These same states have demanded means of “lawful interception,” mandating that switches, servers and services be built with deliberate vulnerabilities so that law enforcement can tap into citizens’ communications and funnel them into massive intelligence databases. The telecom infrastructure is made even more fragile by the cozy relationship between phone companies and the agencies responsible for regulating them. Deibert makes this point vividly when he claims that Somalia has some of the world’s most advanced, cheapest and most reliable wireless infrastructure, thanks to the absence of a regulator that can be lobbied for anti-competitive favours – though thanks also to the usefulness of functional networks to warlords.
The temptation to play games with the wires and the airwaves is seemingly irresistible. Only one of Uzbekistan’s four major ISPs is free from heavy censorship – the one owned by President Islam Karimov, who benefits every time his own regime’s censorship rules make the three competing networks less attractive to the citizenry. Network penetration is growing fastest in the world’s poorest and most fragile states – countries whose populations desperately need the edge that better communications delivers – meaning that this is no privileged First World problem.
Everybody wants networks, and everyone wants to turn them to their advantage, whether that’s Canadian telecom giant Telus blocking its own union’s website (along with hundreds of other sites hosted in the same system that fell as collateral damage), the Taliban’s strong-arm control of cellular towers, or the Mexican narco-cartels that built their own elaborate wireless networks designed by kidnapped Motorola engineers. The tools of network control are the same, whether you’re a government, a military hacker or an organized crime syndicate.
This is Black Code’s virtuoso moment: when, after chapter after chapter of horror stories, Deibert shows that when states stop protecting the Internet and sacrifice its freedom and integrity in the name of convenience, they join forces with criminals and thugs.
Once, it was the norm for security researchers who discovered critical vulnerabilities to report them to vendors through a process of “responsible disclosure” that threatened to reveal the flaw at a date far enough in the future that the vendor could issue a patch before the news got out, but not so far away that the vendor could simply ignore the problem. Now, the major work on discovering vulnerabilities is being done by private security firms that sell their research to governments to be used in “lawful interception” software that hijacks criminals’ and dissidents’ computers and phones and turns them into remote snooping devices. As a result, these vulnerabilities remain unpatched, so crooks can use them to attack us too.
Without continuous disclosure and repair of security vulnerabilities, our digital world grows progressively less secure – even as we continually increase the intimacy of our relationship with it.
The conclusion of Black Code is as stirring and inspiring as the main body is chilling. Deibert calls on cops and spies and governments to actually do what they say they want to do: make cyberspace safe for human habitation. Stop compromising the network’s integrity and recognize that the only way to make the network secure is to stop eroding its security – even if that makes it harder to unaccountably, warrantlessly and secretly wiretap whole populations. Deibert calls on activists and civil society groups to take cops at their word when they say they want to secure our electronic nervous system, and to work with them on this project – but without letting them off the hook.
We live in a world made of computers: Our cars and houses are ultimately computers into which we insert our bodies; our bodies are increasingly full of computers such as cochlear implants. Everything we do today involves the Internet, everything we do tomorrow will require it. A responsible state has an obligation to approach Internet regulation with the gravitas due to the nervous system of the 21st century – but instead, it gets used as a toy for panopticon fetishists who think that all our problems will be solved when all the details of our lives are harvested and processed in the government’s data mills. Black Code is a manifesto for a 21st-century form of network stewardship, a sense of shared responsibility toward our vital electronic water supply. It’s a timely rallying cry, and sorely needed.
Cory Doctorow (craphound.com) is a science fiction author, activist, journalist and blogger. He is the co-editor of Boing Boing (boingboing.net) and the author of the bestselling teen novel Little Brother. His latest young adult novel is Homeland, and his most recent novel for adults is Rapture of the Nerds.