Thursday, October 29, 2015

Libraries, Liberty, and The Onion Router

I like libraries. The idea of a place where anyone can read anything is a fantastic innovation in human history.

I've written about libraries before.

Since Hypatia, and possibly before, libraries were not about just books, they are places where both learning and teaching occur. Young or old, rich or poor, the idea of welcoming everyone is inherently revolutionary.

Librarians are cool, too. If you think Google is good, go talk to a librarian. They know how to find stuff!

The flip side of free access to information is encryption, the deliberate hiding of information. Back in July, the Kilton Public Library in New Hampshire became the first public library to openly enable an encryption tool called "The Onion Router", or "Tor". Ars Technica was all over it.

What a Tor node does is pass traffic between other Tor nodes, making it so that anyone who captures the data can't tell who sent it, or who is going to receive it. That's all. There is a second kind of node, an "Exit Node", but I will get into that further below.

But, you may ask, why would a library, whose focus ought to be on the free access of information for all, be helping to hide data?

The answer, I believe, lies in how Tor developers and the heroes at the American Library Association are actually allies in the battle for information freedom. The opposite of information freedom is not encryption, it is censorship.

Here I would note the passing on October 16th, 2015, of an American patriot, Irwin Schiff, author of the second of the two books which have been banned by the United States Federal government since its formation. How could there ever be a banned book in a nation with the First Amendment?

That is where Tor comes in. There's an old saying on the Internet: The 'Net sees censorship as a fault and routes around it. The purpose and function of Tor is to enable people like journalists, students, whistle-blowers, and others operating in an environment of censorship, to send and receive information that would otherwise be blocked.

The librarians at the Library Freedom Project are operating in the spirit of Hypatia of Alexandria and the American Library Association, using their knowledge as information enablers to overcome censorship.

Edward Snowden's efforts to inform the American public just how far the NSA tick is dug in to the American information streams revealed that while the United States, with that pesky 1st Amendment, does not yet have something like China's "Great Firewall" actively blocking access and dissemination of information that the government doesn't like, what the US government does have is a pervasive, never-sleeping information Panopticon where everything every American (and as much of the entire world as they can reach) does online, or with their cell phone, is saved, supposedly "just in case", and saved forever, while also being sifted for "key words" or phrases, you know, "just in case".

Are you a kid fascinated about how atomic bombs work? I know I was, and spent hours with fission and fusion bomb and reactor diagrams and schematics. What if you're a farmer who wants to know the correct ratio of ammonium nitrate fertilizer and diesel fuel to mix together to blow a big stump out of the ground? This kind of information used to be commonly available, even in US government publications. But now, if you do a search on these kinds of things, Big Brother knows you did, and He never forgets.

This is why the Tor project is so important.

Just like Gnu Privacy Guard, Tor is a way to keep small secrets. As the prosecution of The Silk Road demonstrated, Tor isn't perfect. It doesn't need to be perfect, it needs to be good enough that the resources required to track someone through it are sufficiently expensive that Big Brother will only expend such resources to track down actual badguys, rather than teenagers who heard about "weaponized anthrax" on the evening news and want to know more about what that is and why anyone would care about it.

Tom Woods on his podcast recently had an excellent interview episode on "The Dark Net", which inspired this blog post.

Jamie Bartlet discussed the use of Tor from the point of view of the end user, rather than someone technically adept who wants to run one of the Tor "nodes", like the Kilton library.

Ok, you may be wondering, that's a heck of a  build-up, and a ton of background information. "So what happened with the library???", I pretend to hear you cry.

Someone at the Department of Homeland Security didn't like the library's running of a Tor node. Someone sent a letter to the county sheriff, and the sheriff passed it on to the library board of directors with a warning, and the library turned the node off.

But then a funny thing happened: People got involved! Local people, New Hampshire people, folks who participate in the Free State Project, stood up and said, "How dare you interfere in OUR library?"

After a meeting with the library board of directors, where members of the Library Freedom Project and Kilton residents spoke in favor of the Tor node for all the reasons of public service and freedom of information that a public library stands for, the board voted to turn the node back on.

But now is it time for, as Paul Harvey used to say, The Rest Of The Story.

There is a second kind of Tor node: The Exit node. It's that node in the graphic to the right with a red line going to it. And it is that red line, and the Exit node, which we now turn to understanding.

In that "The Dark Net" episode, the focus is on nodes which run Tor and have things like file servers, web servers, and so on. Traffic on "The Dark Net" does not Exit Tor. It's all hidden, that's why it's called "Dark".

When someone using Tor does something that goes out to the public internet, let's say, a Google search for "who was killed on the orders of Charles Manson", that search is seen in public, and by the NSA, as coming from that Exit node. So the owners of that Tor Exit node are opening themselves up to being suspected of doing ALL of the searches, downloads, file transfers, email, and so on, of everyone who uses Tor whose data just happens to go in and out through that Exit node.

Do you want to be suspected of everything that everyone else might search for? I've been using examples in this post that might sound bad on the nightly news, but are not themselves "bad". But, to put it politely, what if?

With the Digital Millennium Copyright Act, the TPP, SOPA, PIPA, and only Crom knows how many other laws, treaties, and atrocities Congress might already have passed in the middle of the night when no one is looking, it is becoming more and more dangerous just to save a picture you found in a Google image search to make a meme out of it. The Copyright freaks hate the Internet, and are all for locking it down in any way possible.

But, as the Library Freedom Project notes, libraries have special legal grants against violation of Copyright! Called "Safe Harbor", it is actually legal even under the atrocious extent to which Copyright has been expanded, for libraries to be "seen" passing exactly the kind of data that would put a private individual in danger of prosecution. Libraries are protected because already no one can know what it is someone reads in a library, and a Tor Exit node is exactly the same thing. They don't know, they can't know, by design.

As yet, I don't know any library which has taken the bold step of testing the legal waters of Tor Exit node and Safe Harbor. The first steps have been taken in that direction, in this one tiny skirmish of the endless battle of those who treasure liberty against those who lust for domination and control of others.

I expect you can tell which side I'm on.


No comments:

Post a Comment