Who 0wnz the Internet?
Ian Brown
Oxford Internet Institute
The lawless frontier?
 “The Internet interprets censorship as damage and
routes around it” -John Gilmore
 “Governments of the Industrial World, you weary
giants of flesh and steel, I come from Cyberspace,
the new home of Mind. On behalf of the future, I
ask you of the past to leave us alone. You are not
welcome among us. You have no sovereignty
where we gather.” -John Perry Barlow
Government attempts at control





Cryptographic software
Illegal content
Digital copyright
Counterterrorism
Cybercrime
Encryption
 Diffie, RSA - controls on research and
publication
 PGP, munitions - controls on software
export
 Key escrow - controls on software
functionality
 EU export controls on cryptanalytic tools
Crypto use controls
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
Source: Bert-Jaap Koops (2007) Crypto Law Survey
RIPA decryption powers
 S.49 notices from senior police, Customs etc.
impose “disclosure requirements” that may
usually be met by production of plaintext
 Keys may be demanded in special circumstances
by chiefs of police, Customs commissioners, etc.
 Notices may prohibit “tipping-off”
 2 and 5-year prison terms
US censorship efforts
 Federal laws (CDA, COPA) repeatedly ruled
unconstitutional in late 90s; particular problems with
“community standards”, 1st amendment and proportionality
 Pennsylvania law struck down in 2004 due to lack of
proportionality (400 blocked sites caused over 1 million
other sites to be blocked), easy circumvention and out-ofstate effect; no evidence Act “has reduced child
exploitation or abuse”.
 2005 Utah law challenged by coalition of businesses, ISPs
and their customers on similar 1st Amendment and
Commerce clause grounds
Problems with Internet
censorship
 How do you restrict access to content
hosted in other countries? Filter based on IP
addresses, redirect DNS queries, use proxies
with blocking lists and/or keyword filters
 How do you decide which content should be
blocked?
 How do you block access to non-WWW
content?
BT’s CleanFeed system
 Blocks customer access to sites that have been secretly
listed as containing child pornography by self-regulatory
body the Internet Watch Foundation
 UK government has threatened to legislate if other ISPs do
not follow suit
 Ministers already discussing adding violent pornography to
the list
 Cambridge researcher showed that BT system could be
used to search out child pornography
The Great Firewall of China
 Just about most
restrictive on planet –
uses all mechanisms
previously described
and more
 Little transparency to
users
Source: Ben Edelman
The different faces of Google
Filesharing vs album sales
Source: Stan Liebowitz (2007) How Reliable is the Oberholzer-Gee
and Strumpf paper on File-Sharing? p.19
EUCD Article 6
 6.1: “Member States shall provide adequate legal protection
against the circumvention of any effective technological
measures”
 6.2: bans “manufacture, import, distribution, sale, rental,
advertisement for sale or rental, or possession for commercial
purposes of devices, products or components or the provision
of services”
 Purpose is irrelevant
 Finland, France, UK 2 years prison; Portugal 3 years; France
150,000€ fine
 Only Germany, Denmark, Finland and UK have research
exemptions
Fundamental technical problems
 The analogue “hole” – watermarking
 Break Once Play Anywhere
 File-sharing won’t stop
Terrorist use of Internet





Communications
Media impact
Research
Belonging
Alternative reality
Signals intelligence
Everybody’s at it:
• Echelon
• Frenchelon
• Multinationals
“We steal secrets with
espionage, with
communications, with
reconnaissance satellites” –
James Woolsey
Source: Duncan Campbell (1999) Development of surveillance technology
Menwith Hill
Officially RAF base; unofficially is run by NSA
Radio interception
High frequency radio interception antenna
(AN/FLR9) - Duncan Campbell (1999) Development
of surveillance technology
Microwave interception
• Microwave links carry signals
between cities, but spill out into
space
• CANYON and CHALET US
satellites collect signals from
Soviet Union, Middle East
Source: Duncan Campbell (1999)
Development of surveillance technology
Submarine interception
• Underwater cable
interception in
Okhotsk Sea (1971)
and Barents Sea
(1979)
• USS Jimmy Carter
specially designed
for underwater
divers (2005)
Communications exchange interception 1995
Internet site
Location
Operator
Designation
FIX East
College Park, MD
US government
FIX
FIX West
Mountain View
US government
FIX
MAE East
Washington, DC
MCI
MAN
New York NAP
Pennsauken, NJ
Sprintlink
NAP
SWAB
Washington, DC
PSInet / Bell
Atlantic
SMDS
Washington Area
Bypass
Chicago NAP
Chicago
Ameritech /
Bellcorp
NAP
San Francisco
NAP
San Francisco
Pacific Bell
NAP
MAE West
San Jose
MCI
MAN
CIX
Santa Clara
CIX
CIX
Source: Wayne Madsen (1995) Puzzle palace conducting Internet surveillance
Narus ST-6400
Installed by AT&T in San Francisco, Seattle, San Jose,
Los Angeles and San Diego trunk facilities (EFF)
UK content surveillance
 Comms intercepts authorised by Secretaries
of State under RIPA
 Agencies
 1466 in 2002; 6 per day for Blunkett
 Blanket overseas warrant for GCHQ from
Foreign Secretary
Regulation of Investigatory
Powers Act 2000
 “Communications data” obtained by selfauthorised demand from police, Customs
etc.
 Content requires warrant from government
minister
Comms data access purposes
 in the interests of national security;
 for the purpose of preventing or detecting crime or of
preventing disorder;
 in the interests of the economic well-being of the United
Kingdom;
 in the interests of public safety;
 for the purpose of protecting public health;
 for the purpose of assessing or collecting any tax, duty,
levy or other imposition, contribution or charge payable to
a government department;
 for the purpose, in an emergency, of preventing death or
injury or any damage to a person’s physical or mental
health, or of mitigating any injury or damage to a person’s
physical or mental health.
“Snooper’s charter”
•
•
•
•
•
•
•
•
•
•
•
•
The Department for Environment, Food and
Rural Affairs.
The Department of Health.
The Home Office.
The Department of Trade and Industry.
The Department for Transport, Local
Government and the Regions.
The Department for Work and Pensions.
The Department of Enterprise, Trade and
Investment for Northern Ireland.
Any local authority within the meaning of
section 1 of the Local Government Act 1999.
Any fire authority as defined in the Local
Government (Best Value) Performance
Indicators Order 2000
The Scottish Drug Enforcement Agency.
The Scottish Environment Protection
Agency.
The United Kingdom Atomic Energy
Authority Constabulary.
•
•
•
•
•
•
•
•
•
•
•
•
A Universal Service Provider
within the meaning of the Postal
Services Act 2000
A council constituted under
section 2 of the Local Government
etc. (Scotland) Act 1994.
A district council within the
meaning of the Local Government
Act (Northern Ireland) 1972.
The Common Services Agency of
the Scottish Health Service.
The Northern Ireland Central
Services Agency for the Health
and Social Services.
The Environment Agency.
The Financial Services Authority.
The Food Standards Agency.
The Health and Safety Executive.
The Information Commissioner.
The Office of Fair Trading.
The Postal Services Commission.
European Union
 EU Data Retention Directive 2006
 Comms data to be retained 6 months – 2
years
Data to be retained






The Internet Protocol (IP) address,
whether dynamic or static,
allocated by the Internet access
provider to a communication;
The User ID of the source of a
communication;
The Connection Label or
telephone number allocated to any
communication entering the public
telephone network;
Name and address of the
subscriber or registered user to
whom the IP address, Connection
Label or User ID was allocated at
the time of the communication.
Data necessary to trace and
identify the destination of a
communication:
The Connection Label or User ID
of the intended recipient(s) of a
communication;





Name(s) and address(es) of the
subscriber(s) or registered user(s)
who are the intended recipient(s)
of the communication.
The date and time of the log-in
and log-off of the Internet sessions
based on a certain time zone.
The calling telephone number for
dial-up access;
The digital subscriber line (DSL)
or other end point identifier of the
originator of the communication;
The media access control (MAC)
address or other machine identifier
of the originator of the
communication.
Enright (2007) Storm Live and Active Peers
The blue live peer count
line is the most accurate
estimate of the size of the
network for a point in time
that Stormdrain can give.
Source: Brandon Enright,
Exposing Stormworm,
ToorCon, San Diego, Oct
2007
House of Lords Personal Internet
Security report (2007)
 Liability must be assigned to financial
institutions, ISPs and software vendors
 Open source software should benefit from a
“Good Samaritan” exemption
Conclusions
 Government attempts to control Internet activity
often hasty, ineffectual and driven by narrow
sectoral interests (anti-circumvention laws)
 Often attempt to deal with new problems using old
familiar solutions (arms control, CleanFeed)
 Often unrealistic (crypto, CleanFeed)
 Often disproportionate and breach human rights
(surveillance, censorship)