More Layers in the Onion

In reaction to the last post, Sven noted that by default my ISP is probably tracking all of my web traffic. I’ve no idea what the law requires of ISPs in Japan, but it seems quite likely that there are very few protections for citizens, and a lot of snooping going on…

There are two parts to this:

– nameserver lookups–if my ISP is logging all lookups then obviously that’s a risk. In order to get around that i’ll need to either run a local DNS (urgh, no doubt there is a lot to learn there…), or find a DNS service provider that a) has a reasonable data retention policy b) is trustworthy.

– regular traffic–the ISP could easily be logging all of the requests that i make. If there is a host out there that i do trust as an exit point (trust not to maintain a log of my activity) then running a VPN / tunnel to that point would be acceptable. At best my local ISP would know that i was communicating with the VPN host, but would know nothing about the traffic moving through the VPN. Unfortunately i don’t have access to such a VPN host, and given the traffic costs involved, can’t imagine that they are out there and cheap to use.

The other option is to use Tor. I’m still rather reluctant to do this… it seems like it may well be a step to far (similar to contemplating running a DNS server…) given that i’m not actually attempting to do anything illegal, or actively evade detection. My only goal here is see if it’s possible to opt out of a system of pervasive surveillance and monetization of my activity.

I’ll set up Tor and see how unbearable it makes life… running an exit node is out of the question given how little i know about the state of Japanese ‘net surveillance. The last thing i’d want to be doing is to be unknowingly feeding the machine.

Advertisements

The Chilling Effect?

The ripples from the Wikileaks cable releases are still spreading out into the internet. My initial reaction to the behavior of the likes of Mastercard, Visa, Back of America, PayPal, Facebook, Google, was, rather predictably, anger.

That corporations such as Mastercard and Visa should so easily bend to the unexpressed will of the US administration (resisting the urge to call it a regime…) isn’t all that surprising. Given the obvious connections between management at corporations and their “regulators” it would be easy to imagine an informal word being had, through the usual network of contacts. Contact would of course be unofficial, but the expression of displeasure would make it clear enough that action was expected. Which is not to say that all of the actors need to be similarly motivated – BofA probably feels intimidated enough to strike out on it’s own.

PayPal, being rather new new to game, made a mess of initial statements. First saying that it had been under pressure from the state department, then retracting, and claiming it had acted on it’s own, that there was no intervention from the government. This somewhat let the cat out of bag…

It seems to me that the actions of these financial institutions is worrying, in so much that they are de facto gatekeepers to the will of people to fund causes (causes which haven’t violated laws, but have certainly challenged the power of governments..), but it is not altogether surprising. They are operating in an environment in which punitive actions can be taken against them. Given their prodigious unpopularity, it seems unlikely that public sentiment would move to help them if stepped out of line.

Far more worrying are the quiet actions of the likes of Amazon (denying hosting), Facebook (blacklisting links, locking pages), Google (taking down YouTube videos), Twitter (controversial, but a trend algorithm that can ignore a hashtag as hot as #wikileaks / #cablegate is broken), wikipedia (removing a list of wikileaks mirrors), various ISP, and service providers, etc. Although i’m willing to believe that the US government has high level connections at some of these internet companies, the more reasonable conclusion is that they are actually self-consoring.

It is worthwhile considering why this might be happening. The obvious reason who be that they fear the imposition of genuine censorship, and the resulting public backlash. If they don’t act first and regulate themselves, they can expect to find zealous congressmen / senators (yes Lieberman, i’m talking about you) encumbering them with ill considered (and unenforcible?) legislation, and attacks from the (government directed) press. Another possibility is that they consider their users to be significantly sympathetic to the official message (ie, stupid and brainwashed enough to believe that not knowing is better for them…) that action will lose them less users than inaction.

There is, in my not particularly humble opinion, a worrying trend of commercialization among the internet digerati. This is nothing particularly new, and in fact has been the goal of many internet entrepreneurs for many years; “monetize the web”. However, this has always been balanced by an idealistic (yes, i know it’s a dirty word in a capitalist world) element fighting to hold onto the initial vision of the web as a democratizing / unifying platform for the free and open sharing of information.

If anything positive is going to come out of the current situation surrounding Wikileaks / Bradley Manning it has to be that more people are willing to take a stand against the increasing centralization of information under corporate / commercial control. It seems likely that the battle for the mass-market has already been lost, but the initial skirmishes of a resistance movement are already visible in projects like Tor, YaCy, Diaspora.

Whether it’s still possible to carve channels of free communication through the grey goo of the commercial ‘net probably depends on the actions and support of people like, dear reader, you and i.