Read Surveillance or Security?: The Risks Posed by New Wiretapping Technologies Online
Authors: Susan Landau
9. (p. 14) Brenda Maddox, "Women and the Switchboard," in Ithiel de Sola Pool,
ed., The Social Impact of the Telephone (Cambridge MA: MIT Press, 1977), 265-266.
10. (p. 14) The story is that the undertaker, Almon Strowger, did so because he
believed that operators were shunting calls to his competitor (Maddox, "Women
and the Switchboard," 272).
11. (p. 14) Van Jacobson, A New Way to Look at Networking, Google Video, 8:48.
12. (p. 16) In the case of rural areas with low phone usage, these three digits might
represent a single town, while in cities the exchange would delineate a neighborhood. Originally names were used to describe these three digits. In the United
Kingdom the names delineated the first three digits-thus Scotland Yard was WHItehall 1212 (or 944-1212)-while in the United States the names delineated only the
first two digits. Ricky and Lucy Ricardo's number in the television show I Love Lucy
was MUrray Hill 5-9975 (or 685-9975).
13. (p. 16) Bell Telephone Laboratories, Engineering and Operations in the Bell System,
31-38.
14. (p. 16) Katie Hafner and Matthew Lyon, Where Wizards Stay Up Late: The Origins
of the Internet (New York: Simon and Schuster, 1996), 57; Stewart Brand, "Founding
Father," Wired 9, no. 3 (2001): 145-153.
15. (p. 16) In practice, various Internet protocols limit maximum hop count to prevent
messages from traveling infinite loops and using other unacceptably long routings.
16. (p. 17) Brand, "Founding Father," 149.
17. (p. 17) Brand, "Founding Father," 148.
18. (p. 17) Hafner and Lyon, Where Wizards Stay Up Late: The Origins of the Internet, 66.
19. (p. 17) Data traffic transmission patterns are very different from the PSTN
pattern, where calls typically peak in midmomings and midafternoons of the business week (and on Mother's Day). The problem of peaks is of great importance to
telephone companies, since such information informs pricing plans. Changing
demographics and changing technologies have resulted in changing communication patterns, including a burst of traffic as people leave their jobs and announce
they are on their way home.
20. (p. 17) Brand, "Founding Father," 149.
21. (p. 18) Brand, "Founding Father," 149.
22. (p. 18) Jacobson, New Way, 14:47.
23. (p. 18) Brand, "Founding Father," 149.
24. (p. 18) Hafner and Lyon, Where Wizards Stay Up Late: The Origins of the Internet, 67.
25. (p. 18) Brand, "Founding Father," 150.
26. (p. 19) Jacobson, New Way, 22:00.
27. (p. 19) There were multiple other responses to Sputnik as well.
28. (p. 19) The idea was an outgrowth of the work of J.C.R. Licklider, who had
envisioned a "Galactic" model of interconnected "computers through which everyone could quickly access data and programs from any site" (Barry M. Leiner, Vinton
G. Cerf, David D. Clark, Robert E. Kahn, Leonard Kleinrock, Daniel C. Lynch, Jon
Postel, Larry G. Roberts, and Stephen Wolff, A Brief History of the Internet, version
3.32, December 10, 2003, Internet Society, http://www.isoc.org/internet/history/
brief.shtml, 2).
29. (p. 19) In this respect the new network was a sharp break from the telephone
network. Susan Crawford characterizes this view of what constitutes the Internet as
"the engineers"' view; see Susan Crawford, "Internet Think," Journal of Telecommunications and High Technology Law 5, no. 6 (2007): 467-486 for an interesting characterization of the differing views of the Internet on the part of engineers, telcos,
and netheads.
30. (p. 19) Leiner et al., A Brief History of the Internet, 4.
31. (p. 20) To explain the situation with somewhat more nuance: no network is
completely decentralized, but the Internet is remarkably so. There is some centralization but only where it is really necessary (e.g., the DNS system). Otherwise all decisions are local. The PSTN's switches make local decisions from their router tables
and, in that sense, also operate in a decentralized way. However, traditionally the
PSTN local routing tables were determined by the phone company and this provided
the centralized communications model. This difference is in large part due to the
fact that the PSTN was a monopoly enterprise for much of its existence, while the
Internet has always been an Internet of networks.
32. (p. 20) This can be expanded in various ways, including by connecting Network
Address Translation (NAT) boxes to the Internet. These boxes show one address to
the Internet but support multiple devices on a local network. NATs are widely used,
for example, in home networks.
33. (p. 20) This is done using the Domain Name System, designed by Paul Mockapetris.
34. (p. 20) Routers are not infallible. When they make mistakes, the problems can
be quite serious. In 1997 a small Florida ISP broadcast Sprint routes as its own. The
Sprint routers added those routes to their tables; other routers followed suit. Soon
there were loops in the routing paths, which led to a major breakdown in Internet
communications (Javier Salido, Masanori Nakahara, and Yinhai Wang, "An Analysis
of Network Reachability Using BGP Data," Proceedings of the Third IEEE Workshop on
Internet Applications (Piscataway, NJ: IEEE, 2003), 17).
35. (p. 20) Leiner et al., A Brief History of the Internet, 6.
36. (p. 20) Andrew Odlyzko, "Content Is Not King," First Monday 6, no. 2-5 (February
2001), http://firstmonday.org/htbin/cgiwrap/bin/ojs/index.php/fm/article/view/833/742.
37. (p. 20) It is not surprising that email has such great value: email enables almost
instantaneous communication. Unlike a telephone call, it is asynchronous. That
asynchrony turns out to be extremely useful: email enables people to jointly make
decisions without requiring that they be simultaneously present to do so. Email also
leaves a written record, sometimes an advantage (and sometimes not). Human
communication had never had a tool quite like this. Even the British post office
in its heyday delivered mail only three times a day (Joseph Clarence Hemmeon,
The History of the British Post Office (Cambridge, MA: Harvard University Press,
1912), 54).
38. (p. 21) Brand, "Founding Father," 151.
39. (p. 21) Jacobson, New Way, 29:00.
40. (p. 21) Only members of the military and ARPA contractors could use the ARPANET.
41. (p. 21) Leiner et al., A Brief History of the Internet, 7.
42. (p. 21) These were the Cornell National Supercomputer Facility (CNSF), John
von Neumann Center (JVNC), National Center for Atmospheric Research (NCAR),
National Center for Supercomputer Applications (NCSA) at the University of Illinois,
Pittsburgh Supercomputer Center (PSC), and San Diego Supercomputer Center
(SDSC).
43. (p. 21) National Science Foundation, "A Brief History of NSF and the Internet,"
http://www.nsf.gov/news/special reports/cyber/Internet.jsp.
44. (p. 22) National Science Foundation, "A Brief History."
45. (p. 22) National Science Foundation, "The Launch of NSFNET," http://www.nsf
.gov/about/history/nsfOOSO/internet/launch.htm.
46. (p. 22) The expanded network reaches billions more users, is available in
thousands more languages, and has millions more applications than NSFNET.
47. (p. 23) This is the level at which the Internet Control Message Protocol (ICMP),
which can be used to provide information about network reliability, is located.
48. (p. 24) More precisely, a "mask" is associated with each IP address appearing in
a table, indicating which parts of the address are significant for routing purposes.
Recall that any IP address with an initial entry of 18 (that is, 18.x.y.z) denotes an
address at MIT. A routing-table entry might use an entry of 18.0.0.0 and a mask that
indicates that only the 18 is significant for routing. Once the packet reaches MIT,
routers there will decide where on campus the packet will go. Those routers, in turn,
are likely to use more specific masks on their routing-table entries that subdivide
the network by buildings or departments.
49. (p. 24) Committee on the Internet in the Evolving Information Infrastructure,
Computer Science and Telecommunications Board, Commission on Physical Sciences, Mathematics, and Applications, National Research Council, The Internet's
Coining of Age (Washington, DC: National Academy Press, 2001), 36.
50. (p. 25) The other common transport-layer protocol, UDP, neither acknowledges
the receipt of packets nor checks if all packets are present (Jon Postel, "RFC768-User
Datagram Protocol," August 28, 1980, http://tools.ietf.org/html/rfc768). UDP is
faster than TCP but also less reliable. In UDP the decision on what to do about a
missing packet is left to the application.
51. (p. 25) There are a number of different algorithms to do this, each with somewhat different behaviors. TCP maintains a congestion window that measures the
amount of data sent off but that lacks a "received" acknowledgment. What happens
in the popular Tahoe algorithm, for example, is that each time a packet acknowledgment is received by TCP within the congestion window, TCP increases the window
size. Thus if packets are flowing nicely, the number of packets sent out per time
period doubles. At some point either a preset threshold is reached-in which TCP
changes the congestion-window growth to linear-or acknowledgments are no longer being received within the time window. If the latter happens, TCP halves the
size of the congestion window. In this way, TCP is responsive to bandwidth conditions on the portion of the network for its current connection.
52. (p. 26) While it is only recently that cell phones can be used on airplanes, cell
phone use on high-speed trains has always been permitted. Originally, however, the
calls were dropped as the mobile phones transited the cell towers at high speed. So
the cell phone companies added a twist to the algorithm: if a call was quickly passing
through transmission towers along the route of a high-speed train, towers along the
route would be preallocated to the call to enable it to be transmitted without being
dropped (David Nacacche, personal communication, December 19, 2005).
53. (p. 26) Patrick Traynor, Patrick McDaniel, and Thomas La Porta, Security for
Telecoininunications Networks (New York: Springer, 2008), 27.
54. (p. 26) Steven M. Bellovin, Matt Blaze, Ernie Brickell, Clinton Brooks, Vinton
Cerf, Whitfield Diffie, Susan Landau, Jon Peterson, John Treichler, "Security Implications of Applying the Communications Assistance for Law Enforcement Act to Voice
over IP" (2006), http://www.cs.columbia.edu/--smb/papers/CALEAVOIPreport.pdf, 9.
55. (p. 27) The ISI team used the "Network Voice Protocol" (Danny Cohen, "Specification for the Network Voice Protocol (NVP) and Appendix 1: The Definition of
Tables-Set-#1 (for LPC) and Appendix 2: Implementation Recommendations," NSC
Note 68, Revision of NSC Notes 26, 40, and 43, NWG/RFC 741, Washington, DC,
November 22, 1977).
56. (p. 27) This was later used in the LPC 10, a vocoding technique (a vocoder is a
device that takes an analog voice signal and converts it to a digital signal), used by
the government in the 1980s.
57. (p. 27) Danny Cohen, personal communication, December 17, 2008.
58. (p. 28) See http://www.skype.com.
59. (p. 28) This is not completely accurate: only clients that are not firewalled, and
are thus on publicly routable IP addresses, may be used in the peer-to-peer communication (Skype, "P2P Telephony Explained-For Geeks Only," http://www
.skype.com/help/guides/p2pexplained/).
60. (p. 28) Bellovin et al., "Security Implications," 3.
61. (p. 29) Although SMS, or Short Messaging System, is simply one form of texting,
the term has come to stand for all forms of text messaging.
62. (p. 29) This channel, SS7, is a "store-and-forward" channel, meaning that if a
communication using it does not go through, the message is stored and resent later.
63. (p. 29) The limit is 140 characters, though more modern versions allow longer
messages by concatenating several shorter ones.
64. (p. 29) Charles Golvin, Sizing the U.S. Mobile Messaging Market (Forrester Research,
2004), 8.
65. (p. 29) Sadie Plant argues that "in much of Pacific Asia, where human interaction
and interconnectivity are often more highly prized than any notions about privacy,
the mobile is readily welcomed by people who have always liked to feel connected,
constantly available, always within reach" (Sadie Plant, On the Mobile: The Effects of
Mobile Telephones on Social and Individual Life, Motorola, October 2001, 40).
66. (p. 29) Gartner.com, Gartner Says Mobile Messages to Surpass 2 Trillion Messages in Major
Markets in 2008, December 12, 2007, http://www.gartner.com/it/page.jsp?id=565124.
67. (p. 29) Norimitsu Onishi, "Thumbs Race as Japan's Best Sellers Go Cellular," New
York Times, January 20, 2008.
68. (p. 29) Tradenet, a west African organization simplifying transborder trading by
farmers, provides sellers with a platform to list their location and wares; users receive
alerts on prices and information on market conditions via SMS messaging. In banking,
SMS is the customer interface of choice at FNB Bank (Rebecca Sausner, "SMS
Use Overtakes the Web at FNB," Bank Technology News, December 2007, http://
www.americanbanker.com/btn-article.html?id=20071127OYQ8GGPT), a multinational
bank also operating in Botswana, Lesotho, Mozambique, Namibia, and Swaziland.
69. (p. 30) Michael Bociurkiw, "Revolution by Cell Phone," Forbes 168, no. 6 (Fall
2001), http://www.forbes.com/asap/2001/0910/028.html.
70. (p. 30) In June 2007, text messages similarly summoned ten thousand people
in Xiamen, China, to the streets to protest construction of a chemical plant; their
efforts led to a delay pending further study (Edward Cody, "Text Messages Giving
Voice to Chinese: Opponents of Chemical Factory Found Way around Censors,"
Washington Post, June 28, 2007).
71. (p. 30) Indeed, counterintuitively texting can cost more than voice communications. For example, in 2003 Verizon offered a cell plan that charged three hundred
peak-time minutes and thirty-two hundred off-peak minutes for voice calls and ten
cents per message sent, two cents per message received. As the National Communications System observed, this works out to having eleven hundred three-minute
voice calls, or 291 SMS "conversations"-one message sent, one received (Office of
the Manager, National Communications System, SMS over SS7, NCS Technical Information Bulletin 03-2, December 2003, 3-4). In 2009, AT&T charges its customers
twenty cents a message ("AT&T Messaging FAQ" http://www.wireless.att.com/learn/
messaging-internet/messaging/faq.jsp#pricing-text). By contrast, in the United
Kingdom texting is about one-third the cost of voice calls (Alex Taylor and Jane
Vincent, "An SMS History," in Lynne Hamill and Amparo Lassen, eds., Mobile World:
Past, Present, and Future (New York: Springer, 2005, 84).