There has been some discussion here about the 'fact' that the NSA is
looking at MetaData and people are discussing PGP and S/MIME as solutions.
I don't see any contradiction here. The NSA is attacking us on multiple
fronts and at multiple levels, the response has to be on multiple fronts
and multiple levels.
Deploying S/MIME does not in any way reduce or eliminate the need for
STARTTLS. We need encryption at both layers, it is not an either/or
situation.
In my ideal configuration, all traffic would be triple encrypted:
Link Layer: The connections between each router node should be encrypted
and flood fill so that an observer cannot perform traffic analysis to guess
the path a packet takes through the network.
Transport Layer: All TCP connections should be over TCP with an
authenticated key exchange under keys bound to the DNS domain of at least
the responder (i.e. server).
Message Layer: All static content data should be encrypted under the
encryption key of the intended recipient.
Note that even this approach does not eliminate every possible attack.
Traffic analysis is still possible but now requires collusion of the
parties running the network nodes. But this is sufficient to meet my
objective which is to prevent warrantless wiretap and to limit the
resources available in the next episode of elite panic.
The reason I am concentrating on end-to-end message security are that this
is where I see the biggest gap and this is the only way the individuals can
take personal control of any aspect of their privacy.
There are some improvements possible in STARTTLS but the low hanging fruit
has been taken. We have a spec, it works. We can improve it a little but
not by a lot.
The gap here is deployment which is something I have no control over
whatsoever as an email user. I can choose to use S/MIME++ but I can't
choose to use STARTTLS or Link layer flood fill. I depend on the
infrastructure providers to do that for me.
From a movement perspective, the biggest problem I see in the reaction to
Snowdonia is that at present there is no ask. We could easily get thousands
of people to storm the Apple stores and Microsoft stores in the malls. But
what would they be asking Apple or Microsoft to do? We have deep support
among the population at large, they want to do something to protest being
spied on by the US and UK militaries.
S/MIME and PGP are much closer to being right than is commonly thought. If
we put in the effort to make them really right there are millions of people
who will insist on using them just as a fuck-you to Clapper and Alexander
and all the other patronizing men in uniforms who calmly tell us how
trustworthy they are.
Whichever ones of us get asked to appear in Congress should take along
pictures of Abut Ghraib. Those photographs and the determined efforts to
avoid prosecuting those really responsible shows exactly how trustworthy
and honorable the US military is.
End-to-end email is not the only privacy technology we need to deploy but
it is the only ask we can make of the public at large.