Cyber-Surveillance in Everyday Life

I’m working on a paper for a conference at U of T next Summer. I think it’ll be useful in helping me develop the surveillance/privacy aspect of my thesis, as most of my work thus far has focused on the security and risks/threats side and only really touched on surveillance. Coming from a cybersecurity perspective, I’ll look at the technical and legal possibilities for surveillance versus the popular conception of what the government/NSA are allowed to do and what is technically possible.

How about a nice game of chess?

In popular culture, from 1983 and the release of War Games or 1984’s Neuromancer by William Gibson, the popular understanding of computers- and especially networked computers- has been that they can be manipulated by anyone with the requisite skills into doing almost anything, even accidentally starting nuclear war. Written in an era of intense insecurity and doubt, especially with regards to technology, the imprint of the Cold War is clear in these popular imaginaries. More recently, in an equally strong climate of fear, season 7 of the TV show 24 showed terrorists hacking into the air traffic control network in a display marrying the intense fear of terrorism centred around the hijacking of commercial flights on 9/11, with the growing uneasiness around these technological devices that we are so dependent on but don’t really understand. The most recent Die Hard movie, Live Free or Die Hard, took this uneasiness further, suggesting that hackers could take over the transportation system, air traffic control, phone and television networks, the power grid, the computer system at the FBI… anything run by a computer was potentially at risk, or was a threat.

Yes, that’s a car flying into a helecopter. Pretty standard fair during cybarmaggedon.

More worryingly, however, is the message that comes from mainstream media, following a similar line. CNN in collaboration with the DHS earlier this year released footage of an experiment carried out on a generator like those operating the electrical power grid. The experiment was to show how easily an experienced hacker could break into the computers operating the generator, and not just shut it down, but blow it up. (The insider knowledge required to complete such a feat was not mentioned; nor was the fact that the hacking had occurred on a software program similar to the SCADA software operating the real grid.) The fear that there could be physical repercussions for acts carried out in cyberspace is not a new one, Weekly World News Ran this story in 2000:

Weekly World News is known for its outlandish cover stories which often verged on the satirical, however satire is based on reality. The actually alarming thing is that this rhetoric which was once restricted to sci fi movies and tabloids is now the fodder of mainstream newscasters such as CNN, who also recently ran a two hour special “focumentary”, Cyber Shock Wave, in which a situation room made up of current and former government officials attempted to formulate a strategy to deal with the catastrophic effects caused by a cyberattack. Richard Grusin describes this onslaught of cyber-fear mongering as part of a strategy of “premediation”, through which the media reports on potential threats with such detail and immediacy as to keep viewers in a constant state of low-level fear, and thus prepare the nation to face any threat that might occur in the future, rather than being surprised by the unthinkable in the manner of the 9/11 attacks. Grusin provides an interesting breakdown of this strategy at work in Cyber Shock Wave in his blog here.

Perhaps more alarmingly, while some strategists and members of the military and intelligence communities have been worrying about cyber attacks for some time, the hype and rhetoric involved is in some cases beginning to approximate that of CNN. Richard A. Clarke, counter terrorism and cybersecurity adviser for the Bush Sr., Clinton, and Bush Jr. administrations recently published a book warning of the perils of cyberterrorism and cyberwar which sounds at times as if it has borrowed great chunks from Die Hard 4.0; all that’s missing is a battered and bleeding John Maclean (but others are battered an bleeding in his place, as a result of the explosions triggered at oil refineries, chlorine gas released from chemical plants, the disabling of air traffic control, trains crashing into each other, and the entire country being plunged into darkness). For a more detailed review of Clarke’s book, visit Wired Magazine’s article “Richard Clarke’s Cyberwar File Under Fiction”.

However his book is not without merit. He offers a breakdown of the potential threats and various administrations’ and military and intelligence organizations’ reactions to these threats with a clarity and detail afforded by an insider. And his analysis of the threats is often quite reasonable and grounded- he presents the issues and potential solutions clearly and assesses them logically. However once he has done away with the workable potential for any limited solution, his alternative suggestions are so extreme that they would seem more fitting to the tightly regulated regime of China rather than the hands-off, limited big government ethos favored by Americans. In fact in describing the Great Firewall of China, he explains how China is in a much better position defensively due to the level of control is has over its networks, sounding somewhat envious of this level of regulation. Objectively this is probably true, but is he advocating such a controlling system for the US? It would seem so, as later on he promotes the idea of using deep packet inspection on Internet backbone ISPs (as an alternative to the apparently distasteful idea of using real incentives to force industry to regulate itself). While championing the American ethos of non-regulation of industry, he seems happy to do away with privacy rights as an alternative. Rather than promoting education and using stronger incentives to encourage industry to regulate itself, he would rather that we lock the Internet down as the safest and most fool-proof solution. He claims that “our nation’s strong belief in privacy rights and civil liberties is not incompatible with what we need to do to defend our cyberspace” (2010, P162). The people just need to trust in their government and intelligence organizations that this surveillance is not being misused, but is only used to protect. That’s a big ask considering, among other things, the recent warrentless wiretapping scandal over the NSA.

These are this issues I hope to explore in my paper. The public perception, the hype, the premediation, and in this context the strategies being pushed by the administration and their potential impact on privacy and civil liberties. Surveillence mechanisms and proposals to review will include the Einstein programs, Perfect Citizen, and, briefly, Echelon, as well as getting into some of the legal and jurisdictional issues.

Cyberdefence: Deterrence vs Pre-emptive Strategies


I recently wrote a paper on the development of U.S. cyberpolicy in which I noted an interesting shift in the rhetoric being employed from one of anti-terrorism in the Bush Administration’s National Strategy to Secure Cyberspace, to Cold War rhetoric in the Obama Administration’s Cyberspace Policy Review. This shift seemed to be in line with recent assertions that the U.S. is engaging in a cyber arms race. An obvious reason for this emphasis on an increase in cyber capabilities is so as to be able to use the strategy of deterrence so popular in the Cold War. This would then imply that the Obama administration has abandoned the Bush Doctrine of pre-emptive attack, and was returning to a superpower-centric vision of world order. However the reason the the Bush Doctrine was taken on in the first place was due to the changing nature of global power; a stalemate had developed precipitated by the unwillingness of nations to initiate nuclear war; the Soviet Union had collapsed and Russia was now an ally of the States; and 9/11 demonstrated that perhaps the greatest threat to national security could come from unpredictable and perhaps irrational non-state actors who were not averse to risks and did not want to maintain the status quo. Cold War-style deterrence only works against an adversary who has something to lose. Pre-emptive action was therefore the safest alternative, striking in ‘anticipatory self-defence’ before the adversary can strike you.

A preemptive cyber-strike makes no sense for several reasons: firstly, the aim of a pre-emptive strike is for the superior power to thwart an imminent attack by a growing power before this power reaches its fully potential an attack capabilities. However in the case of cyber capabilities, the U.S. is not the strongest power- China is far more developed. Secondly, attribution is a very difficult issue in cyberattacks; it is easier to attribute blame through political motivation than through examining the cyber trail. Therefore it is difficult to pre-empt an attack when it is not clear even after the fact where it might have originated from or to what ends. Even if this could be ascertained, the likelihood of the attackers being state-sponsored or even working independently so as to allow plausible deniability, makes any kind of national response difficult. And finally, a full-scale debilitating cyber attack is unlikely to occur by itself; this would not disable the ability of an enemy to retaliate. It would mostly likely occur in one of two scenarios: in conjunction with a kinetic attack, with the aim of confusing communication and computer-based military functions enough that they would not be able to respond to a physical attack; or it would be used discretely as a form of espionage, in which case a physical retaliatory attack would be excessive, and a similar cyberattack may not currently be within U.S. cyber capabilities.

Therefore a strategy of deterrence would seem to be the best option, building up the U.S.’s cyber capabilities so that no one will challenge them. However the U.S. is already far behind China, and not in a position to deter anyone. If anything it is China who is leading in the cyberspace race. Therefore, it would seem that the U.S. is adopting a strategy of straight-up defense, in the hope of detecting and minimising the damage of a cyberattack, until its capabilities are developed enough to match that of China. The Obama Administration may be using Cold War rhetoric to inspire a sense of urgency and competition in its citizens, to arm against an attack from China, but this is not a cyber arms race in the way this rhetoric would have us understand it. It is more a race to catch up.

Hypodermic Needles

Government in bed with military
Government in bed with military

I have a number of posts on the go right now that I haven’t got around to editing properly, but I wanted to write this down before I forget. I’d like to do an analysis of popular culture’s use as a hypodermic needle to innoculate society against negative impressions of government. Using Barthes’ essay ‘Operation Margarine’ in Mythologies, I want to talk about how an admission of some minor faults excuses all kinds of greater issues, in the name of the greater good.

The examples I want to look at are firstly, the power structure in Battlestar Galactica, in which government is quite literally in bed with the military. Despite all of Adama’s fuckups, he is portrayed paternalistically (the other characters refer to him as the ‘old man’, and disloyalty, if it ever occurs, is seen as a painful and unwelcome process of betrayal) and as having the crew and indeed humanity’s best interests at heart. Often his plans fail because of an inability for the uneducated masses to just have faith in him. Even when the faults are due to his own misunderstandings or delusions, his intentions are always good, and the repremands he directs against himself in the face of any screw-up are always worse than any judgement that could be brought against him.

This is interesting to me because Adama’s leadership coincided with that of George W. Bush in real life, a president in which the world had an increasingly failing confidence, and who screwed up in multiple ways. The Iraq war and the insurgency occured on his watch, while in Battlestar at the same time, the human population were living on New Caprica under the brutal rule of the colonising cylons. The critique invited by this parallel was aimed squarely at the Americans, and it was surprising and unusual to see in popular culture. However, this was tempered by the continuing positive image conveyed of the military and of Adama’s leadership. The real world president was doing badly, but it wasn’t the system itself that was broken. There was no way to rescue public opinion of the Iraq War, and to admit to this giant mistake and to criticise it gave Battlestar independant legitimacy. However the sytem itself was supported and perpetuated through the character of Adama. A little admission of guilt excuses the mistakes of a man who had the good of the people as his true objective. Perhaps in the real world, the same could be said of George Bush?

The paternalistic portrayal of leaders, especially presidents, is common in popular media, especially in times of real-world doubt as to the capability of certain leaders. But sometimes the analogy works in the opposite direction to propogate the same myth. For example, one of the most popular and socially forward-thinking, not to mention longest-serving US presidents was FDR. This in spite of the fact he was physically disabled, and felt the need to hide this from the public, lest they perceive him as weak when he was supposed to occupy a position of strength in leadership. Despite having actively deceived the citizenry, he is still seen as one of the greatest presidents of America. The West Wing emulated this idea through president Bartlett. The character was suffering from MS, a degenerative disease, and hiding it from the public. However, just as with FDR, this did not make him a bad president; he was progressive, usually successful, and very paternalistic, agonizing over decisions with a father’s concern, and being treated by his staff with the same love and respect as the ‘old man’ in Battlestar.

This portrayal again came during George Bush’s presidency. It is interesting that, during a time when confidence in presidential leadership was at an all-time low, these evocations of father-like, strong, brave, progressive, adored presidents were present in popular media to reassure the public of the legitimacy of the govermental system. However these were not sugar-coated portrayals; the alternative idolised leaders lied, they screwed up, they made bad decisions. Public opinion during the Bush era was at such a low that overwhelming positivity towards the office of the president in alternate realities wasn’t going to smooth things over. But with the admission of a few faults, compared with a comparision to the overall good of the charcters, the unstinting loyalty of their subjects, and their eventual redemption and return to good-leadership, what does it matter after all if the president screws up a little? When he has done so much good?

Ender’s Game

Woo embedded pictures! Now I have set myself the task of finding an appropriate pictoral representation for every post. More hours of procrastination!

Well I finished Ender’s Game a week or so ago- I fairly raced through it, it was an easy read and well-written too. Lagging slightly towards the end in the post-climax cleanup. Necessary though- I didn’t feel like it was just wrap up or filler, Card was still bringing in new ideas and further developing the plot even in the wrap-up chapter.

I find it bizarre that, according to Peter Singer in Wired for War, Ender’s Game is on the Marine Corps Commandant’s required reading list.

Some intitial scattered thoughts of elements which the book might be intended to encourage/instill in its military readers:

Paternalism- Graff. Father knows best, worry for the boy. It is impossible to dislike Graff because even though his methods and overall aims (extermination of the buggers) are disagreeable, he is a father figure to Ender and always has his best interests at heart. A message that is delivered with the subtlety of a frying pan to the head and the end of the book when Ender realises what Graff has been doing. We should all just put our trust in our military fathers and unquestioningly let them do whatever they think best to keep us safe.

Heroism- Ender always volunteers, self-sacrifice, hardship to make better person. Could there be a more ideal soldier?

Camaraderie- family, respect, support- all the positive things we always hear about the military

Aside from that, I thought that the provocation towards distrust of military leaders prompted by the implication that the buggers are not real and are just used as a method of control was really interesting in a book that is required reading in the marine corps. The need to fear something in order to hold alliances together is what kept the world functioning throughout the Cold War. And then there’s the need to justify military spending… It’s a veritable roadmap for Bush’s War of Terror, and every other overhyped immenant danger since we lost the USSR as a focus of threat and fear.

I also found this blog post which I though illustrated similar themes of the good of the many vs the good of the few, and the need to trust the good intentions of our benevolent commanders, as analyzed through Star Trek and Battlestar Galactica.

Actually, I’m surprised this isn’t required reading for all elements of the military. It is surely the militaristic dream of total control in safe, sanitized warfare. The informationalization of war is not a new concept- RAND’s John Arquilla and David Ronfeldt take their definition of ‘cyberwar’ from an interpretation of the Mongols’ strategy in wargfare, in which superior communications and military intelligence, speed, awareness of the enemy’s tactics, and propaganda or psychological operations secured Mongol victories against armies that were far greater in number. Arquilla and Ronfeldt find similar evidence for the effectiveness of the strategy of information-dominance in the German Blitzkreig doctrine of World War 2 (Arquilla and Ronfeldt, 1997, P38). Information has always been power, especially in the battlefield, and surely the only desire for a military officer greater than the wish to cut through the Fog of War is the desire for a war with minimal bloodshed.

Ender’s Game surely expresses the ideal in warfare- completely sanitized battles which rely on highly developed combat skills, strategies and tactics, in a setting safe enough even for children to become soldiers. No one is hurt (no one in the human camp anyway), no blood is visably spilled, no soldiers get post traumatic stress- they don’t even know they’re doing any killing. It’s the military dream- pure informational separation. And in reality we’re not far off. Ender’s Game was written in 1985. In 1992 John Arnett in one of the earlier uses of the term ‘cyberwar’ described the massive data gathering  project that was the legacy of the Cold War, and the development of robots and drones which we could send into these carefully mapped areas, operated by soldiers safely behind the scenes. “These technologies allow for the progressive separation of man and machine, as ‘autonomous’ weapons such as smart bombs, and planes that do not need pilots are developed, and vast amounts of data are collected from the field by sensors and processed by computers, meaning that humans are increasingly reliant on the interpretation provided by these computers as humans do not have the capacity to process such volumes of data themselves” (Arnett, 1992 P15). Now these drones are in regular use, directed by kids at CIA headquarters in the US, who drop bombs and destroy entire villages in Afghanistan, Pakistan, Iraq, with the same kind of distancing effect as a video game. It’s not quite Ender’s Game, but it’s pretty darn close.

However despite these advancements, the dream remains illusive. As Chris Hables Gray explains in Peace, War, and Computers, “[a]s for perfect security, we know today that there will be no such thing no matter what the [Revolution in Military Affairs], for three fundamental reasons: the fog of war, the limits of information technology, and the postmodern war system.” [2004, P29] There will always be uncertainties in war; there is no such thing as total information awareness (despite DARPA’s best efforts!). And technology fails; it is imperfect. Drones cannot accurately identify targets to the same degree that soldiers can, and accidents are inevitable. And add to that: the very nature of war is changing. Gray calls in ‘postmodern war’.

He explains, “[w]ith World War II, war became global, battle became continuous, and weapons becomes absolute. Atomic bombs made it clear that modern war’s main assumption, for the political utility of total war, no longer held. Yet, most of the modern war system remains in place: the military-industrial complex, the military modernization of technoscience, and the assumption that war is still the most effective political tool available to policy makers. Hence, postmodern war.” (Gray, 2004, P24)

Hannah Arendt identified this paradox of postmodern war in her assessment of the changing nature of war since the creation of nuclear weapons: “The third fact seems to indicate a radical change in the very nature of war through the introduction of the deterrent as the guiding principle in the armament race. For it is indeed true that the strategy of deterrence ‘aims in effect at avoiding rather than winning the war it pretends to be preparing. It tends to achieve its goals by a menace which is never put into execution rather than by the act itself.’… the point of the matter is that today the avoidance of war is not only the true or pretend goal of an over-all policy but has become the guiding principle of the military preparations themselves. In other words, the military are no longer preparing for a war which the statesmen hope will never break out; their own goal has become to develop weapons that will make a war impossible.” (1963, P6)

This benefits everyone; it allows for the continuation of huge volumes of military spending- in fact it necessitates it because your army/weaponry/technology must be superior to all other. At the same time it avoids war itself which would be destabilizing and potentially lost. Even if the war was won, the government may not come out of it looking good due to the loss of life on the opposing side. And for what? How was the war justified? It is a precarious media campaign that no one wants to have to deal with.

The military used to be the organization that dealt with war, and it was separate from civilian life and the way it was governed. WW1 and 2 changed that, with civilians becoming targets in an indiscriminate war. Since the horrors of industrial warfare and the destructive power of nuclear weapons, we have been moving steadily away from war involving civilians, towards a sanitized, safe, secure version of war in which not even soldiers are killed. The Cold War was all about deterrence, to ensure that nuclear weaponry could not be used. Now we are moving towards cyberwars that use robots and drones rather than soldiers, and potentially that use only computers.