Big Brother - Part I

Haved you had the nagging feeling that someone's looking over your shoulder while your're browsing the net?

In a way, someone is. But don't get crazy just yet. The first part of the article is a brief (very brief) description of what's the Internet so you can understand the second part.

The thing we call Internet, THE net, is not really a network. In a broad sense it is, but actually is a huge number of networks interconnected between them. Sounds confusing because, after all, a group of networks interconnected forms a network, a bigger one but a network all the same. The difference is that the Internet has no identity of its own, no owner, no ruler.
Internet is controlled by two things. One is a set of rules, technical rules, and we should be glad they are technical. The other is commercial agreements at every single point where two networks are linked.
Let's start from your own computer, wheter is alone in your house or part of a LAN in your office, it's on a network. It has one IP address, meaning it has an identity on that network, and a phisical connection. If you're on a private network, at some point that network is connected to the public network. If you're a home user, most likely your computer is on the public network already. The main difference is that from a private network you have to connect at least on point of it to a public network. But one way or the other, at that point you have an agreement with an ISP (Internet Service Provider) that lets you access the Internet. The ISP provides you an IP public address and from there you can open sessions with any other public address. I may add, most likely you can and you'll see why in a minute.
Your ISP is basically another network, without a connection to other networks the only thing you're allowed to do is connect to other public address on your ISP network. At some point, your ISP is connected to other or others, and those are also conneted to others. All they need to make the whole Internet work is to know where each public address is. They don't actually, every network knows about their own public addresses, some addresses of the networks directly connected to them and one or more connections where they send every packet not included in the previous groups.
Of course the lists of IP addresses are not extensive, they don't have to store information for each one. They're handled by blocks, groups of IP addresses that can be masked easily. This way every time they have to route a packet, all they do is to identify the block it belongs to and take the action assigned to that particular block.
Let's say that the Internet is like a city. If you live in an apartment building, you have a private address, the number on your door. All traffic to your door is handled by the doorman, if it's between apartments he can do it all by itself inside the building, if it's to or from another place outside the building he has to go to the front door and interface with the rest of the world. The front door of the building is public, it has a public address and is "connected" to the street, your ISP. If you live in a house, you have a public address and don't need the doorman to handle your traffic.
The street, your ISP, has a postman going up and down exchanging packets with every public address on the street. He's not allowed to go anywhere else. The traffic bewtween public addresses on the street are handled directly by him but packets to another street, city or country have to be handled to someone else. The street, crosses other streets, one or many, and the postman has a routing instruction saying at which intersection drop each packet and one or more last resource intersection where he drops all packets without specific routing rules. At those intersections, he also picks up packets addressed to his own street. The last resource intersections allows the postman to reach every address on the net without knowing where is it. That intersection could be served by a bigger postman, like one in an avenue with more intersections, or a high speed postman serving a highway, where there are no home or buildings, only intersections with streets, avenues or other highways. One thing that you may be wondering about is how postmen deliver when they have alternative routes for a packet. As you can imagine, postmen are not humans but computers, and they need precise non ambiguous instructions. The alternative routes can be used as a backup in case the main one fails or to balance load. In the last case, the postmen uses one or the other based on a measureof the traffic.
The beauty of all this is that there's no central control, manager or government. All the postman and doormans agree in the technical aspects, proper addressing and uniform instructions sheets. This way everyone knows what to do with each packet without knowing what's beyond their own bailiwick.
I want to add a small note here, the system is not perfect. Eventually you may find that certain address is unavailable to you while your friend, who's in an address available to you, can reach it. The routing istructions change everyday either for technical reasons or commercial ones. Sometimes the changes on a network requires its neighbors to change too, and that may take some time. Sometimes there's no routing intruction at all for a combination of addresses, oversight, commercial restriction (it's not worth to pay for, no traffic expected, etc) or just a technical problem.
The other side of what keeps the net togheter is the commercial agreement between postmen and doormen at each intersection. The agreement could be of any kind, pay by packet size, pay by speed, just pay. The agreement could also include address restrictions, alternative routes, guaranteed uptime, etc.
But the bottom line is it works, believe it or not the fact is the Internet works and if you're reading it you have all the evidence you need.
Now going back to the subject of this article, is somebody looking over your shoulder?
Every single packet that you send or receive is handled by many doormen and postmen. They're not human but they're ran by some and they're all independent. What stops them from snooping into you packets?
The answer is simple, nothing.
Let's say that I'm a major carrier, a highway in the city analogy, and for some reason I want to look at all the packets going through one of my intersections. It's my equipment, it's my wire, and even if I have a non snooping clause in my agreement with other networks (there's nosuch clause), nobody is controlling me, there's no way to know that I'm doing it from the outside.
And now that I've freaked you out, I'll put you back togheter. Because now you're thinking that everyone knows what you read, what you see and who you talk to. Forget it, is not happening. But what if it is?
Have you ever been in a mall? Were you worried that someone may note which displays you see? While you were having a drink, someone checking what you have, how, what you were reading? At the post office, the postman checking who you write to or who writes you?
At this point, you either turned into a complete paranoid or realized that the Internet is a public place like a mall or even the street. More like a mall I'd say, because is owned by many private parties. But the point is Internet is public not because of the ownership but because of its nature, its history and its technical limitations. Internet wasn't designed for security, security was insured phisically by not allowing access to equipment and wires. But once it grew into a network too large to be confined, with too many players to be controlled, physical security became impossible.

But is it such a big deal? All your packets in the hands of people you know nothing about?
Let's go back to the mall analogy, you're going through a public place, do you expect privacy? Why do you expect privacy on the Internet then?
The structure of the net makes it impossible to control if someone takes a look at your traffic, I'm sure your ISP will say that no one is doing it, but I'm pretty sure that they won't give you a signed warranty. Even if they're to be trusted, once they pass the packet to the next network is out of their control and yours too.
But are they doing it? Is someone out there checking all your traffic?
I think not, I'm sure not. At least not in that sense. I mean, there's no way to check every single packet, no way to store it for later analysis, no way to keep up with the constant flow. I know that because I do that frequently. I'm in control of the doorman in my building and from time to time I have to check the traffic. Because something is not working or I suspect foul play from the outside or the inside or anything else. And is not a huge building. However I have no way to check it all and there's no automated system able to do it. You can try by yourself if you want, go get a sniffer, a program that allows you to see all the traffic in your network connection. There are some nice sniffers for free out there like NetworkActiv or Ethereal. Once you have it, let it go for one hour and do your regular use of the Internet. Then try to make some sense of the traffic for one hour. How far can you go?
It's a trick test because you probably don't know enough to understand what's in there. But besides that, nobody can check in one hour a one hour traffic file (average traffic). Even with a machine doing it, there are too many variables and the kind of information that would make sense to a human like text, pictures, sound and video can't be properly evaluated by a machine. Imagine that if it can't be done with the traffic of one machine, is a lot more difficult with thousands or millions. So, I can say for sure that nobody is checking the traffic of the Internet sistematically.
However, I can imagine someone looking for something very specific. Let's say that I want to know who's using a specific mail server from my building, my network. I can set my doorman to report connections to that server. The amount of information would be easy to handle. I can do that by content too, specific words, even by media type.
And if you think that your government is able to do it, think again. I can do it because I have just one door in my building. Imagine how many different access points are in one country and how much traffic is going through them, it's impossible to handle.
In conclusion, I wouldn't worry about someone looking at my traffic. However, the Internet is like a public place and I have to assume that my activity may be seen. Do what you do in public, don't do things you don't want others to see.

Of course there's privacy on the Internet but that's for part II where I'll tell you about more scary things. Relax, enjoy.

No comments: