Re: [perpass] perpass: what next?
carlo von lynX <lynX@youfixtheinternet.psyced.org> Tue, 21 April 2015 17:00 UTC
Return-Path: <lynx@lo.psyced.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E53AC1AD36C for <perpass@ietfa.amsl.com>; Tue, 21 Apr 2015 10:00:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.79
X-Spam-Level:
X-Spam-Status: No, score=0.79 tagged_above=-999 required=5 tests=[BAYES_50=0.8, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n3VQCeE64ZYW for <perpass@ietfa.amsl.com>; Tue, 21 Apr 2015 10:00:13 -0700 (PDT)
Received: from lo.psyced.org (lost.in.psyced.org [188.40.42.221]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43FB81AD374 for <perpass@ietf.org>; Tue, 21 Apr 2015 09:59:48 -0700 (PDT)
Received: from lo.psyced.org (localhost [127.0.0.1]) by lo.psyced.org (8.14.3/8.14.3/Debian-9.4) with ESMTP id t3LGxl93005632 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <perpass@ietf.org>; Tue, 21 Apr 2015 18:59:48 +0200
Received: (from lynx@localhost) by lo.psyced.org (8.14.3/8.14.3/Submit) id t3LGxltA005631 for perpass@ietf.org; Tue, 21 Apr 2015 18:59:47 +0200
Date: Tue, 21 Apr 2015 18:59:47 +0200
From: carlo von lynX <lynX@youfixtheinternet.psyced.org>
To: perpass@ietf.org
Message-ID: <20150421165947.GA3690@lo.psyced.org>
References: <5530EEAB.5050601@cs.tcd.ie> <CACsn0cn7sY8MFCumUknXfqPWqELUtLdyh55Z=av-0NSbMb3xYw@mail.gmail.com> <CAFJuDmMT9rgjLx6JhBKa9NNiNCpFeYWMxB13TMYL+g2A0JjTOg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAFJuDmMT9rgjLx6JhBKa9NNiNCpFeYWMxB13TMYL+g2A0JjTOg@mail.gmail.com>
User-Agent: Mutt/1.5.20 (2009-06-14)
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/dlFTbLelIhiGpRCuVbie95dceQI>
Subject: Re: [perpass] perpass: what next?
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Apr 2015 17:00:16 -0000
I'm so glad to hear more and more voices talk about taking 'clean slate' into serious consideration. After five years talking to walls I feel like the walls are starting to shake... On Fri, Apr 17, 2015 at 12:01:58PM -0700, Mike Liebhold wrote: > [..] My impression after Snowden et. > is that the whole stack offers up a vast exploitable attack surface. > and that IETF ought to begin _serious_ consideration of completely > new secure architectures - e.g. a secure onion/tor routed peer > internet, meshnets, blockchains for cerificated authentication ., > etc. It's a little ironic that the military, IC and black hats > already have secure p2p internets, Isn't it time for the rest of us > to enjoy the same levels of privacy and security, and *resilience*? Whoops! This is the first time I hear that some parts of the Internet already *have* the sort of architecture some research folks have been working on for over a decade now? Do you have *any* pointers about this? On Sat, Apr 18, 2015 at 12:37:46PM -0400, Adam Caudill wrote: > Email is so horribly broken, I think the entire system needs to be > replaced, but > I think it's clear that we aren't at a point where that's going to happen. That, I firmly believe, is one of the greatest fallacies in the community. Faceboogle, Whatschat and Snapapp have already proven that users do not care about the looks of their messaging app as long as it reaches their peers and possibly does so in a neater way than old-fashioned formal e-mail. I met a girl of twenty who managed to get to that age with *FIVE* addresses in her e-mail address book. The only five institutions or people she couldn't convince to use something fancier. And this girl does care about privacy.. her group meets on Telegram and uses end-to-end crypto.. but what's the point in preferring e-mail if it is completely insecure? And of course the PGP hassle is completely inacceptable. So maybe, just maybe.. instead of waiting until the population has to a large extent dropped e-mail and gone proprietary, we should come up with something that actually works. Getting people to install an app or operating systems to ship with a new messaging standard is probably not the greatest hurdle. Trying to remain backwards compatible at the expense of UX, security and popularity is the big mistake here. Just let the systems co-exist and watch how users will slowly migrate away from e-mail as they migrated away from Myspace. To you that may sound like apples and oranges, but to them it's just like giving up on Myspace. > While I, and I think many of us, would like a solution that addresses the metadata > leaking and other major issues, the changes are too radical to work within > the current system. So, if we can get to the point that we are encrypting a > higher percentage, I think that's a goal worth pursuing. We aren't going to > achieve the perfect, certainly not now, and to achieve anything, I think we are going to > have to limit our definition of good. While I want to see email as we know > it replaced with something that provides strong modern crypto, forward secrecy, > minimal metadata leaks, and all messages encrypted by default - at this > point I'd be happy if we could get the number of emails using end to end crypto > to a non-trivial number. For now, that might be the best we can actually achieve. There is no "for now" - there is no reason to wait any longer for better things. Technologies like GNUnet and RINA are waiting to get debugged, improved and be deployed. A worldwide end-to-end encrypted and anonymizing communications system is a feasible goal and focusing on anything less will make us contempt that we at least achieved *something* ... while Snowden and the NSA itself said that the metadata is the real meat that is threatening our western societies. Letting a few people decide whether there is or isn't democracy is exactly what the separation of powers (aka checks & balances) was supposed to protect us from - but with the Internet we have created a monster that makes it impossible to detect the infringement of the secrecy of communication. And the metadata collection makes the freedom of assembly a joke - it wasn't intended as a means to know exactly who is dissenting with the government. Thinking that e-mail is such a huge investment that we cannot step back from it and replace it is one of the great mistakes in thinking that the IESG could focus on correcting. Another one is the popular belief in the federation of servers as a viable architecture. Federation has failed us several times. See http://about.psyc.eu/Federation for a write-up on that. > There's been some discussion on the endymail[1] list, but there hasn't > been any real progress - I don't believe anything actionable has come out > of it so far. > > [1] https://www.ietf.org/mail-archive/web/endymail/current/maillist.html I'm still waiting for replies to my proposal. I suggested to either use the GNU Name System (GNS) or a Distributed Social Graph strategy to address the problems of keys, discovery and SPAM protection seen in traditional mail systems. I'm afraid the biggest hurdle in starting this kind of serious discussion is that the technologies needed to make *distributed* communications systems with agnostic relays (think Tor) rather than metadata-scient servers are coming from the research community that has quietly worked on these topics for several decades and is now confronting the majority of Internet experts like you and me (luckily I started looking into this 5 years ago, so I've got a little headstart) with a whole new design that hardly has anything to do with everything you have been familiar with in the past decades. No more DNS/DNSSEC/DANE, no more X.509, no need for IPv6. So much of what was achieved will remain for secondary purposes but must be obsoleted for the main objective of making humans interact. Currently I'd say http://freehaven.net/anonbib/ is the new IETF. Scientific consensus and eventually running code is the new credo. At least if we want to focus on the needs of humans, not make the net a bit more responsive (QUIC) or the browser a bit more remote- controllable (WebRTC) - usually with a cloud server acting as the big brother. Wait, there's more. Since we don't expect that there is enough economic motivation for the great players of the Internet to throw money at this problem and focus on it - some folks and I have prepared a law proposal that would make secure and anonymous networking a precondition for selling computers or devices after a certain date. This would create the necessary incentive to focus all engineering intelligence on solving these issues ASAP. You may want to promote it (or suggest edits to it). It's here: http://youbroketheinternet.org/legislation/ So here's my three point plan for perpass: - Do some housekeeping concerning old thinking that has long been disproven but keeps bubbling up in the collective mentality of the Internet engineering community. - Promote thorough analysis and understanding of what some of us call "GNU Internet" technologies (lacking better terms). Create the mental foundation necessary to be able to participate in the process. - Start working on some layers and protocols involved, since a whole new stack is necessary for end-user apps to materialize. As it stands it's like TCP/IP happening again: a few visionary guys are brewing up the entire network stack and everybody else will start discussing it when it's already a reality going into people's households. -- E-mail is public! Talk to me in private using Tor. torify telnet loupsycedyglgamf.onion DON'T SEND ME irc://loupsycedyglgamf.onion:67/lynX PRIVATE EMAIL http://loupsycedyglgamf.onion/LynX/ OR FACEBOOGLE
- Re: [perpass] perpass: what next? John Levine
- [perpass] perpass: what next? Stephen Farrell
- Re: [perpass] perpass: what next? Michael Richardson
- Re: [perpass] perpass: what next? Mike Liebhold
- Re: [perpass] perpass: what next? Watson Ladd
- Re: [perpass] perpass: what next? Stephen Farrell
- Re: [perpass] perpass: what next? Tim Bray
- Re: [perpass] perpass: what next? Adam Caudill
- Re: [perpass] perpass: what next? Paul Wouters
- Re: [perpass] perpass: what next? carlo von lynX
- Re: [perpass] perpass: what next? Mike Liebhold
- Re: [perpass] perpass: what next? Watson Ladd
- Re: [perpass] perpass: what next? carlo von lynX
- Re: [perpass] perpass: what next? Joseph Lorenzo Hall
- Re: [perpass] perpass: what next? Christian Huitema
- Re: [perpass] perpass: what next? Stefan Winter
- Re: [perpass] perpass: what next? Michael Richardson
- Re: [perpass] perpass: what next? Ted Lemon
- Re: [perpass] perpass: what next? Mike Liebhold
- Re: [perpass] perpass: what next? Stefan Winter
- Re: [perpass] perpass: what next? Stefan Winter
- Re: [perpass] perpass: what next? Stephen Farrell
- Re: [perpass] perpass: what next? Kathleen Moriarty