Home     Writers     Op/Ed     Book Reviews     News     Bookstore     Photoshops     Submit     Search     Contact Us     Advertise  
  You are here: 

Sat

08

Nov

2008

Britain’s Digital Surveillance: Hiding from Her Majesty’s ‘Black Boxes’
Saturday, 08 November 2008 23:28
by Christopher Parsons

There are plans to deploy ‘black boxes’ in UK ISPs’ networking hubs so that the government can capture and record every website that UK citizens visit. A similar operation is in full swing in the United States, where the NSA has hooked up their own ‘black boxes’ to American Internet Service Providers’ (ISPs) networks to capture ‘questionable content’ passing through these networks. Unlike the Americans, who only examine questionable content, the UK government is planning to develop a database to hold the contents of all messages passing along their nations’ telecommunications networks.

While this issue has recently been sensationalized in the media, I have yet to find a source addressing the actual technologies that will (likely) drive these ‘black boxes’. I want to address that deficiency, calling attention to the Deep Packet Inspection (DPI) technologies that will presumably be responsible for examining, categorizing, and heuristically evaluating the data flowing across British ISPs’ networks. In this piece, I want to briefly explain how DPI technology works, its technical limitations, and modes of actively evading its surveillance powers. Evading DPI-enabled surveillance is essential to participate in free, unsurveyed discourse in the contemporary digital environments that Western citizens find themselves within.

DPI Technologies

ISPs are uniquely situated to survey all of the data traffic that their customers are involved in. ISPs, unlike Google, Yahoo!, or Microsoft, act as gateways that individuals must pass through to access the Internet-at-large. Thus, any attempt to comprehensively survey an individual’s online activities must occur at the ISP-level. While simultaneously monitoring millions of customers might seem a Herculean task, or one firmly situated in the realm of science fiction, networking hardware vendors such as Cisco, L-1, Ellacoya Networks, and Procera Networks have risen to the challenge, producing devices that can survey, filter, alter, and censor content in real time, as it passes through ISPs’ networks.


Packets of data traversing the Internet are composed of two parts: a header and a payload. The header holds the general addressing information – where the packet is going, what order it should arrive at its destination in, and so on. The payload holds information about the application that sent the packet, as well as the particular contents of the packet itself – in the case of email, each packet holds the address that it should be delivered to, a bit of information that notes that an email application sent the packet, and some of the email’s text. Metaphorically, a packet can be thought of in the terms of postal mail: the header corresponds with the address on the outside of the envelope, and the payload the letter itself.

DPI equipment lets ISPs examine the header information as well as the payload. This means that ISPs can examine the text of email, instant messages, cellular phone text messages, and unencrypted Voice over Internet Protocol (VoIP) communications, in real time, as these messages are transmitted. Given the present state of available networking equipment that the world’s networking vendors have made available to the market, I strongly expect that the UK government’s ‘Black Boxes’ are, in essence, DPI devices that capture data as it moves across UK ISPs’ networks, and will transmit the contents of those packets to government databases while analyzing packets’ contents to identify if they are carrying ‘questionable’ payloads.

The Effectiveness of DPI

The Internet Evolution actually tested DPI equipment provided by Ellacoya and Ipoque earlier this year. In their tests, they found that these vendors' devices could not filter ‘unwanted’ content 100% of the time – the applications targeted by the devices continued to function, although at reduced speeds, in spite of the censoring and filtering heuristics that the devices employ. This suggests that attempting to capture unencrypted Voice over Internet Protocol conversations, as an example, will never be fully successful because some packets associated with a conversation will not be correctly identified, captured, and saved in meaningful ways by the UK government’s ‘black boxes’. Moreover, and pertaining to the following section, the tests that the Internet Evolution performed suggest that data-encryption strategies can prevent the capture and filtering of data traffic.

Evading DPI Surveillance


It seems that every day we hear about a new data scandal in the UK; some new database is accidentally leaked, putting the information of hundreds, thousands, or millions of UK citizens at risk of being used for nefarious purposes. The suggestion that all citizens’ digitized conversations and online actions be captured and stored by the UK government only heightens worries: what will happen when (not if) this proposed database is breached? How much information will be accessible to criminals?

Fortunately, UK citizens can prevent their government’s DPI equipment from ever capturing conversations or online actions, and thus simultaneously limit exposure to the risks of identity theft and ubiquitous government surveillance. A core weakness of DPI equipment is that it cannot read the contents of fully encrypted communications. This means that when you send or receive encrypted data packets that the government’s devices will be unable to capture the contents of your email, your VoIP sessions, or your instant messages.

Encryption isn’t something that is terribly hard to set up; Voltage Security has a product that will let Windows users encrypt their sent email at a low annual cost. By default, Skype encrypts its data traffic to prevent surreptitious snooping of your private conversations, actually providing more privacy than talking on the phone. When it turns to instant messaging, there are several open source clients such as Trillian (for Windows) and Adium (for OS X and Linux) that have built-in encryption and compatibility with all major messaging services. Finally, when browsing websites, access the ‘https’ versions of the sites whenever possible to encrypt data traffic to and from the websites.

Why Hide from Her Majesty?


You may be asking: why should I bother with this encryption nonsense? I don’t have anything to hide – as a law-abiding citizen I find it offensive, but not necessary ‘dangerous’, that my government is snooping on me. Only criminals have something to hide!

The collection and centralization of large amounts of personal data gives criminals a single point that they can attack to access to vast swathes of information about law-abiding citizens. As the UK government persistently demonstrates, it cannot be trusted to secure the citizen data that it holds. By continuing to predominantly send unencrypted messages, you greatly enhance the chances that your personal information could be used to open lines of credit, create phony identification documents, and generally cause mischief in your good name. Encrypting your data, hiding your personal thoughts and communications from the proposed UK ‘black boxes’, is essential to prevent your identity being stolen, and ensures that you can continue to engage in free speech without worrying feeling the chilling effects of persistent government surveillance. Protecting your communications isn’t about hiding because you’re a criminal: it’s about limiting criminals from taking advantage of your good name while protecting your enshrined right of free speech.

Christopher Parsons is a PhD student in the Department of Political Science at the University of Victoria researching ubiquitous digital surveillance, and is a member of the New Transparency Project. He blogs at http://www.christopher-parsons.com.
More from this author:
Driving Your Liberties Away: Biometrics and ‘Enhanced’ Drivers Licenses (7278 Hits)
by Christopher Parsons Privacy advocates across Canada have been struggling to prevent the Ontario provincial government from passing...
Now Showing: The EDL Security Show (3863 Hits)
by Christopher Parsons We’re paying for a high-tech Broadway show that’s themed around ’security’, but we’re actually...
Related Articles:
Why Bush wants immunity from prosecution for war crimes (239227 Hits)
Although not as widely remarked as the elimination of habeas rights and the consecration of torture, the recently passed Senate torture legislation...
More “Culture Wars” Gibberish from nutcase David Brooks (11528 Hits)
Most of us know David Brooks as the balding goofball on “The Jim Lehrer News Hour” who shrugs his shoulders and giggles gleefully whenever...
"Boiling Point" - Eroding Freedom: From John Adams to George W. Bush (13296 Hits)
Put a frog into a pot of boiling water, the well-known parable begins, and out that frog will jump to escape the obvious danger. Put that same...
Mosaic TV - World News from the Middle East (14364 Hits)
Mosaic features selections from daily TV news programs produced by national and regional broadcasters throughout the Middle East....
From Liberating Spirituality to Oppressive Dogma: The Politics of Religion (18242 Hits)
By Mel Seesholtz, Ph.D. Spirituality is intrapersonal. It’s a liberating and uplifting awareness. It nurtures personal growth. It inspires...


Add this page to your favorite Social Bookmarking websites
Trackback(0)
Comments (0)add comment

Write comment
smaller | bigger

busy
 

adsense

Top