatures for, um, For copyright in a certain way. You know, like for example, we have something doesn't mean that someone else can't copy the same exact thing and then sign it themselves and say that they said it first. That's, that's why we have copyright laws. And you create something and you say, this particular piece of code is copyrighted under this license, whatever it is. It's a free software license, an open source license or something else, proprietary license, and it was copywritten on this date. And then if someone else, if you find that code somewhere else, Whether you've like having a, a signature on that code doesn't necessarily prove anything other than that, that the person who owns that, um, private key for the signature blessed it in some way.

They've said, I have access to this and I've put my signature on it, and it hasn't been changed, but it doesn't prove that they were the first person to write that piece of code, right? I mean, ultimately, , you would have to trace back when, what, when was the code first uploaded to the internet? If it was, I mean it could be a matter of the courts, for instance, or if the code is similar but not identical, then the question is who was first to write the code?

I mean, we even go back before the internet talking about who was the first to invent radio, or who was the first to invent certain things when you had things being invented at similar times across the world. You know who did it first? 

[00:08:54] Katherine: So there, there are, I guess, two major applications that we're talking about are. Attribution for, you know, in terms of like copyright law, when you, you want royalties, let's say, right? Conceptually, um, you want credit in some way, and then there the other is security, right? So trust.

[00:09:12] Kyle Rankin: Oh, I, I should have.

[00:09:13] Katherine: Right.

[00:09:15] Kyle Rankin: I realized I didn't mention, mention the most important application, which even this, this article we're gonna refer to uses as to talk about public e cryptography, which is, um, uh, tls or you know, like the signing that you see when you visit a website. And there's a lock icon essentially, and that uses public e cryptography as well.

In that case, what happens is you have, uh, the website owner, has a private key in the form of a certificate. Or like a private, they have a private key, not a certificate. They have a private key and then there's a public key takes the form of a certificate. And when you visit their website, the web browser, uh, their web server sends your web browser a certificate.

and that certificate, uh, is the public key counterpart to their private key, but it has been signed by a certificate authority. Um, that, and that signature is one that the browser trusts. So when you visit a website, you go to the website, you see that that lock, and what that's saying is someone that the browser trust, some certificate authority somewhere that's following certain regulations, has given their stamp of approval on the contents of that.

Public key, and they're saying this public key, I has not been modified to state, say that it's owned by somebody else, and it's tied specifically inside that public key is the domain or domains that it's valid for. what that's saying is, and Id, the idea is that the certificate authority has gone through some level of vetting to prove that the owner of the domain, is that they gave the certificate to the owner of the domain.

So they've done some sort of vetting with Lets Encrypt. There's various ways they do it, and there's other ways that other cas do it. And what that's saying is when I visit that website, I'm getting proof I'm visiting the correct website. You know, dub dub dot, Kyle rank.in, or whatever. and not some imposter site that has a different domain.

Uh, with, so that's the whole point of that is it's, it's authenticating, it's, it's proving that you're visiting the right website or that the website you're visiting the owner, the, that the domain, um, is under the contr is under, you're going to the right domain, I guess is the right way to say it.

[00:11:32] Katherine: So going back to the, the idea of content, then, I guess the question is, well, how do you see this applying? potentially to content. Like how, how would that even work? Let, let's say we assume it's a good, good idea. How does this work?

[00:11:52] Kyle Rankin: mean, my understanding of the article is that it's, um, It really read a lot like, uh, what everyone 3.0 are touting, which is, if you want that, the solution to the internet is to put it on a blockchain, um, and sign everything.

[00:12:13] Katherine: Right,

[00:12:14] Kyle Rankin: But in addition, so ev basically every piece of content that you would share on the internet needs to be on a blockchain with some sort of providence tied to you as an individual.

So you can say, I, I published this social media post it's cryptographically proven that it's me. Now here's the, the, the thing is already have that. It's just not, it's not, um, Mathematically proven, I suppose, like it's, doesn't ha it's not backed by who owns the private keys, but you could argue from a security standpoint it's backed by something similar, I guess, which is if I post something on my social media, you know, it's me because whoever posted it has to have access to my login credentials, right?

Um, so you can, so you know that if I post something on my website, That it's from me because I own the domain. If I post something on my social media account, you know it's from me, um, and not from someone else pretending to be me because I have access to my login credentials and, uh, you know, something's from me on a blockchain.

because it was signed with a private key that I'm supposed to only control. It's all the same. Uh, and each of those cases, an attacker could compromise my account, could control my website, could steal my private blockchain keys, um, and impersonate me. You know, so the threat is the same across all of those things.

It's just the degree to which think each of the protections of being an imposter are sound in each of those cases.

[00:13:43] Doc Searls: Let me jump in here for a minute and say that, uh, so we know clearly what we're talking about, what got us going on. This is, uh, uh, an article written by Gordon Brander, actually, it's, uh, from his newsletter called Subconscious, the headline is LLMs, that's large language models, break the internet and signing everything, fixes it, and Sinus, which, what?

Uh, What, um, what, uh, uh, Kyle is talking about. An interesting thing about this is that we've been talking about this in the identity for a long time, and, um, talking about authentication basically in, in a sort of general sense and, a cryptographic approach to it has been on the ascent for time.

His, his basic thesis is that you just, we, we need to get rid of what's false on the internet and there's no way to know what's what's real. And a question me. And I, I dunno if you addressed this or not yet, Kyle, as I've been listening, I'm sure it's there yet. Um, is, is signing everything gonna do it or not?

I mean, it's like, obviously it's something we need, it's something we're already using everywhere. . Um, is that what's actually needed? Is that just, does that just completely obviate the problem, or does it, is it one point solution that's gonna help in some ways?

[00:15:04] Kyle Rankin: So to, to me, if the problem is that you could have some sort of AI that scrapes content and then publishes content that is, uh, your content without your attribution, I don't know that that. it because anyone can take content and then sign it as themselves and say that they said it first. And you just simply have to have, you would have to have, suppose, if every single thing on the internet had to be signed.

date stamped, then you would just have the rule, sort of like with the patent office, whoever, whoever got the patent filed first wins. if someone tries to file a patent after someone has got a patent accepted, then that one clearly the idea was later, even if, regardless of whether the person actually thought of the idea first.

Right? And so it would be similar here. Whoever posts first to the blockchain wins. Whatever the content is, and anyone else who didn't get there first, um, would be, it would be suspicious. Like they, they scraped the content from the first person then, and then said it was theirs.

[00:16:08] Doc Searls: so. Go ahead, Catherine,

[00:16:10] Katherine: I'm just saying, but, but what I, I, you know, I, I see the argument for, you know, attesting to, originality or, or something like that, or, or, or other applications, but I, I just don't see necessarily how signing anything. verify as accuracy or. Real authenticity.

[00:16:33] Doc Searls: or 

[00:16:34] Katherine: It.

drawing

those parallels.

I'm not sure. I, it seems to be a leap. I, I appreciate a lot of the arguments in this article, especially the, the castle mote analogy, right? The web is, is very much a centralized feudal system and, and each of us needs to bring back control over what we trust and, and how we trust and all of those things, and I appreciate that.

But what I'm, I'm not getting is how we make the leap from signing. To reality.

[00:17:03] Doc Searls: Well.

[00:17:03] Kyle Rankin: Yeah, I mean to, to me what signing does there is, it's what here, lemme talk about what this could protect against. right. This could protect against, um, for example, if we signed the contents of this podcast. . All right. the entire contents start to finish. signed with signatures that show that we all bless this as saying, these were our words.

These were the things that we said. Then if someone took AI with, you know, and spoofed and used these models to spoof our voices and have us say things that we didn't say.

[00:17:42] Katherine: Yeah.

[00:17:43] Kyle Rankin: And then publish those. 

[00:17:44] Katherine: can 

[00:17:45] Kyle Rankin: We could then say, yeah, we didn't sign that. We didn't sign off on that. Those were not our words. Here's our words, and we have vouched for these words only.

So signing, signing in that case is useful if you are concerned about someone twisting your words or, or attributing something to you that's not from you. but only to a degree. That's only useful if literally sign everything that you say, right? Because then there could be made an argument. Cuz what you're saying is, I didn't say that.

And then someone has to say, well, prove it. And if it's not, if the thing that is, that they're saying that you said is signed by you, then you did say right.

[00:18:24] Katherine: the

we can prove it came from me. We can prove it came from us. Um, We

[00:18:30] Kyle Rankin: there's something that's unsigned though, we can't prove that I, yeah. Well, I mean, the thing is, if, if, someone has a quote from me or a post for me that, or some statement that they said that I said, is unsigned, I can't prove I didn't say it. How's that? I, I can prove that I, could always make the argument, you can make the argument, Kyle said this, he just didn't sign it because it was secret or it was something that he didn't wanna, he didn't want to get out there.

Whatever it is, right? There's all these different reasons, but the lack of a signature doesn't mean I didn't say it. Um, , it just means that I didn't, I didn't, uh, put my signature on it. I didn't sign that statement. Uh, I didn't make it legitimate, but it could be an illegitimate statement I said.

[00:19:17] Katherine: I think, I think my issue is, I'm making a few logical leaps here that aren't, that don't necessarily, that are not necessarily, um, Maybe they're not relevant, but where my mind goes with the initial problem, the initial statement of the problem, which is that large language models are creating a lot of, you know, potential problems, right?

Problematic content is that where, where I go with this is a large language model is no different from a hu a human. And that it, it can create a lot of humans, can also create a lot of garbage content and also build trust. You know what I mean? So it's, I don't know that it, I, I don't know that we solve the problem of, say, disinformation or any of that by, by a testable content, I guess is where I'm going with this.

[00:20:03] Kyle Rankin: Well, and, and my point would be we already have mechanisms in place, that we already use to do, to accomplish this. Uh, the difference is that it's not always backed by strong cryptography. Um, but like I said, right now, if you want to, if you want proof that I. Said something on social media. Then you look at my social media account, and the assumption is, as long as I have control over that account, the words that come from that account are from me or someone with access.

Right. if someone has a, a sock puppet social media account and they say, know, it's, Kyle, they, they say things that I wouldn't say, then you can say, well, yeah, but that's not him. You can see it's not the official account. And that's what signatures are doing. They're just backed by strong cryptography.

but it's the same, it's the same effect. It just depends on how, how, what strength you need, uh, to back that assertion that it's me.

[00:21:01] Doc Searls: So I, I, I wanna be fair to the author here, um, it, it isn't, I mean, he says solves the, solves the issue. But he also says, you know, you still need to prove humanity. He suggests, uh, Zero knowledge proof for that, which is another kind of, uh, sibling idea of, um, of, of, uh, e cryptography.

Um, attestation, but they also have a protocol that they're working on or he's working on appears to be an I P F S thing. A noosphere, a protocol for thought. And I, I'm wondering if you guys looked at that. Um, also

[00:21:46] Katherine: Oh yeah, I

[00:21:47] Doc Searls: at, at, um, that's, it's at GitHub and it's a happening thing. Um, but also at, um, at biometrics, I mean at IW last week, uh, There.

of the cases being made there by some people was, well, you still have to have biometrics at the beginning of it. That's what makes us human. Whether it's your iris or your fingerprint, or your voiceprint or your gait or some other, other way that you can say that you're human. Um, That has to be in there somewhere.

And then one of the patches for that is that you have a trusted agent and everything you do on the net is carried on through an agent because you do lots of things on the internet and you can't do 'em all. You can't manage 'em all yourself. You actually have to have an agent of some kind. That's actually, uh, Adrian Gruper's case.

Adrian's been on the, on the show before, I think. Um, so I dunno if you'll looked at those other things as sort of context around which the signing might take place.

[00:22:47] Kyle Rankin: Yeah. To me, to me, my understanding, like when I read that, I didn't look into that particular like api, that particular like Noosphere. , um, the details of it. Uh, but reading through the, the Post, to me it sounded a lot like a lot of the proposals being made for Web 3.0 in general, which is the solution, like I said, is to, that if, if all content goes through this new mechanism, um, and then therefore all content on the internet now has to be signed and it has to be signed with a key that links to some sort of account, then you can establish, you can most certainly establish Providence of.

A particular post because you can say, this showed up first on this blockchain at this date, signed by this person, therefore it's theirs. at least as long, as long as you're within that ecosystem, then you can solve the issue of someone saying that you said something you didn't say. Uh, it, it certainly solves that sort of thing.

If that's the problem you're trying to solve, then yes, this solves that. However, it means that you now need to. Move everyone to this environment, you know, so you have to move everyone to this single, you know, whether you wanna say it's decentralized or not. Um, everyone still has to use this new internet, as it were, to, to achieve that.

If you want to, at least, if the goal is to have everything, be everything, be signed, and be provable that you said it versus you didn't say it.

[00:24:14] Katherine: I, I also wonder, and then this is mentioned in the article too, the idea of scaling. So when I, when I read these things, I, I think, oh, well, you know, this approach sounds. actually quite interesting for certain applications, right? In certain contexts, like, but in particular small scale, like you say, if, you know, if everybody's part of the same ecosystem.

But, but in just really practical end user terms, I think well, okay. Yes. I would love, I, I like the idea of for, for certain types of content, being able to, assign it to a, a, a a point in my web of trust. I, I trust this network, this network of. 200 identifiable entities, whether they are human or not. Um, and, and, uh, but I wonder how it scales beyond that to be even, to be useful.

Not, not even, not even in terms of solving an authenticity problem. I just, I, I, I don't, yeah. Anyway, the scaling is the question that, that, that I wonder the most about. Like how does this kind of idea scale to the web?

[00:25:22] Doc Searls: You know, everybody wants, not everybody, but lot of the proposals, this is one of them in indirectly and probably without Meaning too, although Web Three implies it, um, wanna create another internet, we're gonna do the internet where you can trust everything or we're gonna do the internet. That re, that requires a platform.

There's another one I'm looking at, actually, I've been asked to mark on it. I won't tell you about it because it was, it's confidential, but basically it. , it basically poses that there needs to be a, a, a grand central intermediary for everything. Um, and that's a whole new thing, but it's the only way we'll trust it, is we have this Grand central thing in the middle.

Um, I, I'm, and I, I, I sort of feel like the internet is too much, sort of like it's gravity, it's there, we're not gonna be able to change it. It's, you could do all kinds of things on top of it. We're not gonna replace it That's whenever, and whenever anybody says that breaks the internet, I don't think anything breaks the internet.

I, I think the internet itself is just gonna always be there. Um, but, and we we're gonna have to create some new norms that will sort of catch on whatever they are. And we don't know what they are yet. We're just gonna through. Somebody's gonna make something. Maybe it's this guy, maybe it's the Noosphere protocol.

Um, they're building it on ipfs. I think has been around for. A fair amount of time right now, it's got some venture money behind it. Um, uh, will that and some things are being built with it. It's cool. Um, but does this solve everything? think anything solves everything. The web didn't solve everything,

[00:27:02] Katherine: Well, we, we can have steps down the way though. And then, and then if we hit a dead end, we then we know that, you know, we need to transition to the next path. But I also, so this is kind of funny, but. , and I don't know if I really wanna admit this, but my first initial reaction to this, my sort of gut superficial reaction to reading this was, but I think if, if every piece of content on the internet were signed, I would never post again.

That was my first reaction. If something could be permanently linked to my identity, I don't think I'd ever post. I don't, I don't know. It's, uh, I don't know what that means, but that was my, that was where my mind went first and then I thought through it. 

[00:27:45] Kyle Rankin: It 

means you used the internet, you know, in the olden days before everything was every, well, already everything was already tracked. And you know, before everything was tracked and everything you did was monitored and, and stored in a, in a big database somewhere, right? I mean, that's, that's what that's saying is you're also someone that's probably paid for things with

cash 

[00:28:05] Katherine: I know how

[00:28:05] Kyle Rankin: the past,

you

know, I mean, that's the, and that's the other thing is like for, with something like this, let's again, you migrate everyone over to that, then all the content on there is, is can say, this person said this and they said it first. All right? And someone is claiming they said something else, but they didn't, because you can look at this and prove that they didn't.

Well, you can prove that they didn't on that platform. Just like if you have all of my credit card transactions, you can prove whether or not I use my credit card to pay for something. you can't prove that I, that I didn't pay for it with cash, you know? Um,

[00:28:41] Katherine: Yeah.

[00:28:42] Kyle Rankin: you can't prove that I said something off the platform.

And that's, that's the challenge with something like this. But then the solution, most people, most, like we have three, uh, proponents and other people would say is yes, but that's the thing is everyone must use my, I mean, that's, and honestly, almost every security solution I've heard people propose is whether they say something's decentralized or not.

It ends up coming down to this works as long as I can get a hundred percent of everyone to use my thing.

[00:29:07] Doc Searls: Right

I,

that's that is a key point that it works if everybody uses it. 

[00:29:13] Katherine: No 

[00:29:14] Doc Searls: the boiled,

[00:29:14] Kyle Rankin: yeah, and a lot of things work if everybody uses it,

[00:29:17] Doc Searls: ocean And I mean, I, I, knowing some of the people involved in creating the internet, I mean, I don't think anybody planned for it to be exactly what it ended up being.

You know, it, it, became an end-to-end system cuz some people had idea that end-to-end was good, but it was, did T C P I P do it? It was the only thing that would've done it. No, it was the best thing that did. It was the thing that caught on, you know, and, and it was essentially free. Um, uh, you know, ethernet succeeded because, uh, Digital and, um, Uh, Intel.

Was it Intel? Um, yeah, I think it was Intel decided together. We're just not gonna exercise the patent on this. Everybody could go ahead and use it. IBM wanted token ring to get paid, get, get paid for token ring, token ring lost, um, internet, uh, ethernet one. it's just so, it's such a, know, at, at a sort of very base level.

There's some really simple things that really work. And above that, it's all kind of improvised and, um, and so much gets ignored. I mean, this, this could sound way off topic, but it may or may not be in a sort of interplanetary way. I'm on a list which is very active about starlink and brilliant people that know so much about networking and, and latency and everything else.

We've had Dave, Dave Tat, uh, who've had on a couple times, maybe more than that, um, has talked about it and it's his list as a matter of fact. And, and I think about, okay, there are gonna be hundreds of thousands of lowers orbit satellites in the sky. The sky will be different . That is, that's a, that's a secondary, you know, that, that's a second, a second order effect.

is enormous. You know, I mean, it affects astronomy, it affects a lot of other things. I mean, it's. But with impunity, we're putting these things up there. What does that do? You know, I don't know, I'm, I'm sort of drifting off from one topic to another here, but I, I'm sort of speaking toward your, your point that, you know, if this, if we do this one thing, then it'll solve everything else, and, and, and it, and if everybody uses it, those two things, it's gonna solve everything and everybody has to use it. And I don't think the world works that way and I, and I, we all, it's important to look at what the consequences are gonna be, know, that have nothing to do with what, you know, what are the second order effects of this? I don't know. You know, I just, I just think we need to think about 'em.

[00:31:54] Katherine: I will say this, I'm, I am intrigued by some of the underlying ideas that we mentioned. We throw out No sphere and, and some other things. I, I feel like we need to have follow up episodes just, just devoted to those where we bring in some experts, but

[00:32:08] Doc Searls: Well, obviously we should bring this guy on the show. You know, maybe we haven't asked him. We just sh you know, we shared a link and we're talking about it, but we haven't had him show, which would be 

[00:32:16] Katherine: But

yeah, it, it's, I, I guess where I'm going with this is that. The sum of its parts, , the sum of the parts involved in, uh, the thinking around solving these problems to me are weirdly more interesting than the way they've been presented as a solution.

[00:32:33] Doc Searls: Yeah.

[00:32:34] Katherine: uh, so, so maybe, you know, maybe there are different ways to put these pieces together, I guess.

But, um, anyway, it, yeah, I, I just. I, I think we're all collect, like, like the entire world, the tech world. Us personally, everybody is going to be talking about how to solve these quote unquote AI problems. Like a lot. You know,

[00:32:53] Doc Searls: Yes.

[00:32:53] Katherine: on one hand, AI is doing a lot of very interesting, positive things, but on the other hand, obviously we're, um, generated content and generated images, generated voices generated.

All of that is, is, is. Something to address and, and you know, I think there's, there's going to be a ton just thrown at the wall. You know, a lot of interesting to solve this problem, but it's really hard to sift through and really sort out because these ideas are, are, they're so huge. These problems are so huge.

They're, they're, they're intimidating to me to even think about. So, um, anyway, I'm, I'm rambling a bit, but where I wanted to mention that doc and I. A while back on Floss Weekly, did an interview, um, about, is it called C two p a? It's an authentication, a provenance and authenticity initiative. I think it's backed by Adobe and some others. 

[00:33:46] Doc Searls: God that 

[00:33:46] Katherine: about authenticating photos, particularly when, when you talk about media photos. I think that in and of itself, like I find these pockets of, of very, you know, of, of brilliance where I think, oh yes, absolutely, that fits there perfectly because you can trace the provenance of a photo back to, and if you could ever be very certain about it anyway.

Uh, you know that so, so that you can. Prove that a photo was taken by a photographer at a specific location, um, and was not manipulated in, in the process. Especially if you're, you're covering very important things like, oh, I don't know, wars or something like that where you, you know, you don't want images to be manipulated for, for, uh, effect.

And I think so. So there are these, these, and I'll link to that too. I highly recommend going and checking that out. It's an, it was an, it was a great conversation and an

interesting

potential

[00:34:38] Doc Searls: I wish I remembered it.

[00:34:41] Katherine: it was great.

[00:34:43] Doc Searls: I'll take, I'll take your word for it. This is, but not remembering it exactly. Is is such a human thing too. I mean

[00:34:49] Katherine: yeah. Well, there go.

[00:34:51] Doc Searls: and

[00:34:52] Kyle Rankin: Uh, but that's the thing is the internet, especially this proposed internet wouldn't forget.

[00:34:56] Doc Searls: Yeah.

[00:34:57] Kyle Rankin: Um, and there's pros and cons, to an internet that never forgets. We already have mostly, we have in many cases an internet that from, from a certain point, doesn't forget, uh, too much. Um, and there's all kinds of implications that now people that, like people who were in their teens, uh, during the era when the internet stopped forgetting, who are now adults and, and in the workforce have started to feel the effects of, for instance, you know, all the things that you did in your

teens

[00:35:25] Katherine: Thank

God we didn't 

[00:35:27] Kyle Rankin: pro

[00:35:27] Doc Searls: Yeah.

Yeah

[00:35:28] Kyle Rankin: Yeah, I mean, that's the thing. Um, is,

[00:35:31] Katherine: or anything else.

[00:35:32] Kyle Rankin: and so there's, there's, uh, there are advantages to having an inter internet that doesn't forget and can tell you for sure who was the first person on this particular platform to ever say this thing. That's great. Um, but it also means that you can never say later on, Yeah, but I didn't like that I said that, or I changed my mind.

That's the other thing. I mean, this is actually something that in, in Snowden's per permanent record, I think the strongest point that he made in that book was about the, the risk of the internet, like as your permanent record. That the fact that you can no longer be forgotten on the internet and what that does, what, that does for someone who wants to change their mind,

[00:36:11] Katherine: exactly mind goes. I want the

[00:36:14] Kyle Rankin: Yeah. Because. Well, yeah, the, the right be to be forgotten and the right to be wrong. the other thing is is, is, you know, like there, I'm, I'm wrong a lot too, and my, my views on all kinds of things have changed from when I was a teenager for sure. I mean, even over the past decade, I'm sure that plenty of things have changed.

However, you have a permanent record of that sort of thing, then there's, could, then you can, I mean, you already see this, for example, on Twitter, someone will post a thing. That then contradicts something that they said three years before, and then you find that tweet and you post it back to back like, see, you said this, but in the past you said this, um, for example, like,

[00:36:51] Katherine: was indelible

[00:36:51] Kyle Rankin: Yeah. And so, yeah, and when the whole world's that way, what it does is it causes people to then have to be entrenched into certain positions because they know that they're past positions on either that or lie about their positions on things or the thoughts. Or just be incredibly carefully couched because you know that whatever you say on the internet will never be forgotten and will be attested to you forever.

And you can't even say, well, that wasn't even me. You know? It's like, no, it was you because it was signed with this digital key that only you have, that you've had from the moment you were allowed to be on the internet. It was your, it was your internet driver's license, you know?

[00:37:25] Doc Searls: It

it 

[00:37:26] Katherine: everything I've said today will probab probably change my mind about in so,

[00:37:31] Doc Searls: is our, well, it, internet is also a whiteboard. I mean, uh, some things that the, the internet archive has gone out of its way to, take photos of that whiteboard as best they can, uh, as often as they can. But, um, lot, an awful lot of it has gone the of, of what I mean, especially the early internet.

A lot of that stuff just disappeared. And the search engines don't necessarily keep a permanent record either. And by the way, permanent record is the name of, is the title of, of Snowden's book. It's actually a good book. Um, uh, but I've noticed, like I put, maybe I've mentioned this before, but I've put some Easter eggs in.

things I've written that allowed me in a word search to find, um, on Google, you know, uh, and, uh, and it doesn't find them anymore. It's the, it, it just doesn't index them or it doesn't index them in such a way that, that, that will make it show up. And it used to do it that way. And I think that page rank is either gone or so diminished as an important thing for Google that.

view of the internet is mostly about what's going on now. It's all now. all now. because, I mean, before Tera started in 2003, um, it was possible. I mean, if you changed, you had a blog or you had a blog post or published something on the internet, it would take on the web. would take Google like a month sometimes to find that, to have it indexed.

but what Teti forced is that, wait a minute, blogging is here. We need to index things constantly. And so Google basically caught up to now if they published something now it's there, there it is. And I dunno how they do that, but it's pretty damn good that what, that they follow what's going on now.

But, but it's all snow on the water at a certain way that it, it kind of disappears, or it can disappear. know, I mean, we, we, we had at Linnux Journal, we had a, um, uh, a, I had a a, a Linnux journal blog called it Garage that ran for a while. And um, it was, I guess it was a WordPress thing. I'm not sure what it was, but

[00:39:45] Katherine: it was Droople. . 

[00:39:47] Doc Searls: was

Droople.

There you go. Well, it. , it was saved by, um, the internet archive. Uh, Linux Journal no longer had it, but the internet archive has it in some, and in September of twen 2004, I noted that, a search for podcasts brought up 24 results on Google. that's a, that's still a historic marker that. was so new then, and now of course it's like a billion results or something like that.

Uh, but, but that is, that's a kind of a permanent record. That's good. But that's, that's really not around, um, Snowden's point. But I mean, mostly he was, he invade against surveillance in, in all forms. Uh, I, I think it's gonna take an awful long time for us to sort all this stuff out. It's just, it's, I mean, like I said, I w was last week.

We're never gonna solve the identity issue, . We're just not. We've had 36 of these things so far. We have complete confidence that that is gonna continue for years to come. You know, in fact, we're gonna, we're not hosting other ones, but we're sort of and seeing other ones that are inspired by, um, uh, by the, by the Internet identity workshop because it's popular.

We need more of them. We need 'em all over the world. And, and, and the problems are different in different places. You know, what, what they're doing in India is so different. Uh, know, we had on Floss weekly Beckon, the guys who do Beckon. India is now the biggest country in the world. It's larger than all of North and South America in terms of population.

And, they're doing some new things with, uh, with e-commerce and with identity. Lots of other things that are. don't get a whole lot of attention, but, um, uh, matter, you know, and that's gonna matter more over time than what we do here. All, you know, uh, I'm, I'm kind of all over the map on this, but I was, because I ws in Silicon Valley, I went to Silicon Valley in 1985, you had to be there.

If you're doing tech, that was the only place you could be. That was, that was it? It was, it was downtown tech. It's not anymore. It doesn't feel like a ghost town, but it feels like you don't need to be here. okay. You know? Nice place to be, but don't have to be here. You could be anywhere

[00:42:11] Katherine: A lot of that in the last three years.

[00:42:13] Doc Searls: it. It is.

It's the last

[00:42:14] Katherine: Wait, how many years has it been? I don't even know anymore.

[00:42:17] Doc Searls: Yeah

[00:42:19] Katherine: yeah. Yeah. You can, you can, you definitely don't have to be anywhere. You, you can be here like we are right now. Wherever here is,

don't know.

I don't know. know what that means.

[00:42:31] Doc Searls: Fire Sign Theater is a very funny group that had, uh, a lot of records back in the turn of the seventies. I had a song that went, how can you be in two places at once when you're not anywhere at all? ? So that's sort of, strikes me as semi irrelevant.

[00:42:51] Katherine: Yeah. Um, yeah, I just, so. I, I, as I'm, you know, as I'm listening to us have this conversation, I'm kind of trying to reflect, you know, a a, as we do these things, just, you know, how the salsa just made a, as we have these conversations, I think I'm kind of editing in my head right at all times, and I

think Well, okay

when I go back, I'm gonna remember, I'm gonna remember this spot so I can include the link and, and then I do these things and I'm like, okay, well what is this gonna be called?

And then I'm just wondering, I'm like, is this an. going back to the original theme, like, is this an AI conversation? Is this a security conversation? Is this ? I mean, it can be, it can be all of those things, but I, I, I'm just, I was having that thought out loud and I thought I would share because, you know, it's kind of, I don't know, I don't know where my, where my brain is going with this, but it's, it's

interesting because 

[00:43:38] Doc Searls: it, it, it's, it, it's a real versus fake thing. And it's, it's also sort of like, is it? Is it food or is it shit? You know, there's, there's that. I mean, the, you know, it, an interesting thing to me is that the large language models have all been trained on the internet, you know, and, and it's, the internet is full of crap.

It's so much crap out there.

[00:44:01] Katherine: but don't we kind of like it that way?

[00:44:03] Doc Searls: Yeah, look. Exactly.

[00:44:04] Katherine: my original thesis,

like 

[00:44:05] Doc Searls: human conversation is like, you know, I mean, there's,

[00:44:09] Katherine: you know,

[00:44:10] Doc Searls: you.

[00:44:11] Kyle Rankin: Well, well, there's that level of it, but then there's also lot of the garbage that's on the internet right now is human-generated garbage. Not in terms like someone's, someone's subreddit somewhere where they're saying stupid things, but, but more like everyone gaming page rank.

[00:44:26] Doc Searls: Yeah.

[00:44:26] Kyle Rankin: And so everyone has to create quote unquote, you know, like valuable content then get good page rank to then sell a thing, you know?

And so then you have, you had human beings, which they will, they would be the first to be replaced by all of these models, and they already are. But Legitimate looking content that really says nothing is good enough to get page ranked, you know, to, to get ranked and get put into a search query for a topic.

Um, so, so much of the internet now, I mean, if you, if, if the reason you go to do a Google search and you're not pleased with the results, like, wow, this is all a bunch of garbage. That doesn't actually help me. It's because it's been gamed by all these people 

[00:45:04] Katherine: how 

[00:45:05] Kyle Rankin: and in the future. And then the future will be gamed by the, the AI instead.

But the fun thing is then that ai, which has to feed off the internet, will be feeding off of itself. And, you know, it's like the garbage that it generated, it will now be using to then feed future garbage. know? And so what, what's that going to, you know, what's that be like? You.

[00:45:26] Katherine: set the bar so low at this point that we've produced so much existing garbage that it's so easy to duplicate because again, we've set the bars, there's no barrier to injury, there hasn't been for a long time. So it, the, the cur, the human crap is indistinguishable from the machine generated crap.

[00:45:43] Kyle Rankin: Well, I, I guess it's, it's more that can you create a tool that is higher precision than the tool that was used to create it? Um, and how do you do that, I guess, you know, like if can, and so if you have a model that's being fed off of, Garbage. And then ultimately it's feeding off of the garbage that it made.

Can it ever get better? Can it ever make things that aren't garbage? If all it has, if garbage, if the only thing coming in is garbage,

[00:46:11] Katherine: and

[00:46:11] Kyle Rankin: then the only thing coming out is garbage, right? And if the percentage of the internet that it will feed on tomorrow is 1% more garbage and 1% less good stuff. Because it's creating the thing that it's feeding on, know?

Then the output be less garbage or more garbage? Probably more garbage.

[00:46:32] Doc Searls: So, so the Washington Post had

a 

[00:46:34] Katherine: of

[00:46:35] Doc Searls: The Washington Post had a had a piece, I'm gonna go to the top of it here, inside the secret list of websites that make AI like p Tucson Smart. gonna go down here. Okay, so number one domain that they went to is patents.google.com, number two. Was Wikipedia, then Scribd, which is a lot of papers, New York Times, journals, dot plos.com, la times guardian forbes, HuffPost patents.com, Washington Post it goes on.

So I looked, I looked up a whole bunch of stuff and I'm gonna try and find my, the link to that, wherever it is. Um,

[00:47:18] Katherine: while you're looking for that also brings up a whole other question about, you know, if you list off a bunch of those outlets to, depending on who you ask, some are going to say, well, those are all left-leaning, or those are all

[00:47:29] Doc Searls: Right. Yeah.

[00:47:31] Katherine: then , that opens

[00:47:32] Doc Searls: yeah, exactly. So, so Journal, um, is number 5,227, which is actually pretty good. harvard.edu where I maintained three blogs and you would think have a lot is number 395,848. Um, yeah, medium is number 46. Um, Twit TV is number 27,000. Um, I looked up a bunch more, but it's, it's, kind of weirdly random and a lot of what and why, uh, behind it and, and it, you know, probably, you know, it is just what, what they crawled and how they crawled it and who knows, you know, and they're, they're trying to get as much language as they can into this thing, so it has better predictive.

better, more to predict on based on what's already been said. I don't know how you get to that, to writing code, because that's part of it too, right? I mean, these, these things do know how to write some code. Um, in fact, there are two interesting cases, which, if Joyce was on this call, uh, she would bring up.

was, um, business person we know very active in the identity world, has a startup, um, wrote some of his own code, farmed a lot of it out to other. Employees now using chat, g b t to replace people, you know, including himself. I'm not writing this. I'm, I'm editing this code. I'm, I'm gonna get chat G b t to write some stuff and I'm just gonna edit it.

was one case. Another one is a person who planned a trip to Japan where chat G B T told him everything to do for a week in Japan. and helped them book things, told 'em where to book it, went to the hotels, went to the different sites, went to the bars that recommended whatever else it was, found. It was fabulous.

Didn't, wouldn't have corrected any of it. Thought it was wonderful. So, you know, but then I've done a whole bunch of searches of things where I actually know what the, some source material and the rest of it and, oh my God, can it be wrong? I mean, just vastly wrong. uh, know, and I asking about myself, you know, I turns out I went to the University of Washington, which I didn't, um, know, a bunch of, bunch of weird stuff.

You know that. And I don't even know where that comes from. Is it that Linux Journal was in Washington Was it? What was that? And then you search again and it's not there. It's somewhere it some other mistakes.

[00:50:01] Katherine: it depends on the order in which you, you

search

these things too, because it takes the input that you're giving it in any given session, and I think, and it affects the output.

[00:50:10] Doc Searls: Right.

[00:50:11] Kyle Rankin: I mean, it's, it's like I, don't remember, I don't remember now how long ago it was that I, I was chatting with some sort of Google engineer, um, and they were talking about how they have, you know, different algorithms and, and quote unquote AI sort of, uh, that were governing. Uh, balancing across the many, many data centers that Google has.

Right? And they have all, it's almost like self-run, it's self-sustaining in a way to where it makes decisions on traffic needs to move from this data center to this data center based on load and based on and all, all that stuff, right? It's all,

[00:50:45] Doc Searls: that. Yeah.

[00:50:45] Kyle Rankin: yeah. Like all that stuff. It, it makes these decisions.

And the interesting thing was he was saying, yeah, we have human beings that look at. The traffic flows, and many cases we don't know why the machine made the decision it made to move the traffic from data center A to data center B. We just see the results, but we don't, because we have told that we have trained it up to a certain point and then made it self-sustaining, sort of self-training after a particular point.

We don't know why it's, it is not telling you why it's doing it necessarily. It's just doing it you on the outside just see, it's sort of like this black box that's that's pulling strings.

[00:51:25] Doc Searls: Yeah. You know an interesting thing too is that, um, I think it was the first time I visited Google when they had first gone to an office building. They were no longer into like a space above a bike shop in, in, uh, downtown Palo Alto. And, um, . I remember like Sergi coming up on his bike, you know, and it was, it was very small, board, but they're already a hit.

They were already, like Google was becoming the search engine all of a sudden. And they, in the lobby, they had a tv, like an old fashioned tv that's a vacuum tube that you look at, and a Sony Trinitron. And they had a switch on the back of it and, and this guy said, um, you wanna see what people are looking at.

It's cause they, they, they had all these, all the searches that were going by the search after search after search. And he said, I'm gonna throw a switch back here and you'll see what we censor out. at least half of it was porn. At least half of it was, was, was, was that kind of stuff. So there's that, that is a huge part of what goes on out there, you know, and. Nobody talks about it , but it's, it's part of this picture, know, the people's, the, the, artesian, well you can drive into the ID of the world is just, um, it could be an extraordinarily productive and . It's like, what do you do with that? I don't know. I mean, I just bringing that up because that's part of the noise we don't talk about.

Right. Um, but it's there. And how can you idealize

that 

[00:52:57] Kyle Rankin: yeah, it was well, and it, it is sort of like, you know, people who have children and are raising children the age of the internet. They're, um, in many cases at least, I'll say, you know, ev everyone parents differently. But there are many cases parents will. Will restrict what parts of the internet if they, one, whether children have access to the internet at all, and two, if they have access to the internet, what parts of the internet they have access to.

And why is that? Because what is, you know, because this is, this is an intelligence is learning and you, and they're being careful and thoughtful about the inputs into that model. . Um, because they know that that will be absorbed and then incorporated and then et cetera. And so I know that in many cases these models are being trained on, you know, there's some, there's some thought given, I suppose to what it's being trained on, but in some cases, possibly not.

It's more, it could because so, so many people. that are in these fields, think, you know, more data's better, better, you know, regardless. And so if you think of it, if you think of these models like, or maybe not even these models, but just like AI in general, like training a child. Like if you're actually trying to get an intelligence, what are you, you know?

Where's the child getting its information? I mean, this is, if you're just pointing it at the internet and saying, learn from the internet. I mean, that's why you have cases like, like Tay uh, Microsoft's Tay that ends up, turns out it can be very racist and anti-Semitic when you start asking it questions.

Why? Because it's input was the, the whole internet

you know

[00:54:32] Doc Searls: right

Yeah, So, Catherine, we at

[00:54:37] Katherine: Yeah, I, um,

yeah, I guess we, we should wrap it up, but, um,

[00:54:42] Kyle Rankin: Yeah.

[00:54:43] Katherine: uh, yeah, so, um, where, how do I wrap it up? I think.

[00:54:47] Kyle Rankin: We wrap it up by saying, well, it turns out the

[00:54:50] Katherine: Yeah, I was

[00:54:51] Kyle Rankin: Um, and

[00:54:52] Katherine: Oh, what was it? I always said earlier, we,

established, we have set a low bar.

The internet is already full of garbage. Um, what's a little more, no, that's, that's not necessarily the takeaway here, but, uh, yeah. Anyway, um, it's an evolving story and we will stay on top of it. Um, I think yeah, it's, we're not gonna solve these problems today. And, and, but, but I enjoy reading 

[00:55:20] Doc Searls: We

can have, we gotta have fun talking about and

[00:55:22] Katherine: people.

Yes. . Exactly. We

enjoy talking 

[00:55:25] Doc Searls: as they say. Yeah,

[00:55:26] Katherine: Yeah. So, uh, and, and until next time when we, when we, uh, throw out the

[00:55:32] Doc Searls: have 'em solved before the next one.

[00:55:34] Katherine: Yeah. We're gonna solve it. We'll

get 

[00:55:35] Doc Searls: report on that.

[00:55:36] Kyle Rankin: Homework assignment.

[00:55:37] Katherine: and if anybody else solves it for us, that

[00:55:39] Doc Searls: Yeah. But 

[00:55:40] Katherine: you could 

[00:55:40] Doc Searls: save us the, save us the work, solve it. Send us the solution, and we'll have you on

[00:55:46] Katherine: Yeah. I love it.