Notes for our discussion of hacking, and "the Internet" vs. "the Darknet"
Predictably, since I last revised this page in 2024, several new
developments have increased and decreased the reliability of the
Internet as a source of digital text. In 2024, nine years after
Timberg's 2015 expose of the Border Gateway Protocol's weaknesses, the
U.S. government finally began urging technology companies to implement
"public key" strategies to insure that the servers being sent your text
(or the government's secrets) actually were legitimate and not
misleading shells set up by criminals or spies. If your
curiousity leads you in that direction, you can probably still catch up
with these events by reading "White House Unveils Road Map to Fix BGP," Dark Reading, September 4, 2024.
Also, our knowledge of
the history and sophistication of hacking has stolen a march on the
course. As of 2021, the go-to resource on the
history and current state of "zero-day" hacking exploits is Nicole
Perlroth, This Is How They Tell Me the World Ends: The Cyber-Weapons Arms Race.
NY: Bloomsbury, 2020. I ordered it as an ebook for the Goucher
Library Main Collection. In Chapter 13 ("Guns for Hire") of Part
IV ("The Mercenaries") she describes "Pegasus" software sold by the NSO
group to various national governments. It allows any smart phone,
including iPhones (!), to be turned into audio and video spying devices
by remote operators, even when the phones are not turned on. They
advertised a "zero-click installation method" that did not require the
phone's owner to do anything to enable the software to install itself,
and it also was said to be "a 'ghost' that 'leaves no traces
whatsoever'" on the infected phone (180-181). Then, in the summer
of 2021, several media outlets and Internet security companies broke
stories about thousands of political activists and
politicians whose phones had been hacked by Pegasus--Ghostbusters!: https://www.washingtonpost.com/investigations/interactive/2021/nso-spyware-pegasus-cellphones/
As of September 2024, when this page was last revised, Pegasus was
still being used to spy on political opponents of repressive
governments. NSO had told Perlroth that the Israeli government
supervised their
sales and would not authorize the software for uses other than
interdiction of terrorists, international drug dealers, child
pornographers, etc. However, as a security executive pointed out,
"When you're selling AK-47s, you can't control how they'll be used once
they leave the loading docks" (189). If you want to resesarch the
forces which hijack the "library" of the Internet and our personal
"libraries" of information and experience, you might want to start with
a chapter or two of Perlroth. The story goes way back to the Cold
War and the Soviet bugging of the U.S. Embassy in Moscow by inserting
electronic coils in the embassy's IBM Selectric typewriters that would
broadcast every keystroke outside the building to KGB transcribers
("Project Gunman," 69-77). It had been going on for at least
eight years by the time it was discovered in 1983 (77).
"Keystroke loggers" are still a common way hackers can steal your
passwords, account names, and entire identity. The
following discussion derives more directly from Timberg's two articles
and Darknet issues that have no necessary connection to state-sponsored
hacking.
Timberg's two articles, combined with a scroll through Robert Zakon's Internet Timeline, should convince you that the Internet, the network upon which all of your digital devices increasingly depend for their access to digital text (and everything else!) is a patched-together mass of compromises and inventions rather than a single, coherently designed device. The Internet's vulnerabilities to hacking are part of the way it grows new capacities, by permiting new code to "exploit" features or absences of features in old code. Beneficial exploits are praised and make some people billionaires. Malicious exploits are at least as numerous and can only be defended against with great difficulty. One form of hacking danger from the Darknet is vulnerability of the Microsoft Windows and Apple iOS operating systems to "zero-day exploits." For an explanation of the term and some examples from 2015, read: http://www.pcworld.com/article/2982361/microsoft-patches-yet-another-hacking-team-zero-day-exploit.html The much more recent "ransomware" attacks in Spring 2016 are explained in this Wired.com article: https://www.wired.com/2017/05/hacker-lexicon-guide-ransomware-scary-hack-thats-rise/
In the murky world of Internet security hacking, the terms "white-hat" and "black-hat" are used with some imprecision to identify legal, defensive hackers who help defend systems and users from those who use exactly the same computer skills to create software programs with which to penetrate system and user security for various purposes: to play, to make political statements, to damage or destroy a perceived enemy, or to make a lot of illegal money. The "hats" can change colors swiftly. For instance, a former hacker might start a "white-hat" Internet security company that offers, among other things, exclusive access to zero-day exploits so that their targets can write defensive "patch" code and distribute it before the exploits are announced. That way, they can make money from the targets, and use it to buy the exploits from freelance hackers who may be playing both sides of the game. Their terms of service could easily allow them to sell exploits to criminals as well as to legitimate software engineers trying to protect their employers and customers (i.e., you).
In addition to zero-day exploits, which are mainly unintentional security openings in an operating system or application program, software manufacturers actually intentionally build security access "backdoors" into operating systems so that their field engineers can enter them if some failure of the system operator ("sysop") access has been disabled. For instance, if you cannot log on to your Goucher account using the ordinary login screen, IT can always access your account through their "backdoor" system, though at Goucher they are supposed to ask your permission to do so. If IT's access has been disabled by some coding disaster, perhaps as a result of a botched software upgrade, the software maker's own backdoor accesss remains to allow them to recover your data. Nevertheless, if hackers discover the backdoor, they can use it, too, as in this November 2010 announcement of an Android phone backdoor exploit: http://www.h-online.com/security/news/item/Back-door-exploit-for-Android-phones-1131858.html
Some early stages in Internet security--
Steve Crocker, RFC1 for Host Software, 1969. The first Internet "Request for Comment"--note it has no section for "Security Concerns."
Jim Postel, RFC2000 for Internet Protocol Standards, 1997--the "Security Considerations" section has been added but is ignored.
Paul Nesser II, RFC2626 for The
Internet and the Millenium Problem, 1999--identifying the "Millenium" or "Y2K
Bug" and treating security rather more carefully.
The "Y2K Bug" convulsed the newly huge Internet community because so
many programs were written with code that recorded the "year" in dates
merely by the last two digits, i.e., 1999 was "99" and 1909 was
"09." What year do you think all those computer programs would
think was referred to by people entering 2000 as "00"? Yes,
1900. BIG problems were anticipated, and some countries (i.e.,
the US) spent millions of dollars in preventative reprogramming.
Other than one Japanese nuclear reactor whose radiation detectors
briefly malfunctioned until a back-up system restored them, no major
catastrophies were reported. Does this convince us that nothing
can go wrong because of incorrect or badly designed basic programming
assumptions? Or does it convince us that we are living on
borrowed time? Your answer to this question, and your reasons for
the answer, will be very interesting. Could be a short paper?