RFC 7258: Pervasive Monitoring Is an Attack

An anonymous reader writes with news that the IETF has adopted a policy of designing new protocols taking into account the need to mitigate pervasive monitoring of all traffic. From the article: "...RFC 7258, also known as BCP 188 (where BCP stands for 'Best Common Practice'); it represents Internet Engineering Task Force consensus on the fact that many powerful well-funded entities feel it is appropriate to monitor people's use of the Net, without telling those people. The consensus is: This monitoring is an attack and designers of Internet protocols must work to mitigate it."

Next step:

[SuricouRaven]

The NSA will try to infiltrate the IETF.

Re:Next step:

[StripedCow]

Other option: they already have. It's a trick!

Re:Next step:

IETF: Monitor the monitors, redirect to an imaginary pseudonet.. round them up!

Re:Next step:

[rabtech]

The NSA will try to infiltrate the IETF.

Some people may mod this as Funny, but I take it as completely serious.

Even if it isn't the NSA, do you really think other state actors won't try to exert their influence?

Expect lot of FUD around security issues by direct paid shills, or just "grass-roots" opposition indirectly fomented by various state security agencies.

Re:Next step:

[swillden]

The NSA will try to infiltrate the IETF.

The NSA has already been participating in many standards bodies overtly and covertly. But that doesn't really matter. IETF protocols are designed in public, so backroom attempts to subvert them don't work. The only thing the NSA et al can do is to try to get the standards weakened in subtle, non-obvious ways they can exploit. But being able to do that effectively requires being significantly smarter than everyone else who is looking at and commenting on the designs so they can design and insert weaknesses which no one realizes are weaknesses.

One ploy they can use that doesn't require super genius insight is to try to promote complexity in new standards. Complexity makes implementation harder and increases the probability of exploitable mistakes, in both design and implementation. That won't give them any guaranteed avenues of attack, but it will increase the odds of exploitable weaknesses. So we need to guard against excessive complexity in standards... but that's always been the case anyway.

Re:Next step:

[wonkey_monkey]

It's a tarp!

No, wait...

Re:Next step:

A third way is to control positions responsible for communicating with other groups, which gives them more opportunities to influence the discussion or misrepresent consensus.

See Trevor Perrin's request to remove NSA employee Kevin Igoe from the position as co-chair of the Crypto Forum Research Group:

Reasons for requesting Kevin's removal
----
1) Kevin has provided the *ONLY* positive feedback for Dragonfly that
can be found on the CFRG mailing list or meeting minutes. The
contrast between Kevin's enthusiasm and the group's skepticism is
striking [CFRG_SUMMARY]. It's unclear what this enthusiasm is based
on. There's no record of Kevin making any effort to understand
Dragonfly's unusual structure, compare it to alternatives, consider
possible use cases, or construct a formal security analysis.

2) Twice Kevin suggested a technique for deriving the Dragonfly
password-based element which would make the protocol easy to break
[IGOE_1, IGOE_2]. He also endorsed an ineffective attempt to avoid
timing attacks by adding extra iterations to one of the loops [IGOE_3,
IGOE_4]. These are surprising mistakes from an experienced
cryptographer.

3) Kevin's approval of Dragonfly to the TLS WG misrepresented CFRG
consensus, which was skeptical of Dragonfly [CFRG_SUMMARY].

4) Kevin's NSA affiliation raises unpleasant but unavoidable
questions regarding these actions. It's entirely possible these are
just mistakes by a novice chair who lacks experience in a particular
sort of protocol and is being pressured by IETF participants to
endorse something. But it's hard to escape an impression of
carelessness and unseriousness in Kevin's work. One wonders whether
the NSA is happy to preside over this sort of sloppy crypto design.

While that's of course speculation, it remains baffling that an
experienced cryptographer would champion such a shoddy protocol. The
CFRG chairs have been silent for months, and haven't responded to
attempts to clarify this.

The request was reviewed and denied, so the crypto research group is still co-chaired by a NSA employee.

Re:Next step:

[swillden]

A third way is to control positions responsible for communicating with other groups, which gives them more opportunities to influence the discussion or misrepresent consensus.

I don't think that really works, and the request you quote is evidence to support my belief.

Re:Next step:

One ploy they can use that doesn't require super genius insight is to try to promote complexity in new standards. Complexity makes implementation harder and increases the probability of exploitable mistakes, in both design and implementation. That won't give them any guaranteed avenues of attack, but it will increase the odds of exploitable weaknesses. So we need to guard against excessive complexity in standards... but that's always been the case anyway.

systemd...

Re:Next step:

[ObsessiveMathsFreak]

One ploy they can use that doesn't require super genius insight is to try to promote complexity in new standards. Complexity makes implementation harder and increases the probability of exploitable mistakes, in both design and implementation.

And yet despite this, SELinux remains installed by default on many distros. How long more is the NSA going to be allowed to live in our Kernels?

Re:Next step:

[wazafoojitsu]

But being able to do that effectively requires being significantly smarter than everyone else who is looking at and commenting on the designs so they can design and insert weaknesses which no one realizes are weaknesses.

Could see strategies focused on that same peer process. Less smart eyes on the subject is more opportunity. Keeping everyone involved surely is crucial.

Re:Next step:

[swillden]

One ploy they can use that doesn't require super genius insight is to try to promote complexity in new standards. Complexity makes implementation harder and increases the probability of exploitable mistakes, in both design and implementation.

And yet despite this, SELinux remains installed by default on many distros. How long more is the NSA going to be allowed to live in our Kernels?

SELinux is good stuff, regardless of where it came from. I think we should extend its use, not remove it.

Re:Next step:

*cough* DNSSEC *cough*

Re:Next step:

I'm of the opposite opinion. The request and the follow-up is evidence that even an open process can and will be subverted if there is no will to actively deal with the issues.

Note that nothing was done in response to that request. The CRFG is still co-chaired by a NSA employee. Trevor Perrin is unlikely to raise further issues in the future - why do so if there is no will to act on them? That's one less person to speak out the next time they try something.

One of the reasons people gave for why it's okay to have a NSA co-chair is what you said - that the IETFs open process inherently makes it unsubvertable. I think that's naive. The NSA has infinite resources compared to the volunteers at IETF. The IETF should be defensive and take what little preventive measures they can. Instead they almost wilfully sabotage themselves.

An open process doesn't help if you do react to issues when they are pointed out. Trevor Perrin raised an issue - that the NSA openly has an employee in the position of maximum leverage in the cryptographic research group - and nothing was done about it. That looks to me like the open process was tested and failed.

Re:Next step:

Exactly. The NSA's participation in standards bodies (including NIST) has always been predicated on the idea that it's in the NSA's best interest to provide secure configuration procedures for national assets (like DoD systems, for example).

The idea that the NSA purposely weakens this process, or worse, backdoors them - is a serious blow to the credibility of not only the NSA's overt participation, but also the standards bodies themselves, who trusted the NSA.

In fact, NIST has taken a lot of fire, recently for allowing the NSA to participate in their process. If the NSA is weaponizing NIST's efforts; then it's our very STANDARDS that are being corrupted.

Note - that the banking equivalence of this is akin to having banks artificially manipulate interest-rate index standards which affects a whole range of funds and investing, thus distorting the entire worldwide market - for example something like LIBOR. (And, in fact, this has been going on for at least a decade now...).

Re:Next step:

[The+Technomancer]

I see where you're coming from, but you're acting like we live in a world where Dual_EC_DRBG didn't happen, where the heartbeat weakness in OpenSSL wasn't overlooked for years, and where the level of outrage or disagreement doesn't need rise to a level that outweighs the pain in the ass of changing something to change something. It doesn't require the NSA (or any determined, capable organization) being supergeniuses to subvert technology or processes. It just takes the trust and misplaced confidence of a few people to assume it's far too hard for someone to do.

Re:Next step:

[ArmoredDragon]

We've already seen this kind of FUD from foreign governments who want authority over ICANN and IANA. Basically they argue that by these being under the US Department of Commerce, which itself is technically run by Congress, the NSA can somehow spy on the world. Complete nonsense (regardless of who holds the keys, the NSA can always do what they do.)

The real reason they want control over this is because it makes censorship a lot easier. Russia and China want to stop free speech, whereas Europe wants to kill anything they believe is "hate speech" (which technically almost anything can be called hate speech.) I distrust the feds as much as anybody, but IMO the US is the best holder of that because it doesn't do either.

Re:Next step:

I don't think that really works, and the request you quote is evidence to support my belief.

This is one case where the a rogue chairman has been clearly identified. Dispite it being obvious that he is (deliberately or otherwise) working against the security of his protocol he has still not being removed. The likelyhood is that this is just the tip of an enormous iceberg. IPSEC was made inordinately complex with far too many different modes of encryption and defaults which didn't turn on automatic encryption. The compexity of IPSEC directly led to the failure of the FreeS/WAN project. It would be very interesting to investigate the NSA links of the people who were involved in designing IPSEC and related protocols.

Do not expect there to be much direct evidence. These are expert professionals subverting the security of our internet systems. The only possible value that NSA experts can have from now on is in identifying flaws in proposed protocols. Even then I would be careful to check that the flaws they point out aren't subtly chosen to support other flaws.

Re:Next step:

[L4t3r4lu5]

Disband and reform? "The IEFT was compromised. We are the same people as before, minus the NSA employee. Let's get this done right." seems like a good press release.

Re:Next step:

"The only thing the NSA et al can do is to try to get the standards weakened in subtle, non-obvious ways they can exploit. "

The NSA is Microsoft? Who knew?

Too late for April 1st

If the IETF wants to make something like RFC 7168 (Hyper Text Coffee Pot Control Protocol for Tea Efflux Appliances (HTCPCP-TEA)), then its too late. In fact RFC 7258 is in violation of RFC 3339.

Re:Too late for April 1st

[justthinkit]

That RFC 3339 link didn't load. I googled, and got this one to work. I think it needed to be https...

Re:Too late for April 1st

[mellon]

7258 is a BCP, not a protocol spec. How can it be in violation of 3339?

Re:Too late for April 1st

because April 1st != May.
bad joke

As Gerneral Zues says

The only good human is a dead human. And the only good monkey is a monitored monkey.

Buy Google! It knows you better than yourself.

But it's "meta" monitoring.

The "pen register" part of the Smith v. Maryland makes their monitoring legal in this meta way. Even Hayden says they've killed people based on metadata alone.

I don't see how you're going to "mitigate" anything until you get the 9 robed activists to pull heads out.

Re:But it's "meta" monitoring.

Best comment ever. Just sayin'.

Re:But it's "meta" monitoring.

Thanks.

/. Poll: Worst offenders

[davidwr]

Who is the worst offender here (excluding "reasonable/expected" things like employers monitoring employees, parents monitoring their own kids, K-12 schools monitoring their own networks, etc.)?
* The United States government (NSA, etc.)
* The United States corporations (ISPs etc)
* China's government
* China's corporations (we'll pretend these aren't the government)
* Russia's government
* Russia's corporations (ditto)
* North Korea's government (it's all government there!)
* CowboyNeal, er, I mean Unknown Lamer**

**Notice: if you click here, well, you've been warned :)

Re:/. Poll: Worst offenders

[poetmatt]

You are correct that it's both the ISP's and the governments.

Who has become more careful online?

[bzipitidoo]

Sometimes I test surveillance. I look at porno sites, for just that purpose. (Really! Okay, I also sometimes look at those sites for fun.) See if any agency is dumb enough to let me know they're spying on me by telling me what a naughty person I am for looking at such things. So far, no warnings about that.

I also sometimes download content that may be copyrighted, again to test the temper. So far, my ISP has not sent me any warnings that they've detected piracy, no threats to cut my service. Nor have I received any threatening letters from the entertainment industry, no attempt to shake me down for $3000 for one song.

Still, I am also a little careful. Don't talk in certain ways about terrorism, assassination, wacky fringe politics and religion, etc. Remember Steve Jackson Games vs. the US Secret Service, when some idiot enforcers took a game seriously and went ape.

The one time I did detect snooping was in the mid 90s, when my ISP was Prodigy. They were big on "protecting" their customers from the big bad scary Internet, and if that meant being a little nosy, well that was just the price customers were expected to live with. I was writing a complaint about the service when my modem mysteriously dropped the call. Dialed back in and surfed for a few moments to check that all was well, and saw no problems. Started my complaint again, and halfway into it, was dropped again. Tried a 3rd time with the same result. Canceled Prodigy the next day.

Re:/. Poll: Worst offenders

Who is the worst offender here (excluding "reasonable/expected" things like employers monitoring employees, parents monitoring their own kids, K-12 schools monitoring their own networks, etc.)?
* The United States government (NSA, etc.)
* The United States corporations (ISPs etc)
* China's government
* China's corporations (we'll pretend these aren't the government)
* Russia's government
* Russia's corporations (ditto)
* North Korea's government (it's all government there!)
* CowboyNeal, er, I mean Unknown Lamer**

**Notice: if you click here, well, you've been warned :)

I noticed you seemed to be doing a lot of pretending with corporations. Seems you've overlooked one.

Perhaps once you view it that way, things will become a bit more obvious.

They have a lot of spare time...

You believe that Prodigy have (or had) enough spare time to read every comment a customer posts on the internet?

Re:They have a lot of spare time...

As they post it?

Re:They have a lot of spare time...

Since 'mid 90s' was before the age of AJAX and constant communication, there is no possible way that Prodigy had any information other than 'bzipitidoo accessed the complaints page 3 minutes ago,' Only after hitting the submit button would you send anything back to the server. It is possible that there was some sort of 'auto-drop' feature if someone accessed the feedback page and then nothing else for 4 minutes, but that would be pretty odd of a policy to code. (the ranters could easily write up a 20 page rage-fest and copy-paste it into the field)

Just another reminder that even those who act tech savvy do not necessarily understand the core of what they are talking about.

Re:They have a lot of spare time...

[pla]

Since 'mid 90s' was before the age of AJAX and constant communication, there is no possible way that Prodigy had any information other than 'bzipitidoo accessed the complaints page 3 minutes ago,' Only after hitting the submit button would you send anything back to the server

Although vaguely web-esque, back in the dark days before the modern internet, online services like Prodigy didn't run in standards compliant web browsers. They used dedicated proprietary thick-clients to establish the connection and display the content to the user.

You might also think it seems a bit inefficient to do a round-trip for every single keystroke, but again, different world. When you have a modem dedicated to handling the connection, your "packet" consists of a mere ten bits per byte (assuming 8N1), and client-side buffering just means wasted bits (not) on the line.

Re:They have a lot of spare time...

At the time, they were an information system separate from the Internet.

You didn't make a post, you did a post -request-, which would not hit the Prodigy boards unless approved by someone, somewhere.

Of course, there was the entire temp file fiasco (which wasn't really Prodigy's fault... they just allocated space without clearing it) when someone found their Word document in a non-zeroed-out Prodigy file. Back then, people gave a care about privacy. These days, if someone found their Word documents in a Steam temp file, they wouldn't even care, as it was assumed VAC was scanning documents for cheaters.

Best Current Practice

[id+est]

Not "Best Common Practice".

Re:/. Poll: Worst offenders

[Bob9113]

I think your question calls for a multi-context response:

Greatest combined offensiveness and pervasiveness today: NSA, though GCHQ gets a solid nod for being more offensive and nearly as pervasive (especially if you count cooperation with NSA, but that cuts both ways).
Most pervasive today / greatest potential psy-ops threat: US corporations (Google and Facebook so far out in front that it doesn't even look like a competition)
Most offensive monitoring program today: Corporations monitoring public school students.
Most scary if I thought they posed a credible threat: North Korea
Most scary based on capability and recent offensive behavior: Russian government.
Most scary based on capability and mid-term offensive behavior: Chinese government.
Most scary based on capability and long-term offensive behavior: Russian government.

I echo your sentiment about the difficulty of separating Chinese and Russian thugs/corporations/government.

The problem lies within the centralisation

of the Internet. The big corporations collect data of everyone and everything. Its too easy for an NSA to walk in at google and demand for their data. However, if they walk into your home, and ask politely to install a monitoring application on your computer, you will probably decline. They do exactly this thing with the corporations, but let them do the dirty work of getting the data from the people. It will be much harder for the NSA and alike if they have to face a truly decentralized internet.

When you download an NSA trojan, there won't be the eagle on it. Instead it will perhaps be an angry birds logo. Or a blue box. Or a blue f. Or a blue twittering bird.

Re:/. Poll: Worst offenders

Who is the worst offender here (excluding "reasonable/expected" things like employers monitoring employees, parents monitoring their own kids, K-12 schools monitoring their own networks, etc.)?
* The United States government (NSA, etc.)
* The United States corporations (ISPs etc)
* China's government
* China's corporations (we'll pretend these aren't the government)
* Russia's government
* Russia's corporations (ditto)
* North Korea's government (it's all government there!)
* CowboyNeal, er, I mean Unknown Lamer**

**Notice: if you click here, well, you've been warned :)

So what?

So they can, maybe, possibly "mitigate" the issue for a very short time but every computer/router/device (hop) your data travels through on the internet can be, and probably is, monitored by the operator. Do you know who is operating the 5th hop or what they're doing with your data? Can you do anything about it even if you do? I'm not afraid of governments and foreigners and hackers, I'm afraid of private entities. The government and law enforcement can take care of most of your list but there is no law stopping Google, or linkdin or your ISP or any other private entity from stealing your ideas and data, in fact it is the law that if you use a business any information you give them belongs to them and is no longer considered private. I had to sign a waiver preventing my kids day care from using his image in their TV commercials for gawds sakes. No, the government(s) and hackers are not the problem and there is nothing that can be done about it. The problem is business big and small.

Attacks Cannot Be Distinguished by Motivation

[Bob9113]

From the RFC, so delicious it must be fattening:

In particular, the term "attack", used technically, implies nothing about the motivation of the actor mounting the attack. The motivation for PM can range from non-targeted nation-state surveillance, to legal but privacy-unfriendly purposes by commercial enterprises, to illegal actions by criminals. The same techniques to achieve PM can be used regardless of motivation. Thus, we cannot defend against the most nefarious actors while allowing monitoring by other actors no matter how benevolent some might consider them to be, since the actions required of the attacker are indistinguishable from other attacks. The motivation for PM is, therefore, not relevant for how PM is mitigated in IETF protocols.

Re:Attacks Cannot Be Distinguished by Motivation

[ememisya]

to legal but privacy-unfriendly purposes by commercial enterprises

How about we look at some ratios in statistics. How many people's "right to be left alone" have we violated vs. the good this has done? I bet you the number is staggeringly leaning towards violation of people's privacy and state of mind. If you want historical proof about how bothersome this might be, read about World War II Jewish survivors of Nazi Germany, and see how they rated lack of privacy in their list of uncomfortable things they were subject to. Citizen life isn't military, and I for one don't want to be monitored 24/7, it cheapens human life and discourages open and clear communication, not to mention generating paranoia and most likely causing physical harm to those with schizophrenia. Privacy-unfriendly falls a little short of describing the negatives.

Re:Attacks Cannot Be Distinguished by Motivation

If by "lack of privacy" you mean the ability to worship as they desire without ending up on a capital-L "List", I tend to think that most of them would rate that pretty highly...

Re:/. Poll: Worst offenders

Who is the worst offender here (excluding "reasonable/expected" things like employers monitoring employees, parents monitoring their own kids, K-12 schools monitoring their own networks, etc.)?
* The United States government (NSA, etc.)
* The United States corporations (ISPs etc)
* China's government
* China's corporations (we'll pretend these aren't the government)
* Russia's government
* Russia's corporations (ditto)
* North Korea's government (it's all government there!)
* CowboyNeal, er, I mean Unknown Lamer**

**Notice: if you click here, well, you've been warned :)

So what?

So they can, maybe, possibly "mitigate" the issue for a very short time but every computer/router/device (hop) your data travels through on the internet can be, and probably is, monitored by the operator. Do you know who is operating the 5th hop or what they're doing with your data? Can you do anything about it even if you do? I'm not afraid of governments and foreigners and hackers, I'm afraid of private entities. The government and law enforcement can take care of most of your list but there is no law stopping Google, or linkdin or your ISP or any other private entity from stealing your ideas and data, in fact it is the law that if you use a business any information you give them belongs to them and is no longer considered private. I had to sign a waiver preventing my kids day care from using his image in their TV commercials for gawds sakes. No, the government(s) and hackers are not the problem and there is nothing that can be done about it. The problem is business big and small.

And encryption is the solution to your entire problem here, which is the reason strong and open encryption standards and reliable software is as important as any net neutrality bill will ever be.

Broader implications?

[Zocalo]

"Monitoring" is an awfully loose term. Could this, for instance, apply to such things as the persistant port scanning (e.g. "monitoring" which ports a user has open on a given IP) and thus have implications for operations like Shodan HQ, or even the periodic scans of the entire Internet done by the likes of H.D. Moore and other companies or universities conducting research?

Not that I'd be upset about seeing all that crap removed from my log files, mind you...

Re:Broader implications?

[Warbothong]

"Monitoring" is an awfully loose term. Could this, for instance, apply to such things as the persistant port scanning (e.g. "monitoring" which ports a user has open on a given IP) and thus have implications for operations like Shodan HQ, or even the periodic scans of the entire Internet done by the likes of H.D. Moore and other companies or universities conducting research?

Research is conducted based on the data available. If stronger protocols reduce the amount of available data, research will continue with that reduced amount of data.

If some research specifically requires more data, that's OK. That's called 'performing an experiment', and there are numerous procedures which can be followed to do this. One thing they all have in common is that if they involve people, like Internet monitoring does, then it must pass an ethics board and gain consent from all of the subjects involved.

If that were the case today, there wouldn't be all of this mess playing out.

Re:Broader implications?

[mellon]

Port scanning is already covered by existing IETF security standards. Pervasive monitoring is stuff like sniffing packet headers and keeping a database of them, looking at http traffic, and also attacks like the one slashdot still hasn't protected us against where GCHQ watched for people who surfed to slashdot and sent the ones from Belgacom maliciously hacked versions of the slashdot web site so that they could take over their work computers and use them as a stepping stone into the Belgacom network, on which they then installed more passive monitoring.

its a start, in theory.

[nimbius]

Open source community: this is excellent and we welcome the opportunity to enhance common protocols like smtp and http with this new mandate.
Microsoft: we havent met an RFC we cant mangle. Exchange is so broken as to be unusable, Internet Explorer is more exploit than browser, and we hold patents on sharps and plusses for a clone of every major programming language in existence. dont expect this one to go anywhere fellas.
Google: we'll add an option in chrome that you can click to disable monitoring. Clicking this option will cause a checkmark to appear. This checkmark will make the user feel feelings, and should probably do something with google plus. its a clickable option for google plus really. buy some of our neat glasses too.
NSA: you realize Russ Housley and Brian Carpenter, both IETF former chairs, have worked with companies that rolled over when we asked for them to spy on you without telling anyone. Jari Arkko has only been around for a year, and we have enough IETF members in our pocket to keep it that way if we want. Go back to sleep, vote the two parties, and buy magnetic bumper ribbons during the next war to support what we tell you.

Re:its a start, in theory.

Where it harmed competitors, Microsoft was for privacy. Don't know whether this stayed the same with the "new" Microsoft, as they have changed attitudes in lots of points recently. But look at their "Scroogled" campaign.

They already have

There is a lot of people who do not trust some of the people in the crypto WGs. It is not about bad crypto (although there's that as well, but that's mostly NIST's fault), but the usual steps on the sabotage manual being clearly applied so that we get shit protocols.

And the weak piece of crap that is utterly useless for real security [with the currently defined algorithms and sizes] that is DNSSEC/NSEC3. And people want DANE...

Re:They already have

[SuricouRaven]

I'd have thought the NSA would very much like DNSSEC. After all, they certainly have access to the root keys. It would improve security enough to stop the typical rogue-wifi attacks, but not enough to stop state-sponsored organised attackers.

Re:They already have

[mellon]

If the NSA have access to the root keys, this is quite an achievement. The possibility has been discussed at length post-Snowdon, and based on the discussion I think it's unlikely. Unfortunately, the same can't be assumed to be true for TLD zone keys, most of which are not maintained with the same degree of paranoia as the root key.

Re:They already have

[Bengie]

Have DNS clients learn cert finger prints and freak out when they change. Not full proof, but I'm sure this concept could be refined.

Pervasive Monitoring Is The LAW

People might not like it, but it is the law and has been deemed legal, especially if it's only foreigner being monitored. So move along. Nothing to see here.

Re:Pervasive Monitoring Is The LAW

[AndrewBuck]

You may not like it, but we live in a democracy, and the law is what the people say it is. We didn't know that this was in the law we passed, and now that we do, we are making our voice heard about it, the first step in the path to changing the law.

-AndrewBuck

Re:Pervasive Monitoring Is The LAW

Actually we live in an oligarchy. Here's a recent article in case you missed the interesting discussion.

Re:Pervasive Monitoring Is The LAW

[mellon]

If by "we" you mean U.S. citizens, we live in a representative democracy which we have allowed to become oligarchic by not exercising our duty as citizens to fucking pay attention to what our representatives are doing and fucking vote them out of office when they behave badly. Obscenities included to emphasize how annoying this is to citizens who do pay attention, and do vote accordingly. It's not a fucking popularity contest, kids.

All RFCs have a "security considerations" section

[raymorris]

All RFCs are supposed to have a section covering security considerations, and there are a couple of of RFCs about that. RFC 3552 (2003), has section 3.2.1. "Confidentiality Violations", indicating that protocol authors should consider the possibility of eavesdropping. The new RFC (7258) just expands upon 3552.

It is technical rather than political in the sense that 7258 essentially says we wouldn't develop SMTP the same way again, sending everything in the clear. If we were developing a new mail protocol, we should design it to support encryption from the get-go. (Ie include RFC 3207 capabilities in the original RFC 2476). That's a technical decision, with a technical implementation.

Primitive!

[JimSadler]

A glance is all that it takes to generate an attack by some animals. To notice is to challenge seems to be the idea in play. We see the same thing in ghetto youth when the words you noticed me are the opening salvo in a fight. This extends into conflicts such as stop and frisk laws. People walking can be "noticed". Therefore those who walk are more prone to police searches and arrests. The rich are not noticed as they use cars. Drug deals in a ghetto occur on sidewalks where people are noticed. Drug deals behind mansion walls are not noticed. So what we are really up against is just how can we observe and study the actions of every person without regard to economic status, race or other factors. The worst people often are never noticed at all until the damage is in great proportions with folks like bankers and Wall Street brokers.

Re:Primitive!

[Killall+-9+Bash]

If you think the central problem with stop&frisk is that its disproportionately unfair to poor people (pedestrians), then you are clearly a thought-criminal, and I'm going to need to see your papers.

Separation of responsibilities?

Shouldn't something like this be factored out into a general tool like fail2ban, rather than baked into each protocol?

Re:Separation of responsibilities?

[mellon]

It should be considered in each protocol, because general solutions often don't address specific risks.

Re:/. Poll: Worst offenders

strong and open encryption standards

just don't use SSL.

Or anything else that might have a backdoor that's unknown for half a decade or so.

Re:The NSA will try to infiltrate

[DocSavage64109]

Hmm. This reminds me of my mom's stories about someone infiltrating the local Green's group she was a member of some 20-30 years ago.

Clarification Re:/. Poll: Worst offenders

[davidwr]

By "offensive" do you mean "going on the offense" in the military/sports sense or do you mean "I am most offended by?"

I'm guessing the latter by the first sentence came across as the former.