Thursday, 26 November 2015


Carrier Sense, Multiple Access / Collision Detect.

Well it's moved on a bit since then at the topology/packet transmission level, but fundamentally it's still the same principle.  Ethernet networks, that sort of network that your computers at home are connected together by and also the network that is the main and primary communications channel holding the internet together, is CSMA/CD.

Carrier Sense:  All parties wanting to talk on the network have a quick listen to the network first to see if it's quiet.  If it is not, then they wait a bit and try again.

Multiple Access ... and here's the rub:  Many parties have access to the same shared network at the same time.  All parties can talk at the same time.  All parties can hear what the others are saying.  Well things have moved on a bit since CSMA/CD came out, network switches by and large have a larger backplane bandwidth than the bandwidth of the network so can isolate various network segments from each other based on MAC layer protocols, but even then it's reasonably simple for any listener to inject a MAC layer packet into the protocol that switches use to figure out who is where, so that the listener can hear some or all of the conversations on the network tha were not intended for it.  Alternatively it's also reasonably easy to program that at the switch level, so that the switch will (unbeknownst to the talkers) send all traffic to a specific listener as well as the listener that it was intended for.

There are a few Point-to-Point protocols on the internet, mostly used over long distances, but when packets are rattling around in a data center (where they tend to spend a large portion of their lives), there is nothing to stop party A listening in on a conversation between parties B and C.  That's how ethernet works, and so that's how the internet works.

Collision Detect.  If two parties talk at the same time, there will be a collision.  So if party A and party B send a packet at the same time, there's a protocol for party C (the intended recipient) to say "I didn't get that, it was garbled, please send it again".  Alternatively, party D, not the intended recipient, can also say "please send it again" so that it has a better chance of analysing the conversation going on and perhaps capturing the keys for any encrypted traffic that's being sent.

I recall an anecdote told to me by an ex-US military guy who worked for signals during the war in Vietnam.  He'd listen in on VC and NVA radio traffic, having learned the Vietnamese language, record them and translate them to hand back to intelligence corps.  If something was said on the radio that he didn't clearly understand, he'd ask the talker to repeat that and the person being listened to would politely and often more slowly and clearly repeat the information that he was after.  After all, HF radio is a difficult medium, and traffic can be lost as it bends around mountains and bounces around the atmosphere, so why wouldn't you repeat what you just said if someone on the other end of the radio asked you to do so?  Even if they were an enemy spy listening in on the orders you were relaying from Hanoi.

My, what a lot of computerised gobbledygook.  Del's talking c**p again, what does it all mean?

What does it all mean, dear readers (you've gotten this far so I'll be presumptuous enough to call you "dear")?

It means that nothing you say on the internet is private, at any time, on any level, ever.  All sorts of people could be listening in, traffic logging, all without your knowledge.  If they didn't get it the first time, they'll ask you to say it again, and your network layer will do precisely that without asking questions.  No, it's not Big Bad Facebook or Big Bad Google or Big Bad Pirates out to get you, it's the fundamental protocol that hangs the internet together.  Get used to it.  If you want to have a private conversation with someone, use the phone, or better still, have it in person.

No comments:

Post a Comment