Help ATS with a contribution via PayPal:
learn more

Internet Architects Plan Counter-Attack On NSA Snooping

page: 1
40
<<   2 >>

log in

join
+11 more 
posted on Aug, 25 2013 @ 10:12 AM
link   
Not sure if this is the correct forum but since the NSA appears to be the largest terrorist group in the world I placed this here. Mods please move if necessary.

Finally someone is beginning to fight back against the rogue NSA and it's accomplice's in at least looking for solutions to the global surveillance problem we all find ourselves subjected to.

Internet Architects Plan Counter-Attack On NSA Snooping


"Not having encryption on the web today is a matter of life and death," is how one member of the Internet Engineering Task Force - IETF (the so-called architects of the web) described the current situation. As the FT reports, the IETF have started to fight back against US and UK snooping programs by drawing up an ambitious plan to defend traffic over the world wide web against mass surveillance.

Alright, so what's the plan?


The proposal is a system in which all communication between websites and browsers would be shielded by encryption. While the plan is at an early stage, it has the potential to transform a large part of the internet and make it more difficult for governments, companies and criminals to eavesdrop on people as they browse the web.

OK now we're talking. Let's give the IETF a high five for freedom and the unwillingness to sit by passively while groups like the NSA trample over the privacy rights of ... well, everybody.




posted on Aug, 25 2013 @ 10:20 AM
link   
reply to post by Bassago
 


YEAH.........




posted on Aug, 25 2013 @ 10:48 AM
link   
reply to post by Bassago
 


Me thinks it wont matter much. Considering that NSA has access to data where its stored, encrypting it end-to-end may not matter much. Also, whosto say that NSA isnt behind this "feel-good" message? Could be they want to sell this as a feel-good so the public doesnt stop usingthe internet to communicate private information.

Anyone know who the members of the Internet Engineering Task FoForce (aka IETF) are?



posted on Aug, 25 2013 @ 10:48 AM
link   
It is good to hear that , but isn't this guy some one who will know the decryption method and could sell it to the govt so that people could feel safe , and he gets popular and receives big money ?

IMO the best method is that all individuals learn about how internet works and try to protect themselves as much as they can.

Otherwise , these encryption and decryption could be wolf in sheep clothing



posted on Aug, 25 2013 @ 10:58 AM
link   
reply to post by mideast
 


Not really. If an underlying protocol layer could be implemented using 256 bit AES encryption and a large random generated key it would take a huge amount of brute force to decrypt. It would also take years even with a super computer. This tech is already publicly available. We just need to incorporate it and make it user friendly.



posted on Aug, 25 2013 @ 11:06 AM
link   
reply to post by Mike.Ockizard
 



Anyone know who the members of the Internet Engineering Task FoForce (aka IETF) are?


There is no membership for the IETF per se.


Large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture


The IESG is steering body for the IETF

There's not a lot of wiggle room for someone from the NSA to sneak in and get their message through this organization the way it is constructed.



posted on Aug, 25 2013 @ 11:08 AM
link   
reply to post by Mike.Ockizard
 


The Internet Engineering Task Force (IETF)


Mission Statement

The mission of the IETF is to make the Internet work better by producing high quality, relevant technical documents that influence the way people design, use, and manage the Internet.

The IETF will pursue this mission in adherence to the following cardinal principles:

Open process - any interested person can participate in the work, know what is being decided, and make his or her voice heard on the issue. Part of this principle is our commitment to making our documents, our WG mailing lists, our attendance lists, and our meeting minutes publicly available on the Internet.

Technical competence - the issues on which the IETF produces its documents are issues where the IETF has the competence needed to speak to them, and that the IETF is willing to listen to technically competent input from any source. Technical competence also means that we expect IETF output to be designed to sound
network engineering principles - this is also often referred to as"engineering quality".

Volunteer Core - our participants and our leadership are people who come to the IETF because they want to do work that furthers the IETF's mission of "making the Internet work better".

Rough consensus and running code - We make standards based on the combined engineering judgement of our participants and our real-world experience in implementing and deploying our specifications.

Protocol ownership - when the IETF takes ownership of a protocol or function, it accepts the responsibility for all aspects of the protocol, even though some aspects may rarely or never be seen on the Internet. Conversely, when the IETF is not responsible for a protocol or function, it does not attempt to exert control over it, even though it may at times touch or affect the Internet.



posted on Aug, 25 2013 @ 11:14 AM
link   
Well I think Lavabit owner already had protocols like this in place, but was apparently being forced to comply with the NSA and give up those safeguards for his customers or be shut down, so he just closed it himself instead.

If the govt has your hands tied, what good will these new plans do?

Face it-this is not America any more, just in those early stages so not everyone aware yet.
edit on 25-8-2013 by SunnyDee because: (no reason given)



posted on Aug, 25 2013 @ 11:20 AM
link   

Originally posted by SunnyDee
Well I think Lavabit owner already had protocols like this in place, but was apparently being forced to comply with the NSA and give up those safeguards for his customers or be shut down, so he just closed it himself instead.


Lavabit is just a company so they can be closed down. If the underlying structure of the internet is modified then there is nothing the NSA or any other intelligence group can do. This is also not a new process for the IETF. Simply look at the RFC (request for comments) lists and you will get an idea of just how much change takes place with the workings of the internet.



posted on Aug, 25 2013 @ 11:34 AM
link   

at its conference in Berlin this month, IETF members reached “nearly unanimous consensus” on the need to build encryption into the heart of the web,
- Op source




Wonder what the additional info at FT is,... would assume so, since since you'd have to sign up/log in?



posted on Aug, 25 2013 @ 12:11 PM
link   
IP V6 has triple DES has an encryption option while technically not much these days but is enough to stop reading data mid transfer as plain text

But when the spooks can just access the other end of the conversation there is little point in encryption once its strong enough to stop people just over hearing your conversation



posted on Aug, 25 2013 @ 02:51 PM
link   
Regardless of the data layer encryption instituted, the data packets still have to be addressed (from and to), right? So that meta data would still be collectable by the alphabet gangs, and would be quite useful to discern who to talking to whom, when, how often, and for how long. That is still very valuable intel to gather and mine, encryption or no...



posted on Aug, 25 2013 @ 03:38 PM
link   

Originally posted by Bassago
reply to post by mideast
 


Not really. If an underlying protocol layer could be implemented using 256 bit AES encryption and a large random generated key it would take a huge amount of brute force to decrypt. It would also take years even with a super computer. This tech is already publicly available. We just need to incorporate it and make it user friendly.


AES256 is fine for a single process such as hashing a password but a constant stream for something like web traffic, modern machines just aren't sufficiently capable to handle such a drain on resources. The fact remains also that we shouldn't have to take this kind of precaution from our own governments, I mean look at the facts, it's not exactly helped too much so far considering web AND phone traffic is monitored. The biggest thing that strikes me in all of this is the ease of industrial espionage which hasn't even been mentioned!



posted on Aug, 25 2013 @ 03:40 PM
link   

Originally posted by Krakatoa
Regardless of the data layer encryption instituted, the data packets still have to be addressed (from and to), right? So that meta data would still be collectable by the alphabet gangs, and would be quite useful to discern who to talking to whom, when, how often, and for how long. That is still very valuable intel to gather and mine, encryption or no...

The address could be a library, internet cafe. How many people are going to be drawn into the 'hand it over' enforcement. The NSA/NCTC by their unilateral actions are going to mean the US will lose all the internet gravy to overseas, they are going to destroy American unity of purpose because Americans themselves are effectively now disenfranchised, as are the British. The truth is the NSA/NCTC gambled and they will lose out in the long run, as well as all the actual harm they have caused. We need to remind ourselves, that a Snowden was not meant to happen.



posted on Aug, 25 2013 @ 04:15 PM
link   
The responses to this post seem very encouraging to me. In just a few hours many issues of why it will be difficult to ensure our privacy have been brought up. I have a lot of faith that the IETF is just as disgusted by the surveillance crimes as many of us are. They on the other hand have the ability to do something about it and I believe they will.

Email would seem to be the easiest in the quest for privacy IMO. It may give the biggest bang for the buck as a starting point.



posted on Aug, 25 2013 @ 04:43 PM
link   

Originally posted by Bassago
reply to post by mideast
 


Not really. If an underlying protocol layer could be implemented using 256 bit AES encryption and a large random generated key it would take a huge amount of brute force to decrypt. It would also take years even with a super computer. This tech is already publicly available. We just need to incorporate it and make it user friendly.


It would have to operate at the hardware level at the "physical level" of the TCP/IP stack. NSA could still have out-of-band communication with the network board via the internet. Basically they could have secret data packets that is only read by the hardware and not sent up to the operating-system - the postal equivalent would be those bar codes that couriers like Fed-Ex use.

Here's an example - certain servers that are switched off can be activated where a "magic packet" can be sent to the MAC address of that PC despite it being switched off. That means the network chip is always active and listening to the network despite the PC being switched off... what else on the PC is still active?

www.cyberciti.biz...



posted on Aug, 25 2013 @ 04:56 PM
link   
reply to post by stormcell
 

Most functions such as magic packet, wake on LAN can be disabled or are disabled by default but I see what you are saying. Doesn't look insurmountable to me. If nothing else the hardware vendors will actually have a real reason to get us to upgrade to some new non-hijack components.



posted on Aug, 25 2013 @ 05:05 PM
link   
They need to come up with a data cable encryption device you can connect to your monitor and key board as a package that works together. Soon as you type on your key board it is encrypted but you have a device on your monitor that allows it to be decrypted for viewing. Every thing in your computer can be encrypted that way. And call it a friends and family plan. Your friends would also need them setup to match your system. The device should have a rolling code setup on it and a pin device so you can change it when ever you want to. Such as garage door openers and alarm systems use for the remotes. This would allow for some security. Bad thing is as soon as you patent it the government is going to want all information on the device and the codes used plus the type of encryption being used. So you would still be out of luck on blocking them.

As long as they have the patent office wanting all the encryption software you use and they control the internet hubs your just out of luck. They can spy on you.
edit on 25-8-2013 by JBA2848 because: (no reason given)



posted on Aug, 25 2013 @ 05:28 PM
link   
I think you don't know enough evil people so you can't imagine the world can look like soon.
Internet is (also) a scary and dangerous anarchistic place. One day you may pray for these alphabet striped and starred tough, freckled, brave boys and girls so they can handle the situation instead of you.
edit on 25/8/2013 by PapagiorgioCZ because: grammar



posted on Aug, 25 2013 @ 05:56 PM
link   

Originally posted by stormcell

Originally posted by Bassago
reply to post by mideast
 


Not really. If an underlying protocol layer could be implemented using 256 bit AES encryption and a large random generated key it would take a huge amount of brute force to decrypt. It would also take years even with a super computer. This tech is already publicly available. We just need to incorporate it and make it user friendly.


It would have to operate at the hardware level at the "physical level" of the TCP/IP stack. NSA could still have out-of-band communication with the network board via the internet. Basically they could have secret data packets that is only read by the hardware and not sent up to the operating-system - the postal equivalent would be those bar codes that couriers like Fed-Ex use.

Here's an example - certain servers that are switched off can be activated where a "magic packet" can be sent to the MAC address of that PC despite it being switched off. That means the network chip is always active and listening to the network despite the PC being switched off... what else on the PC is still active?

www.cyberciti.biz...


But does not that mean, regardless of how a communication can be caught surreptitiously, it still needs to be able to be readable. Plus you could resend an unopened e-mail around the world for a shortcut and end it up in a hotel or whatever, and open it anywhere, from a PC that is albeit local, but basically anywhere local.
Aside from that I have always maintained that total security online is a misnomer but, as the OP is saying, make it difficult if only in protest.






top topics



 
40
<<   2 >>

log in

join