back to article IETF plans to NSA-proof all future internet protocols

The IETF has taken the next small step down the long, long road of protecting user traffic from spooks, snoops and attackers, setting down the basic architectural principle that new protocols should resist monitoring. It's not going to be a trivial undertaking: practically every layer of the Internet protocol stack has its …

COMMENTS

This topic is closed for new posts.
  1. Trevor_Pott Gold badge

    *Looks at conference attendee sheet*

    Oh look, a new no-fly list.

    1. Mark 85

      Nah... they will all get one flight. To Gitmo under the reasoning that if they can't monitor it, than whomever sets this up is aiding and abetting terrorism.

  2. Steven Roper

    They'll never beat the spooks

    for the same reason they'll never beat the crackers: "What man can make, man can break."

    1. Fluffy Bunny
      Childcatcher

      Re: They'll never beat the spooks

      Agreed, but with a little planning, we can at least make it hard enough that they will have to really want to breach our privacy. Something more like a supercomputer than a sniffer and data recorder.

      1. Thought About IT

        Re: They'll never beat the spooks

        "Something more like a supercomputer than a sniffer and data recorder."

        or a warrant.

        1. Charles 9

          Re: They'll never beat the spooks

          Or a saboteur.

          Or simply enough knowledge of the protocols that they can perform side channel attacks. Put bluntly, there's a demand for efficiency in data transmission. But in doing so, you necessarily make your data more unique compared to everything else and easier to identify. It's like a line of balls rolling down a rack. You have a choice. You can make your ball a unique shape or size so you can easily pick it out when it comes along, but then anyone else can do the same. Or you can make your ball the same size and shape as the other balls. They can't pick them out, but then neither can you. Pick your poison.

  3. Steve Davies 3 Silver badge

    Bring back X.25?

    Encrypted naturally.

    I know that it is a PITA but sending your data via different routes would it hard(er) for the spooks to get all of your message via MITM etc. That is unless the PAD's are compromised.

    1. Down not across

      Re: Bring back X.25?

      I remember having fun with X.25 in the days before there was a public internet. X.121 was rather error prone. Mistyping the NTN could end up connecting to unexpected places.

      Unless I am missing something rather obvious it wouldn't really change anything. Your traffic would still most likely travere multiple networks. It still wouldn't be point to point. And the PADs would without doubt be compromised (at least in the US they would most likely fall under CALEA).

  4. Your alien overlord - fear me

    But all the snoops'll do is

    put a trojan/virus on their offical gov website (such as tax returns etc), force you to do tax returns online and infect your computer that way. Who cares if the protocol is encrypted, it just means you can't check your own data pipes and see if data is being slurped to naughtyHQ

    1. Charles 9

      Re: But all the snoops'll do is

      But how do they stop detectors for such being built and distributed through networks outside their control such as foreign countries, TOR, i2p, Freenet, and the like?

      Heck, given the level of paranoia, what's stopping the gov from requiring an exploit vector be planted in every single piece of a vital piece of hardware (like a video or network card) that's traded in the US? A ubiquitous hardware exploit with direct memory access would be about as good as the NSA types could get it: OS-agnostic and impossible to get around. Some of the mobile paranoids say that's how the NSA taps your mobile conversations: not at the OS but at the radio chip.

This topic is closed for new posts.

Other stories you might like