Data Security, Network Security

When Governments Try to Control the Internet

By Katherine Teitler

Or, why censorship often backfires

Totalitarians need to control everything they can—it’s a deep-seated need that stems from the (occasionally true) fear that someone, somewhere, is plotting their overthrow. It seems that the totalitarian impulse to control extends to communications first, whether it’s mail, telegraph, telephone, or Twitter.  

When a new communication technology is being fielded it will inevitably be seen as politically threatening to someone. It’s as if the establishments of the world read Robert Heinlein’s “The Moon is a Harsh Mistress” (1966) and mistook it for a documentary: revolutionaries use computer networks to build their operations, and succeed—it’s terrifying. Except it shouldn’t be.

Meanwhile, back on Earth, we’ve seen internet chat be cast both in the role of mob facilitator for evil (London Riots of XXXX) and good (Iranian protests of XXXX). Thus, it’s on every government’s radar. What’s odd is that filtering the internet hasn’t worked and never will—the technology is too widely available and connectivity is too easy to virtualize atop other connectivity. Computer security systems designers figured this out long ago—in the old “Orange Book” (Trusted Computer Systems Evaluation Criteria – TCSEC) effort was devoted to analyzing “covert channels,” and it turned out that bandwidth is bandwidth, and really nothing else matters. When we started hypothesizing ways to exchange data between a process that had access to secrets and one that didn’t, it seemed as if there was an infinity of paths. You could load up the CPU and affect the other process’ response-time, thereby sending a 1 (“load”) or a zero (“no load”).  Or you could leak data by accessing a particular file to change its access date: 1 (“even second”) or a zero (“odd second”). Once you had the channel then you could packetize data over it and run TCP/IP. Back in 1991 I ran NFS over email by the simple expedient of uuencoding packets and sending them to a remote target address which reversed the process. Multi-level secure operating systems died a slow death because of their overall unmanageability, but covert channels were one of the nails in that coffin.

No place to hide on the internet

The modern internet is not even covert channels; it’s a giant jumble of perfectly overt channels. If some would-be dictator is reading this, thinking about shutting down Twitter, all I can say is: Skype; and Ventrilo, Teamspeak, and the in-game chat in Diablo III.  Then there are more esoteric approaches such as encoding data in the least significant bits of JPEG images shared on Facebook, or super-encrypted and hidden in files put in a BitTorrent or shared on the appropriately-named You’d best just shut it all down. As if that’s even possible: satellite phones don’t require local infrastructure and they’re pushing the voice communications over a data channel; it’s all bandwidth. Give any competent systems administrator two endpoints and some bandwidth and they can set up a Virtual Private Network over it. Remember the “can telephone” we all built as kids? Pretty much two can-like things (paper cups, cigarette package, Jell-O pudding cup, etc.) and some string-like stuff (wire, string, braided dog-hair, the thread holding the inseam of your jeans together, etc.) and you have a network. Attempting to block ad hoc networks like that will never stop them—at best it’ll make them slower and maybe harder to use.

Governments that try to shut down Twitter (or any social networking communication) or wall off the internet are doing themselves a disservice because they show that they are easily defeated. “Never give an order that won’t be followed” is good advice for how to maintain command authority. When they attempt to block something and everyone just goes around them, they look silly. Worse, because of how governments tend to operate, they probably convince themselves that they actually accomplished something with their blocks, which means that they are likely to lower their guard and ignore the big streams of data going around them.

The internet as a data mining tool

Here’s where I get grim: it’s probably more effective to allow or even facilitate questionable communications because that way you know where they are. And then it’s easier to monitor and analyze them. I’m reminded of the depressing story of a photographer who was doing documentary photos of the Budapest uprising against the USSR. Years later he found out that his photos were used by the secret police to identify the people at the barricades so they could be quietly collected after the fighting had died down. Today, a sneaky and effective totalitarian regime would encourage the protestors to use Twitter or Facebook, then mine the sites/forums as sources for information when time came to crack down on the real trouble-makers. That’s what the U.S. FBI did with COINTELPRO during the 60s—agents provocateur in groups of student radicals, reporting back to help build a picture of any radical networks that were materializing. If you read between the lines of the “War on Terror,” it seems that variations of that are still going on: social media is not merely a place for radicals to meet and organize, it’s a trap for radicals baited by the secret police.

Let the internet flourish

My advice for totalitarians is to let the internet flourish—and collect it, use it, and analyze it. It’s nice to make things easy for your enemies to do what you want them to do. Encourage and nurture strategic missteps in your opponent.

On the other side, if you’re concerned about the totalitarians, don’t take the obvious carrot dangled in front of you. Don’t rely on social media, don’t rely on your cell phone, don’t embed your opponent’s communications platform into your critical infrastructure. Or, if you do, have a fallback plan to something that’s not easily blocked or monitored.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.