Evan Buswell on Wed, 24 Jun 2009 22:49:57 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: <nettime> FW: When technology is utilized against us.


I used to work for a company that was trying to turn encryption into
a everyday user product. The problem was (and still is, for this
company) that protecting internet communication has very little
intuitive relation to protecting regular communication.

On "Get Smart", if any of you remember from late night re-runs,
there used to be this device that Maxwell Smart and the chief used
to protect their communications. It was two bubbles connected by a
little shaft, descending slowly over their heads to block all sound
from leaving. If I remember rightly, it hilariously also blocked sound
between them. But overall, a (working) device like this is what we
picture when we picture privacy. Walls have ears, so we need to make a
silencer to keep anything from getting out.

On the internet, the main problem is not actually encryption,
silencing, it is trust. We can't see each other; we have little
tangible physical relationship. Nobody can be sure whether their
messages are consistently going to the same place or not. If that
problem is not solved, then encryption is just ensuring that no other
government agents are intercepting the communication between you and
the government agent that, unbeknown to you, you are speaking to,
and is in turn speaking to somebody else on your behalf. This is the
certificate hell that all internet security has entered into. For the
company I worked for, that issue boiled down to everyone trusting the
service providing company to sort out the identity of everybody else.
And of course, the more completely the problem is solved, the more
complete control over everything that one company has, with the limit
being just about the same hypothetical vulnerability that everyone
else has sending it all in the clear and trusting the ISPs forwarding
the packets not to legally or illegally be monitoring packet flow.

Which brings me to the second point: anonymity is a very different
problem than encryption. The messages being posted from Iran are
public, by design. Because all IP records both source and destination
address, in the absence of random message delays, all that the Iranian
government has to do is monitor packet flow and correlate that with
the times when suspicious messages publicly appear. It doesn't
actually have to read anything that those packets contain. I have no
idea what "deep packet analysis" is supposed to mean, but I would
imagine that the analysis I'm talking about here is all Iran is doing.
It seems like probably all they need to do.

The real problem is that the two goals of trust and anonymity are
mutually exclusive. This is not just an internet problem. But our
perceptions of the internet obscure this especially, because in
most situations where one would want anonymity (piracy, random
one-off posts on bulletin boards, periodic lurking in chat rooms with
strangers, twittering from an ad hoc account), one more or less has
anonymity. And then in situations where one would want non-anonymity
(facebook, sometimes twitter, email, etc), one more or less knows who
one is talking to, though this latter is notoriously often broken. We
continue to be shocked by reality not matching our expectations, and
expect technology to be improved so that it will match them. But it
is not a technological problem, nor a problem which can be solved by
ditching convenience, but a fundamental problem about our togetherness
in communication.

All the twitter/facebook stuff which brings the events in Iran out
so clearly is an interesting case study about our communication.
The parts where the communication here is failing to work in the
desired way are small compared with the parts where it's functioning
as desired. Why? I certainly don't have a full answer, but I imagine
that the internet is really only one piece in the puzzle, whether or
not it's a *sine qua non*.

Evan Buswell





#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mail.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime@kein.org