Excited to see Satellite chosen as best student paper this year at USENIX ATC. Slides and audio from the talk should be online shortly.
The CS department, as always, is on top of its news releases.
Tag: tech
-
Satellite
I’m excited to present Satellite, a network measurement project I’ve been working on over the last couple years, at USENIX ATC next month.
Satellite takes a look at understanding shared CDN behaviors and automatically detecting censorship by regularly querying open DNS resolvers around the world.
For example, we can watch the trends in censorship in Iran using only a single, external machine.
The data for satellite is posted publicly each week, and will shortly be merged into the OONI data set to help provide better baselines for what behavior should be occurring.
-
Contextualizing RedStar OS
At the 2015 Chaos Communication Congress, Florian and Niklaus presented an analysis of Red Star OS 3.0, the system which leaked online a year ago.
In their talk they provide technical backing for several observations about the system which have gained some press attention. The first is that the Operating System is designed without obvious backdoors and doing a reasonable job of security. This implies that it is aimed at a serious, internal market. The second point is that there is tracking of accessed content, also known as digital watermarking, occurring in the system. This can be seen as a malicious attempt of control over users of the system, which is the dominant interpretation made by the press. However, it’s worth pointing out that interpretation is dependent on a lot of context about how the system is used that we don’t have.
We know that RedStar is developed by KCC, the Korea Computer Center, which is one of the large government technology labs. We also know that a part of KCC’s business has been industrial contract work. They’ve run external branches intermittently, and work with foreign clients. So far, as pointed out in Florian’s talk, the only computers observed to run Red Star are some of the Publicly Internet facing servers, run in the country, like naenara.com.kp. It is not unreasonable to expect that these servers are operated by KCC as a contract service for the relevant entities.
First, I want to take a somewhat skeptical look at the purpose of this watermarking. I’ll admit that it absolutely introduces the capacity for surveillance, but I think in this case it’s a largely irrelevant point from a human rights perspective. First, this OS as far as we know is only being used in industrial settings. We’ve seen older versions of RedStar in e-libraries and show-computer-labs around the country, but so far version three has not been deployed to these semi-public machines. Computers available in stores that would be bought for personal ownership are universally running Windows, and that’s also what we see in the personal laptops of the PUST students. The Surveillance chain insinuated in the talk assumes that most machines are running the new OS, which is absolutely not the case.
Instead, we can see this development to be a reaction to two things that we know to be pressing issues in the country: The ability to clean up after viruses that have spread through an industrial network. KCC also develops its own antivirus software, and students at PUST often express concern about malware and gaining security against attacks from foreign state-level actors. This seems like a reasonable concern, given that such attacks have been admitted to. Having lineage on files passed around on USB sticks lets you find what other computers on your network have been infected. In this same vein we can see the digital watermarking as a digital auditing capability within an office, and here it is no more intrusive than the practices commonly in place in most global companies. To put this succinctly: the capability is one which we use, and know to have value – but we’re scared that it has a potential for misuse, though we haven’t seen evidence of that yet.
Recently, Joshua Stanton made the claim that this evidence of watermarking in RedStar should cause us to reconsider current academic engagement with the country. In particular, he points to a long-standing interaction with Syracuse university. The cited report on this collaboration mentions
Areas of particular interest included a secure fax program (this is now being marketed through a Japanese company), machine translation programs, digital copyright and watermarking programs, and graphics communication via personal digital assistants.
One trap this line of reasoning falls into is the common perception that North Korea is all one entity, somehow all working malevolently together to subvert whatever assistance is provided. In reality, the country like any other has many
different organizations and bureaus with different groups jockeying for power and substantial bureaucracy. The fact that the report mentions PIC, a rival computing center, is probably enough to indicate that the syracuse interaction wasn’t attached to KCC. Several other arguments can be made to separate this instance from the observed watermarking:- The actual collaboration, as noted in the same report was on systems assurance. As a Computer Scientist, I’m willing to say that digital watermarking is not in that scope.
- Students at Kim Chaek have had a standard undergraduate computer science education, but have no exposure to linux programming. The standard curriculum that Kim Chaek graduates I’ve interacted with have had only covers programming in a windows environment.
- Digital Watermarking information is easily accessible on the internet. There’s no reason to expect that the US academics had any more knowledge or conveyed anything better than the books and online resources that KCC would easily be able to access and translate on its own.
I’m a strong believer of these arguments, and they cause me to remain in support of the syracuse-style (and PUST for that mater) interactions with university students in Pyongyang. I think there is a strong personal benefit in building these relationships. Without engagement, it’s really hard to change perceptions. These are some of the rare opportunities we have to access the future middle-class and well-connected people in Pyongyang and give them something more personal than just the evil US government to think of when they think of the US. In addition, these interactions are how the rest of the world learns about the state of technology in the country and is even able to have the conversation about whether Red Star is a surveillance tool.
-
SP3
I started running a public sp3 server today. It’s a small side-project I’ve hacked together over the last couple weeks to make it easier for people to play with packet spoofing. The server works similarly to a public proxy, but with the trade-off that while it won’t send high-volumes of traffic, it will allow you to send arbitrary IPv4 packets from any source you want.
There are a few fun applications that need this capability that I’ve been thinking of: helping with NAT holepunching of TCP connections; characterizing firewall routing policies; and for cover traffic in circumvention protocols. I think there are others as well, so I wanted to start running a server to see what people come up with.
The code is on github.
-
The state of Internet Censorship
I’ll be presenting next week at 32C3 on the state of Internet access, transparency, and measurement. Lots of the work is done each year on measuring and learning about the state of access, but this phenomenon with growing relevance to many countries is poorly publicized. Much of this is a fear that being too public about what can be measured will make the network operators move to even more opaque techniques, since in many instances these systems are seen to thrive in structures without accountability.
Needless to say, it has been a busy year in the space, with increased funding for the measurement community and a multitude of new policy in response to ISIS and other perceived threatening uses of Internet Speech.
I’m excited to be heading back to Germany for the holidays, and hope to provide a reasonable survey of what’s out there and make the network measurement field a bit more accessible!
-
IETF and the HRPC working group
The Internet Engineering Task Force, the multi-stakeholder organization which shepherds the standards process for many of the technologies used on-line, is continuing to evolve that process. Protocol standards are already expected to include discussions on their security and privacy implications, in order to force an explicit conversation on those issues and hopefully encourage the development of secure systems. Beyond these, a new working group, the Human Rights Protocol Considerations group, was chartered last week. The group exists as part of the process of having another conversation around new protocols as they exist: what are the implications for freedom of expression and freedom of assembly that are wrapped up in our protocol design.
It seems like a question worth considering, especially as the IETF’s major contribution will be increasingly international. Many protocols emerging today are build by individual companies and are proprietary. We can hope however that it is at the boundaries of these walled ecosystems we create that standard protocols will need to be agreed upon. These boundaries will parallel our cultural discontinuities, and represent important places to have these conversations.
The group is drafting a methodology document as part of the background for proposing the update to the standards process. It’s an interesting way of thinking about protocols – how do they control or support individual expression? – that I hadn’t thought of before in those terms.
-
What’s Up with Open HTTP Proxies
I’ll be giving a talk next week at CCCamp on the Open Proxy ecosystem, following up on some work I did last year looking at the operators, users, and traffic.