Educational CyberPlayGround ®

Internet II

Dear Free-Market Thinker,
GOVERNMENTS INTERNET2 SEEN AS NEXT NET BATTLEFIELD by Chris Mack FMNN Technology and New Media Correspondent

You didnt know the government was working on a new Internet? Actually, its already being tested in the defense department and a number of universities, but its so thoroughly redesigned it might as well have been built from scratch. And its so complicated it has been compared to the effort to put a man on the moon.

Its called variously IPv6 (the current Net protocol is known as Pv4), Mission Moonv6 and Internet2. Details have long been available to the Net community, but the status and use of the IPv6 protocol has not yet seemingly penetrated the general consciousness of the on-line population. That may change as wider implementation looms and various power players attempt to sort out their differences, and cement advantageous positions in advance of Internet2.

Mission Moonv6 Ipv6 - is going to be sold to the public by virtue of its bells and whistles, its speed, ease of use and the availability of private computer identifiers - static Internet Protocol (IP) addresses, a kind of phone number available to each and every individual computer - that will vastly increase the possibility and practicality of customized Net services.

Sounds good but its this last point that causes trouble. The current Internet was not built with the idea of every machine in the world using static IP addresses. Most computers arent individually identifiable unless the user makes a special effort. In fact, businesses charge extra fees for consumers to use static IP addresses.

All that will change with the next-generation Internet, which is being built so that each user can, and probably will, receive his or her own static IP address.

What are the ramifications of individual computer addresses? Basically, every single computer-based activity could be subject to surveillance. Cars with computers may be rendered immediately identifiable. Phone conversations running through the Internet and most will do so sooner or later should be available for timely surveillance. Email (of course), and also bill paying, banking, investing.

In the brave, new world of IPv6, almost every single conceivable personal or financial activity could be rendered transparent to authorities and appropriate corporate personnel at the flick of a switch or the touch of a button.

Why Now?

While the IPv6 effort has been ongoing since 1996, its implementation has apparently been given a boost by the War on Terror. The government recently revived the effort when in June 2003 the Defense Department mandated that all government agencies become IPv6-ready by 2008 according to a March 20004 article, Next Net moves Forward by Marguerite Reardon at CNET news.

Sensing increased governmental urgency, Microsoft has predictably charged back into the fray, battling to gain control of the Internet communication standards by claiming the intellectual property to be its own. According to Larry J. Blunk, senior engineer for networking research and development at a non-profit corporation named Merit Network Inc, Microsoft as recently as November 04 - filed claims to intellectual property rights of more than 130 protocols including but not limited to the core TCP/IP v4 and TCP/IP v6 protocol specifications. Microsoft wants to license these specifications and control their use.

If IPv6 protocol implementations are built into every Microsoft operating system, and thats what may well happen with or without Microsoft winning its legal battle, there will be little any end user can do but hope that Microsoft keeps consumers best interests in mind. Unfortunately, the history of Microsoft and privacy concerns is not entirely comforting.

In How Reg Reader Outrage Prompted Microsoft's Passport volte-farce, Andrew Orlowski in San Francisco explained how some Internet users had to pressure Microsoft into changing its privacy policies. In 2001 outrage over Microsofts Passport Terms of Use forced the company to backtrack and rewrite its policy for users.

Passports Terms of Use had originally given Microsoft unlimited rights to use any content or information a user sent through Passport websites such as hotmail. A screenwriter led a group of people to boycott hotmail because if an author sent a manuscript through hotmail, Microsoft could claim it as theirs. Microsoft eventually reversed course but it took the boycott and a good deal of negative press to push it there. What will it take this time even if the blocking of static IPs is a realistic goal at all.

4.29 Billion Unique, Static IP Addresses - Not Enough?

The biggest reason the government gives for why IPv4 should be replaced is that it only supports 4.29 billion unique static IP addresses because they are 32 bits long. IPv6 uses a 128-bit IP address that supports a virtually limitless number (3.4 1038) of unique addresses according to its specifications.

However, it is difficult to see why 4.29 billion unique static IP addresses arent enough in that most Internet users dont gain any benefit from them now and wouldnt miss them if they disappeared.

Most Internet users dont actively utilize static IP addresses because they are connected to an ISP that uses DHCP (Dynamic Host Configuration Protocol) and NAT (network address translation). This acts as a buffer to translate information and pass it to the right machine allowing many users to share the same static IP address as well as preventing direct access to the Internet.

As privacy activists have started to complain about the complete absence of privacy using IPv6, the official response has been the following: Users can use protocols like DHCP to hide their real address just as people do with IPv4. But in the brave new world of IPv6, pressure on vendors of all stripes to utilize individual static identifiers will doubtless grow stronger.

It is also ironic that the governments only solution to privacy concerns is advice against the use of static IP address this at a time when increased availability of static IP addresses is cited, among other important reasons, as to why users should upgrade to IPv6.

Ipv6 certainly provides Net stakeholders with a terrific cover. No one needs to fret about making individual computers instantly identifiable since static IP tags are part of the protocol. To write them out of the software would take effort, one that most Net gatekeepers could justify avoiding on any number of technological grounds.

Its all so delightfully above-board has been so for years - but the end result is an opportunity for government and corporate America to use IPv6 to track a limitless number of activities by Internet users.

Given that it is such a large undertaking, and one run by government, does much of IPv6 possibly remain vaporware? This isnt merely a government project; and universities and private corporations are said to be using versions of IPv6 already. Sometime in 2008 all governmental agencies will apparently start adopting the news standards. Once thats accomplished, its not hard to imagine that private vendors doing business with the government will also be targeted with a mandate for adoption.

Other western governments as well as China and India, countries said to be currently cooperating with the next-generation effort will use many of the same tactics. With so much political muscle, as well a spredictable media acclaim and much celebrating of the new richer and speedier features, the IPv6, like the flu, will spread.

Calling Zion

In the popular Matrix movie trilogy, denizens of humanitys last earthly, urban outpost Zion fight back against intelligent machines and a complex, 22nd-century Internet reality the Matrix that has ensnared everyone else in a waking dream.

Whether the Net can summon a Zion-like fraternity of users determined to confront the most worrisome aspects of the new protocols is as yet unclear. Certainly, comprehension is growing. One Internet user recently posted the following response the CNET article Next Net Moves Forward: OK, so why do they want IPv6? Because in IPv6's design are multiple bug-a-boos that make it really easy to track and filter every packet, which service[s] it's destined for, where it came from and going to and a bunch more invasive information collecting. It's probably the largest privacy hack around.

In his InternetWeek op-ed column on IPv6 Privacy Issues author Bill Frezza pointed out: At the end of the day, what matters to the average Netizen is not the menu of possible alternatives described in IETF standards, but the actual default implementation in popular products, e.g. Windows. Just because an educated and motivated geek can get into the plumbing of his machine and find a way to solve hisown privacy problem doesn't mean the problem has been solved for the bulk of average users. If the folks at Microsoft don't properly address this in their future products, I can positively, absolutely guarantee that it will blow up in their face.

According to sources at BeHidden.com, Net users are becoming increasingly savvy about privacy. We get number of emails inquiring about our architecture, says one exec. They ask questions like: Do you log the websites that I visit? Or do you store my IP address? There will likely be a big movement against more Internet regulation and Microsoft technologies by users.

And the BeHidden executive adds, If new regulations and IPv6 will provide an easier way to track user's activities on the Internet, then I think there will definitely be a big movement against it. We feel like many of the Internet users are already on the edge with current state of industry, and if it gets even easier for people to track what others do, then there will be a lot of very unhappy people.

BeHidden.com is almost ready to deploy some new services that will enhance and compliment existing services. Execs with the firm can't release many of the details at this time but say that other privacy- oriented Net vendors will find their new features fairly revolutionary.

Of course, there are plenty of protective solutions already in place. Some savvy users host web services at companies like havenco.com, an offshore hosting company based off of a small island called the Principality of Sealand where there are no registration requirements and information is secure. Others are using services such as anonymizer.com in order to prevent IP-address tracking when they surf the web.

Peer-to-peer network services such as Freenet copy files to multiple locations making them harder to block, and SafeWebs Triangle-Boy product allows people to create proxy servers rerouting blocked Internet traffic so that other users can find it.

An example of Net users increasing concern about privacy can be seen in the adoption of the latest Mozilla Firefox browser. It has new features to allow users to better protect their surfing experience.

Users can disable image loading from non-originating websites and also have more control over cookies that are getting set. Ad banners can now be disabled. Through such features users can better protect their identities.

Ramifications

The ramifications of static IPs continue to trouble. Once computers are identified as a matter of course, whats to stop the government from starting to single out privacy providers as rogue players in the Internet arena? Equate IPs with, say, auto licenses and the logic becomes clear.

Ubiquitous IPs will be justified on numerous grounds safety, responsibility, even a way to track criminals and those who seek to circumvent them may well find themselves outmaneuvered not by technology but by legislation. Peer down this road and you may see a point in time when computer privacy becomes socially questionable, even illegal.

For civil libertarians, its a fairly grim scenario. Leslie Reis is a professor of law and Director for the Center for Information Technology and Privacy Law at the John Marshall Law School. She is also a member of the federal Information Security and Privacy Advisory Board whose mission is to advise Congress and the U.S. Department on security issues.

Reis is worried about the implications of technology such as IPv6. The biggest risk in this environment, she says, is that people become uninformed about the privacy issues related to the technologies that they use.

And Reis adds, The best defense for privacy is to educate people about the perils involved and teach them how they can prevent their information from being abused. If people are informed about the technologies that they may use, then they can make the decision whether they want to use it, and become active in trying to change things that they dont like.

Reis fears that the increasing sophistication of online technology, coupled with increased recent use of the Patriot Act outside the domain of national security may create a cocktail lethal to domestic privacy. The Patriot Act has become an umbrella of opportunity to infringe upon peoples privacy, she points out. The scariest thing about the Patriot Act is that it has been used in issues clearly outside the realm of national security. This is called Patriot Act creep in which the Patriot Act is used by prosecutors to get around any privacy protection for any reason. For example prosecutors used it to bust Vegas strip clubs in Operation G-Sting. Most of the Patriot Act has been left unchallenged.

Reis concludes, People need to become informed about privacy issues, especially as they relate to technology, in order to protect themselves.

The Matrix stirs.

And Zion?

Sincerely, Your Free-Market Friends