13 Kinds of Internet Metadata Tracking

    Many kinds of tracks are left behind when using the Internet as network packets travel through switches, routers, and other types of electronic appliances.  With recent revelations that governments and corporations are watching the metadata network traffic of individuals, some knowledge of what this metadata is could benefit a more meaningful discussion of the issues involved concerning the collection of this metadata.

    A packet is a small electronic package of information that is sent as a unit across the Internet.  Packet sizes vary greatly and can be dynamic depending upon hardware and protocols, but a sample standard is the 1,500 byte maximum size for the Ethernet technology.  The amount of text in this paragraph can roughly be compared to the size of a single packet.  A network connection is broken down into numerous packets for transmission across the Internet.  Even access to a simple, almost empty, web page with Hypertext Transfer Protocol (HTTP) can consist of approximately 50 network packets.

    A packet contains data and metadata.  For the imaginary packet that contains the above paragraph, the data is the paragraph, itself.  The metadata in this imaginary packet is data about the data.  An example of metadata for the imaginary packet containing the above paragraph is that its length is 523 characters (counting the opening tab character and spaces).  Other examples of metadata for Internet packets are the source and destination of the packet, the type of protocol that is being used to send the packet, and the time the packet is being sent across the network.  Sometimes the data part of a packet is called the content.

    Some metadata and evidence of network activity are created before a network packet is formed, even before a computer is turned on, leading into the first of 13 kinds of Internet metadata tracks:

    1. MAC Address Tracks.  A MAC address is an online serial number for the hardware being used to connect to the Internet.  MAC stands for Media Access Control and is a unique hexadecimal number that identifies the manufacturer and item.  MAC addresses are usually shown in the form 00:00:00:00:00:00 or 00-00-00-00-00-00.  MAC addresses are assigned to the subunits on a computer that make the network connections, meaning that a computer can have multiple MAC addresses, say one for a wired connection and another one for a wireless connection.

    A MAC address is determined when a piece of hardware is produced and thus exists before a computer is even turned on.  One of the purposes of a MAC address is to identify computers from each other that are on the same local network, meaning computers that are attached to the same modem, switch, or router.  This would typically be within a home, or within an office.  Many switches and routers keep logs of these MAC address connections.  Although MAC addresses are used on local networks, records of their use can be propagated beyond the local network, meaning that not only can someone often tell that you are connected to the Internet, but that your network connection can be traced to the exact computer that you are using to connect.

    A computer’s hostname is similar to a MAC address but is not used as much in tracing network usage.  A hostname is the name given to a computer by a user when a new computer is set up.

    2.  IP Address Tracks.  An IP address is a network address that is used to communicate across long distances of the Internet.  IP stands for Internet Protocol and an IP address is like a postal address that tells switches and routers on the Internet where to send network packets.  In the United States, IP addresses are typically designated by a grouping of four three-digit numbers, such as 000.000.000.000.  74.125.224.72 is an IP address for Google, for example.  IP addresses can be static or dynamic.  A static IP address is set by your Local Area Network (LAN) administrator and is entered into the configuration (such as the Control Panel) of your computer.  IP addresses are sent long distances across the Internet and can be used to determine general (sometimes specific) locations of network connection endpoints.  With an IP address and access to local logs, someone can determine to some extent your location and (with the MAC address) what hardware you used.

    3.  DNS log Tracks.  Domain names make it easier to navigate the Internet than IP addresses.  The domain name google.com, for example, is easier to remember than 74.125.224.72.  Domain Name System (DNS) appliances keep logs of translations between domain names and IP addresses.  When you access google.com, for example, a DNS appliance somewhere notes in a log, along with a timestamp, that you asked for the IP address of Google.  (An appliance is, generally speaking, a computer dedicated to a specialized task.)

    4.  DHCP Log Tracks.  If a computer is configured to use dynamic IP addresses, then the computer dynamically obtains an IP address each time that it first connects to a network.  The dynamic IP address is assigned by a network appliance using the Dynamic Host Configuration Protocol (DHCP).  DHCP assignments and timestamps can be logged so that match-ups can later be made between IP addresses and the MAC addresses of the computers using them at specific times.  So, even if your computer is changing IP addresses via DHCP, Internet connections can still be traced back to you when this logging is enabled.

    5.  Username Tracks.  In addition to the username that you log on with, your computer also has a host name that someone gave the computer when the operating system was installed.  While these names normally stay locally on a computer, they can be sent across the Internet.  Computer logs normally exist on a computer of login times of individual users.

    6.  Active Directory (AD) Log Tracks.  Organizations manage local networks with systems such as Microsoft’s Active Directory, which keeps logs such as when computers are on the network and when users log on and off.

    7.  Wireless Log Tracks.  Anytime that you log on to a wireless access point, such as at home, work, or a coffee shop, logs may be kept of the MAC address of your computer and when you were logged on.  Virtual Private Network (VPN) logs with timestamps are also normally kept when you use a VPN to log on to wireless or wired networks.

    8.  Firewall Log Tracks.  Firewalls prevent unwanted network traffic and are generally of two types:  host and network.  Host firewalls are on a computer itself, and any host firewall logs are normally kept on the same computer where the firewall is running, but can be sent in real time to other locations.  Network firewalls are located at borders between subnets, for example between a company’s network and the rest of the Internet.  When you access a company’s web site, you are probably going through that company’s firewall before accessing that company’s web site.  You may be going through three firewalls:  one at that company’s border with the internet, one at that company’s border with its data center, and one on that company’s server which is providing the web site that you are accessing.

    IP addresses are subdivided into ports so that multiple network connections, or services, can be made by a single computer at the same time.  Your computer can check your email at the same time as you browse the World Wide Web (WWW), for example.  Ports are numbered and many ports also have service names.  Port 80 is usually assigned to the HTTP service.  Port 25 is usually assigned to the Simple Mail Transfer Protocol (SMTP) service.  There are 65,536 port numbers.  Firewall logs keep track of port numbers as well as IP addresses.  The service being used can often be determined by the port number.

    Network traffic also consists of various types of protocols, such as Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), which, like ports, can indicate the kind of network transmissions that are occurring.

    Firewalls may only be logging suspicious network traffic that indicate possible attacks on their systems, or they could be logging all activity that passes through the firewall.  Timestamps are included in the logs.

    9.  Intrusion Detection System (IDS) Tracks.  Many organizations have IDS in addition to firewalls.  Generally speaking, while a firewall can log metadata from network packets, IDS can go deeper and look inside the packets for indications of malicious network intrusions (or other things).  These entire packets, both data and metadata, can then be logged, including timestamps.

    10.  Web Log Tracks.  Web sites can keep logs with timestamps of all of the web pages that an IP address accesses along with any information sent to that web site.  A cookie is just a number or phrase that a web site sends back and forth to a computer in order to keep track of multiple accesses to the web site.  These cookies are kept by the web site in a log or database.  A referral field is information sent to a web site that indicates the previous web site that you were just on.  This way webmasters can keep track of how users get to their web sites.

    11.  Expanded Email Header Tracks.  The email headers that you normally see include To, From, Time, Subject, and Date, but there is a lot more information in email headers than what is normally shown.  This additional information is commonly called expanded email header information and can be accessed in various ways depending upon the software that you are using to read your emails.  (Do a Google or other search on expanded email header for information on how to look at this additional information.)  The information in expanded email headers can be used to trace the origins of emails via IP addresses.  Looking at this process in reverse, it means that other people can trace your emails back to you.  Sometimes the trace goes all of the way back to the computer used to originate the email; other times the trace only goes back to the server from which the email originated.

    12.  Net Flow Tracks.  Net flow data is voluminous metadata information produced by routers and switches that includes information about every network packet.  It can be summarized over time in ways such as how many times each local computer accessed each remote computer out on the Internet.  For a large organization this could be a database of 1 billion or more network packet records per day, thus it is an expensive endeavor to keep track of all of this data.  Most organizations probably do not keep track of all of this data, but the possibility exists that this information is being collected.

    13.  Internet Service Provider (ISP) Tracks.  The ISP is the company that you connect to the Internet with.  This could be the telephone company, the cable TV company, or a company that specializes in Internet networking.  Since all of your Internet traffic goes through your ISP, all of your packets can be seen by them--kind of like a telephone man having the capability of being able to listen to your landline telephone calls from the line on a telephone pole.  Also, anyone can trace any IP address to the corresponding ISP simply by doing a whois browser search.

Examples of Internet Tracks

    Suppose that you send an email to a friend about a political issue and your friend replies by email recommending a blog post on the subject of your discussion.  If all device logging was turned on, what tracks have you left?

•     Your MAC address (#1) was sent to at least the next network device on the way to the first email server.
•     Your IP address (#2) was sent in the packets at least as far as the first email server.  Then, it is sent in the email extended header to the recipient of the email.
•     A log entry was made in your DNS server (#3) that you were looking up the IP address of the email server.
•     If you were using a dynamic IP address, then a log entry was made tying your IP address to the MAC address of your computer in a DHCP server (#4).
•     Your computer logged your username (#5) when you logged on and your name was passed in the email header along with your From email address.
•     If you were using a work computer, then your (and your computer) login times were recorded in your employer’s Active Directory logs (#6).
•     If you were using a wireless access point, at work, say, or in a coffee shop, then your MAC address and IP address was stored in the wireless logs (#7).  If you used a Virtual Private Network (VPN), say to get a private connection to work before sending the email, then the VPN server logged your IP address and MAC address.
•     If any firewalls were between your computer and the email server, then the source and destination IP addresses, ports, and protocols, were logged by the firewalls (#8).
•     If an IDS was protecting the email server, then your entire transmission could have been saved by the IDS (#9).  If your email was not encrypted, then your email could have been read by whoever has access to the IDS.
•     All of the routers and switches between your computer and the email server would have kept track of the source and destination IP addresses, ports, protocols, and how many packets were sent (#12).
•     Anyone with access to your IP address could look up your Internet Service Provider (ISP).  Your ISP could look at all of your packets (#13).
•     If your friend is using a different email server than you are, then extended email header information is forwarded from your email server to the recipient’s email server (#11) and then on to the recipient’s computer.

    Suppose that your friend replies and recommends a blog.  The blog has an advertisement for a book which looks interesting and you click on the advertisement which redirects you to a vendor’s web site which is selling the book.  What tracks have you left going to the vendor’s web site?

•     Your MAC address (#1) was sent at least as far as the next hop in the network on the way to the vendor’s web site.
•     Your IP address (#2) was sent through the Internet to the vendor’s web site.
•     A log entry was made in your DNS server (#3) that you were looking up the IP address of the vendor’s web site.
•     If you were using a dynamic IP address, then the DHCP server (#4) logged your MAC address and IP address.
•     Your computer has a log that you were logged on at the time (#5).
•     If you were at work, your (and your computer’s) login times were recorded by your employer (#6) with Active Directory.
•     If you were using a wireless access point and/or a VPN, your IP address and MAC address were logged by those devices (#7).
•     Firewalls between your computer and the vendor’s web server logged your IP addresses and ports and the protocol used (#8).
•     IDSs between your computer and the vendor’s web server could have saved all of the network packets (#9).
•     The vendor’s web server logged your IP address, all of the web pages that you accessed, and all information that you sent to the web site, including the book that you were interested in (#10).  The vendor’s web site also knows which blog contained the advertisement that you clicked on in order to get to the vendor’s web site.  By exchanging cookies with your computer, the vendor’s web site also knows that it is you the next time that you access their web site.
•     All of the routers and switches between your computer and the vendor’s web server logged your IP addresses, ports, protocols used, and how many network packets were sent (#12).
•     The vendor’s web site can determine your ISP, and your ISP can see all of the network packets that went to the vendor’s web site (#13).

    The logs mentioned above are located on various computers, servers, and appliances, but they can be centralized on log servers, which are computers dedicated to receiving logs from various other locations and centralizing logs in one place, making the job of log analysis more efficient.

Conclusion

    Many kinds of tracks are left behind when using the Internet as network packets travel through switches, routers, and other types of electronic appliances.  Some 13 types of them were noted here.  Others also exist.  With recent revelations that governments and corporations are watching the metadata network traffic of individuals, some knowledge of what this metadata is could benefit a more meaningful discussion of the issues involved concerning the collection of this metadata.

Like muddy footprints,
Internet metadata
Shows where you have been.

Suggested Comments:
What other types of metadata tracking are there?

The Three Visceral Republican Hatreds

    Three visceral hatreds stand out after many years of shift work with Republican workers.  These three hatreds are what the workers in these jobs talked about hour after hour, day after day, year after year during business hours, evening shifts, and graveyards.  They were like a magic handshake into a meditative comfort zone for them.

    You have to have something to talk about to while away the hours at work.  Although talking about sports can take you pretty far, conversations generally start in or drift into one of these three areas of hatred.  This was not immediately obvious, and took a number of years to recognize.  Certainly other topics came up, and not all conversations were hateful, but personal experience showed that a chronic pattern emerged.  These three things consistently came up in conversations to pass the time.

    Liberals are not one of these three targets of hatred because liberalism is not ancient enough to qualify as a visceral topic.  The three visceral hatreds apparently originated many thousands of years ago even though they are playing a part in current politics.  However, they do relate indirectly to hating liberalism.  In the current context, the word visceral relates to our viscera or guts and visceral hatred means hatred without thought, in other words, instinctual hatred.  The discussion below will have some unpleasant concepts, but these concepts need to be addressed in order recognize and address the GOP hatred problem:  name it to defeat it.  In order to follow the discussion below, it is necessary to give up on the ideas that gut feelings and follow your instincts are necessarily good things.  It is time for rational thought to take over from visceral feelings.  (See Instinct vs. Intellect.)

    The three visceral hatreds do not apply to all Republicans, but they apply to enough Republicans to make these hatreds significant in the campaigning and in the running of government that is associated with Republicans.  The catering to these hatreds results in the manipulation of voters.  It also results in shallow thought towards deep policy issues.

    Labeling is important, and here is a story to begin a discussion on labeling.  A new young light-skinned union worker in a rural flat area was involved in an incident that required a visit by a team of urban investigators.  The young worker became quite upset after being called a hillbilly by one of the investigators.  The insult did not make any literal sense, because there were no hills around; if you wanted to insult these workers, redneck would have been a more appropriate attempt.  This insult showed the ignorance of the investigator.  Not that there is anything wrong with being a hillbilly.  The older local workers assured the young one that an insult is only an insult if you take it that way:  if people think you are a redneck, be proud of it and try to turn the slur into a compliment. 

    The above strategy does not work for all types of pejoratives because of the concept called privilege.  The young worker had the privilege of being male, light-skinned, and a union worker.  He could speak out without fear of significant retribution and the investigator was probably later (lightly) reprimanded for using the slur.  A characteristic of privilege in the discussions below is that many people who have privilege do not know that they have it:  if you are born with it, it is a natural part of your surroundings, kind of like the young fish who asks, What is water?  Women, gays, and persons of darker skin do not have the same level of privilege of being able to ignore and stand up to slurs used against them without significant likelihood of retribution.

    With all of that preparation out of the way, here are the three primary visceral Republican hatreds:

    1.  Misogyny.  Hatred of women, with the main topic of discussion often being the latest divorce that someone is getting.   The conversation usually goes quickly to support payments.  Often, you’ll hear I’ll do anything for my kids, except you don’t hear things like respect their mother or gladly pay their support.  How is misogyny visceral?  Apparently for many men procreation is a violent act, a conquest, an assertion of dominance.  This appears to be the case with many animals, as well, supporting the idea of an evolutionary advantage for this attitude.  Generally speaking, women create life and men take it (such as in hunting or fighting in a war).  For many men, procreation is an act of violence that results in new life being created in a woman.

    Misogyny is used in the visceral Republican’s family and male social life as a reverse role model and a motivational tool.  It is used as a reverse role model by depicting girls as having negative attributes and advising boys to not be like girls, such as you big pussy and you run like a girl.  It is used as a motivational tool in a similar way, such as fight like a man and boys don’t cry.

    Misogyny is often a love-hate relationship because you can’t live with them and you can’t live without them.  This creates the interesting situation of these men being intermixed with the people they hate, so they must sometimes disguise their hatred by being politically correct.  The term politically correct apparently comes from authoritarian governments where it is illegal to speak against the government--thus, anything politically correct is the official government line and is safe to say.  Since the US is not authoritarian, the use of the phrase politically correct in reference to US issues does not apply in the same way.  This phrase was briefly used humorously and is now a pejorative.  It basically means, I could be polite, but instead I’m going to be hateful and call it "political correctness."

    Republican leaders take advantage of misogyny by such things as voting against the fair pay act for women, blaming women for rapes, legislating against abortions, reducing Women, Infants, and Children (WIC) funding, and reducing funding for women’s health issues.  Each of these issues can be rationalized, but as a group they cater to the misogyny of visceral Republicans.  The GOP has some women leaders, but this does not translate into support for women, because the women GOP leaders as a group take positions, like those above, that feed misogyny to their visceral followers.  Also, an occasional overture to women, or isolated support, does not override the GOP’s chronic misogyny.

    To be politically correct in this situation is to pretend to respect women in a way that really communicates your hatred, such as something like, to be politically correct, it was all the guy’s fault, but we all know that really she was inviting trouble with those tight pants.  This statement also indicates revulsion for the political correctness of pretending to not be misogynistic.

    2. Homophobia.  Hatred (fear) of gays, with the main topic of discussion often being the dislike or making fun of other people and their gay-like behavior.  In discussions about gay men, it often involves men who were in sexual situations involving other men--for example, someone who rents a porno movie and finds out at home that it is gay porno.  For discussions about gay women, it often involves the labeling of dyke to a woman who is perceived as being unfriendly towards men.  The naive evolutionary advantage of homophobia is that homosexual activity does not reproduce (although a percentage of gays in a community arguable does have an evolutionary advantage).

    Homophobia is used in the visceral Republican’s family and social life as a reverse role model and motivational tool.  It is used as a reverse role model for such things as to teach boys not to dress frivolously, such as in bright or pastel colors, or not to act too prim.  It is used as a motivational tool in such ways as guiding behavior around other men, such as in a public restroom:  don’t look below the waist.

    Although homophobia sometimes results in violence, in many cases the homophobes tolerate friends known to be gay so long as the gays do not act out--kind of like tolerating women (and gays) so long as the women (and gays) forfeit any attempts at equal privilege.

    Republican leaders take advantage of homophobia by copping machismo attitudes in ads and government with such things as being tough on crime, belittling liberals, standing up to other nations, and supporting gun possession.  GOP Leaders often have gay family members and gays on their staffs, so it is not a matter of actually being against gays, but rather just having the appearance of being against gays.  A visceral Republican voter may admit that Republican policies hurt him financially, but he will still vote Republican because at least the Republican candidate hates qu****.

    To be politically correct in this situation is to act civil in public situations, but to harass the gays when out of public view.

    3. Racism.  Hatred (belief in inferiority) of people with other physical characteristics.  There is actually no such thing as race.  Humans are a single species and our physical differences vary on sliding scales:  we are not black or white but smooth variations of a large variety of shades.  Racism could apply to eye color or hair color as well as skin color, a seemingly arbitrary criteria.

    Racism appears to have evolutionary origins having to do with fear of outsiders.  There is evidence that this goes at least as far back as monkeys.  In ancient times, contact with outsiders was a rarer occurrence and fear of outsiders was probably a defense mechanism.  In more recent times, as contact with outsiders has become more common, fear of outsiders has become a detriment.  This is apparent with the ongoing conflicts between Jews and others, Adolf Hitler’s blonde haired blue eyed Aryans and others, eugenics, and racial conflicts in the US.

    Scientific research on racism has modest evidence that outsiders trigger a fear response for some people in the amygdala.  A sample study is here.  This is not to say that racism is inherited (see Nature AND Nurture), but that visceral reaction appears to play a part in racism.

    Racism is used in the visceral Republican’s family and social life as a reverse role model and motivational tool.  It is used as a reverse role model as depicting others as having negative attributes and advising children not to be like the others.  Persons with dark skin, as examples, are said to be lazy and Jewish people are said to be stingy.  Racism is used as a motivational tool in a similar way, such as get a job so that you don’t become a welfare queen; or slow down, you’re sweating like a n*****.

    Racism appears to be less prevalent or non-existent in situations where young children of various skin colors co-mingle, probably because of the lack of outsider status between the children.  This leads many people to claim that racism is taught and not a natural occurrence.  More likely, it is the dislike of outsiders that is natural, and dislike of skin color is influenced by whether other-skin-colored people are considered to be outsiders or not, although surely an environment where types of people are demeaned has an effect.

    Republican leaders take advantage of racism by, for example, supporting Southern and rural culture, taking stands against welfare queens, and making voting more difficult for persons with darker skin.  The Republican Party has some persons of darker skin, but these persons typically take stronger stances against other persons of darker skin, so having a person of darker skin is not the same as supporting persons of darker skin.

    To be politically correct in this situation is to call a spade a spade.  Spade in this idiom apparently originally referred to a type of shovel and meant linguistically to use simple and direct language.  In racial terms though, it apparently refers to the ace of spades as in black as the ace of spades.  It is what a racial person would consider to be a polite way (politically correct) of saying call a n***** a n*****.  Ironically, the ace of spades is traditionally seen as the highest card in a deck.

Commonalities between the Three Hatreds

    Where is the hatred against liberals?  Liberals are not included in this list because the hatred of liberalism is not visceral--it requires some thought.  In the case of women, it is usually fairly obvious when you see a woman.  With gays, it is not so much when you see a gay (how would you know offhand who someone is having sex with?), but when you see someone acting gay--but it is still a fairly obvious situation.  Dark skin is also fairly obvious.  But liberalism?  Not obvious.  You can’t have a knee-jerk reaction to something that is not readily apparent.  Maybe you can pick out a guy with long hair and assume he is liberal (not all are), but in a crowd it is normally impossible by sight to pick out the liberals from the conservatives.  With the three visceral hatreds, however, by picking out the women, gays, and persons of dark skin, you are statistically bringing into focus the liberals.

    Abraham Maslow’s self-actualization for a visceral Republican means the freedom to put down women, gays, and persons of dark skin as one is naturally wont to do.  Fighting for freedom plays naturally into this scenario by fighting women, gays, and persons of dark skin for the freedom to hate them.  Blaming the victims is natural because by hating them, I was just doing what I naturally do.  Slurs play a part in this activity by putting down the hated as does political correctness by making fun of the hatred.

    Republican leaders do not have to be misogynistic, homophobic, and/or racist themselves to take advantage of this.  All they have to do is cater to these hates in order to get the votes of the visceral voters, such as the case where a visceral working voter will vote against his own self interests because a candidate makes statements against gays.  If the Republican leaders are not really interested in misogyny, homophobia, and racism, what is it that they want?  Money.  Are they willing to pretend to be misogynistic, homophobic, and racist in order to win elections and get more money?  Yes.

    Republicans have twisted religious beliefs into supporting these hatreds:  Women should be submissive!  God hates gays!  And, somehow, that religion supports slavery.  These hatreds incorporate bullying as a political strategy:  bullying women, gays, and persons of darker skin.  The visceral Republicans are encouraged to intimidate people in these groups because it comes natural, God says so, and they are encouraged to by their Republican leaders, creating an aura of status quo privilege for homophobic, male, persons of lighter skin.

    Even though the majority of people are not Republican, the intimidation of these groups by Republicans reduces voting for non-Republicans.  It is easier for the GOP to convince a majority of male, homophobic, persons of lighter skin to vote Republican than it is to convince those people plus a majority of women, gays, and persons of darker skin, so disenfranchising the latter groups by utilizing visceral hatreds, i.e., subverting democracy, is a strategy for Republicans to win elections without majority support.

Conclusion

    Three visceral hatreds stand out after years of shift work done with Republican workers.  These three hatreds were like a magic handshake into a meditative comfort zone for them:

    Ain’t women a problem?

    Yep.

    And I hate qu****.

    Me, too!

    Not to mention them dang n******!

    Hey, we’re gonna get along just fine!

    These three hatreds are what the workers in these jobs talked about hour after hour, day after day, during business hours, evening shifts, and graveyards.  They are three passwords into the Republican inner circle where true believers can be identified.

In the GOP:
Your hates are my hates?
We can be good friends!

Suggested Comments:
What other ways do politicians use visceral hatreds to manipulate votes?

Republican Gridlock

Both sides are at fault!
Republican gridlock is
yet another ruse.

Suggested Comments:

  What are other situations where the Republicans instigate a situation and then act like both parties (or just the other party) are at fault?