A Novel in Three Links

This + this + this = an opportunity to change the way we communicate, and history as well.

The freedom that we experienced on the Internet of the ’90s is waning. Governments and commercial interests take ever-increasing steps to circumscribe people’s ability to communicate digitally. The only way to change this tide from ebb to flood is to fulfill a promise that was first made in the ’90s.

We need to disintermediate the network. It’s an ugly duckling of a word, but cutting out the middle man matters more now than ever.

This + this + this = an opportunity to change the way we communicate, and to change history as well.

The freedom that we experienced on the Internet of the ’90s is waning. Governments and commercial interests take ever-increasing steps to circumscribe people’s ability to communicate digitally. The only way to change this tide from ebb to flood is to fulfill a promise that was first made in the ’90s.

We need to disintermediate the network. It’s an ugly duckling of a word, but cutting out the middle man matters more now than ever.

As long as the cables, wires and frequencies over which we communicate are susceptible to being controlled, curtailed or even disconnected when the things we say -or the way we say them- become upsetting, we will find ourselves increasingly confined.

As I said during an Internet policy session yesterday, if you ask anyone –anyone– whether there should be limits on Behaviour X on the Internet, the answer will always be a resounding Yes. That’s not a problem in and of itself, because X is usually anti-social and contrary to the public good. The problem is that anything capable of curtailing Behaviour X can be brought to bear on Behaviours A through W as well.

The only way out of this is to provide the technical means to do what we have always done in democratic societies: Keep our private discussions private and our public discussions free.

For the former we at last have all the ingredients we need:

  1. Gigabit wifi – We can finally start thinking about getting decent performance out of wireless data transmission, meaning that we can worry a little less about putting a lot of people onto a single wifi network;
  2. Wireless Mesh Networks – Enough with the telcos; we can now start looking at creating ad hoc, self-organising networks, relegating the role of the data carriers to one similar to power and water utilities;
  3. Secure Voice Communications – Security expert Moxie Marlinspike (yeah) and a crew of like-minded individuals have floated a very useful service recently, allowing secure VOIP and SMS communications between phones. By building encryption into the bones of the app, they’ve created software that looks and acts exactly like normal calling and texting. The only difference being that, if the other person is using their RedPhone service, the entire communication remains a secret shared only by the two of you.

The idea behind these things have been floating around for some time (the protocol underlying RedPhone has been with us since 2006), but now they’re all here in usable form.

I’ve said it before: The story of freedom of Internet freedom and online privacy will be the defining social conflict of our generation. As the peoples of the Middle East are discovering, the narrative of freedom is suspenseful, dramatic and exciting in the best and worst ways.

Whoever manages to blend these three technologies together seamlessly and easily enough for anyone to use them will assuredly be one of the main protagonists in this unfolding drama. They may not garner the celebrity of a Jobs or a Gates, but they will have the impact of a Gandhi or a King.

The Internet ≠ the Network

Douglas Rushkoff just posted a piece with which I largely agree, but which indulges in some remarkably lazy language in the process:

“Some of us might like to believe that the genie is out of the bottle and that we all have access to an unstoppable decentralized network. In reality, the internet is entirely controlled by central authorities.”

Arrgh! This kind of thing drives me crazy. If we could stop conflating the Internet (which is a combination of networking protocols) and the physical network (which is a bunch of cables and antennas and switches), we might be able to have a useful dialogue about how to reduce the Internet’s vulnerability to coercive measures by changing the shape of the network.

In the end, that’s what Rushkoff advocates; I just wish he wouldn’t muddy the water so.

Stay with me, kids; I’m going to say this again slowly: The network is the wires and antennas and stuff. The Internet is the way information is organised to travel across it.

More to the point, the Internet is a very specific way for data to travel across it:

  • It doesn’t rely on a middle-man. I might choose to use Facebook for chat, but I don’t have to. I could connect straight to your computer or phone and chat away.
  • It doesn’t need a road map. In effect, the data packets just go hitch-hiking across the network with a sign saying ‘San José’ – or whatever.
  • It doesn’t see borders the same way some other network protocols do. In fact, that’s why it’s an Inter net: Because it routes traffic between different networks.

Once more:

  • Internet = you & me talking.
  • Network = the road system that allows you and me to get together to talk.

There. That wasn’t so hard, was it?

Oh, as long as I’m being pedantic: It’s Internet-with-a-capital-I. It’s a proper noun referring to a very specific thing. It’s like a country with all the geography taken out. It still has to have a capital.

Infowar – A Case Study

[This weekend’s Opinion column in the Daily Post]

The recent decision by the Mubarak regime in Egypt to cut off all Internet access for its citizens is a textbook example of using a silver bullet to shoot oneself in the foot.

The whys and wherefores of how they’ve gone about doing so provide a useful opportunity to understand the paradox of control over the Internet and the costs involved when governments and other actors indulge their desire to dam the torrent of information that flows across their networks.

In order to do that, we need to dispel a rather pesky myth.

Perhaps the most dangerous misconception of the Internet is its survivability. It’s true that, as one information activist put it, the Internet treats censorship as damage and routes around it. But that statement is predicated on the actual presence of an Internet in the first place.

That may sound like a silly statement, but the Internet might not be as enduring as many assume it to be.

While many of the software and communications protocols that define the Internet are, by design, remarkably resistant to outside control, the physical networks through which our data passes are not nearly so robust.

James Cowie, a network analyst from Renesys Corporation, has written excellent analyses of state intervention in national communications both during the post-election strife in Iran and more recently in Egypt. Using forensic evidence gathered in real time, he constructs a vivid scenario: In contrast to Iranian authorities, who elected to use physical choke-points in the communications infrastructure to reduce the flow of information to a trickle, Egyptian authorities appear to have instructed all national Internet Service Providers simply to cut all communications with the outside world.

Starting at midnight (Egyptian time) on the 27th of January 2011, Egypt’s largest ISPs began disappearing from the Internet. Within a period of about 13 minutes, they simply stopped delivering data to and from their customers.

Cowie writes:

“[T]his sequencing looks like people getting phone calls, one at a time, telling them to take themselves off the air. Not an automated system that takes all providers down at once; instead, the incumbent leads and other providers follow meekly one by one until Egypt is silenced.”

How did this happen? Every large ISP participates in a cooperative system called the Border Gateway Protocol, or BGP. BGP allows them to discover how traffic destined to a remote network should be directed. Simply put, each ISP announces which address blocks it supports. These blocks can represent tens or even hundreds of thousands of individual machine addresses.

Designed for simpler times, BGP is a trust-based protocol. It relies implicitly of the good faith of all participants to continue working. This makes it remarkably vulnerable to the machinations of states or organisations whose interests don’t align with others’. Back in 2008, Pakistan Telecom caused a furore when, for a little over 2 hours, their bungled attempt to use BGP to block YouTube domestically resulted in the site disappearing from much of the Internet.

Just last year, a change to BGP traffic announcements resulted in about 15% of all Internet traffic being routed through networks in China for a brief period. This resulted in breathless speculation that the disruption was not accidental. Some claimed that it amounted to a reconnaissance in force, as it were, a probing of the global Internet to determine its resilience in the face of attack.

Intentional or not, these disruptions to the BGP apparatus make it abundantly clear that choke points exist on the Internet and that they are remarkably easy to subvert.

Debate continues to rage in technical circles about what can be done to mitigate BGP’s innate deficiencies. Changes will doubtless be necessary. But the liability wouldn’t be so grave if our physical communications networks weren’t so hopelessly centralised.

Egypt offers us a particularly vivid example of this. A country of over 80 million people, it has only a half a dozen or so large Internet providers. Only one of them, the Noor Group, initially resisted the demand to drop services. Some have speculated that its continued online presence was due to its extensive list of blue chip clients, including many banks and the Egyptian Stock Exchange.

Ultimately, though, it was a limited victory. Noor advertised only 83 of the roughly 3500 data routes in and out of Egypt. They were eventually forced off the air a week after their IT confrères.

In Iran, population 72 million, there are only 5 significant international links, all of which flow through a single Government-run office. Such centralisation makes it easy for the state to exert its influence.

(One European-owned company, Vodaphone, washed its hands of the decision to cut service to its Egyptian customers, claiming that the Mubarak regime had the legal right to issue the order. This rhetorical line apes the rationale provided by Nokia-Siemens when it was discovered that their equipment enabled Iranian authorities to block most traffic and eavesdrop on the rest.)

The Internet as a principle –that is, the idea of an open network allowing free communication regardless of source or sender– is not as popular as some might believe. It made its way into the commercial world more by stealth than by deliberation. Telcos didn’t really understand the Internet as a service; they just knew they had to offer it in order to compete.

One thing was clear to them: The sum of all services across a global network was clearly more valuable than those offered by a single provider. Equally attractive was the perception that these services came more or less for free with the connection.

But the seductive power of the Net hasn’t changed attitudes entirely.

Telecommunications companies, with a long legacy of market-controlling behaviour, still build and deploy their infrastructure using centralised models. Recently, some of them have begun lobbying for the right to exert control over the data that passes over their networks, potentially penalising services that compete with their own. Comcast, one of the largest ISPs in the US, recently got approval to acquire NBC Universal and its content-creation ecosystem, giving rise to fears that they might leverage their control over the information pipeline to dictate what passes through it.

Put simply, carriers would love nothing better than to go back to the telephone service model, where fees are based on where you are and who you talk to, with no conversation possible unless you’ve paid your toll.

The principle of an end-to-end network –that is, one that allows direct, unmediated connections between two parties– militates strongly in the opposite direction. Its appeal is remarkably seductive, leading most Internet users to view with displeasure the telcos’ (or governments’) desire to mediate communications.

Renesys quite rightly remarks that if cuts to Egypt’s Internet had lasted much longer, the reduction in commercial activity could have been catastrophic for the nation.

Furthermore, Cowie remarks, it wasn’t only Egypt’s pipelines that were at risk:

“[T]he majority of Internet connectivity between Europe and Asia actually passes through Egypt. The Gulf States, in particular, depend critically on the Egyptian fiber-optic corridor for their connectivity to world markets.

“Are the folks at Davos thinking about this? They should be.”

In a perfect world, consumer choice and basic business commonsense would always win. But the problem is that centralised networks not only cost a lot of money (placing their design and construction into the hands of the most powerful), they make a lot of money, too.

In monetary and political terms, the wealth of the network itself tends to pool rather than to flow.

A fundamental change has already overtaken the public’s perception about the value and nature of digital communications. Passive consumption of news through the television is considered passé, or at least diminished in relation to the sharing of photos, videos and words across the Internet.

As individual control over the flow of information rises, central control wanes. And this, obviously, is the crux of the dilemma facing businesses and governments across North Africa and throughout the world. They are belatedly coming to realise that they are fighting a many-headed hydra. As they cut off one avenue of communication, another rears its head.

But that hydra has a body, and the body is the network itself.

As this column goes to press, it appears that Egypt’s decision to cut off the Internet failed in every important regard. One protester is reported to have said, “F*** the internet! I have not seen it since Thursday and I am not missing it.… Go tell Mubarak that the people’s revolution does not need his damn internet!

I would be amazed, however, if this fact led other governments to act differently, should they find themselves in a similar situation. Indeed, the US Congress is currently considering legislation that would provide the President with an ‘Internet Kill Switch’ for use in case of emergency.

Likewise, I see no evidence that the ultimate futility of attempting to control the flow of information will change attitudes in the board rooms and offices where our increasingly centralised networks are planned. For telcos, the challenge is merely technical.

For the Internet –as it was originally intended– to become fully realised and fully resistant to coercion, the devices and infrastructure through which our data travels will need to reflect the same principle of decentralisation as the software and protocols we use today. That implies the construction of communications devices that are very different from the locked-in, network-centric phones, tablets and computers we’re familiar with. I can think of no short-term scenario in which the development of such products will take place in any significant way.

For some time to come, we will continue to live in a world in which the powerful continue to load silver bullets and take aim squarely at their own feet.