Category Archives: Information Rights

Emerald Onion has launched

The Tor network and the dot-Onion infrastructure was built for security and privacy in mind. This is unlike legacy clear-net infrastructure, which over the years needs routine and dramatic security changes just to solve evolving security chalenges. Even worse, modern security for legacy clear-net infrastructure does very little for privacy.

Vulnerable populations were the first to recognize the importance of a technology like “the onion router”. The United States Navy was among the first. The United States Navy, realizing very quickly that an anonymity network that only the Navy would use, means that any of its users is from the United States Navy. To this day, the United States Navy researches and develops Tor.

Once Tor became a public, free, and open source project, journalists and other vulnerable populations with life-and-death threat models started using Tor. These survivors and human-rights defenders were a red flag. By the time Tor became a public project, other departments from the United States Government, such as the United States National Security Agency, had already started conducting global mass surveillance.

The United States Navy knew and continues to know that Tor is a necessity in a world dominated by global mass surveillance and by governments that strive for power and control.

Emerald Onion envisions a world where access and privacy are the defaults. This is necessary to ensure human rights including access to information and freedom of speech. If we do not have human rights online, we will not have them offline, either. We launched, officially, on July 2nd. We are looking at 10 year+ development and sustainability. Please reach out to me if you can think of ways to support our work.

House Bill 1909: Automatic License Plate Reader Systems

My testimony to the State of Washington House Transportation Committee:

Chair Clibborn and members of the committee, my name is Christopher Sheats, Chair of the Privacy Committee for Seattle’s Community Technology Advisory Board, and Chair of the Seattle Privacy Coalition. I want to make clear that any form of Automatic License Plate Reader (ALPR), regardless of its security or policy controls, is fundamentally a mass-surveillance system for the simple fact that it indiscriminately collects data about everyone.

ALPR mass-surveillance systems collect an incredible amount of personal information.

Where are you and where are you not?
Where are you heading?
What time were you there and not anywhere else?
Who else was traveling or not traveling around that time?

All of these personal facts can facilitate identifying our interests, affiliations, activities, and beliefs. Data collection, and any amount of data retention, allows for the copying and sharing of said data. According to the U.S. Department of Transportation Bureau of Transportation Statistics, an “overwhelming majority of person trips—for all purposes—are taken in personal vehicles.” When mass-surveillance data of our vehicles is collected, granularly surveilling a state, a city, a community, or an individual becomes trivial.

Where do they live?
Who lives around them?
Where do they go to church?
Who else goes to their church?
Where do they work?
When do they visit their friends and family?
When do they drop their children off at school or childcare?
When do they leave the house to go grocery shopping?
When do they visit their doctor and how often?

Answering these questions go above and beyond “personal information,” yet these questions become answerable when data collected by an ALRP mass-surveillance system is gathered by an abusive government or hacker, domestic or foreign.

If the State is to condone APRL mass-surveillance systems, whereby we have precluded we will not protect human rights by not collecting personal data in the first place, the only other rational alternative is to not retain collected data for any period longer than absolutely needed.

Thank you for your time.

Concerns of mine that I did not include in my testimony because of the delicate nature of politics:

Regarding House Bill 1909, I have several concerns:

1. How is House Bill 1909 going to impact RCW 40.24 — Address Confidentiality for Victims of Domestic Violence, Sexual Assault, and Stalking? Particularly, how is House Bill 1909 going to protect vulnerable people from law enforcement abuses?

2. Is any part of the ALPR mass-surveillance system, including data retention, managed or operated by unregulated third party providers?

3. Why are third parties not explicitly barred from owning and operating ALRP mass-surveillance systems?

4. What specific controls and audit safeguards will be put in place to prevent system operators from performing unapproved searches of people or vehicles?

5. Once data is collected by mass-surveillance systems, it can be copied, used, copied again, and re-used for unimaginable purposes. What specific controls and audit safeguards will be put in place to prevent data copying by federal agency data systems such as regional Fusion Centers?

6. The “Second War Powers Act of 1942” removed Census privacy protections of Japanese-Americans, allowing federal agents to know exactly where go and whom to arrest. How is Washington State going to defend us from unconstitutional policy changes brought on by an illegitimate U.S. President?

New Democracy Now! Onion site


Updated onion address: 2017-March-12

Previous work here. The rest of this post is for technical individuals.

I recently moved to a new DN! host mainly because my first one ran out of storage. I apologize to those who have not been able to access the last few episodes due to the old host filling up. This post goes into detail how I set up the new Onion site, then how I transfered all ~30GB of existing DN! files from the old host to the new host exclusively over Onion service via rsync.

Some major improvements include Democracy Now’s third-party services all support TLS now, meaning that I’m finally pulling the media via authenticated and confidential (exluding metadata) transport. My updated shell script is below, too.

Please note that not all traffic is torified on the new host, the DN! files are still getting pulled via port 443, outbound DNS via port 53, and outbound NTP via port 123.

New Ubuntu 16.04 Xenial host setup

Enable the firewall disabling all inbound traffic:

sudo ufw enable

Edit sources list to remove the default HTTP repositories with Wikimedia’s HTTPS repositories for transport authentication and confidentiality, and add Tor Project’s HTTP repository:

sudo vim /etc/apt/sources.list

deb xenial main restricted universe multiverse
deb xenial-updates main restricted universe multiverse
deb xenial-backports main restricted universe multiverse
deb xenial-security main restricted universe multiverse
deb xenial main

Add the Tor Project’s signing key:

gpg --keyserver --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

Update, upgrade, then install the necessary Tor apps:

sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install tor apt-transport-tor -y

Edit torrc to create the new Onion site address:

sudo vim /etc/tor/torrc

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 22
HiddenServicePort 80

Restart the Tor service:

sudo service tor restart

View the new Onion site address:

sudo cat /var/lib/tor/hidden_service/hostname


Edit sources list again so that the repositories will only be accessed via Onion service:

sudo vim /etc/apt/sources.list

deb tor+ xenial main restricted universe multiverse
deb tor+ xenial-updates main restricted universe multiverse
deb tor+ xenial-backports main restricted universe multiverse
deb tor+ xenial-security main restricted universe multiverse
deb tor+ xenial main

Update and upgrade again, and install Open-SSH, all via Onion service:

sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install openssh-server

Configure the SSH server to only accept connections via Onion service. Also harden the security a little bit:

sudo vim /etc/ssh/sshd_config

AllowUsers user
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 30
ServerKeyBits 4096
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 30
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes

Install Apache via Onion service, disable status, and enable headers:

sudo apt-get install apache2 -y && sudo a2dismod status && sudo a2enmod headers

Configure the index view of the Apache landing page:

sudo vim /etc/apache2/mods-available/autoindex.conf

IndexOptions FancyIndexing VersionSort HTMLTable NameWidth=* DescriptionWidth=* Charset=UTF-8 SuppressDescription SuppressIcon SuppressLastModified SuppressRules
IndexOrderDefault Descending Name

Harden Apache’s security configuration:

sudo vim /etc/apache2/conf-available/security.conf

Directory /
AllowOverride None
Require all denied

Header always set X-XSS-Protection: "1; mode=block"
Header always set X-Permitted-Cross-Domain-Policies: "master-only"
Header always set Cache-Control: "private, no-cache, no-store, must-revalidate"
Header always set Pragma: "no-cache"
Header always set Expires: "-1"
Header always set X-Content-Type-Options: "nosniff"
Header always set X-Frame-Options: "sameorigin"
Header always set Content-Security-Policy: "default-src 'self'"
ServerTokens Prod
ServerSignature Off
TraceEnable Off

Configure Apache to only work via Onion service:

sudo vim /etc/apache2/sites-available/000-default.conf

ServerName gnt3qwmxads3yytg.onion
DocumentRoot /var/www/html/dn/
LogLevel info
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

Restart Apache:

sudo service apache2 restart

Make the DN! directory:

sudo mkdir /var/www/html/dn/

Create the shell script to download the various DN! files:

sudo vim

cd /var/www/html/dn/
daystamp=$(date +%Y-%m%d)
wget -m -p -E -k -K -np -nd -e robots=off -H -r$daystamp.mp4
wget -m -p -E -k -K -np -nd -e robots=off -H -r$daystamp-1.mp3
wget -m -p -E -k -K -np -nd -e robots=off -H -r$daystamp.mp4.torrent
chown -R www-data:www-data /var/www/html/dn/*

Edit cron to check for new files every 15 minutes:

sudo crontab -e

*/15 * * * * bash /home/user/

Old Host

Configure SSH client to be torified:

sudo vim /etc/ssh/ssh_config

Host *
ProxyCommand nc -X 5 -x %h %p
CheckHostIP no

Rsync all files from the old host (ssh client) to the new host (ssh server):

sudo rsync -v /var/www/html/dn/* user@gnt3qwmxads3yytg.onion:/var/www/html/dn/


Tor terminology

When people talk about Tor, they may be talking about one or more of the following Tor technologies:

The Tor protocol: The official system of rules governing the operations of Core Tor, the Tor network, and Onion Services. The Tor protocol is publically accessible and readily criticized and updated.

Core Tor: A software application that uses strong encryption and careful routing designed to hide network identifying information of a computer from other Internet resources. Core Tor is a free software technology that can be built into many Internet products.

The Tor network: The global network of volunteer administrators that make Tor technologies so powerful and successful. Volunteers run “relays” that route Core Tor and Onion Services traffic on the Internet. Each of the 7,000+ volunteer relay administrators can be one of three “hops” that Tor users rely on when using Tor technologies. When Tor technologies are used, traffic moves from relay to relay, each hop preventing network origination information from being shared with the destination. Relay diversity is important because of the need for distributed trust.

Tor Browser: A customized Firefox web browser that has been modified to minimize identity exposure to web sites and advertising networks. One critical feature of Tor Browser is that all traffic from Tor Browser is routed through the Tor network.

Onion Services: The dot-onion (.onion) is a special “top level domain”, similar to dot-com (.com), but is only recognized by Tor technologies. Onion Services are diverse and can be used by many types of Internet tools. For example, in Tor Browser, connecting to a dot-onion web address allows a server to share content anonymously with a user, and allows a user to connect anonymously to a server. Onion Services are also used by instant messaging tools like Ricochet which allows people to anonymously chat with each other.

Pluggable Transports: It is commonplace for governments or corporations to limit, censor, or surveil their Internet users. Pluggable Transports are free software technologies that allow Tor technologies to bypass censorship by changing how the Internet traffic appears to these restrictive organizations.

Draft proposal for Debian


Please criticize and contribute to the following:


1. The Debian community must immediately deploy Onion Service repositories for Debian downloads and Debian updates.

2. The Debian community must immediately deploy TLS-only repositories for Debian downloads and Debian updates as a backup to Onion Services.

3. The Debian community must assure anonymity-by-default with the employment of apt-transport-tor by changing existing update mechanics.

4. The Debian community must deploy a critical security update to patch existing update mechanics to use Onion Services.


Current and future network adversaries can view and retain which repositories Debian servers connect to (metadata), when (metadata), the updates schedule (information), which updates are being applied (information), and into which operating system (information). This is incredibly valuable information for any adversary wanting to perform minimal attacks against Debian servers. Further, with cheapening data retention, mass-hacking and nation-state dominance is supported by the Debian community’s short-sighted update mechanics.

Edward Snowden has given the world factual evidence describing the capabilities and objectives of global powers and the Debian community has willfully neglected these problems.


Report of the Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, David Kaye — Presented to the Human Rights Council in May 2015:

(2)(A)(9) “Notably, encryption protects the content of communications but not identifying factors such as the Internet Protocol (IP) address, known as metadata. Third parties may gather significant information concerning an individual’s identity through metadata analysis if the user does not employ anonymity tools. Anonymity is the condition of avoiding identification. A common human desire to protect one’s identity from the crowd, anonymity may liberate a user to explore and impart ideas and opinions more than she would using her actual identity. […] Users seeking to ensure full anonymity or mask their identity (such as hiding the original IP address) against State or criminal intrusion may use tools such as virtual private networks (VPNs), proxy services, anonymizing networks and software, and peer-to-peer networks.1 One well-known anonymity tool, the Tor network, deploys more than 6,000 decentralized computer servers around the world to receive and relay data multiple times so as to hide identifying information about the end points, creating strong anonymity for its users.”

Debian powers more than one-third of the Internet. The default behavior of Debian is to obtain updates via clear-text HTTP which discloses the following to any network adversary:

1. Server location via IP address
2. Update server via IP address and DNS resolution
3. Server update schedule
4. Server version
5. Application version

This information, via network analysis, would allow any passive or active adversary to plan effective attacks against any Debian server.

Not all adversaries are the same because not all servers have the same risk. Like people, data mining and data retention capabilities pose grave risks for infrastructure. HTTPS may resolve some of the above information leakage depending on an adversary’s capabilities, but Tor resolves them to a greater degree. Anonymity provides the strongest security and is the only acceptably secure option given the facts.

XKEYSCORE, a FVEY technology, is one example of a modern threat to Internet infrastructure. Via Wikipedia:

On January 26, 2014, the German broadcaster Norddeutscher Rundfunk asked Edward Snowden in its TV interview: “What could you do if you would [sic] use XKeyscore?” and he answered:

“You could read anyone’s email in the world, anybody you’ve got an email address for. Any website: You can watch traffic to and from it. Any computer that an individual sits at: You can watch it. Any laptop that you’re tracking: you can follow it as it moves from place to place throughout the world. It’s a one-stop-shop for access to the NSA’s information.

You can tag individuals… Let’s say you work at a major German corporation and I want access to that network, I can track your username on a website on a form somewhere, I can track your real name, I can track associations with your friends and I can build what’s called a fingerprint, which is network activity unique to you, which means anywhere you go in the world, anywhere you try to sort of hide your online presence, your identity.”

The question posed to Edward Snowden was rightly focused on people. However, an XKEYSCORE-like system can trivially threaten any node on the Internet. If XKEYSCORE-like systems can be programmed to track nations, servers, or application installations, the Debian community must act.


1. Debian server > https://update-server.onion

In scenario 1, operating system and application updates are obtained exclusively within the Tor network with an added layer of Certificate Authority validation ability. HTTP-based Certificate Authority, Domain Name System, and Border Gateway Protocol vulnerabilities do not exist.

2. Debian server > http://update-server.onion

In scenario 2, operating system and application updates are obtained exclusively within the Tor network. HTTP-based Certificate Authority, Domain Name System, and Border Gateway Protocol vulnerabilities do not exist.

3. Debian server > tor+

In scenario 3, operating system and application updates are obtained via Tor but must leave the Tor network to reach its HTTPS destination. All HTTP-based Certificate Authority, Domain Name System, Border Gateway Protocol, and Man-in-the-Middle vulnerabilities exist once the traffic traverses Tor exit relays onto the normal Internet. Debian servers retain anonymity but security risk is increased.

4. Debian server > tor+

In scenario 4, operating system and application updates are obtained via Tor but must leave the Tor network to reach its HTTP destination. All HTTP-based Domain Name System, Border Gateway Protocol, and Man-in-the-Middle vulnerabilities exist once the traffic traverses Tor exit relays onto the normal Internet. Debian server retain anonymity but security risk is increased.

5. Debian server >

In scenario 5, operating system and application updates are obtained via normal Internet with minimal transport security. Server location information, update server information, and server update schedule information easily obtainable, and sophisticated attackers can obtain server version information and package version information. All HTTP-based Certificate Authority, Domain Name System, Border Gateway Protocol, and Man-in-the-Middle vulnerabilities exist.

6. Debian server >

In scenario 6, the current Debian default, operating system and application updates are obtained via normal Internet with zero transport security. Server location information, update server information, server update schedule information, server version information, and package version information are trivially obtainable. All HTTP-based Domain Name System, Border Gateway Protocol, and Man-in-the-Middle vulnerabilities exist.

Why Tor Matters

As far back as I can remember, I have been introspectively concerned and cautious about my physical safety and well being.

I believe this consciousness started when I was 4 years old. To this day I have vivid memories of being terribly frightened by the thought and act of jumping off of a 1-meter diving board into the deep end of a swimming pool. This was a routine occurrence for me as a child because swimming was the first sport I ever took part in.

Following swimming, at the age of 5, and following the footsteps of my older brother, I began training in martial arts. Karate, for me, taught me about physical awareness and control.


Around my 8th year of life, my mother and brothers became victim to an individual who ultimately forced us to make a decision for our need to do something about the domestic violence we were all wrapped up in. My family could continue to endure the abuse of said individual, or buy a gun and in an act of self-defense potentially commit an act of violence so severe that none of us would ever again be the same, or we could physically move ourselves to a safer location.

The only reason why buying a gun was an option to my mother was because having consulted with the state police, their recommendation was to “shoot the bastard.” We were told there were no laws to help us defend ourselves. This wasn’t an acceptable way of life to my family.

I don’t know if it was because my mother’s martial arts training, her genuine regard for human life, or a combination of the two, but we fit everything into our car that we could and moved to Washington state. In order to best protect everyone involved, we physically relocated our entire family’s life, leaving behind my mother’s house and all of our friends. It was not easy, but from our point of view, necessary.


When my family and I moved to Washington state, my mother took part in domestic violence survival education and we quickly became participants in the Address Confidentiality Program (ACP). The benefits of the ACP included requiring government institutions to use our Secretary of State -provided P.O. Box address as our physical location address. This is a critical feature because our (United States of America) way of life is built around the documentation of our physical residence, including but not limited to the public information made available via mandatory State identification licensing, school registration, vehicle licensing, and common utilities such as water, trash, and power.

For a determined adversary, it is trivial to research or social engineer physical location information from public and private databases. Sadly, since the age of 8, I have been forced to understand the values of privacy as it concerns physical location safety.

Intellectual development

The Internet became a critical facet of my life, almost as much as Pokemon, during my late elementary and middle school years. In the late nineties, my mother saw so much value in a general-purpose computer for me and my brothers that she saved up and purchased a 500MHz Compaq. Life was never the same for me because of my new ability to read, download, and share so much, and without the restrictions imposed at school libraries.

It wasn’t until my second or third year at university where I became exposed to Tor from material I had read on Global Voices. However, at the time, because I was learning about computer networking and Virtual Private Networks, I remember being skeptical to the emergence of a technology dependent on volunteers. I did not understand the value of Tor until several years later.

My routine Tor use started sometime in 2010, around the time that I moved to the Seattle area. Prior to 2010, I had spent several years moving around between a total of roughly 25 different dormitories, apartments, and houses because of my prolonged undergraduate university studentship. Moving to the Seattle area had been my goal for many years. I moved into my first, independently financed, one-bedroom apartment. I finally started understanding the burden that is adulthood and the wonders and consequences of independence.

My use of Tor became routine because of two reasons: one, to enhance my autonomy and independence, which was flourishing for me. The second reason, and probably the catalyst, was my childhood and family’s paranoia concerning our prior experiences of physical and mental violence. I became increasingly conscious of physical location information left behind on the Internet, a place I visited more often than I did my own kitchen.

In 2012, after 6 years of minor Wikipedia editing, I contacted Wikipedia’s administration asking for the ability to edit from the Tor network. Shockingly, they did not support my wishes.


Tor matters because of several human and United States’ rights.

The right to read is a fundamental requirement because of humanity’s need for the consumption, understanding, construction, and dissemination of information over time. Writing things down is an extension of our ability, as a species, to learn and to teach for our collective betterment. Independently, I cannot contribute to society without an unbounded right to access information.

The right to speak, or to contribute, is a fundamental requirement as an individual needing to sustain autonomy and connection. Without the unfettered ability to communicate with those around me, especially on the Internet, I cannot be a part of any system, small or large. Be it a need to warn others about problems, or a need to educate others about myself or our shared world, the right to freely express myself overwhelmingly supports the human condition.

The right to privacy is a fundamental human right that reinforces the development of the prior two rights above, something that cannot be understated. The right to intellectually develop in an autonomous way is the only power I have that not only dictates my individuality, but it supports responsibility in social contexts. I cannot hold myself accountable without the cognitive ability to process information in a way that distinguishes myself from my environments.

The right to read, the right to speak, and the right to privacy are things that the Internet and Tor empower me to exercise in a truly incredible way. If we are to survive as a culture and as a species, Tor has to be understood as a defining technology that embodies the values that we claim to have and want.

An open letter for organizations to support Tor onion services


There was a time when organizations used to ask the question, why would we want to use the Internet? There were no easy paradigms for business leaders to understand the implications. Early adopters of the Web slowly learned the value and effects of persistent information broadcasting, including reach into new and unexpected audiences. These organizations not only seeded their presence in online communities, but online communities started to shape the motivations and goals of organizations.

Following the early adoption phase, mass adoption took hold and organizations deepened their understanding. It became clear that connecting with people on this extraordinary level is not without risk and that businesses need to incorporate organizational information assurance policies. Since the beginning, encryption has been critically important to protect business interests.

Organizations are still in the process of adapting to new paradigm shifts. We take for granted TCP protocols that make web pages show up, complete, on user’s screens, because we consider that satisfactory. We take for granted the increasing affordability of data storage because we can do more for less. We not only ignore the effects of billion-dollar industries the are built and driven by the collection of personal data, but we support those industries by focusing on usability and profit. At what point do we ask the question, how much do we actually love our users?

In 2013, a significant opportunity opened up that allows organizations that use Information and Communication Technologies to understand the unintended consequences of clear-text content and metadata sharing. As more and more users depend on the services that organizations provide, organizations are learning more and more about how their technology and policy choices affect their users.

We have reached a point that it is no longer ethically acceptable to claim that our services, and thus our users, do not require both default security and also a choice in security technologies. It is no longer ethically acceptable to prioritize the security of our databases over the security and empowerment of our users.

Employing high-grade HTTPS is step one in adapting to the use of open standards and protocols. However, HTTPS reinforces the use of centralized trust authorities that, fundamentally, have deep security problems of their own. Organizations have long had the opportunity to leverage a free and decentralized security technology, and that technology is called Tor onion services.

Tor onion services mitigate many wide-spread security concerns including Certificate Authority attacks, Border Gateway Protocol attacks, and Domain Name System attacks. Adopting Tor onion services also happens to empower our users by giving them greater autonomy and control of their data and information. We can never understand individualized threat models for all our users; it is our responsibility to first admit that we will never understand such a complex landscape, and second we must employ this free and adaptive technology that raises the bar of security best practices.


What is encryption, anyway?

When we stand in front of someone and speak to that privileged individual “in real life,” we are generally aware of our environment.

We can easily asses that our communication is confidential because we can autonomously choose to speak when unprivileged people are not physically around to listen in.

We know that our communication has perfect integrity because we are physically present, observing and assuring that the speech is not getting messed with.

We also know that our communication is authentic because we are physically near the intended individual actively verifying them.

The foundation to communications confidentiality, integrity, and authenticity is trust, and the only way that we can assure technology-driven communication is trustworthy is with encryption.

Encryption is the technological requirement to assuring the foundation of trust that we fundamentally lose when people cannot be physically near.

Urban@UW individual questions

1. How would you define the question/ challenge/ focus in a manner that you find compelling?

Privacy has been defined by different groups indifferent ways. Often times the best way to protect personal privacy rights is to empower people to have greater control over what data is shared. Policy makers need to think broadly and specifically about the unintended consequences of data collection, not just how valuable it can be to special interests. Supporting privacy initiatives is often something that can turn into government transparency, accountability, and trust. Seattle could exclusively adopt free software solutions when deploying technology that interfaces with the public.

Two related points:

White House Commits to Open Access, Open Education and Open data in New Open Government Plan

Emerging threats for lawyers and human rights defenders: surveillance on massive scale in real time

Concerns from others in the group:

— Justice?
— Democratizing data?
— Supporting an advocacy agenda?
— Access? Affordability? Income barriers? How to keep people out of the criminal justice system?
— What is the overarching process for developing questions about data?
— Is the data driving the questions, instead of the questions driving the data? Who owns the data?
— Who gets to frame the questions? Who gets to think about how the data is used?
— Public vs private sector influence?

2. What is the most important need or area of impact that we could have addressing this challenge?

3. What is needed to address this challenge and what are the gaps to fulfilling this need?

4. What has failed in the past, and why?

5. What risks are there?

6. Who else should be involved?

7. What’s missing from this challenge, as you see it?