Re: [105attendees] (re. plenary) measuring privacy, trusting devices and verifiability

Robert Moskowitz <rgm@labs.htt-consult.com> Wed, 24 July 2019 22:51 UTC

Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: 105attendees@ietfa.amsl.com
Delivered-To: 105attendees@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BB745120110 for <105attendees@ietfa.amsl.com>; Wed, 24 Jul 2019 15:51:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GodxSUuwDIwb for <105attendees@ietfa.amsl.com>; Wed, 24 Jul 2019 15:51:20 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B4021200FD for <105attendees@ietf.org>; Wed, 24 Jul 2019 15:51:20 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 484C160945; Wed, 24 Jul 2019 18:51:18 -0400 (EDT)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id zT+qEqi22eL2; Wed, 24 Jul 2019 18:51:10 -0400 (EDT)
Received: from lx140e.htt-consult.com (dhcp-914c.meeting.ietf.org [31.133.145.76]) (using TLSv1.2 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id D68F8607A5; Wed, 24 Jul 2019 18:51:07 -0400 (EDT)
To: David Lamparter <equinox@diac24.net>, 105attendees@ietf.org
References: <20190724224051.GQ258193@eidolon.nox.tf>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
Message-ID: <b96b553d-1938-6da5-56bb-1fa74b761b72@labs.htt-consult.com>
Date: Wed, 24 Jul 2019 18:51:02 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <20190724224051.GQ258193@eidolon.nox.tf>
Content-Type: multipart/alternative; boundary="------------DF831D6601EED67C149069DB"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/105attendees/yVi7qBlBWL0P6V1xAjTaZnlaFbM>
Subject: Re: [105attendees] (re. plenary) measuring privacy, trusting devices and verifiability
X-BeenThere: 105attendees@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Mailing list of all 105 attendees for official communication <105attendees.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/105attendees>, <mailto:105attendees-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/105attendees/>
List-Post: <mailto:105attendees@ietf.org>
List-Help: <mailto:105attendees-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/105attendees>, <mailto:105attendees-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2019 22:51:24 -0000

Caveat.

You no longer have control of the IoT in your life.

Utility smart meters
Cars

for starters.

You want water efficient washers?  Buy NOW before they all are connected 
IoT.
Do you use heating oil?  Select your provider carefully.  They are 
putting IoT in your fuel tank.

I know things about that AMI on my electric line.  I could have opted 
out, maybe.

On 7/24/19 6:40 PM, David Lamparter wrote:
> Hi all,
> (enter den of the lion)
>
>
> I find this discussion about measuring privacy, IoT devices and
> end-to-end encryption mildly hilarious and somewhat alarming.
>
> The /only/ situation where I will trust (and recommend others to trust)
> any device is when I have the ability to build and compare the code that
> runs on it.  I normally would want to be able to change it too, but
> comparing is enough.  We have reproducible builds these days, so we can
> even compare the resulting binary.
>
> And this goes all the way down to the hardware.  I'm only going to trust
> it if I can look at the design and compare it, even if that means
> slicing open the chip.
>
> It's not about billions of people each doing this.  It's enough that
> it's possible to do; a few people will do it and publish their results,
> and by random statistical sampling each of the billions of people can
> look at the maybe 10 people who did it, and make their *individual*
> decision to trust or not.
>
> In most cases this means open source, you can get into a discussion
> about signed binaries / inability to modify here, but it doesn't matter
> as the point relevant here is verifiability.
>
> And with that in mind, the only question I ponder is "what's the time
> span to FOSS availability on <buzzword>."  If you want to throw your
> data around, be my guest and join the hype train on whatever is the
> thing du jour.  Trying to make a privacy statement about smart toilet
> paper with closed source firmware is building on sand.  You may have a
> good grasp on the sheet you wiped your a** with, but the next one's
> gonna send your data to the Martian intelligence agency.
>
> So, should we make allowances in things like TLS for the user to break
> them to do a privacy analysis?
>
> *HELL NO.*
>
> The thing to break (into) is the devices.  Not our protocols.
>
> Cheers,
>
>
> -David
>

-- 
Standard Robert Moskowitz
Owner
HTT Consulting
C:248-219-2059
F:248-968-2824
E:rgm@labs.htt-consult.com

There's no limit to what can be accomplished if it doesn't matter who 
gets the credit