Slashdot Mirror
Vint Cerf on Differential Traceability on the Internet (acm.org)
Addressing the bad behaviors on the Internet, that range from social network bullying and misinformation to email spam, distributed denial of service attacks, direct cyberattacks against infrastructure, malware propagation, identity theft, and a host of other ills require a wide range of technical and legal considerations, says Vint Cerf, even as he steers clear that he supports encryption. But is there a way to bring more accountability and traceability on our actions on the internet without compromising our privacy? He has a proposition: What is of interest to me is a concept to which I was introduced at the Ditchley workshop, specifically, differential traceability. The ability to trace bad actors to bring them to justice seems to me an important goal in a civilized society. The tension with privacy protection leads to the idea that only under appropriate conditions can privacy be violated. By way of example, consider license plates on cars. They are usually arbitrary identifiers and special authority is needed to match them with the car owners (unless, of course, they are vanity plates like mine: "Cerfsup"). This is an example of differential traceability; the police department has the authority to demand ownership information from the Department of Motor Vehicles that issues the license plates. Ordinary citizens do not have this authority.
In the Internet environment there are a variety of identifiers associated with users (including corporate users). Domain names, IP addresses, email addresses, and public cryptography keys are examples among many others. Some of these identifiers are dynamic and thus ambiguous. For example, IP addresses are not always permanent and may change (for example, temporary IP addresses assigned at Wi-Fi hotspots) or may be ambiguous in the case of Network Address Translation. Information about the time of assignment and the party to whom an IP address was assigned may be needed to identify an individual user. There has been considerable debate and even a recent court case regarding requirements to register users in domain name WHOIS databases in the context of the adoption of GDPR. If we are to accomplish the simultaneous objectives of protecting privacy while apprehending those engaged in harmful or criminal behavior on the Internet, we must find some balance between conflicting but desirable outcomes.
In the Internet environment there are a variety of identifiers associated with users (including corporate users). Domain names, IP addresses, email addresses, and public cryptography keys are examples among many others. Some of these identifiers are dynamic and thus ambiguous. For example, IP addresses are not always permanent and may change (for example, temporary IP addresses assigned at Wi-Fi hotspots) or may be ambiguous in the case of Network Address Translation. Information about the time of assignment and the party to whom an IP address was assigned may be needed to identify an individual user. There has been considerable debate and even a recent court case regarding requirements to register users in domain name WHOIS databases in the context of the adoption of GDPR. If we are to accomplish the simultaneous objectives of protecting privacy while apprehending those engaged in harmful or criminal behavior on the Internet, we must find some balance between conflicting but desirable outcomes.
"Ordinary citizens do not have this authority."
Most people in my state don't know, but a person can go to the Department of Transportation, fill out a form, and get the registration info for a license plate. It used to be the requester could remain anonymous, but after a woman was stalked and, as I recall, killed, the requester information is required and confirmed with a gov issued ID. The police determined the stalker obtained her address from DoT. None of this changes Cerf's basic idea. That said, people of any political persuasion can list governments they would not trust with this power. If it is not the government that has the power, who would have it?
Vint was my VP when we both worked for UUNet back in the day. He even showed up at our Linux User's Group and talked about things. Good guy. I was disappointed he went off to Google, but then again, so did so many other people from the UUNet Ashburn campus. I went off to greener pastures after we were bought out by Verizon Business, a company I didn't want to work for.
"What is of interest to me is a concept to which I was introduced at the Ditchley workshop, specifically, differential traceability. The ability to trace bad actors to bring them to justice seems to me an important goal in a civilized society."
You can't espouse that while also evangelizing encryption/privacy, Vint. That makes you an absolute fucking cowardly hypocrite.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
I rather like the idea of someone, something, being able to reach out and touch all those people who use the internet to commit felonies. I can't do it. One of the reasons I can't is because I have pretty well given up on the idea of being able to identify who is on the other end of this weeks scam. I can't even identify what country they are in.
I like the idea of a big brother who could reach out and smite on my behalf. Problem is, I can't think of anyone who I would trust with that power. How do I keep the RIAA away from my music ? How do I keep my state from checking that I haven't bought any straws lately, or the wrong laundry detergent?
The ancient romans expressed it as "Quis custodiet ipsos custodes? " or (loosely translated) who will watch over the people who watch over you? I have no answer to this problem but do understand the desire to address it.
Good luck with this problem, Mr. Cerf, good luck.
I'm afraid that a security extension that no one bothers to use cannot be counted is irrelevant to network planning. No network I've encountered since the invention of IPv6 has activated those extensions. Most of them who've bothered with IPv6 have run it in parallel with IPv4 on their externally exposed addresses. And _none_ have discarded their IPv4 exposed NAT addresses in favor of IPv6.
Whether NAT was "an awful solution", it has been effective and remains effective. I'm afraid that the underlying logical premise of IPv6, that every device should be addressable from every other device, was undesirable and flawed from its conception. Most devices on the Internet _should not_ be accessible from most other devices, and there has been no concrete reason to make them accessible. It's why most home routers simply use NAT, as do most corporate, educational, and public wifi networks. Though it is theoretically inelegant compared to IPv6, NAT on IPv4 takes less work to set up and is thus the standard worldwide.
The internet has gotten along well so far...
Has it?
Foreign countries interfering with our democracies using fake accounts. Trolling getting to the point where people are dying e.g. swatting. Endless scams (Nigerian princes etc.), phishing...
The internet isn't some magical other dimension, it's just a part of everyday life and part of its immense power is that things that happen online have real world consequences. And that includes what bad actors get up to.
Personally I don't like this scheme because it's impractical and would give authorities far more power than car licence plates do, but the other extreme isn't much better.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Small companies get security contractors to operate their cameras, cameras that film people going into many small stores in the same area. The shops will know who you are when you enter, what your credit rating is, and whether you are suspected of anything, and none of that will be government information, and none of will require some massive db operated by big, bad FAANG, or the government. FAANG are just the first to set a pattern that smaller actors can use going forward. The benefit for most people will be decent customer service, and security more focused on bad actors. Companies will have more bang/$ on security spend, and could improve their sales. Everybody wins, which is why it will happen.
Those bleating about personal information are the 21st century version of throwing clogs. It will be too cheap, and too easy to not happen. Information wants to be free, and that includes what you look like, and where you spend your money. I'm not advocating this, it's just that the economic incentives tilt the tables that way whether we want it or not. So go ahead and call yourself rabiddog43
The companies will tag rabiddog43 as the one that drives a 2013 vw jetta diesel with license place x1z 251, his credit card number, and the name on it. The malls and shops will have footage of your car, your walk, your face if you ever visit any of them. The phone company will have all your movements throughout the day, based on cell tower telemetry. if they're google, they will have lower time resolution data from routine GPS pings. This is all information that they have as the normal course of doing their legitimate business.
You want the cell phone not to track your location? Your phone needs to talk to a nearby tower. Want 911 to work, in a car accident? what about traffic congestion data? GPS& tower data is helpful... Want people to accept your credit card? (cash will die soon, too expensive to deal with.) As soon as you attempt any commercial transaction, you are toast.
In the future, everyone you deal with knows *who you are* in the sense of having some summary of your digital history, if you are making any kind of commercial transaction, just like the small villages we lived in for tens of thousands of years. Honour and reputation will again become hugely important as it was of old, because the entire world will track how you behave. Everyone will behave well, or else.
Who needs big brother if there are a thousand little brothers? If ten or fifteen little brothers have *got it wrong* about something is that actually easier to fix than having one big brother? The real question we have is not whether we will be surveilled, it's how fragmented we want that surveillance to be, and who watches the watchers.
Laws need to evolve to deal with pervasive personal information, where it is everywhere, held by companies large and small, and understand that personal information is helpful to governments in providing services, not just policing. It's a conversation we aren't having yet, with all the privacy commissioners and luddites trying to shove the genie back into the bottle. Valiant effort. won't work.
IPv6 with RAD includes privacy extensions by default and dead easy to deploy (even easier than DHCP on a home router.) While with typical IPv4 nat, someone who wants to map your home network just has to find your subnet, then has 255 or fewer addresses to ping. In contrast, using bog standard IPv6 (the privacy extensions became standard fifteen odd years ago?), you need to search 2 billion internets worth of addresses to map each home network, which will, at least, take much longer, but really, it is practically infeasible.
The addresses used by IPv6 privacy extensions rotate more rapidly than IPv4 DHCP4, because they run multiple addresses at once. To argue that IPv4 is more privacy oriented than IPv6 is idiocy. Don't be an idiot.
As soon as we all switch to IPV6 and they stop NAT we will all be assigned our own IP address and we will all no longer be anonymous, but that day is a long way off, there are too many bits and pieces that cannot do IPV6 and that are too expensive to just switch off.
There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.