Category: Internet

internal chaos, exported

A case of China exporting its internal chaos, as Jamie Kenny would say; I was recently talking to someone who had installed a wireless broadband network in China, and they mentioned that they’d had an exciting experience with a Huawei router. Politicians whose constituents include Huawei’s competitors are endlessly insinuating that their equipment is always secretly talking back to the Chinese, but no-one has ever caught them at it.

So our chap was suitably fascinated when they turned the thing up and they immediately started to see traffic heading for an apparently inexplicable address within China Telecom’s provincial network in Guangdong. Now, they weren’t in the province, but of course Huawei HQ is. Of course they fired up a monitoring tool to capture the traffic and see what it was.

It turned out to be the router’s internal inter-chassis traffic, which should have been going to its own loopback interface, but was instead leaking onto the Internet. It seemed that someone in Huawei had borrowed some public IP addresses to use in their lab, rather than either using Huawei address space privately, or else using the designated private address space, had used the address in the router firmware, and had then forgotten about it. (Rather like that time all the D-Link Wi-Fi boxes in the world started asking some guy in Denmark for a time signal, in case you think it’s just the Chinese who do these things.)

Obviously, routing via China would have been…suboptimal, and would have involved passing through the Great Firewall. But it would have worked in Huawei’s lab, or locally in Guangdong. No conspiracy, just internal chaos leaking across the border.

Going round the country, stirring up apathy

So, that PCCSpoil blog. To begin with, it was a collection of spoiled ballots from the police commissioner elections, a large (>75%) proportion of which seemed to add the hashtags #PCCSpoil or #policespoilballot. I had the impression that this suggested a campaign of some sort. After all, why the hashtag if you weren’t planning to put it on the web?

Since then, the blog has vanished, briefly shown a Mike Giggleresque student politics video, and now points at a petition to explain one’s spoiled ballot to No.10 Downing Street. Someone on Twitter thought the slogan “Don’t politicise the police”, which many of the spoilers used, might be a Police Federation internal line. But it’s not.

There was a policeman who was supporting it, CynicalBobby on twitter. Also, a well-known libertarian. But these were late to the party. Much earlier (9th November) a facebook page had appeared. Following up people who liked it or contributed in any way, I found no cops, but a variety of people who were by turns Green, sceptics, atheists, pro-Palestinian, and from Yorkshire, Wales, or the Isle of Wight, in more than one case.

Spoiltpapers.org.uk was registered by someone in Wrexham on the 9th of November, the same day the facebook page appeared. On the way, Plaid Youth glommed on. But many of the people involved were in comments to this Guardian piece, on their Northerner blog, from the 5th of November.

That, in turn, was from this lady, a regular contributor from God’s and Jimmy’s own county, a green-minded pro-Palestinian ex-Lib Dem who even introduced the slogan, on the 3rd. We have a patient-zero. Magic darts!

A special note. Tumblr, like Facebook, doesn’t delete your photos if you kill your account or even delete stuff from it. They remain in whichever content-delivery network they used. I know this because, after the PCC blog vanished, I noticed I still had a copy open in a browser tab, and I was able to wget all the images and the HTML wrapper into an archive.

Update: One of the people in this post is now claiming to be me! As a note to the TV producers who are asking me for copies of the spoiled ballots, PCCSpoil is not my blog and has nothing to do with me. My bet is the Plaid guy.

How the Scottish Labour party got telecoms policy right in 1895

Via someone on twatter, Parliament debates telecoms regulation, in 1895. The superficial bit:

there was a great distinction between telephones and such subjects as gas and water. Gas and water were necessaries for every inhabitant of the country; telephones were not and never would be. It was no use trying to persuade themselves that the use of telephones could be enjoyed by the large masses of the people in their daily life. [An hon. MEMBER: "America."]

He did not think his hon. Friend was aware of the fact that in the large towns of America subscribers had to pay £40 to £50 for the service which a subscriber in London obtained for from £10 to £20. He went further and said that in a town like London, or Glasgow, or Belfast, an effective telephone service would be practically impossible if the large majority of the houses were furnished with telephones, so great would be the confusion caused by the increased number of exchanges. He was not stating his own opinion, but that of experts.

You’ve got to love the appeal to nameless experts there, and the general 640K-ness. But there’s more, and as this evening’s unstated theme is turning out to be “blog about why things everybody agrees on don’t get on the ballot”, it’s worth reading on.

For a start, they’re debating the question of whether cities ought to be allowed to run their own networks, a topic which is just as fresh today as it was then. Everyone agrees that a private-sector monopoly is undesirable, but is the answer muni-fibre (well, muni-copper), regulation and a universal-service fund, a nationalised industry, or something else? The minister, Arnold Morley, argues that it’s mostly a national-level or even supranational (he says imperial) infrastructure issue. Glasgow Labour MP A. C. Corbett makes a vigorous case for municipal socialism in telephony as in everything else. Sir J.E. Gorst sketches out the situation, which is almost as much of a mess as UK telecoms policy is now. A good row is fought out about who is responsible.

A. D. Provand, yet another Glasgow MP, invents settlement-free peering 100 years early and points up the difference between peering and termination:

The terminals would operate in this way: If, for example, London had a telephone licence, it could not send a message to Brighton unless Brighton had also an exchange, which would deliver the message free, otherwise the London message would he delivered through the present Company at Brighton, which would charge a terminal for doing so, The effect of that would lie to double the rate between London and Brighton.

And A.C. Corbett basically hits on the solution everybody who’s seriously thought about it prefers: open access to shared civil infrastructure! But why put up with the open access bit when the town hall can run the whole thing?

It had been suggested that where underground telephones were necessary, and where it was impossible for the municipality to entrust the control of the streets to any private corporation working for profit, that the municipality should lay these underground wires and take all the care of them. If the municipality was to lay the wires and take all the care of maintenance, there was no possible reason why the municipality should not take over all the undertaking and derive all the profit to be got from it.

Then again, once you’ve got the rights-of-way and the ducts in the public hand, you can do both, like Singapore’s NBN.

Well, at least we were spared the private sector monopoly…until we got it anyway. It is pretty astonishing, though, when you think of some of the places that have got 150Mbps FTTH networks and some of the places that have already sorted out LTE spectrum, and then of the UK. Agenda-setting is a powerful force.

not at all defanged

Remember that thumbsucker I did on the Great Firewall? Well, here’s some data, via this post (thanks, Jamie). It seems that Fang Binxing, China’s Chief Bellhead, boss of the Beijing University of Post & Telecoms, and king of the great firewall, really is in trouble due to his special relationship with Bo Xilai. He briefly came up on the web to threaten to sue a Japanese newspaper which thinks he was detained for investigation. Then, the former head of Google in China (who obviously isn’t neutral in this) prodded him, and he denied having the power to block the offending story.

The FT, meanwhile, thinks Zhou Yongkang, the head of the security establishment, is on the out. That shouldn’t be overstated because he’s due to retire, but he has been doing a rubber chicken circuit of second-division official appearances, and his key responsibilities have been taken over by others.

Fang is supposedly being replaced by Yan Wangjia, CEO of Beijing Venustech, who was responsible for engineering the Great Firewall. Her company’s Web site is convincing on that score. Here’s the announcement that they got the contract to provide China Mobile with a 10 gigabit DPI system:

Recently, Venustech successfully won the bid for centralized firewall procurement project of China Mobile in 2009 with its 10G high-end models of Venusense UTM, thus becoming the first company of its kind to supply high-end security gateway to telecom operators.

It is said this centralized firewall procurement project is the world’s largest single project of high-end 10G security gateway procurement ever implemented, drawing together most of world-renowned communication equipment vendors and information security vendors such as Huawei and Juniper. Through the rigorous test by China Mobile, Venusense UTM stood out, making Venustech the only Chinese information security vendor in this bid.

Looking around, it sounds like they are the hardware vendor of the Great Firewall, specialising in firewall, intrusion detection, and deep-packet inspection kit for the governmental, educational, and enterprise sectors “and of course the carriers”. Well, who else needs a 10Gbps and horizontally scaling DPI box but a carrier? Note the careful afterthought there. Also, note that they’re the only people in the world who don’t think Cisco is a leading network equipment vendor.

Canalising the marshes: tidying up the people

Well, this is interesting, both on the Bo Xilai story and also on the general theme of the state of the art in contemporary authoritarianism. It looks like a major part of the case is about BXL’s electronic surveillance of Chongqing and specifically of top national-level Chinese officials:

One political analyst with senior-level ties, citing information obtained from a colonel he recently dined with, said Mr. Bo had tried to tap the phones of virtually all high-ranking leaders who visited Chongqing in recent years, including Zhou Yongkang, the law-and-order czar who was said to have backed Mr. Bo as his potential successor. “Bo wanted to be extremely clear about what leaders’ attitudes toward him were,” the analyst said.

That’s Zhou Yongkang as in the head of the whole Chinese internal security structure, cops, spooks, and all. Bo’s police chief (and future sort-of defector) Wang Lijun is described as being “a tapping freak”, addicted to the productivity and hence apparent power of electronic intelligence. Not only that, Wang eventually began tapping Bo, who was also tapping the CDIC feds who came down to keep an eye on him.

The practicalities are, as always, interesting.

The architect was Mr. Wang, a nationally decorated crime fighter who had worked under Mr. Bo in the northeast province of Liaoning. Together they installed “a comprehensive package bugging system covering telecommunications to the Internet,” according to the government media official.

One of several noted cybersecurity experts they enlisted was Fang Binxing, president of Beijing University of Posts and Telecommunications, who is often called the father of China’s “Great Firewall,” the nation’s vast Internet censorship system.

It’s worth pointing out that the provincial networks belonging to China Mobile, China Telecom etc. are usually organised as companies in their own right, and they often have their own AS numbers, and indeed they often contract for substantial network development projects with Western vendors (Nokia Siemens recently had a big mobile network contract in Sichuan, notably) on their own right.

Anyway, Fang’s involvement is very interesting indeed. He is responsible for the state-of-the-art authoritarian solution to the Internet. This is not just, or even primarily, a question of blacklisting websites or turning off the Internet. The Great Firewall’s detailed design, as the Cambridge Computer Lab found out a while ago, is specifically intended to be a semi-permeable membrane. Rather like Hadrian’s Wall, it is more about the gates through it than the wall itself, and the defences point in both directions.

When a computer within it tries to initiate a TCP connection to one outside that is classified as dodgy, the Firewall sends an RST message back to kill the connection. This permits much higher performance than the DNS-based blacklisting typical of, say, the UAE.

It also means that it’s possible to ignore the RST and look through the firewall by using your own firewall utility (specifically, set something like iptables to drop any RSTs for connections in states other than ESTABLISHED before a suitable time has elapsed). However, it would be a fair guess that any traffic doing this is logged and analysed more deeply.

Further, there is a substantial human infrastructure linking the media/PR/propaganda system, the police system, and the Ministry of the Information Industry. This uses tools such as moderation on big Web forums, direct recruitment, harassment, or persuasion of important influencers, the development of alternative opposition voices, and the use of regime loyalist trolls (the famous wumaodang).

The firewall, like Hadrian’s Wall or the original Great Wall, also has an economic function. This acts as a protectionist subsidy to Chinese Internet start-ups and a tariff barrier to companies outside it. Hence the appearance of some really big companies that basically provide clones of Twitter et al. Because the clones are inside the firewall, they are amenable to management and moderation. 

And none of this detracts from the genuine intention of the people at 31 Jin-rong Street, the China Telecom HQ, to wire up the whole place. Iran’s surprisingly important role providing broadband to Afghanistan and diversionary links to the Gulf reminds us that providing connectivity can be a powerful policy tool and one that you can use at the same time as informational repression.

So, Fang’s achievement is basically a package of technical and human security measures that let whoever is in charge of them command the context Web users experience.

Last autumn, several of the Chinese web startups were subjected to the combined honour and menace of a visit from top securocrats. Tencent, the owner of QQ and the biggest of the lot, got Zhou Yongkang in person. In hindsight, this will have been around the time the CDIC landed in Chongqing.

So, where am I going with this? Clearly, there was serious disquiet that somebody was usurping the right to control the wires. Even more disquieting, the surveillance establishment in Fang’s person seemed to be cooperating with him. And the systems he set up worked just as well for someone increasingly seen as a dangerous rebel as they did for the central government. (In fact, the people who like to complain about Huawei equipment in the West have it the wrong way round. It’s not some sort of secret backdoor they should be worrying about: it’s the official stuff.)

I do wonder, depending on what happens to Fang (he’s still vanished, but his Weibo feed has started updating again), if we might not see a relaxation of the firewall, which the pundits will consider “reform”. In fact it will be no such thing, rather a cranking up of internal chaos to facilitate a crackdown on opposition.

The politics of call centres, part two: sources of failure

So, why did we get here? Back in the mists of time, in the US Bell System, there used to be something called a Business Office, by contrast to a Central Office (i.e. what we call a BT Local Exchange in the UK), whose features and functions were set down in numerous Bell System Practice documents. Basically, it was a site where the phone company took calls from the public, either for its own account or on behalf of a third party. Its practices were defined by Bell System standardisation, and its industrial relations were defined by the agreement between AT&T and the unions, which specified the pay and conditions for the various trades and workplace types inside the monster telco. If something was a Business Office according to the book, the union agreement covering those offices would apply.

In the Reaganite 80s, after the Bell System was broken up, someone realised that it would be possible to get rid of the union rules if they could re-define the site as something else. Not only could they change the rules, but they could move the site physically to a right-to-work state or even outside the USA. This is, it turns out, the origin of the phrase “call centre”.

In the UK, of course, call centres proliferated in parallel with utility privatisation and financial deregulation. A major element in the business case for privatisation was getting rid of all those electricity showrooms and BT local offices and centralising customer service functions into `all centres. At the same time, of course, privatisation created the demand for customer service in that it was suddenly possible to change provider and therefore to generate a shit-load of admin. Banks were keen to get rid of their branches and to serve the hugely expanding credit card market. At another level, IT helpdesks made their appearance.

On the other hand, hard though it is to imagine it now, there was a broader vision of technology that expected it all to be provided centrally – in the cloud, if you will – down phone lines controlled by your favourite telco, or by the French Government, or perhaps Rupert Murdoch. This is one of the futures that didn’t happen, of course, because PCs and the web happened instead, but you can bet I spent a lot of time listening to people as late as the mid-2000s still talking about multimedia services (and there are those who argue this is what stiffed Symbian). But we do get a sneak-preview of the digital future that Serious People wanted us to have, every time we have to ring the call centre. In many ways, call centres are the Anti-Web.

In Britain, starting in the 1990s, they were also part of the package of urban regeneration in the North. Along with your iconic eurobox apartments and AutoCAD-shaped arts centre, yup, you could expect to find a couple of gigantic decorated sheds full of striplighting and the precariat. Hey, he’s like a stocky, Yorkshire Owen Hatherley. After all, it was fairly widely accepted that even if you pressed the button marked Arts and the money rolled in, there was a limit to the supply of yuppies and there had to be some jobs in there as well.

You would be amazed at the degree of boosterism certain Yorkshire councils developed on this score, although you didn’t need top futurist Popcorn Whatsname to work out that booming submarine cable capacity would pretty quickly make offshoring an option. Still, if Bradford didn’t make half-arsed attempts to jump on every bandwagon going, leaving it cluttered with vaguely Sicilian failed boondoggles, it wouldn’t be Bradford.

Anyway, I think I’ve made a case that this is an institution whose history has been pathological right from the start. It embodies a fantasy of managing a service industry in the way the US automakers were doing at the same time – and failing, catastrophically.

as for the Mahler, I think it could do with a helipad

China’s neo-con blogging fever-swamp, via (of course) Jamie K.

For instance, Gao Yi, a well-known music critic, tweeted: “Compared with a war, US$7 billion is much more worthwhile. Right now, we lack the off-shore staging capacity for a mid-intensity war.

A well-known music critic? Now that’s special. You don’t get detailed comment on the Royal Fleet Auxiliary’s seabasing capability from Martin Kettle when he’s in one of his SUCK ON MY CULTURE, PROLE moods, or indeed when he’s editorialising, do you? Does Brian Sewell take a view on whether the much delayed Maritime Afloat Replenishment Ship project should go down the Dutch/Canadian JSS route, perhaps building on licence from Schelde in the UK, or stick with specialised tanker and dry-replenishment hulls?

It’s a pity that this doesn’t mean their politics is any more pacific.

A little story about Google Mail

Jamie Zawinski and Charlie Stross pitch in to the poisonous row about Google + and its “real names policy”. Now G+ seemed like a good idea to me because of this instant-classic paper, which demonstrated that a) people hate creepy targeted-advertising schemes even if you pay them to put up with it, b) we manage privacy by letting other people know things to different degrees depending on context, and c) we get really angry when other people talk behind our backs and violate the boundaries between contexts. When this paper appeared I literally chased everyone at Telco 2.0 around with it until they read it. Now, you can see with things like the “circles” feature that someone at Google did too.

But then, there’s this whole fiasco about trying to impose single identities that always consist of two space-separated UTF-8 strings containing only alphabetical characters, that seem normal to someone from Palo Alto.

unconferencing - 1

Yeah, just like that. Which reminds me of a story. Not so long ago, I was talking to the Google product manager for GMail, during – yes – an open-space workshop on privacy and identity issues. He (and he certainly is compliant with the policy sketched out above) asked if anyone knew why GMail lets you pick a graphical skin, basically a user stylesheet, for your account. After all, they spent millions on the pretty UI, so why would you want to do that?

Apparently the idea came from one of the UI/UX designers. Who said that it should be possible to tell at a glance which one of several GMail accounts you were using. The programmers and network engineers of course didn’t get it – why the hell would you want two GMail accounts? Hadn’t they just spent quite a lot of time and money and hard work building an e-mail service that you’d actually want to use? Wasn’t it a major design goal of the whole project that people would want to pipe their other e-mail accounts into GMail, far from creating more e-mail accounts? And surely, if you wanted to keep e-mail associated with different people or things or themes together, you could use labels, and set up filters to automate the distinction?

To which she said that if you have one privacy context that includes your thuggish ex-husband and his lawyer and your fundamentalist Christian teabagger mum, another that includes your high-functioning asperger’s coder boss and various similarly brilliant-but-awkward nice-guy types from work, and yet a third that includes your actual and very irreligious friends, the consequences of wrong-slotting an e-mail were far more serious than just posting to the dev list when you meant the user list or vice versa. Therefore, sometimes you needed a non-permeable membrane between contexts and a suitably glaring visual distinction.

A slow dawn spread across the meeting, someone pointed out that after all it was just an alternative CSS sheet technically speaking, and skins were added to the feature list for the next deploy. (Like the green-screen theme for GMail? Thank feminism.)

Now, it doesn’t look like she’s been consulted on this particular project, and I think her input would probably be worth having. But then the feminists would have something to say about why nobody seems to have asked. Actually, although our Googler didn’t name names and I therefore won’t name him, a bit of lateral thinking suggests her career appears to have developed in a manner to her advantage, so perhaps it’s one for the theory of bureaucracy instead.

your call could not be connected – please check the number and try again

The Obscurer has possibly the first intelligent article on the whole “turn off their Facebook! that’ll learn em!” furore. Notably, they interviewed one-man UK mobile industry institution Mike Short. Go, read, and up your clue. I especially liked that the piece provided some facts about the 7th July 2005 terrorist incident and the mobile networks.

There is only one reported case of a UK network being closed by police. During the 7/7 London suicide bombings, O2 phone masts in a 1km square area around Aldgate tube station were disconnected for a number of hours.

Police have an emergency power to order masts to be put out of action known as MTPAS – Mobile Telecommunication Privileged Access Scheme. The move has to be approved by Gold Command, by the officers in highest authority during a major incident, and is designed to restrict all but emergency service phones with registered sim cards from making calls. But a shutdown can have dangerous knock-on effects. Short says that phones within the Aldgate zone automatically sought a signal from live masts outside it, overloading them and causing a network failure that rippled out “like a whirlpool”.

On the day, other networks were simply overloaded as Londoners sought reassurance and information. Vodafone alone experienced a 250% increase in call volumes

MTPAS is the GSM-land equivalent of the old fixed phone Telephone Preference Scheme (not to be confused with the new one that blocks cold-callers), which permitted The Authorities to turn off between 1% and 90% of phone lines in order to let official traffic through. As far as I know, the Met never asked for it and it was City of London Police who initiated it without asking the Met or anyone else, and in fact O2 UK’s network had been keeping up with demand up to that point, before the closure caused the cascade failure Short describes.

The significance of O2 is that it used to be “Surf the Net, Surf the BT Cellnet” and some residual gaullist/spook reflex in the government tried to keep official phones on what was then one of two British-owned networks.

Anyway, this weekend seems to have the theme “The Intersection of Charlie Stross and the August 2011 Riots”. Charlie’s talk at USENIX is sensibly sceptical about some tech dreams as they apply to networking.

This leaves aside a third model, that of peer to peer mesh networks with no actual cellcos as such – just lots of folks with cheap routers. I’m going to provisionally assume that this one is hopelessly utopian, a GNU vision of telecommunications that can’t actually work on a large scale because the routing topology of such a network is going to be nightmarish unless there are some fat fibre optic cables somewhere in the picture. It’s kind of a shame – I’d love to see a future where no corporate behemoths have a choke hold on the internet – but humans aren’t evenly distributed geographically.

Especially as the theoretical maximum bandwidth of one fibre is about the same as the entire radio spectrum. And the point about routing table size and complexity is a very good one, especially as it’s assumed that the routers aren’t CRS-1s but rather Linksys fifty quidders or mobile phones.

However, one thing the liberation technologists should take away from the riots is that you shouldn’t get hung up on bandwidth. It’s great to be able to post the photos on Flickr, but it’s more useful to have your own secure voice and messaging. When the Egyptian government relented on its GSM cut-off, the Egyptian Twitter feeds lit up with calls for more people to this or that exit of Tahrir Square or medical supplies to the clinic or (and I remember this) that a lost child was waiting at the press tent.

It was what NANOG users would call operational content. There was of course no need whatsoever for it to go via a Bay Area website – all Twitter provided was the one-to-many element, very important, and the publicity on the Web. The latter is a nice-to-have feature, the former, critical. Text, or even voice, is not a high bandwidth application and doesn’t necessarily need access to the global Internet.

So yes – perhaps there is in fact quite a bit of angular momentum to be had in a mobile mesh-WLAN client as an instrument of democracy, as long as you’re willing to accept that it’s not the sort of thing that can be exclusive to people who agree with you. But then, that’s the test of whether or not you actually believe in democracy.

Something else, between Charlie’s USENIX talk and the riots. Isn’t one of the biggest disappointments, from a police point of view, the performance of CCTV? No doubt it will help put some of the rioters in jail. But it didn’t prevent the riots and neither did it seem to help quell them much. It’s possible that the whole idea that potential surveillance (like the original panopticon) is a policing influence isn’t as strong as it’s made out to be.

Another point; not all crimes are punished or even taken notice of. This is obvious. Less obvious is that the degree to which the police ignore crime is an important political fact. Is it possible that CCTV, by forcing them to make at least a token response to everything that passes in camera range, actually contributed to using up the police strength? In a riot, the police aim is to demonstrate public, mass control. They are usually willing to ignore quite a lot of individual criminality in the process. It’s possible that surveillance culture and technology are opposed to strategy.

technique of generalised mayhem without any particular direction

Over at Stable & Principled, I’ve been blogging about running out of policemen and how the Prime Minister doesn’t seem to have any thoughts at all that weren’t adequate-ish newspaper columns from about 2004. But how did we get to the stage of using up the Met and most of the wider police forces’ reserves of manpower just like that? This isn’t a “What does it all mean?” post, although inevitably we’ll have one of them for you as well. It’s more like a “How does it all work?” post.

In all, 2,347 people have been arrested nationally. This is only a rough lower bound on the numbers of people involved, as obviously not everyone got caught and some of the people arrested are innocent. At an arrest rate of one in 10, that would give a total of 23,000. 51% of the arrests were in London, or to be precise the Met’s area of operations, which gives us the answer to one question at least – the police eventually quelled the riot by outnumbering the rioters, 16,000 cops versus an estimated 11,500 rioters. Obviously if you pick a different arrest rate fudge factor you’ll get a different answer, but then at least we’re using a model of sorts.

It’s certainly interesting, though, that a fairly small crowd was able to exhaust the policing resources of most of the UK. If the 23,000 rioters had shown up in central London to march on Whitehall, even assuming they were willing to be as troublesome and violent as they were elsewhere, I think the Met would have handled it without breaking sweat and certainly without needing to summon the South Wales force as mutual aid. Even the most hayseed British police forces deal with crowds of 23,000 young men reputed to be ready for violence, every weekend, quite commonly several at the same time, without very much happening. They are lower division football matches. And to be frank, a 23,000 strong national demo is disappointing.

So what’s up? One point is dispersion vs. concentration. Demonstrators want to occupy symbolic space and show their organisation by the very fact they could concentrate all these people. Casuals want to duff up the other mob. Therefore, the police problem is to either prevent them from getting to Parliament Square or the match, or else keep them segregated from other people while they are there. The police are on the tactical defensive, but the strategic offensive – if they stick it out they win.

Obviously, the demonstrators (or thugs) can’t counter this by dispersing because that would defeat the point. They have to come to the Bill, and the Bill can then canalise them. Kettling is the ultimate expression of this thinking.

If the police have to look for the crowd, though, this is obviously going to be a much more labour-intensive exercise. You can’t kettle several dozen groups of ten or so people spread over a dozen streets – the idea is absurd. You have to go looking for them. That in turn conditions what the crowd can do – it can’t stage a classic mass demonstration – and favours people who are willing to just randomly destroy stuff that happens to be undefended, while the traditional mass demo favours a show of what you might call subversive respectability. The slow march of the Zulus, if you like.

Another important point was that there was no key identity-group here – it wasn’t aligned with any one ethnic or religious group or geography and wasn’t even totally young, and it didn’t explicitly identify with a class either. Therefore, anyone who felt like it could join in, and did. This obviously helped it go national and also made a traditional (since the 80s) police tactic more difficult. How do you call community leaders to ask everyone to go home if you can’t identify the community? From the other direction, how do you negotiate with authority if you can’t identify a community?

(This is of course the final problem with the Big Society – its only organising principle is that it’s a society and apparently it’s big.)

I wonder if a lot of the violence was driven by the fact anyone could turn up, and therefore the only way to demonstrate that you really were one of the gang rather than a do-gooder or a fink or just some random spectator was to do something obviously illegal.

Also, did this kind of riot drop in between the classic modes of British policing? If someone commits a crime, there’s investigative policing, if it’s the right kind of crime and the right kind of victim. If the Chartists are marching on Westminster, line up on Westminster Bridge with shields and big sticks. And of course there’s community policing if there’s time between the other two for some cups of tea and old ladies, etc.

Investigation was rather irrelevant while it was going on, although of course it’s not any more. And the heavy mob couldn’t draw a shield wall around every shop in London. Neither could they find enough bodies to kettle every group of rioters, or find enough rioters in one place to kettle. It does look like the December 2010 student riots were a tactical learning-experience for a lot of people.

Finally, those BlackBerries. Not much to say here, except that the most important feature involved seems to have been the fact that BBM is multicast. You can message groups rather than only individuals. There are apps that let you emulate this with SMS, although the reply will only go to you.

As a general rule, BlackBerry Enterprise Server traffic should be hard to do anything to as the server, typically hosted by an organisation for its own purposes, generates its encryption keys when it’s set up. It’s not anything RIM or your operator has to know about. But this is of limited relevance – plenty of people run their own mail servers, but I’ve never heard of anyone who self hosts BlackBerry. The BlackBerry Internet Service, which is hosted by operators, certainly can be monitored by the operator as they own the server. UK operators would be covered by the Regulation of Investigatory Powers Act and might have to hand over logs from the BIS servers.

I don’t know, however, if the BIS machine archives the content of what passes through it (which isn’t required by RIPA anyway). Obviously, the traffic-analysis data of who messages who and when is potentially revealing.

From a network point of view, though, I doubt if snooping on the traffic in transit would be very useful. You’d know that someone was using a BlackBerry, as it would be opening Packet Data Profile connections through the network and querying the BlackBerry network DNS. But as they monitor messaging all the time, that isn’t very useful information. Certainly nothing as useful as the BIS server log.