Books

Book Review: On Internet Freedom

Marvin Ammori has written an important book about the threats to free speech and expression that we are not only privileged to conduct on the Internet today but have come to treat as basic human rights.

InternetFreedom

On Internet Freedom looks at the past, present and future of the Internet as a speech technology. Ammori examines how the coordinated and determined efforts by Big Content to protect content and increasing efforts by governments to censor content threaten Internet use as we embrace it today. Ammori also explains how these acts were in fact anticipated by Clark, Sollins, Wroclawski and Braden in a paper entitled Tussle in Cyberspace: Defining Tomorow's Internet, where the authors assert,

"User empowerment, to many, is a basic Internet principle, but for this paper, it is the manifestation of the right to choose—to drive competition, and thus drive change."

Ammori cites only the first clause of this sentence - as a technologist, I believe the second is extremely important as well - but he makes clear that the Internet's end-to-end design establishes a fundamental thesis,

"If user choice is our design principle, then users should have the final say."

Unfortunately, Ammori explains that users don't have the final say but are increasingly challenged by lawyers, bureaucrats, commissioners and others who are motivated to constrain their freedoms and who want to do so by altering the Internet's fundamental design. Ammori's response, admittedly US-centric, is simple: the Internet is a speech technology, and 

"the ultimate design principle for any speech technology, at least in the United States: the First Amendment, which protects freedom of speech. The First Amendment is not generally thought of as a design principle, but, by definition, it limits what Congress or any other government actor may or may not adopt in shaping the Internet’s future."1 

This sets the context for the remainder of the book. In Part II, Ammori looks at events leading to the 18 January 2012 Internet Blackout in protest of SOPA/PIPA and how these and possibly future legislation threaten "the speech tools of the many while reshaping our speech environment for the benefit of the few"2.

Conveniently, Part II is largely about how the few benefit. Before judging whether you believe this is even-handed or not, remember that the litmus test throughout this book is the First Amendment of the US Constitution. This Part ought to make every Internet user or free speech advocate pause, or shiver. One of the most worrisome speculations Ammori offers is the extent to which legislation could stilt adoption of emerging technologies like 3D printing or stifle future innovations of this kind.

Part III looks at how the Internet as speech technology influences governments, now governments have attempted to exert influence, and how Internet users and dominent Internet forces (Google, Amazon, Facebook, Twitter) respond. This Part will probably be illuminating for most readers, as it explains situations where a private conversation between a government official and an ISP or hosting company can circumvent the First Amendment, and why Terms of Service are often more speech-restricting than the Amendment as well.

Part IV focuses on the net neutrality issue. Ammori draws the battle lines:  ISPs seek to differentiate, rate control, block, or charge users differently for content that is transmitted on their networks. However, content includes speech and if the Intenet is speech technology, then ISPs should not be able to decide what you say or see, or they do so in violation of your First Amendment rights. Ammori also explains that net neutrality is not only a First Amendment issue but an economic one: net neutrality violations can influence investments in or creation of new technology.

I began by saying that Marvin Ammori has written an important book. It is also an extremely readable book. Ammori does a commendable job explaining constitutional law and technology in very plain speak. I highly recommend the book as something not only something for people who are intested in law or technology but for anyone who advocates freedom of expression.

On Internet Freedom is currently available as a Kindle download

1 Ammori, Marvin (2013-01-15). On Internet Freedom (Kindle Locations 469-474). Elkat Books. Kindle Edition.

2 Op. cit., (Kindle Locations 588-589).


Book Review: Network Forensics, Tracking Hackers Through Hyperspace

51rHbjW5jFL._AA115_

Daniel Geer introduces the notion of forensics as a "craft" in his Foreword to Network Forensics, Tracking Hackers Through Hyperspace, and Sherri Davidoff and Jonathan Ham tackle the daunting task of explaining forensic investigation as a craft, introduce the tools of the trade, and demonstrate how to become a craftsman admirably well. 

The book begins by providing foundational material for three important forensic concepts. The authors illustrate the role network forensics plays in an investigation by using real world cases,  explain the different kinds of evidence and how evidence must be collected to be admitted into courts, and introduce an investigative methodology, OSCAR (Obtain information, Strategize, Collect evidence, Analyze, Report). The authors next explain the forensic value of the hardware elements found in most networks. They then provide a cursory discussion of protocols and warm my heart by recommending W. Richard Stevens' TCP/IP Illustrated for those who want to understand TCP/IP networking. [Stevens actually published three volumes in the TCP/IP Illustrated series and a complementary UNIX network Programming.]

A chapter on evidence acquisition provides succinct, insightful discussions of physical interception and traffic acquisition: I particularly like that the authors make a point to answer what, why, and how.  A chapter on packet analysis uses case studies, sample commands and console ouput (or screenshots) of methods to explain how to analyze protocols, flows, and higher level traffic, all done very much in the style of TCP/IP Illustrated.

A chapter on statistical flow analysis illustrates how traffic (network) activity can be used to identify not only suspicious or malicious activity, but the parties who perform them - and their objectives (targets). This chapter explains how "intel" can be gathered from multiple locations, aggregated and then analyzed. The authors list a dizzying number of tools and their uses, and put the methodology and tool kit to work in a case study: following how the authors compose a theory of the case of The Curious Mr. X should be great fun for any wannabe investigator.

The good stuff just keeps coming. Chapters on wireless network forensics and network intrusion detection follow form, and the case studies here (HackMe, Inc. and InterOptic Saves the Planet) were only less interesting to me because I was familiar with these scenarios. Chapters on finding and using logs, middleboxes (firewalls, routers, switches), and web proxies as sources of evidence are equally valuable for organizations that want to instrument their networks so that they can contend with and recover from incidents.

Davidoff and Ham conclude the book with two chapters on advanced topics: network tunneling and malware evolution. These chapters hint at how the craft of network forensics must evolve to keep pace with formidable adversaries.

With so much information freely available via the web today, and especially with a subject matter that seems to evolve at Internet pace, there is always a temptation to think that a book offers too narrow a snapshot of an evolving landscape. Network Forensics , Tracking Hackers Through Cyberspace (Hardcover, Kindle) disproves this assertion by providing perspective, context, and most important, a methodology that you can practice. And practice... And practice...