The death of the internet

Let me throw a few of concepts we’ve been hearing about more & more lately:

  • metered bandwidth
  • end of net neutrality
  • content censorship
  • protocol restrictions
  • geographic restrictions
  • wiretapping
  • deep packet inspection
  • malware becoming crimeware
  • dataleaks
  • DDoS
  • internet kill switch

The way that we used to see the internet as an unrestricted web of information is changing rapidly. And it looks like the free ride is coming to an end.

Corporations want to dictate our internet usage, politicians don’t understand the issues of a technology from the next generation; and if they do, lobbyist money has a strong convincing power. And quite frankly your average user has no clue either. What was once a free and unrestricted flow of information is quickly becoming a metered and port/site/protocol restricted happy network.

references:

Traffic discrimination & Net Neutrality

Comcast’s P2P throttling suit

What was revolutionary about the internet was its lack of boundaries, the world was connected. Since then the marketing & licensing geniuses have caught on to the fact that it is possible to restrict content by geographic location. Like regions on DVDs you now cannot consume certain media in certain regions. It is a travesty to the human accomplishment that is the internet and inevitably leads to the absurdity that it is easier to consume pirated content than legal one.

Organized crime also has caught on, the obnoxious malware & viruses that were once spreading for fame or installing dumb toolbars are now becoming very targeted at committing crimes. From harvesting financial information to generating DDOS attacks. A black market of stolen information and network hitmen is emerging on an internet that many companies handling your data do not understand. Viruses much like biologic organisms are becoming polymorphic with self defense mechanisms. Their technological advancement clearly shows funded work as opposed to the classic image of the basement hacker we all have ingrained in our heads.

references:

Zeus botnets specialized in harvesting financial data

Researchers hijack control of the Torpig botnet for 10 days and recover 70 GB of stolen data from 180,000 infections

Governments are starting to play their silly international politics game on this new field, releasing cyber attacks against one another. The amount of information & critical infrastructure facing the great network is making it a strategic field of military and intelligence importance. It is clear that the network in its current state of international openness is an issue to government interests, and we can fully expect to find cyber borders erected in the near future, not unlike the great firewall of China even though this last example has other applications. Applications that pertain to opinion control via censoring, China isn’t the only country doing that, Australia is pretty good at it. And the U.S. is working on creating a presidential “interet kill switch”, you know just in case people here get sick enough of 2 everlasting wars and 4th amendment tramplings to take the streets. Egypt has just done it, they shut down internet and cell phone communications during their 2011 protests.

references:

Stuxnet’s specific targeting of Iran’s SCADA controled systems

The Great Firewall of China

Australia’s intenet censorship

Obama’s internet kill switch

How Egypt shut down the internet

At a time when Wikileaks is putting to shame governments and corporations, more controls are inevitable.

So what’s next?

Computers and network devices have become increasingly powerfull. So much so that this blog you’re reading is instantiated on a 8 years old server sitting on a fridge behind a home DSL. Besides computing & networking power, something else has been growing that you might have heard about: social networks.

I think that one day, a couple of geeks will be tired of the state of the internet and will throw a home-made link between their houses to share what they want when they want without getting advertised, wiretapped, datamined or attacked. This can currently be done with long range wireless devices (WiMAX) or even by adding a layer to the current infrastructure (think VPN).  Soon a third geek friend will want in, and provided that he is trusted by the founders, he’ll get in. After a while, adding friends of friends will become too far out of reach for the founders to decide and they will implement a social reputation based system for dealing with users.

And that’s it, you have a social network (at the strictest send of the term) that is growing & correcting itself based on reputation. This will of course be completely decentralized (unlike the internet) which means you will be relaying information for individuals you don’t know, hence the criticality of its reputation element.

This network will eventually be overrun by corporate, mafia & government interests finding ways to abuse the reputation systems, it will slowly die and be replaced by another couple of geeks down the road.

The end.

OH MY GOD

I came home to find one of my garbage cans laying on the ground. WHAT THE HELL? WHO DID THIS? I know, I will solve this ruthless crime with my new CCTV installation.

An the culprit is:

[flv:http://ben.akrin.com/wp-content/uploads/2010/12/poubelle.flv 640 480]

the wind…

CCTV at home or how to lead an Orwellian household

I have recently acquired 5 Foscam FI8918W ip cameras for monitoring my house.

While this may seem like a step towards wearing a tinfoil hat, I have several reasons for doing so:

  • It’s a fun geek project that is a subset of a larger endeavor to wire my house (think remote control)
  • I love to know when the UPS guy dropped a package so I don’t have hundreds of dollars worth of electronics sitting on my front porch
  • I get to know how the freaking chicken get out of their cage
  • I get to know when the fucking raccoon is doing his patrol at night so I can shoot it in the face
  • I would like to do fast motion videos of the garden through the seasons
  • And yeah I’ll admit it, I like to keep an eye on stuffs

These little cams are absolutely great, some key features include: cat5 & wifi (wep, wpa, wpa2) network access, nightvision, pan 300 degrees, tilt 120 degrees, remote control & view. I wish I had bought a couple of outside ones though. The problem with most cameras is that they do night vision by shining some infrared LEDs, if your camera is inside pointing outside, the IR will get reflected by the window and the outside won’t be visible. I have yet to mess with the angles and such to try and fix that.

What an inside camera pointed at the outside looks like at night

The web interface for the cams is great, although not all the features are supported in browsers other than IE (for example sound, microphone and multicam) but video & remote control are fine.

If you want to record what the cams see, you’ll want a server on your network. In my case I use my Linux box and run the following script every hour:

pkill -9 wget
nohup wget http://<cam1_ip>/videostream.asf?user=<username>&pwd=<password> -O /cameras/cam1_`date +%F_%T`.asf > /dev/null 2>&1 &
nohup wget http://<cam2_ip>/videostream.asf?user=<username>&pwd=<password> -O /cameras/cam2_`date +%F_%T`.asf > /dev/null 2>&1 &
nohup wget http://<cam3_ip>/videostream.asf?user=<username>&pwd=<password> -O /cameras/cam3_`date +%F_%T`.asf > /dev/null 2>&1 &
nohup wget http://<cam4_ip>/videostream.asf?user=<username>&pwd=<password> -O /cameras/cam4_`date +%F_%T`.asf > /dev/null 2>&1 &
nohup wget http://<cam5_ip>/videostream.asf?user=<username>&pwd=<password> -O /cameras/cam5_`date +%F_%T`.asf > /dev/null 2>&1 &
rm /cameras/cam*_`date --date="5 days ago" +%F_`*.asf

This hourly rotation makes it convenient to quickly locate a file pertaining to an event you’re interested in. I am removing files older than 5 days but this can easily be adjusted on the last line. The directory where this all ends up is exported to a web server for remote access which yields the following results:

As you can see, an hour on 1 cam takes about 500M of disk space. This is because the cams do not have the processing power to compress the video stream, and this is fine by me, I don’t want them doing anything of the sort. The hourly cron could very well be augmented to encode new files but storage is cheap, my server not beefy and 5 days are more than enough for me.

As for making the cameras themselves available on the web, this frankly takes some guts. This is obviously a very critical device that you do not want anybody to have access to. One could simply forward some ports on their routers and rely on the cam’s authentication mechanism (make sure to change the default of admin/<blank>…). I don’t want the cams to even face the world where they are susceptible to exploits and bruteforce attacks so I proxy their access through my web server. This allows me to restrict IP access (default deny of course). I am also able to keep an eye on the logs and in general adds a layer of protection.

Here is the .htaccess file that does this magic for one of the cams (you’ll need to have mod_proxy enabled)

Options +FollowSymLinks
RewriteEngine On
RewriteBase /
RewriteRule ^(.*)$ http://<cam_ip>/videostream.cgi?user=<username>&pwd=<password> [P]

Foscam made it really easy to mess with the cam, all of the options that are available through their web interface are also available through direct URL calls which makes it easy to integrate the camera functionalities in a script (like the recording above). I’ve even started writing my own web interface for semi-public access that allows for visual customization as well and very granular function control.

the following URLs can be appended with “&user=<username>&pwd=<password>” so as to authenticate directly.

  • http://<cam_ip>/snapshot.cgi gives you the current image
  • http://<cam_ip>/video.cgi gives you live video
  • http://<cam_ip>/live.htm gives you live video
  • http://<cam_ip>/set_misc.cgi?ptz_patrol_rate=20 lets you change the rotation speed of the motors.
  • http://<cam_ip>/set_misc.cgi?ptz_center_on_start=0 turns off the initial power-on rotation
  • http://<cam_ip>/set_misc.cgi?led_mode=2 disables the front status LED
  • http://<cam_ip>/reboot.cgi will reboot the cam
  • http://<cam_ip>/decoder_control.cgi?command=0&onestep=1 tilts up
  • http://<cam_ip>/decoder_control.cgi?command=2&onestep=1 tilts down
  • http://<cam_ip>/decoder_control.cgi?command=4&onestep=1 tilts left
  • http://<cam_ip>/decoder_control.cgi?command=6&onestep=1 tilts right
  • http://<cam_ip>/set_misc.cgi?ptz_auto_patrol_type=1 sets the patrol type, possible values: 0: none; 1: horizontal; 2: vertical; 3: horizontal + vertical
  • http://<cam_ip>/get_misc.cgi displays functional values
  • http://<cam_ip>/get_log.cgi displays access log
  • http://<cam_ip>/get_params.cgi displays configuration values

I’m very happy with them, they’re great products and fun to play with. One downside is their microphones which are pretty horrible but I don’t care much about sound. Here are a few pictures of them in action:

Inside cam pointed outside during the day

Nightvision in the chicken coop

[flv:http://ben.akrin.com//wp-content/uploads/2010/11/New-Project.flv 640 480]