What Iran and China can teach us
When the Iranian people began to protest the election result, the Iranian government were swift to act. The mobile telephone Short Messaging Service (SMS) was disabled country-wide. Access to foreign Internet news sites was restricted. When the protesters turned to social networking sites such as Facebook and Twitter, the Iranian government began to block access to those sites, too.
China as always are ahead of the curve. With riots breaking out in the city of Urumqi, the Chinese government has blocked and disabled almost all communication to or from the city. Mobile telephone and SMS services are disabled, Internet access is almost non-existent. Internet search engines inside China have been purged of all references to the unrest in Urumqi. Chinese citizens outside of Urumqi have no way of knowing what is happening there, and the people of Urumqi have no way to tell them.
When the United States of America was formed, congress were concerned that the citizens should have a way to maintain a balance of power, to stop future governments abusing their citizens. They saw the answer as the 2nd Amendment, which gives the citizens of the United States of America the right to bear arms. The theory is that should the government ever defy the citizens, those citizens can rise up and overthrow the government.
In the information age of today, Information and Knowledge are more powerful weapons than any gun. The Iranian and Chinese governments know this. The Internet is the worlds most powerful communication systems ever built. If they control the Internet, they have the power.
The use of Internet censorship in Iran and China are the perfect examples of why efforts to control your Internet access here in the UK should be resisted. The 18th century politicians of the United States of America knew that their citizens required a way to keep the government in check. That requirement still exists, but rather than guns and bullets we require information and knowledge. The freedom to access the Internet, unhindered and uncensored by the government, should be an absolute right for every person, both here in the UK and elsewhere.
This analysis is basically correct, and it suggests that there are strong foreign policy implications in the way the West structures the architecture of the Internet.
What we in the West need to do is structure the net so that it’s easy for people to communicate without being monitored, and very hard for the authorities to cut off net access. If this was done, it would have two advantages: firstly, it would be hard for the West to bring in authoritarian measures that harmed people’s civil liberties (such a “3 strikes” laws), and secondly it would make it hard for authoritarian regimes to do so as well. Of course, authoritarian regimes could respond by banning or severely restricting Internet use, but if they did that they would do serious harm to their economies.
What would a “freedom enabled” Internet look like? To start with, all common protocols — such as email, http, etc — need to use strong encryption as a default. Implementing Transport Layer Security (TLS) as a default would be useful here.
To achieve the above, all commodity computers sold should come as standard with an operating system (call it “Secure OS”) that implements such security out of the box, and the encryption should be as far as possible transparent to the user (this is quite easy to implement using public key encryption). The West should develop such an operating system, probably basing it on the Linux kernel.
The Secure OS would also need to foil traffic analysis. To do this it would come equipped with onion routing and a system where random dummy messages were sent from time to time.
Secure encryption makes it very hard for the state to eavesdrop on what people are saying. (It means that in practise they couldn’t rely on technical methods, but would instead have to infiltrate networks of dissidents to find out what people are saying.) But if all the computers were connected to the Internet using ADSL links, an authoritarian government could simply cut those links, preventing people from communicating at all.
To solve this problem it would be best if all the computers in a city were capable of communicating to each other wirelessly using mesh networking. Some of the nodes will also be connected to the wider Internet through an ADSL link; these nodes can be used to connect the whole mesh network to the wider Internet.
Protecting communications is good, but doesn’t help if the authorities seize a dissident’s computer, and read the contents of its hard disk. A way to prevent this would be to encrypt the hard disk. But this won’t work on its own, because the authorities could simply threaten to kill the suspect unless he gives the encryption key. Instead, we should use a cryptographic file system that has multiple decryptions depending on which key is used. There could be several keys, each of which expose different parts of the encrypted data, and there would be no way of telling how many keys there are in total. This is called a Steganographic file system.
Let’s call a computer with a combination of Secure OS, mesh networking and steganographic file system a “Secure PC”. Would a Secure PC just be used by dissidents? This would be no good at all, since possession of such a device would be highly incriminating. No, if we are to do it properly, a Secure PC must be used by everyone (this would have the added advantage that since it would be a mainstream system it would have mainstream software written for it and not become an unsupported backwater). When anyone in the West buys a typical PC in a shop, it would be a Secure PC out of the box. That way, if a repressive regime wants to use computers, it would either use Secure PCs, or it would have to develop its own computers and software, with all the cost and incompatibility problems that would bring. Most repressive regimes wouldn’t have the resources to do this (the main exception being China).