The UK is now going after the editors of the Guardian. I wrote the following in response to Marty Hiller's post that links to a petition about that:
I'm going to be very grouchy and extremely worried (more so than I am now) unless a lot of senior people go to jail for significant time. It's not as though this was not deliberate policy. "Ignorance of the law is no excuse" and it's not as if people were ignorant. Reimplementing the Internet from scratch isn't going to be easy, but it's a simple technical problem. Simple fully open modern best practices would fix almost everything. But I'm not spending effort there. That solution stands or falls on getting "Grandma Sally" and the teens and tweens to use it. That's the real problem. That and the fact that the telcos will spend billions to fight being put back into their box of providing only packet-forwarding. I wouldn't even let them see routing information. There's no reason that can't be encrypted with the public key of a trusted, auditable DNS/routing service. This is going to be extremely ugly because the telcos will buy law as they usually do. And, no system is idiot-proof and disinformation about how to be secure will weaken almost anything I can think up.
-----
Writing for a different audience, I should strengthen that and explain myself a bit further. The NSA knows where every single cell phone in the world is, all the time, unless they are switched off. I wouldn't trust the off switch, if I were you. So, the NSA knows who your political associates are. Any information that's available to the government is available for abuse. Remember J. Edgar Hoover's little hobby of helping out presidents he liked?
I imply in the above that I'd accept simple encryption of packet headers (the internet is a packet network, information travels in packets and the packet routing header is like the address on a letter that you send via the Post Office). When I say encryption I'm talking about negotiated dynamically switched pluggable ciphers with keys that are secure against being broken for the foreseeable future. I'm talking about chaffing and winnowing on top of that and using all the obsolete fields in the headers in arcane ways. (I've done this.) I'm not sure if foreseeable should include Turing-complete (fully functional) quantum computers. It would be good if we could stay ahead of those things. They are still looking almost impossible to build, but some day the NSA will spend enough billions, and the week after that there'll be cheap counterfeit-but-working chips for sale on the street in Shanghai. Praying that that won't happen isn't going to do much good if it is physically achievable. Look at the books by David Deutsch for a glimpse of what physicists think is possible. "The Fabric of Reality" is a good place to start. Deutsch is a physicist at Oxford. He's not a New Age guy.
I got an offer a couple of weeks ago to be the CTO of a firm that intends to "make the internet safe." They've got a pile of academic research that they assume you'll be impressed by. It doesn't matter for one second what their technology is. It relies on getting "Aunt Sally", her friends, and all the teens and tweens of the world to drop the real Facebook and Twitter and G+ and SoundCloud, to go with their replacements in something like an opt-in web-of-trust world. Okay, so none of their friends is there....it's SAFE isn't it? Just how safe was your behavior when you were a teen? Besides, that web-of-trust world will last just as long as it takes someone's idiot uncle to add "that annoying guy at the office" to his trusted circles just to shut the guy up.
If we fix the obvious problem with the NSA tapping everything all time in the only way that will really work, most of the big telephone and networking and cablevision companies are going to die. If they can't see what you're watching, they don't have any information to sell. Solutions that involve trusting the government to clean house and remain clean-and-sober, are absurd. The only thing that can possibly work is an infrastructure that's inherently secure. We can do that. I know smart people who are working on the technical side right now.
Having a free, perfect, solution won't work. Aunt Sally needs to prefer that solution and go cold-turkey on Facebook.
The best infrastructure imaginable will still allow your child to give his address or phone number (maybe via evading pattern-matchers) to a predator in a chat room. That's why Eli Yudkowsky thinks we have to create trustworthy godlike artificial intelligences). I'm almost more afraid of that solution than I am of the alternative that he's afraid of.
This next decade is going to be interesting, in the traditional Chinese sense of "interesting."
No comments:
Post a Comment