Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA

Vinayak Hegde <vinayakh@gmail.com> Fri, 06 September 2013 03:37 UTC

Return-Path: <vinayakh@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C89D11E8230 for <ietf@ietfa.amsl.com>; Thu, 5 Sep 2013 20:37:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Dd15PRCy3szM for <ietf@ietfa.amsl.com>; Thu, 5 Sep 2013 20:37:20 -0700 (PDT)
Received: from mail-pb0-x234.google.com (mail-pb0-x234.google.com [IPv6:2607:f8b0:400e:c01::234]) by ietfa.amsl.com (Postfix) with ESMTP id 6714E21E81A0 for <ietf@ietf.org>; Thu, 5 Sep 2013 20:37:20 -0700 (PDT)
Received: by mail-pb0-f52.google.com with SMTP id wz12so2633020pbc.39 for <ietf@ietf.org>; Thu, 05 Sep 2013 20:37:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Nje85vx+BY/YCn2US3x5q9poK+ew/xU1Fnlxip0JVdI=; b=ob8Aq1yHwoYN45oBHT+1F8QuJrbztkiKp4K8inaFk5RuMnbVMnp1oIPfN69VB+l2yg 16i1NpwoVZGUDnnHXwJk2/WseTuRIyT1LTgJE56u3QnKCabiG6es8zePH6DFB14/DN3w LjQ4sxWC/VQVIxtqOEBgR5p6dW5ezzWxm0qA3ZZE+eR7FX60g+NyxX27njFSKYZdtOi8 vJ0dF79I4v0HAOgq+gJULi6KYQelGc/j3rxc+/6sjNAc4hOyPBZWCdoLqWvIPcZtiXOb 1dE07JL3RYY3/KImH2673l64dmWs8GwG7qLKf01YAUZ9/FAc4cuVqfG0Eyy2v+gfrb4x BMVA==
MIME-Version: 1.0
X-Received: by 10.66.144.73 with SMTP id sk9mr965853pab.172.1378438640048; Thu, 05 Sep 2013 20:37:20 -0700 (PDT)
Received: by 10.66.161.101 with HTTP; Thu, 5 Sep 2013 20:37:19 -0700 (PDT)
In-Reply-To: <CAKe6YvMZmAUog1tNHZ8mX61vBsALj+bw6gbM9V5EdQSLva4nJQ@mail.gmail.com>
References: <5F053C0B-4678-4680-A8BF-62FF282ADDCE@softarmor.com> <alpine.BSF.2.00.1309051743130.47262@hiroshima.bogus.com> <52293197.1060809@gmail.com> <CAMm+LwjdN478yyU=J7=GTpQxqtdgP8wtdEtna50X+WtA-bV3hg@mail.gmail.com> <CAKe6YvMZmAUog1tNHZ8mX61vBsALj+bw6gbM9V5EdQSLva4nJQ@mail.gmail.com>
Date: Fri, 06 Sep 2013 09:07:19 +0530
Message-ID: <CAKe6YvO8L35FyGcYjVs5aFcohdfqdAxPJOShkQ=Mt5c=sOU9yA@mail.gmail.com>
Subject: Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA
From: Vinayak Hegde <vinayakh@gmail.com>
To: Phillip Hallam-Baker <hallam@gmail.com>
Content-Type: multipart/alternative; boundary="047d7b5d9d2b7c225404e5aec189"
Cc: Dean Willis <dean.willis@softarmor.com>, "ietf@ietf.org Discussion" <ietf@ietf.org>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Sep 2013 03:37:25 -0000

On Fri, Sep 6, 2013 at 9:02 AM, Vinayak Hegde <vinayakh@gmail.com> wrote:

> On Fri, Sep 6, 2013 at 8:41 AM, Phillip Hallam-Baker <hallam@gmail.com>wrote:
>
>>
>> On Thu, Sep 5, 2013 at 9:36 PM, Brian E Carpenter <
>> brian.e.carpenter@gmail.com> wrote:
>>
>>> I'm sorry, I don't detect the emergency.
>>>
>>> I'm not saying there's no issue or no work to do, but what's new about
>>> any of this?
>>
>>
>> As I have suggested to several people, we can turn lemons into lemonade.
>>
>
> While it is nice to do a dedication of this meeting to the SA
> surveillance, I do not see us solving any issue here. It is merely a
> "feel-good" measure without real impact.
>
> First, the IETF always had a bias for action. We always respect "rough
> consensus and running code". So far I have not seen not I-Ds and drafts to
> fix the privacy and encryption issues on this thread.
>
> Second, technology can never fix what is essentially a political problem.
> for eg. We mandate strong security protocols and end-to-end encryption in
> HTTP(S) by default. Lets assume all browsers implement this and do this
> perfectly without software flaws. All the NSA has to do is to compromise
> the other endpoint (controlled by ACME major corp). ACME gives over the
> encryption keys and access to all the unencrypted data to the NSA. So now
> what are we going to do. The IETF can make an political statement by taking
> a stand but that may mean nothing in reality when the laws are weak.
> Another example is when you have encrypted your drive and do not want to
> hand over the keys as it has some personal (and possibly incriminating
> evidence). In several countries you can be held in jail indefinitely (with
> obvious renewals of sentences) until you hand the keys over[1]. So in
> summary, technology cannot solve political and legal issues. At best it can
> make it harder. But in this case maybe not even that.
>
> -- Vinayak
> 1. http://www.infoq.com/presentations/HTTP-Performance by Poul
> Henning-Kamp
>

Also when people talk about NSA surveillance, they often talk about servers
and PCs which serve as endpoints. The NSA seems to have figured out that
the weaker points are in the intermediate routers and bugs in the
software[1]. If anything, network engineers and operations should update
their software more regularly[1].

-- Vinayak
1. http://www.wired.com/threatlevel/2013/09/nsa-router-hacking/