1
00:00:20,160 --> 00:00:24,000
Daina Bouquin: Every night for
over seven hundred years, the

2
00:00:24,000 --> 00:00:28,000
exact same thing has happened at
the Tower of London.

3
00:00:28,000 --> 00:00:34,240
In the dark, the chief yeoman
warder walks to the outer gates.

4
00:00:34,240 --> 00:00:38,560
Challenges are called out into
the night air.

5
00:00:38,560 --> 00:00:41,119
Passwords are exchanged.

6
00:00:41,119 --> 00:00:45,679
The heavy wooden doors are
locked, and the keys are secured

7
00:00:45,679 --> 00:00:46,880
until morning.

8
00:00:46,880 --> 00:00:49,679
It has happened through
plagues.

9
00:00:49,679 --> 00:00:53,679
It has happened while bombs
fell during the Blitz.

10
00:00:53,679 --> 00:00:57,920
The ritual has never been
skipped.

11
00:00:57,920 --> 00:01:02,320
We do this because humans have
always understood something

12
00:01:02,320 --> 00:01:03,520
about security.

13
00:01:03,520 --> 00:01:08,079
Certain things require a
ritual, not just because the

14
00:01:08,079 --> 00:01:12,799
ritual makes us safe, but
because it makes trust visible.

15
00:01:12,799 --> 00:01:18,159
Back in 2008, a security
researcher named Dan Kaminsky

16
00:01:18,159 --> 00:01:21,680
realized that the internet's
core directory was unprotected.

17
00:01:21,680 --> 00:01:26,879
It was a well without a lid,
vulnerable to anyone who wanted

18
00:01:26,879 --> 00:01:30,959
to secretly poison the water and
redirect the world's digital

19
00:01:30,959 --> 00:01:31,760
traffic.

20
00:01:31,760 --> 00:01:36,480
He forced the architects of the
web to build a heavy

21
00:01:36,480 --> 00:01:40,879
cryptographic lid to protect the
directory from poisoning.

22
00:01:40,879 --> 00:01:44,719
A master key to lock the
internet's route.

23
00:01:44,719 --> 00:01:48,640
That story is its own episode
and it's worth your time.

24
00:01:48,640 --> 00:01:55,519
But a master key creates a new
terrifying problem.

25
00:01:55,519 --> 00:02:00,079
If you give it to one person,
they become a target.

26
00:02:00,079 --> 00:02:04,239
If you give it to a single
government, it becomes a weapon

27
00:02:04,239 --> 00:02:05,519
of politics.

28
00:02:05,519 --> 00:02:11,120
So they broke the key apart and
scattered the fragments.

29
00:02:11,120 --> 00:02:17,599
I'm Daina Bouquin, and this is
Lore in the Machine.

30
00:02:17,599 --> 00:02:25,680
There are only 14 people in the
world who hold the title crypto

31
00:02:25,680 --> 00:02:26,639
officer.

32
00:02:26,639 --> 00:02:29,840
They are not spies or
government agents.

33
00:02:29,840 --> 00:02:34,879
They are trusted volunteers,
like Swedish internet expert

34
00:02:34,879 --> 00:02:40,879
Anne-Marie Eklund Löwinder, who
stored a piece of the key on a

35
00:02:40,879 --> 00:02:45,840
long metal chain inside a wooden
puzzle box with a hidden lock.

36
00:02:45,840 --> 00:02:49,360
Her son made the box in his
workshop.

37
00:02:49,360 --> 00:02:52,000
He also made furniture.

38
00:02:52,000 --> 00:02:56,960
Four times a year, a handful of
crypto officers pack their

39
00:02:56,960 --> 00:03:01,599
bags, get on airplanes, and
travel to a secure facility in

40
00:03:01,599 --> 00:03:06,159
either Culpeper, Virginia, or El
Segundo, California.

41
00:03:06,159 --> 00:03:09,840
They go there to perform a
ritual.

42
00:03:09,840 --> 00:03:14,400
If you were to dream up a
ritual to protect the global

43
00:03:14,400 --> 00:03:20,240
internet, you might imagine a
sci-fi fortress, an unassailable

44
00:03:20,240 --> 00:03:22,000
tower with an arsenal.

45
00:03:22,000 --> 00:03:24,800
But the reality is much
stranger.

46
00:03:24,800 --> 00:03:29,280
It is a bureaucratic fever
dream pieced together from

47
00:03:29,280 --> 00:03:32,240
mathematics, paranoia, and
plastic.

48
00:03:32,240 --> 00:03:36,960
Imagine walking into the El
Segundo facility.

49
00:03:36,960 --> 00:03:40,240
The walls are beige and
unremarkable.

50
00:03:40,240 --> 00:03:43,120
You hand over your government
ID.

51
00:03:43,120 --> 00:03:47,280
Your bag is searched and you
are given a badge.

52
00:03:47,280 --> 00:03:49,680
Then you enter a man trap.

53
00:03:50,319 --> 00:03:53,840
It's a small room with doors at
both ends.

54
00:03:53,840 --> 00:03:56,960
Only one door can open at a
time.

55
00:03:56,960 --> 00:04:01,120
To get through, you need a pin,
a card, and your hand.

56
00:04:01,120 --> 00:04:04,080
To exit, you need them again.

57
00:04:04,080 --> 00:04:09,360
Now you wait in a sterile space
where lunch is being served.

58
00:04:09,360 --> 00:04:12,879
It looks like a doctor's
waiting room.

59
00:04:12,879 --> 00:04:16,319
But it has an Atari arcade
machine.

60
00:04:16,319 --> 00:04:23,120
The people who designed this
ceremony actually wrote a 5%

61
00:04:23,120 --> 00:04:27,199
"dishonesty rate" into its
mathematical specifications.

62
00:04:27,199 --> 00:04:33,279
There are over 100 highly
scripted actions, and the entire

63
00:04:33,279 --> 00:04:36,560
system is built on the
assumption that someone in this

64
00:04:36,560 --> 00:04:38,720
room is secretly a traitor.

65
00:04:38,720 --> 00:04:43,519
When it's time, the ceremony
begins.

66
00:04:43,519 --> 00:04:48,000
There are no passwords
exchanged at the door, no

67
00:04:48,000 --> 00:04:50,800
challenges called out into the
air.

68
00:04:50,800 --> 00:04:54,560
It's more like a heist movie
run in reverse.

69
00:04:54,560 --> 00:05:00,639
To enter the hallway, a staff
member swipes an access card and

70
00:05:00,639 --> 00:05:03,199
presses their palm against a
scanner.

71
00:05:03,199 --> 00:05:08,639
To enter the main room, they
lean into the red glow of a

72
00:05:08,639 --> 00:05:10,000
retina scanner.

73
00:05:10,000 --> 00:05:14,160
When the heavy door clicks shut
behind you, you are standing

74
00:05:14,160 --> 00:05:18,959
inside a Faraday cage, an
enclosure that shields its

75
00:05:18,959 --> 00:05:23,120
interior from external electric
fields and electromagnetic

76
00:05:23,120 --> 00:05:23,759
radiation.

77
00:05:23,759 --> 00:05:27,519
The entire room is completely
signal proof.

78
00:05:27,519 --> 00:05:30,079
Nothing can enter or leave.

79
00:05:30,079 --> 00:05:36,000
Inside this room, there is a
large metal cage containing two

80
00:05:36,000 --> 00:05:37,839
heavy safes.

81
00:05:37,839 --> 00:05:42,720
Once the safe controllers are
brought in, the steel door of

82
00:05:42,720 --> 00:05:45,199
the first safe is pulled open.

83
00:05:45,199 --> 00:05:50,639
Inside are safe deposit boxes,
each requiring two physical

84
00:05:50,639 --> 00:05:54,160
metal keys to be turned at the
exact same time.

85
00:05:54,160 --> 00:05:57,519
Inside the box is a smart card.

86
00:05:57,519 --> 00:06:02,639
It rests in a hard plastic
case, sealed inside a tamper

87
00:06:02,639 --> 00:06:03,680
evident bag.

88
00:06:03,680 --> 00:06:06,720
The plastic case was added to
the ceremony.

89
00:06:06,720 --> 00:06:09,839
After someone realized that a
phantom thief could

90
00:06:09,839 --> 00:06:13,519
theoretically slip a microscopic
needle through the plastic bag

91
00:06:13,519 --> 00:06:16,399
to manipulate the card without
leaving a tear.

92
00:06:16,399 --> 00:06:20,240
The second safe is opened next.

93
00:06:20,240 --> 00:06:23,519
Inside is the master lockbox.

94
00:06:23,519 --> 00:06:26,079
It is designed to
self-destruct.

95
00:06:26,079 --> 00:06:30,560
If someone tries to cut it,
freeze it, heat it, or even

96
00:06:30,560 --> 00:06:34,720
shake it too hard, it will
instantly wipe its own memory.

97
00:06:34,720 --> 00:06:37,279
Next to it is a laptop.

98
00:06:37,279 --> 00:06:39,759
This laptop has no hard drive.

99
00:06:39,759 --> 00:06:41,680
It has no battery.

100
00:06:41,680 --> 00:06:44,399
It has no memory of its own.

101
00:06:44,399 --> 00:06:48,480
It's completely air gapped,
ensuring the master key can

102
00:06:48,480 --> 00:06:50,240
never ever touch the internet.

103
00:06:50,240 --> 00:06:53,759
It doesn't even have a tiny
backup battery to keep its

104
00:06:53,759 --> 00:06:55,199
internal clock running.

105
00:06:55,199 --> 00:06:58,800
When it's plugged into the
wall, the time has to be set

106
00:06:58,800 --> 00:07:03,040
manually using an isolated
drifting wall clock that has

107
00:07:03,040 --> 00:07:05,519
been hanging in the room for
over a decade.

108
00:07:05,519 --> 00:07:10,800
The ceremony script actually
refers to this clock as the

109
00:07:10,800 --> 00:07:16,160
quote, "reasonably accurate
clock visible to all in Tier 4

110
00:07:16,160 --> 00:07:18,240
(Key Ceremony Room)".

111
00:07:18,240 --> 00:07:23,680
These are hyper serious
security measures that border on

112
00:07:23,680 --> 00:07:24,800
hallucination.

113
00:07:24,800 --> 00:07:29,199
But because they're performed
by humans, they're imperfect.

114
00:07:29,199 --> 00:07:36,160
During a ceremony in 2014, a
security controller accidentally

115
00:07:36,160 --> 00:07:38,800
slammed the door of the safe
too hard.

116
00:07:38,800 --> 00:07:42,399
It triggered a seismic sensor,
which immediately triggered the

117
00:07:42,399 --> 00:07:43,759
automatic door locks.

118
00:07:43,759 --> 00:07:47,439
The administrators and the key
holders were suddenly trapped

119
00:07:47,439 --> 00:07:49,199
inside the metal cage.

120
00:07:49,199 --> 00:07:54,639
They stood there in quiet panic
for six minutes until someone

121
00:07:54,639 --> 00:07:57,279
finally triggered an evacuation
alarm.

122
00:07:57,279 --> 00:08:01,279
The sirens blared and everyone
piled into the hallway.

123
00:08:01,279 --> 00:08:04,959
They ate Oreos and Cheez-Its
until the system reset.

124
00:08:04,959 --> 00:08:10,959
In 2020, the sophisticated lock
on one of the safes simply

125
00:08:10,959 --> 00:08:11,600
broke.

126
00:08:11,600 --> 00:08:15,439
A certified locksmith had to be
called in, and the people

127
00:08:15,439 --> 00:08:18,959
holding the keys to the internet
had to sit around for over 20

128
00:08:18,959 --> 00:08:22,560
hours while a guy with a drill
tried to bust open the door.

129
00:08:22,560 --> 00:08:27,120
There are also backup key
holders.

130
00:08:27,120 --> 00:08:31,279
People entrusted with smart
cards containing a fragment of

131
00:08:31,279 --> 00:08:35,600
code needed to rebuild the key
generating machine from scratch

132
00:08:35,600 --> 00:08:38,399
in case something calamitous
happens.

133
00:08:38,399 --> 00:08:42,080
Once a year, these people take
a photograph of themselves

134
00:08:42,080 --> 00:08:46,720
holding their key next to that
day's newspaper, just to confirm

135
00:08:46,720 --> 00:08:48,000
that all is well.

136
00:08:48,000 --> 00:08:53,039
The room also needs to be kept
clean, but cleaners aren't

137
00:08:53,039 --> 00:08:54,240
allowed inside.

138
00:08:54,240 --> 00:09:00,639
Anne-Marie Eklund Löwinder was
known for meticulously vacuuming

139
00:09:00,639 --> 00:09:03,360
the room with a $20 dustbuster.

140
00:09:03,360 --> 00:09:08,879
After the room is clean and the
cage is unlocked, everything is

141
00:09:08,879 --> 00:09:10,559
laid out on a table.

142
00:09:10,559 --> 00:09:12,799
Cameras are recording.

143
00:09:12,799 --> 00:09:20,000
The encrypted requests are
loaded via a USB drive.

144
00:09:20,000 --> 00:09:22,320
The smart cards are inserted.

145
00:09:22,320 --> 00:09:25,519
This process takes time.

146
00:09:25,519 --> 00:09:29,679
In all, the ceremony usually
takes roughly four to five

147
00:09:29,679 --> 00:09:30,320
hours.

148
00:09:30,320 --> 00:09:35,600
But then it's time for the
final command.

149
00:09:35,600 --> 00:09:39,759
The Ceremony Administrator
types a single letter.

150
00:09:39,759 --> 00:09:42,159
Y for yes.

151
00:09:42,159 --> 00:09:46,960
With that single keystroke, the
dramatic portion of the

152
00:09:46,960 --> 00:09:48,240
ceremony ends.

153
00:09:48,240 --> 00:09:52,240
The root of the internet is
cryptographically signed.

154
00:09:52,240 --> 00:09:54,879
The directory is authenticated.

155
00:09:54,879 --> 00:09:59,200
And the digital world is
secured for a few more months.

156
00:09:59,200 --> 00:10:02,960
The logs are printed.

157
00:10:02,960 --> 00:10:08,240
The smart cards are sealed back
into new tamper-evident bags.

158
00:10:08,240 --> 00:10:11,679
The heavy safes clang shut and
are locked.

159
00:10:11,679 --> 00:10:15,440
And the crypto officers scatter
back across the globe,

160
00:10:15,440 --> 00:10:17,600
returning to their normal lives.

161
00:10:17,600 --> 00:10:23,200
We like to think the internet
is a machine.

162
00:10:23,200 --> 00:10:28,399
An indestructible web built on
software, mathematics, and fiber

163
00:10:28,399 --> 00:10:29,759
optic cables.

164
00:10:29,759 --> 00:10:31,759
But it isn't.

165
00:10:31,759 --> 00:10:36,240
It is a fragile thing held
together by strangers.

166
00:10:36,240 --> 00:10:40,720
Strangers who pack their bags
four times a year, who fly

167
00:10:40,720 --> 00:10:44,799
across oceans to sit in a
windowless room, who submit

168
00:10:44,799 --> 00:10:48,960
their eyes to scanners, and turn
metal keys in unison.

169
00:10:48,960 --> 00:10:53,440
They don't do it because the
code requires an audience.

170
00:10:53,440 --> 00:10:55,519
They do it because we do.

171
00:10:55,519 --> 00:10:59,519
Because we need to know that
someone is out there in the

172
00:10:59,519 --> 00:11:03,840
dark, calling out the passwords
and making sure the gates are

173
00:11:03,840 --> 00:11:05,519
locked until morning.

174
00:11:05,519 --> 00:11:12,080
I'm Daina Bouquin, and this is
Lore in the Machine.