back to article Snowden to the IETF: Please make an internet for users, not the spies

NSA whistleblower Edward Snowden has urged the world's leading group of internet engineers to design a future 'net that puts the user in the center, and so protects people's privacy. Speaking via webcast to a meeting in Prague of the Internet Engineering Task Force (IETF), the former spy talked about a range of possible …

  1. John Smith 19 Gold badge
    Unhappy

    Internet protocols were originally set up with 2 driving ideas.

    1) We are all friends here.

    Developed by ARPA to allow researchers on ARPA projects to share computing resources

    Sure you can peek at the packets you're trans shipping to someone else but you don't want to.

    2) Encryption is expensive

    So if you can't encrypt everything why bother? See also point 1.

    But that was a world where the internet backbone was 56.5kbs and 8MB of 50ns memory put you in supercomputer territory.

    Today real time encryption is possible (although ensuring the implementation is secure is not trivial) and the internet is no longer the sole property of the US Government.

    Thanks to Snowden we now know as an absolute fact that major governments can monitor anyone they choose to, and so far (because the protocols have allowed them to) they have chosen to monitor everyone.

    This rampant fishing trip mentality, where "innocent until proven guilty" has gone out the window (you're all guilty of something, we just haven't worked out what yet as an NKVD official might have put it in Stalin's time) has got to be stopped.

    Societies should be able to defend themselves, but what we've been seeing is that the states they have created (or parts of them) seem to view the society itself as the enemy and peoples desire for privacy to be wrong because it prevents them from knowing everything about them forever.

    Accept you can't have perfect security even in a prison, which seems to be what some spooks are keen to turn their countries into. Then let them go back to finding real threats, that actually buy stuff and talk to each other rather than this FUD BS which they seem to use instead of acting like proper investigators.

    1. Anonymous Coward
      Anonymous Coward

      Re: Internet protocols were originally set up with 2 driving ideas.

      The problem here is that THEY don't ACCEPT the proof that perfect security can't exist (anyone who actually understands information theory/engineering knows this). No, they are selling snake oil to the governments that these new methods will actually prevent attacks against them, or more likely, the people that cough up cash to keep them in power, however temporary that turns out when the shiny new system fails and fails. Never mind that, toss some more billions (trillions planet-wide) at the problem. We'll get it right yet!

      Since the threats can originate from anywhere, First World to Third World, they have to collect it all and then sort it out, hoping that the data will transform into actionable information. Which is exactly the problem at hand, getting one to the other. I'm quite sure that some of the push to solving "Big Data" comes from handling this in an acceptable manner. DARPA, MITRE, ....

      I don't have a clue on how to solve this problem, and the proposed solutions attack pieces of the problem but nothing approaches totality. And that assumes that all the actors are cooperative. I seriously doubt that as the governments (looking at US) have established a track record of sabotaging such work. I have been living with this all my adult life (PRP, nuclear, ...), y'all shouldn't have to.

    2. Pascal Monett Silver badge

      Re: we now know [..] that major governments can monitor anyone they choose to

      I support that fact and have zero issues with it. Monitoring a person designated as a suspect in an ongoing investigation is perfectly normal when such monitoring is legally and morally justified and when such monitoring is terminated as soon as it is no longer useful (ie suspect is proven innocent or charges can be brought against him).

      What I cannot and will never accept is the blanket surveillance of everyone under the excuse that it is legal. It may be legal in some countries, but that does no make it acceptable and the old excuse of "if you have nothing to hide..." is just wool over the eyes.

      I have nothing to hide, and it's nobody's business without a warrant.

  2. Sir Runcible Spoon
    Black Helicopters

    Sir

    Someone once told the control freaks that information is power and effectively a form of currency.

    Now that they have collected all this data on everyone they need to spend it on something.

    Analyst: I know, why don't we sell the nebulous idea of a war on something so we can spend all this 'information' currency and convert it into some REAL currency.

    Monger: That's a terrifying thought!

    Analyst: That's it! A War on Terror! We're made, it's the gravy-train for us alright...choo choo!! I'm just going to call uncle Broomfondle and let him know the good news - Magickthighs was right all along :)

    1. Anonymous Coward
      Anonymous Coward

      Re: Sir

      "...uncle Broomfondle and let him know the good news - Magickthighs was right all along :)

      A respectful tip of the hat to you sir.

  3. Tom Chiverton 1

    "having identifiable "long lasting" hardware addresses was "extremely dangerous," "

    That's IPv6 dead then, as the MAC forms the last part of the address, and I'm apperently meant to place all my IPv6 devices directly on the internet rather than behind NAT like how the IPv4 world works.

    1. Sir Runcible Spoon
      Joke

      I think they may have been thinking along the lines of DHCP for MAC addresses :)

    2. Yes Me Silver badge

      IPv6 privacy

      Tom, you are out of date. IPv6 privacy addresses solved this weakness years ago (and have been the default on Windows for years). There are new IETF recommendations in this area too, post-Snowden.

      https://datatracker.ietf.org/doc/rfc3041/

      http://datatracker.ietf.org/doc/rfc7217/

      http://datatracker.ietf.org/doc/draft-ietf-6man-ipv6-address-generation-privacy/

      http://datatracker.ietf.org/doc/draft-ietf-6man-default-iids/

      1. Roland6 Silver badge

        Re: IPv6 privacy @Yes Me

        "Tom, you are out of date. IPv6 privacy addresses solved this weakness"

        You missed the point, IPv6 was also designed for a very different Internet; one still largely based on trust (ie. we're al friends here - see first comment to this article). The fact that privacy had to be added in latter and that the religious fundamentalists of the IETF still hold sway over the use of NAT, speaks volumes about the added security claims of IPv6...

    3. Vic

      That's IPv6 dead then, as the MAC forms the last part of the address

      No it doesn't. I grow weary of hearing this time and again.

      Using the MAC address is one possible way of forming the link-local IPv6 address - which doesn't transit your router. And you don't have to use that method at all if you don't want to.

      Vic.

    4. pigdog234

      "That's IPv6 dead then, as the MAC forms the last part of the address..."

      Not Dead Yet.

      See CGAs (RFC 4982). Also, RFC 7217 (Gont).

  4. Anonymous Coward
    Anonymous Coward

    When Hell freezes over

    Anyone who thinks it's a good idea to prevent authorities from monitoring modern day electronic communication for national security purposes, is in for a huge disappointment just like the ass clowns who think Snowden is a whistleblower instead of a traitor waiting to be convicted for his crimes. Dead man walking describes SnowJob.

    1. Anonymous Coward
      Anonymous Coward

      Re: When Hell freezes over

      I used to be career military (like this is news). From the very beginning standing watches I was told flat out that monitoring by the military of US citizen/civilian communications and repeating those communications to anyone for any reason other than the content was treasonous was flat out unconstitutional. Period. As in go to the Federal Penitentiary at Leavenworth Period. Now the NSA*, which has a very high level of people in uniform working for it in all aspects is monitoring and communicating the contents of those communications elsewhere. Now unless the Constitution was amended and I didn't notice it, somebody is lying. Either lying then or lying now. Take your pick.

      * On an irregular basis I had to repair NSA equipment on-board if their technicians had problems. I had a higher clearance and frankly found it pretty brain-dead stuff. I sure wasn't going to talk about it.

    2. Anonymous Coward
      Anonymous Coward

      Re: When Hell freezes over

      "Dead man walking describes SnowJob."

      He spreads considerable fear in the right places for a dead man though, don't you think Matt? The difficulties he's causing illiberal governments are going to be a lot harder to stuff back in the box than simply handing out a life sentence.

  5. John Smith 19 Gold badge
    Unhappy

    The hysterical apolgist for *unlimited* state surveillance arrives right on cue

    So self righteous.

    So certain.

    So anonymous

    So predictable

    1. Anonymous Coward
      Anonymous Coward

      Re: The hysterical apolgist for *unlimited* state surveillance arrives right on cue

      My name is Matt

      I live on the second floor

      I live upstairs from you

      Yes I think you've seen me before

      If you hear some spying late at night

      Some kind of trouble. some kind of fight

      Just don't ask me what it was

      Just don't ask me what it was

      Just don't ask me what it was

      I think it's because I'm sheeple

      I try not to talk too loud

      Maybe it's because I'm crazy

      I try not to act too proud

  6. Anonymous Coward
    Anonymous Coward

    Suzanne Vega rules

    They only post until you cry

    After that you don't ask why

    You just don't argue anymore

    You just don't argue anymore

    You just don't argue anymore

    Yes I think I'm okay

    I walked into the word trap again

    Well, if you ask that's what I'll say

    And it's not your business anyway

    I guess I'd like to be alone

    With nothing broken, nothing thrown

    Just don't ask me how I am.....

    A lot of people don't know the song is actually about an abused child, not an abused woman.

    Obscuring the situation, flat denial of facts, an inability to confront the abuser, it ain't pretty and there are far too many examples of it, in all walks of life. Don't hide, be free .... if only we all could

  7. Ole Juul

    Spud gun

    SPUD is a prototype for grouping UDP packets together in a "tube", also allowing network devices on the path between endpoints to participate explicitly in the tube outside the end-to-end context.

    So Ted Stevens was right.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like