IETF Logo Mail Archive

Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA

"cb.list6" <cb.list6@gmail.com> Fri, 06 September 2013 02:15 UTC

Return-Path: <cb.list6@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DB9811E8218 for <ietf@ietfa.amsl.com>; Thu, 5 Sep 2013 19:15:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=-0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NsChDDoCf6KM for <ietf@ietfa.amsl.com>; Thu, 5 Sep 2013 19:15:43 -0700 (PDT)
Received: from mail-we0-x22f.google.com (mail-we0-x22f.google.com [IPv6:2a00:1450:400c:c03::22f]) by ietfa.amsl.com (Postfix) with ESMTP id 8D66A21F9B18 for <ietf@ietf.org>; Thu, 5 Sep 2013 19:15:40 -0700 (PDT)
Received: by mail-we0-f175.google.com with SMTP id q59so2362812wes.6 for <ietf@ietf.org>; Thu, 05 Sep 2013 19:15:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=c/UZtsjKhkzmwlGrWYJbuoJR4cltQ0V11XZ/3D/efp8=; b=N6cN3Mx9IztIf/jrwSQkwVsomDgD12EpolXTg/xDHC4BawAKD6mwCL63FYNZmHjuPI e+BfT9xWUJvoGtUv4cdw4fxajqO9uuZBRrbUKcuaX8YybgluIxWAInK6bZwWIjmp6Zpq 7rWuRzhBK+lwoj58bRpt4m/dOh9cLC5ZTMqYAZEoKOyIBAn0zMIWF/8PXObBlhPH2m4j CtyIP7lfJ2JRBM+C33yF1HDvbdcAX0Kvs/jAI09QImcEze70wiicX9VnGJdjCgWh5XGq wx1ptN6zhgCNLzYqgFsD9Knvvv9ePW6BrN923xHxyOFGV3wpQoSTk6IMvP2fbKoM0Vdg hjrQ==
MIME-Version: 1.0
X-Received: by 10.194.240.197 with SMTP id wc5mr60145wjc.23.1378433734953; Thu, 05 Sep 2013 19:15:34 -0700 (PDT)
Received: by 10.217.114.137 with HTTP; Thu, 5 Sep 2013 19:15:34 -0700 (PDT)
Received: by 10.217.114.137 with HTTP; Thu, 5 Sep 2013 19:15:34 -0700 (PDT)
In-Reply-To: <5F053C0B-4678-4680-A8BF-62FF282ADDCE@softarmor.com>
References: <5F053C0B-4678-4680-A8BF-62FF282ADDCE@softarmor.com>
Date: Thu, 05 Sep 2013 19:15:34 -0700
Message-ID: <CAD6AjGTs6ORsJ-dcdwrJPSirK9mKTs1uZ1DSQSCLbRoBtMo1gw@mail.gmail.com>
Subject: Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA
From: "cb.list6" <cb.list6@gmail.com>
To: Dean Willis <dean.willis@softarmor.com>
Content-Type: multipart/alternative; boundary="089e013d19cc1e528704e5ad9dbc"
Cc: "ietf@ietf.org Discussion" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 02:15:47 -0000

On Sep 5, 2013 5:17 PM, "Dean Willis" <dean.willis@softarmor.com> wrote:
>
>
> This is bigger than the "perpass" list.
>
> I suggested that the surveillance/broken crypto challenge represents
"damage to the Internet". I'm not the only one thinking that way.
>
> I'd like to share the challenge raised by Bruce Schneier in:
>
>
http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying
>
>
> To quote:
>
> -----------
> We need to know how exactly how the NSA and other agencies are subverting
routers, switches, the internet backbone, encryption technologies and cloud
systems. I already have five stories from people like you, and I've just
started collecting. I want 50. There's safety in numbers, and this form of
civil disobedience is the moral thing to do.
>
> Two, we can design. We need to figure out how to re-engineer the internet
to prevent this kind of wholesale spying. We need new techniques to prevent
communications intermediaries from leaking private information.
>
> We can make surveillance expensive again. In particular, we need open
protocols, open implementations, open systems – these will be harder for
the NSA to subvert.
>
> The Internet Engineering Task Force, the group that defines the standards
that make the internet run, has a meeting planned for early November in
Vancouver. This group needs dedicate its next meeting to this task. This is
an emergency, and demands an emergency response.
> ------------
>
> The gauntlet is in our face. What are we going to do about it?
>
>

Is there a standards gap or an implementation gap?

All Tor, all TLS, all PGP,  all DANE all the time?

And dont forget about this
http://www.zdnet.com/nokia-hijacks-mobile-browser-traffic-decrypts-https-data-7000009655/

I like this post below, just accept the risk that there is no expectation
of privacy. The snoops have optical taps and all the private keys.  And the
T&Cs for most public email services, social networks,  maps, hospitals,
airport wifi... make it clear your data is not private.

http://www.schneier.com/blog/archives/2013/09/our_newfound_fe.html

CB

> --
> Dean Willis

v2.23.0 | Report a Bug | By Email