You've dedicated your life to preserving privacy. Let's just start big picture. What is privacy and why is it important?
I believe that privacy is core to freedom at the end of the day. I would even go as far as saying that it is synonymous with freedom. It is protecting you, protecting your inner core, essentially, protecting your identity as a human being from forces that don't want you to be an individual and a human being at the end of the day.
That was so nicely put.
I think what it really boils down to is... In that regard, I think privacy is relatively similar to what was originally intended also with the Second Amendment in the United States. It is a tool for you as a human being to protect yourself against coercive force, against your very soul, your inner core.
There are forces, and this has always been true at every time in history, that seek to make people less human, to turn human beings into slaves or animals or objects. Privacy is the thing that prevents that.
The The crazy principle that exists within this universe is that there's this asymmetry baked right into the very fabric that we exist. There's certain mathematical problems where the effort required to undo them isn't just scaling linearly or exponentially, but that scales so violently that the universe itself prohibits persons that don't have access, don't have permission to undo this mathematical problem, that they literally cannot do that. What that means is that with a very little amount of energy, a minuscule amount of energy, a laptop, a battery, and a few milliseconds of computation, you can create a secret that not even the strongest imaginable superpower on Earth is able to, without your explicit granting of access, are able to recover. That is the fundamental principle on top of which encryption, cryptography, and privacy in the modern age are built. It's fascinating that the universe itself allows for this computational asymmetry where I can create a secret, I can encrypt something, I can make something hidden, and you, with the most powerful imaginable coercive force, violence, you could imagine continent-sized computers running for the entire lifespan of the universe, you would not be able to apply that force to my secret because I have encrypted it.
The universe inherently smiles upon encryption and appreciates that. I always found that so intoxicating, this concept that this is inherently baked into the universe. It is a interaction between mathematics and physics, and is a fundamental property, just like you could say, nuclear weapons are a fundamental property of reality. Encryption and privacy exist in this reality Basically, and before we as humans have figured it out, that wasn't necessarily clear. It could also be that you can never hide something, encrypt something, keep something to yourself, but it turns out you actually can. That is fascinating, I think. What it conceptually allows you to do is to take something and move it into a different realm than crypt that realm. If someone else wants to go go into that realm, follow you there, they would need unlimited resources to do so. I would say that's what really got me into cryptography and privacy. Okay.
I'm having all kinds of realizations simultaneously for Stroll. You're an extraordinary person. I think that's... First, listen to three minutes. Okay. Who are you? Where are you from? And are you ready to suffer for your ideas? Because What you've just articulated is the most direct, subtle but direct possible challenge to global authority anyone could ever articulate. But first, how did you come to this? Where are you from? Tell us about your sofa just a moment.
I was born in Germany. I'm 25 years old.
I originally, actually, in my life, I studied law, and then later I studied mathematics and computer science.
Then at some point, I met a few people who also had these kinds of ideas about privacy, technology, distributed technology, decentralization. We then decided to found a company that builds this technology. That's how I ended up here, I guess.
You're German, you're a product of Europe and European culture, which is not privacy for all of its wonderful qualities. It built the world. I love Europe and the culture, but it's not a privacy culture. It is not now. No. Especially German, why did you come to this conclusion when all of your neighbors didn't?
I think it's interesting. If you view privacy as this inherent political thing that protects you as a human being. There is data protection laws, GDPR. There's fines against surveillance, capital There's tech giants in Europe. But as you said, I feel like most of that stuff is a charade. It's not really about protecting your privacy. We're seeing that in the UK, in the European Union. There's so many cases that already have made some significant movements already this year. I would say for me personally, it has really been this technological and mathematical understanding of the power of this technology. Realizing this, realizing that the universe allows us to do these things and the universe has this build right into it That got me so fascinated that I really thought deeply about this. What I realized is that what humans have done in the past is that they've allowed information, any type of information that we now share with or mobile surveillance devices. That information to be encrypted and be put address somewhere securely. That is how encryption has mainly been used. Or to do things like signal is doing, where we do end-to-end encrypted messaging, where we are able to send some message from one human to another human being via some untrusted channel, where there can be interceptors that try to get those messages.
But thanks to mathematics, we are able to send this message across the whole universe, and it arrives at the endpoint with no intermediary being able to take a look at the message because of this inherent property of the universe. What I realized has been that there's a missing piece, which is whenever we are accessing this information, whenever we are interacting with this information, whenever we want to utilize it, basically, we have to decrypt it again, which then makes it accessible to whoever takes a look at it, whoever runs the machine that you decide to put that data on, which can be AWS, which can be cloud providers, big data, big AI, whoever. This idea that I had was, what if we can take this asymmetry that is a fact of reality and move that to computation itself to enable that all of those computations can be executed in private as well. Then we can do some amazing things. Then the two of us can decide to compute something together, not just exchange information via some secure communication channel, but actually perform some mathematical function over something, produce an output from some inputs, but we can keep those inputs to ourselves.
Tucker has a secret, Yannick has a secret. With this technology, we can produce some value, some information. While you don't have to share your secret, I don't have to share my secret. We can scale that to enormous sizes where the entirety of humanity can do those things, where countries can do those things. But importantly, at its core, what we are doing is we are implementing this asymmetry that exists within the universe and bringing that to the next level, to the final form. That's how I ended up founding Archeum.
Getting older can make you realize you don't actually want all the things you have. That's why mini storage is so big. Consumerism loses its appeal. What you really want is peace, peace of mind. And what's the best way to get that? Well, keeping your home and family protected would be at the top of the list. Enter Simply Safe. This month, you get a 50% discount on your first Simply Safe system. Simply Safe takes a much better approach to home security. The idea is, how about we stop people invaders before they come into the house? Not just trying to scare them once they're already inside your house. And they do that with cameras, backed by live agents who keep watch over your property. If someone's lurking outside, they will tell the person, Get out of here, and then they'll call the police if they don't. Sixty-day satisfaction guarantee or your money back. There really is no risk here. Not surprisingly, Simply Safe has been named America's best home security system for five years running. Protect your home today. Enjoy 50% off a new Simply Safe system with professional monitoring at simplisafe. Com/tucker. Simply. S-i-m-p-l-i. Safe. Com/tucker.
There is no safe like-.
247, und ohne Beamtendeutsch. Das ist einfach die App, die uns mehr? Moment. Ich check das kurz. Oha, Homeoffice gewinnt. Bringt uns 150 Euro mehr The new year is here, but that does not mean you've got to overhaul your whole life, despite claims to the contrary.
You don't have to take drastic measures. Make a few changes here and there, and you'll be a lot better off. And You can start with the snacks in your pantry. Now, products from standard American chip brands are, let's be honest, pretty repulsive, filled with chemicals that make you feel heavy and bloated. They don't even taste that good. They're not good for you. We recommend an upgrade with masa chips. Masa is the easiest way to eat clean without feeling like you're on a diet. The chips contain three ingredients. That's it. Organic corn, sea salt, 100% grass-fed beef towel, and that is it. No seed oils, no mystery chemicals, just food, actual food. They're amazing, and you feel great after. You don't feel weighed down. We particularly enjoyed the Cobonero flavor lately, but they're all great. You want to give them a try? Visit masachips. Com, M-A-S-A, chips. Com/tucker. Use code, Tucker, for 25% off your first order, or you can click the link in the video description, or you can scan the QR code to claim this outstanding offer. If you don't feel like ordering online, you can buy them nationwide at your local Sprout Super in the supermarket.
Stop by and pick up a couple of bags before somebody else does. Completely safe. I can't think of a more virtuous project. When you said it in the first minute, the point of the project is to preserve humanity, to keep human beings beings human. They're not just objects controlled by larger forces. They're human beings with souls. Again, I don't think there's any more important thing that you could be doing with your life. So thank you for that. Can you be more specific about our current system and how it doesn't protect privacy?
I think there's a lot of things to unravel. If we take a look at the systems that we are interacting with every single day, what those tools and applications, those social media networks, basically everything that we do in our digital lives and all of our lives have basically shifted from physical reality to this digital world. Everything we basically do, everything we do in this room, everything we do when we are out in the street because all of the technology has become part of physical reality, has been consumed. All of this has been built on top of what the former Harvard Professor Shoshana Subow has called surveillance capitalism. I think that really lies at a core. It's relatively straightforward to understand what those companies are doing. If you ask yourself, Hey, why is this application that I'm using actually free? Why is nobody charging me to ask this super intelligent chatbot questions every day? Why are they building data sensors for trillions of dollars? Well, I don't have to pay anything for it. That's the question that you need to ask yourself. What you end up realizing is that all of those systems are basically built as rent extraction mechanisms, where from you as a user, you're not really a user, you're a subject of those platforms, you are being used to extract value from you without your noticing.
They are able to extract value from you because all of your behavior, all of your interactions with those systems are being taken and they perform mass surveillance, bulk surveillance. It's those companies, right? We're just talking about companies. We're not even talking about intelligence or governments or anything. We're just talking We're talking about those companies that exist within our economy. They record everything they can because every single bit of information that I can take from your behavior allows me to predict your behavior. Where I can predict your behavior, I can utilize that to, in the most simple case, do something like serving you ads. But in more complex cases, I can do things like I can steer your behavior. I can literally control you. I can turn you into a puppet that does whatever I want. Those are the systems that we are faced with right now. The internet has been this amazing emancipator for humanity. This show is only possible because of the internet. Otherwise, With traditional media, we wouldn't be able to speak about those topics, I feel like. That's right. But at the same time, nowadays, it has transformed into one of the biggest threats to human civilization.
At the user level, at my level, the level of the iPhone owner, is it possible to communicate privately with assurance of privacy with another person?
That's an interesting question. We start with this concept of insecure communication channels. Since every communication channel is insecure, what we employ is end-to-end encryption. End-to-end encryption allows us to take this information encryption, take a message, and lock it securely so that only Tucker and Janic are able to unlock them and see what's going on. That is a fact. There have been many cases where big players with big interests, I guess, have attempted to undermine cryptography, have attempted to get rid of end-to-end encryption, to install backdoors. There has been what is commonly called the crypto wars in the 1990s, where the cyberpongs fought for the right to publish open source encryption and cryptography, and many more cases, I guess. But at the end of the day, I would say as a realistic assessment, this cryptography is secure and it works. Now, that, unfortunately, is not the whole answer because what you have to think about is, now, what happens with those end devices? I mean, the messenger that is being sent from Yannick to Tucker might be secure. But now, if I cannot undermine and apply force to this message to understand what's inside, well, I'm just going to apply force to your phone.
That's what's It's not always happening. When we look at different applications, for sure, there is a whole variety of applications, messaging applications, that do not employ encryption and security standards and might collect all of your messages and images and utilize them for those machines that extract as much value as possible from you. But there's applications like Signal that don't do that, that are actual open source cryptography technology that anyone can verify themselves and take this code and turn it into an actual application, install it on your phone. All of those things are possible. That's not the issue. The underlying issue really is that you have this device in your hand that is closed hardware. You don't know how that thing works. It is impossible to understand how that thing works. It's impossible to understand how the operating system on that thing works. There's flaws in those systems. Those are closed systems. There's flaws in those systems for some reason because people don't always have the best interests of others in mind. Not always. Not always. But also because people make mistakes. Honest mistakes that are non-malicious. I think that in general also speaks for the importance for free accessible hardware where people with technical skills can play around with and find issues.
But at its core, what you're being subjected to right now, I would say, is tactical surveillance. What it means is that there's some actor, can be some state actor, can be someone else, that decides that Tucker Carlson is worth to be surveilled.
I think that has been decided. You think so? I do. I'm getting that sense.
So tactical surveillance. That means that you specifically are being targeted. And that is in contrast to strategic surveillance, which is this idea of everyone is being surveilled. Let's just surveil everyone, collect every single bit of information, and store that for the entirety of human history, and then someday, maybe we'll to be able to use that. Those are those two concepts. What we've seen over the last few years is a shift away from tactical surveillance towards strategic surveillance. Surveillance capitalism has really helped this concept because there's so much data that is being locked that can be stored. There's so many new devices and applications that can be employed. We see pushes like, for example, chat control within the European Union that is a backdoor to implement backdoors within all of the Messenger applications to be able to scan your applications, to scan your messages, to take your messages somewhere else and decide whether or not those people like what you're saying within your private messages. I would say in general, as a normal human being, with your iPhone, you are still able to privately communicate. That is still something that exists. However, this ability has greatly been limited.
If there is someone who wants to see your message, I would say they can, unfortunately.
How difficult is it for a determined state actor, an intel agency, to say, I want to read this man's communications, listen to his calls, watch his videos, read his texts? How hard is it for them to do that?
I think that... We can look at different court cases that have publicly emerged in regards to Apple, for example, where Apple has refused intelligence to give them backdoor access to their devices. What's so important about this discussion that we are having here is that every time you You're building a system where you add backdoor access so that someone in the future can decide to get access and take a look at what you're writing, what that invites is for everyone to do that because a backdoor inherently is a security floor in our system. It's not just some specific intelligence agency that decides to read your messages. It's every intelligence agency at that point. That's why as a nation, you cannot weaken security by getting rid of privacy without weakening your entire economy, cybersecurity, and also social fabric at the end of the day, and the whole strategic positioning of you as a nation. How difficult it is? I would say also from a practical operational security standpoint, depends on what are you doing with your phone. Is your phone this Is it a trick device that is only used for messaging, or is your phone also using different types of media?
Are you sending images? Are you receiving messages? I think two years ago, there was this case where there was a zero-day backdoor being used across Apple devices because when I sent you an image and your messenger had auto download on, I could get full access to your phone. By sending you a message. You're not my contact, even, probably, right? I just figure out what your phone number is. I send you an image. The image gets automatically downloaded. Some malicious code that I have injected gets executed. Now I own your phone I can do whatever I want. Then, end to an encryption doesn't help you because I have literal access to the end device that decrypts this information. That's very dangerous. That has been fixed. But I think what it highlights really is that complexity is the issue here. So complexity in the kinds of applications that you're running, complexity in the underlying operating system that this device has, all of that complexity invites mistakes and also malicious security flaws to be installed in those systems.
Of course. Human organizations are the same way. The bigger they are, the easier they are to subvert.
Yes. Of course.
February is the perfect month to get cozy because it's chilly outside. Our partners at Cozy Earth understand this, and they're helping Americans everywhere stay toasty throughout the frigid winter. I hope you're seated because this detail may shock you. Cozy Earth offers bamboo pajamas. Lightweight, shockingly soft. These pajamas are a true upgrade. They sleep cooler than cotton. Plus, they're made out of bamboo. That is just wild and awesome. From pajamas and blankets to towels and sheets, Cozy Earth is something unusual and great for everybody, and it's entirely risk-free. You get a 100-night sleep trial, 10-year warranty. There's no downside that we can see. So Share love this February. Wrapped your sofa someone you care for in comfort that feels special. Bamboo pajamas. Visit cozyEarth. Com. Use the code Tucker for 20% off. That's code Tucker for up to 20% off. If you get a post-purchase survey, make certain to mention you heard about Cozy Earth from us. That's a very simple thing, to send someone to text him an image, and all of a sudden you have control of his phone. I think we can be fairly confident that people who have adversaries are being surveilled, right?
Yes, I think so. I would say that tactical surveillance really is something that exists. I would say in this battle for privacy, it is actually not the most important thing to focus on, because this tactical surveillance, I feel like to a certain degree, we need to accept, unfortunately. Not the tactical surveillance that says, Tucker Carlson is a journalist. I don't like that. Let me surveil him. That's not the tactical surveillance I'm speaking of. But if we have legal procedures and actual judicary warrants in place, I feel like as a society, we We would accept that to convert-As long as we trust to their system, we can definitely accept that, of course. But the fundamental issue really is, and that's so ironic, that all of this surveillance needs to operate under secrecy in order to function. You should not know that you're being surveilled. Nobody has oversight. Not even the democratic processes are able to have oversight because it's all wrapped in secrecy. That really brings us to the fundamental issue here, also with strategic surveillance, surveilling everyone, just deciding, Well, I'll take a look at everyone's phone, store everything, and maybe I don't like someone in the future, then I have this backlog of information.
The important question to consider here is thinking about, is there even a future where from a legal standpoint, it is possible to implement procedures that guarantee that there is no secret surveillance in place, which I think the answer is pretty clear to that question.
And it is?
I think it is not. I think it is important to have these laws in place, right? Of course. That prohibit surveillance and that enable different kinds of processes with warrants, literally the Fourth Amendment, to allow for that to be implemented in the 21st century. But what we've seen is that the tools that governments have access to are so powerful that it is impossible to make a law that prohibits use of that because whoever within a centralized architecture—that's always the case, has access to this technology basically becomes a single point of failure. That single point of failure will necessarily be corrupted by the power that exists.
Just a couple obvious low-brow technical questions. Is the iPhone safer than the Android or less?
That's a good question. I would say a huge advantage that Android devices bring to the table is this nature of, I guess, a subset of those devices, not speaking for the entirety, but the operating system, for example, being being publicly viewable by anyone. You can understand it. I think that is so important, not just for security, but also for technological innovation. I would say that is a huge advantage. Now, the devices are manufactured by some manufacturer who you need to trust at the end of the day based on how the hardware is built and how the firmware is compiled and then put on your device. They have been interesting operating Operating systems, I think there's one called GrapheneOS, which is a secure open source operating system as far as I know. Haven't looked too deeply into that, but you could on an Android device, theoretically say, I'm going to run my own operating system on that, which I think is a strong value proposition. Now, I myself am also an Apple user. There is also an element of institutional trust involved here, where you say, Okay, I trust the manufacturing and software process that this company has.
But in general, if I'm being honest, if I wouldn't be lazy, what I'd be doing is I would actually be looking for a minimalistic secure open source operating system for my mobile phone, and I would build that myself and get some hardware and put that on there. I would say that would be the smartest thing to do if you are technically versatile.
I read that you use an iPad, not a Mac. Is there an advantage?
That's what I did back in the day when I started.
Is there an advantage to the iPad over the Mac from a privacy standpoint?
I think what it boils down to there is what applications could be installed on your system. I would say in general, devices like the iPhone or the iPad operate in a more sandboxed way where applications are actually isolated rather than how it works on operating systems like macOS or Windows, where you could compromise the entire system way more easily. On the iPhone, you just have an app store with applications. The level of compromise that such an application can have, theoretically, at least from the idea, is limited. To just the single application. It doesn't have access to your messenger if you're installing an app, although it has, I guess, if there's some flaw in the system, which always is the case. You never have this absolute security. I think what it really boils down to is this idea that really emerged in the 1990s of decentralization. Moving away from single points of failures towards decentralization decentralization, where we can mitigate a lot of these risks by not depending, I guess, on one single type of computer and not even depending on one single computer, but having many computers, which introduces redundancy, resilience, and, I guess, risk reduction and distribution to computer systems.
So speaking more broadly about how the internet in a free society should be built, I guess.
Most people don't wake up in the morning and decide to feel horrible, exhausted, foggy, disconnected from themselves. But it does happen, and it happens slowly. You're working hard, you're showing up, and then your energy disappears by midday. Your focus is dull, your weight won't move. A lot of people are told that's just getting old. That's what it is. But that's not actually true. For many men and women, these are not personal affairs. They are signals tied to your metabolism, your hormones, and nutrient imbalances that go undetected for yours. You don't even know you're deficient. And that's why we're happy to partner with Joy & Bloke's, a company that was built for people who were all done guessing and ready to figure out what exactly is going on. That starts with comprehensive lab work and a one-on-one consultation with a licensed clinician. An actual human being explains what's happening inside you and builds a personalized plan which includes hormone optimization, peptide therapy, targeted supplements. So don't settle. Go to joyandblocks. Com/tucker. Use the code Tucker for 50% off your lab work and 20% off all supplements. That's joyandblocks. Com/tucker. Use the code tucker. 50% off labs, 20% off supplements.
Joy & Blocks. Get your edge back. You've said a couple of times that the problem is the hardware. It's not the software.
It's the device. It is the device, right? It's the union of the hardware and the software.
What's the option? Is there an option at this point? If I am intent on sending a private message to someone else, electronically, is there a way to do it as of right now that's guaranteed private?
I would say the way that I, myself, at least, handle it really is to have a dedicated phone for that specific use case. Then just have encrypted Messenger there that you can trust because maybe you don't even install it via the App Store, but you have built it yourself and there's no other interactions taking place with I would say from an operational security standpoint, that is as good as it can get. Otherwise, you would really have to look at... I don't know. You can do creative things always. You could write your message and hand-encrypt it and then type it in the phone. It doesn't matter at that point. Maybe we need to get away from the devices altogether. What's interesting, what we're doing with RQM is that we We never have a single point of failure. Everything is encrypted. Everything sits within a distributed network, where as long as you're not able to basically get access to the entire globally distributed network, to every single participant, you have security. It's difficult to do that with your own phone. But at the end of the day, I think over time, those systems get more secure. However, what is important is to be certain that there is no backdoors explicitly installed from those manufacturing processes.
I think there's some countries where if you're buying a phone from there, you could be certain, Okay, there might be something installed because the company itself is owned by the government. We need a legal framework for that. Also, what we require is that the The manufacturing process itself mirrors distributed decentralized systems where there, again, is not a supply chain of single points of failure, where if one single worker decides to install some backdoor because they get paid off, they can do so, but instead there is oversight. I think that Apple runs on that model already. I would be relatively comfortable with these kinds of systems. But there's also other other interesting technologies. For example, Solana, which is an American company, blockchain network. They actually have their own phone company who are offering phones. They have a very small manufacturer, and they manufacture those phones because they say, Well, those phones need to be very secure because you literally store your money on there now because your money is digital and on top of a blockchain network. I think those are very interesting approaches where I'm really looking forward to seeing more phones like this where there's, then again, a competitive market emerging for who's building the most secure phone.
I actually think a friend of Julian Assange from Germany, I don't remember his name, had a company manufacturing secure phones. The issue with explicitly build secure phones, however, always is that I would say many of these companies are honeypots. I've noticed. Yeah, with the EncroChat or whatever it was called. There was this large scale police operation to stop truck cartels, which worked out nicely, I guess, in the end. But the company itself was just a facade to sell backdoor phones. Yeah.
Right. I mean, it's the perfect honeypot. And so, by the way, a signal, which I'm not saying is a honeypot, of course, but it was, and I use it as the authorities know. But it was created with CIA money, so it doesn't mean it's a CIA operation, but why wouldn't it be? I mean, honestly, I'm not accusing anybody because I have no knowledge. But it'd be a pretty obvious move, right?
It would be. I I think what's important when we look at Signal, actually, is that we look at what Signal is. Signal is open source software that anyone can verify for themselves. What it means is that we have this global community of mathematicians and cryptographers that have invented those protocols that have independently, without getting funding from CIA or whomever, thought of mathematical problems that that they want to solve, that they are passionate about. All of those people look at those open-source lines of code and mathematical formulas, and they find those flaws in those systems. That makes me confident in the design of Signal itself. Do you use it? I use Signal, yes. I got my entire family to use Signal.
Okay, good. I have to say, I know a lot of Intel people use Signal, a lot, all the ones I know. That tells you something right there.
Yes. I think it would be highly unlikely that that signal itself would actually turn out to not be secure. There has been this interesting case. There was in the early 2000s, where there was this attempt to actually undermine strong encryption called, very exotic name, dual elliptic curve deterministic random bit generator. Duel ECDRBG. Duel ECDRBG. Nobody understands. No non-technical person understands what that means. It was actually what you need to understand in order to comprehend what has happened there is that when we encrypt information, as I said earlier, when we take something and move it into this different realm where you cannot follow this information into that realm because that would require you to have literally infinite resources, more energy than the sun will emit over its lifespan. Isn't that crazy? You cannot follow there. Well, how fundamentally this asymmetry is achieved in cryptography is that the universe runs on energy and uncertainty. Particles, chitter, stars burst. There's this randomness in the universe. If you look at the sky or if you just look at how things are made up, there's random noise everywhere. When we encrypt something, we make use of that chaos and we inject it into a message that we are sending, for example.
It's only possible to not decrypt that message in an unauthorized way if the randomness that has been injected in this message is actually unpredictable. Now, if we think of-Unless it's truly random. It has to be truly I cannot figure out how you arrived at the random number.
No pattern.
No pattern. Exactly. True randomness, true entropy, right? Yes. That's what cryptographers, I would say, spend most of their time on, thinking about how can we achieve true randomness? Because then if we are able to inject that using mathematics, for you, it becomes impossible to distinguish this message from randomness. You can't find a pattern, hence you're not able to apply any optimized algorithm to undermine it. Exactly. If you think about it practically, what that means is, let's say we have a deck of cards, 52 playing cards, and I randomly shuffle this deck of poker cards. We have 52 cards. What it means is that there's so many possible ways that the deck could be stacked that it is very unlikely that for truly randomly shuffled decks, there have ever been two two identical decks in the history of humanity, which is hard to believe in general, but that's how statistics and mathematics work. We take this deck and we use it as the randomness. Now, if I play with a magician, the magician can pretend to shuffle the deck, but actually they have not shuffled the deck. They know what the cards look like. What we're doing with all of this randomness that we are injecting into information is we I'm basically describing what key is being used to unlock them.
If I don't know how the randomness looks like, if I don't know what the next playing card in the stack is, I have to try every single possible key and try to unlock it with this message. You could think of it as, I have this message. Now I want to apply violence to this message in order to recover it. What I'm doing is I take key number one, I try to unlock it, doesn't work. Then let's try key number two. You do that for an inconceivable large amount of numbers. That's why you basically, practically speaking, cannot bruteforce these mechanisms, although you can if you know where to start looking for the keys. If you know that you need to start looking at the millionth key, then you can recover it. If the deck is being manipulated, the randomness is being manipulated, then you can undermine encryption. While the process of encrypting it itself remains sound, right? You don't notice it. You actually do what you mathematically need to do to securely send your message, but the value that you use to do so, this randomness, is actually not random. That's what had been attempted with this specific algorithm, dualEC, the RBC.
What they did was they created this concept of kleptography, where they actually have random randomness, derive it in a way that is deterministic, and they actually have some secret value. Then from that secret value, they derive fake randomness. It looks random, but it's not actually random. The NSA proposed this algorithm to the NIST, the National Institute of Science and Technology in the early 2000s, as the best state-of-the-art randomness derivation function, I guess. That got accepted. They got accepted as official standard. Then there was companies like RSA, actually a highly sophisticated and respected cryptography company with with the founders being some of the fathers of modern-day cryptography. That then built products and distributed to industry and people using this technology. No Nobody knew about it, but it's not actually true that nobody knew about it. There were a lot of cryptographers that raised questions a couple of years later where they were like, I don't think this is actually random. It looks suspicious to me. Where they were like, if someone theoretically had access to some secret key S and then created some mathematical formulas and actually mathematically proved that there was insecurity there, it was not random.
Because they noticed a pattern in it.
They realized that... Basically, what they realized is that there's just those numbers. They wrote this proposal, Hey, let's use this algorithm, and this algorithm contains some constant numbers. There's those numbers written there. And then they were like, Are those numbers random? Because we're literally deriving our randomness from those numbers. We're like, Yeah, those are random. We randomly generated them. It turns out there was some other key that is being used to then mathematically be able to recover whatever randomness you used. That was this secret attempt to undermine cryptography.
But by the US government, I would say.
Yes. I think what's so striking about this, again, is that you're not just undermining privacy. You're undermining the entire security of your economy, your country.
Banking, missile codes, everything.
Yes, everything. The thing that then happened was in 2013, Snowden revealed a few papers, I guess. One of those was Project Bull run. Within Project Bull run, they allocated funding to that specific project where they tried to undermine cryptography. Once that got published, the corresponding companies and standardization institutes. It's so striking that you get standardization because once it's defined as a standard, you and industry need to implement it to get certification. It's literally impossible to then use some other alternative that is secure because certification only gets provided for this backdoor technology. But got uncovered, thanks to Snowden. Then people stopped using it.
Was he celebrated? Did he win the presidential medal of freedom for this?
Yes, an alternative reality in a different realm, I guess.
One of the great patriots of our time. Relentless. I mean, they'd murder him in a second. He's still in exile, not by choice.
But they also uncovered us that they actually paid this company that built those products US, 10 million US stores, the NESA, to use that as a standard. That's why you cannot trust anyone.
As you point out, it's not simply... I mean, so this is an intel agency trying to spy on its own people, the ones who pay for it to exist. And that's immoral and something that we should fight against. But they were also sabotaging the US economy and US national security. Because Because if your cryptography is fake, then that means you're exposed on every level throughout your society.
You are, yes. It's so interesting because it is their task. That's why it was possible for them to do that, to increase national security. At that point, they were the leading cryptography research company in the world. That really is striking to me that you're willing to undermine the entire security of your nation. And that, at the end of the day, puts you in a worse strategic position. I think many people don't realize that.
I never thought about it until you mentioned it, but it highlights... I love Ed Snowdon, and I'm not embarrassed of that, I'm proud. But it just highlights the suffering that he's been through in order to help his own country, and he's still slandered constantly in it. It drives me crazy. But this is yet another Another example of why he did something more than almost anyone else to help this country. Sounds like you're convinced that the current state of the art in cryptography is actually secure.
Yes, 100%. As I said, I think this is a great example to look at where even with those backdoors that had been implemented, there were cryptographers within this global open source mathematics cryptography community that rang the bell, but nobody was listening to them. But they actually identified the issue years in advance and rang the bell and said, This is not secure, not random, even within those companies and standardization institutes, but nobody took it seriously. Or I guess took it seriously, but doesn't matter if the law is you have to use this algorithm. That makes me very confident that this system works, the system of mathematicians.
Is cryptography global? Which is to say, is Chinese cryptography different or stronger than European or American cryptography?
It's interesting. You have actually specific encryption standards used by militaries of the world. The Chinese use different cryptography than the Russians than the Americans. It is, at the end of the day, the same thing from a mathematical standpoint, but there are some deviations in the level of security and the numbers used. Everyone builds their own standards because they mutually distrust each other. But at the end of the day, the underlying mathematics are the same. The cryptographic standards, the way that cryptography works, that is the same.
There's no reason to think the Chinese or the have stronger cryptography than the Europeans and the Americans.
I think... No. It's interesting to think about, is there cryptography that is being developed in-house within militaries or whatever proprietary human organization that is not publicly known, that is incredibly powerful? What What I've been doing with my team, and I'm so glad that I have those incredible cryptographers in my team that actually understand all of those things on a way more detailed level than I do, is build this protocol that allows us to literally take everyone's data. You could imagine the entirety of the United States. We take everyone's healthcare data, something like that. Then we say, well, we need to do something with the data. Let's say we need to research a disease or whatever. Instead of taking that data and passing it to some company that will inevitably expose it, lose it, it will get leaked or it will be used against those people. We encrypt it. Nobody ever has to share any information. We just run whatever computation that we collectively said, we are going to do that with this data. We do that, we get the result, we, I don't know, figure out a cure to cancer or whatever. But at no point in time, you ever had to share your data.
Your data never left your ownership. I think that's really core. It's the Holy Grail of cryptography, I would say, being able to do these kinds of things because you can now run any type of computer program instead of in the public, in private. You can restructure the way that your entire economy and country can work. That goes beyond just economical human interactions. That also touches upon things like rethinking how we can actually improve democratic processes. Because what those computations inherently have as a property is so-called verifiability. What's the status quo in the current internet is you task some cloud provider to run a computer program for you, because you have limited resources. You want them to run that computer program for you. You pass them some information, an algorithm, and you get an output back. But how do you know that this output is actually correct? Could be that there was an error, could be that they maliciously tried to undermine the output that they have sent you. This technology that we've built actually solves this. Verifiability for computations. You can mathematically verify that a computation has been correctly executed. That itself is an amazing property, an amazing property that you want to see within every system.
But you don't get that amazing property without implementing privacy for those systems. Isn't that amazing?
It is amazing. How did you all create this?
I'm very lucky that within my company, I have very experienced cryptographers who've literally worked more years on these specific issues than I have been in cryptography. I'm building on the shoulders of giants, of course. There has for a very long time been There has been research in those areas, being able to run those encrypted computations, but it has never been practical enough, where it is fast enough, cheap enough, and versatile enough, where you can actually do all of those things. I think what really guided us is to, and what really guided me in the way that I designed the system is to think about, Okay, how can I actually build this system so that people are going to use it and are going to build applications and are going to integrate that into systems? Because I think with privacy technology in general, in the past, what has been done is that it has been created in a in an echo chamber in a vacuum, almost, where you're a smart cryptographer that builds amazing technology, but you maybe don't understand how markets work and how to get product market fit, how to actually get those users.
We've tried to build in a different way, and that's how we ended up here. But to be honest, it was an evolutionary process for us. We originally started with a different cryptography I would say, that was more limited, that didn't allow for all of those interactions. Then at some point, we decided, okay, and we realized that that was not good enough, that was not enough. At that point, basically everyone was still building with that technology and we were like, let's do something different instead. Let's think about how the future will look like, how computation and privacy can converge in something bigger for the entirety of humanity. That's then how we built it in very, very quick time, actually.
How did you fund it?
We got investor funding, and I'm incredibly thankful for all of the investors that I've gotten. Coinbase, for example. Big names in the space of blockchain distributed systems. All of those networks like Bitcoin, all of those networks are distributed in nature, decentralized. There's a lot of players within that space that truly believe in the value of privacy, and that privacy is a human right, and privacy is inevitable as a technology that like to support it, but not just support it because it is something they believe in, but invest in it because they have realized that this is one the most powerful technologies that can exist in humanity. Being able to take information, move it into this realm, and then it can stay in this realm, and it can be processed, and everyone can do that, that is incredibly powerful. It is emancipating educating, and it is powerful for businesses, but also nation-states. At the end of the day, it is a neutral technology. And so we have investors that believe in that.
We were just talking off camera. One of the applications for this technology, one of the big ones, is the movement of money in a way that's private. How exactly does that work? And let me just add one editorial comment. The great disappointment of the last 10 years for me is that crypto transactions don't seem to be as private or beyond government control as I thought they would be. I hope they are someday. But watching the Canadian truckers have their crypto frozen was just such a shock. I've never gotten over it. We'll How this technology change that?
Yes. If you think about Bitcoin as the state-of-the-art model of, or I guess the original, not state-of-the-art, but the original blockchain network, what What it is at the end of the day is a way for distributed people to find consensus over some unit of money, which is actually more like a commodity than actually a financial instrument. That's right. They find consensus and they create this currency. That's why people think that it's fake, nonexistent. Although it's a way more real process of creating a currency than fiat currency, they mine it by taking energy and solving a mathematical problem. And once they correctly solve that mathematical problem, they get rewarded in that newly mined currency. It's a very, very elegant design. Most people think that these kinds of networks are anonymous and are dangerous. Because I feel like it has actually been a narrative that media and different actors want the people to believe.
I just have to add, I would like them to be anonymous and dangerous. Oh, yes.
That's what I was hoping for. People believe that, which attracts people and also keeps other people from I'm using them and trying to outlaw them. In actuality, they're not anonymous. What you have in Bitcoin, specifically, is pseudonymity. You don't see on the blockchain, Tucker Carlson has 10 Bitcoin or whatever, and send Yannick one Bitcoin, you instead see, A, B, C, D, E, F, G, blah, blah, blah, whatever. A random string of numbers and letters has sent something to another random string of letters and numbers. However, they're linked to this identity that you have. For every single transaction that you've performed in history on top of this distributed ledger, you will see all of those transactions. When you later after the show, send me on Bitcoin, I guess, right? I would see…
They're cheaper today than they were yesterday.
I've noticed. When you send me something, what I'll be able to see is all of the other transfers that you've performed in the past. That's unfortunately how Bitcoin works. It has this inherent full transparency. There's no privacy because it's so easy to then, via, I guess, on and off-ramps, how you actually moved money in there. Because you most likely don't actually get this currency through work by applying energy. You buy it for a different currency, fiat money. So your identity is linked, everything is public. And so that's a fundamental issue. That is actually a dystopian scenario where we could end up if this is adopted as the technology where all of your money now sits and you're sending transactions, where you have this big upside of having cash-like properties, which is amazing, but you have this tremendous downside of literally everything being recorded for the conceivable future of humanity, and you have no privacy. That inherently limits your freedom to use this technology. That is an issue that exists not just within Bitcoin, but also other blockchain networks. Bitcoin is this pure form. That's why within this crypto industry, there's a lot of competition also between different players that say Bitcoin is this pure form that only allows transfers of money.
Other networks allow execution as well. That has led to what is commonly being called smart contracts. This concept of computer programs that simply exist in the adder, basically. A computer program that can execute something that you tell it to do, and it will guarantee to do so. This amazing property that all of the founding fathers of those networks basically identified as important as so called censorship resistance, which I think is also important in real life. Very. Those networks provide censorship resistance. It doesn't matter if one computer decides, well, I'm not going to accept Tucker's transaction because I don't like Tucker. Well, there's going to be another computer that says, I will accept it. That is censorship resistance that is inherently baked into those systems. What that means is if you interact with this as this invisible machine, you get guaranteed execution for what whatever you tell it to do, either send someone money or perform some other computational logic that is baked into the system. There have been different kinds of pioneers on the front of adding cryptographic privacy to those systems. There has, for example, emerged a network called C-Cash, which is basically Bitcoin with cryptographic privacy.
There have also been pioneers like the inventors of Tornado Cash, who have built a smart contract that exists within this adder, it's unstoppable. Once you've uploaded it, you cannot stop it anymore. They did that. The code that they implemented there gave you privacy on top of this public network, which was the... Or is the Ethereum virtual machine. So they did that and...
Tornado Cash did that?
Tornado Cash. Did they win the Nobel Did they get the President's Schmeld of Freedom? What happened next when they offered privacy?
There were, I think it was three founders, Roman Storm, who's an American citizen, Roman Semenow, who is a Russian national, and Alexei Petrsev, who is a Russian national as well, who lives in the Netherlands. He has been convicted of assisting in money laundering for five years. Five years in prison? Five years in prison. Roman Storm has been convicted in the United States of conspiring to run a money transmitter without a license. Now, why has this happened? Why did they suffer such grave consequences?
They were arrested.
They were arrested.
And brought on trial.
Brought on Well, I mean, it's actually, if you look at what Roman Storm has faced, it was 40 years in prison for this.
In the United States.
In the United States of America. Why has that happened? They built a privacy tool. Well, it was an illicit actor that used their privacy tool. That is a shame because it was an illicit actor that a lot of people agree on it as an illicit actor. I think the two of us also agree that North Korea laundering stolen, hacked funds is an illicit actor. Yes. Missusing a tool, right? There's no question about this. The underlying question really is-When we're sure that actually happened? We are sure that happened, yes, for sure. That has happened. They store funds because they were able to hack different systems and then were able to utilize this platform to gain privacy to then move those funds somewhere else.
Did Roman Storm participate in the North Korean hedge fund theft?
He did not know.
If I rob a bank and then jump into my Chevrolet and speed away, does the President of General Motors get arrested?
Usually, he doesn't know. Okay. Which is interesting because he provided clearly this tool for you to escape. He knows that people get away with cars, right? Yes, he does.
It's weird how he dodged those obvious charges. Is that really what happened.
That is really what happened, yeah, and has faced 40 years in jail. But the jury could not find a unanimous decision on the main charges, I guess, circumventing sanctions and helping with money laundering. Now, the interesting thing is, before they got arrested, what has happened? The OFAC, the Auris for Foreign Asset Control in the United States, they took the software that those developers had written and uploaded to the AFFER, where it has become out of anyone's control. Unstoppable by nature. Anyone can use it. They essentially wrote code for a software tool for anyone to get privacy. That software tool got sanctioned. It got put on the SDN list for a special traditionally designated nationals, where you put the names of terrorists and you put the address in this everything, right, of the software. So the source code itself became illegal. It was deleted from the internet. All of the companies closed their developer accounts. The software they wrote, the free speech that they performed by coming up with those ideas and publishing it to the world got censored because they were added to a list which they don't even belong on because it is not-Without any vote in Congress, by the way, or this is just part of the...
I think it's under State Department now, or Treasury, I can't even remember, but they have enormous power, they've destroyed the lives of many thousands of people without any democratic oversight at all. It's pretty shocking.
Yeah. It got added onto this list. I think I think last year, a court in the state of Texas actually ruled that OFAC does not have the statutory authority to do any of that. They then silently removed a tornado cash again from the SCN list. However, nobody is able to use that tool now because every company for compliance reasons outcasts you from the user base. If you have ever touched anything related to that.
Roman Storm, he was convicted, you said. There was a hung jury on the strongest charges, but on other charges, he was convicted?
He was convicted on one charge on, I think it is called, yeah, conspiracy to run a money processor financial institution, a bank, without a banking license.
Conspiracy to start a bank.
So they put him in jail. Actually? It is one year jail sentence that's on the charge, but he's currently in the process of appealing that. Roman Storm didn't run a bank. He didn't create a bank. He created software. He made use of his inherent right for freedom of speech to build something that enables others to make use of their right for freedom of speech. Because that is, at the end of the day, the freedom of economic interaction. That is what he helped others protect for themselves. He never processed a transaction for anyone. He's not an intermediary. He specifically built technology that is disintermediated, where you yourself use that software.
The remarkable thing is I pay some attention, obviously not enough. I was not aware of this story until I was reading up on you. Where's all the coverage on Roman Storm? It doesn't even have a Wikipedia page, I've noticed.
There is, I think, incredible institutions like the Electronic Frontiers Foundation, the EFF, and DeFi Education Fund, but also companies like Coinbase, who actually have invested substantial amount of money into defending Roman Storm, and Alexey Petrsev as well. I think Alexey Petersen also doesn't get enough attention. He's now under house arrest in the Netherlands and preparing to appeal this decision, I think, something like that.
Why are so many of the players in this, Russian?
I think it really boils down to them having a deep understanding about... I think historically, maybe culturally, they have an understanding about the importance privacy in a society to uphold freedom, which is a shame.
Well, they've suffered for that knowledge for 70 years, more than. It's very striking. It's 140 million people. It's a tiny country, relatively speaking, and yet they are way overrepresented from Pavel Dourow on down.
For sure, yeah. That is true. I think I think it's interesting how we also, all of us, take that as a granted that these people go out of their everyday lives and put a target on their head by shipping this technology to enable you to gain privacy.
Simply the knowledge about the existence of bad actors in the world has made them has made them victims and put them in jail, which is insane.
Well, I mean, it's something the rest of us should push back against, I think. But the hurdle for me is not knowing. Again, I didn't even know this was happening. I should have guessed. If you could be more precise about what you think the real motive was behind going after Tornado Cash and Roman Storm. Why was the US government not prosecuting drug cartels in order to prosecute Roman Storm?
I think that has taken place under the previous administration. I think President Trump, with his administration, has done tremendous work in regards to pushing the adoption of decentralized decentralized technology of really allowing us, all of the people in that space, to try to rethink the financial system and build this technology because they've realized that technological innovation administration runs at a faster pace than legislative processes. Under the previous administration, that looked differently.
I think that has helped this technology spread a lot.
It is, however, important to consider privacy. When the executive order banning CBDCs was signed, Central Bank Digital Currencies, an explicit reason why CBDCs should never be adopted in the United States was the privacy concern. Because if we look at all of those new digital shiny currencies being built in Europe and all around the world, I guess, besides the US, which is great, which actually is amazing, I think, is that all of them are surveillance machines to even a higher degree than the current financial system is already. It is already a surveillance system. But what's important about this next generation of money is we are at a crossroads. Do we want our money to enable us freedom, freedom of economic systemical interaction, freedom of thought at the end of the day, because whatever we think we do, where we want to put our money where our mouth is, or do we want a monetary system that enables builds automatic subsequent action based on whatever activity you perform in your digital life, which can mean things like now all of your money is frozen and you don't have any access to it anymore because whatever you just did was deemed as undesirable by big brother, I guess, right?
So that is literally the two possible futures that we have. It's two extremes. There's no possible future in between. And The architects of those-So you're assuming cash is over. Cash already is also being heavily surveilled. So your bank note has a serial number. If you actually think about something like Tornado Cash or all of the... I mean, there's a lot of applications that, for example, utilize RQM to also bring this level of privacy. If you think about all of these systems, they are, in my mind, personally, I mean, as long as you have an internet connection, if you don't have an internet connection, maybe you cannot spend your money right now. But as long as that exists, even superior to cash because you don't have any serial numbers anymore.
Wait, so you say cash is being Are you survealed?
Sure. When I go to the ATM and withdraw money, the serial numbers are recorded in some database. When a merchant at Walmart, I guess, or wherever, puts that into their cash registry, You can also record a serial number. Is that true? Yeah, there has been. I read an article a few months ago about a tracking system like that within Europe. That is very practical.
I'm going to take a magic marker, a pen, and distort the serial numbers in all my cash now.
Yeah, right? It should still be legal tender, right?
I would think so. Yeah. I'd never heard of that.
I mean, there could be other tracking mechanisms. I don't know. But I've read about this technology, which clearly exists and is being used to even turn the cash system into a surveillance system. It's not even... Again, I think all of this It's not even just someone with governmental authority deciding to surveil people. It is also companies, companies seeing economical value in surveilling you and then utilizing this new technology, utilizing the internet to do that. It boils down to power, I would say, control. If you have access to as much information as possible, you can better prepare for the future and you can predict behaviors of your users or different actors. That's why those systems get implemented. We are on this fork in the path towards the future. What the people that are architecting those central bank digital currency systems have realized, and that's so interesting to me, is this old concept that the cyberpunks in the 1990s came up with, which is code is law, which expresses what This happened with Tornado Cash, I think, nicely, where it is the ultimate law, when you have this network that nobody controls and there's some piece of software and it just executes.
Whatever is written within that software code executes. There's There's no way of stopping it. There's no way of doing anything about it. That's what I mean when I say code is law. The architects of those alternative systems have realized that there's so much power in being able to, let's say, take your chat messages and see that you have said something against Big Brother, and Big Brother doesn't appreciate that. And so automatically now your money is frozen, and that is code is law. In the utopian sense, and in the dystopian sense, where software automatically can lock you out of all of those systems. I would much rather have a utopian future than dystopian future. But at the end of the day, from a technological standpoint, those things are similar. The only difference really is cryptography. Privacy. Privacy.
Because you're offering that on a scale even larger than anything Tornado Cash or Roman Storm attempt did, it has have occurred to you that whether or not you have prominent investors, you face some risk.
Sure. I think what I'm doing with RQ at the end of the day is I'm providing the most versatile and superior form you can execute a computer program. Within encryption, you can execute a computer program, and you can have many people contribute encrypted data, and you can do all sorts of things. You can do things starting with financial transfers. You can add privacy to financial systems. But that doesn't just mean we are adding privacy to me and you, Tucker, interacting with each other. We can also add privacy to entire markets, which again can also have downsides. I'm not arguing that there's only upsides with this technology. There might be actors that then utilize that, not just talking about criminal activity, but just unethical activity, the way that people maybe interact. At its core, it is neutral technology. But the use case is that I'm really focused on enabling. Also, our use case is enabling within the healthcare system to actually utilize data that currently is being stored, but it is being stored in a very inefficient way where it's isolated. With my technology, we can take this data and use it without ever risking that data to be exploited, without ever taking ownership of your data because you're the patient, you're the human.
I have no right to take ownership over that. I don't need with that technology because you can consent and say, let's improve health care or whatever with my data, but you're not getting my data because it's encrypted. I don't know. It's a crazy concept to wrap your head around. I get that. But it enables so much also on a national security level that it is strictly superior technology. I think this example that I told you earlier about verifiability. Mathetically, being able to be convinced that a computer program, a computation that has been executed in privacy, has been executed correctly. It's such an amazing concept. The way I think about it really is opening up a new design space altogether and allowing companies to do actual innovation instead of innovating only on the front of how can I extract as much value as possible from my user by surveiling them. I don't really think about it the way that you frame it. I'm building this generalized computing platform that can be used by anyone because I don't have any control over it. I'm not building a controlled infrastructure. I'm building open software that is used for good.
I'm grateful that you are, and I It doesn't at all mean to make you pessimistic or paranoid, but in so doing, you're threatening current stakeholders.
Sure, but I think that's always the case with new technology, right? Of course, yeah. I mean, when cars first came along, there were unions of horse carriage taxi ride providers that did not want to see cars on the road. Of course. There's There's always interests that try to utilize both technology and law to prevent others from getting into their position.
Keep the car a monopoly in place, of course. The stakes depend entirely on how disruptive the new technology is. Yes. Ask Nikolai Tesla. Yeah. Right. Sorry, dark. But so it's not a concern.
It is not a concern for me, no.
I wonder if It's just a quirk of your personality where you're just not afraid of stuff.
That's actually an issue. I would say I suffer from sometimes not being afraid of things. Good. I think it's...
I think you need that in order to proceed. From the perspective of the average American consumer who's not following this carefully, when does your life begin to look different as a result of this technology? When will you see this thing in action? How will you experience it?
That's actually a brilliant question. I think just trying to run numbers in my head and trying to predict a few times.
That's something I've never done, by the way. I've never paused in mid-conversation. I thought, I've got to run some numbers in my head.
I do this all the time.
I never have.
I think it will affect your everyday life positively once, I guess, there's an inflection point reached on multiple fronts. I was talking about healthcare and national security, also financial system. But it also I mean, so that's a criticism I actually have for a signal. That is that there exists one single point of failure within the signals technological stack that I've been vocal about and I dislike, which is what they call private contact discovery, where I have a set of contacts in my contacts on my phone, right? You do the same thing. If there is an intersection between the two sets that we We have where I have you as a contact, you have me as a contact, I get Tucker suggested on signal, only in that case. How does that work? How does Signal ensure that those contacts are encrypted and secure? They use trusted hardware for that, and that is a critical flaw within their infrastructure. There's technology, trusted execution environments is what they're called, manufactured by Intel, for example. This technology comes with this promise of being secure and being able to basically do what we're doing with mathematics, but instead with trust.
They say, We build a secure machine.
You think we shouldn't trust Intel?
I think so, yes. I think the-I think we're required to trust Intel. Yeah, I think it's an insane idea to begin with. Last year, it's been funny. Last year, There have been a myriad, just last year, but over the last 10 years, a myriad of exploits of the technology. In the past, it has always been sold as, Here's this technology, and it does and privacy, and just put your data in that. There's no backdoor, right? Of course not. Why would there be a backdoor?
Why would Intel cooperate with anyone?
Sure, right? You would do that. Then last year, there were those researchers that said, Well, if you have physical access to this computer, you can just read out all of the data, and you can not even just read out all of the data, but you can fake keys, and then you can perform fake computations on behalf of other people. If you're building a financial system with a computer like this, I can just change numbers. I know what your numbers, and I can change those numbers. That's not even the core issue I have with that in the case of Signal. Signal is, I think, still relying on that tech. I think they run this hardware. I mean, I hope they run the hardware because at least there I have a little bit of remaining trust assumption that, okay, they will not Try to hack those PCs, which is relatively straightforward. You just connect a few cables at the end of the day, and then you can extra trade the information, which is the interactions. Is Tucker my contact? Is Yannick Tucker's contact? That's very sensitive information. That is a single point of failure. Whereas they could access that information or whoever gets access to that information.
We're not even thinking about potential backdoors at that point within that hardware. Within the manufacturing process, I think it would be very naive to assume that there's no backdoor similar to what we talked earlier about with dual EC or something like the Clipper chip thing that was attempted in the '90s. It's very likely, I would say, that there's some randomness tampering, let's call it that, that could be in place because You are literally also getting keys right from the manufacturing process. It's this proprietary supply chain, and then they ship that computer to you, and it comes with random keys that have been generated in that proprietary production line. There's many single points of failure, and that's what I don't like about Signal because I don't want this information out there. What does my address book look like? They can fix that. They can fix that with technology that we've built. They can use our technology. I'm more than happy to just give them the technology. I mean, it's open source, right? Then they can just build this thing without a single point of failure, without a way, because this is a reasonable way for our state also to say, Well, you actually have this data, give us this data, right?
But they cannot really argue that they don't have that data because they could connect a few cables to that computer and then get that data. It's not the secure device that people claimed in the past it was. I think that is important. To resolve, I actually don't recall how I got to the attention.
I wonder if any big hardware manufacturer will begin to offer truly secure devices for sale. Which is not worth it, probably, right?
I think it is worth it. You as a military, We want to have secure devices. I think everyone would rather compute on a secure device than an insecure device.
But the manufacturers aren't making their money from the devices. I mean, they're making money. I don't know what it costs to make an iPhone less than $900, but it's an annuity. The second you buy an iPhone, you're making money for the company every day you use it, right?
Sure. I think it is impossible to build secure hardware in that regard, where those claims of full privacy and security are factually true. That is impossible. There have been so many techniques where actually just use so many different tools to play around with those devices, where it is literally impossible to implement secure and verifiable systems because even by verifying them, you need to take them apart. Destroying them in the process. That does not exist. What I think, however, exists is this concept of decentralization and why that's so powerful. Because it doesn't really matter if this manufacturer here creates a backdoor. As long as I have 10 different computers or 100 computers from different manufacturers, and there's one that does not have a full system-level backdoor installed, I am secure under this trust model that we've developed in our company. I think that's why decentralization is so important.
That was the basis of our political system when it was created, that same concept. The power is dangerous, and so it has to be spread among different holders, different entities, so it doesn't concentrate and kill everybody and enslave them. That's obviously going away. But that was the concept of the American Republic.
Yeah, exactly. I think it is important to look at surveillance in the same way, where if you have access to surveillance, you basically have access to unlimited power. So whatever surveillance system we implement, be it chat control in the European Union, where I've been very vocally opposed to on X. I actually just learned last week that the UK implemented their version of chat control on the eighth of January. Rid, which is a censorship machine and surveillance backdoor, right, installed within all of your messaging applications. It comes with this claim of, Well, we are implementing this because we need to fight child exploitation. There's always one-Child exploitation.
They care about the children. Yeah.
I strongly believe that. There's basically four reasons to implement surveillance. There's child exploitation, there's terrorism, there's money laundering, and there's war on drugs. Oh, war on drugs. Those are the four reasons, and they always wrote it.
The people engaged in importing drugs into our country, laundering the money, exploiting the children, and committing serial acts of terror against their own population. They're all very concerned.
Oh, man, I really think we now need surveillance. Not as you say.
None of us.
Yeah. But so What's funny is that in 1999, some policing working group of the European Commission, there was a transcript of their discussions. And literally within the transcript, when they were talking about implementing digital surveillance system. We were like, I think we should switch our argument over to child exploitation because that is more emotionally charged, that convinces people. It's not just that for us, it is obvious that that's not what's going on. When the people who covered up the grooming gangs are making that case, it's like, I don't think it's sincere at this point. Exactly. There is a reason why we don't believe that that's the actual reason. But what I'm arguing for is that it doesn't even matter. Even if the politicians are convinced that it's about protecting the children, and that's the most effective measure to do that, to survey all of the chats, what's going to happen is, thanks to this being implemented as infrastructure that exists everywhere and there being a small circle of people that have access to this technology, it will get abused. It is very easy to abuse those systems because the abuse itself happens within secrecy. So there's no oversight.
And instantaneously because of the rising computational power. It's not like someone has to go to the Stasi Archives to read all the files.
It's like-And Sam will gladly help you to sift through all of your. Oh, he's a good guy.
By the way, a lot of these businesses draw the worst people, the most unethical people have the most power, in case you haven't noticed. It's wild.
It is wild, yeah. There's an economical function to reward us because if I build an application and you build an application and we just provide some value to our user, User and the user pays for that, basically capitalism, all of that works out nicely. But then you decide, what if I take all of this information from my user and I use that to extract additional value from him? You're way more profitable through that.
So the incentives are there.
Then those incentives shift towards the setup, and these kinds of applications are the ones that receive investment. That trust increases, and so unethical behavior gets rewarded in the system.
Just to be clear about what you're saying, are you saying that all techs sent within the UK are now monitored by the UK government?
I'm not 100% familiar with all of the intricacies of what the digital service. I or online safety, I think it's called in the UK. What is happening there is that there is censorship being applied to the messages. You receive whatever unsolicited image, and then that's being censored. What's happening there is, I think what's important to understand is that censorship is a byproduct of surveillance, generally speaking. You need to take a look at all messages in order to be censored or something, to censor something, right? That's what's happening there. Even if we assume only the best of intentions, you have this infrastructure in place that tomorrow cannot just be abused by someone.
We should test it. I'm in the UK all the time. I have family there, and I'm going to do a double-blind study with my wife. I'm going to test to every person in my contact list, overthrow Keir Starmer. Okay, yeah. And to thousands of people, exclamation point. And she won't, and we'll see who gets arrested.
Yeah, that's a great experiment. Actually, I need to attend a conference in the UK this year. It's so funny because a month ago, there was this, I think it's also some proposal that basically specifies that people that work on encryption are persona non grata in the UK, something like that. I think it's not yet implemented, but I saw that on X.
You can't get in the country if you're for privacy?
Something like that, yeah.
Where are we going to... Big picture, where is everyone going to end up, do you think? If the control grid snaps into place, and it is snapping into place, where do people go? Us, is that the only place?
All of those... I mean, we are basically, I would say, not just sliding into that direction, but galloping. The infrastructure, it has been quite a while since they started trying to implement those in your face things, where you literally got a chat control. I mean, imagine how crazy that It's literally stating every single messaging platform, email, whatever, we need to scan for this made-up reason. But trust us, we will only do that for this made-up reason and no other reason. It happens on your device. That's why end-to-end encryption is not undermined because it is being scanned on your device. That's very different from putting microphones in your bedroom.
Trust is very, very different.
Yes. I think people don't realize the extent to how surveillance is possible nowadays. With WiFi routers, you can determine movements within your apartment. There was this one company. I mean, that wasn't a big scandal. It was literally just... I don't know if you're familiar. I think he's called Louis Rossmann, who's a YouTuber from New York who was fighting for a right to repair devices and stuff. He's always been very much advocating those efforts. He just made this video where he went through the privacy policy of some internet service provider. The privacy policy explicitly stated that they're allowed to monetize the movement data that they get from those devices that as you put in your home. The funny thing about this case that he was highlighting is that for you as a person that lives in this building, you didn't even have an option to choose a different Internet service provider because with, I guess, bulk agreements between a landowner and the Internet service provider, you are forced to have those routers, and those routers aren't even within your apartment, they're in the walls or somewhere. You're just being scanned within your most intimate area of life, your home, by your Internet service provider.
What about phones listening to people, the microphone on the phone or the camera on the phone taping you.
There's an interesting concept of ultrasound listening of those phones where basically you have a TV advertisement and we don't hear ultrasound, but your phone with its microphone could hear it. I don't know if it's ultrasound or whatever frequency. Within that advertisement, we're going to play that sound. So your phone can pick that up. And then when you go to our fast food restaurant on the same day, we know that this advertisement has worked because your phone previously registered it. So there have been There are a lot of attempts like this. I think that surfaced a couple of years ago. I don't recall the exact name of how this technology was called, but especially there were court cases actually against that where they Maybe we need to require the company that offered the technology to make the user aware that this is happening because a lot of apps had this technology installed and they had microphone permissions and they just installed this library because maybe that library pays the app developer some money, right? At the end, it is tracking you. What I'm just trying to say is there's an infinite amount of ways you can be tracked.
Just last year in the US, there were those cases surfacing surrounding city surveillance cameras. Around 40,000 of these, I think, exist in the US. Those cameras, or also licensed plate readers, all of that, are incredibly smart, equipped with artificial intelligence to directly track faces of humans. There was this one YouTuber, Ben Jordan, who actually exposed that. And funnily enough, after exposing that, got private investigators from that set company to his home to, I guess, fully destroy his privacy. I think he helped expose that, that none of these cameras were encrypted. They were recording all cities across the US, permanent constantly, 24/7, storing that, everything being mass surveilled, while anyone could just, via a Google search and some specific query, get access to the camera feed and see what is going on. And he showed videos of playgrounds where children were playing. And so that's what I mean when I say that surveillance does not bring us safety or security. It is, in most cases, doing the opposite.
It's also all networked. It's digital and it's networked. That means that companies can pull up CCTV cameras from around the world.
Oh, yeah, anyone can.
Facial recognition. Yeah.
Anyone can. What I really found so striking about the story is him outlining how he who was able to follow people around, who was able to say, Oh, yeah, they went to church here on Sunday, and then they went there for shopping. That is insane, right? I don't know. You as a human being, there was this one video of an adult man just going onto a completely empty playground and just hopping onto the swing and just swinging there. If this person knew that he was being watched, he would never have done that. This idea of escapism is entirely impossible in a world like this.
Because there is no escape.
There's no escape, yeah. Also with license plate readers, which aren't license plate readers. They are surveillance cameras that pretend to only do a specific function.
There was-What other functions do they do?
I mean, record everything and be able to track cars even if they don't have a license plate. You cannot be just a license plate reader. If one of your capabilities is to also help you identify cars that don't have a license plate, right?
Fair.
I just recall one case where there was a police officer who then used this access to technology to stalk his ex-girl your friend, which is inevitable with this technology. You put that power into the hands of individuals who can use this technology in secrecy. It's not like throwing a nuclear bomb on a country. People will notice. Mass surveillance, nobody notices.
People have made it two hours into this interview. They're obviously interested in you. First, can you pronounce and spell your name?
Janik Schrad, Y-A-N-N-I-K-S-C-H-R-A-D-E.
The name of your company and its spelling?
Archeum, A-R-C-I-U-M.
How do you speak English as fluently as you since it's your second language?
I would say it's funny because as a child, when I was in high school, there were phases because I was consuming so much English content on the internet that I was consciously thinking in English as a child. Yeah, I would say that.
You're on Twitter. Where else can people go to your views on technology and privacy?
Mainly on my Twitter at Y-R-Schreid. I also have a small website, just my personal website, I guess. I don't have a blog there. I write all of my articles basically on Twitter. Sometimes I get the chance to publish my views on some very niche news outlets in Germany, but most news outlets don't really care about privacy. I stick with X, and I really like talking on X, sharing my thoughts on X, writing articles there. When I talked about chat control, specifically on X, and it's so funny. We haven't even touched on the fact that chat control, the way it's aimed to be implemented in the European Union with the current proposal. What happened is that there was this proposal where they said, all providers need to have chat control, which is so-called client-side scanning. Tucker's phone is going to check the message that Tucker is sending right now if that message is illicit under some definition. If so, then it's going to send a message to the police. That is what client-side scanning is. In its most, I guess, innocent form, it would just be, we're going to censor the message because, I don't know, child exploitation or whatever made up reason.
We're going to censor that message. In the worst case, it would just be, we're going to forward that message. That's what the law that they had is. That received a lot of backlash, also thanks to Elon Musk, and didn't pass.
Then, as you would expect shortly Maybe after, I think it was less than a month, they came back with a new proposal, and that new proposal made it voluntary.
The new proposal basically states, Hey, Mark Zuckerberg, do you want to voluntarily add a surveillance mechanism to your applications? Which is insane, because of course, companies will voluntarily implement those surveillance mechanisms. But if you go down Those different paragraphs in that proposal, what you will realize is that it is in fact not voluntary. What you will realize is that in order to combat child exploitation, the European-Terrorism money laundering. Yes. In order to do that, they're going to introduce a new bureaucratic agency who is tasked with risk assessing different platforms. We're going to look at Signal, we're going to look at WhatsApp, we're going to look at Gmail, every single platform we're going to risk assess, and then we're going to be like, How risky is that platform? If it's risky, then we apply coercive measures, and they need to implement all, I guess, all measures to combat whatever illicit activity is targeted, which in a case of child exploitation, explicitly means that because that's the only thing you can do, scan those messages. It is not voluntary after all because if... And it explicitly says that, if you don't want to land in the high-risk category, just voluntarily scan, and then you're not in that category.
In the US, that's called extortion. You don't have to give me your money, but I'll shoot you.
Yeah, but feel free to not give me your money.
Phil, it's your choice. Last question. You're 25 years old, which is remarkable. Where do you imagine you'll be at 45?
At 45? You mean...
What will you be doing? What will the world look like?
What the world will look like? I'm a very optimistic person. While there is those two trajectories that I think not just the United States, but humanity in in general, will either take one of those. I strongly believe that we will be able to move into the utopian direction instead of the dystopian direction. What it means for what I need to achieve is I need to not just tell people about the importance of this. People know that privacy is important. I think most of your audience realizes that. Otherwise, I feel like they wouldn't listening to you. It is, of course, about education and stuff. But more importantly, and that's this core realization that I had, is that privacy is only going to get adopted if it enables strictly superior technology. That's what I'm doing. That's the mission. That's what I'm doing with Arquium to enable a situation in which you have to adopt it because it would be retarded to not do so. That's what I'm trying to do. I think we can end up in a world like this where-Because that's what it needs.
You're exactly right. It's not enough to say we're not fully human without it. The board of directors is going to say, Well, yeah, but look at the returns.
Exactly, right? Yeah.
I can't thank you enough if our viewers knew how this interview came about. I don't think they would believe it. I'm not even going to say how this interview came about, but it was through a series of chance encounters that it just really felt like the hand of God. So thank you very much for doing this, Yannick.
Thanks for having me, Tucker. I appreciate it.
Technology stole your privacy, and with it your freedom. Yannik Schrade has a plan to get it back.
(00:00) Why Is Privacy So Important?
(04:13) Is Schrade Prepared to Suffer for His Cause?
(10:38) Why Doesn't Our Current System Protect Our Privacy?
(47:54) Is the Current State of the Art Cryptography Secure?
(53:02) How Did Schrade Build This Technology?
Paid partnerships with:
SimpliSafe: Claim 50% off any new system by visiting https://simplisafe.com/TUCKER
Cozy Earth: Luxury shouldn't be out of reach. Get up to 20% off at https://cozyearth.com/TUCKER
Joi + Blokes: Use code TUCKER for 50% off your labs and 20% off all supplements at https://joiandblokes.com/tucker
Learn more about your ad choices. Visit megaphone.fm/adchoices