While thinking about Snowden and the growing concern for data privacy by the citizens of the United States, I couldn't help but remember an advertisement I came across while watching youtube one day. The advertisement, that I have linked below, is a 20+ minute video created by Norton, an antivirus and software security company titled "The Most Dangerous Town On The Internet" and subtitled Where Cybercrime Goes to Hide. This got me thinking about the extent that some people, or governments, may go to protect their data.
Note: This video regarding BulletProof hosting that my tech musing is about, is the second video in the series that Norton has made, for further watching if you are interested, both videos can be found via the Norton website here:
Part 1: http://us.norton.com/mostdangeroustown/index.html#!/en-US/movie
Part 2: http://us.norton.com/mostdangeroustown2 (This is the video about BulletProof hosting)
The video is all about BulletProof Hosting. In other words, hosting data in locations that are essentially bulletproof on the physical level. Some locations that are visited in the video are Cyberbunker, a nuclear bunker in the south of Holland, or the Principality of Sealand, an abandoned WW2 gun platform, which considers itself a sovereign country.
A lot of the other posts I've read by my classmates for this tech musing have revolved around the general theme of civilians and the security of their personal data. This made the other side of the coin very clear to me, the question of not how can I protect my data, but how does the government protect their data, and is there anything that I can learn from that to better protect myself, or even what concerns do I have about the ways that they protect their data.
It is certainly not a lie that the dark web is a thing that exists and it is by no means a safe place to be. Although no official claims were made by any of the data hosting locations visited in the Norton video, it was clearly suggested that some of the clients of a service like CyberBunker could include those who are involved with the dark web for illegal activities as well as even governments. Bullet proof hosting is most likely extremely expensive but both governments and companies may be using it.
One quote particularly worried me about what kinds of data the government might have and what is being done with it. "It seems Cyber Bunker had evolved from a place where scammers and hackers go to hide, to where Governments and corporations do the same." If it is as was said in the John Oliver video included in the prompt for the assignment that governments may very well have records of what was said on phone calls or that raunchy picture sent to a lover, does the US government have that data, and are they using a service like Cyber Bunker to store and hide that data? No doubt exists that this is a worrisome thought that a government like our own may be legally storing stolen data from it's own citizens.
Bahnhof is another such bullet proof hosting company out there. This one in particular hosted WikiLeaks at the height of its prominence. As we all should know, Ed Snowden is not the WikiLeaks guy, but Snowden could have used a service like Bahnhof to store the information that he stole from the government. Bullet proof hosting services often try to look at themselves like a bank or post office, but the difference is a post office or bank would have to respond to complaints that a danger was in the building. It is of my opinion that bullet proof hosting shouldn't really be necessary and largely is a pointless step to take unless you are trying very very hard to keep data out of the hands of James Bond. Nonetheless, bullet proof hosting services are a safe haven for many people with malicious intent. Hosting in a place like the Principality of Sealand would allow a hacker or scammer to essentially hand pick what laws they want and don't want to apply to them. I wish I could say that there will just be an easy way that the United Nations could eliminate all of these services, but the problem is that even if we wished to stop bullet proof hosting services from hosting dangerous material, it would be like trying to catch smoke with your bare hands. Turning down a customer because they are going to or are hosting dangerous data will just cause them to go to the next service in line. Acting like a post office or a bank is just bad for business. If one service goes down, two more will rise up to take its place and make major amounts of money on the opportunity. In the world of bullet proof hosting, Hail Hydra.
Fascinating! Really learned a lot. Maybe when the Snowden movies comes out in the Fall, we'll learn more, but I think Snowden's much too sophisticated to rely on a service like Bahnhof. After all, Snowden sent the data to the journalists via sophisticated encryption. It took Greenwald 6 months to take him seriously, and learn what he needed to do to read the email. Still, is it really bullet proof? People are not as smart as the systems to protect them. Consider the leak of 11.5m files from the database of the world’s fourth biggest offshore law firm, Mossack Fonseca. What's next?
ReplyDelete