Heavy Traffic

If you want to avoid surveillance when you're on the Internet, there are two things you can do. You can encrypt your communications - e-mail, instant messages, and the like - using programs that convert what you've said into code and then allow the recipient of your messages to decode them. Or you can hide where you're coming from and where you're going.

Very few people realize how much information can be gleaned about them based on what network geeks call "traffic," the movement of bits from one computer to another. It makes intuitive sense to the privacy-minded that encrypting e-mail is a good idea - you don't want bosses, parents, or unsavory sys admins to read your personal correspondence. But what could somebody gain from analyzing your traffic? The answer is: a hell of a lot.

In fact, security experts speculate that the National Security Agency is far more interested in traffic analysis than in almost any other kind of Internet surveillance. Every time you open your browser and go to a Web site, you're broadcasting information about where you are and what kind of information you want. Your computer sends a message to another computer, a Web server, which roughly translates as, "Hello, I'm a computer at the following address, and I would like to see the Web site at your address." That "address" is an Internet Protocol address that's often unique to your computer and thus directly traceable back to you.

Someone with traffic analysis capabilities could use that information to, for example, enforce local obscenity laws. Say a person in Alabama, where sex toys are illegal, wants to buy dildos at Good Vibrations. Too bad - that person's local Internet service provider could see that the IP address originates in Alabama and wouldn't allow the computer to send a query for information to the Web servers at www.goodvibes.com.

Even though traffic analysis doesn't necessarily reveal the content of your communications, it does give away whom you're talking to and for how long. Every e-mail and instant message you send is wrapped in layers of data that are used to tell the various nodes on the Internet where that data is going and how big it is. As the data hops from computer to computer, little conversations take place that go something like this: "Hello, I'm one of three thousand data packets from Joe's IP address. I traveled to you via an Earthlink mail server. Can you send me to Michelle's mail server's IP address?" And then the computer will say, "Let me check to see where Michelle's mail server lives. Yes, data packet from Joe's IP address, I can send you there. Off you go."

Traffic analyzers snoop on these conversations, which allow them to glean whom Joe talks to and (very likely) where he or she lives. Also, by counting the number of data packets, they can figure out whether Joe is sending a tiny bit of text or a giant photograph. If Michelle's mail server lives in Fallujah, it doesn't matter whether Joe's encrypted his e-mail – you can bet he's going to get a knock on his door late at night.

Another thing you reveal about yourself when you cruise around online is what sort of information you're accessing. For example, Web traffic uses a different protocol than e-mail does. Peer-to-peer networks use their own protocols, as do hundreds of other applications.

It's information like this that allows universities to keep students from using Kazaa or eMule, two popular file-sharing programs - a few simple traffic analysis and shaping tools allow university administrators to spy on what kinds of protocols the students are using and shut down any connections that are sending or receiving P2P traffic. The ugly part of all this is that students are denied access based on the protocol they use. Despite the fact that many people use P2P networks to share large chunks of scientific data quickly and efficiently, the fact that many people use those networks to infringe copyright turns P2P into a "naughty protocol" that must be stopped.