> On 8 Nov 2017, at 10:20, Ted Lemon <mellon@xxxxxxxxx> wrote: > > Making the packets on the wire unprotected in order to foil corporate data gathering doesn't help, though. I agree that this is a problem, but the solution has to be secure. Agree completely. If I had a *solution* for this that I thought would work, I'd be proposing it. I'm simply raising the point that there's a tradeoff that the current discussions around the applicability and role of encryption in our protocols seem to me to be obscuring, and a threat model we're not paying adequate attention to. Cheers, Brian > On Nov 8, 2017 10:17, "Brian Trammell (IETF)" <ietf@xxxxxxxxxxx> wrote: > hi Stephen, Lee, > > > On 7 Nov 2017, at 21:23, Stephen Farrell <stephen.farrell@xxxxxxxxx> wrote: > > > > > > Hi Lee, > > > > On 07/11/17 19:06, Lee Howard wrote: > >> You have no right to “intimate privacy†at work on your company-owned > >> computer on the company network on company time. > > > > First, I don't think there's any need to (nor liklihood of) > > reaching consensus as to the above. FWIW, I don't agree > > with you, and nor would various court judgements in some > > places in the world. I fully accept that your position is > > one shared by a bunch of folks though. > > Yeah, (IANAL but) ISTM surveillance on corporate networks is a pretty well settled point of disagreement between US and EU legal precedent, which is a tiny little branch of a great big fork in the way each jurisdiction approaches labor law and labor relations, and is at his point probably just one of those things organizations doing business on both sides of the pond have to tolerate. Know you rights and responsibilities in the jurisdictions in which you operate, same as it ever was... > > > But in any case, there are many other forms of corporate > > surveillance (e.g. kid's toys calling home to the manuf > > for dodgy reasons) so I hope you'd agree that we don't > > have to have 100% agreement about all of that to agree > > that surveillance is not an issue that always involves a > > government actor. > > This is something we *absolutely* need to engage with as a community. There's a very clear line between "I have copies of emails you send and receive on the corporate account" and "there's a camera in your bedroom sharing on-demand video with our marketing affiliates", and we can discuss how bad the second is without ratholing on the first. > > Indeed, I've been disappointed and perplexed that so much of the rhetoric around encryption post-Snowden (as epitomized by 7258) has focused exclusively on a nation-state or co-opted/evil large-network-operator attacker model, which is certainly a point of concern but not really where the biggest threat to collective privacy lies these days. I'm concerned that in our drive to Encrypt All The Things, absolutely the correct response when your only concern is a nation-state on the wire, we risk making it difficult to understand and defend against (what I'll call) the corporate-data-hording attacker model. To date, most of the evil toys phoning home and other such nastiness that I've heard of has been discoverable in part because said evil toys were using circumventable, crap, or no crypto. > > If we do our job well against attackers on the wire, we make the job of those "attackers" on the wire whose goal it is to discover and document corporate-data-hoarding attacks more difficult. In a world where all client endpoints are using exclusively signed binaries on locked down systems with pinned certificates, it could become practically impossible. > > But that's probably a different thread on a different mailing list, and I'm not sure how to (or whether it's a good idea to) phrase that at ISOC mission statement level. > > Cheers, > > Brian
Attachment:
signature.asc
Description: Message signed with OpenPGP