The US government has betrayed the Internet. We need to take it back
http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying The US government has betrayed the Internet. We need to take it back The NSA has undermined a fundamental social contract. We engineers built the Internet – and now we have to fix it Bruce Schneier The Guardian, Thursday 5 September 2013 20.04 BST Internet business cables in California. 'Dismantling the surveillance state won't be easy. But whatever happens, we're going to be breaking new ground.' Photograph: Bob Sacha/Corbis Government and industry have betrayed the Internet, and us. By subverting the Internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our Internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical Internet stewards. This is not the Internet the world needs, or the Internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do. One, we should expose. If you do not have a security clearance, and if you have not received a National Security Letter, you are not bound by a federal confidentially requirements or a gag order. If you have been contacted by the NSA to subvert a product or protocol, you need to come forward with your story. Your employer obligations don't cover illegal or unethical activity. If you work with classified data and are truly brave, expose what you know. We need whistleblowers. We need to know how exactly how the NSA and other agencies are subverting routers, switches, the Internet backbone, encryption technologies and cloud systems. I already have five stories from people like you, and I've just started collecting. I want 50. There's safety in numbers, and this form of civil disobedience is the moral thing to do. Two, we can design. We need to figure out how to re-engineer the Internet to prevent this kind of wholesale spying. We need new techniques to prevent communications intermediaries from leaking private information. We can make surveillance expensive again. In particular, we need open protocols, open implementations, open systems – these will be harder for the NSA to subvert. The Internet Engineering Task Force, the group that defines the standards that make the Internet run, has a meeting planned for early November in Vancouver. This group needs to dedicate its next meeting to this task. This is an emergency, and demands an emergency response. Three, we can influence governance. I have resisted saying this up to now, and I am saddened to say it, but the US has proved to be an unethical steward of the Internet. The UK is no better. The NSA's actions are legitimizing the Internet abuses by China, Russia, Iran and others. We need to figure out new means of Internet governance, ones that makes it harder for powerful tech countries to monitor everything. For example, we need to demand transparency, oversight, and accountability from our governments and corporations. Unfortunately, this is going play directly into the hands of totalitarian governments that want to control their country's Internet for even more extreme forms of surveillance. We need to figure out how to prevent that, too. We need to avoid the mistakes of the International Telecommunications Union, which has become a forum to legitimize bad government behavior, and create truly international governance that can't be dominated or abused by any one country. Generations from now, when people look back on these early decades of the Internet, I hope they will not be disappointed in us. We can ensure that they don't only if each of us makes this a priority, and engages in the debate. We have a moral duty to do this, and we have no time to lose. Dismantling the surveillance state won't be easy. Has any country that engaged in mass surveillance of its own citizens voluntarily given up that capability? Has any mass surveillance country avoided becoming totalitarian? Whatever happens, we're going to be breaking new ground. Again, the politics of this is a bigger task than the engineering, but the engineering is critical. We need to demand that real technologists be involved in any key government decision making on these issues. We've had enough of lawyers and politicians not fully understanding technology; we need technologists at the table when we build tech policy. To the engineers, I say this: we built the Internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it. • Bruce Schneier writes about security, technology, and people. His latest book is Liars and Outliers: Enabling the
Re: The US government has betrayed the Internet. We need to take it back
Eugen Leitl eu...@leitl.org wrote: We engineers built the Internet – and now we have to fix it Nonsense. This is not a technical issue, it's a socio-political issue. It’s both naive distracting to try solve this set of problems with code and/or silicon, when it must in fact be addressed within the civic arena. There are no purely technical solutions to social ills. Schneier of all people should know this. --- Roland Dobbins rdobb...@arbor.net
Re: The US government has betrayed the Internet. We need to take it back
We engineers built the Internet – and now we have to fix it There are no purely technical solutions to social ills. no. there are many issues in many arenas. but we are responsible for cleaning up our side of the street. randy
Re: The US government has betrayed the Internet. We need to take it back
I believe you are correct, whatever technical hurdles we put in place will be overcome by policy. As long as you can legally require me to make my network intercept able for lawful purposes and are able to prevent me from explaining these purposes to my users any security that I would put in place is effectively neutered. I give up trying to resist, I am now firmly in the tin foil hat club. Sam On 2013-09-06 05:57, Roland Dobbins wrote: Eugen Leitl eu...@leitl.org wrote: We engineers built the Internet – and now we have to fix it Nonsense. This is not a technical issue, it's a socio-political issue. It’s both naive distracting to try solve this set of problems with code and/or silicon, when it must in fact be addressed within the civic arena. There are no purely technical solutions to social ills. Schneier of all people should know this. --- Roland Dobbins rdobb...@arbor.net
Re: The US government has betrayed the Internet. We need to take it back
That and ignoring it will only continue to affect the code/silicon arena. Social problems are always affected by who throws the biggest fit. On Fri, Sep 6, 2013 at 4:18 AM, Randy Bush ra...@psg.com wrote: We engineers built the Internet – and now we have to fix it There are no purely technical solutions to social ills. no. there are many issues in many arenas. but we are responsible for cleaning up our side of the street. randy -- Bryan Tong Nullivex LLC | eSited LLC (507) 298-1624
Re: The US government has betrayed the Internet. We need to take it back
Who's going to pay for the cleanup? The same people who are/were paid to create the mess? Clearly many of the tin foil hat theories are now becoming common place. I really don't know if there is any way out of this stateside, it's legislated. On 9/6/13 3:18 AM, Randy Bush ra...@psg.com wrote: We engineers built the Internet and now we have to fix it There are no purely technical solutions to social ills. no. there are many issues in many arenas. but we are responsible for cleaning up our side of the street. randy
Re: The US government has betrayed the Internet. We need to take it back
On 9/6/2013 5:23 AM, Bryan Tong wrote: That and ignoring it will only continue to affect the code/silicon arena. Social problems are always affected by who throws the biggest fit. On Fri, Sep 6, 2013 at 4:18 AM, Randy Bush ra...@psg.com wrote: We engineers built the Internet – and now we have to fix it There are no purely technical solutions to social ills. no. there are many issues in many arenas. but we are responsible for cleaning up our side of the street. We need to think bigger than whatever it takes to get along to the end of the quarter: -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)
Re: The US government has betrayed the Internet. We need to take it back
On 2013-09-06 05:57, Roland Dobbins wrote: There are no purely technical solutions to social ills. Schneier of all people should know this. Schneier does know this, and explicitly said this. -jsq http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying Three, we can influence governance. I have resisted saying this up to now, and I am saddened to say it, but the US has proved to be an unethical steward of the internet. The UK is no better. The NSA's actions are legitimizing the internet abuses by China, Russia, Iran and others. We need to figure out new means of internet governance, ones that makes it harder for powerful tech countries to monitor everything. For example, we need to demand transparency, oversight, and accountability from our governments and corporations. Unfortunately, this is going play directly into the hands of totalitarian governments that want to control their country's internet for even more extreme forms of surveillance. We need to figure out how to prevent that, too. We need to avoid the mistakes of the International Telecommunications Union, which has become a forum to legitimize bad government behavior, and create truly international governance that can't be dominated or abused by any one country. Generations from now, when people look back on these early decades of the internet, I hope they will not be disappointed in us. We can ensure that they don't only if each of us makes this a priority, and engages in the debate. We have a moral duty to do this, and we have no time to lose. Dismantling the surveillance state won't be easy. Has any country that engaged in mass surveillance of its own citizens voluntarily given up that capability? Has any mass surveillance country avoided becoming totalitarian? Whatever happens, we're going to be breaking new ground. Again, the politics of this is a bigger task than the engineering, but the engineering is critical. We need to demand that real technologists be involved in any key government decision making on these issues. We've had enough of lawyers and politicians not fully understanding technology; we need technologists at the table when we build tech policy. To the engineers, I say this: we built the internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it.
Re: The US government has betrayed the Internet. We need to take it back
True I shot from the hip, he does address the concerns later. I'm used to implementing technologies to solve security problems. It's just damn frustrating to have your hands tied in such a way that you can not and that's the position that I see myself and most other network ops in. Our customers decided at the ballot box that they didn't want protection and it was acceptable to entrust their privacy to the system. They seem to forget that decision when they ask if they are vulnerable to this type of intercept and what they can do about it. The answer is not much because I will not and can not break the law, it's unethical and wrong. I will encourage people to seek to change the laws to encourage true end to end security but the odds of that happening are near 0. Sam On 2013-09-06 06:47, John S. Quarterman wrote: On 2013-09-06 05:57, Roland Dobbins wrote: There are no purely technical solutions to social ills. Schneier of all people should know this. Schneier does know this, and explicitly said this. -jsq http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying Three, we can influence governance. I have resisted saying this up to now, and I am saddened to say it, but the US has proved to be an unethical steward of the internet. The UK is no better. The NSA's actions are legitimizing the internet abuses by China, Russia, Iran and others. We need to figure out new means of internet governance, ones that makes it harder for powerful tech countries to monitor everything. For example, we need to demand transparency, oversight, and accountability from our governments and corporations. Unfortunately, this is going play directly into the hands of totalitarian governments that want to control their country's internet for even more extreme forms of surveillance. We need to figure out how to prevent that, too. We need to avoid the mistakes of the International Telecommunications Union, which has become a forum to legitimize bad government behavior, and create truly international governance that can't be dominated or abused by any one country. Generations from now, when people look back on these early decades of the internet, I hope they will not be disappointed in us. We can ensure that they don't only if each of us makes this a priority, and engages in the debate. We have a moral duty to do this, and we have no time to lose. Dismantling the surveillance state won't be easy. Has any country that engaged in mass surveillance of its own citizens voluntarily given up that capability? Has any mass surveillance country avoided becoming totalitarian? Whatever happens, we're going to be breaking new ground. Again, the politics of this is a bigger task than the engineering, but the engineering is critical. We need to demand that real technologists be involved in any key government decision making on these issues. We've had enough of lawyers and politicians not fully understanding technology; we need technologists at the table when we build tech policy. To the engineers, I say this: we built the internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it.
Re: The US government has betrayed the Internet. We need to take it back
True I shot from the hip, he does address the concerns later. It happens. I'm used to implementing technologies to solve security problems. It's just damn frustrating to have your hands tied in such a way that you can not and that's the position that I see myself and most other network ops in. Maybe NSA has provided a marketing opportunity to get the public to demand real security. Our customers decided at the ballot box that they didn't want protection and it was acceptable to entrust their privacy to the system. They seem to forget that decision when they ask if they are vulnerable to this type of intercept and what they can do about it. The answer is not much because I will not and can not break the law, it's unethical and wrong. I will encourage people to seek to change the laws to encourage true end to end security but the odds of that happening are near 0. If everybody refuses to try, the odds are indeed zero. So maybe we should try. Sam -jsq On 2013-09-06 06:47, John S. Quarterman wrote: On 2013-09-06 05:57, Roland Dobbins wrote: There are no purely technical solutions to social ills. Schneier of all people should know this. Schneier does know this, and explicitly said this. -jsq http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-in ternet-nsa-spying Three, we can influence governance. I have resisted saying this up to now, and I am saddened to say it, but the US has proved to be an unethical steward of the internet. The UK is no better. The NSA's actions are legitimizing the internet abuses by China, Russia, Iran and others. We need to figure out new means of internet governance, ones that makes it harder for powerful tech countries to monitor everything. For example, we need to demand transparency, oversight, and accountability from our governments and corporations. Unfortunately, this is going play directly into the hands of totalitarian governments that want to control their country's internet for even more extreme forms of surveillance. We need to figure out how to prevent that, too. We need to avoid the mistakes of the International Telecommunications Union, which has become a forum to legitimize bad government behavior, and create truly international governance that can't be dominated or abused by any one country. Generations from now, when people look back on these early decades of the internet, I hope they will not be disappointed in us. We can ensure that they don't only if each of us makes this a priority, and engages in the debate. We have a moral duty to do this, and we have no time to lose. Dismantling the surveillance state won't be easy. Has any country that engaged in mass surveillance of its own citizens voluntarily given up that capability? Has any mass surveillance country avoided becoming totalitarian? Whatever happens, we're going to be breaking new ground. Again, the politics of this is a bigger task than the engineering, but the engineering is critical. We need to demand that real technologists be involved in any key government decision making on these issues. We've had enough of lawyers and politicians not fully understanding technology; we need technologists at the table when we build tech policy. To the engineers, I say this: we built the internet, and some of us have helped to subvert it. Now, those of us who love liberty have to fix it.
Re: The US government has betrayed the Internet. We need to take it back
http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying The US government has betrayed the Internet. We need to take it back Who is we ? -J
Re: The US government has betrayed the Internet. We need to take it back
On Fri, 6 Sep 2013 07:46:59 -0500 Jorge Amodio jmamo...@gmail.com wrote: http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. -J -- John PGP Public Key: 412934AC
RE: The US government has betrayed the Internet. We need to take it back
From: Sam Moats [mailto:s...@circlenet.us] I give up trying to resist, I am now firmly in the tin foil hat club. And therein lies the problem.
Re: The US government has betrayed the Internet. We need to take it back
The answer is not much because I will not and can not break the law, it's unethical and wrong. I invite you to consider the concept of civil disobedience--where the law is unethical or wrong it can be argued that it's also unethical and wrong to FOLLOW the law. I haven't yet been placed in a position, and I doubt I will given the arc of my career, where I would have to make the choice between enabling this kind of surveillance quietly or blowing the whistle on it. I hope, as I imagine most of us do, that I'd choose to do the right thing (and correctly determine which option is right, which is probably the real trick). -- Josh Sholes
Re: The US government has betrayed the Internet. We need to take it back
On 6 September 2013 11:37, Eugen Leitl eu...@leitl.org wrote: http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying The US government has betrayed the Internet. We need to take it back Its like you have to abandon USA based encryptation systems that are closed source. But I dunno, maybe open source solutions can have problems. http://xkcd.com/221/ http://en.wikinews.org/wiki/Predictable_random_number_generator_discovered_in_the_Debian_version_of_OpenSSL I think the encryptation world will think about this, and will recommend a group of products (like PGP) that are almost sure safe. The NSA can spy on underwater internet cables, but they can't abolish Math. If you have a encryptation system that is not backdoored and is cryptographically strong enough the NSA or anyone will have a hard time to uncover your secrets. -- -- ℱin del ℳensaje.
Re: The US government has betrayed the Internet. We need to take it back
The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I read all of it, the original article and other references to it. IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. By trying to fix what is perceived an engineering issue (seems that China doing the same or worse for many years wasn't an engineering problem) the only result you will obtain is a budget increase on the counter-engineering efforts, that may represent a big chunk of money that can be used in more effective ways where it is really needed. My .02 -J
RE: The US government has betrayed the Internet. We need to take it back
The error in this whole conversation is that you cannot take it back as an engineer. You do not own it. You are like an architect or carpenter and are no more responsible for how it is used than the architect is responsible that the building he designed is being used as a crack house. Do Ford engineers have a social contract to ensure that I do not run over squirrels with my Explorer, will they take it back if I do so? The whole social contract argument is ridiculous. You have a contract (or most likely an at will agreement) with your employer to build what they want and operate it in the way that they want you to. If it is against your ethics to do so, quit. The companies that own the network have a fiduciary responsibility to their investors and a responsibility to serve their customers. If anyone is really that bent out of shape by the NSA tactics (and I am not so sure they are given the lack of political backlash) here is what you can do. In the United States there are two main centers of power that can affect these policies, the consumer and the voter. 1. We vote in a new executive branch every four years. They control and appoint the NSA director. Vote them out if you don't like how they run things. Do you think a President wants to maintain power? Of course they do and they will change a policy that will get them tossed out (if enough people actually care). 2. The Congress passes the laws that govern telecom and intelligence gathering. They also have the power to impeach and/or prosecute the executive branch for misdeeds. They will pass any law or do whatever it takes to keep themselves in power. Again this requires a lot of public pressure. 3. The companies that are consenting to monitoring (legal or illegal) are stuck between two powers. The federal government's power to regulate them and the investors / consumers they serve. Apparently they are more scared of the government even though the consumer can put them out of business overnight by simply not using their product any more. If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. If a social contract exists at all in the United States, it would be to hold your government and the companies you do business with to your ethical standards. Another things to remember is that the NSA engineers were probably acting under their social contract to defend the United States from whatever enemies they are trying to monitor and also felt they were doing the right thing. The problem with social contracts is that they are relative. As far as other countries are concerned, you can affect their policies as well. US carriers are peered with and provide transit to Chinese companies. If the whole world is that outraged with what they do, they just need to pressure the companies they do business with not to do business with China. Steven Naslund Chicago IL -Original Message- From: Jorge Amodio [mailto:jmamo...@gmail.com] Sent: Friday, September 06, 2013 8:51 AM To: NANOG Subject: Re: The US government has betrayed the Internet. We need to take it back The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I read all of it, the original article and other references to it. IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. By trying to fix what is perceived an engineering issue (seems that China doing the same or worse for many years wasn't an engineering problem) the only result you will obtain is a budget increase on the counter-engineering efforts, that may represent a big chunk of money that can be used in more effective ways where it is really needed. My .02 -J
Re: The US government has betrayed the Internet. We need to take it back
On Fri, 06 Sep 2013 10:24:26 -, Warren Bailey said: Who's going to pay for the cleanup? The same people who are/were paid to create the mess? Clearly many of the tin foil hat theories are now becoming common place. I really don't know if there is any way out of this stateside, it's legislated. There's no legislation that says you're not allowed to enable OpenSSL perfect forward secrecy on your website, and fix the layout so HTTPS Everywhere is able to work on it. pgpVaZgEhiR9r.pgp Description: PGP signature
RE: The US government has betrayed the Internet. We need to take it back
+1 I couldn't have said it any better. Sam On 2013-09-06 10:27, Naslund, Steve wrote: The error in this whole conversation is that you cannot take it back as an engineer. You do not own it. You are like an architect or carpenter and are no more responsible for how it is used than the architect is responsible that the building he designed is being used as a crack house. Do Ford engineers have a social contract to ensure that I do not run over squirrels with my Explorer, will they take it back if I do so? The whole social contract argument is ridiculous. You have a contract (or most likely an at will agreement) with your employer to build what they want and operate it in the way that they want you to. If it is against your ethics to do so, quit. The companies that own the network have a fiduciary responsibility to their investors and a responsibility to serve their customers. If anyone is really that bent out of shape by the NSA tactics (and I am not so sure they are given the lack of political backlash) here is what you can do. In the United States there are two main centers of power that can affect these policies, the consumer and the voter. 1. We vote in a new executive branch every four years. They control and appoint the NSA director. Vote them out if you don't like how they run things. Do you think a President wants to maintain power? Of course they do and they will change a policy that will get them tossed out (if enough people actually care). 2. The Congress passes the laws that govern telecom and intelligence gathering. They also have the power to impeach and/or prosecute the executive branch for misdeeds. They will pass any law or do whatever it takes to keep themselves in power. Again this requires a lot of public pressure. 3. The companies that are consenting to monitoring (legal or illegal) are stuck between two powers. The federal government's power to regulate them and the investors / consumers they serve. Apparently they are more scared of the government even though the consumer can put them out of business overnight by simply not using their product any more. If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. If a social contract exists at all in the United States, it would be to hold your government and the companies you do business with to your ethical standards. Another things to remember is that the NSA engineers were probably acting under their social contract to defend the United States from whatever enemies they are trying to monitor and also felt they were doing the right thing. The problem with social contracts is that they are relative. As far as other countries are concerned, you can affect their policies as well. US carriers are peered with and provide transit to Chinese companies. If the whole world is that outraged with what they do, they just need to pressure the companies they do business with not to do business with China. Steven Naslund Chicago IL -Original Message- From: Jorge Amodio [mailto:jmamo...@gmail.com] Sent: Friday, September 06, 2013 8:51 AM To: NANOG Subject: Re: The US government has betrayed the Internet. We need to take it back The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I read all of it, the original article and other references to it. IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. By trying to fix what is perceived an engineering issue (seems that China doing the same or worse for many years wasn't an engineering problem) the only result you will obtain is a budget increase on the counter-engineering efforts, that may represent a big chunk of money that can be used in more effective ways where it is really needed. My .02 -J
Re: The US government has betrayed the Internet. We need to take it back
So when do we riot? I've been waiting for months now. On Fri, Sep 6, 2013 at 8:50 AM, Jorge Amodio jmamo...@gmail.com wrote: The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I read all of it, the original article and other references to it. IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. By trying to fix what is perceived an engineering issue (seems that China doing the same or worse for many years wasn't an engineering problem) the only result you will obtain is a budget increase on the counter-engineering efforts, that may represent a big chunk of money that can be used in more effective ways where it is really needed. My .02 -J
Re: The US government has betrayed the Internet. We need to take it back
I don't suggest a riot. I do believe in the rule of law, as a member of a democracy I need to accept that I will not always agree with the laws that are enacted. If we lived in China or somewhere else where there was no method to change laws that were unfair or unjust then yea I would support the civil disobiedence approach whole heartedly I do love my country, always have and I firmly believe in the concept of government by the consent of the governed. These rules were made by the people we choose, perhaps these were bad choices but they were are collective choices. Perhaps we should educate our user base so that in the future they make better choices. I suggest in an only half snarky way we just push out the standard DOD warning banner to them all. Since it now seems to apply... Below is a sample banner (IS is information System) By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. Sam On 2013-09-06 10:14, Ishmael Rufus wrote: So when do we riot? I've been waiting for months now. On Fri, Sep 6, 2013 at 8:50 AM, Jorge Amodio jmamo...@gmail.com wrote: The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I read all of it, the original article and other references to it. IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. By trying to fix what is perceived an engineering issue (seems that China doing the same or worse for many years wasn't an engineering problem) the only result you will obtain is a budget increase on the counter-engineering efforts, that may represent a big chunk of money that can be used in more effective ways where it is really needed. My .02 -J
Re: The US government has betrayed the Internet. We need to take it
I don't suggest a riot. I do believe in the rule of law, as a member of a democracy I need to accept that I will not always agree with the laws that are enacted. Well that's all nice and all, but what you're missing here is that this has very little to do with laws that are enacted. When an author of the PATRIOT Act is filing amicus briefs indicating that the collection of data being done is not what Congress intended, and when the intelligence community is busy subverting the common definitions of words so that they can bend a law that says one thing when read in plain language but something very different when they use their own private definitions, then we're pretty far outside the scope of law. We've been hearing for some years now that the way in which the PATRIOT Act has been interpreted was alarmingly expansive. If you choose to start redefining words, you can probably find a way to make the Constitution say every child has a right to a puppy. Doesn't actually mean that it actually says that though. Feingold must be having such an I told you so moment. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: Yahoo is now recycling handles
On Sep 5, 2013, at 8:26 PM, Jay Ashworth j...@baylink.com wrote: They're just validating a credit card number; that was an authorization which won't be settled, almost certainly. I'd have more faith in that if a) there weren't three of them and b) they didn't then tell me that my credit card information was invalid. My guess is that their system failed somewhere between posting the charge and clearing it. However, they *are* still in the Pending category on my card, we'll see if they get posted.
Re: Yahoo is now recycling handles
Sure. But the failure is /why/ you have three... -jra Kee Hinckley naz...@somewhere.com wrote: On Sep 5, 2013, at 8:26 PM, Jay Ashworth j...@baylink.com wrote: They're just validating a credit card number; that was an authorization which won't be settled, almost certainly. I'd have more faith in that if a) there weren't three of them and b) they didn't then tell me that my credit card information was invalid. My guess is that their system failed somewhere between posting the charge and clearing it. However, they *are* still in the Pending category on my card, we'll see if they get posted. -- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Re: The US government has betrayed the Internet. We need to take it back
We have to do the right thing anyway because as engineers we are always motivated to innovate, to fix, to make things better. Motivation has not to come form the NSA or any other spooking service of the day. Even if we design and deploy the best engineering solution there is always a weak link that can be compromised, coerced by law or workaround by counter-engineering. We want better was to provide privacy ? I'm not against that, but if you really want privacy the best and cheapest engineering solution is to remove the plug. We should spend more cycles about how to make broadband real broadband, deploying IPv6, implementing DNSSEC, educating people and bringing Internet where is no access or where there is bad access make it good, if in the process of doing that the NSA wants to get high sniffing all packets I really don't care much because that is not an engineering problem. I think that privacy on a public network is a very relative concept, same as security. -J On Fri, Sep 6, 2013 at 9:11 AM, Scott Brim scott.b...@gmail.com wrote: On Fri, Sep 6, 2013 at 9:50 AM, Jorge Amodio jmamo...@gmail.com wrote: IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. Yes but there is engineering to ensure that they have the opportunity to do the right thing in the first place. If we (IETF) naively engineer out the ability to have privacy, it doesn't matter if those people are stupid or not.
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 6, 2013 at 9:50 AM, Jorge Amodio jmamo...@gmail.com wrote: IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. Yes but there is engineering to ensure that they have the opportunity to do the right thing in the first place. If we (IETF) naively engineer out the ability to have privacy, it doesn't matter if those people are stupid or not.
Re: The US government has betrayed the Internet. We need to take it back
This is part of the purpose behind the separation of powers between executive, legislative and judicial. William Pitt wrote Unlimited power is apt to corrupt the minds of those who possess it . As such constraints are needed and in place. We expect politician to cheat,lie,be stupid and self serving. Because we like people who tell us what we want to hear and most of us vote for people that we like. The do not have to be wise, or even competent. Personally I think most of the fault currently lies with the Judicial side. These laws were enacted as a knee jerk reaction to an event. I can understand the passions of people at that time because I shared them, however the courts are supposed to be a bulwark against this very kind of rash action. These men and women are supposed to be well educated in the fundamental concepts that constructed our republic and appointed to terms that prevent them from worrying about the political whims of the time. Sam On 2013-09-06 10:55, Royce Williams wrote: On Fri, Sep 6, 2013 at 6:27 AM, Naslund, Steve snasl...@medline.com wrote: [snip] 1. We vote in a new executive branch every four years. They control and appoint the NSA director. Vote them out if you don't like how they run things. Do you think a President wants to maintain power? Of course they do and they will change a policy that will get them tossed out (if enough people actually care). 2. The Congress passes the laws that govern telecom and intelligence gathering. They also have the power to impeach and/or prosecute the executive branch for misdeeds. They will pass any law or do whatever it takes to keep themselves in power. Again this requires a lot of public pressure. Historically speaking, I'm not convinced that a pure political solution will ever work, other than on the surface. The need for surveillance transcends both administrations and political parties. Once the newly elected are presented with the intel available at that level, even their approach to handling the flow of information and their social interaction have to change in order to function. Daniel Ellsberg's attempt to explain this to Kissinger is insightful. It's a pretty quick read, with many layers of important observations. (It's Mother Jones, but this content is apolitical): http://www.motherjones.com/kevin-drum/2010/02/daniel-ellsberg-limitations-knowledge I think that Schneier's got it right. The solution has to be both technical and political, and must optimize for two functions: catch the bad guys, while protecting the rights of the good guys. When the time comes for the political choices to be made, the good technical choices must be the only ones available. Security engineering must pave the way to the high road -- so that it's the only road to get there. Royce
Re: Yahoo is now recycling handles
On Sep 5, 2013, at 8:26 PM, Jay Ashworth j...@baylink.com wrote: They're just validating a credit card number; that was an authorization which won't be settled, almost certainly. I'd have more faith in that if a) there weren't three of them and b) they didn't then tell me that my credit card information was invalid. My guess is that their system failed somewhere between posting the charge and clearing it. However, they *are* still in the Pending category on my card, we'll see if they get posted.
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 6, 2013 at 6:27 AM, Naslund, Steve snasl...@medline.com wrote: [snip] 1. We vote in a new executive branch every four years. They control and appoint the NSA director. Vote them out if you don't like how they run things. Do you think a President wants to maintain power? Of course they do and they will change a policy that will get them tossed out (if enough people actually care). 2. The Congress passes the laws that govern telecom and intelligence gathering. They also have the power to impeach and/or prosecute the executive branch for misdeeds. They will pass any law or do whatever it takes to keep themselves in power. Again this requires a lot of public pressure. Historically speaking, I'm not convinced that a pure political solution will ever work, other than on the surface. The need for surveillance transcends both administrations and political parties. Once the newly elected are presented with the intel available at that level, even their approach to handling the flow of information and their social interaction have to change in order to function. Daniel Ellsberg's attempt to explain this to Kissinger is insightful. It's a pretty quick read, with many layers of important observations. (It's Mother Jones, but this content is apolitical): http://www.motherjones.com/kevin-drum/2010/02/daniel-ellsberg-limitations-knowledge I think that Schneier's got it right. The solution has to be both technical and political, and must optimize for two functions: catch the bad guys, while protecting the rights of the good guys. When the time comes for the political choices to be made, the good technical choices must be the only ones available. Security engineering must pave the way to the high road -- so that it's the only road to get there. Royce
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 06, 2013 at 02:27:32PM +, Naslund, Steve wrote: If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. I think Joe 6mbps sitting at home reads that everything he uses has been subverted. He doesn't know what alternatives exist, and doesn't have the technical knowledge neccessary to find them on his own. And faced with a false choice -- stop using the Internet, or continue using it as he knows how -- he chooses the one that retains his ability to communicate with family and friends and keep up on the things he cares about. Schneier is saying we need to build better options for Joe 6mbps, competing with the PRISM-compatable services, so that privacy-respecting services become known and commonplace. Nicolai
Re: The US government has betrayed the Internet. We need to take it
Just call your senator and ask her/him to stop signing the checks ... -J
Re: The US government has betrayed the Internet. We need to take it back
The biggest mistake everyone is making is that while we are talking about what the USGOV/NSA in this instance you assume this is the only entity behaving in this manner. Morpheus http://www.imdb.com/name/nm401/?ref_=tt_trv_qu: This is your last chance. After this, there is no turning back. You take the blue pill - the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill - you stay in Wonderland and I show you how deep the rabbit-hole goes. Mike On Fri, Sep 6, 2013 at 11:43 AM, Jorge Amodio jmamo...@gmail.com wrote: We have to do the right thing anyway because as engineers we are always motivated to innovate, to fix, to make things better. Motivation has not to come form the NSA or any other spooking service of the day. Even if we design and deploy the best engineering solution there is always a weak link that can be compromised, coerced by law or workaround by counter-engineering. We want better was to provide privacy ? I'm not against that, but if you really want privacy the best and cheapest engineering solution is to remove the plug. We should spend more cycles about how to make broadband real broadband, deploying IPv6, implementing DNSSEC, educating people and bringing Internet where is no access or where there is bad access make it good, if in the process of doing that the NSA wants to get high sniffing all packets I really don't care much because that is not an engineering problem. I think that privacy on a public network is a very relative concept, same as security. -J On Fri, Sep 6, 2013 at 9:11 AM, Scott Brim scott.b...@gmail.com wrote: On Fri, Sep 6, 2013 at 9:50 AM, Jorge Amodio jmamo...@gmail.com wrote: IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. Yes but there is engineering to ensure that they have the opportunity to do the right thing in the first place. If we (IETF) naively engineer out the ability to have privacy, it doesn't matter if those people are stupid or not.
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 6, 2013 at 6:55 AM, Royce Williams ro...@techsolvency.com wrote: Daniel Ellsberg's attempt to explain this to Kissinger is insightful. It's a pretty quick read, with many layers of important observations. (It's Mother Jones, but this content is apolitical): http://www.motherjones.com/kevin-drum/2010/02/daniel-ellsberg-limitations-knowledge Er ... I forgot to include the part of the Ellsberg quote that was most relevant to the discussion, with the last sentence here being the icing on the cake: You will deal with a person who doesn't have those clearances only from the point of view of what you want him to believe and what impression you want him to go away with, since you'll have to lie carefully to him about what you know. In effect, you will have to manipulate him. You'll give up trying to assess what he has to say. The danger is, you'll become something like a moron. You'll become incapable of learning from most people in the world, no matter how much experience they may have in their particular areas that may be much greater than yours. In other words: the very politicians with the clearances necessary to strike the best balance are the ones that we cannot expect to hear us, even in our areas of expertise. Security engineering must take this fact as a constraint. Royce
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 06, 2013 at 01:52:16PM -0400, Sam Moats wrote: The problem being is when you do have a provider that appears to be secure and out of reach, think lavabit, that provider will not survive for long. That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. But many or most services can be sufficiently improved, and that's the goal: improvement. http://prism-break.org/ lists examples of this improvement. Nicolai
Re: The US government has betrayed the Internet. We need to take it back
On 09/06/2013 12:14 PM, Eugen Leitl wrote: On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote: On 09/06/2013 11:19 AM, Nicolai wrote: That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Of course: Received: from sc1.nanog.org (sc1.nanog.org [50.31.151.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) doesn't instill a lot of confidence :) It's better than nothing though. Mike
Re: The US government has betrayed the Internet. We need to take it
The problem being is when you do have a provider that appears to be secure and out of reach, think lavabit, that provider will not survive for long. The CALEA requirements, and Patriot Act provisions will force them into compliance. There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. Actually it might not be so horrible if the law was rewritten to be more reasonable, and then on top of that if the executive branch would stop inventing new definitions for words used in the law. However, we shouldn't rely on either of those two things. But the other big giant fail here is that we, as the engineers who have built all this stuff, have made it exceedingly easy for users to just sign up with Gmail and have totally failed at providing easy alternatives for the average person to use. That includes building intelligent, secure, and easy-to-use security into MIME and email, and extends to policies by ISP's designed to make it difficult to run your own server/services, and winds up with software authors who totally fail at creating usable server implementations. And that's just a broad brush. There are more failings than that. Reducing or eliminating the third party involvement in operating services would severely impact the ability to perform the sorts of blanket surveillance that we've seen. There's no technically valid reason that my mother couldn't host and run her own e-mail server on her home Internet connection. Except that she doesn't have a fixed IP. And there's no software that would make it trivial for her to do so (there are honorable mentions, but really this has got to be nearly as easy as plug-and-go). The Internet was designed as an any node to any node system. The insertion of ISP mail servers as an intermediate step made lots of sense back in the days of shell and dialup. It makes a little less sense now. But the community is extremely resistant to change. Certainly Gmail has no incentive to suggest that people go run their own mail server. And we've created enough other roadblocks that it isn't likely to happen. Sigh. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again. - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote: On 09/06/2013 11:19 AM, Nicolai wrote: That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Received: from sc1.nanog.org (sc1.nanog.org [50.31.151.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by leitl.org (Postfix) with ESMTPS id 57418543E4D for eu...@leitl.org; Fri, 6 Sep 2013 21:06:34 +0200 (CEST) Received: from localhost ([::1] helo=sc1.nanog.org) by sc1.nanog.org with esmtp (Exim 4.80.1 (FreeBSD)) (envelope-from nanog-boun...@nanog.org) id 1VI1KX-000CSi-NT; Fri, 06 Sep 2013 19:04:29 + Received: from mtcc.com ([50.0.18.224]) by sc1.nanog.org with esmtp (Exim 4.80.1 (FreeBSD)) (envelope-from m...@mtcc.com) id 1VI1KH-000CQe-Mt for nanog@nanog.org; Fri, 06 Sep 2013 19:04:13 + Received: from takifugu.mtcc.com (takifugu.mtcc.com [50.0.18.224]) (authenticated bits=0) by mtcc.com (8.14.3/8.14.3) with ESMTP id r86J3uVr017222 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Fri, 6 Sep 2013 12:03:57 -0700 -- doesn't do PFS, unfortunately. Everything should be doing PFS, now that we know.
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 6, 2013 at 7:23 AM, Sam Moats s...@circlenet.us wrote: ... Below is a sample banner (IS is information System) By using this IS (which includes any device attached to this IS), you consent to the following conditions: -The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations. -At any time, the USG may inspect and seize data stored on this IS. -Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG authorized purpose. -This IS includes security measures (e.g., authentication and access controls) to protect USG interests--not for your personal benefit or privacy. -Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. Sam Ah. So, if we all become ordained ministers, our communications become privileged communications not subject to monitoring by the US government? Matt (spoken mostly tongue-in-cheek; but it would be fun to see the government go up against the religious right on the question of whether the government has the right to violate the seal of the confessional and monitor layperson communications with their clergy...)
Caution! Don't attempt the Postini to Google Apps transition
TL; DR: Email won't be delivered, No support I have two domains that I set up with Postini for spam filtering, and I was very happy for years. But Google purchased Postini, and has been increasingly insistent that I migrate to Google Apps. They have a transition process which is supposedly seamless, and which guarantees that mail will continue flowing throughout the transition. In reality, all of my email was offline for 24 hours, first into a black hole, and then bouncing with permanent failures. Calling Google support last night resulted in a long wait to finally talk to someone who told me that Postini support was too busy and who took down my name and number for a call back. Never got a call. This morning I opened a support ticket via the web site, and two hours later got a reply suggesting that it might be my MX records. Never mind that (according to the logs I could see) the mail was still flowing properly to Postini, passing through there to Google, and then being dumped at Google. When I called to escalate, I found a support agent who couldn't find the ticket I had opened via the website, and who then tried to transfer me. In the process, I sat on hold for 30 minutes, then the call was dropped. When I called right back, I went through the same phone tree and authentication process, and reached another agent. When he asked my problem, and I started to describe it, he said oh, Postini and then hung up on me. At that point it had been 24 hours, which is too long to have one's inbound email getting permanent failures, and so I've set my MX records to point directly at my own servers and will just live without spam filtering for a while. In the meantime, I strongly encourage anyone else who cares about reliable email delivery to avoid my fate. Matthew Kaufman matt...@matthew.at
Re: The US government has betrayed the Internet. We need to take it back
On 09/06/2013 12:52 PM, Nicolai wrote: On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote: On 09/06/2013 11:19 AM, Nicolai wrote: That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Agreed. Although some people are uncomfortable with OpenSSL's track record, and don't want to trade system security for better-than-plaintext network security. But the deeper issue is coercing providers to give up mail stored on private servers, bypassing the network altogether. TLS doesn't address this problem. Short term: deploy [START]TLS. Long term: we need a new email protocol with E2E encryption. I'd say we already have those things too in the form of PGP/SMIME. Who knows what the NSA can break, but it's just not right to say that we need new protocols. The means has been there for many years to secure email (fsvo 'secure'), it's just that it's not terribly convenient so we just don't for the most part. Mike
Re: The US government has betrayed the Internet. We need to take it back
Once upon a time, Nicolai nicolai-na...@chocolatine.org said: Agreed. Although some people are uncomfortable with OpenSSL's track record, and don't want to trade system security for better-than-plaintext network security. OpenSSL is not the only game in town. -- Chris Adams c...@cmadams.net
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 06, 2013 at 12:03:56PM -0700, Michael Thomas wrote: On 09/06/2013 11:19 AM, Nicolai wrote: That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Agreed. Although some people are uncomfortable with OpenSSL's track record, and don't want to trade system security for better-than-plaintext network security. But the deeper issue is coercing providers to give up mail stored on private servers, bypassing the network altogether. TLS doesn't address this problem. Short term: deploy [START]TLS. Long term: we need a new email protocol with E2E encryption. Nicolai
[NANOG-announce] NANOG Fellowship Reminder
If you are considering attending a NANOG meeting, and need a bit of assistance, consider submitting a NANOG Fellowship application. Fellowship Applicants are eligible if they meet all the criteria of either Fellowship, currently reside in the North American Region served by NANOG, and have not attended a NANOG meeting in the last five years. The NANOG 59 Fellowship http://nanog.org/resources/fellowshipsapplication process will remain open from August 26, 2013 until 5:00 PM PST on September 9, 2013. As always, if you have additional questions, please feel free to also contact me directly. Sincerely, Betty -- Betty Burke NANOG Executive Director 48377 Fremont Boulevard, Suite 117 Fremont, CA 94538 Tel: +1 510 492 4030 ___ NANOG-announce mailing list nanog-annou...@mailman.nanog.org http://mailman.nanog.org/mailman/listinfo/nanog-announce
Re: The US government has betrayed the Internet. We need to take it back
The problem being is when you do have a provider that appears to be secure and out of reach, think lavabit, that provider will not survive for long. The CALEA requirements, and Patriot Act provisions will force them into compliance. There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. Sam Moats On 2013-09-06 13:20, Nicolai wrote: On Fri, Sep 06, 2013 at 02:27:32PM +, Naslund, Steve wrote: If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. I think Joe 6mbps sitting at home reads that everything he uses has been subverted. He doesn't know what alternatives exist, and doesn't have the technical knowledge neccessary to find them on his own. And faced with a false choice -- stop using the Internet, or continue using it as he knows how -- he chooses the one that retains his ability to communicate with family and friends and keep up on the things he cares about. Schneier is saying we need to build better options for Joe 6mbps, competing with the PRISM-compatable services, so that privacy-respecting services become known and commonplace. Nicolai
RE: [Q] Any good resource of info ref LECs, in different US areas?
Not sure exactly what you are looking for, but how about: http://localcallingguide.com/ (Free/open copy of certain LERG tables, should list all providers in a given RC/LATA/NPA-NXX) or http://www.telcodata.us/ Hope that helps, -Scott -Original Message- From: Stefan [mailto:netfort...@gmail.com] Sent: Wednesday, September 04, 2013 3:01 PM To: nanog@nanog.org Subject: [Q] Any good resource of info ref LECs, in different US areas? Trying to build diversity in some very odd places, about which the big names tell me exclusively about other bug names, but cannot easily verify. Thank you, ***Stefan
Re: The US government has betrayed the Internet. We need to take it back
MAN UP! From: Sam Moats s...@circlenet.us To: nanog@nanog.org Sent: Friday, September 6, 2013 8:04 AM Subject: Re: The US government has betrayed the Internet. We need to take it back This is part of the purpose behind the separation of powers between executive, legislative and judicial. William Pitt wrote Unlimited power is apt to corrupt the minds of those who possess it . As such constraints are needed and in place. We expect politician to cheat,lie,be stupid and self serving. Because we like people who tell us what we want to hear and most of us vote for people that we like. The do not have to be wise, or even competent. Personally I think most of the fault currently lies with the Judicial side. These laws were enacted as a knee jerk reaction to an event. I can understand the passions of people at that time because I shared them, however the courts are supposed to be a bulwark against this very kind of rash action. These men and women are supposed to be well educated in the fundamental concepts that constructed our republic and appointed to terms that prevent them from worrying about the political whims of the time. Sam On 2013-09-06 10:55, Royce Williams wrote: On Fri, Sep 6, 2013 at 6:27 AM, Naslund, Steve snasl...@medline.com wrote: [snip] 1. We vote in a new executive branch every four years. They control and appoint the NSA director. Vote them out if you don't like how they run things. Do you think a President wants to maintain power? Of course they do and they will change a policy that will get them tossed out (if enough people actually care). 2. The Congress passes the laws that govern telecom and intelligence gathering. They also have the power to impeach and/or prosecute the executive branch for misdeeds. They will pass any law or do whatever it takes to keep themselves in power. Again this requires a lot of public pressure. Historically speaking, I'm not convinced that a pure political solution will ever work, other than on the surface. The need for surveillance transcends both administrations and political parties. Once the newly elected are presented with the intel available at that level, even their approach to handling the flow of information and their social interaction have to change in order to function. Daniel Ellsberg's attempt to explain this to Kissinger is insightful. It's a pretty quick read, with many layers of important observations. (It's Mother Jones, but this content is apolitical): http://www.motherjones.com/kevin-drum/2010/02/daniel-ellsberg-limitations-knowledge I think that Schneier's got it right. The solution has to be both technical and political, and must optimize for two functions: catch the bad guys, while protecting the rights of the good guys. When the time comes for the political choices to be made, the good technical choices must be the only ones available. Security engineering must pave the way to the high road -- so that it's the only road to get there. Royce
Re: The US government has betrayed the Internet. We need to take it back
My dad told once me they could indict a ham sandwich. I never really knew what meant.. A law does not mean an automatic grant of constitutionality. I'm all for following laws, but at what point does the public just say.. The threat isn't large enough to warrant a protcologist visit via NSA to see if you've been a good boy. I'm innocent until proven guilty beyond a reasonably doubt by a jury of my peers, it doesn't work any other way. You either respect the document that establishes basic principals for this land, or you do not. As I said before.. Snowden would have had a world wife frenzy of activity had he included facebook is going to a pay model instead of legit information about national war crimes. Sent from my Mobile Device. Original message From: Sam Moats s...@circlenet.us Date: 09/06/2013 10:56 AM (GMT-08:00) To: nanog@nanog.org Subject: Re: The US government has betrayed the Internet. We need to take it back The problem being is when you do have a provider that appears to be secure and out of reach, think lavabit, that provider will not survive for long. The CALEA requirements, and Patriot Act provisions will force them into compliance. There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. Sam Moats On 2013-09-06 13:20, Nicolai wrote: On Fri, Sep 06, 2013 at 02:27:32PM +, Naslund, Steve wrote: If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. I think Joe 6mbps sitting at home reads that everything he uses has been subverted. He doesn't know what alternatives exist, and doesn't have the technical knowledge neccessary to find them on his own. And faced with a false choice -- stop using the Internet, or continue using it as he knows how -- he chooses the one that retains his ability to communicate with family and friends and keep up on the things he cares about. Schneier is saying we need to build better options for Joe 6mbps, competing with the PRISM-compatable services, so that privacy-respecting services become known and commonplace. Nicolai
Weekly Routing Table Report
This is an automated weekly mailing describing the state of the Internet Routing Table as seen from APNIC's router in Japan. The posting is sent to APOPS, NANOG, AfNOG, AusNOG, SANOG, PacNOG, LacNOG, TRNOG, CaribNOG and the RIPE Routing Working Group. Daily listings are sent to bgp-st...@lists.apnic.net For historical data, please see http://thyme.rand.apnic.net. If you have any comments please contact Philip Smith pfsi...@gmail.com. Routing Table Report 04:00 +10GMT Sat 07 Sep, 2013 Report Website: http://thyme.rand.apnic.net Detailed Analysis: http://thyme.rand.apnic.net/current/ Analysis Summary BGP routing table entries examined: 466753 Prefixes after maximum aggregation: 188207 Deaggregation factor: 2.48 Unique aggregates announced to Internet: 231835 Total ASes present in the Internet Routing Table: 44906 Prefixes per ASN: 10.39 Origin-only ASes present in the Internet Routing Table: 35097 Origin ASes announcing only one prefix: 16257 Transit ASes present in the Internet Routing Table:5913 Transit-only ASes present in the Internet Routing Table:165 Average AS path length visible in the Internet Routing Table: 4.7 Max AS path length visible: 30 Max AS path prepend of ASN ( 36992) 22 Prefixes from unregistered ASNs in the Routing Table: 5649 Unregistered ASNs in the Routing Table:1916 Number of 32-bit ASNs allocated by the RIRs: 5006 Number of 32-bit ASNs visible in the Routing Table:3896 Prefixes from 32-bit ASNs in the Routing Table: 11954 Special use prefixes present in the Routing Table:1 Prefixes being announced from unallocated address space:362 Number of addresses announced to Internet: 2641573844 Equivalent to 157 /8s, 115 /16s and 55 /24s Percentage of available address space announced: 71.4 Percentage of allocated address space announced: 71.4 Percentage of available address space allocated: 100.0 Percentage of address space in use by end-sites: 95.0 Total number of prefixes smaller than registry allocations: 163579 APNIC Region Analysis Summary - Prefixes being announced by APNIC Region ASes: 110477 Total APNIC prefixes after maximum aggregation: 33521 APNIC Deaggregation factor:3.30 Prefixes being announced from the APNIC address blocks: 112415 Unique aggregates announced from the APNIC address blocks:46754 APNIC Region origin ASes present in the Internet Routing Table:4866 APNIC Prefixes per ASN: 23.10 APNIC Region origin ASes announcing only one prefix: 1223 APNIC Region transit ASes present in the Internet Routing Table:829 Average APNIC Region AS path length visible:4.7 Max APNIC Region AS path length visible: 23 Number of APNIC region 32-bit ASNs visible in the Routing Table:661 Number of APNIC addresses announced to Internet: 728202176 Equivalent to 43 /8s, 103 /16s and 123 /24s Percentage of available APNIC address space announced: 85.1 APNIC AS Blocks4608-4864, 7467-7722, 9216-10239, 17408-18431 (pre-ERX allocations) 23552-24575, 37888-38911, 45056-46079, 55296-56319, 58368-59391, 131072-133119 APNIC Address Blocks 1/8, 14/8, 27/8, 36/8, 39/8, 42/8, 43/8, 49/8, 58/8, 59/8, 60/8, 61/8, 101/8, 103/8, 106/8, 110/8, 111/8, 112/8, 113/8, 114/8, 115/8, 116/8, 117/8, 118/8, 119/8, 120/8, 121/8, 122/8, 123/8, 124/8, 125/8, 126/8, 133/8, 150/8, 153/8, 163/8, 171/8, 175/8, 180/8, 182/8, 183/8, 202/8, 203/8, 210/8, 211/8, 218/8, 219/8, 220/8, 221/8, 222/8, 223/8, ARIN Region Analysis Summary Prefixes being announced by ARIN Region ASes:161488 Total ARIN prefixes after maximum aggregation:81121 ARIN Deaggregation factor: 1.99 Prefixes being announced from the ARIN address blocks: 162089 Unique aggregates announced from the ARIN address blocks: 75491 ARIN Region origin ASes present in the Internet Routing Table:15867 ARIN Prefixes per ASN:10.22 ARIN Region origin
Re: The US government has betrayed the Internet. We need to take it back
Just following orders... From: Sam Moats s...@circlenet.us To: nanog@nanog.org Sent: Friday, September 6, 2013 7:30 AM Subject: RE: The US government has betrayed the Internet. We need to take it back +1 I couldn't have said it any better. Sam On 2013-09-06 10:27, Naslund, Steve wrote: The error in this whole conversation is that you cannot take it back as an engineer. You do not own it. You are like an architect or carpenter and are no more responsible for how it is used than the architect is responsible that the building he designed is being used as a crack house. Do Ford engineers have a social contract to ensure that I do not run over squirrels with my Explorer, will they take it back if I do so? The whole social contract argument is ridiculous. You have a contract (or most likely an at will agreement) with your employer to build what they want and operate it in the way that they want you to. If it is against your ethics to do so, quit. The companies that own the network have a fiduciary responsibility to their investors and a responsibility to serve their customers. If anyone is really that bent out of shape by the NSA tactics (and I am not so sure they are given the lack of political backlash) here is what you can do. In the United States there are two main centers of power that can affect these policies, the consumer and the voter. 1. We vote in a new executive branch every four years. They control and appoint the NSA director. Vote them out if you don't like how they run things. Do you think a President wants to maintain power? Of course they do and they will change a policy that will get them tossed out (if enough people actually care). 2. The Congress passes the laws that govern telecom and intelligence gathering. They also have the power to impeach and/or prosecute the executive branch for misdeeds. They will pass any law or do whatever it takes to keep themselves in power. Again this requires a lot of public pressure. 3. The companies that are consenting to monitoring (legal or illegal) are stuck between two powers. The federal government's power to regulate them and the investors / consumers they serve. Apparently they are more scared of the government even though the consumer can put them out of business overnight by simply not using their product any more. If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. If a social contract exists at all in the United States, it would be to hold your government and the companies you do business with to your ethical standards. Another things to remember is that the NSA engineers were probably acting under their social contract to defend the United States from whatever enemies they are trying to monitor and also felt they were doing the right thing. The problem with social contracts is that they are relative. As far as other countries are concerned, you can affect their policies as well. US carriers are peered with and provide transit to Chinese companies. If the whole world is that outraged with what they do, they just need to pressure the companies they do business with not to do business with China. Steven Naslund Chicago IL -Original Message- From: Jorge Amodio [mailto:jmamo...@gmail.com] Sent: Friday, September 06, 2013 8:51 AM To: NANOG Subject: Re: The US government has betrayed the Internet. We need to take it back The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I read all of it, the original article and other references to it. IMHO, there is no amount of engineering that can fix stupid people doing stupid things on both sides of the stupid lines. By trying to fix what is perceived an engineering issue (seems that China doing the same or worse for many years wasn't an engineering problem) the only result you will obtain is a budget increase on the counter-engineering efforts, that may represent a big chunk of money that can be used in more effective ways where it is really needed. My .02 -J
Re: The US government has betrayed the Internet. We need to take it back
On 9/6/2013 8:08 AM, John Peach wrote: On Fri, 6 Sep 2013 07:46:59 -0500 Jorge Amodio jmamo...@gmail.com wrote: http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying The US government has betrayed the Internet. We need to take it back Who is we ? If you bothered to read the 1st paragraph you would know. I did bother.the first 'graf after the link reads, in toto: The US government has betrayed the Internet. We need to take it back[sic] You apparently use the silent period at the ends of 'grafs so I took the blank lime as the 'graf delimiter. Who is we. I lave learned to distrust the generic we as doers of stuff. What is your part of the recovery? What do you see as mine. (I like you and me as identifiers for doers of stuff. Third party identifiers are acceptible and tenatives, pending conversion to me or you. -- Requiescas in pace o email Two identifying characteristics of System Administrators: Ex turpi causa non oritur actio Infallibility, and the ability to learn from their mistakes. (Adapted from Stephen Pinker)
Re: The US government has betrayed the Internet. We need to take it back
--- s...@circlenet.us wrote: From: Sam Moats s...@circlenet.us There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. So, there's no choice except to get a 5-gallon bucket of gov't-ky jelly and take it? So many things come to mind on your flag-waving emails, I can't think of what to say first. And believe me, that's not usual... ;-) After a while, you'll become raw and probably change your mind. scott
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 06, 2013 at 01:04:48PM -0700, Michael Thomas wrote: I'd say we already have those things too in the form of PGP/SMIME. Who knows what the NSA can break, but it's just not right to say that we need new protocols. The means has been there for many years to secure email (fsvo 'secure'), it's just that it's not terribly convenient so we just don't for the most part. The scuttlebutt is that anything SMTP is unfixable, so XMPP/OTR is gap-filler until really distributed systems with zero metadata (Tahoe LAFS Co) come along. In regards to Schneier's manifesto, it seems he's targeting noncorporate/nonaffiliated engineers, and there *has* been considerable activity in the woodworks in the past months. Most of the resulting countermeasures will be more for the network edge and end users, so not really operationally relevant for nanog. Sorry to waste your time, but it was worth a try.
Re: The US government has betrayed the Internet. We need to take it back
On 09/06/2013 11:19 AM, Nicolai wrote: That's true -- it is far easier to subvert email than most other services, and in the case of email we probably need a wholly new protocol. Uh, a first step might be to just turn on [START]TLS. We're not using the tools that have been implemented and deployed for a decade at least. Mike
The Cidr Report
This report has been generated at Fri Sep 6 21:14:04 2013 AEST.
The report analyses the BGP Routing Table of AS2.0 router
and generates a report on aggregation potential within the table.
Check http://www.cidr-report.org for a current version of this report.
Recent Table History
Date PrefixesCIDR Agg
30-08-13479696 271236
31-08-13479888 271502
01-09-13479969 271415
02-09-13480012 270940
03-09-13479606 271654
04-09-13479909 272113
05-09-13480734 272243
06-09-13481151 272602
AS Summary
45072 Number of ASes in routing system
18545 Number of ASes announcing only one prefix
4174 Largest number of prefixes announced by an AS
AS7029 : WINDSTREAM - Windstream Communications Inc
117918976 Largest address span announced by an AS (/32s)
AS4134 : CHINANET-BACKBONE No.31,Jin-rong Street
Aggregation Summary
The algorithm used in this report proposes aggregation only
when there is a precise match using the AS path, so as
to preserve traffic transit policies. Aggregation is also
proposed across non-advertised address space ('holes').
--- 06Sep13 ---
ASnumNetsNow NetsAggr NetGain % Gain Description
Table 481041 272501 20854043.4% All ASes
AS6389 3068 65 300397.9% BELLSOUTH-NET-BLK -
BellSouth.net Inc.
AS28573 3233 473 276085.4% NET Serviços de Comunicação
S.A.
AS17974 2666 170 249693.6% TELKOMNET-AS2-AP PT
Telekomunikasi Indonesia
AS7029 4174 2025 214951.5% WINDSTREAM - Windstream
Communications Inc
AS4766 2919 939 198067.8% KIXS-AS-KR Korea Telecom
AS22773 2044 138 190693.2% ASN-CXA-ALL-CCI-22773-RDC -
Cox Communications Inc.
AS18566 2065 468 159777.3% COVAD - Covad Communications
Co.
AS10620 2549 1015 153460.2% Telmex Colombia S.A.
AS3356 3236 1714 152247.0% LEVEL3 Level 3 Communications
AS36998 1862 423 143977.3% SDN-MOBITEL
AS4323 2971 1534 143748.4% TWTC - tw telecom holdings,
inc.
AS18881 1430 69 136195.2% Global Village Telecom
AS7303 1693 455 123873.1% Telecom Argentina S.A.
AS4755 1768 589 117966.7% TATACOMM-AS TATA
Communications formerly VSNL
is Leading ISP
AS2118 1179 75 110493.6% RELCOM-AS OOO NPO Relcom
AS7552 1161 131 103088.7% VIETEL-AS-AP Vietel
Corporation
AS22561 1196 212 98482.3% DIGITAL-TELEPORT - Digital
Teleport Inc.
AS1785 2013 1157 85642.5% AS-PAETEC-NET - PaeTec
Communications, Inc.
AS11830 927 117 81087.4% Instituto Costarricense de
Electricidad y Telecom.
AS18101 981 179 80281.8% RELIANCE-COMMUNICATIONS-IN
Reliance Communications
Ltd.DAKC MUMBAI
AS4808 1160 402 75865.3% CHINA169-BJ CNCGROUP IP
network China169 Beijing
Province Network
AS7545 2073 1351 72234.8% TPG-INTERNET-AP TPG Telecom
Limited
AS701 1521 800 72147.4% UUNET - MCI Communications
Services, Inc. d/b/a Verizon
Business
AS13977 853 142 71183.4% CTELCO - FAIRPOINT
COMMUNICATIONS, INC.
AS6147 734 44 69094.0% Telefonica del Peru S.A.A.
AS8151 1290 608 68252.9% Uninet S.A. de C.V.
AS855732 55 67792.5% CANET-ASN-4 - Bell Aliant
Regional Communications, Inc.
AS6983 1152 483 66958.1% ITCDELTA - ITC^Deltacom
AS24560 1090 433 65760.3% AIRTELBROADBAND-AS-AP Bharti
Airtel Ltd., Telemedia
Services
AS7738
Re: The US government has betrayed the Internet. We need to take it back
On 6 September 2013 10:52, Sam Moats s...@circlenet.us wrote: The problem being is when you do have a provider that appears to be secure and out of reach, think lavabit, that provider will not survive for long. The CALEA requirements, and Patriot Act provisions will force them into compliance. Only if are on USA territory. You can also push for distributed services that don't depend on one fat server farm. -- -- ℱin del ℳensaje.
RE: The US government has betrayed the Internet. We need to take it back
I am unclear on what you mean by technical choice. Are you talking about a technical solution to keep the government from seeing your traffic? That will not work for two main reasons. 1. The government has a lot more resources and motivation than the average company when it comes to security systems. They do not have to be profitable, just effective. Most companies only invest in the security that they are required to provide. As a private entity they will be unlikely to want to get in a technological arms race with the NSA. Remember these are the guys that also design some of the most sophisticated encryption systems in the world and have nearly limitless computing power to break such systems. They attract some of the most brilliant mathematical minds in the world and actively pursue these employees. You are really unlikely to out security engineer the NSA especially since the USG can control legally what technology you are allowed to use and export. Who designed your encryption algorithm and which one of your employees is a qualified cryptographer that can assure you that it is secure enough. Is he qualified to tell you what backdoors or capability NSA has to break that encryption method? Do you have the technical experts to assure you that no US intelligence service has penetrated your human or technical resources? Do you think no one in your organization would plug something into your network if it comes with a bag of cash or a threat attached to it. If so, I think the NSA might offer you a lucrative job. Remember these are the same guys who are supposed to break the communications of foreign governments and by all accounts are fairly good at it. I don't want to bet my job on defeating them. 2. If the political environment allows, they will simply pass laws along the lines of CALEA to give them the legal right to tap your traffic. Even if you won the technological battle they can instantly trump you with key escrow and other such legal force means to defeat you. If the political will exists they can pass a law requiring you to pass them all information in plain text. Game over, you lose. Just try to defy a FISA court order or refuse a CALEA tap and see how long you are in business. There is always a debate of privacy vs security and there always has been in one form or the other. This is expressed by the people of this country in their political and economic choices. I know it does not seem like it sometimes but the government will only do what the majority of the people will accept most of the time. Every decision a politician makes is a balance between what he wants and what he thinks he can get away with. He want the information but it is only useful if he maintains his access to power. As you see, the ONLY solution is the political will to limit the governments powers. The only way that is done is to threaten the power structure or financial structure. The history of the best technical solution winning inside the US Government structure is pretty weak. POSIX compliance, ADA programming, need I say more? I say this as a former network engineer in the United States Air Force. As far as both parties being responsible for this, I agree completely. Everyone knows that information is power and everyone wants as much information as they can get. The only way to influence that is to make the cost of illegal information collection too high a price to pay for the politicians. The NSA will only use the technology they are allowed to use by whomever is in power. No one over there wants to go to jail and most government employees do not want to put their neck on the line if they know there is no safety net. The Director of NSA answers to the President. His job is to get the information the USG wants and not get anyone fired doing it. Everything he does is about that balance. If he does not do it, the President will appoint someone who does. Historically the NSA is directed by a General officer from the military. They generally follow the orders they are given by the President and that is where the power really lies. It is the job of the Congress to oversee that and ensure the limitations are being followed. If that is not happening, it is up to the citizens to replace the President or Congress with someone who will follow the will of the people. Steve -Original Message- From: Royce Williams [mailto:ro...@techsolvency.com] Sent: Friday, September 06, 2013 9:56 AM To: NANOG Subject: Re: The US government has betrayed the Internet. We need to take it back [snip] http://www.motherjones.com/kevin-drum/2010/02/daniel-ellsberg-limitations-knowledge I think that Schneier's got it right. The solution has to be both technical and political, and must optimize for two functions: catch the bad guys, while protecting the rights of the good guys. When the time comes for the political choices to be
BGP Update Report
BGP Update Report Interval: 29-Aug-13 -to- 05-Sep-13 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASNUpds % Upds/PfxAS-Name 1 - AS6866 122404 5.8% 683.8 -- CYTA-NETWORK Cyprus Telecommunications Authority 2 - AS27738 42369 2.0% 73.4 -- Ecuadortelecom S.A. 3 - AS982934878 1.7% 27.4 -- BSNL-NIB National Internet Backbone 4 - AS840234340 1.6% 20.0 -- CORBINA-AS OJSC Vimpelcom 5 - AS28573 26252 1.2% 7.9 -- NET Serviços de Comunicação S.A. 6 - AS14287 21002 1.0% 388.9 -- TRIAD-TELECOM - Triad Telecom, Inc. 7 - AS941619059 0.9% 560.6 -- MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc. 8 - AS27941 18220 0.9%1138.8 -- CONSULNETWORK LTDA 9 - AS36998 17919 0.8% 9.6 -- SDN-MOBITEL 10 - AS477516486 0.8% 229.0 -- GLOBE-TELECOM-AS Globe Telecoms 11 - AS671315677 0.7% 29.3 -- IAM-AS 12 - AS949813823 0.7% 15.2 -- BBIL-AP BHARTI Airtel Ltd. 13 - AS11664 12702 0.6% 33.7 -- Techtel LMDS Comunicaciones Interactivas S.A. 14 - AS10620 11860 0.6% 4.8 -- Telmex Colombia S.A. 15 - AS443410579 0.5% 155.6 -- ERX-RADNET1-AS PT Rahajasa Media Internet 16 - AS211810022 0.5% 7.3 -- RELCOM-AS OOO NPO Relcom 17 - AS486129892 0.5% 899.3 -- RTC-ORENBURG-AS CJSC Comstar-Regions 18 - AS335979872 0.5% 60.6 -- INFORELAY - InfoRelay Online Systems, Inc. 19 - AS234879700 0.5% 89.8 -- CONECEL 20 - AS507109254 0.4% 38.4 -- EARTHLINK-AS EarthLink Ltd. CommunicationsInternet Services TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASNUpds % Upds/PfxAS-Name 1 - AS530088175 0.4%8175.0 -- Pontal Cabo Ltda 2 - AS6174 7201 0.3%3600.5 -- SPRINTLINK8 - Sprint 3 - AS423343226 0.1%3226.0 -- BBP-AS Broadband Plus s.a.l. 4 - AS286986646 0.3%2215.3 -- UUNETZM-AS 5 - AS7202 8766 0.4%1252.3 -- FAMU - Florida A M University 6 - AS27941 18220 0.9%1138.8 -- CONSULNETWORK LTDA 7 - AS386546615 0.3%1102.5 -- INES-NETWORK INES Corporation. 8 - AS373671072 0.1%1072.0 -- CALLKEY 9 - AS43884 949 0.1% 949.0 -- EG-CONSULTING-AS EG Information Consulting Ltd 10 - AS6629 9219 0.4% 921.9 -- NOAA-AS - NOAA 11 - AS486129892 0.5% 899.3 -- RTC-ORENBURG-AS CJSC Comstar-Regions 12 - AS37374 746 0.0% 746.0 -- Liquid-zambia 13 - AS57201 713 0.0% 713.0 -- EDF-AS Estonian Defence Forces 14 - AS6866 122404 5.8% 683.8 -- CYTA-NETWORK Cyprus Telecommunications Authority 15 - AS18148 597 0.0% 597.0 -- FUKUOKA-U Fukuoka University 16 - AS941619059 0.9% 560.6 -- MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc. 17 - AS47582 555 0.0% 555.0 -- KRAFT-S-TOGLIATTI Kraft-S JSC 18 - AS59699 535 0.0% 535.0 -- NICEBLUE-AS Nice Blue s.r.l. 19 - AS380001556 0.1% 518.7 -- CRISIL-AS [CRISIL Limited.Autonomous System] 20 - AS3 514 0.0% 307.0 -- CMED-AS Cmed Technology Ltd TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 61.95.239.0/2411974 0.5% AS9498 -- BBIL-AP BHARTI Airtel Ltd. 2 - 202.154.17.0/24 10391 0.5% AS4434 -- ERX-RADNET1-AS PT Rahajasa Media Internet 3 - 92.246.207.0/249854 0.4% AS48612 -- RTC-ORENBURG-AS CJSC Comstar-Regions 4 - 203.118.224.0/21 9537 0.4% AS9416 -- MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc. 5 - 203.118.232.0/21 9427 0.4% AS9416 -- MULTIMEDIA-AS-AP Hoshin Multimedia Center Inc. 6 - 192.58.232.0/249127 0.4% AS6629 -- NOAA-AS - NOAA 7 - 120.28.62.0/24 8494 0.4% AS4775 -- GLOBE-TELECOM-AS Globe Telecoms 8 - 194.219.56.0/248178 0.4% AS1241 -- FORTHNET-GR Forthnet 9 - 177.185.160.0/20 8175 0.4% AS53008 -- Pontal Cabo Ltda 10 - 222.127.0.0/24 7906 0.4% AS4775 -- GLOBE-TELECOM-AS Globe Telecoms 11 - 41.216.64.0/19 7360 0.3% AS28698 -- UUNETZM-AS AS37374 -- Liquid-zambia 12 - 150.39.0.0/16 6610 0.3% AS38654 -- INES-NETWORK INES Corporation. 13 - 69.38.178.0/24 4710 0.2% AS19406 -- TWRS-MA - Towerstream I, Inc. 14 - 204.29.132.0/234594 0.2% AS1880 -- STUPI Svensk Teleutveckling Produktinnovation, STUPI AB 15 - 200.29.234.0/244575 0.2% AS27941 -- CONSULNETWORK LTDA 16 - 200.29.238.0/244575 0.2% AS27941 -- CONSULNETWORK LTDA 17 - 200.29.236.0/244575 0.2% AS27941 -- CONSULNETWORK LTDA 18 - 200.29.239.0/244483 0.2% AS27941 -- CONSULNETWORK LTDA 19 - 168.223.206.0/23 4390
Re: The US government has betrayed the Internet. We need to take it back
On Fri, Sep 6, 2013 at 8:02 AM, Naslund, Steve snasl...@medline.com wrote: I am unclear on what you mean by technical choice. Are you talking about a technical solution to keep the government from seeing your traffic? That will not work for two main reasons. [good reasons snipped] Ah, I should have been more clear. I'm definitely not proposing that the private sector could succeed in such an arms race, for exactly the two reasons that you accurately laid out: the government has vastly greater resources, and they have the law. (And I would add a third: they have a valid mission to accomplish). I intended the technical choice idea to be more broad. I'm no crypto guy, but of the work happening in this space, it seems that there are a lot of people working on the problem of how do we keep everyone else out?, and a lot of other people are working on how do we get in? And recently, a lot more folks are working on how can we quickly tell that they got in? But it doesn't seem to me that very many people are working (at a technical level) on the hard problem of how do we simultaneously enable lawful intercept, and verifiably preserve privacy? There seems to be an intractable conflict between freedom and surveillance. But if we set aside that assumption, we might discover technical approaches to support both. The politics might change if the politicians didn't have to choose one or the other. Pipe dream? Certainly. But escaping assumptions is where breakthroughs are made. Royce
RE: The US government has betrayed the Internet. We need to take it back
Great opportunity for a country like Brazil (for example) to become a place of business for many of these services which are subject to Calea (and such) in the US. This type of behavior is certainly a motivator for folks in other countries to benefit, to our detriment. If the NSA is truly undermining the security of private enterprises which rely on compromised security implements, besides being counter productive, it will cost (maybe already has) in lost revenue or damages. Sooner or later this is going to take its toll. In the end the universal language of cold hard cash will reign. /wp From: Sam Moatsmailto:s...@circlenet.us Sent: 9/6/2013 11:55 AM To: nanog@nanog.orgmailto:nanog@nanog.org Subject: Re: The US government has betrayed the Internet. We need to take it back The problem being is when you do have a provider that appears to be secure and out of reach, think lavabit, that provider will not survive for long. The CALEA requirements, and Patriot Act provisions will force them into compliance. There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. Sam Moats On 2013-09-06 13:20, Nicolai wrote: On Fri, Sep 06, 2013 at 02:27:32PM +, Naslund, Steve wrote: If everyone cancelled their gmail accounts, stopped using Google search, and stopped paying for Google placement and ads, their stock would go to zero nearly overnight. Again, no one seems to care about the issue enough to do this because I have seen no appreciable backlash against these companies. I think Joe 6mbps sitting at home reads that everything he uses has been subverted. He doesn't know what alternatives exist, and doesn't have the technical knowledge neccessary to find them on his own. And faced with a false choice -- stop using the Internet, or continue using it as he knows how -- he chooses the one that retains his ability to communicate with family and friends and keep up on the things he cares about. Schneier is saying we need to build better options for Joe 6mbps, competing with the PRISM-compatable services, so that privacy-respecting services become known and commonplace. Nicolai
RE: The US government has betrayed the Internet. We need to take it back
On Fri, 2013-09-06 at 23:03 +, Paul Donner (pdonner) wrote: Great opportunity for a country like Brazil (for example) to become a place of business for many of these services which are subject to Calea (and such) in the US. This type of behavior is certainly a motivator for folks in other countries to benefit, to our detriment. If the NSA is truly undermining the security of private enterprises which rely on compromised security implements, besides being counter productive, it will cost (maybe already has) in lost revenue or damages. Sooner or later this is going to take its toll. In the end the universal language of cold hard cash will reign. You mean like this? http://www.zdnet.com/u-s-cloud-industry-stands-to-lose-35-billion-amid-prism-fallout-718974/ As one currently working in the cloud this is deeply concerning. --Chris
Re: The US government has betrayed the Internet. We need to take it back
This has been known for years so why the sudden list spam Calea in Canada goes into full force jan 1 2014 and yes it was meant to stop pedo bears but it is much farther reaching Sent from my iPhone On 2013-09-06, at 5:33 PM, Scott Weeks sur...@mauigateway.com wrote: --- s...@circlenet.us wrote: From: Sam Moats s...@circlenet.us There only options are to: Disobey the law, unacceptable in my opinion Close down services, noble but I need to eat and you probably want to keep getting email Compromise your principles and obey the law, the path often choosen. So, there's no choice except to get a 5-gallon bucket of gov't-ky jelly and take it? So many things come to mind on your flag-waving emails, I can't think of what to say first. And believe me, that's not usual... ;-) After a while, you'll become raw and probably change your mind. scott
RE: The US government has betrayed the Internet. We need to take it back
The problem is that the US govt and others have been sucked into a vortex of bad game theory. They believe we the people don't want any terrorist acts against us, or minimized as much as possible, which is roughly: none. This belief is reasonable. Worse, terrorism has become a political weapon against whoever can be characterized as asleep on the watch. The president, DHS, FBI - remember all the news articles asking why the FBI didn't act earlier on the Marathon bombers? etc. Tonight at midnight Janet Napolitano is no longer head of DHS. As many have said: What a bad job she had! Just waiting for a terrorist attack so congress et al can demand to know why. So DHS, NSA, et al sit around dreaming up ways to prevent terrorism which in some cases probably works, and in other cases is probably impossible. They seem to have hit upon this surveillance effort as a deliverable. The govt is going to resist engineering efforts because as I said it's their butts on the line not yours if there's an attack. Or yours only figuratively or by some coincidence (you're actually the victim of an attack.) We have a bad feedback loop going on in govt right now. Did the brains at al Qaeda foresee this in 2001? Possibly. It's not magic -- fear of terrorism creating a feedback loop like this. There are, or were, intellectuals behind AQ, some no doubt bright. So when people ask what is the aim of terrorism I think we're living it right here. I'm not convinced that characterizing the govt as the evil here is entirely constructive. -- -Barry Shein The World | b...@theworld.com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD| Dial-Up: US, PR, Canada Software Tool Die| Public Access Internet | SINCE 1989 *oo*
