Why Bentham’s Gaze?

Why is this blog called “Bentham’s Gaze”? Jeremy Bentham (1748-1832) was an philosopher, jurist and social reformer. Although he took no direct role in the creation of UCL (despite the myth), Bentham can be considered its spiritual founder, with his ideas being embodied in the institution. Notably, UCL went a long way to fulfilling Bentham’s desire of widening access to education, through it being the first English university to admit students regardless of class, race or religion, and to welcome women on equal terms with men.

Bentham’s Gaze refers not just to his vision of education but also to the Panopticon – a design proposed for a prison where all inmates in the circular building are potentially under continual observation from a central inspection house. Importantly, inmates would not be able to tell whether they were actively being observed and so the hope was that good behaviour would be encouraged without the high cost of actually monitoring everyone. Although no prison was created exactly to Bentham’s design, some (e.g. Presidio Modelo in Cuba) have notable similarities and pervasive CCTV can be seen as a modern instantiation of the same principles.

Finally, the more corporeal aspect to the blog name is that UCL hosts Bentham’s Auto-Icon – a case containing his preserved skeleton with wax head, seated in a chair, and dressed in his own clothes. The construction of the Auto-Icon was specified in Bentham’s will and since 1850 has been cared for by UCL. His head was also preserved but judged unsuitable for public display and so is stored by UCL Museums. Many of the staff and students at UCL will walk in view of Bentham while crossing the campus.

You too can now enjoy Bentham’s Gaze thanks to the UCL PanoptiCam – a webcam attached to the top of the Auto-Icon, as you can see below from my photo of it (and its photo of me). Footage from the camera is both on Twitter and YouTube, with highlights and discussion on @Panopticam.

UCL Panopticam

View from PanoptiCam (2015-02-19)

Tor: the last bastion of online anonymity, but is it still secure after Silk Road?

The Silk Road trial has concluded, with Ross Ulbricht found guilty of running the anonymous online marketplace for illegal goods. But questions remain over how the FBI found its way through Tor, the software that allows anonymous, untraceable use of the web, to gather the evidence against him.

The development of anonymising software such as Tor and Bitcoin has forced law enforcement to develop the expertise needed to identify those using them. But if anything, what we know about the FBI’s case suggests it was tip-offs, inside men, confessions, and Ulbricht’s own errors that were responsible for his conviction.

This is the main problem with these systems: breaking or circumventing anonymity software is hard, but it’s easy to build up evidence against an individual once you can target surveillance, and wait for them to slip up.

The problem

A design decision in the early days of the internet led to a problem: every message sent is tagged with the numerical Internet Protocol (IP) addresses that identify the source and destination computers. The network address indicates how and where to route the message, but there is no equivalent indicating the identity of the sender or intended recipient.

This conflation of addressing and identity is bad for privacy. Any internet traffic you send or receive will have your IP address attached to it. Typically a computer will only have one public IP address at a time, which means your online activity can be linked together using that address. Whether you like it or not, marketers, criminals or investigators use this sort of profiling without consent all the time. The way IP addresses are allocated is geographically and on a per-organisation basis, so it’s even possible to pinpoint a surprisingly accurate location.

This conflation of addressing and identity is also bad for security. The routing protocols which establish the best route between two points on the internet are not secure, and have been exploited by attackers to take control of (hijack) IP addresses they don’t legitimately own. Such attackers then have access to network traffic destined for the hijacked IP addresses, and also to anything the legitimate owner of the IP addresses should have access to.

Continue reading Tor: the last bastion of online anonymity, but is it still secure after Silk Road?