On Wed, Oct 11, 2017 at 9:19 AM, Christian Huitema <huitema@xxxxxxxxxxx> wrote:
On 10/11/2017 9:11 AM, Robert Moskowitz wrote:
On 10/11/2017 11:20 AM, Stephen Farrell wrote:
On 11/10/17 16:12, Robert Moskowitz wrote:
And interesting that it seems there have been no major breachs of thingshttps://www.theguardian.com/us
like SIM databases but ones with extensive PII have.
-news/2015/feb/19/nsa-gchq-sim -card-billions-cellphones-hack ing
Admittedly quite a sophisticated attacker.
Well, that is a horse of a different color.
Don't forget that what the spooks can do today, the gangsters will do tomorrow, and the high school kids not so long after that...
If we (community of IETF) decide no work should be done unless we have an absolute fool-proof system against insider attacks (which I do not believe we have an answer to that) or correlation by transitivity to humans then I would like to have some clarifications.
The need for privacy is a given and no one is disputing that but where I struggle is in what context?
(1) Discovery vs tracking
What is considered discovery and what is considered tracking?
If you can discover then you can track? So the only way is to access control the discovery and this is what this proposal is about!
(2) Type of data, transitivity to human
What type of data are we talking about here? Do we believe that having careful applications where encrypted sensitive data are not colocated with location information so that attacks will require multi-level attacks on multiple systems and cross-referencing a deterrent and good enough? If on top of that we have sensitive information (human) encrypted database with one way communications and changing identifiers etc etc as discussed.... is that a good start or not even close?
(3) Tracking as a business model
How about companies specialized with services of tracking and discovering things?
Pet tracking ? How about the truck driver with assisted driving? Asset tracking as in bikes where people swipe a wireless card? How would this business model even work if they cannot recover their assets because we can track a person through transitivity?
(4) Tracking who and by whom
More concerning to me is that privacy is tricky, depending on the perspective...
We want to protect the "good" guys but isn't that also enabling the privacy of the "bad" guys?
Should the individual behind mirai bonnet attacks or gansters be entitled to privacy and non tracking?
(5) Tracking is all evil?
BUT then there is this annoying question that comes back to my mind .. do we EVER consider that human tracking is needed or beneficial?
What about disaster recovery scenarios or emergency services or people who willingly want to participate in such a service?
For example with an aging population, assisted living with monitoring health devices is a trend in the industry. These devices can be mobile. Not everyone can afford a caregiver full time ... So is it just going to be "no sorry ma'am someone may use this technology to do bad things with it?" It might be a matter of life and death to be able to track a person.
The truth is that these services exist today outside of IETF technology and people are willingly subscribing to it because their priorities are different.
While I completely agree we should be careful in what we do.
Disclaimer trying to clarify how/where ideas is situated in all that?
1. It was not aimed for a wide scale deployed on the internet but it may be large enterprises.
2. It had no human info but it has been inferred this may be possible through transitivity
3. It has changing identifiers
So we need protection - again no one disputes that ... if we have better technology let's integrate it.
Let's not through the baby with the bathwater ...
Padma
-- Christian Huitema