back to article In the three years since IETF said pervasive monitoring is an attack, what's changed?

After three years of work on making the Internet more secure, the Internet Engineering Task Force (IETF) still faces bottlenecks: ordinary peoples' perception of risk, sysadmins worried about how to manage encrypted networks, and – more even than state snooping – an advertising-heavy 'net business model that relies on collecting …

  1. Pascal Monett Silver badge
    Stop

    Just one cotton-picking minute there

    "if you believe that NSA employees are not allowed to contribute, you're making the same mistake they're making"

    The NSA has subverted encryption before, there is no reason to assume it will not do so again. So deciding to let the NSA in on discussions around encryption implies that the door is open for the NSA to inject another obscure, hard-to-find weakness which might take years or even decades to find and weed out.

    When someone has stabbed you in the back, it is not a mistake to not turn your back to him again.

    1. Paul Crawford Silver badge

      Re: Just one cotton-picking minute there

      You forget that organisations like the NSA and GCHQ have a split personality to deal with, as on the one hand the goal is to spy on everyone of interest to their respective country’s government (sadly today that means "everyone") and for that knobbling encryption is a useful trick to pull off.

      But on the other hand their goal is to protect the interests of their country and that means stopping other governments and/or criminal gangs from spying and hacking business and individuals personal information. For that they need good encryption and secrecy.

      Back to the old saying that Regan & Gorbachev used "trust, but verify" perhaps?

    2. Terry Cloth
      Meh

      A mixed record

      Yes, the NSA gave us Dual EC-DRBG, a definite clinker, but they also (may have) contributed the S-box changes in DES, which improved it significantly. Of course, thanks to them, the key length was shortened to 56 bits (they tried to downgrade it 48 bits, but couldn't swing that), which lowered the price of brute-forcing DES. As a result, the EFF showed in 1998 that anyone with a quarter-million dollars to rub together (and a few clues) could crack DES in around a day.

      So, the NSA's involvement can be useful, but all their gift horses' mouths must be inspected closely.

  2. Arthur the cat Silver badge

    Spooks want to monitor everyone because they believe everyone might be guilty

    If you give me six lines written by the hand of the most honest of men, I will find something in them which will hang him.

    Attributed to Cardinal Richelieu.

  3. Anonymous Coward
    Paris Hilton

    Future of Ads

    Wow, signs of a vision at IETF? End-to-end sessions (or at least server-to-browser) and secure+private DNS. I wonder if they have the motivation now to make HTTP2 practical by allowing opportunistic encryption (no cert) and DANE domain certs (no CA), or if they'll delay until every last CA gets pwned.

    Gonna need more radical changes though. Email is utterly broken. Web is a tarpit, browsers leaking info to 3rd parties, conflicts, bloat, blocker addons, CMSs falling victim DDoS & server-side malware. Becoming impractical for most companies; even Google's struggling. Worst of all, web depends on email as an identity service!

    I would say web+email should be replaced by a standard CDN protocol and new user-to-user messaging protocol suite, with the latter usurping most "web 2.0" functions including comments, contact forms, feeds, forums, social networks. Realtime/delayed, single/multiple/groups/subscriptions, multiple identities, unique anonymous identities, verifiable business/organization identities, no active/trackable content, zero information leakage. All in the routing layer, no servers necessary for routine communications.

    Advertising, where does it fit into this? Discovery and Subscriptions. Currently we see ads inserted in search/feeds/sidebars, and we like/subscribe to receive spamnewsletters. Ideally we put users in control, so you still see ads, but only when you choose to see 'related' content, screened through your own filters. You can subscribe if you're interested, without fear of spam, and the advertiser can send you reminders that they exist - without knowing your identity.

    1. Orv Silver badge

      Re: Future of Ads

      I suppose the question is, without identity verification, is opportunistic encryption useful, or just a false sense of security? Seems like it could be intercepted almost as easily and transparently as plaintext, since you have no way of knowing if you're talking to the actual server or a box in the middle that's proxying it.

  4. Matt34

    With the reported growth in IPv6 adoption ( http://6lab.cisco.com/stats/ ), utilising IPv6 IPSec Transport Mode for all traffic including DNS queries and would protect data component without utilising TLS and all the attendant issues of SSL library problems.

    DNSSEC would have be used to publish host certificate information which could be then be used with RFC 4025 and RFC 4322 compliant devices to ensure that all the communication is IPSec encrypted so that certificates can be obtained dynamically and thus the encrypted communication could place automatically. The RFCs are over ten years old now.

    RFC 4025 - A method of storing IPSec Phase 1 Keying Material in DNS published 2005 which uses the DNS IPSECKEY record

    RFC 4322 - Opportunistic Encryption using the Internet Key Exchange for Phase 2 IPSec published 2005

    1. Yes Me Silver badge

      IPsec

      Big fan of IPv6 here, but what's wrong with IPv4 IPsec Transport Mode? And what about the attendant issues of IPsec and IKEv2 library problems?

      1. Sebby

        Re: IPsec

        Hell of a job getting it through NATs, without the addition of NAT-T, and often not at all on particularly brain-dead networks that don't handle large frames properly or don't support anything that isn't the web. Hope yet for IPv6, as IPsec becomes seriously viable.

        Anyway, look, this grand plan will fail because Google will undermine it. They hate DNSSEC with a burning passion because it adds a whole, like, 200 ms to your DNS requests or something, and occasionally doesn't get through due to some shitty middlebox somewhere. And it's Google's view that if they broke the web, it's their fault, rather than the fault of the networks we live with today. So we all have to suffer with a known-broken CA model and LetsEncrypt, together with a pretty lame-duck approach to detecting (but not necessarily protecting against) the cowboys, yeah?

        Opportunistic encryption is good but mandatory encryption is better. I need a better DNS resolver protocol though; one not dependent on TLS and hostnames. Must look into this. For the origin authentication, DANE is what I'd root (route?) for, as it has immediate upward compatibility with the existing CA system. And for IPsec, "Better Than Nothing" (BTNS) upwards anonymous key exchanges are probably the simplest and most invisible way to turn on encryption for public services, with almost no added cost, for use by any upper-level protocol that would otherwise not be secured, so that at least passive attacks can be warded off.

        A lot is possible, if we unshackle ourselves from today's broken networks ...

  5. Dave 15

    same mistake?

    Well, maybe I do choose to email Fred, but I don't always know Fred well enough to know his private life as a bomb maker.

    If I take a job at the NSA I do know what they are about, and if I take a job there I expect it is a good bet that it is because I approve of what they do... very few seem to turn into whistle blowers

    1. Anonymous Coward
      Anonymous Coward

      Re: same mistake?

      And NSA is hardly the scariest anymore. There's just so many people/things collecting data on us, with shit for security. Websites, phones, apps, IOT crap, CCTV, cars, traffic monitoring/control systems, banks, doctors, insurance companies, innocuous government agencies. All ripe for exploitation not just by malevolent government insiders but *also* by random criminals and crazies.

  6. John Smith 19 Gold badge
    Gimp

    End to end is the way to go.

    The days when the "end" was a dumb terminal incapable of running anything are long past.

    Let's be clear. the data fetishists (both government and commercial) have had this coming for a long term.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like