Revolutions start online these days, in Iran, in Tunisia and in Egypt. The class of educated young people, the ignition fuse for most revolutions, began communicating online, coordinating online, reporting to the outside world online, gaining support online. More and more totalitarian regimes are becoming aware of that, and find ways of controlling the flow of information: Iran blocked access to Twitter and Facebook and the use of SMS, Tunisia ISPs reportedly tracked potential rebels by stealing their Facebook passwords (Facebook countered this by supplying a secure login page), and Egypt managed to disconnect the whole populace from the internet, allowing access only through using ancient dial-up modems to call international ISPs. In Iran it seemed to have worked, for now, in Tunisia it didn’t.
Wasn’t the Internet Protocol supposed to allow a way around this problem? To enable some decentralized form of communication, independent of ISPs? Suppose we wanted to create an internet-in-a-box, to carpet bomb internet on a populace, or to make some secondary internet that is cheap to deploy, does not require technical know-how, and is difficult to shut down. It seems like we can.
Wireless Internet Cooperation
The awkwardly named “Pirate Box” demonstrates an internet-in-a-box concept, where one box can supply internet-like services to an area – a message board, file sharing, etc. The 802.11s draft standard extends the 802.11 Wi-Fi standard to include wireless mesh networking. Now, Wi-Fi is limited in range, but some antenna improvements, RF front end enhancements and minor protocol timer tweaks have helped deploy long range P2P networks (according to Wikipedia) with some drawbacks related to efficiency, radial coverage and throughput.
These boxes provide a local, private internet, and they could be made to communicate with each other, but a P2P protocol needs to be worked out between them so that they could update each other on the latest contributions. Each box should have a local storage of the latest contributions it received, and distribute it to the boxes it contacts, like a status snapshot used in grid computing. It has to be assumed that these boxes will turn on and off, like a power management system – for instance, if some boxes recognize that the local coverage is sufficient, they will take turns providing coverage, protecting them from detection. Users should have the ability to mark media content for redistribution, something like ‘retweeting’ or ‘like’-ing it.
Another feature should be detecting an internet connection. Once a box detects such a connection, it will try to dump out as much media as possible, and signal to other boxes to relay internet connection requests to it. This should be done via proxies, in a TOR-like system. Maybe these boxes should come with an old modem, to allow dial out to international ISPs.
Of course, such an open network can be open to attack. While jamming and DoS (video) are the obvious ones, it’s not easy to do with multiple, local, access points. Other attacks can take advantage of the protocol above by flooding irrelevant or misleading items that propagate through the network. Another option is to convince boxes in the area that the area has enough coverage and forcing them into sleep mode. It may also be possible to deduce the location of specific people by tracing their updates through the network.
The boxes must be smart enough to detect spamming, either by allowing users to rank down items (which could lead to another kind of attack) or by limiting the amount of updates that are forwarded out of any area, thus slowing down and containing the attack.
The boxes must monitor other boxes in the area, even while in sleep mode, and try to gather statistics about them. If a box seems to be awake for too long, sends updates too frequently or ignores other boxes’ updates, it will be ignored by the box.
As for tracing specific people, the box could allow for a ‘dead drop’ mode of operation, where the update is stored in the box for a set period of time, and only later shared with the network, presumably when the reporter no longer is in the area.
Such boxes will soon be contraband in dictatorships, therefore, they must be distributed digitally and assembled from available components, such as alternative ROMs for Wi-Fi routers, software for Wi-Fi enabled PCs, etc. The US Army already has plans to force free internet on blocked countries, although they admit it will be considered an act of war. Creating these boxes and distributing them at low cost (for instance, by the UN human rights body – it’s considered a basic human right) will bypass these restrictions somewhat, as will distribution of ROMs and software as explained above.
No Kill Switch
In spite of their disadvantages, these boxes will allow for communication when other methods have been revoked. However, as we saw in Egypt, the Stopping of the internet did not stop the revolution, only slowed down the data flow. Memes don’t need the internet to spread, and once people are out in the streets, there’s no “Kill Switch” for that.