<nettime> Surveillance Valley - a polemic review

[Carsten Agger <agger@modspil.dk>]

*http://blogs.fsfe.org/agger/2018/04/05/surveillance-valley-a-review/*

*
*

*Note: */This is a review of Yasha Levine's Surveillance Valley. I did 
not buy this book on Amazon, and if, after reading this post, you 
consider buying it, I strongly urge you not to buy it on Amazon. Amazon 
is a proprietary software vendor and, more importantly, company with 
highly problematic business and labour practices. They should clean up 
their act and, failing that, we should all boykot them. /
//Most of us have heard that the Internet started as a research project 
initiated by the ARPA, the Advanced Research Projects Agency, an agency 
under the US military conducting advanced research, especially focusing 
on counter-insurgency and future war scenarios. A common version of this 
story is that the Internet was originally intended to be a decentralized 
network, a network with no central hub necessary for its operation, 
where individual nodes might be taken out without disrupting the 
traffic, which would just reroute itself through other nodes. A TCP/IP 
network may indeed work like that, but the true origins of the Internet 
are far darker.
In the 1940′s and 50′s, Norbert Wiener’s theory of /cybernetics/ became 
very popular. Wiener was a mathematician who worked for the American 
military during WWII. The gist of cybernetics is that all systems 
maintain themselves through feedback between their elements. If one 
could understand the nature of the feedback that keeps them stable, one 
could predict their future behaviour. The beauty of this theory is that 
systems could consist of human beings and machines, and it did not in 
fact matter if a given element was one or the other; as the systems were 
supposed to stabilize naturally just like ecosystems, it should be 
possible to set down mathematical equations they’d need to fulfill to 
serve their role in the system.
This theory was criticized, in fact even by Wiener himself, for reducing 
human beings to machines; and the analogy to ecosystems has proven 
false, as later biological research has shown that ecosystems do /not/ 
tend to become stable – in fact, they are in constant change. In the 
50s, however, this theory was very respected, and ARPA wanted to utilize 
it for counterinsurgency in Asian countries. For that purpose, they 
started a detailed anthropological study of tribes in Thailand, 
recording the people’s physical traits as well as a lot of information 
about their culture, habits and overall behaviour. This intention was to 
use this information in cybernetic equations in order to be able to 
predict people’s behaviour in wars like the Korea or, later, the Vietnam 
war.
In order to do this, they needed computation power – a lot of it. After 
the Soviets send up the Sputnik and beat the Americans to space, there 
was an extraordinary surge of investments in scientific and engineering 
research, not least into the field of computers. In the early 60′s, 
psychologist and computer scientist J.R.C. Licklider proposed “The 
Intergalactic Network” as a way to provide sufficient computation power 
for the things that ARPA wanted to do – by networking the computers, so 
problems might be solved by more computers than the user was currently 
operating. In doing so, Licklider predicted remote execution, 
keyboard-operated screens as well as a network layout that was 
practically identical to (if much smaller than) the current Internet. 
Apart from providing the power to crunch the numbers needed to 
supposedly predict the behaviour of large populations for 
counterinsurgency purposes, the idea that such a network could be used 
for control and surveillance materialized very early.
In the 1990s, the foundations of the company currently known as Google 
was created in Stanford Research Institute, a university lab that had 
for decades been operating as a military contractor. The algorithmic 
research that gave us the well-known Page Rank algorithm was originally 
funded by grants from the military.
From the very beginning, Google’s source of income was mining the 
information in its search log. You could say that from the very 
beginning, Google’s sole business model has been pervasive surveillance, 
dividing its users into millions of buckets in order to sell as 
fine-tuned advertising as possible.
At the same time, Google has always been a prolific military contractor, 
selling upgraded versions of all kinds of applications to help the US 
military fight their wars. As an example, Google Earth was originally 
developed by Keyhole, Inc. with military purposes in mind – the military 
people loved the video game-like interface, and the maps and 
geographical features could be overlaid with all kinds of tactical 
information about targets and allieds in the area.
More controversially, the TOR <https://www.torproject.org/> project, the 
free software project so lauded by the Internet Freedom and privacy 
communities, is not what it has consistently described itself as. It is 
commonly known that it was originally commissioned by a part of the US 
Navy as an experimental project for helping their intelligence agents 
stay anonymous, but it is less known that Tor has, since its inception, 
been almost exclusively financed by the US government, among others 
through grants from the Pentagon and the CIA but mainly by BBG, the 
“Broadcasting Board of Governors”, which originated in the CIA.
The BBG’s original mission was to run radio stations like Voice of 
America and, more recently, Radio Free Asia, targeting the populations 
of countries that were considered military enemies of the US. Among 
other things, BBG has been criticized for simply being a propaganda 
operation, a part of a hostile operation against political adversaries 
<https://en.wikipedia.org/wiki/Radio_Free_Asia#Criticism>:
Wherever we feel there is an ideological enemy, we’re going to have a 
Radio Free Something (…) They lean very heavily on reports by and about 
dissidents in exile. It doesn’t sound like reporting about what’s going 
on in a country. Often, it reads like a textbook on democracy, which is 
fine, but even to an American it’s rather propagandistic.
One could ask, what kind of interest could the BBG possibly have in 
privacy activism such as that supposedly championed by the Tor project? 
None, of course. But they /might/ be interested in providing dissidents 
in hostile countries with a way to avoid censorship, maybe even to plot 
rebellion without being detected by the regime’s Internet surveillance. 
Radio Free Asia had for years been troubled by the Chinese government’s 
tendency to block their transmission frequencies. Maybe Tor could be 
used to blast a hole in the Great Chinese Firewall?
At the same time, Tor could be used by operatives from agencies like the 
CIA, the NSA or the FBI to hide their tracks when perusing e.g. Al Qaeda 
web sites.
But, if the US government promotes this tool to dissidents in Russia, 
China or Iran as a creation of the US government – why would they trust 
it? And, if an Al Qaeda site suddenly got a spike of visitors all using 
Tor – maybe they’d figure it out anyway? Wouldn’t it be nice if millions 
of people used Tor because they thought they were “sticking it to the 
man” and “protecting their privacy”, giving legitimacy with respect to 
the dissidents and cover to the agents?
And so, Tor the Privacy Tool was born. People were told that if they 
used Tor and were careful, it was cryptographically impossible that 
anyone should know which sites they were visiting. Except for the fact 
that Tor has all the time had serious (unintentional) weaknesses which 
meant that hidden services might have their IP exposed and web site 
visitors might, with some probability, be identified even if they were 
using Tor correctly. And using Tor correctly is already very difficult.
Yes, someone like Edward Snowden who knew about its weaknesses and had 
considerable insight into its security issues could indeed use Tor 
safely to perform his leaks and communicate about them, for a short 
while. But advising people in repressive societies with no technical 
insight who may have their lives at stake doing really serious things in 
repressive regimes to rely on this tool might be … completely 
irresponsible. Like sending someone in battle with a wooden toy gun.
And maybe, just maybe, the American government was happy enough letting 
these pesky privacy activists run around with their wooded toy gun, 
courtesy of Uncle Sam, instead of doing something stupid like demanding 
effective regulations 
<https://www.theguardian.com/commentisfree/2018/apr/03/facebook-abusing-data-law-privacy-big-tech-surveillance>. 
And who better to evangelize this wooden toy gun but Jacob Appelbaum, 
the now-disgraced Tor developer who toured the world pretending to 
“stick it to the Man”, all the while working for a military contractor 
and netting a $100,000 paycheck directly from the American government? 
Maybe, in that sense, Tor as a privacy tool was always worse than nothing.
These are just a few of the topics covered in Yasha Levine’s new book 
/Surveillance Valley/. Levine’s idea is to cover the military roots of 
the modern computer industry, and he does that in gory and unsettling 
detail.  Apart from cybernetics, ARPA, Google and Tor he also covers the 
influence of cybernetics on the counterculture and its later history of 
WIRED magazine and the Californian ideology. It also offers a critical 
examination of the consequences of Edward Snowden’s leaks.
This is not a flawless book; Levine has a point he wishes to get 
through, and in order to get there, he occasionally resorts “hatchet 
job” journalism, painting people’s motives in an artificially 
unfavourable light or not researching his accusations thoroughly enough. 
For instance, Levine accuses Dingledine and the Tor project of giving 
vulnerabilities to the government for possible exploitation before 
making them public. The example he gives to prove that assertion is 
wrong, 
<https://securityboulevard.com/2018/03/askrob-does-tor-let-government-peek-at-vuln-info/>and 
I guess he makes the mistake because his eagerness to nail them made him 
sloppy, and because Levine himself lacks the technical expertise to see 
why the vulnerability he mentions (TLS normalization, detectability of 
Tor traffic) couldn’t possible have been unknown to others at the time.
But, apart from that, I wholeheartedly recommend the book. It tells a 
story about Silicon Valley that really isn’t told enough, and it points 
out some really unpleasant – but, alas, all too true – aspects of the 
technology that we have all come to depend on. Google, the “cool” and 
“progressive” do-good-company, in fact a military contractor that helps 
American drones kill children in Yemen and Afghanistan? As well as a 
partner in predictive policing and a collector of surveillance data that 
the NSA may yet try to use to control enemy populations in a Cybernetics 
War 2.0? The Tor Project as paid shills of the belligerent US foreign 
policy? And the /Internet itself, /that supposedly liberating tool, was 
originally conceived as a surveillance and control mechanism?
Yes, unfortunately – in spite of the book’s flaws, true on all counts. 
For those of us who love free software because we love freedom itself, 
that should be an eyeopener.
#  distributed via <nettime>: no commercial use without permission
#  <nettime>  is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: http://mx.kein.org/mailman/listinfo/nettime-l
#  archive: http://www.nettime.org contact: nettime@kein.org
#  @nettime_bot tweets mail w/ sender unless #ANON is in Subject: