Radio Netherlands Worldwide

SSO Login

More login possibilities:

  • Facebook
  • Flickr
  • Twitter
  • Google
  • LinkedIn
Friday 28 November  
In response to NSA revelations, the internet’s engineers PRISM-proof the net
Nusa Dua, Indonesia
Nusa Dua, Indonesia

In response to NSA revelations, the internet’s engineers set out to PRISM-proof the net

Published on : 26 October 2013 - 12:25pm | By Julie Blussé (CC)
More about:

Greatly disturbed by the recent revelations of mass internet surveillance, the Internet Engineering Task Force (IETF) have announced plans to ramp up online security. You may never have heard of them, but the IETF are the creators and engineers of the internet’s architecture. Is there a technical solution to the problem of mass surveillance?

For the IETF, Edward Snowden’s revelations were “a wake-up call,” said Jari Arkko, the task force’s chair. Arkko spoke at this week’s UN-initiated Internet Governance Forum in Bali, Indonesia. Surprised by the scale and tactics of surveillance, Arkko stated the engineers are “looking at technical changes that will raise the bar for monitoring.”

“Perhaps the notion that internet is by default insecure needs to change,” he said. The IETF’s will is there, and Arkko believes significant technical fixes  “just might be possible.”

Technical, not political

The engineers of the IETF keep a low profile, but they have been crucial to creating and setting the standards on which the internet was built, ever since its birth in 1969. They have developed email, instant messaging, and many protocols that hide behind acronyms that sound familiar yet mysterious to most Internet users, like HTTP and TCP/IP.

As the internet evolved from an academic project into a global network, the role governments and companies played in how it functions grew dramatically. But the IETF maintained its well-respected role, thanks in part to its fervently apolitical stance and focus on technical issues.

That focus remains in the current plans to make the internet more resistant to mass surveillance, Arkko emphasised in an interview with RNW: “This is a technical, not a political decision.” 

In his speech, Arkko chose his words carefully as he addressed an audience comprising representatives from governments that perpetrate the same mass-surveillance he hopes to curtail.

“I do not think we should react to specific cases,” Arkko stated during the forum’s opening sessions. “But our commerce, business and personal communications are all depending on the internet technology being secure and trusted.”

More, new and better security

Ideas about how the internet might be secured against mass surveillance are currently discussed over the IETF’s publicly accessible mailing lists, to which anyone can subscribe and contribute. While nothing is set in stone yet, Arkko sketched out a few of the IETF’s ideas in his public address.

Firstly, the IETF wants to eventually apply encryption to all web traffic.

“Today, security only gets switched on for certain services like banking,” Arkko explained, referring to IETF-developed standards like SSL the little lock that appears in the upper left corner of your browser to secure online purchases. “If we work hard, we can make [the entire internet] secure by default.” To this end, the IETF might make encryption mandatory for HTTP 2.0, a new version of the basic web protocol.

Secondly, the IETF plans to remove weak algorithms and strengthen existing algorithms behind encryption. This means that the US National Security Agency and other surveillors will find it harder to crack current forms of encryption.

In other words: the IETF proposes putting locks in more places and making existing locks harder to pick. If the protocols are applied, intercepting the traffic between any two points on the internet— the sender and receiver of an email, the visitor and owner of a website, the buyer and seller of a product—will be close to impossible.

Starting November 3, the IETF will hold a week of meetings in Vancouver, Canada to concretise the online security plans in person.

Raising the bar for surveillance

The IETF is confident that their plans will make a difference, but what do other experts on the internet’s technical infrastructure think?

Axl Pavlik, managing director of the Europe’s Internet Registry (RIPE NCC), is guardedly optimistic. 

“It wouldn’t stop the problem, but it would make the effort [of surveillance] more expensive.”

Pavlik likens the plans to a successful countermove in an indefinite arms race between internet users and snoopers.

“You and I have limited resources, and the surveillor has limited resources –maybe more than we have – but if millions of users of the internet raise the bar a little bit, the requirements to surveil every little bit of internet traffic would be much higher,” he explained to RNW.

The IETF’s plans also benefit people who are already encrypting their online activities themselves, argued Marco Hogewoning, technical adviser to RIPE NCC. According to him, these people currently stick out like a sore thumb to the very surveillors they hope to evade.

“If you see an armoured car now on the street, you know there must be something valuable inside,” Hogewoning explained. “If everybody drives around in an armoured car, I can go around and put a lot of effort into breaking into each and every car, and hope I get lucky and find something valuable inside, but it might be empty. If everybody encrypts everything, all you can see is armoured cars.”

Take it or leave it

Yet while the IETF can propose standards and protocols, it has no power to enforce their adoption. The onus to adopt the standards lies with the software developers who make browsers and web servers, as well as website owners, and everyday internet users who need to heed browser updates.

“It’s a great initiative,” said Gillo Cutrupi, a digital security trainer at Tactical Tech. “But it if it’s not adopted, it’s just a piece of paper.”

A standard like HTTPS, for instance, can already be applied by every website to improve security. Cutrupi explains that many websites unfortunately still make use of unsafe options.

Such options might be popular because they are easier to use. Some websites don’t care for security, and ignore the standard; Yahoo Mail will only make HTTPS encryption the default setting starting January 2014.

Yet Arkko, the IETF chair, doesn’t see universal adoption as a big hurdle. “I have no worry about that,” he said. “Our standards are very widely applied.”

He stressed that in addition to increased security, newer standards offer multiple advantages.

“HTTP 2.0 has many other improvements.” In one example, he pointed out that “for the users, websites would load faster.”

These improvements would no doubt serve as an incentive for websites to implement the new protocol.

The end point of trust

Yet one major caveat remains. While the IETF might be able to secure the pipes through which users’ data travel, users must also be able to trust the parties where their data is stored: software, hardware and services such as Cisco, Gmail and Facebook. These parties can hand over user data directly to government agencies.

Arkko stressed the limitations of what the internet’s engineers can do. “We are trying to do as much as we can,” he explained, “which will help situations where there’s someone in the network monitoring you. It will not help situations where someone has direct access to your email provider.”

Axl Pavlik identifies the problem of trust at another level altogether

“In the end, it’s down to public policy, governments, secret services. And maybe the secret court orders to release a key [which] we will never know about. That shatters the trust of the internet as we know it. That’s the very bad situation that we need to get out of.”


Nathaniel 27 November 2014 - 2:48pm

NSA has little oversight and accountability which allows them to work as an organization and not as individuals. In order to do good you cannot do bad because someone including them will try to stop the bad in the world.

Anonymous 27 November 2014 - 4:35am / indonesia

Thanks for the information, Very useful
cara mengobati miom

Obat Penurun Asam Lambung 27 November 2014 - 4:05am /

informasinya bermanfaat sekali gan, wah jangan lupa kunjungi balik lapak ane nih
useful information gan, oh do not forget to visit the stall behind ane nih
Obat Penurun Asam Lambung

obat herbal polip hidung paling ampuh 26 November 2014 - 8:35am / indonesia

greet post..
thanks you very good article,,

obat herbal meningitis kronis 26 November 2014 - 3:57am / indonesia
Anonymous 25 November 2014 - 4:01am /

useful information gan, oh do not forget to visit the stall behind ane nih
informasinya bermanfaat sekali gan, wah jangan lupa kunjungi balik lapak ane nih
Obat Maag Kronis
Jelly Gamat Gold G

Anonymous 25 November 2014 - 3:35am /

nformasinya bermanfaat sekali gan, wah jangan lupa kunjungi balik lapak ane nih
Obat Maag Kronis
Jelly Gamat Gold G

obat herbal sinusitis 25 November 2014 - 3:14am / indonesia

Thank you for sharing this article .. keep it up and good luck to all of you!

obat herbal glaukoma 25 November 2014 - 2:31am / indonesia
Obat Maag kronis 24 November 2014 - 7:40am /

best wishes very useful article permits gan read and participate save link
Obat Maag Kronis

obat herbal amandel kronis tanpa operasi 24 November 2014 - 7:39am / indonesia
titisan ariel 24 November 2014 - 7:22am / indonesia
candra 24 November 2014 - 7:21am / indonesia
Anonymous 22 November 2014 - 6:36am / indonesia

Thanks for the information, Very useful
obat tumor otak

Sriintan 21 November 2014 - 7:30am / Indonesia

Thanks for the information, Very useful

alisnurhasanah 21 November 2014 - 7:22am / Tasikmalaya

this site is very good. posted by : cara mengecilkan tubuh

Anonymous 20 November 2014 - 11:18am / Indonesia

wooww great ace maxs

tavanthang 20 November 2014 - 8:23am / Viet Nam

Long success comes from hard work, dedication and perseverance, will overcome almost any prejudice of any kind, and open almost any door.
AmaSuite Discount

obat herbal tulang keropos ampuh 20 November 2014 - 4:38am / indonesia
Obat herbal vertigo akut 20 November 2014 - 3:07am / indonesia

Thanks for information....
very nice,,

Anonymous 19 November 2014 - 9:36am / vietnam

It is very nice to listen to your discussion on specific topic here. I too believe your points here. keep posting sensible blogs. however i need to grasp additional news concerning more about this topic and for that asking your facilitate.
bestamasuite Review

XiuSangster 17 November 2014 - 3:01am
obat ambeien tanpa operasi 17 November 2014 - 1:45am / indonesia

your information very interesting, good luck for you obat ambeien tanpa operasi

obat pelangsing 14 November 2014 - 9:48am / Jawa barat

Dari sekian banyak produk yang tersedia untuk paru paru basah, kami sebagai pusat obat herbal yang beralamai di Jln. Tamansari Gobras No.47 B Gunung Kanyere, Kota Taasikmalaya atas nma Acep Suherman,SE merekomendasikan Cordyceps plus capsule untuk solusinya. Terampuh dan terbukti.Obat Paru Paru Basah

Obat Pelangsing Herbal

Slimming Capsule

Obat Pelangsing

Obat Herbal Scabies

XiuSangster 14 November 2014 - 1:30am
XiuSangster 14 November 2014 - 1:29am
puspita komalasari 10 November 2014 - 2:48am

Very good information, I will visit this website as often as possible. Thank you.

Obat Tradisional Batu Ginjal Alami Sampai Hancur

puspita komalasari 10 November 2014 - 2:47am

Very good information, I will visit this website as often as possible. Thank you.

Obat Tradisional Batu Ginjal Alami Sampai Hancur

Post new comment

Please be reminded all comments must be in English, short and to the point - guideline 250 words. Abusive and inappropriate comments will be removed.

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <p> <br>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

RNW on Facebook

RNW Player

Video highlights

Ladies on the move
RNW is keen on featuring inspiring women in our target countries, women who...
What about men?
In many countries, men don't stick around to raise their children. This is...