Wednesday, March 01, 2006

non-story

Scare-mongering time again. What is it about the internet and technology stories that cause news programmes to fall over themselves? Newsnight on Friday presented one of the most convoluted and unfounded arguments I’ve seen recently, transformed into yet another “peer-to-peer networking/the internet is evil and helps terrorism” nebulous non-story… at least I think that was the message of the piece, beyond a engendering a vague sense of concern it was hard to tell what the point was supposed to be.

The argument went something like this:
1) Broadband user is downloading files using Bit Torrent which, apparently, now accounts for something around 30% of internet traffic.
2) User finds that his ISP is decreasing his bandwidth during peak times due to his ‘excessive’ use of his connection for Bit Torrent.
3) User resorts to encryption of Bit Torrent data so that ISP can’t scan the data packets and consequently restrict B.T. use.
4) Amount of encrypted traffic on the internet rises substantially due to the large amount of traffic from B.T.
5) Government agencies that ‘track’ (read ‘eavesdrop on’) internet traffic suddenly find that a) there’s a lot of encrypted data that’s hard for them to read and b) not much of it is of use to them.
6) Terrorists (+paedophiles +hackers etc etc, add your own hated groups here) get an easier ride as their encrypted data is well hidden amongst all the other encrypted traffic now on the net.

Phew! How’s that for a stretch of the imagination? Let’s take those points in reverse order then.

5 & 6
Here the assumption is that lots of people start encoding their data and this restricts monitoring agencies’ ability to pick out important data by checking to see if it is encrypted.

First point, they shouldn’t be reading this stuff anyway. This monitoring is conceptually no different from a ‘traditional’ wiretap or mail-scan, but as digital technology makes the process easier, automated and less invasive it seems that it’s now ok and rights of privacy can go jump. The fact that you may not care whether your email is scanned or not is neither here nor there, the point is it shouldn’t be.

Secondly, anyone trying to transmit something that is sensitive (and both terrorists and governments fall into this category) will use good encryption, and good encryption is unbreakable. A good example of this is the PGP, coded by Phil Zimmermann, which uses large encryption keys based on prime numbers. How long does it take to crack an encrypted message? On average: longer than the lifetime of the universe. Hence being able to intercept the messages seems rather a moot point (although there is the chance you might be able to gain information on the location the data was sent from, but there are again ways to conceal this).

As a vague analogy if all of this is unclear think of posting a letter. Here you have a ‘poorly’ encrypted system, a note concealed in an envelope. If someone wanted to read your message they’d be able to carefully steam open the letter, read the message, then re-seal it and send it on its way. A postcard would represent an unencrypted message, which could be easily read without any effort. A letter sealed with a traditional wax seal would represent ‘good’ encryption, there is no obvious way to get to the contents without destroying the seal and revealing that you’ve read the message (not quite the same as data encryption, but if we regard this point as rendering the message unreadable the analogy stands).

Now imagine that the government insisted that you only write postcards to people so that it could easily monitor everyone. There’d be a huge outcry, yet this is much the same as the final points in the above argument. Sending a letter without a seal would make it more difficult for you to be monitored, but not impossible. A letter with a seal, our unbreakable code, might be hidden by all the regular letters, but this will make no difference to someone agency’s ability to crack the code. Naturally the postmark will be found to be a forgery.

1 – 4
Oh my, there’s a whole other grab-bag of issues hidden up here, another glossing-over by the Newsnight report of the real concerns that should be raised here.

The obvious issue is again one of privacy, the ISP has no inherent right to scan the data you transmit and receive. Yet by looking for Bit Torrent data they are doing this, although it may be by recognition of the form of the data rather than by fully scanning the content.

Another issue is that of customer rights. If you pay an ISP for a 2mb internet connection and they restrict this connection during peak times then you’re not getting what you’re paying for. The ISP spokesperson in the report suggested that if they didn’t restrict bandwidth used by Bit Torrent then their servers would be overloaded and ‘other customers’ wouldn’t be able to access the internet. If this is the case then surely they’re selling a product they can’t support, presumably on the assumption that most people can be sold a 2mb connection but for average web-browsing only a fraction of that will be used. Thus they can save money by assuming average use, rather than maximal use. Some providers do stipulate ‘fair-use’ in their contract, but this is again a nonsense which just means that if you fully utilise what you’re paying for they can kick you off the service if they like. In this latter case, however, it is at least contractually clear what you’re getting and any limit is usually imposed in terms of a data-limit (e.g. 5Gb per month) rather than the ISP actively scanning data and preventing only services it doesn’t approve of.

The biggest issue I see is the fact that this grab-bag of points has been mutated into a bone fide news report. What is the conclusion? That whoever put this together didn’t understand anything about the issues and ideas raised. That whoever put this together didn’t have a conclusion to make. That whoever put this together just wanted a trendy, ‘whoa downloading is helping terror’ story, citizens stay at home and do nothing for your own safety. That whoever put this together was sowing the seeds for the music industry, the film industry, all the peer-to-peer cases in court… on this last I say conspiracy theorists of the world unite! Or, more aptly, journalists of the world please try and pay a little more attention to the technology stories before regurgitating a load of utter crap.

“Today, electronic mail is gradually replacing conventional paper mail, and is soon to be the norm for everyone, not the novelty it is today. Unlike paper mail, E-mail messages are just too easy to intercept and scan for interesting keywords. This can be done easily, routinely, automatically, and undetectably on a grand scale. This is analogous to driftnet fishing -- making a quantitative and qualitative Orwellian difference to the health of democracy.”
- Phil Zimmermann, speaking to the US senate subcommittee on Science, Technology and Space

0 Comments:

Post a Comment

<< Home