An "I work for the man" review of Cory Doctorow's "Little Brother"
I'm writing this from my economy class seat on a Qantas flight from Melbourne to New York for the HOPE conference. As the flight was delayed by over three hours (which may cause me to miss my connection to New York, either way it will be tight) so I'll soon (well, in another nine hours) get to experience some of the sights & sounds referenced in the book, both from the US Government & the hackers fighting against them.
I come to Little Brother with a different perspective then most as my day job is to run large-scale systems that filter web & e-mail for primary & high school students worldwide (>2 million direct users) so anything that allows students to bypass our systems would of course be considered a bug.
The concept & use of pervasive tracking presented in the novel is both depressing and seemingly quite likely. I really do hope that schools don't get forced (won't somebody please think of the children!) into some version of this. Working with schools I know how tight the purse strings are, and, at least in Australia, I feel confident that this wouldn't get deployed unless & until legislation was padded requiring its use. Simple surveillance is more likely, and less objectionable as the "but everybody else is doing it" excuse will hold some sway here.
The sad fact of life is that w15t0n's father would be extremely common, as we've seen in America, with so few people objecting to the erosion of their civil liberties even when presented with some solid evidence.
So from my perspective could ParanoidLinux work. In short no. The problem is it's easy to do cross-comparisons of an aggregate of users and do exactly the sort of profiling suggested in the book. The mere act of overwhelming the data collection systems is data in itself.
Xnet on the other hand could work. There's practical problems with NAT's etc, but there's absolutly no reason why it couldn't work, especially when a net like that actually scales. TOR itself is an example of the concept, a closer one might be FreeNet.
However, there are simpler solutions that would actually work. IP-Over-DNS does actually work most of the time. I only know of a few cases where people have created intellegent caching DNS implementations that block IP-Over-DNS. However if you have a server available, just having SSH listen on port 443 works just as well most of the time as people very rarely ensure that the port someone does a "CONNECT" to is actually HTTPS.
As for myself, all of my important communications are encrypted via SSL or PGP, with keys verified wherever possible. While I don't encrypt my laptop's hard drive I do use encrypted swap to hopefully ensure data I keep stored encrypted (like the backup passwords for several hundred servers around the world) can't be easily leaked. I do also gain some small measure of protection by running a 64-bit linux, instead of something where government trojans might be more easily available.
So will I buy the print book? I'm not sure; if I happen to see it in a shop, probably, but otherwise I guess not. On another hand I'll certainly be recomending it to people.