In Iran, they would think about jamming as a first countermeasure.
In the wake of the Occupy protest movement in cities around the world, some online activists have gathered together to create The Darknet Projectand the Free Network Foundation, two rather quixotic attempts to re-engineer mesh networking to the point that it would encircle the globe and act as a giant encrypted network.
“With an ISP, the government can tell an ISP to cut that connection,” wrote a Reddit user named pomegranati in a recent post. “With a public network, especially if all the connections are anonymous, they won’t know where something is coming from or where something is going. They can track what’s happening, but they won’t be able to shut it down unless they go to every specific node and physically shut them down. Now, if the network is encrypted, then they won’t know what’s being sent.”
The problem for activists is that, just as in the mobile world, there are also real-world attacks that can compromise physical networks.
WiFi uses the same band of energy (2.4 GHz) that microwave ovens do, so getting a few people to stand on rooftops, Say Anything-style, would probably do much to disrupt any local mesh WiFi network within a radius of tens of meters.
“If you want to jam a wireless signal, you can just put a microwave on the roof and set it to full power,” Kaplan said. “In Iran, they would think about jamming as a first countermeasure, because it’s so extremely cheap.”
Plus, if the network is designed to have new nodes join easily, then it will be just as easy to add fake nodes, and to inject fake instructions into the network, confusing traffic or causing it to come to a halt entirely.
Doing the most good
Knowing how to use much of this technology at the level of detail required to stay reasonably safe is beyond most common users. For the majority of activists, properly vetted software and hardware protection of mobile phones and Internet connections may be too expensive or too complicated to set up and maintain properly.
But for those not well-versed in security, the hope for secure communications isn’t over. Some of the most dramatic worldwide gains come when the tech behemoths that we all rely on everyday start re-thinking their own approach to privacy.
“When Google turned on SSL by default, in January 2010, in one day that company did more to protect the privacy of activists than the rest of us have done since,” Chris Soghoian concluded.
“If Google encrypted the contents of your Android phone by default, that would provide a huge protection [for] people whose phones are stolen or are seized by the police. Those are the kind of protections that we need,” he added. “All these applications that people are creating, that activists are creating, and then abandoning six months after their funding runs out—those are just a waste of time. Those are never going to go anywhere and they’re never going to be used by anyone. We need technologies that can be used by millions of consumers, without playing with configuration options.”