Part 1 – Intro
For those of us living in the modern world, it is an essential aspect of everyday life. It both guards our secrets and keeps other’s secrets safe from us. To borrow a quote from one of my favourite shows of all time:
“The world’s run on codes and cyphers, John. From the million-pound security system at the bank to the PIN machine, you took exception too. Cryptography inhabits our every waking moment.”
Series 1 / Episode 2
The Blind Banker
As one may gather, this is an enormous topic. Even I didn’t realize the scale of it until setting out on this journey — yet another giant branch of the interconnected set of issues that surround modern-day digital technology.
The Sherlock Holmes quote neatly describes the security aspect of cryptography in modern-day life. What is far more pertinent to most people in this age, however, is cryptography’s other significant benefit that we all reap.
In general, the rule of thumb has been the more that technology (particularly communication technology) advances, the better it’s inherent privacy characteristics become. You can observe this through-line cordless and cellular phones, to modern-day cable tv.
Gains are particularly visible in transitions from analogue to digital. First, the development saved bandwidth (freeing up room for the bandwidth-intensive applications we take for granted today). The change also allowed the addition of cryptography into these distribution systems. Thus keeping older baby monitors out of your cellphone conversations, and making the management of signals by cable companies easier (along with countless other advances). And as technologies continue to advance, so do their inherent encryption characteristics. Though seldom fast enough to keep pace with the black hats looking for holes in the software to exploit, however.
A common saying in the IT security universe is that attacks never get weaker; they only get stronger. Such is the reason why your many devices are always prompting you about updating this and that.
Part 2 – The Definition of Privacy
Before I go any further, I have to pause and define precisely what I mean when I use the word privacy. Because in the context of the modern internet, precisely what is meant by this word can become quite convoluted.
First of all, I will grab the dictionary definition of the word.
“A state in which one is not observed or disturbed by other people.”
“The state of being free from public attention.”
When it comes to the online world (and interpersonal communication theirs in general), privacy invaders fall into three categories based on agenda.
b.) Government Officials / Law Enforcement
Going back to the days of analogue cordless phones and cellphones, we were at pretty much everyone’s mercy. Though all cellular network transmissions from the 2ed generation onward are nowhere near bulletproof, it’s far more challenging to accomplish a breach than in the early days. A mere two decades out from the first cell phones, we now find ourselves entirely in the internet age. Though advances in cryptography now do a reasonably good job in protecting communications from those in our immediate surroundings, most of the eavesdropping has shifted alongside the nature of modern-day interaction.
Whether you are using a direct connection (ethernet) or wifi, most prying eyes are likely between the modem and the packet’s destination. Every node that handles the packets on their journey has the opportunity to intercept, alter, copy or otherwise tamper with the data as it transits the web.
Part 3 – TLS
To combat this problem, much of the internet (at the behest of privacy advocates) has embraced various Transport Layer Security (or TLS) protocols. One of the most visible forms of this (to the average end-user) is Https://. Any website that you visit that presents the green padlock in the address bar is using TLS encryption. In English, this means that the only entities that know what links you are clicking within site are your browser, and the website itself. All that an intermediary (including your ISP) can see is gibberish flowing between you and the website.
Thanks to the work of groups like Mozilla and The Electronic Frontier Foundation, the internet isn’t far from becoming ubiquitously https (and otherwise TLS) based in its entirety. Since all browsers give users warnings when visiting partially or unsecured websites, full encryption will become necessary for sites that want to remain accessible in the coming years.
Along with web and email protocols, work is being done to shift the Domain Name System (or DNS) to a more secured status (called DNSSEC).
Anything devices do online requires knowing where to find or send this data. Here is where DNS comes in.
In a nutshell (see link above for more details) organizational LANS, ISP’s, or private organizations (e.g. Google Public DNS, OpenDNS, or Cloudflare) all have DNS repositories that provide client devices with IP addresses.
Though DNS inquiries generally provide scant information (particularly if much of the HTTP traffic is encrypted), it still serves as a map to your footsteps all around the web. Akin to how a car’s GPS history can serve the same purpose for your travels in the real world.
Part 4 – Cyber Security
One of the biggest drivers of the push towards TLS encryption wasn’t privacy, interestingly enough. One of the biggest drivers was cybersecurity. An interesting and facinating timeline (that goes all the way back to the begining) can be seen HERE.
Although the more sensitive areas of online life-like online banking already employ encryption, much of the other stuff was transmitted transparently for years. Meaning that all of those MSN Messenger conversations, search engine queries, forum visits, and sent/received email messages were more than likely to be easily intercepted.
Consider the possibilities:
snooper on your LAN (particularly if in a public place) or within range of your WEP enabled or unencrypted wifi network.
Your ISP (be it for mandated record-keeping, or at the behest of a law enforcement request)
Anyone with ill intent can plant themselves anywhere between your machine and the destination IP (be it foreign governments or blackhats with a variety of agendas). Some ISP’s have even been known to intercept and cut off P2P traffic to minimize network load.
Speaking of wifi, I should also note that WPA2, the current wifi standard, has now as been broken. With ease, it seems. A researcher playing with the newest standard (WPA3) accidently found the krack vulnerability in conducting his work.
Oh yeah, someone also broke the WPA3 standard already.
Did I say that all of this stuff was fascinating? What I should have said was facinating, but also often times frustrating, and occasionally downright terrifying.
Back to it
While the potential of prying eyes on the wire was terrible, the far more damaging and dangerous potential lay in the potential injection of malicious code into passing traffic. For example, if an eavesdropper notices their target fetching photos from a webpage, they may be able to inject malware into the picture as it transits back to the user.
The rise in attacks like this (along with the public becoming increasingly more sensitive to privacy issues) ended up driving both platforms and browsers towards adopting transport layer safeguards. While this has not stopped the distribution of malware VIA web browsers, TLS encryption has still succeeded in making the internet safer and somewhat more private for all users. Particularly the increasing number of novice users (who’s ignorance of cybersecurity knowledge often leaves them reliant on the default settings of the various software vendors that they utilize).
Part 5 – Going Dark
While protocol level encryption has proven beneficial in contributing to both the privacy and security of everyone online, it has made surveillance much more difficult. While higher-level intelligence organizations tend to be less affected by this than lower-level organizations (such as local police forces), encryption hinders investigations at all levels.
I will now cite a recent mafia bust in Ontario as an example of the changes happening in this area.
The operation was named Project Sindacato, and it took place in Vaughan, Ontario. After over a year of listening in on nine members and associates of the Figliomeni crime family via wiretaps, York police moved in and made the arrests. In a joint effort with authorities in Italy (who also arrested 12 people), York police seized $35 million in assets from the family.
The reason this is on my radar is that it made me consider the age of most of those arrested. Of the nine people arrested, they range in age from 30 to 56, with the bulk of the group either over or approaching 50. The reason I find this interesting is, frankly, the everyday habits of those of that cohort. Though far from being a ubiquitous trend, that cohort tends to have reservations towards embracing (or at times, even understanding) new forms of technology. And even for those that aren’t afraid to embrace new technology mediums, old staples tend to remain the dominant go-to (i.e. Cable TV and landline phones).
Though authorities don’t explain what is entailed by their use of the word wiretapping, I will go out on a limb and say that it is likely self-evident. Whether they were using primarily landlines or cellphones, both technologies are relatively easy to wiretap.
Going back to my teen years, one could say that I was a bit of a geek. Alongside my fascination with all types of infrastructure, I was often curious about how many digital breadcrumbs were left behind by my day to day activities. Growing up in a post 9/11 world, I always assumed that something was watching. Whether it was ISP’s keeping records and logs, or automated systems scanning communications traversing the internet, I never believed I was truly alone.
Edward Snowden Rant
Hence why I never took the Edward Snowden revelations seriously. It’s not that what he did was not commendable; it’s that it was shocking to me that what he exposed was considered outrageous. Both because of the social media revolution (with people sharing all kinds of details publicly), and because it all seemed rather obvious. It only took a decade for the world to completely forget about one of the ongoing hangovers from the 9/11 era, the patriot act.
All of this made even more annoying by the fact that Nova’s documentary “The Spy Factory” was released long before Snowden was ever in the spotlight. It aired and published online in 2009, 3 years before Snowden would make his debut on the world stage in 2014.
As is blatantly apparent, I don’t particularly like Edward Snowden. Though he most certainly did the world a favour, the fact that he had to do so was bothersome. Not to mention the whole Assange-esk, “I am a martyr for your freedom!” act.
Look where he ended up — the bastion of human rights, free expression, and digital privacy oasis that is RUSSIA.
Back to it
Either way, even before seeing the story of the fallen Figliomeni family on the news, the question “How surveillable am I ?” occurred to me. In pondering this, I found myself coming to a surprising conclusion. Though the answer is far fr on “Not at all” or “Impossible,” I do conclude that the response in recent years would have to be “Difficult.”
Advertisers And Data Brokers
First of all, one can’t fully explore this topic without touching on one of your main adversaries when it comes to privacy online. That is, data minors and advertisers.
Existing to resell every data point that they can get (in the context of individual internet users), advertisers/data brokers are the biggest threat to privacy online. Be they transparently visible or under the guise of some other internet business, it’s challenging to maintain an identity online without coming into contact with these parasites.
Much like anyone else using the internet that is aware of this stuff, I am conscious of my at times involuntarily shared breadcrumbs that life online creates. There are ways to push back (ad blockers, anti-tracking browsers and browser add-ons, using a VPN all the time), but no way is truly foolproof. It is indeed possible to avoid many of these pitfalls, but it is at the expense of the convenience and ease of use that we all often take for granted. Thus, you have to decide what is more relevant to you: privacy or comfort.
Back to it
Despite everything contained in the previous paragraph, I still have to say think that I am difficult to wiretap. The main reason for this being everything that happens on most platforms accessible by browsers has now shifted onto the TLS protocol. While this is not always the case, users tend to be less wary of using platforms that don’t trigger scary warnings and signals from their web browser. Thus, it quite literally pays to ensure that your advertising and tracking methods fit into the secure tunnel environment.
This is where this all gets interesting is from a surveillance perspective. What may be useful in the stream of data entering and leaving my various devices? At this point, almost none of it.
Let’s consider the mafia bust that I referred to earlier. I ran with the assumption that much of the intel on the case originated from telephone conversations. If they had cellphones, text messages might have helped as well (if not from the phones, then from the carrier records). Interestingly, authorities will have no such access if they used iPhones/iPads with iMessage enabled. Not only will the messages be encrypted, but so to will the phones themselves.
If I look at myself, there are a few possibilities — my cellular carrier stores all of my text messages for 30 days. Though I do make phone calls, they tend to be few and far between (like others in my generation, I’m not a big fan of phone conversations). Not unlike most others my age and younger, much of my communication has shifted into the cloud.
While we interact on devices kept in our homes and pockets, the real action happens far from where most of us live — making surveillance of individuals utilizing this technology, challenging.
That is why the Ontario mafia bust caught my eye. Police didn’t have to go further than a local court to obtain the wiretap warrants, which is simple, compared to surveilling someone using cloud platforms.
Though one could start by going after the data gathered on this person by their ISP or cell carrier, one is likely to learn minimal (thanks to TLS protocols!). Which only leaves going to the social media platforms themselves. Often, this involves dealing with a company in another country, which may or may not grant your request on account of their local laws. Since most of the big guys are in the US, these companies may be compelled to follow US law.
While this can be problematic for authorities, the increasingly ubiquitous nature of unbreakable encryption is far more troublesome. In cases where targets use robust encryption platforms on encrypted devices, obtaining access can be very difficult (if even possible). With more manufacturers shipping devices with encryption enabled by default, and more platforms than ever announcing experimentation with fully encrypted messaging services, the possibility of all communications going dark is not out of the realm of possibility.
Part 6 – The End Of Encryption?
Not to long ago, I wrote a piece about cryptocurrencies. I compared the decentralized nature of the blockchain-based crypto ledgers to that of mid to late 2000’s era P2P networks and the bit torrent protocol. Neither of which will ever be fully shut down, but both of which will become far more of a hassle to access
While this hassle imposed obsolescence has already happened with legacy networks like Gnutella (think Limewire) and Fastrack (think Kazaa), BitTorrent is still in the early stages. No, BitTorrent will never cease functioning. However, it’s user base will become far more limited than it is now.
I carried this argument over to modern-day cryptocurrencies, citing their common utilization by criminal elements on account of their deliberate lack of transparency. Since there is money to be made in the business of cryptocurrencies, I doubted that government-sanctioned versions were too far off into the future. These will give legitimate investors a pathway to continue building and growing their investment without the worry of eventual crypto bans freezing all of their assets.
As the reality of this situation becomes apparent (libertarian forms of cryptocurrency are on the way out), the falling valuation will drive the remaining holdouts over to the now more valuable government-mandated ledgers. As such, though there is no way to halt any cryptocurrency blockchain entirely, enough legitimate investors will bail on them to shrink the user base enormously. Once bans are announced, more users will flee, particularly if they need to convert the coins into real-world fiat currency.
It was this write-up (and some discussion of this very subject on a tech podcast I listen too) that made me consider the fate of encryption as we know it. Unlike Gnutella, BitTorrent, and modern-day cryptocurrency, governments can quickly stop encrypted connections. All they have to do is force ISP’s to block such connections from ever being made (as noted by Steve Gibson in a recent Security Now episode). Though no governing entity would consider such a tactic today (the economy would grind to a halt!), we should not take the modern-day internet for granted. Even though companies and organizations are fighting for our right to privacy ought to be commended, we must consider the reality of the situation. If the flick of a switch can hinder all of the privacy gains of the modern-day internet, we are NOT in control.
Though I have no doubts that all interests involved will continue the fight right to the bitter end, I also do not doubt that the status quo WILL eventually change. The real question mark for me is exactly how this change is going to look.
Part 7 – Options
One way in which this might go would be a mass revert back to weaker forms of encryption. While this would solve the going dark problem, this ought to be a non-starter since it re-introduces every issue resolved by strengthening encryption. Sure, law enforcement and the five eyes alliance now have NO problem seeing into the world’s data. But so to will anyone willing to dig up old exploits and vulnerabilities. It’s terrible news for anyone who values even a modicum of privacy and, horrifying for dissidents and whistleblowers living anywhere on this earth.
The next option would be to keep the secure encryption (and therefore, all the gains that have come from it), but ensure some form of back door accessibility.
Indeed, this argument is controversial. And honestly, I don’t know that I necessarily agree with the premise, either. However, I feel the need to be pragmatic. Though I’m not fond of making it easier for authorities to intercept communications, it would be delusional to think that governments will accept being locked out. After all, we already know that the NSA is vacuuming up petabytes of data traversing around the internet. They don’t know what they have, but have all the financial resources they need to keep trying to break the cryptography.
Although figuring out precisely what this new accessible encryption is going to look like is going to be up to the companies implementing it, a couple of methodologies come to my mind.
One of them would be to enable the cloning and decryption of packets as they traverse on the wire (making for an updated version of a traditional wiretap). This method has the benefit of exclusivity. Authorities can put in requests to access specific traffic (e.g. Social media messaging apps) while leaving everything else unreadable.
Another method that is far more invasive than the last one is mandating an Operating System backdoor in all devices. While the benefit is no required weakening of any TLS protocols, the drawback is the considerable amount of accessibility you gain into someone’s life. Instead of just instant messages and social media, you get everything.
Part 8 – Who will be the gatekeeper?
A far more complicated problem than even figuring out the technical aspects of this is figuring out who will be in control of the keys to the kingdom. And not just who controls the keys, but who decides how much accessibility is acceptable in each instance.
This mattering because the difference between monitoring selected traffic and an OS backdoor is the difference between wiretapping a phone line and placing cameras and microphones in someone’s home. The saturation of various technologies into modern-day life promotes a need for a change in how wiretapping used. Since modern devices contain far more information than they once did, what will be the new limitations when it comes to accessing this personal information?
Let’s consider a possible real-life example. Police suspect that Person A is selling drugs (or some other contraband) using end to end encrypted chatrooms. Since the old method (slap a wiretap on the phone line) won’t work, what then?
The next step would likely be to go to the platform and request access. However, if that fails, what is the recourse? Aside from the seeming necessity in catching the person red-handed (so there is no shadow of a doubt), it seems that getting their hands on the device becomes very important.
Using the same situation, let’s say that law enforcement finds enough probable cause to request (and be granted) an arrest warrant. So person A is picked up, and their devices are seized and entered into the case as evidence. However, the devices are encrypted (as is typical, these days), and the person refuses to divulge the password. At this point, authorities strongly suspect that the devices contain valuable evidence to support their case. So:
- How much access should be granted to their devices?
- Who makes the decision?
While it depends on the manufacturer, the answer to that question these days is generally none. Since most modern devices contain all of their decryption keys internally, manufacturers can’t even help law enforcement break-in.
Which is the point.
Not only is it a good selling point, sticking to privacy principals is worth more than gold in terms of public image (particularly in high profile cases).
A Slightly Fruity Rant
Here is a big reason why the most anti-competitive and anti-consumer device manufacturer on earth is still widely adored by the public at large.
Having said that, why device manufacturers embrace full device encryption is not the issue. Even if it does come across as a glaringly transparent marketing ploy (since their largest competitor’s core business model heavily relies on data-mining), the result is still an overall net positive. However, as stated previously, I don’t think that taking such a hard-nosed stance is necessarily beneficial for digital privacy in the long term.
Part 9 – The Post-Encryption World
When (I don’t believe that it is a matter of if) the floodgates do finally open, decisions will have to be made.
Will (should?) all levels in the law enforcement hierarchy have equal access to all potential data? How will these determinations be made?
Given the sensitivity of the information involved (often people’s entire lives), I think that a third party auditing process should be established. We know that law enforcement will ALWAYS push to get their hands on as much data as they possibly can. And manufacturers will generally be inclined to fight tooth and nail (the more publicly, the better) NOT to divulge anything more than they have to. With two interests so opposed (and one side holding the stick that is the Patriot Act), there comes the need for a neutral zone of arbitration. An entity that can evaluate both if such a breach of one’s privacy is warranted, and how far the parameters of the search will extend.
In conclusion, we have come a long way when it comes to personal privacy. And with more and more services starting to embrace end to end encryption even for everyday use cases, things are only getting better. However, we should not lose sight of the fact that no matter how you feel about all levels of government, they WILL win on this issue.
We likely won’t see governments becoming aggressive around this issue anytime soon. However, this is no reason to sit on your hands.
Though not necessarily related to the previous subject matter, people in the United States should consider their online privacy on account of a very recent revelation.
As of 2017, ISP’s now have been given the green light to sell data they harvest from their customers to data brokers. While these ISP’s mostly only see metadata these days (thanks again, TLS!), you can still learn a lot from that. An ISP may not know what I am reading on truthdig.com or what my uncle is reading on Foxnews.com. However, repeated behaviour (visiting sites like these repeatedly) is valuable information in itself. As would be visiting a page like plannedparenthood.org.
Both AT&T and Verizon have already jumped into the advertising game. And Google (think Google Fiber) is already well known for AdSense.
It’s something worth considering. While a VPN would fairly quickly get around this privacy invasion now, it may become challenging if VPN’s are forbidden (and actively blocked) by law. Given that ISP’s have a vested interest in making encrypted tunnelling disappear, it’s average Americans that need to keep their eye on the ball.
Part 10 – Addressing The Whistle Blower / Dissident Dilemma
I can not conclude this without taking the whistleblower and dissident argument into consideration. Of all the people that such a drastic move against blind encryption would affect, whistleblowers and dissidents are going to be impacted the most. Both the future that I envision (law enforcement and intelligence agencies turning on end to end encryption) and the technology I envision will solve this problem are inherently antithetical to the highly sensitive needs of the whistleblower or dissident. While I am fully aware of this . . . I don’t know what to tell you.
Are these changes going to further discourage people from coming forward with injustices they discover?
It seems a likely scenario of such a world.
Could this make it close to impossible for a whistleblower or dissident to embrace electronic communications of any kind?
Again, this is not out of the realm of possibility.
I don’t like it, either. And honestly, it would be much easier to fall in line with the “Down with spying!” crowd and call it a day. Given my increasingly pragmatic nature, however, I feel compelled to bring issues like this to the forefront.
Indeed, I don’t have the answers required to put a cute bow on everything outlined in this writing. In a sense, though, that is the point.
The problem is far more significant than me. And it is going to impact us all, whether we like it or not. The silliness of the average anarchist or libertarian comes to mind. We Should do this, and we should do that. This is how things should be.
I hate to be the bearer of bad news, but what you/me/we think should be the case means diddly squat. While persevering over the worldwide signals intelligence apparatus certainly makes for a nice thought, that is all that is.
Even if there exists no looming deadline in which to fixate on, it is in everyone’s best interest to start considering this problem NOW.
Doing so will ensure ample time to perfect these new standards (whenever they become relevant legislatively). Doing so will give governments and companies time to figure out how to deal with the privacy dilemmas explored previously. And most importantly, doing so will ensure more time and resources are devoted to figuring out a potential solution for the whistleblower / dissident problem.
This does not mean that this problem will be solved. However, we have a much better chance of a positive ending if the expirimentation begins long before any hard deadline is ever proposed (let alone enacted).