By Dave Hook I don’t shy away from opportunities to geek out. Yes, I’ll happily…
So what is the internet, really? It is not magic, although it tries hard to look like it. We don’t talk about the physical aspect of the internet often until something breaks, but understanding how the network works is key to understanding all the very many ways it is possible to lose your privacy on the internet.
Magic is perfect, humans and the internet are not.
When you look at the structure of the internet from this perspective, it’s easy to see how, with so many moving parts, a near-infinite number of things can go wrong. The internet is robust, it is designed to route around errors and slowdowns, but it assumes all packets are equal. Because of its de-centralized nature, there is no God-Emperor of the internet who can keep an eye out for problems or track patterns – there are just a lot of sysadmins (system administrators) who act as tiny gods of their own domains, putting out fires as they occur.
With no map or guide to the haphazard cobbled-together internet it is therefore easy to find a crack to pry open.
A number of tools exist to keep an eye on who is tracking you on websites, including [disconnect] and [ghostery]. But once you’ve plugged that hole, here’s another: imagine a malicious person takes control of a router, one of those hubs in the internet, and monitors all the traffic that goes through it. Thanks to various tricks, this router may convince your computer to send all your traffic through it instead of the most efficient route. All you will notice would be a possible lag in your internet speed, but they will be able to watch your every click.
The solution to *that* is encryption, which keeps information private between your computer and the server its talking to. This is why the Heartbleed bug was such a big deal: if encryption wasn’t working, this hole we thought we had covered was totally open the whole time. Whether the server you’re talking to uses encryption or not is something you can’t control as a user except to demand it from the businesses you patronize.
Even if you have your encryption in place, what happens if someone malicious takes control of the server itself? Or if someone gets between your computer and the internet? What if the NSA tapped into the very cables that make up the internet? [They have].
Now that you know all this, what’s the takeaway message?
The internet is a human invention and thus has plenty of flaws. Pretending it’s magic does a disservice to the amount of work that goes into making it function every day, but it also gives a false sense of security. No matter what fancy new website you’re using, it’s ultimately just made up of packets of information travelling down a wire. Magic doesn’t exist after all.
Ruth Collings is a librarian in Toronto interested in privacy, accessibility, and technology in patron-focused libraries. You can contact her via contact [at] ruthcollings.ca or at her website ruthcollings.ca.