31 July 2014

How secure is Tor?

Today I retweeted a tweet from Kenn White (@kennwhite):

SV [Silicon Valley] tech writers flip out after discovering Tor was created by the Navy & gets State Dept grants.

Wait till someone tell them about Arpanet.

For the uninitiated, Tor is a service for making online communications anonymous, to foil things like state efforts at surveillance. ARPANET was a technical precursor to the Internet created by the Advanced Research Projects Agency (ARPA) of the US military. This is a reference to the suggestion that many have made that US government funding for Tor is a sign that it may not be as secure as it purports to be.

I forwarded this tweet because it nicely summarizes the double-edged naïveté implicit in being shocked by Tor's funding. On the one hand, one can read seeing the hand of state surveillance lurking under Tor because of its funding sources as a manifestation of a kind of paranoia. If that connection indicts Tor, don't the Pentagon origins of ARPANET indict the whole of the Internet? On the other hand, the forces arrayed for state surveillance are demonstrably so powerful that one is tempted to ask “is that too paranoid, or is it just paranoid enough?”

On my Facebook feed, this inspired a lively discussion between Vinay Gupta, a “global resilience guru”, and Billings, a web security professional who reminds us that he is not speaking for his employer here. They are both people I respect very highly.

The discussion seemed useful to share with the world, so with the discussant's permission, here's a lightly-edited version.

If you just can't get enough of this stuff, I also have Quinn Norton's article Clearing The Air Around Tor, which gives a pretty accessible explanation of the mechanics behind Billings' argument that the mechanics of Tor suggest that its funding sources do not indict its security.

And an update:

Yasha Levine has a question they couldn't ask at a Tor presentation:

There was a lot of talk on stage today about using Tor as a tool of freedom and liberty on the Internet. But there is another side of Tor that was never mentioned: Tor as a regime change weapon — a tool of soft power used by the United States government to destabilize countries it considers hostile to its economic interests: Iran, China, Russia, Belorussia. This regime change function is why Tor continues to receive over 90 percent of its funding from US government agencies like the State Department and the Pentagon, agencies that are responsible for so much of the death and destruction in the world today.

So my question is: How do you people at Tor reconcile these two sides of your product? Is Tor about Internet Freedom? Or is it about empire and regime change?

The thesis that internal conflict in the US government is so enormous that the NSA is unable to stop the US Navy funding something which effectively makes many of the NSA's operations impossible seems, to me, to be a less likely hypothesis than “Tor is another Crypto AG.”

You pays your money, and you takes your choice.

Wikipedia: Grypto AG back-doored machines

By the way, just to clarify, I'm not accusing Tor of being consciously cooperating with the NSA. Rather, I think their technology must be flawed on the basis that the USG would not fund them if Tor did what it said on the can, and there is very good evidence that the USG loves people to use broken cryptography presuming it to be secure.

None of this involves a detailed technical analysis of Tor: it's a political rather than a technical analysis. And I could be wrong.

But so could they.

Well, except I actually know and work with core Tor developers and they both edit the code and are definitely not government shills. These people are not poor security engineers either (quite the contrary). The fact is that parts of the US Navy intelligence apparatus and others have used it to cloak their own activities and have a vested interest in keeping it secure. If only government stooges used it, then you'd know anyone coming out of a Tor node was a government stooge. If they do use it, they don't want to be tracked either.

So we're left with the hypothesis that the Navy is paying them to thwart the NSA. I just don't buy it: a vastly more historically plausible analysis is that the NSA is good techniques for circumventing Tor, and is quite happy for the Navy to continue selling people rope, with which the NSA can later hang them. That's consistent with historical intelligence practices and the available evidence.

and the reason why the stolen Snowden docs reference often the NSA bitching about Tor is just COINTELPRO and Snowden works for them? The NSA basically says that it is a good thing that most people are so poor at opsec and they can break stuff in other places because they can't break Tor itself.

That said, if an entire nation state apparatus walks to watch Tor, they can probably watch enough end nodes eventually to nullify much of the anonymity. Tor folks are pretty aware of that and have spoken about it publicly. Without any evidence though, I generally treat people saying Tor is secretly broken as FUD, especially when the other evidence we do have contradicts that.

To quote from NSA targets the privacy-conscious:
As revealed by the British newspaper The Guardian, there have been repeated efforts to crack the Tor Network and de-anonymize its users. The top secret presentations published in October last year show that Tor is anathema to the NSA. In one presentation, agents refer to the network as “the king of high-secure, low-latency internet anonymity”. Another is titled “Tor Stinks”. Despite the snide remarks, the agents admit, “We will never be able to de-anonymize all Tor users all the time”.
I admit that this is a personal bugaboo of mine, since I know many of the Tor folks personally (and their integrity) but most of these discussions seem to run along the lines of “but but but they get most of their funding from the US government and no one ever told me that the Navy started Tor so it must all be a trip/track/setup by the government.” Other than the fact that they get money from the government, I've yet to see any proof of this offered though. I recognize Vinay is drawing the distinction with them knowingly being tools and unwittingly being tools though.

Snowden has released nothing about cryptography so far: nothing about which ciphers can be broken. This is probably because the NSA keeps its data in tiny little boxes, and people in one box don't get to know what's going on next door. The psychology of reflexive defence of Tor while ignoring the funding paradox is simply exactly the mindset which security people love to exploit when breaking things.

Dream on.

If Tor was something the NSA had broken, they would not be doing internal presentations and circulating reports bitching about how they couldn't easily de-anonymize people using Tor. That is unless you're arguing that rank and file NSA spooks don't know the initiatory secret of the secret inner order, which knows that Tor is broken but doesn't bother to tell the NSA. I mean, these are internally circulated documents between NSA folks, not for Congress, etc.

To be clear, Snowden has released everything as of a year ago. Greenwald and the technical people, like Schneier, haven't released the information that they have. BTW, the defense isn't reflexive. My day job is in security for a browser used by hundreds of millions of folks.

Wait, wait, hoooold on. “The NSA” is not a monolithic object. It's a sea, a foam, of little security compartments. Snowden has (as far as current data suggests) no access to the math, the crypto, the network analysis and all the rest of it. He's got brute infrastructure stuff because that's what was in his compartment.

So the NSA (meta) allows its agents to fail to catch people by not telling them that Tor is actually broken to the point where said agents to presentations, author reports, etc. to other NSA agents complaining about Tor?

Because we have seen those complaints.

The entire point of the NSA's security compartments is so that a Snowden or a spy can't get the entire ball of wax. It's routine for one part of the org to slave for decades on a problem that another part of the org has already solved, for example. Their approach is not polite, it's battle testedly irrational. And well documented.

Of course, is the NSA was well compartmentalized, a 29 year old contractor wouldn't have hoovered up probably more than a million documents from different programs. Clearly, he was able to get past plenty of walls.

Consider Coventry: the UK had broken the codes, they knew the bombing was coming, and they took the hit anyway. That is what cryptography is about, really. It's that depth of strategy that's the core to understanding what you see in front of you.

Nothing on the math, nothing on ciphers they've broken = he was nowhere near the crown jewels.

Or Greenwald et al simply haven't found it juicy or safe enough to release yet. They are redacting to avoid, in their opinion, getting folks killed or endangering “acceptable” things.

I still think if Tor was that broken by the NSA, their agents would be actively breaking it, not complaining to each other internally about how they had to do various work arounds to figure out who folks are.

So, if they're saving that trick and keeping it for the 40th level NSA wizards, then their agents still haven't broken Tor because they don't get to know.

Your model of the NSA is not the same as my model. I think my model of the NSA is better founded on historical evidence. I just can't see (knowing what we know about the history of cryptography as used by intelligence agencies) how you can justify your faith in the security of a tool they are paying for. The sweet spot has always been “let the Rubes think they are using encryption” and then read their messages and gather at will. That has not changed in centuries.

So it comes down to “We have no evidence it is broken but because government groups pay for much of it, it is inherently untrustworthy” then? I'm not saying it isn't an argument that rational folks would make, just not one I'm buying.

Do we have no evidence that it's broken? Surely “We will never be able to de-anonymize all Tor users all the time” is clear reporting that, indeed, Snowden's team can get some Tor users some of the time. How many? How much does that matter? Do we have statistics on this? So that's the first line.

Except we also, from the same slidedecks and other events, know how they denonymize users. I could find you articles if you wish but it basically comes down to “people suck at operational security and do a bunch of other stuff to identify themselves, no matter that they went through the Tor network on the way.” See how they tracked down the Dread Pirate Roberts or that fellow running a Tor hidden service in Ireland. Poor opsec, which is a relatively well understood issue. We are also aware of a number of attacks involving watching a certain percentage of end nodes or of running a certain number of nodes, en masse, and correlating traffic. Again, the guys working on Tor aren't idiots, are aware of these problems, and working to address them. You saw yesterday's news about Tor middle nodes, right?

Tor security advisory: “relay early” traffic confirmation attack | The Tor Blog

The second line is this: deception is the normal practice of intelligence agencies. To take what they are doing at face value, to believe one leak as the entire story? “Now we understand?” My god. Read the history of intelligence operations. Look at “The Double Cross System.” Look at Angleton. The Cambridge Five. You can't just puddle through this stuff taking a single NSA document as an absolute verification of Tor's relationship to the NSA: that's what one team knew at one time, in fact, it's not even what they knew it's what they chose to write down. You just can't look at intelligence data this way and be on secure ground. It's not how these people operate.

Differences of opinion are simply uninformed, as opposed to making rational decisions that don't happen to match yours.

I'd be more strongly convinced that, for example, maybe one of the Tor founders, like Roger, might be a secretly paid agent maintaining Tor access for government this whole time (though I don't believe it) than proof by lack of proof.

These people are your opponents. They're very, very good at these games. We know a little about what they were up to 50 years ago from WW2 releases. Do not assume, not for one minute, that the games we are entangled in now are any less sophisticated, Machiavellian and manipulative than they were in WW2. The UK government ran every single spy the Germans had on UK soil. This is the caliber of the deceptions operated by the same mechanisms we are being asked to take at face value re: Tor's funding streams. I cannot buy it.

Yes, I think your position is clear. Me? I require some actual evidence beyond “they get money from the government” as proof they are pwned.

It is very easy to assume that our model of the technological capacities of the NSA is accurate, too. But on the math side they've had close to a 20 year head start on the two occasions when we have good evidence of their know-how (hardening DES against differential cryptanalysis, and RSA being developed at GCHQ). Is it possible that they're unwinding Tor with math we won't see in public for another decade or more? Quite possibly. Could they be routinely owning all of the network nodes that relay traffic they want to see, using some kind of low-level hardware exploits or even plain old OS bugs? We don't know. But unless you ignore the entire history of intelligence agency operations around cryptography you cannot take this story at face value. It's not remotely justifiable.

It's really cute to tell the story of US government needs a security tool so they hire hackers to build one, and it protects us and it protects them just the same. But, for god's sake, when has the USG EVER created a level playing field in something as sensitive as cryptography? It just DOES NOT HAPPEN. Not the way the institutions work. I cannot believe the level of political debate around the Tor funding stream: it's as if nothing was learned from watching the past 50 years: everything since ENIGMA is admissible as baseline data on the NSA's modes of operation. Use it.

Who is taking it at “face value”? My evaluation is based on a lot of sources, including week to week working with developers at Tor as they ship their Tor Browser based on the code of Firefox, where I work. If people offer actual evidence that Tor is broken, I'll evaluate it but I haven't seen any.


Rational people can hold a differing evaluation of the evidence, Vinay.

Wrong standard of proof. Wrong. Wrong. Wrong. Your adversary is doing everything humanly possible to make sure that you do not get evidence that the system you are working on is broken. Their entire modus operandi throughout their history is to leave systems in place which people assume are secure, and then read whatever it is they like that goes over those wires. That's the goal state for the NSA. They're good at cracking systems, and they're good at concealing those systems have been cracked. Those are two halves of a whole.

Good at concealing it from their own agents too, it seems. Anyway, I'm done here. We're just repeating ourselves and I have no expectation of convincing you. I expect people will use Tor if they feel they can trust it and to use ... nothing ... if they feel they can't. No one is going to be convinced by further debate here.

Yes. That's standard operating procedure for most of these agencies. Of course they conceal things from their own people, and lower level folks die in gutters because they didn't know the higher clearance data that would have saved their lives. Standard standard standard. That's how intelligence works.

I will say that if the NSA has broken Tor but they don't tell their agents, pretend it isn't broken, and ignore everyone but people like Snowden or Chinese master spies in order to maintain that facade then, for all functional versions of reality, it isn't broken until someone becomes important enough to blow their cover. I'm not Osama Bin Laden. If the NSA wants to watch me but not tell their agents they can break Tor so I'm anonymous to them through it, then I'm still effectively anonymous. (That said, I'm not doing anything that would actually get me in trouble so there is that.)

Parallel construction. You peel the data out of the cracked system, and then you use it to target efforts using in-the-open technologies or you “stumble” on some lucky happenstance that lets you nail your targets. This is much more the way these things are done.

Well, clearly you're smarter than everyone else in the security community. You should contract out.

I did. You do know that I did a contract for NSA, don't you? Designed a genocide-resistant biometric ID card scheme pointed at Iraq and Afghanistan.

Cheap ID

Never had a clearance, never went through the wire, and never worked on anything that I did not publish: that was the deal I cut.

Yes, you mention it once or twice a year. I'm aware.

All I do is work to make sure your web browser stays unowned.

So just consider that I might know what I'm doing, and have done my research on a rather broader landscape than the technical security analysis which most of the people playing this game are doing. The actual domain of operations is far wider than most people consider, and the result is that we lose nearly every round of conflict we have with the State about civil rights. We have to think more deeply, and we have to trust far, far less.

Your concerns and mine are slightly different as a home owner with a mortgage, a spouse, a daughter entering college in a month, and other typical midlife stuff. The state isn't my enemy. Aspects of it may be but I value law and order as well as general stability. I'm not a revolutionary and have little desire to be if it means actual open warfare, death, and suffering for folks. I don't want to live in a fascist police state but I also don't want to live in some anarchist or libertarian dream world either. I'm also a pragmatist, as doing this stuff for a living will make you.

Doing which stuff for a living?

Working in information security as my day job ... When you contact [my company] about a security bug or a zero day, I'm one of the main people with whom you deal and I'm the process guy that works to make sure things get fixed and out the door in an organized fashion, as well as evaluating the issues (with the developers). I also started the first Oakland hackerspace, which isn't directly security related but you'd be amazed at the kind of people who come through our door.

I spent my last six months writing software for representing complex strategic situations for analysts to discuss. Would have been FOSS too, but the project ran into Issues. Hence I have a different perspective on these things.

I understand that you do and I'm not saying your perspective isn't rational. On the other hand, if people disagree with your assessment, it isn't simply because they are uninformed or ignorant of history and security. They may just be reaching different conclusions.

Jonathan Korman
It's almost as if reasonable people may differ.

Indeed. But there is a fundamental issue here, which is that we need to be pretty clear about what assumptions we are making when we tell users what is secure and what is not. The analysis which says Tor can be trusted is based on an implicit world model. That world model is useful. As long as people know “we assume X, Y and Z” they can decide if they agree with those assumptions.

“We assume that USG funding of the Tor network does not impact Tor's security in any way” is not something the Tor guys are in any hurry to put on their home page. That bothers me. The responses of the security community around Tor to questions about the funding stream? That bothers me even more.

Here's what responsible handling of that issue looks like; “Yes, Tor is funded by the government. We believe it's because they use Tor, and that their need for Tor outweighs any negative impacts Tor has on their ability to spy on us.” Up front, clear communication about the very real security Need To Know that the USG's funding of Tor represents. Because if the community is wrong, and that money flows because the State can easily compromise Tor in some scenarios people are going to jail or getting assassinated all over the world. We need to consider this early in the process of advising users on their risks.

What was Tor's response when you asked them about this in a friendly and mannered way?

Mostly, what I see, is people tweeting (140 chars or less) “OMFG, Tor gets government money and is OWNED!!!!” That isn't going to engender much of a conversation with them.

Never gets that far. Every contact I've had with Tor over funding has started with pathologically hostile defensiveness because the problems are really severe. Tor doesn't exist without the State, and if you doubt the State's intention in this matter, the whole project is revealed to be a honeypot for Satan. Who can consider, in all good conscience, that they may have been coopted by what they despise?

Huh. I've talked to them about it and it was perfectly friendly. Of course, I didn't open it with implicitly calling them government stooges either.

They were probably friendly because you basically agreed with their interpretation of the situation. When pushed from the outside, understandably, they are a little more freyed. Because if they are wrong about this, they are putting all of their users in danger and acting as a Cat's Paw for the NSA.

Not a comfortable position. Not at all.

Actually, I assume they were friendly because I know them, have talked to them for years, and, again, didn't implicitly imply anything about them. I simply asked about their funding, the questions that have been raised before, etc. I waited for the eye rolling to stop and we chatted. It wasn't a big deal. Of course, if your argument is that they are unknowingly pwned, then it really doesn't matter what they say, does it? That argument says that they can have the best intentions but their technology is so broken (without anyone knowing) that it doesn't matter.

You also have to realize how many tinfoil hat script kiddies and so forth troll them every time this issue comes up on twitter in 140 chars or less without even pretending to want a real discussion. In a lot of ways, it really doesn't matter what they say because a lot of folks make up their mind without even talking to them about it. I'm not sure why the Internet collectively forgets where Tor funding comes from every 12-18 months since Tor publishes all of their tax filings and grants on their website.

bah internets.

“Wait, we're using your software to protect us from the government, and it's funded by the government? What the fuck?” Yes, actually, I can see exactly where the script kiddies are coming from. The simple form of this argument is pretty compelling. It may be wrong, but it's not the wrong kind of analysis.

The burden of proof is actually on the Tor project to tell us why we should expect them to be secure, given the agency which funds them. It's a critical security issue which needs open, fair, comprehensive analysis to manage.

I'd even go so far as to call it a flaw: “funded by the enemy.”

I think they point to their open and vetted code, going back years, along with their complete financial transparency.

That doesn't tell us anything about the government's motivations.

The US government isn't my enemy. The NSA may be but they aren't the entirety of government. I'm a US citizen with ancestors that fought for the Union in the Civil War and in the Revolution. I'm not ready to declare the USA my enemy.

What does it matter what the government's motivations are if the code is secure and isn't inherently flawed? That argument only works if the NSA or someone truly has super secret mathematical voodoo that can crack Tor that they haven't told their own rank and file about and don't use in most cases where they hit Tor (or share with the FBI). The government handed over the project a decade ago.

You can be doing your part of the puzzle exactly by the book, and still be part of a bigger picture in which your perfectly innocent, perfectly well-intentioned effort is being used to throw people in jail. And the point is not whether you, or the Tor team consider the USG as their enemy: everybody involved is on US terrorist watch lists, their communications are intercepted and so on. The government treats you as the enemy. And an awful lot of Tor users are living lives which, if subjected to full prosecutorial scrutiny, would wind up in jail cells: bitcoiners for tax evasion, anonymous for site compromises, and so on. Tor is used by an awful lot of people with something to hide, and if it does not hide them effectively, it's software which is deceiving users into acting irresponsibly, regardless of how carefully the project attempts to communicate real risks.

and yet strangely, we have a lack of prosecutions of these people ...


“Where did they get the names?”

Wikipedia: IBM and the Holocaust

So, given that we're never going to have any evidence proving Tor is insecure or secure in the near term, you're arguing that it simply can't be trusted because of its funding sources. Correct?

The fact that people are being put on increased surveillance lists simply for searching for privacy tools matters.

If so, it really doesn't matter what they say.

I'm not arguing anything simply. I'm arguing in depth and with moderate sophistication.

I'm not sure what evidence that the Tor Project could provide you that would satisfy you as to its safety since even you admit that they may be unwitting tools. There is no response that can satisfy in that case. They could all honestly say that they aren't government stooges and mean it and it wouldn't change anything. Hard to prove a negative.

In that case, they have a problem: a glaring security question (“why does the highly intrusive spying-obsessed US government fund you?”) which you suggest can never be answered. Now tell me this: faced with such a conundrum, should users choose to trust Tor or not?

They've answered that question more than once. You just don't believe/like their answer. I'm sure I can find a blog post by them or an interview with Andrew or Roger that discusses this.

I was asking you. I know where they stand: it's their project.

I use Tor all the time.

Do you think users should trust Tor, if this security issue can never be resolved as you suggest?

I think a calculus can be made and that Tor can be used, yes. Otherwise, why would I use it?

So, to be blunt, this is what I feel: with thinking at this level, we will simply never evolve tools for meaningful privacy in the future. We are simply fucked.

There is simply no model I can imagine in which the burden of evidence does not fall on Tor to explain why the US government funders are getting more out of Tor's existence than it (apparently) costs the NSA. That's the core riddle at the heart of the Tor Funding Paradox. If the answer is “gee, looks good enough to me!” then we're simply defenceless against any kind of subterfuge. We're like sitting ducks.

You've gone and read the responses from the Tor Project and its leader to this question when previously asked?

The US government has killed roughly a million people in the past 15 years, and right now it's flying killer robots all over the world to politically assassinate people based on evidence gathered by network intercepts. If the answer, in that context, is “gee, I think we can trust them” then there is simply no hope of a meaningful political response to the world we live in.

What do they have to do? Start putting hippies in death camps?

(other than, you know, the 1+ million people in jail for non-violent drug offences, in an environment which considers prison rape to be a standard part of the punishment protocol for certain demographics)

You're turning this conversation from a conversation about Tor and its trustworthiness into a referendum on US policy and whether I or other folks approve or support it in various aspects or how we exist as both US citizens and folks with issues with aspects of US government and behavior. That's not a useful conversation here and not one that I would consider to be an intellectually honest turn. I meant to bow out 20 comments ago so I think I will do so now.

At a certain point, one's trust in the Government has to be tempered by some realistic perspective on what they are doing.

You are essentially saying that you believe the USG's answer to why Tor is trustworthy: “we're using it ourselves, no doubt you can trust us.” Ok, that's fine, but they're also doing this whole “killer robots working on network intercepts” thing on the other hand, at which point maybe we need to re-evaluate the veracity of their initial statements. It's sorta hard to trust mass murderers, isn't it?

Vinay, please don't construct a straw man and put words in quotes and pretend that I'm saying them. You can infer lots of things but please don't put words in my mouth and then argue with them.

At what point do we say “the people that just stalled the global eradication of Polio to do secret genetic testing of a town in Pakistan to find one terrorist leader” are maybe not the best people to trust when we need security software funded?

Is there no connection in your mind between the vast scale of US deception on the field of intrigue to the software that we are discussing? Is there some kind of firewall which separates “how the US government does security work” from “how Tor is positioned?”

This is not a straw man at all: this entire question boils down to “do you trust the US government to tell you the truth about why it funds Tor?”

(I was not using “quote” to indicate you had said something, but to paraphrase complex arguments made by a hypothetical government employee)

Add a PS for me, please?

Why don't leaked NSA documents mention Tor funding sources? “Tor stinks” but no query of the US government funding?

That smells so weird to me. So fucking weird.

There's more from Vinay Gupta in a long Storify of a Twitter thread: Tor and security versus espionage thinking.

27 July 2014

Radical (adj.)

This keeps coming up. So a quick word about radicalism.

“Radical” does not mean violent, bad, extreme, or “too much”. It means, literally, striking at the root.

A radical leftist thinks you cannot improve our political institutions, you have to replace them. A radical feminist believes that you cannot simply pass a few laws to give women equal rights, you need to transform the whole of a sexist society. A radical fundamentalist Christian believes that Christianity must be understood as reading the whole text of the Bible literally. One can advocate radical change in teaching curriculum for math or manufacturing methods for automobiles or programming languages for computers or women's fashion for the next season.

I use the word “radical” descriptively, not as dismissal or an insult. Many things need a radical approach.

26 July 2014


The gnostic interpretation of Snowpiercer is too obvious.

We Live In The Dark offers an analysis of Snowpiercer which is, to my mind, exactly correct.

A lot of discussions of Snowpiercer I’ve seen have been very literal, which I think is a terrible way to read this film when so much of it is densely allegorical. The train at its centre is a clear allegory for capitalism [I’ve seen this rejected so here’s the director saying it himself this is a film about capitalism]. It’s capitalism: what was promised as an ark of salvation but became a barbaric prison for all but the very privileged.

It's not a review, it's an analysis, so see the film first.

And having said that, some spoiler-ish comments from my FB feed. Elena Rose says:

It's more like the ending of Le Guin's "Omelas": we don't know what life is like outside this train any more, we've never seen it with our own eyes, and the price of getting out is, idealists' romantic hopes aside, very high. But the price of staying in is, unfortunately, even higher, and that won't last forever either, so there we are. If you wreck the train, maybe everyone dies. If you stay in the train, everyone still dies, and maybe on the way they become something less and less worth saving by the day.

The other point of that apex predator was, of course: there's an apex predator out here. There's an ecosystem to be the apex of out here! There's enough out here for a population of polar bears to live on! The world isn't dead! And maybe humanity doesn't make it, sure, but life does. That's something.

Fiat Justitia Ruat Caelum : Let justice be done though the heavens fall.

Ihe other Big Point of the film: that final seductive chance to be the new person who runs the train, who might run it better, might take the power and redistribute some of the food, change the conditions some, use...fewer...children...as...engine parts...

We can say a lot, allegory aside, about, "Maybe if he'd taken over just for a little while, slowed the train down, gotten to somewhere near the equator and hit the brakes and given people a chance to walk off, if that's even a possible thing," but I think one of the film's arguments, take it or leave it, is that the system would warp that attempt hopelessly for the worse, and that the chance to be the better, kinder runner of that system is a false temptation, not a genuine solution. We can agree or disagree, but it seems like the filmmaker was pretty clear on where he stood on that. It still comes down to the math on which children we stick in the cogs of the engine to make it run, and how many, you know?

Which helps to inspire me to say that the longer I sit with it, the more I like the ending. This is informed by the commentary I linked.

The ending is neither happy nor unhappy. We do not need to approve of the decision to destroy the train, only to understand it.

We see Curtis' hazy Marxist dream prove to be doomed: if as a denizen of the tail section he seizes the engine, he is still trapped by the material logic of the train and simply makes himself the captain of its horrors. His compassion prevents him from doing that, but he has no positive vision to offer as an alternative. He cannot leave Wilford's order in place nor can he take command of that order himself nor can he transform the train's order into an alternative which is either superior or viable, much less both. Unable to think outside the train, he is stuck.

As Elena says, Namgoong and Yona aren't really sure that a better life awaits them outside the train. They simply cannot permit the train's cruelties to continue, and if the alternative is death for everyone they are prepared to have murdered everyone. They hope that life in the snow is possible and better — and as Yona's uncanny insight allows her to perceive what lies beyond every door, she has cause to think it may be — but they are less pro-snow than they are anti-train.

We in the audience don't have to want to destroy the train. We just have to understand why they would.

Update: Very incisive video essay:

And more about the formal structure from the amazing Tony “Every Frame A Painting” Zhou:

24 July 2014

The beauty of women

Something sentimental but true I just told a friend on Facebook:

We need a vast conspiracy of lies and attacks in order to drown out the plain truth about the awe that the beauty* of ordinary women inspires in most people, men and women alike. If women were all fully conscious of this truth, society as we know it would shatter.

* (I'm talking just the shallow sense of beauty as “looking good”, here. Don't get me started on beauty in a profound sense.)

Hulk smash

Just for fun:

I am, thank you. Now, if you'll forgive me the pretention of the third person ...

Hulk must destroy to the best of his considerable abilities.

23 July 2014


Timothy Burke notices something about Kickstarter.

All our institutions and organizations, of all kinds, are now tangled up in their own complexity, all of them are increasingly built to collect tolls rather than build bridges.

All that money spent on market research, on product development, on vice-presidents of this and that, and what you have, especially in the culture industry, is a giant apparatus that is less accurate than random chance in creating the entertainment or products that consumers can quite clearly describe their desire for. So clearly that the consumers are giving money to people they like who have no intention of or ability to make what the donors say they want.

16 July 2014

Jocks and feminism

A while back I learned the story of Katherine Switzer, the first woman to enter the Boston Marathon, in 1967. She hid in the bushes and started the race in disguise.

When the race director saw what she was doing, he attacked her, trying to rip off her race number.

Now there were a lot of runners who were supportive of her. But still, deep resistance to women's athletics was a powerful force not so long ago, and is still around today.

So when a friend passed along this delightful video of the first woman to finish the absurdly difficult American Ninja Warrior obstacle course, I enjoyed it not just for the pleasure of seeing her do it. What really got to me is all the jockish men in the audience beside themselves rooting for her. Look at their faces.

Little victories.

Special containment procedures

The SCP Foundation is a delightful product of our moment.

What is the Foundation?
We are the last bastion of security in a world where natural laws rapidly break down. We are here to protect humanity from the things that go bump in the night, from people who wield power beyond mortal understanding. We are here to make the world a safer place. We are the holders of wonders, and the crafters of dreams. We are why the world continues. In the short form, we're a creative writing site, devoted towards horror.

The main component of the Foundation website is a kind of encyclopedia of reports on anomalous objects, like SCP-1051:

Special Containment Procedures:
Due to SCP-1051's main danger being information leakage, efforts towards containment have been placed into denial or falsification of rumors surrounding its existence. Agents are to be reminded that any reference towards SCP-1051 or similar concepts during interaction with a civilian, whether online or offline, are to be met with ridicule and/or denial. Knowledge beyond current cultural information may require the application of a Class-A amnesiac.

I recommend following the link to read more. SCP-1051 is a great spooky little idea with a note of wry humor.

Part of what I love about it is that it's a work that is made possible by the internet. There's no other way a fictional universe of such richness could emerge from the efforts of hundreds of contributing authors.

Another part I love is that I recognized it as soon as I stumbled across it. It's a cocktail of many of my popculture guilty pleasures from the last few decades. Stories about secret government conspiracies. Pseudoscientific modern legends like UFOs and Bigfoot and free energy machines. The thought while watching the end of Raiders of the Lost Ark that the big government warehouse must also contain other lost wonders. Encyclopedias of fictional worlds like Middle Earth, and roleplaying game sourcebooks.

In a world containing other people with my geeky cultural interests, of course SCP exists.

14 July 2014

You say you want a revolution?

Most of today's critics of capitalism feel embarrassed when you confront them with a simple question: “What do you really want? What should replace the system?”

Via the Ke$ha and Žižek Tumblr. For future reference.

12 July 2014

Lost Boys

Sleep all day. Party all night. Never grow old. Never die. It's fun to be a vampire.

A friend on Facebook asked why ’80s rock ’n’ roll vampire movie The Lost Boys still works. I said:

The mystery of The Lost Boys is a mystery. But I have a hypothesis.

The heart of the movie is the sequence in which the Boys recruit Michael, and that sequence rings true because it portrays a kind of night that everyone (even guys like me who were total dorks as teenagers) experiences at least once during their adolescence: the night where you're rolling with the bad kids, trying to understand them, trying to decide if this is what cool is, feeling a little bit scared and a little bit liberated ... and then having the sick realization that somewhere along the line things had gone out of control and you have no idea where this is going to end. And you are no longer A Little Bit scared, you are actually scared, and all you can do it ride it out.

And then somehow you find your way out. And the next morning you wonder if you're the same person.

Plus: Vampires are just plain cool. And Santa Cruz was born to be a star.

11 July 2014


Rick Perlstein explains the title of his forthcoming book about the consolidation of the The Invisible Bridge: The Fall of Nixon and the Rise of Reagan:

He recalled a conversation he had at the Soviet premier’s dacha back in 1959. After a long lunch Khrushchev became expansive. He said that sometimes in order to be a statesman, you have to be a politician. If the public sees an imaginary river in front of them, the politician doesn’t tell them there’s no river. A politician builds an imaginary bridge over the imaginary river. Nixon told the story as though there was guidance to be found in it, and I took his point to be that if the public thought food prices were a problem, the politician should offer a solution, thereby preserving his ability to make statesmanlike decisions another day.

He goes on to ask:

Who wants to join an ‪#‎invisiblebridge‬ hashtag virus in which folks tag (sure, bipartisan!) instances of political bullshitting in the spirit of the book's epigram of Khrushev's advice to Nixon?

I would!

07 July 2014

Dark Side of the Moon

Pink Floyd's Dark Side of the Moon was the first album I ever bought, and though I haven't listened to it straight through in years, I'm sure that will go to my grave having listened to it more times than any other album.

When I bought it (on cassette!) in 1983, it had appeared on Billboard magazine's “Hot 200” list of best-selling albums without fail for a decade, far longer than any other album had. It would eventually drop back off ... only to reappear for years more.

The Wikipedia entry for the album quotes Robert Christgau calling it a “kitch masterpiece” in 1981. That's about right. A few years later, I would write a half-sincere, half-kitschy appreciation of it in the form of a science fiction story in which universal language translation software given the fundamental physics of the Cosmos as input, and told to render it into English, produced the album as output. By that time, Pink Floyd had long been my first rock ’n’ roll love, as I would write in a eulogy for Syd Barrett when this blog was still young.

I recognize that my love for the album reflects, in large part, having discovered it in a moment of imprint vulnerability. But if you don't recognize that the mix of simple piano, Clare Tory's passionate improvised vocals, and odd little miscellany on “Great Gig In The Sky” is a little miracle, expressing something inarticulable and true about the connection between eros and thanátos, then I pity you for being unable to truly hear one of my favorite things.

03 July 2014


Apparently Zach Snyder is concerned that someone might mistakenly expect some fun in his second Superman film.

Update: The new trailer stays with the mood.

I miss the real Superman more than ever.