Dear Hadmut,
thank you for this mail. Comment interspread.
At 15:03 14/12/2005, Hadmut Danisch wrote:
How security could benefit from high volume spam
The parliament of the European Union today has passed a law that
electronical call detail records, such as phone numbers, e-mail addresses,
web accesses of all 450 million EU citizens are to be recorded and
stored for 6 to 24 months. So everyone will be subject of
complete surveillance of telecommunication. No place to hide.
The main issue is not so much the record, but who records, and who
has access to records and how. See below.
The given reasons are the need to investigate and prosecute terrorism
and severe crime. But there is no evidence that this law
actually has this effect, and that it is worth to sacrifice democracy
and civil rights. Our constitution protects the right to communicate
confidentially, for all citizens, and especially for lawyers,
journalists, priests, etc. So terrorists finally begin to
succeed in destructing our european, modern, democratic, and free way
of life and civil rights. It is ridiculous that the modern world has
not been attacked by a large army, but by just about 30-40 people with
knives and a few bombs. The attack is not the primary attack
itself. The main attack is to provocate overextended counter
measures. Technically spoken, a denial-of-civil-rights-attack. And the
EU proved to be vulnerable to this kind of attack. A patch is not
available yet.
This is entirely true. But there are alliances. The true terrorism is
the one you quote below. Because it is simpler in many cases (we
documented this in France during the last months due to the DADVSI
law we are to vote [DMCA equivalent]) to use this information for IPR
reasons than for Defense reasons.
Another threat to privacy and civil rights is the intellectual
property industry. We have seen Sony attacking and sabotaging private
computers, revealing private data, taking secretly control over
people's communication and working equipment. We have seen a mother of
five been sued into bankruptcy in the USA just for listening to music.
This is perverse. We currently see governments considering to outlaw
open source software or any kind of data processing or communication
device without a digital rights management. There are good reasons to
assume, that the European Union's collection of all telecommunication
details will be abused to allow the intellectual property industry to
completely track every communication. Just having received any e-mail
from someone who had illegally downloaded music could be enough to have
your home searched, your computer confiscated, and find yourself sued
or prosecuted.
The technical problem here is that the US DMCA is not so "good". So
they went to Europe. And each time a new European country votes the
local DMCA treaty application, the law is worse. We are to rush it in
France under Brussels penalty. We are globally opposed, so we delayed
and are unprepared. This will lead to a vary bad law (publicity of
formats can be illegal -> you can go to jail for 30 years to have
pubished the HTML format if the Judge does not understand).
The target is then to come back in the USA and tell: look at what
these French did: do you really want the French to be the best? To
influence the Congress, etc.
The art and science of communication security will have to realign and
focus on new goals. When designing telecommunication protocols we have
to take much more care about what communication could reveal about the
communication parties and the contents. It is not enough to just put
some kind of simple encryption on a message body. We need to protect
against traffic analysis, in particular the one without democratic
legitimation.
This is why I oppose RFC 3066 bis which immensely simplify language
filtering (the WG-ltru is working on that and banned me for still a
few days for ... BTW I do not even recall why this time :-)) It will
permit mass Google based cultural, racial, religious profiling ... or
censoring.
What does that mean?
When designing a protocol we should take more care than we did to
describe its vulnerability for and resistance against traffic
analysis. Not just whether the contents are encrypted, but what an
eavesdropper can tell about the communicating parties. We need to
incorporate techniques like oblivious transfer and traffic hiding.
You describe the danger of what I call "meta-spam", using the
protocol data to send people data - they will most probably reply to
without knowing it - which will permit to profile them.
An important component of such protection methods is noise. Plenty of
noise. Something to hide in, to cover, to overload recording of call
details. We should think about and research how to produce noise.
YES!
Chaff is a basic military solution.
We already have some noise. Its called spam.
Some of you might know that I am one of the early days fighters
against spam. I tried to eliminate as much spam as possible.
But now, there could be a positive aspect about spam, virus mails, and
other mass mails. Maybe it could become an advantage to receive a
million mails per day from any senders. Maybe that is what is needed
to hide my personal e-mails. Maybe that's the answer I have to give
when someone blames me to have received e-mail from the wrong person:
"I have no idea what you are talking about. I received about 150,000
virus and spam e-mails that day from arbitrary addresses, and didn't
read a single one of them. I have just deleted them." When designing
measures against spam, we should take this into consideration.
YES.
But you have to organise yourself in changing (transition is simple)
the way we use mail. To use send and retrieve. To permit increasing
noise, but reducing traffic. You also have to build you own secure
stronghold: your calls are not submitted by you but through an
anonymizer. Without losing control. You want to "chaff" yourself,
sending thousand of decoy mails to yourself from random mutual
security friends.
BTW I suppose that this is the solution to mobiles. By nature calling
a mobile ask for it to be localized and everything about it to be
known. Is that what we really want?
Maybe in near future the advantages of that noise produced by millions
of bots will outweigh the disadvantages?
Spam is an architectural disease. Noise is a natural component
permitting to transmit data over broad band. Digital Warfare is an
interesting issue, quite limited by the current Internet
architecture. May be not for the IETF?
jfc
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf