Researchers unveil tool for dodging countries with Internet surveillance
The project known as 'Alibi routing' is a promising development for activists, journalists, or anyone else who has a vested interest in protecting sensitive information from prying eyes.
Fiber optic cables for Internet service are seen running into a server room at a Manhattan data center.
Mike Segar/Reuters/File
Imagine for a moment that you live in Edmonton, Canada. Your best friend lives two blocks away. So why, when you sent e-mails, does that digital message often travel through the US?
That's one of the mysteries of "boomerang routing" 鈥 routing that takes data miles off course.
The Internet doesn't care what countries it sends data through. The Internet just looks for the quickest route, which sometimes means using better-connected networks in countries with completely different surveillance laws.听It might seem like an innocent quirk if your Canuck data visits New Mexico. But what about February through May of 2013, when a huge chunk of US traffic was routed through Moscow in an event
Currently, Internet users have little control over听diverting their听Web traffic听to avoid听countries听they deem untrustworthy.听But last week team from听University of Maryland, University of Pennsylvania, and NEC Labs recently announced a possible fix 鈥 an Internet traffic听routing system designed to give users the ability to determine where information flows as it moves from network to network.
Their project, called "Alibi routing" is a promising development for activists, dissident groups, journalists, or anyone else who has a vested interest in protecting sensitive information from prying eyes.听
"Encryption and anonymous networks are still important, but they don鈥檛 solve the problem of how available the information is to a country that could tamper with it," said Dave Levin, an assistant research scientist in the Institute for Advanced Computer Studies at the University of Maryland.
鈥淚 can try to trick a censoring country into thinking I'm communicate with someone else, but rather than sneak through a bad neighborhood, just avoid it," he said. "Just go around it altogether.鈥
The Internet relies on a relay system passing data around different networks. If one network routinely drops the packets of information, data would get lost into a digital abyss.听If a more听nefarious actor alters or replaces that听data, that could be even worse.
If a user wants to avoid troublesome countries, they could simply set Alibi to skip those locations.
The types of attacks that Alibi would circumvent are more than theoretical. China has been known to use a "DNS injection" for censorship, substituting data from blacklisted sites with other content. But that can have broad effects. For instance, an anonymous 2012 paper published by the Association of Computing Machinery pointed out that if an American accessed a German site that's critical of Beijing, and the Internet traffic routes through China, that user could also be a victim of DNS injection.
"Alibi is not a silver bullet," said Greg Norcie, a staff technologist for the Center for Democracy and Technology who specializes in privacy issues. "But it still could be useful for avoiding countries known for things like injection."听
Alibi works by timing the transit of information. Mr. Levin, the project lead, says information can zip through the Internet at up to two-thirds the speed of light.听By timing the trip between each network that handles data, Alibi can guarantee the data never traversed a blacklisted country. Think about it in terms of plane connections: It takes five hours to fly direct from New York to California. So, any trip from New York that takes less than five hours is very likely not a direct trip to California. On a much faster scale, that鈥檚 what Alibi does to verify the data does not cross into a location a sender specifically requested it did not go.
"The time it would take a packet to go from East Coast to West Coast and back, so one round trip, that's about 50 milliseconds," says Levin. "It's a really, really small amount of time, but as far as Internet speeds go, that's a noticeable amount of time."
Alibi takes its name from the intermediary servers between the sender and receiver of data. When those servers can be shown to be outside the countries a user wants to dodge, they could be said to provide an "alibi."
But Alibi isn't a panacea.听One thing Alibi won't do is circumvent servers听in the country where traffic originates or eventually lands.听
The proof-of-concept source code for Alibi is available at the 听Levin says the next step will be for someone to develop an easy to use browser extension from it.
"I think it would be fantastic if folks started using our tool," says Levin. "It would be fantastic if people were empowered to take control of their information."
听