Re: [perpass] perpass: what next?

[carlo von lynX <lynX@youfixtheinternet.psyced.org>]

I'm so glad to hear more and more voices talk about
taking 'clean slate' into serious consideration.
After five years talking to walls I feel like the
walls are starting to shake...

On Fri, Apr 17, 2015 at 12:01:58PM -0700, Mike Liebhold wrote:
> [..] My impression after Snowden et.
> is that the whole stack offers up a vast exploitable attack surface.
> and that IETF ought to begin _serious_ consideration of completely
> new secure architectures - e.g.  a secure onion/tor routed peer
> internet,  meshnets, blockchains for cerificated authentication .,
> etc.     It's a little ironic that the  military, IC and black hats
> already have secure p2p internets,  Isn't it time for the rest of us
> to enjoy the same levels of privacy and security, and *resilience*?

Whoops! This is the first time I hear that some parts of the
Internet already *have* the sort of architecture some research
folks have been working on for over a decade now? Do you have
*any* pointers about this?

On Sat, Apr 18, 2015 at 12:37:46PM -0400, Adam Caudill wrote:
> Email is so horribly broken, I think the entire system needs to be
> replaced, but
> I think it's clear that we aren't at a point where that's going to happen.

That, I firmly believe, is one of the greatest fallacies in the
community. Faceboogle, Whatschat and Snapapp have already proven
that users do not care about the looks of their messaging app as
long as it reaches their peers and possibly does so in a neater
way than old-fashioned formal e-mail.

I met a girl of twenty who managed to get to that age with *FIVE*
addresses in her e-mail address book. The only five institutions
or people she couldn't convince to use something fancier. And
this girl does care about privacy.. her group meets on Telegram
and uses end-to-end crypto.. but what's the point in preferring
e-mail if it is completely insecure? And of course the PGP hassle
is completely inacceptable.

So maybe, just maybe.. instead of waiting until the population
has to a large extent dropped e-mail and gone proprietary, we
should come up with something that actually works. Getting
people to install an app or operating systems to ship with a
new messaging standard is probably not the greatest hurdle.

Trying to remain backwards compatible at the expense of UX,
security and popularity is the big mistake here. Just let the
systems co-exist and watch how users will slowly migrate away
from e-mail as they migrated away from Myspace. To you that
may sound like apples and oranges, but to them it's just like
giving up on Myspace.

> While I, and I think many of us, would like a solution that addresses the metadata
> leaking and other major issues, the changes are too radical to work within
> the current system. So, if we can get to the point that we are encrypting a
> higher percentage, I think that's a goal worth pursuing. We aren't going to
> achieve the perfect, certainly not now, and to achieve anything, I think we are going to
> have to limit our definition of good. While I want to see email as we know
> it replaced with something that provides strong modern crypto, forward secrecy,
> minimal metadata leaks, and all messages encrypted by default - at this
> point I'd be happy if we could get the number of emails using end to end crypto
> to a non-trivial number. For now, that might be the best we can actually achieve.

There is no "for now" - there is no reason to wait any longer
for better things. Technologies like GNUnet and RINA are waiting
to get debugged, improved and be deployed. A worldwide end-to-end 
encrypted and anonymizing communications system is a feasible
goal and focusing on anything less will make us contempt that 
we at least achieved *something* ... while Snowden and the NSA 
itself said that the metadata is the real meat that is 
threatening our western societies.

Letting a few people decide whether there is or isn't democracy
is exactly what the separation of powers (aka checks & balances)
was supposed to protect us from - but with the Internet we have
created a monster that makes it impossible to detect the
infringement of the secrecy of communication. And the metadata
collection makes the freedom of assembly a joke - it wasn't
intended as a means to know exactly who is dissenting with the
government.

Thinking that e-mail is such a huge investment that we cannot
step back from it and replace it is one of the great mistakes
in thinking that the IESG could focus on correcting. Another
one is the popular belief in the federation of servers as a
viable architecture. Federation has failed us several times.
See http://about.psyc.eu/Federation for a write-up on that.

> There's been some discussion on the endymail[1] list, but there hasn't
> been any real progress - I don't believe anything actionable has come out
> of it so far.
>
> [1] https://www.ietf.org/mail-archive/web/endymail/current/maillist.html

I'm still waiting for replies to my proposal. I suggested to
either use the GNU Name System (GNS) or a Distributed Social 
Graph strategy to address the problems of keys, discovery and
SPAM protection seen in traditional mail systems.
                                                                                                                
I'm afraid the biggest hurdle in starting this kind of serious
discussion is that the technologies needed to make *distributed*
communications systems with agnostic relays (think Tor) rather
than metadata-scient servers are coming from the research 
community that has quietly worked on these topics for several
decades and is now confronting the majority of Internet experts
like you and me (luckily I started looking into this 5 years ago,
so I've got a little headstart) with a whole new design that 
hardly has anything to do with everything you have been familiar 
with in the past decades.

No more DNS/DNSSEC/DANE, no more X.509, no need for IPv6. So much 
of what was achieved will remain for secondary purposes but must 
be obsoleted for the main objective of making humans interact.

Currently I'd say http://freehaven.net/anonbib/ is the new IETF.
Scientific consensus and eventually running code is the new credo.
At least if we want to focus on the needs of humans, not make the
net a bit more responsive (QUIC) or the browser a bit more remote-
controllable (WebRTC) - usually with a cloud server acting as the
big brother.

Wait, there's more. Since we don't expect that there is enough
economic motivation for the great players of the Internet to
throw money at this problem and focus on it - some folks and I
have prepared a law proposal that would make secure and anonymous
networking a precondition for selling computers or devices after
a certain date. This would create the necessary incentive to
focus all engineering intelligence on solving these issues ASAP.
You may want to promote it (or suggest edits to it). It's here:
	http://youbroketheinternet.org/legislation/

So here's my three point plan for perpass:

- Do some housekeeping concerning old thinking that has long
  been disproven but keeps bubbling up in the collective
  mentality of the Internet engineering community.
- Promote thorough analysis and understanding of what some of
  us call "GNU Internet" technologies (lacking better terms).
  Create the mental foundation necessary to be able to
  participate in the process.
- Start working on some layers and protocols involved, since a
  whole new stack is necessary for end-user apps to materialize.

As it stands it's like TCP/IP happening again: a few
visionary guys are brewing up the entire network stack and
everybody else will start discussing it when it's already a
reality going into people's households.


-- 
  E-mail is public! Talk to me in private using Tor.
  torify telnet loupsycedyglgamf.onion		DON'T SEND ME
          irc://loupsycedyglgamf.onion:67/lynX  PRIVATE EMAIL
         http://loupsycedyglgamf.onion/LynX/    OR FACEBOOGLE