ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA

2013-09-05 21:16:10
from [cb.list6] [Permanent Link] 
On Sep 5, 2013 5:17 PM, "Dean Willis" 
<dean(_dot_)willis(_at_)softarmor(_dot_)com> wrote:



This is bigger than the "perpass" list.

I suggested that the surveillance/broken crypto challenge represents

"damage to the Internet". I'm not the only one thinking that way.


I'd like to share the challenge raised by Bruce Schneier in:



http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying



To quote:

-----------
We need to know how exactly how the NSA and other agencies are subverting

routers, switches, the internet backbone, encryption technologies and cloud
systems. I already have five stories from people like you, and I've just
started collecting. I want 50. There's safety in numbers, and this form of
civil disobedience is the moral thing to do.


Two, we can design. We need to figure out how to re-engineer the internet

to prevent this kind of wholesale spying. We need new techniques to prevent
communications intermediaries from leaking private information.


We can make surveillance expensive again. In particular, we need open

protocols, open implementations, open systems – these will be harder for
the NSA to subvert.


The Internet Engineering Task Force, the group that defines the standards

that make the internet run, has a meeting planned for early November in
Vancouver. This group needs dedicate its next meeting to this task. This is
an emergency, and demands an emergency response.

------------

The gauntlet is in our face. What are we going to do about it?




Is there a standards gap or an implementation gap?

All Tor, all TLS, all PGP,  all DANE all the time?

And dont forget about this
http://www.zdnet.com/nokia-hijacks-mobile-browser-traffic-decrypts-https-data-7000009655/

I like this post below, just accept the risk that there is no expectation
of privacy. The snoops have optical taps and all the private keys.  And the
T&Cs for most public email services, social networks,  maps, hospitals,
airport wifi... make it clear your data is not private.

http://www.schneier.com/blog/archives/2013/09/our_newfound_fe.html

CB


--
Dean Willis
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Last Call: <draft-resnick-retire-std1-00.txt> (Retirement of the "Internet Official Protocol Standards" Summary Document) to Best Current Practice, John C Klensin
Next by Date:  Re: pgp signing in van, Phillip Hallam-Baker
Previous by Thread:  Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA, Ted Lemon
Next by Thread:  Re: Bruce Schneier's Proposal to dedicate November meeting to saving the Internet from the NSA, Hannes Tschofenig
Indexes:  [Date] [Thread] [Top] [All Lists]