After he had taken the button-hole out of his coat, he seemed to hesitate. Finally, he came back, went over to the picture, and examined it. In the dim arrested light that struggled through the cream-coloured silk blinds, the face appeared to him to be a little changed. The expression looked different. One would have said that there was a touch of cruelty in the mouth. It was certainly strange.

Oscar Wilde, The picture of Dorian Gray (1891)


In a lot of countries, national security is a prioritary issue. Now that communication between citizens has been considerably eased by recent technological developments, governments may want to be able to know what happens on the territory : who do what, where, when, how, etc.
However the interface between the governemental institution and the population isn't very substantial (TV ?). Less significant, in such a society of consumption, than the interface between people and corporations. This announces a narrow cooperation between the political establishment, the judiciary power, and firms, to supervise people (like here). Yeah, with your money.


Superviza (bne)

Client side, server side

How does GPS work ? Basically an antenna receives periodic signals from different satellites, these signals are locally transmitted to a computer who, by comparing them and applying sort of a triangulation algorithm, calculates the position -i.e latitude and longitude- of the antenna. A GPS device doesn't emit beacons nor any kind of signal, it is only a receiver, so a vehicle can't be localized from a distant place by use of its GPS. Conversely, mobile phones, credit cards, internet communications, need to connect to a server to be effective. These are server-side technologies with enhanced server-side security (although it's not that sure for the credit card / ATM couple, anyway), implying that tracing and logging electronic activity is pretty easy.

Client-side security is impossible, but is sometime required, for example when a company wants to check that people use only genuine versions of their software. Nevertheless, a customer will less likely take his soldering iron than his disassembler. For these reasons it is reasonable to think that firms producing technological objects will operate a short-term shift toward a hardware approach to client-side security. The frontier between checking, controlling, supervising, profiling, is somehow blur. And here the maxim is : be furtive.

The reign of markers

Suppose you want to know the origin of a product. You have to identify it, i.e. it should have a tag, or a unique identifier, an id, a personal stamp, a primary key. Smile, in our digital world, this is easy to do :)


Let's see how daily technological objects incorporate markers :

computers : Here won't be stressed the myriad of ways to identify a commercial computer, from the microprocessor's serial number to the MAC address of the ethernet card (without mentioning the motherboard's UIN or some OEM operating system's key).

printers, photocopiers, faxes : One of the fun aspects of nanotechnology is that everything is very small. So, when you print or photocopy a document, if something else, very small, is printed simultaneously, you probably won't notice it. Even if this "something else" is an unambiguous, unique, signature of your printer. You see, the idea is to use the support of the information (you got it, paper) to incorporate identifiers. Print microdots, tag your sheets, nice and easy, that's it.

networking, gateways, proxies, firewalls, wi-fi access points : You know that every protocol has its unofficial channels. For example, friends are the best way to find a job. Anyway. So you trust your network ? You trust your modem ? Good. Ah, the wonderful world of online banking via wi-fi without knowing that a modem provides external access with default admin/password identifiers and can log and display each packet going through it. Ah, accessing private e-mail through a hacked proxy. Ah, having all his internet passwords being sent (via port 80 to bypass firewalls) to some exotic country by some facetious extension of a web browser. Joys of wide area networking.
Some companies will carry on providing hardware and programs with leaks, sensitive to buffer / stack overflows, hence offering remote shells. Quite exciting to give an access via an undocumented secret shortcut, don't you think ? Anyone who experienced the twisted pleasure of programming a backdoor will understand that.

scanners, digital cams, webcams : Basically, steganography is the art of hiding a message into another one (recipient). A simple example is to use the low significant bits in a bitmap image, or the high frequency coefficients of the DCT (discrete cosine transform) in a jpeg one, to code a message without altering too much the image, visually speaking.
This topic is widely studied and schemes of highly resistant watermarking (i.e redundancies are introduced, and subsequently a not-too-radical modification of the recipient does not destroy the hidden message) have been proposed. (Amusingly watermarking theory can be considered as a small branch of information theory, but simultaneously exhibits a weird parallelism with it, for alterations are somehow analogous to the introduction of errors.)
The purpose of the above explanation is to introduce the fact that it is obvious that pictures, videos, streams, etc, generated by most of commercial digital devices will more or less quickly contain steganographic channels, i.e. that inside the digital picture of your wife and your three children will be coded the unique identifier of your digital camera (and other various metadata). Oh, and couldn't this very digital camera be associated with your credit card number ? A smart way to find criminals, don't you think ?
Of course these considerations hold also to any media created with your mobile phone, to your dictaphone, to your new DVD-recorder, etc.
For more technical aspects of steganography, have a look at Guillermito's page.


Matt Groening's watermarking
people : Fingerprints seem the oldest physical primary key to scientifically distinguish people. Nowadays biology has introduced disoxyribonucleic acid (DNA) and has extensively studied the iris, which is more accessible and presents a unique intricate pattern analyzable distantly, promising a shiny future to biometrics.
Concerning markers and people, what is kinda funny is that untraceable people are becoming out of the norm. A manager will find weird that someone applying for a job in his company seems to be "ungooglable". That's life.

For more common products like clothes or books, if you forget street cams and satellites, the control and identification of objects may be taken care of by RFID transponders. Waves of truth :)

Note : if you understand french and have 10 minutes, have fun with an enlightened point of view.


See what I'm saying ?

Little Neo, dec 2005 / upd : mar 2007