% METHOD: Something in the Middle Maybe (SitMM)

% REMEMBER: In the sexist and militarized language of computer security a "man in the middle" attack refers to a kind of surveillance where an attacker relays and possibly alters the communications of two peers that believe they are communicating directly to each other. These peers may or may not be human.

% WHAT: SitMM allows the Software Curious Person to observe the network connections that your software makes to the outside world. Software running in an isolated device might be powerful, but when the device is networked it becomes a peer in a wilderness of millions of agencies, some benign, some less so. It is in the network that machines touch, fluctuate, and penetrate each other in a promiscuous non-stop bath of data packets, some real, some spoofed.

% HOW: SitMM takes a closer look at the network traffic coming from/going to a software curious person's device. The Software Curious Person using SitMM may start the sniffer functionality with a single click of a button, perform the interaction with the device that they wish to observe and SitMM will issue a report at the end of that interaction.

% WHEN:
% WHO: - 

The Software Curious Person gets to observe their own traffic. Ideally, observing ones own network traffic should be available to anyone, but using such software may be deemed illegal in some jurisdictions.

For example, in the US, Wiretap Law limits packet-sniffing to parties that own the network that is being sniffed. Alternatively the party that sniffs the network must have consent from communicating parties. Section 18 U.S. Code § 2511 (2) (a) (i) says:

> It shall not be unlawful ... to intercept ... while engaged in any activity
> which is a necessary incident to the rendition of his service or to the protection
> of the rights or property of the provider of that service

See here for a [paper](http://spot.colorado.edu/~sicker/publications/issues.pdf) on the topic.

It is no surprise that Google went on a big legal spree to defend their right to capture unencrypted wireless traffic with Google StreetView cars. The courts were concerned about wiretapping and infringements on the privacy of users, and not with the leveraging of private and public WiFi infrastructure for the gain of a for-profit company. The case raises hard questions about state, corporate, and individual claims on the use of information, and the material reality of WiFi signals. So, while WiFi sniffing is common and the tools like SitMM are widely available, it is not always possible for Software Curious Persons to use them legally or to neatly filter out the network "traffic" of one specific individual from that of "others", as networks often act as carriers to the interactions of many people.

% WHEN: SitMM can be used any time a Software Curious Person might suspect that their software is connecting to external parties, perhaps by "calling home", the name for when a piece of software contacts its manufacturer to gather usage metrics or device details that they might be collecting illegitimately. For example untill 2014, when a user first signed up to WhatsApp the entire list of contacts in the user's phone was sent to WhatsApp servers, which allowed WhatsApp the company to build the largest (but invisible) social network in the world. At the time, it's network was bigger even than Facebook's.

% WHY: SitMM is intended to be a tool that gives artists, designers, and educators an easy to use custom WiFi router to work with networks and explore the aspects of our daily communications that are exposed when we use WiFi. The goal is to use the output to encourage open discussions about how we use our devices online.

% URGENCY: "Something in the Middle Maybe" wants to be a *sousveillance* software with various goals. Perhaps the most important goal is to demilitarize and emasculate the language of computer security. By introducing gender-neutral terminology and ambiguity, SitMM brings poetry where before there only was room for engineered surveillance. SitMM aims to be usable and accessible to non-experts and is meant as a working tool for artists and designers alike.

% WARNING:

% NOTE: SitMM builds on a tool called [scapy](http://www.secdev.org/projects/scapy/) to implement what is called a network packet sniffer.

% EXAMPLE: - 

% Begin snippet of the SitMM dump for one of the Software Curious Persons

Snippets of a Something In The Middle, Maybe - Report

% ---------------

UDP 192.168.42.32:53649 -> 8.8.8.8:53
TCP 192.168.42.32:49250 -> 17.253.53.208:80
TCP 192.168.42.32:49250 -> 17.253.53.208:80
TCP/HTTP 17.253.53.208:80 GET http://captive.apple.com/mDQArB9orEii/Xmql6oYqtUtn/f6xY5snMJcW8/CEm0Ioc1d0d8/9OdEOfkBOY4y.html 
TCP 192.168.42.32:49250 -> 17.253.53.208:80
TCP 192.168.42.32:49250 -> 17.253.53.208:80
TCP 192.168.42.32:49250 -> 17.253.53.208:80
UDP 192.168.42.32:63872 -> 8.8.8.8:53
UDP 192.168.42.32:61346 -> 8.8.8.8:53
...
TCP 192.168.42.32:49260 -> 17.134.127.97:443
TCP 192.168.42.32:49260 -> 17.134.127.97:443
TCP 192.168.42.32:49260 -> 17.134.127.97:443
TCP 192.168.42.32:49260 -> 17.134.127.97:443
TCP 192.168.42.32:49260 -> 17.134.127.97:443
TCP 192.168.42.32:49260 -> 17.134.127.97:443
TCP 192.168.42.32:49260 -> 17.134.127.97:443

##################################################
Destination Address: 17.253.53.208
Destination Name:    nlams2-vip-bx-008.aaplimg.com

Port: Connection Count
  80:    6

##################################################
Destination Address: 17.134.127.79
Destination Name:    unknown

Port: Connection Count
 443:    2
##################################################
Destination Address: 17.248.145.76
Destination Name:    unknown

Port: Connection Count
 443:   16

% SRCCODE:

% SOURCE: https://github.com/AlternativeLearningTank/SomethingInTheMiddle/


% RELATESTO:
% SOURCE: *SitMM* emerges from the itinerating practice of Luis Rodil-Fernandez, crossed with those of Jogi Hofmueller, BalkonTactics and the Alternative Learning Tank. *SitMM* is deeply indebted to projects that have served as inpiration such as [Dowse](http://dowse.equipment/), [alt.exit](http://alternativelearningtank.net/) and the [NetAidKit](https://netaidkit.net/). http://observatory.constantvzw.org/SomethingInTheMiddle/