[Metroactive Features]

[ Features Index | Silicon Valley | Metroactive Home | Archives ]

[whitespace]
Techsploits

Heavy Traffic

By Annalee Newitz

IF YOU want to avoid surveillance when you're on the Internet, there are two things you can do. You can encrypt your communications—email, instant messages and the like—using programs that convert what you've said into code and then allow the recipient of your messages to decode them. Or you can hide where you're coming from and where you're going.

Very few people realize how much information can be gleaned about them based on what network geeks call "traffic," the movement of bits from one computer to another. It makes intuitive sense to the privacy-minded that encrypting email is a good idea—you don't want bosses, parents or unsavory sysadmins to read your personal correspondence. But what could somebody gain from analyzing your traffic? The answer is: a hell of a lot. In fact, security experts speculate that the National Security Agency (NSA) is far more interested in traffic analysis than they are in almost any other kind of internet surveillance.

Every time you open your browser and go to a website, you are broadcasting information about where you are and what kind of information you want. Your computer sends a message to another computer, a web server, which roughly translates as, "Hello, I am a computer at the following address and I would like to see the website at your address." That "address" is an Internet Protocol (IP) address that is often unique to your computer, and thus directly traceable back to you.

Someone with traffic analysis capabilities could use that information to, for example, enforce local obscenity laws. Say a person in Alabama—where sex toys are illegal—wants to buy dildos at Good Vibrations. Too bad—their local Internet Service Provider (ISP) can see that their IP address originates in Alabama and won't allow them to send a query for information to the web servers at GoodVibes.com.

Even though traffic analysis doesn't necessarily reveal the content of your communications, it does give away who you're talking to and for how long. Every email and instant message you send is wrapped in layers of data that are used to tell the various nodes on the Internet where that data is going and how big it is. As the data hops from computer to computer, little conversations take place that go something like this: "Hello, I am one of 3,000 data packets from Joe's IP address. I traveled to you via an Earthlink mail server. Can you send me to Michelle's mail server's IP address?" And then the computer will say, "Let me check to see where Michelle's mail server lives. Yes, data packet from Joe's IP address, I can send you there. Off you go." Traffic analyzers snoop on these conversations. From them, analyzers can glean who Joe talks to and (very likely) where she lives. Also, by counting the number of data packets they can figure out whether Joe is sending a tiny bit of text or a giant photograph. If Michelle's mail server lives in Fallujah, it doesn't matter whether Joe has encrypted his email—you can bet he's going to get a knock on his door late at night.

Another thing that you reveal about yourself when you cruise around online is what sort of information you're accessing. For example, web traffic uses a different protocol than email does. Peer-to-peer networks use their own protocols, as do hundreds of other applications. It's information like this that allows universities to keep students from using Kazaa or eMule, two popular file-sharing programs—a few simple traffic analysis and shaping tools allow university administrators to spy on what kinds of protocols the students are using and shut down any connections that are sending or receiving P2P traffic.

The ugly part of all this is that students are denied access based on the protocol they use. Despite the fact that many people use P2P networks to share large chunks of scientific data quickly and efficiently, the fact that many people use those networks to infringe copyright turns P2P into a "naughty protocol" that must be stopped.

The good news is that there are programs out there to help you anonymize your traffic and hide where you go online. Tor, a free program, defeats many types of traffic analysis. And if you surf using the Anonymizer.com site, it's much harder for those snoops to listen in on the conversations your computer is having with every web server you access. The bad news is that the NSA's traffic analysis techniques are believed by many credible experts to be about 30 years ahead of civilian programs designed to make traffic private.


Annalee Newitz ([email protected]) is a surly media nerd who is always getting stuck in traffic.


Send a letter to the editor about this story to letters@metronews.com.

[ Silicon Valley | Metroactive Home | Archives ]


From the November 17-23, 2004 issue of Metro, Silicon Valley's Weekly Newspaper.

Copyright © Metro Publishing Inc. Metroactive is affiliated with the Boulevards Network.

For more information about the San Jose/Silicon Valley area, visit sanjose.com.