Governments world wide are attempting to increase surveillance powers in an effort to crack down on Internet-related crimes. However, the latest tool in the war against online crimes and illicit attacks on networks has international privacy advocates up in arms.
The so-called "black box" -- in reality, a computer in its own secured case -- may soon be required by the British government to be connected to the networks of Internet service providers. Running modified intrusion detection programs, the boxes will be capable of "sniffing" traffic between the ISP and citizen's computers, gleaning information upon demand.
Russia and Finland have already embarked on similar projects. In the United States, meanwhile, some ISPs are vowing to resist the FBI's new Carnivore surveillance system, which has the potential to keep tabs on all of the communications on an ISP's network.
Intelligence agencies stress that the black boxes will help them fight computer hackers. Opponents counter that, not only will the boxes be ineffective in practice, the snooping tools could easily be abused.
"The capability is there to spy on everyone," said Yaman Akdeniz, director of CyberRights & CyberLiberties, a prominent British campaigner, who is concerned that an increase in surveillance powers could be open to covert abuse, a topic of much concern following recent revelations regarding Echelon. "Whether they do or not is the question. I think nobody trusts the security services now."
Blair's battle of Britain
Britain already has legislation on the table that would put such a snooping
network in place. Prime Minister Tony Blair's Labour government has been
battling with civil liberties advocates for months over the Regulation of
Investigatory Powers (RIP) Bill, which requires British ISPs to install
black box devices.
Under the RIP Bill, British police will have license to intercept e-mail traffic with a warrant. Intercepted traffic will be sent to the new Technical Assistance Centre, operated by MI5.
The Home Office and British police insist the Bill will prove a telling weapon for fighting hackers. "The reason we support the RIP Bill," says a representative from Scotland Yard's Computer Crime Unit, "is that it gives us some means to fight hacking. This is seen to be growing from recreational hacking to more serious crime. There is even the potential for political hacking."
The Russian government has gone even further, using a regulatory change from an existing agency to implement a network of black boxes.
In Russia, the "System of Ensuring Investigative Activity" (SORM), introduced new regulations effective since February, requiring ISPs to install the black boxes that re-route traffic to the headquarters of FSB (Federal Security Service), which recently replaced the Russian intelligence service, the KGB.
Russia's black boxes will be used mainly to catch criminals ranging from "tax evaders to paedophiles," according to the FSB, although Russia has often been celebrated as international hotbed of hacking.
"We Russians don't drink any more. We now work on computers, we use computers to send viruses to the West and then we poach your money. We have the best hackers in the world," Ultra-nationalist politician Vladimir Zhirinovsky once famously commented on live television.
Virtual Police State
While the experts debate what it takes to counter cyber attacks, civil
liberties concerns center around the emergence of a police state mentality
toward Internet use across Europe.
Russian critics claim that with SORM, the FSB effectively has the power to tap into Internet traffic at any time without a warrant. And privacy experts in Britain argue that a deliberate loophole in the legislation means authorities will still be able to trawl through the traffic of British citizens using a "blanket warrant".
Director of Human Rights Online in Moscow, Sergei Smirnov, echoes Britain's concerns over the RIP Bill when he wades into Sorm's provisions "The technology provides an effective mechanism to bypass a constitutionally required process of court authorisation for wire-tapping of electronic communications," he says.
Trust appears to have already been lost in Russia with civil liberties groups declaring the end of privacy. Russian President Vladamir Putin -- a former KGB agent -- introduced the directive on black boxes as a priority. This was seen by many as a means to restoring tighter controls over the populace rather than a means to tackle cybercrime.
But while British authorities, the FSB and Kremlin maintain a united front on the logic behind what civil libertarians view as draconian legislation, security experts argue it will take more than a black box to outsmart seasoned hackers.
"There is no reason the authorities can't pull down traffic if they know what they're looking for," said Richard Stagg, senior security architect at British firm Information Risk Management. "It might deal with a lot of amateur attacks, but if you're really motivated there are a lot of ways to get around this."
"As someone who emulates hacking, I would use extra-way points [compromised machines], and SSH [Secure Shell] tunnels [encrypted connectivity between machines] to my system so that they can't trace me or see my traffic. I would also move around lots, have lots of Internet accounts."
The ability for anyone -- including hackers to encrypt their communications -- is another concern as it could be used to evade government efforts to snoop on electronic communications.
Russia's SORM and Britain's RIP both have provisions to obtain encryption keys and the Home Office says MI5's new technical centre "will be mainly used to crack encryption". But again, critics say, the provisions are far from infallible and could conceivably actually make things worse.
"It undermines cryptography and actually makes things worse," said Brian Gladman, a computer expert formerly with Britain's Ministry of Defence. "Historically in Britain, cryptography has been in the hands of GCHQ [Government Communications Headquarters], and they haven't wanted anybody else to have it [encryption]. I think that the hidden agenda is that they don't want anybody to have it. The RIP bill effectively reduces confidence and trust in security."
Encryption is not just used to send secure emails but also enable secure online transactions through technology such as the SSL (Secure Socket Layer) implemented by both Netscape Communicator and Internet Explorer. Ironically, says Gladman, these technologies where built to protect consumers from fraud and deception.
"In fact," says Otstavnov, "strong encryption and guaranteed anonymity can seriously reduce certain types of computer crime -- stealing credit cards numbers, covert collection of personal data and spam."
Maksim Otstavnov, contributing editor of Russian publication Computerra Weekly, thinks that in Russia resources could better be spent on shoring up commercial security measures.
"I believe so-called 'computer crime' is mostly an outcome of improper systems and networks architecture," he says.
