Black Code: Inside the Battle for Cyberspace (32 page)

Read Black Code: Inside the Battle for Cyberspace Online

Authors: Ronald J. Deibert

Tags: #Social Science, #True Crime, #Computers, #Nonfiction, #Cybercrime, #Security, #Retail

BOOK: Black Code: Inside the Battle for Cyberspace
4.46Mb size Format: txt, pdf, ePub

2
The Citizen Lab did not trespass or violate anything:
The ethical and legal issues underpinning the Citizen Lab’s research are discussed in Masashi Crete-Nishihata and Ronald J. Deibert, “Blurred Boundaries: Probing the Ethics of Cyberspace Research,”
Review of Policy Research
28 (2011): 531–537.

3
9/11 ripped into all of that and left us all reeling:
See Ronald J. Deibert, “Black Code: Censorship, Surveillance, and Militarization of Cyberspace,”
Millennium: Journal of International Studies
32, no. 3 (2003).

4
in a
Globe and Mail
op-ed:
Ronald Deibert, “The Internet: Collateral Damage?”,
Globe and Mail
, January 1, 2003,
http://www.theglobeandmail.com/commentary/the-internet-collateral-damage/article790542/
.

5
Another word, a few words actually, about the title:
Lawrence Lessig’s,
Code and Other Laws of Cyberspace
(New York: Basic Books, 1999). Key McLuhan works are
The Gutenberg Galaxy: The Making of Typographic Man
(Toronto: University of Toronto Press, 1962) and
Understanding Media: The Extensions of Man
(New York: McGraw-Hill, 1964). Those of Harold A. Innis include
Empire and Communications
(Toronto: University of Toronto Press, 1950) and
Bias of Communications
(Toronto: University of Toronto Press, 1951). My take on Innis can be found in Ronald J. Deibert,
“Harold Innis and the Empire of Speed,”
Review of International Studies
25, no. 2 (1999). I wrote about media ecology theory and world order transformation in my first book,
Parchment, Printing and Hypermedia: Modes of Communication in World Order Transformation
(New York: Columbia University Press, 1997). Joshua Meyrowitz uses the metaphor of media as “environments” in
No Sense of Place: The Impact of Electronic Media on Social Behavior
(New York: Oxford University Press, 1985).

6
The science fiction writer Arthur C. Clarke argued:
Clarke’s comments about technology are part of his “three laws” of prediction and are outlined in Arthur C. Clarke,
Profiles of the Future: An Inquiry Into the Limits of the Possible
(London: Gollancz, 1962).

INTRODUCTION:
CYBERSPACE: FREE, RESTRICTED, UNAVOIDABLE

1
Connectivity in Africa:
Information on Internet connectivity and growth rates is collected at Internet World Stats: Usage and Population Statistics,
http://www.internetworldstats.com/stats.htm
.

2
Few of us realize that data stored by Google … are subject to the U.S. Patriot Act:
The official title of the Patriot Act is “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT) Act of 2001” The full Act can be found at
http://www.gpo.gov/fdsys/pkg/PLAW-107publ56/pdf/PLAW-107publ56.pdf
. See also “USA Patriot Act,” Electronic Privacy Information Center,
http://epic.org/privacy/terrorism/usapatriot/default.html
.

3
Mobile devices are what Harvard’s Jonathan Zittrain:
Jonathan Zittrain warns about the shift towards “tethered appliances” in
The Future of the Internet and How to Stop It
(New Haven: Yale University Press, 2008).

4
Botnets … can be rented from public forums and websites:
A price list of illicit products and services sold in the Russian cybercrime underground is documented in this Trend Micro report: Max Goncharov, “Russian Underground 101,”
Trend Micro
, 2012,
http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-russian-underground-101.pdf
. Many more details about cyber crime are provided in Chapter 8.

18
The OpenNet Initiative (ONI) … notes that roughly 1 billion Internet users:
The ONI was founded in 2002 as a partnership between the Citizen Lab at the Munk School of Global Affairs, University of Toronto, Berkman Center for Internet & Society at Harvard University, and the Advanced Network Research Group at the University of Cambridge, U.K. (later, the SecDev Group) by myself, Rafal Rohozinski, John Palfrey, and Jonathan Zittrain. The ONI’S publications can be located at
http://opennet.net/
. The ONI estimates that in 2012, more than 620 million people lived in censored jurisdictions; see “Global Internet Filtering in 2012 at a Glance,” OpenNet Initiative, April 3, 2012,
http://opennet.net/blog/2012/04/global-internet-filtering-2012-glance
.

ONI has documented the use of Western-made software for Internet filtering in the Middle East and North Africa in Helmi Noman and Jillian C. York, “West Censoring East: The Use of Western Technologies by Middle East Censors, 2010–2011,”
http://opennet.net/west-censor-ing-east-the-use-western-technologies-middle-east-censors–2010–2011
.

6
Dissidents in the United Arab Emirates and Bahrain:
Instances of U.A.E. and Bahrain dissidents being targeted by British- and Italian-produced network intrusion kits have been reported in Vernon Silver, “Spyware Leaves Trail to Beaten Activist Through Microsoft Flaw,” Bloomberg News, October 10, 2012,
http://www.bloomberg.com/news/2012–10–10/spyware-leaves-trail-to-beaten-activist-through-microsoft-flaw.html
; and Vernon Silver, “FinFisher Spyware Reach Found on Five Continents: Report,” Bloomberg News, August 8, 2012,
http://www.bloomberg.com/news/2012–08–08/finfisher-spyware-reach-found-on-five-continents-report.html
. More details about this emerging marketplace can be found in Chapter 13.

1: CHASING SHADOWS

1
So began the story of GhostNet:
Both the GhostNet and Shadows investigations were done under the auspices of the Information Warfare Monitor Project (2002–2011), a collaboration between the Citizen Lab at the Munk School of Global Affairs, University of Toronto and the Advanced Network Research Group at University of Cambridge, U.K. (later, the SecDev Group). Rafal Rohozinski was a co-principal investigator on the Information Warfare Monitor and one of the co-authors on both reports. Portions of the GhostNet field/technical research were carried out by Dr. Shishir Nagaraja of Cambridge University. Nagaraja and his
supervisor, Dr. Ross Anderson, released their own report coinciding with our GhostNet publication: Ross Anderson and Shishir Nagaraja,
The Snooping Dragon: Social-malware Surveillance of the Tibetan Movement
, Cambridge University Computer Laboratory Technical Report, 2009. The Shadowserver Foundation collaborated with the Information Warfare Monitor on the Shadows report, and Steven Adair was a co-author on that report. We documented our GhostNet and Shadows investigations in Information Warfare Monitor, Tracking GhostNet: Investigating a Cyber Espionage Network, March 29, 2009,
http://www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network
; and Information Warfare Monitor and Shadowserver Foundation, Shadows in the Cloud: Investigating Cyber Espionage 2.0, April 5, 2010,
http://www.infowar-monitor.net/2010/04/shadows-in-the-cloud-an-investigation-into-cyber-espionage-2-0/
. John Markoff reported on our investigations in, “Vast Spy System Loots Computers in 103 Countries,”
New York Times
, March 28, 2009,
http://www.nytimes.com/2009/03/29/technology/29spy.html?pagewanted=all&_r=0
; and together with David Barboza in, “Researchers Trace Data Theft to Intruders in China,”
New York Times
, April 5, 2010,
http://www.nytimes.com/2010/04/06/science/06cyber.html?pagewanted=all
.

2
a huge compromise of American military and intelligence agencies:
For more on “Titan Rain,” see James A. Lewis,
Computer Espionage, Titan Rain and China, Center for Strategic and International Studies
, December 2005,
http://csis.org/files/media/csis/pubs/051214_china_titan_rain.pdf
.

3
“Who done it?”:
Useful primers on the difficulties of attributing the sources of cyber attacks can be found in David D. Clark and Susan Landau, “Untangling Attribution,” and W. Earl Boebert, “A Survey of Challenges in Attribution,” both of which can be found in
Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy
, 2010,
http://www.nap.edu/catalog/12997.html
.

2: FILTERS AND CHOKEPOINTS

1
What is cyberspace?:
Canadian science fiction author William Gibson is credited with coining the term
cyberspace
in his short story “Burning Chrome” (New York: HarperCollins, 2003), and popularizing it in his novel
Neuromancer
(New York: Ace, 1984). Although
cyberspace
and
Internet
are often used interchangeably, they are not the same. The Internet is a global network of computer networks configured to operate according to a common protocol of intercommunications (the TCP/IP protocol). Cyberspace is broader and includes the entire domain of global communications, including (but not limited to) the Internet.

2
Every device we use to connect to the Internet:
Attempts to control cyberspace often start with interventions in the physical infrastructure, specifically at key chokepoints. This has been documented in Ronald Deibert, John Palfrey, Rafal Rohozinski, and Jonathan Zittrain, eds.,
Access Denied: The Practice and Policy of Global Internet Filtering
(Cambridge: MIT Press, 2008); Mark Newman,
Networks: An Introduction
(New York: Oxford University Press, 2010); and David D. Clark, “Control Point Analysis” (Paper presented at the 2012 TPRC, 40th Research Conference on Communication, Information and Internet Policy, Arlington, Virginia, September 21–23, 2012), available at:
http://dx.doi.org/10.2139/ssrn.2032124
.

3
Much of the software that operates cyberspace is “closed,” or proprietary:
On studies of the security of closed- and open-source operating systems, see Kishen Iyengar, M.K. Raja, and Vishal Sachdev, “A Security Comparison of Open-Source and Closed-Source Operating Systems” (Proceedings of South West Decision Sciences Institute’s Thirty-eighth Annual Conference, San Diego, CA, 2007),
http://www.swdsi.org/swdsi07/2007_proceedings/papers/236.pdf
; and Jim Rapoza, “eWeek Labs: Open Source Quicker at Fixing Flaws,” eWeek, September 30, 2012,
http://www.eweek.com/c/a/Application-Development/eWeek-Labs-Open-Source-Quicker-at-Fixing-Flaws/
. An in-depth analysis of the political economy of open-source software can be found in Steven Weber,
The Success of Open Source
(Boston: Harvard University Press, 2008).

4
In 2010, while mapping for its popular Street View service:
For more on Google’s Street View wifi controversy, see David Kravets, “An Intentional Mistake: The Anatomy of Google’s Wi-Fi Sniffing Debacle,”
Wired
, May 2, 2012,
http://www.wired.com/threatlevel/2012/05/google-wifi-fcc-investigation
.

5
In 2012, Cisco provided updates to its popular Linksys:
Cisco’s updates are detailed in Joel Hruska, “Cisco’s Cloud Vision: Mandatory, Monetized, and Killed at Their Discretion,”
Extreme Tech
, July 2, 2012,
http://www.extremetech.com/computing/132142-ciscos-cloud-vision-mandatory-monetized-and-killed-at-their-discretion
.

6
in 2012, a cyber security researcher named Mark Wuergler:
Mark Wuergler’s research on the exposure of MAC addresses in Apple devices has been documented in Dan Goodin, “Loose-Lipped iPhones Top the List of Smartphones Exploited by Hacker,”
Ars Technica
, March 16, 2012,
http://arstechnica.com/apple/2012/03/loose-lipped-iphones-top-the-list-of-smartphones-exploited-by-hacker/
.

7
In 2012, ONI discovered that users in Oman:
The OpenNet Initiative documented its findings on upstream filtering affecting Omani ISP Omantel in Citizen Lab, “Routing Gone Wild: Documenting Upstream Filtering in Oman via India,” 2012,
https://citizenlab.org/2012/07/routing-gone-wild
.

8
In 2005, ONI found that when the Canadian ISP Telus blocked:
The OpenNet Initiative documented its findings on collateral filtering by Telus in “Telus Blocks Consumer Access to Labour Union Web Site and Filters an Additional 766 Unrelated Sites,”
OpenNet Initiative
, August 2, 2005,
http://opennet.net/bulletins/010/
.

9
In 2008, the Pakistan Ministry of Information ordered Pakistan Telecom:
Pakistan’s 2008 collateral filtering of YouTube is documented in Martin A. Brown, “Pakistan Hijacks YouTube,”
Renesys
, February 24, 2008,
http://www.renesys.com/blog/2008/02/pakistan-hijacks-you-tube-1.shtml
.

10
there is a deeper layer of control:
For IXPS, see “Internet Exchange Map,”
TeleGeography
,
http://www.telegeography.com/telecom-resources/internet-exchange-map/index.html
; Brice Augustin, Balachander Krishnamurthy, and Walter Willinger, “IXPS: Mapped?”, Internet Measurement Conference, November 2009,
http://www-rp.lip6.fr/~augustin/ixp/imc2009.pdf
. The University of Toronto’s IXmaps is a tool that allows researchers to examine the route(s) that data packets take to travel across North America. The tool can be found at:
http://www.ixmaps.ca
.

11
In 2002, Mark Klein, a twenty-year veteran technician with AT&T:
Mark Klein’s personal statement about discovering the AT&T eavesdropping
facility was published in “Wiretap Whistle-Blower’s Account,”
Wired
, April 7, 2006,
http://www.wired.com/science/discoveries/news/2006/04/70621
. The Electronic Frontier Foundation has documented the case at “Hepting v. AT&T,”
https://www.eff.org/cases/hepting
.

Other books

The Comedians by Graham Greene
The Soul Mate by Madeline Sheehan
Bloodstone by David Gemmell
Between Hope & the Highway by Charissa Stastny
Under the Sun by Justin Kerr-Smiley
The Last Days of Summer by Vanessa Ronan
The Man in the Window by Jon Cohen, Nancy Pearl
The Butterfly Clues by Kate Ellison