Internet Engineering Task Force Considers Making Surveillance Mitigation A Standard Part Of Its Specifications
from the o-brave-new-world dept
Snowden's revelations that key elements of the Internet have been subverted by the NSA and its allies has led people to realize that in the future we need a more thoroughgoing framework for security that assumes surveillance, and takes steps in advance to counter it. One interesting manifestation of this approach is a new "Request For Comments" document from the Internet Engineering Task Force (IETF), RFC 7528, entitled "Pervasive Monitoring Is an Attack." Here's the basic idea:
Pervasive Monitoring (PM) is widespread (and often covert) surveillance through intrusive gathering of protocol artefacts, including application content, or protocol metadata such as headers. Active or passive wiretaps and traffic analysis, (e.g., correlation, timing or measuring packet sizes), or subverting the cryptographic keys used to secure protocols can also be used as part of pervasive monitoring. PM is distinguished by being indiscriminate and very large scale, rather than by introducing new types of technical compromise.
What's key is the idea that pervasive monitoring is an attack that needs to be mitigated as a matter of course; here's what that means:
The IETF community's technical assessment is that PM is an attack on the privacy of Internet users and organisations. The IETF community has expressed strong agreement that PM is an attack that needs to be mitigated where possible, via the design of protocols that make PM significantly more expensive or infeasible. Pervasive monitoring was discussed at the technical plenary of the November 2013 IETF meeting [IETF88Plenary] and then through extensive exchanges on IETF mailing lists. This document records the IETF community's consensus and establishes the technical nature of PM.Those developing IETF specifications need to be able to describe how they have considered PM, and, if the attack is relevant to the work to be published, be able to justify related design decisions. This does not mean a new "pervasive monitoring considerations" section is needed in IETF documentation. It means that, if asked, there needs to be a good answer to the question "Is pervasive monitoring relevant to this work and if so, how has it been considered?"
As that shows, this is a high-level technical specification; it's not about how to mitigate pervasive monitoring, but about the fact that Internet engineers should always think about how to mitigate such surveillance when they are drawing up IETF specifications. It's great that the IETF is starting to work along these lines, even if it is a rather melancholy acknowledgement that we now live in a world where the default assumption has to be that someone, somewhere, is trying to monitor on a massive scale what people are doing.
In particular, architectural decisions, including which existing technology is reused, may significantly impact the vulnerability of a protocol to PM. Those developing IETF specifications therefore need to consider mitigating PM when making architectural decisions.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: attacks, ietf, infrastructure, security, surveillance
Reader Comments
Subscribe: RSS
View by: Time | Thread
You have been identified, and scheduled for termination.
Thank you for your, soon to be unnecessary, participation in this "National Debate".
[ link to this | view in chronology ]
PSA
Maybe the networks will donate airtime for the Public Service Announcements. There will be an address in Washington, to write for an informative brochure. It's your civic duty!
[ link to this | view in chronology ]
And in other news...
[ link to this | view in chronology ]
Re: And in other news...
http://www.ietf.org/mail-archive/web/cfrg/current/msg03554.html
[ link to this | view in chronology ]
Re: Re: And in other news...
Jeesh, at least the other company got 10 million in exchange for destroying their credibility, these guys did it for free...
[ link to this | view in chronology ]
Re: And in other news...
[ link to this | view in chronology ]
Why is this not simply a core goal? If the can do it so can Joe Sixpack. Privacy shouldn't be an addendum to widely used communication technologies.
[ link to this | view in chronology ]
http://arstechnica.com/security/2014/01/nsa-employee-will-continue-to-co-chair-influential-crypto-st andards-group/
[ link to this | view in chronology ]
Comments
Wake up!
And why are we not running HTTPS for this site???
Double wake up!
[ link to this | view in chronology ]
Re: Comments
HTTPS is working fine for me.
[ link to this | view in chronology ]
Re: Re: Comments
[ link to this | view in chronology ]
Re: Comments
What?
* Looks at the address bar *
https://www.techdirt.com/blahblahblah
Maybe try using EFF's HTTPS Everywhere?
[ link to this | view in chronology ]
[ link to this | view in chronology ]