The libertarianism in the Internet

The Thinker by Rodin

It can be dangerous when politicians open their mouths. In the case of Donald Trump, it’s because he spews hatred and racism and has gathered support from a lot of dittoheads for doing so. But in one way both he and Hillary Clinton have something in common: they don’t really understand the Internet. It would have been wise to defer saying anything at all when you really don’t know what you are talking about.

Trump’s mistake was saying that he was open to closing parts of the Internet as part of the war on the Islamic State, a war that has never been officially declared. I can give Trump only half a demerit because he was prompted by CNN’s Wolf Blitzer’s question, which asked if he would do this, and it’s really a trick question. If Trump knew what he was talking about he’d have said, “Well, of course that’s not possible.” Hillary Clinton opened her mouth a bit too wide in last Saturday’s debate she said that some sort of Manhattan-like project could allow the government to decrypt messages while ensuring everyone’s privacy. But at least she said, “I don’t know enough about the technology”. So a point to her for honesty.

If you want to kill the Internet, kill all the people. Even that won’t work immediately. All those routers would still be moving data around, but no one would be around to read any of it so it would effectively be dead. Why is this? It’s because the Internet was designed to be resilient and effectively unstoppable. What secret communist organization was responsible for such a nefarious deed? Why, that would be the United States Department of Defense. More specifically, it was DARPA: the Defense Advanced Research Projects Agency, known back in the 1960s when it was creating the Internet as ARPA.

And it made sense. At that time, the Internet was not envisioned to be a global network for just anyone, but it was designed to make sure that defense establishments and universities doing defense work could chat with each other electronically and move files around this way. The architecture that was designed ensured that if one path between sender and receiver was down or slow, some other path would be chosen instead. The message had to get through. On the plus side, at least in its initial phases, the Internet was all plain text. Encryption was not a worry because it was not a classified network, but where it was a worry secure lines were leased from the telephone company.

Today’s Internet is basically the old ARPANet’s infrastructure from the 1970s open to everyone. Everyone used it because it was the only model out there but also because it was noncommercial and standards-based. Some private networks from the distant past you may remember tried to do something similar: Compuserve and AOL were two that discovered it could not compete with the awesomeness of the real Internet, once people could access it.

We can’t shut down the Internet on the Islamic State. We can certainly make it more difficult but alas, as the Internet has evolved, so too have the ways to transmit and receive signals. In the old ARPA days I’m pretty sure the only way was to lease lines from AT&T. Today the Internet goes across virtually all data networks. Shut down the Islamic State’s landlines and they will use cell towers. Take down cell towers and maybe they will use microwave relays or satellite dishes. Take down the dishes and they can use portable satellite phones. In any event there are plenty of IS-related terrorists not actually in the Islamic state and they can chat between themselves, it’s just that they will have an easier time of it than those in the Islamic State.

Those of you out there wondering what a libertarian world might look like can see it in the Internet. The Internet excels at fast and disparate information sharing. It also excels in being able to get its messages through come hell, high water or terrorists. No one back in the 1960s could project what the Internet would morph into, but it was all based on protocols that from day one were open and designed to move data quickly. These protocols can be changed, but only in an evolutionary manner if they become a consensus adaptation. Even so, the old protocols will continue to traverse the Internet and all that is needed is the software to send or receive Internet Protocol (for packets) and Transmission Control Protocol (for a message made up of packets). And TCP/IP protocol is built into virtually every computer that communicates with another computer, not to mention all the switches and routers between sender and receiver.

Obviously this architecture has some problems, which are not problems if you are a libertarian. You want the free flow of information and you don’t want government controlling or monitoring it. The good part is the enormous amount of information sharing that occurs that makes our lives such much more interesting and rewarding. The bad side is it empowers terrorists, child pornographers and general criminals to do the same thing.

As for encryption, this is not something where you can have your cake and eat it too. The NSA cleverly put in encryption backdoors into products sold by most of these encryption devices. The encryption industry is now onto this. Tech savvy criminals have already found solutions like OpenPGP, which can likely keep the NSA from eavesdropping, at least in real-time. The government is getting better and faster at decrypting messages by throwing massive parallel computers to decrypt them. Moore’s Law is making it possible to decrypt almost any message without waiting for days, months or years for an answer. Obviously the NSA needs to be pretty selective when they throw these sorts of resources onto decrypting a message.

There is no “let’s have our cake and eat it too” solution to decrypting intercepted messages in real-time. The NSA with its private-key backdoors already tried it, but that’s not an issue if you use devices that don’t have these backdoors. Like it or not, the Internet is must-have technology and it will be used for purposes both good and bad. There is no tech fix to these problems.

However, a social strategy will help somewhat. Encouraging good citizens to rat on their fellow citizens they suspect of illegal use of the Internet is probably the only pragmatic way to address this issue. In that sense, the libertarians, courtesy of the U.S. Department of Defense, have already won.

Why do we want to put Edward Snowden in prison?

The Thinker by Rodin

That’s the question that I have been asking myself lately. Okay, perhaps shortly after his arrest, I thought that he deserved to be locked up, maybe for life. He was, after all, a contractor working for the National Security Agency. He took an oath that he would not disclose any classified information. He knew what the penalties were for disclosing the information, and the penalties for treason could not be more severe. Moreover, shortly after giving his interview to the German magazine Der Spiegel, he hightailed it from his staging area on Hawaii to Hong Kong to evade justice, even though he never hid his identity from the paper or the press. That’s pretty cowardly. Case closed, right? Try him, send him to prison and probably throw away the key.

I will grant you that he did disclose a lot of sensitive information, and quite likely a lot of information that puts our national security in some danger. If nothing else, foreign governments now know what the NSA can do. It sure surprised the hell out of me, so it must have been a wakeup call to governments everywhere. The KGB in its glory days could not begin to envision this level of intimate knowledge about citizens and visitors that the NSA now routinely collects and files.

With every new revelation, the more grateful I am to Edward Snowden for his deed. Thanks to Snowden we now know the true size and capabilities of our surveillance state, and it is more than Big Brotherish than even those of us who are technology savvy could imagine. It is truly frightening. The NSA can record pretty much all email communications within the United States and much of it outside the United States as well. It can and is capturing much of our browsing behavior (metadata). It also has the capability of capturing phone records, text messages, tweets (well, at least those are public) and instant messages. It can record our phone calls. It can trace our behavior over a long period of time. It can see three or more levels of relationships deep, and see which friends of our friends might be chatting with someone they think is suspicious, which makes us suspicious to them.

And just when you think it can’t get worse, most recently we have learned that the NSA has figured out how to read most of our encrypted communications. A lot of it is done with backdoors to encryption algorithms that apparently allows them to easily decrypt a message, which means they were involved in setting encryption standards and twisted the arms of vendors publishing these algorithms to give them surreptitious backdoors. Moreover, they must have invested in huge numbers of supercomputers to quickly decrypt those remaining algorithms they could not easily crack.

There is no way that this could possibly pass constitutional muster, but it was aided and abetted by a secret court which agreed (in secret) that it could not possibly police the NSA’s conduct. It depended on the NSA to tell it when they had slipped up, and that’s the only way we’d even know about some of this unconstitutional behavior, and only then because someone blabbed. The inference is hard to miss. There is probably a lot more we don’t know about the NSA that Snowden didn’t know about. The NSA has implemented eighty percent of a perfect intelligence state, it just hasn’t told the public or most of Congress. We would likely never have known any of this had Snowdon not decided to reveal the truth.

Snowdon is technically a criminal, but he is also a hero and a patriot. He has exposed the truth to the public, which is justifiably outraged by the NSA’s actions. If there is one thing I have learned as a federal employee, it’s that whistleblowers rarely get off scot-free. The whistleblower law is routinely ignored. If you are a federal employee and blow the whistle on illegal behavior, you certainly won’t be rewarded. Almost certainly you will be cut off at the knees. The Washington Post ran a recent story of some of these whistleblowers, some of who have had their pensions stripped from them, pensions earned over decades of federal service for which they contributed much of their own money.

Snowden was not a federal employee, but a contractor, but he was definitely a whistleblower. I don’t blame him for going on the lam, because even if he wasn’t dealing with classified information disclosing something similar to this would mean the bureaucracy would go after him in ways legal and illegal. Because he did have access to classified information, it becomes a criminal matter. It’s clear that the national security establishment from the president on down wants to try him and give him the severest form of punishment. Since his behavior is considered treasonous, he could be executed.

Snowden knew all this but chose to disclose the NSA’s illegal behavior anyhow. For those of us who value our lives, it was an irrational thing to do. Still, that he chose to do it strikes me as the actions of a man of deep principle. He strikes me as someone who takes our constitution at its face value and realized these actions by the NSA were unconstitutional. This was not the act of an evil man; it was the act of a man with a profoundly moral conscience. Snowden realized that the greater evil was suppressing this unconstitutional behavior. He hasn’t made a dime from his revelations.

So now we know. I for one am glad to know and thus grateful to the man. It was not our national security that was damaged. It was our constitutional democracy that was damaged, and this secret surveillance court is a sham. Moreover, our national security means nothing if our constitutional democracy is a sham. Our government is not being governed in accordance with the clear intent of our constitution. In particular, the NSA is riding all over the Fourth Amendment, which prohibits unreasonable searches and seizures. There is simply no tortured reasoning of the NSA’s behavior that can possibly make this behavior constitutional. And through a secret surveillance court packed with pro national security judges, no way to address this behavior because simply doing so publicly endangers national security. It was a classic Catch-22. The only way out of it was to be technically unlawful but adhere to the meaning of the law, which is what Snowden did.

Now at least we have the opportunity to tell Congress and the president to fix this. We now can demand accountability and transparency, something even President Obama seems willing to do to some degree. None of it would have happened without Snowden’s daring and many would argue reckless act.

Edward Snowden is a hero. He should not be tried. The president should issue a blanket pardon for his actions. He should be provided with Secret Service protection when he comes back to the United States so he can live the life of a free man because there will be a target on his back for quite a while. We should hold parades to honor him and he should even get the Medal of Freedom. President Obama should admit he was wrong to authorize this behavior. He should invite Snowden to become part of a group of citizens that monitors the NSA’s behavior. This would be true justice. Then those of us who take our constitution seriously might actually begin to trust our government again.

It’s not paranoia if they really are out to spy on you

The Thinker by Rodin

President Obama says that no one is reading your email. Maybe not in my case because most of my email is not particularly interesting, but I sure as heck don’t like that the government is collecting huge amounts of metadata about me. Metadata (data about data) is really equally as interesting, if not more so, than actual emails and Facebook posts that you make.

Supposedly a secret court oversees all this. But it’s not a good omen when this court rejects only a handful of requests a year, and approves thousands of others. It’s not comforting to know that Big Brother is indeed watching me to keep me safer and that President Obama is as complicit in this mess as everyone else. Most of Congress has little idea what is going on, and those that do are sworn to secrecy. Being vested members of the system, they will have a natural tendency to think that government’s security needs will trump your right to privacy in your daily affairs.

I could possibly be okay with non-US citizens being monitored by the government but not me, no way, not without my explicit consent. I am a citizen, and I have freedoms and an inherent right to privacy. It’s in the Bill of Rights: freedom from unreasonable searches and seizures, a.k.a the Fourth Amendment. Any Supreme Court worth its salt would reject Project Prism, identified in leaks by Edward Snowden, as wholly unconstitutional. But it is clear that the NSA is sniffing pretty much every packet of data it can get its hands on, not to mention telephone records, and putting all the metadata into huge hosting centers, and maybe your data as well. It’s not even clear that even with a legal prohibition they would actually stop.

Like many Americans I will be working to enact laws to get the government out of the proactive data collection business of U.S. citizens altogether. I have to admit that the probability of my success is rather low, but it would help dear reader if like me you holler like hell at your elected officials. They need to understand that this is not acceptable at all. And if you are cool with the government reading your email and tracking your online behavior then by all means give them permission to do so. I never did.

There have been a number of depressing articles recently about just how easily the government can collect information about us. Of course, it is not just the government. We are already deeply in bed with services like Google that make fabulous search engines and great email in the cloud products, while developing uncannily eerie portfolios of our behavior more valuable than years of babbling to a clinical psychologist.

If like me you are fed up, you might try a few ways of fighting back. Here are some I know about from reading, my experience and that very useful course I took on networking in graduate school.

First off: email. I am guilty of using Gmail. It sure is convenient to have a decade or so of email in the cloud, accessible anywhere I go. However, if you really want private email, you are going to have to pay for it. More importantly, you need an email host not located in the United States. This way when they get a subpoena from a U.S. court they can just laugh. You pay them so they don’t start serving you advertisements and developing their own psychological profile of you. There is no completely risk free solution, but you need to avoid all the cloud email services and that includes GMail, Yahoo Mail, MSN, Hotmail and the like. Here’s one to try: hushmail.com. They are located in Canada and all email is sent via Secure Socket Layer (https). You can use their free web email but if you prefer secure POP or IMAP access, you got to pay them. Their premium package is $34.99 a year. It’s money well invested. Of course they do have some limitations. You can’t use it for sending out spam or for any illegal purpose, at least for any illegal purpose applicable in British Columbia. And for their free web mail, if you don’t log in at least every three weeks, they’ll remove your account. If you do have a hushmail.com or similar type of account, don’t advertise it on your web site or business cards. You don’t want the NSA to associate you with it.

Like to instant message? Don’t particularly like having the NSA able to listen in? What you need to do is nag your chat partners to use encryption. Of course many providers already provide that, but if they can decode it on their servers when sending it between parties then you are vulnerable. You need a chat client with OTR (“off the record”) functionality. Basically you and your recipient exchange cryptographic keys each of you generate and trade them using the protocol. It takes a little bit of effort and you may have to convince your friend to use Adium (Mac) or Pidgin (PC and other operating systems), and then show them how to use OTR. It’s a relatively painless one-time thing between two parties. Your instant messaging provider won’t be able to decrypt it, and neither will the NSA.

Who doesn’t like surfing the web? You may not like it as much if you can’t use your favorite browser, but if you can deal with Firefox you can install TOR, a browser endorsed by Edward Snowden himself. TOR is a customized version of Firefox with privacy enhancements, so it is built on top of an open-source browser. Essentially it proxies traffic between frequently changing servers, making it hard if not impossible for your browsing to be associated with your address on the Internet. I tested it yesterday. I admit it is a bit slower working through a proxy and some of the security features are annoying (it doesn’t want to retain links or easily import bookmarks). But used religiously and you will seem a G-rated person to the NSA even if you live an R-rated life.

Like your cellular phone service but want it secure? Look into Silent Circle. You can also use it for secure messaging, video chats and email. Also look at Redphone software. Curiously, Redphone was developed with your tax money.

What else can you do? If you don’t like turning over private aspects of yourself you could be very brave and delete your Google, Yahoo and other cloud-based accounts. Remember, the government could request these services to give you all their metadata. I’ll grant you that deleting these accounts is hard because they are so convenient. So save those services for the truly vanilla stuff you wouldn’t mind putting on a postcard.

On my list of things to do is getting rid of accounts on sites that provide specialized services. I mentioned mint.com earlier this year. It’s a neat site but it knows too much about me, including all my account numbers and passwords. It’s going to get deleted soon. I’ll keep my financial stuff in Quicken on my home computer. I’ll backup my files to a spare external hard disk, which is easy enough using my Mac and TimeMachine.

Six years ago I mentioned TrueCrypt. It’s a great way to encrypt your whole hard drive, so even the NSA can’t read it. With many operating systems you can do this with a simple command or two. Look into it.

Mobile devices have all sorts of security issues. At a minimum you can try to use secure socket layer when communicating. Many of the solutions I mention above have mobile equivalents. Use them if you can or keep your mobile life boring and G-rated.

Thanks to Edward Snowden, our worst fears have been confirmed. There is no reason to let the government know more about you than your spouse, but that potential is there. You are being sniffed, cataloged, indexed and, perhaps without a court order, having your digital content analyzed for subversive behavior or anything the government wants to learn about you. Join me in yelling like hell but don’t be a patsy either. Do what you can to keep the government out of your digital life.