Readers’ comments
Your views and feedback from email and the web
Digital vassal
I’ve been mulling over several thoughts recently, prompted by the excellent issue 297. I find it deeply ironic that one of the big arguments made in favour of Brexit was one of sovereignty. More recently, Theresa May’s difficulty in getting a deal done has centred on the “Northern Ireland backstop” and how it will (so we’re told) turn the UK into a vassal state.
It’s ironic because no one seems to have noticed that the UK is rapidly becoming – indeed you might say has already become – a digital vassal state. We have allowed ourselves to become reliant on capricious American tech companies in all aspects of daily life. We are charging into a world where even the most basic daily functions require a smartphone.
Whether it’s online banking, paying for parking or controlling your home music system, one can barely go more than a few minutes without reaching for a device. This means we have two choices: pay for an overpriced device from Apple, or choose Android, where your every interaction generates a data point that can be used for profiling.
If the UK government decided to release an app of some kind and, for whatever reason, Apple didn’t like it, that would be that – app blocked. The same is true of the Google Play Store. We are becoming dependent on systems over which we have zero say.
Last month, Darien opened his column with a sentiment that we have heard many times: “Look at my browser history if you want – you’ll be very bored.” Maybe true but his
browser history is no one else’s business and should remain private.
The problem is the big data analysis that can be done with that sort of information. For example: “Based on the data of millions of other people, we can infer with 89% certainty that because Darien looked at websites X, Y and Z after 9.30pm on a Saturday for four weeks in a row, he will do the following things in the next 24 hours.” Add the intimate details of smartphone interactions, and these companies have more idea of what you’re going to do next than you do.
What we have is a swirling cauldron of privacy and sovereignty issues, which politicians seem scarcely conscious of. I have been a keen tech follower since I was five years old and my Dad bought a 48K ZX Spectrum. However, I now find myself struggling to believe that the benefits we’re currently gaining are worth the long-term sacrifices. Gavin Hall
We’ve ruined the garden
I enjoyed Jon Honeyball’s interesting and comprehensive article about the demise of the internet ( see issue 297, p110). He writes: “We have decided that it’s safer to be anonymous than to be identifiable. It’s clear why this is the case. No one can get
back at you if they’re annoyed by what you say…”
I accept what he is saying in the context of thoughtless and offensive comments on Twitter, Facebook and similar sites, but I see a difference between these and important (financial and similar) websites where the cost of insecurity can be unpleasantly expensive. History has shown that all sites are vulnerable to hacking. When that happens, the identities of thousands or millions of people can be – and have been – lost. Assembling accurate, comprehensive IDs from these losses is made easier for fraudsters.
Giving a false or minimal ID on non-financial sites limits the chances of fraudsters assembling the individual’s true ID and using it to the financial detriment of that individual. C Webber
Jon Honeyball replies: A thoughtful response. However, security through obscurity never works. It is time we properly learnt that lesson.
Mini marvels
I enjoyed your mini PCs group test ( see issue 297, p76). My current Shuttle, now seven years old, sports a Xeon processor, SSDs, graphics card and 8GB of RAM, and can handle anything I throw at it. My next build will be based on a laptop motherboard using SSDs in a 1U or 2U rack case that will fit into an Ikea side table that measures 17in internally and already has a 1U homemade NAS unit and a 24-port network switch.
Under the main TV, attached to the wired home network, we have the “can”: a cylindrical mini PC
containing a quad-core 1.8GHz Intel Bay Trail Z3735F processor, with 2GB of RAM and 32GB of storage. All it does is stream catch-up TV and output Spotify to the surround sound system. Michael Ashworth
DNS changes
You reported on plans from Firefox and Chrome to move from DNS to DoH (DNS over HTTP) as it’s more secure and prevents ISPs seeing what their users are up to. As a result, the porn filters used by major British internet service providers may stop working ( see issue 297, p10).
However, unless the end point (the user’s computer) is using a VPN of some kind, the ISP will still see the TCP handshakes and sessions between the end point and the restricted site. Surely the ISP could perform a reverse lookup on the IP and see from that whether the site is on a block list? It could then instruct the edge router, connecting the end point to the internet, to drop the packets.
Surely the ISP could perform a reverse lookup on the IP and see from that whether the site is on a block list?
This would be relatively trivial to implement in C, especially as modern servers can address so much memory. The application could cache the sites’ common names and IP addresses in memory for fast look-up.
I thought this sort of intelligent content processing, as part of the network, was the point of OpenStack or did I miss the point? With a little bit of work, you can already set up a Raspberry Pi with Pi-hole and a remote DoH service, which will blackhole your DNS traffic and ads across your entire network. There’s no need to wait for Firefox or Chrome. Anonymous
PC Pro replies: The Raspberry Pi makes a great gateway onto the internet for anyone who needs to process the bits and bytes coming their way before they arrive on their PC. Indeed, we examined exactly how you can set up a black hole like the one you’re describing using either a Raspberry Pi or old laptop three months ago ( see issue 295, p44).
However, any change of this sort made by browser developers is big news as it means it’s immediately available – usually entirely passively – to the general public, including those who have neither the skills nor the interest in developing a Pi-based implementation themselves.