Time For X-No-Wiretap HTTP Header?

← Back to Stories (view on slashdot.org)

Time For X-No-Wiretap HTTP Header?

Posted by timothy on Sunday September 8, 2013 @03:25AM from the tongue-boring-through-cheek dept.

Freshly Exhumed writes "A security blogger, acknowledging that the NSA methodically ranks communications on the basis of their 'foreignness' factor to determine candidacy for prolonged retention proposes, is proposing '...an opportunity for us on the civilian front to aid the NSA by voluntarily indicating citizenship on all our networked communications. Here, we define the syntax and semantics of X-No-Wiretap, a HTTP header-based mechanism for indicating and proving citizenship to well-intentioned man-in-the-middle parties. It is inspired by the enormously successful RFC 3514 IPv4 Security Flag and HTTP DNT header.'"

26 of 202 comments (clear)

Min score:

Reason:

Sort:

Asking them nicely will stop help? by Anonymous Coward · 2013-09-08 03:28 · Score: 3, Funny

The only way we are going to solve this NSA mess is to clean house...and the senate...
1. Re:Asking them nicely will stop help? by Oysterville · 2013-09-08 03:46 · Score: 5, Insightful
  
  Somewhere along the line you were given the incorrect information that the US House and Senate have complete oversight of NSA, when in reality it's more accurately the other way around.
2. Re:Asking them nicely will stop help? by Jeremiah+Cornelius · 2013-09-08 04:14 · Score: 2
  
  NSA.
  Amerika's blackmail clearinghouse.
  
  --
  "Flyin' in just a sweet place,
  Never been known to fail..."
3. Re:Asking them nicely will stop help? by Anonymous Coward · 2013-09-08 04:23 · Score: 2, Informative
  
  The House and Senate do have oversight of the NSA. If only because they can just cut off funding and fire the NSA at will. That is oversight. If they want the NSA to stop doing something, they have only to tell them to stop and back it up by cutting funding.
4. Re:Asking them nicely will stop help? by Z00L00K · 2013-09-08 04:38 · Score: 2, Insightful
  
  Unfortunately the NSA has enough on every individual in the government to make such a move extremely dangerous for the single individual.
  NSA, CIA, FBI and DoD have their own life and nobody that is sane would want to challenge them. We have to wait for the insane savior.
  
  --
  If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
5. Re:Asking them nicely will stop help? by Anonymous Coward · 2013-09-08 04:54 · Score: 2, Insightful
  
  The House and Senate do have oversight of the NSA. If only because they can just cut off funding and fire the NSA at will.
  No, they can't. Our overly corrupt president would simply write one of his "executive royal decrees" to give them all the "emergency" funding they need.
6. Re:Asking them nicely will stop help? by schwit1 · 2013-09-08 07:22 · Score: 2
  
  I would prefer removing him from office. Impeachment is the bringing of charges. Good luck getting the Senate sock puppets to convict.
7. Re:Asking them nicely will stop help? by lgw · 2013-09-08 07:30 · Score: 2
  
  Congress is nothing if not masters of parliamentary process that obscures who's really at fault for any bill. If both parties wanted the NSA gone, it would be gone, as a rider to the "Declaration that terrorists are bad and pedophiles too" bill, passed unanimously by acclamation.
  Sure, there's little a sane single individual in the House or Senate could do, but if the tide of popular opinion turns against he NSA, such that congresscritters left and right were all hearing about it from voters? That would bring real and rapid change.
  That's the thing about democracy: it's not supposed to empower individual idealistic crusaders, it's supposed to respond to the will of the masses. You'd think there'd be a better way, but we sure can't seem to find one.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
8. Re:Asking them nicely will stop help? by fustakrakich · 2013-09-08 08:22 · Score: 2
  
  I know of no such evidence WRT the NSA.
  Well... yeah! That would make sense, wouldn't it? It means they're doing their job competently. The NSA itself existed for a long time before the public ever knew about it at all.
  
  --
  “He’s not deformed, he’s just drunk!”
Almost as good as Evil BIt! by CrystalFalcon · 2013-09-08 03:29 · Score: 5, Insightful

Yes, of course!
This is guaranteed to work almost as good as the Evil Bit, an extra field in IPv4 headers where senders of packets indicate malicious intent, so that people administering firewalls can discard such packets if desired.
(The problem in the first place was that the people wiretapping didn't give a shit about rules, etiquette, and being decent. More rules and etiquette aren't the solution to that problem.)
Rick
1. Re:Almost as good as Evil BIt! by MtHuurne · 2013-09-08 03:57 · Score: 2
  
  The "evil bit" is from the mentioned RFC 3514.
2. Re:Almost as good as Evil BIt! by Vlad_the_Inhaler · 2013-09-08 04:19 · Score: 3, Informative
  
  The Evil Bit is only defined under IPV4, time to update the specs.
  
  --
  Mielipiteet omiani - Opinions personal, facts suspect.
You don't beg for privacy by Anonymous Coward · 2013-09-08 03:33 · Score: 4, Insightful

You secure it by force.
1. Re:You don't beg for privacy by mjtaylor24601 · 2013-09-08 06:20 · Score: 2
  
  With guns.
  NOW do you "liberals" and "progressives" understand the 2nd Amendment?
  You already have the 2nd Amendment and all the guns anyone could possibly want. It seems to me that it didn't deter the NSA one bit. I'm not sure I see the point you're trying to make.
  
  --
  I wish I were as sure of anything as some people are of everything
USA citizens safe, not care rest of world?? by Anonymous Coward · 2013-09-08 03:45 · Score: 5, Insightful

It is always so irritating to see that this discussion turns into "I am USA citizen, do not spy on me, dear NSA!" What about rest of the world?? How come that in your US centric viewpoint it's all ok to spy on anyone else, just not on US citizens?? What about Europe? Other NATO allies? All ok to spy on everyone else, on your viewpoint!! Love that fat bellybutton of yours!
1. Re:USA citizens safe, not care rest of world?? by eheldreth · 2013-09-08 04:17 · Score: 2
  
  For people in the US they are two very different questions. Domestic spying in this regard is a violation of the citizenries constitutional rights. Foreign intelligence is a separate legal issue though with obviously connected mechanics. Most people int the US would feel it is wrong to spy on the citizens of an allied nation but this is a matter of priorities. Foreign policy can never be fixed so long as internal policy is so uncontrolled. In this case it is likely either the NSA will be scaled back resulting in less capacity for intelligence gathering in general or we will lose any pretext of being a free and functional democratic republic.
  
  --
  The perversity of the Universe tends towards a maximum. - O'Toole's Corollary
2. Re:USA citizens safe, not care rest of world?? by AxeTheMax · 2013-09-08 05:14 · Score: 3, Insightful
  
  Yes, Americans who think they value their liberty have a tendency to forget that their liberty depends also on the liberty of others. Starting with the slaves who their founding fathers conveniently forgot, now it is terrorists, criminals, citizens of 'enemy' countries, and finally all non citizens. As has been seen recently, spying on non-citizens gives the means to spy on citizens. What Americans have really is not liberty but power, and the Golden Rule (reciprocity) is inessential when you have power.
And the rest of the world? by lurker412 · 2013-09-08 03:53 · Score: 5, Insightful

Few American commentators seem to be questioning the unstated assumption that spying on non-Americans is perfectly OK, even if there is no reasonable cause for suspicion. By that logic, it's perfectly OK for other countries to spy on all Americans.

Aren't we all entitled to a little privacy?
1. Re:And the rest of the world? by Frosty+Piss · 2013-09-08 04:05 · Score: 2
  
  Few American commentators seem to be questioning the unstated assumption that spying on non-Americans is perfectly OK, even if there is no reasonable cause for suspicion.
  I don't know that this is true at all. What I suspect is that most Americans simply don't care. The Snowden Affair gets a lot of press, but that press gets very little traction except with a minority of Americans, which the rest think are wearing tin-foil hats.
  But here's another thing to remember: Some Americans may be fixated on the idea of spying on Americans for both selfish reasons and also the fact that the NSA specifically isn't supposed to spy on Americans.
  
  --
  If you want news from today, you have to come back tomorrow.
Do you think this will stop NSAGul Black Riders? by Jeremiah+Cornelius · 2013-09-08 04:13 · Score: 5, Insightful

They are already deliberately violating the law, with impunity. They compromise your security at every step. Adding un-encrypted metadata to your traffic will only:
1 - ID you for possible actions by later custodians of this information
2 - Acknowledge your silent submission to the fact of universal collection as a normative state
3 - Divert efforts from real crypto-countermeasures
People need not to give NSA their complicity and assent, but to resist, and applaud every time somebody manages to FUCK UP their mission.

--
"Flyin' in just a sweet place,
Never been known to fail..."
A Modest Proposal by mthamil · 2013-09-08 05:00 · Score: 2

The number of commenters failing to understand that the article is satire is staggering. Hell, look at the "department" the article is from.
Dangerous Crypto mistake - my testing results by Freshly+Exhumed · 2013-09-08 05:40 · Score: 3, Funny

When I saw that this proposal "deprecates all the SSL/TLS ciphers in favor of Double CAESAR’13" (a.k.a. ROT-13) I knew it was going to be great. BTW, a big shoutout to my friends over in the Caesarian section! Okay, so I needed to run some sandboxed tests first. After using Double ROT-13 everything was going perfectly, according to the spec, but I decided to gamble on TRIPLE ROT-13. Big mistake. Don't do it! All I ended up with was a bunch of gobbledegook that I couldn't work with anymore, so I had to just delete everything and start all over again. Don't use TRIPLE ROT-13!!!!!!!1
I wish I could have been FP to warn everyone. I'm glad this proposal sticks with Double!

--
I deny that I have not avoided attaining the opposite of that which I do not want.
Re:Do you think this will stop NSAGul Black Riders by TCM · 2013-09-08 06:14 · Score: 3, Interesting

Liberties going down the drain, secret laws, secret courts, secret prisons, killing people without any trial, but at least we still have stupid nerd jokes in the form of funny HTTP headers.
Haha, I'm so not laughing.

--
Of course it runs NetBSD. BTC: 1NT7QvbetmANwaMzhpVL6
X-No-Route-US by presidenteloco · 2013-09-08 06:28 · Score: 2

Header is read by smart switch/routers and they ensure that the associated packets do not get routed to any US-addressed (or US-puppet-addressed) host or router.
To do this one properly, an AVOID_US bit in the IPV6 packets should be used instead.

--

Where are we going and why are we in a handbasket?
WTF by joseph90 · 2013-09-08 07:43 · Score: 2

I presume this is a joke.
Re:Do you think this will stop NSAGul Black Riders by Concerned+Onlooker · 2013-09-08 08:14 · Score: 4, Insightful

Well, then, I suggest we invoke the other Poe's law: Nevermore!

--
http://www.rootstrikers.org/