Radio Netherlands Worldwide

SSO Login

More login possibilities:

Close
  • Facebook
  • Flickr
  • Twitter
  • Google
  • LinkedIn
Home
Friday 22 August  
In response to NSA revelations, the internet’s engineers PRISM-proof the net
Map
Nusa Dua, Indonesia
Nusa Dua, Indonesia

In response to NSA revelations, the internet’s engineers set out to PRISM-proof the net

Published on : 26 October 2013 - 1:25pm | By Julie Blussé (CC)
More about:

Greatly disturbed by the recent revelations of mass internet surveillance, the Internet Engineering Task Force (IETF) have announced plans to ramp up online security. You may never have heard of them, but the IETF are the creators and engineers of the internet’s architecture. Is there a technical solution to the problem of mass surveillance?

For the IETF, Edward Snowden’s revelations were “a wake-up call,” said Jari Arkko, the task force’s chair. Arkko spoke at this week’s UN-initiated Internet Governance Forum in Bali, Indonesia. Surprised by the scale and tactics of surveillance, Arkko stated the engineers are “looking at technical changes that will raise the bar for monitoring.”

“Perhaps the notion that internet is by default insecure needs to change,” he said. The IETF’s will is there, and Arkko believes significant technical fixes  “just might be possible.”

Technical, not political

The engineers of the IETF keep a low profile, but they have been crucial to creating and setting the standards on which the internet was built, ever since its birth in 1969. They have developed email, instant messaging, and many protocols that hide behind acronyms that sound familiar yet mysterious to most Internet users, like HTTP and TCP/IP.

As the internet evolved from an academic project into a global network, the role governments and companies played in how it functions grew dramatically. But the IETF maintained its well-respected role, thanks in part to its fervently apolitical stance and focus on technical issues.

That focus remains in the current plans to make the internet more resistant to mass surveillance, Arkko emphasised in an interview with RNW: “This is a technical, not a political decision.” 

In his speech, Arkko chose his words carefully as he addressed an audience comprising representatives from governments that perpetrate the same mass-surveillance he hopes to curtail.

“I do not think we should react to specific cases,” Arkko stated during the forum’s opening sessions. “But our commerce, business and personal communications are all depending on the internet technology being secure and trusted.”

More, new and better security

Ideas about how the internet might be secured against mass surveillance are currently discussed over the IETF’s publicly accessible mailing lists, to which anyone can subscribe and contribute. While nothing is set in stone yet, Arkko sketched out a few of the IETF’s ideas in his public address.

Firstly, the IETF wants to eventually apply encryption to all web traffic.

“Today, security only gets switched on for certain services like banking,” Arkko explained, referring to IETF-developed standards like SSL the little lock that appears in the upper left corner of your browser to secure online purchases. “If we work hard, we can make [the entire internet] secure by default.” To this end, the IETF might make encryption mandatory for HTTP 2.0, a new version of the basic web protocol.

Secondly, the IETF plans to remove weak algorithms and strengthen existing algorithms behind encryption. This means that the US National Security Agency and other surveillors will find it harder to crack current forms of encryption.

In other words: the IETF proposes putting locks in more places and making existing locks harder to pick. If the protocols are applied, intercepting the traffic between any two points on the internet— the sender and receiver of an email, the visitor and owner of a website, the buyer and seller of a product—will be close to impossible.

Starting November 3, the IETF will hold a week of meetings in Vancouver, Canada to concretise the online security plans in person.

Raising the bar for surveillance

The IETF is confident that their plans will make a difference, but what do other experts on the internet’s technical infrastructure think?

Axl Pavlik, managing director of the Europe’s Internet Registry (RIPE NCC), is guardedly optimistic. 

“It wouldn’t stop the problem, but it would make the effort [of surveillance] more expensive.”

Pavlik likens the plans to a successful countermove in an indefinite arms race between internet users and snoopers.

“You and I have limited resources, and the surveillor has limited resources –maybe more than we have – but if millions of users of the internet raise the bar a little bit, the requirements to surveil every little bit of internet traffic would be much higher,” he explained to RNW.

The IETF’s plans also benefit people who are already encrypting their online activities themselves, argued Marco Hogewoning, technical adviser to RIPE NCC. According to him, these people currently stick out like a sore thumb to the very surveillors they hope to evade.

“If you see an armoured car now on the street, you know there must be something valuable inside,” Hogewoning explained. “If everybody drives around in an armoured car, I can go around and put a lot of effort into breaking into each and every car, and hope I get lucky and find something valuable inside, but it might be empty. If everybody encrypts everything, all you can see is armoured cars.”

Take it or leave it

Yet while the IETF can propose standards and protocols, it has no power to enforce their adoption. The onus to adopt the standards lies with the software developers who make browsers and web servers, as well as website owners, and everyday internet users who need to heed browser updates.

“It’s a great initiative,” said Gillo Cutrupi, a digital security trainer at Tactical Tech. “But it if it’s not adopted, it’s just a piece of paper.”

A standard like HTTPS, for instance, can already be applied by every website to improve security. Cutrupi explains that many websites unfortunately still make use of unsafe options.

Such options might be popular because they are easier to use. Some websites don’t care for security, and ignore the standard; Yahoo Mail will only make HTTPS encryption the default setting starting January 2014.

Yet Arkko, the IETF chair, doesn’t see universal adoption as a big hurdle. “I have no worry about that,” he said. “Our standards are very widely applied.”

He stressed that in addition to increased security, newer standards offer multiple advantages.

“HTTP 2.0 has many other improvements.” In one example, he pointed out that “for the users, websites would load faster.”

These improvements would no doubt serve as an incentive for websites to implement the new protocol.

The end point of trust

Yet one major caveat remains. While the IETF might be able to secure the pipes through which users’ data travel, users must also be able to trust the parties where their data is stored: software, hardware and services such as Cisco, Gmail and Facebook. These parties can hand over user data directly to government agencies.

Arkko stressed the limitations of what the internet’s engineers can do. “We are trying to do as much as we can,” he explained, “which will help situations where there’s someone in the network monitoring you. It will not help situations where someone has direct access to your email provider.”

Axl Pavlik identifies the problem of trust at another level altogether

“In the end, it’s down to public policy, governments, secret services. And maybe the secret court orders to release a key [which] we will never know about. That shatters the trust of the internet as we know it. That’s the very bad situation that we need to get out of.”

Discussion

Anonymous 22 July 2014 - 5:20pm

Given how the IETF wors, the politics and the messy, complex, over-engineered committee-work that has poured out from there the past decade or more, it is clear no increase of security can be expected from there. NSA does not have to sabotage their attempts, they do it themselves. Luckily, the industry keeps ignoring their work.

brenwa7 13 July 2014 - 11:09am

Yet one major caveat remains. While the IETF might be able to secure the pipes through which users’ data travel, users must also be able to trust the parties where their data is stored: software, hardware and services such as Cisco, Gmail and Facebook. These parties can hand over user data directly to government agencies.

Arkko stressed the limitations of what the internet’s engineers can do. “We are trying to do as much as we can,” he explained, “which will help situations where there’s someone in the network monitoring you. It will not help situations where someone has direct access to your email provider.”

Axl Pavlik identifies the problem of trust at another level altogether

“In the end, it’s down to public policy, governments, secret services. And maybe the secret court orders to release a key [which] we will never know about. That shatters the trust of the internet as we know it. That’s the very bad situation that we need to get out of.”

judi bola online

Anonymous 6 July 2014 - 7:17am / Vietnam

Everyone knows that FB Marketing is hot right now. FB Content Pro is a software will allow you to capture that trend and make a nice profit due to the ease of use of the plugin, but also it’s incredible power to have all internet content at your fingertips and ready to post to any fanpage or facebook group.
FB Content Pro Review

pakraflhi 8 July 2014 - 12:49am / pakhasanuddin@gmail.com

kami sekeluarga tak lupa mengucapkan puji syukur kepada ALLAH S,W,T
dan terima kasih banyak kepada AKI atas nomor togel.nya yang AKI
berikan 4 angkah 0228 alhamdulillah ternyata itu benar2 tembus AKI.
dan alhamdulillah sekarang saya bisa melunasi semua utan2 saya yang
ada sama tetangga.dan juga BANK BRI dan bukan hanya itu AKI. insya
allah saya akan coba untuk membuka usaha sendiri demi mencukupi
kebutuhan keluarga saya sehari-hari itu semua berkat bantuan AKI..
sekali lagi makasih banyak ya AKI… bagi saudara yang suka main togel
.
yang ingin merubah nasib seperti saya silahkan hubungi AKI SOLEH,,di
0823 1333 6747,, insya allah anda bisa seperti saya…menang togel 175
juta, wassalam.

dijamin 100% jebol saya sudah buktikan...sendiri....

Apakah anda termasuk dalam kategori di bawah ini !!!!

1"Dikejar-kejar hutang

2"Selaluh kalah dalam bermain togel

3"Barang berharga anda udah habis terjual Buat judi togel

4"Anda udah kemana-mana tapi tidak menghasilkan solusi yg tepat

5"Udah banyak Dukun togel yang kamu tempati minta angka jitunya
tapi tidak ada satupun yang berhasil..

Solusi yang tepat jangan anda putus aza....AKI SOLEH akan membantu
anda semua dengan Angka ritwal/GHOIB:
butuh angka togel 2D3D4D SGP / HKG / MALAYSIA / TOTO MAGNUM / dijamin
100% jebol
Apabila ada waktu
silahkan Hub: AKI SOLEH DI NO: (((082313336747)))

angka GHOIB: singapur 2D/3D/4D/

angka GHOIB: hongkong 2D/3D/4D/

angka GHOIB; malaysia

angka GHOIB; toto magnum 4D/5D/6D/

angka GHOIB; laos

pg 24 May 2014 - 4:55pm

For the bride, the wedding ceremony, in addition to the dress according to the happiest moments in life, the choice of dress is also very important. It can reflect the bride's personality and aesthetic greater extent. The bride's dress can colors, styles, fabrics and other aspects of different options. For most brides, the romance may be their first choice. Lace flounced fabric and design elements are classicGalajurken
Galajurken 2014

pg 24 May 2014 - 4:48pm

For the bride, the wedding ceremony, in addition to the dress according to the happiest moments in life, the choice of dress is also very important. It can reflect the bride's personality and aesthetic greater extent. The bride's dress can colors, styles, fabrics and other aspects of different options. For most brides, the romance may be their first choice. Lace flounced fabric and design elements are classicGalajurken
Galajurken 2014

Anonymous 23 May 2014 - 3:44pm

For the bride, the wedding ceremony, in addition to the dress according to the happiest moments in life, the choice of dress is also very important. It can reflect the bride's personality and aesthetic greater extent. The bride's dress can colors, styles, fabrics and other aspects of different options. For most brides, the romance may be their first choice. Lace flounced fabric and design elements are classicGalajurken 2014
Lange Galajurken>

Anonymous 23 May 2014 - 3:42pm

For the bride, the wedding ceremony, in addition to the dress according to the happiest moments in life, the choice of dress is also very important. It can reflect the bride's personality and aesthetic greater extent. The bride's dress can colors, styles, fabrics and other aspects of different options. For most brides, the romance may be their first choice. Lace flounced fabric and design elements are classicGalajurken 2014
Lange Galajurken>

Anonymous 22 May 2014 - 3:17am

For the bride, the wedding ceremony, in addition to the dress according to the happiest moments in life, the choice of dress is also very important. It can reflect the bride's personality and aesthetic greater extent. The bride's dress can colors, styles, fabrics and other aspects of different options. For most brides, the romance may be their first choice. Lace flounced fabric and design elements are classicGalajurken
Galajurken 2014

Anonymous 21 May 2014 - 4:45pm

Good choice, better reflect their own perfection. A unique Trouwjurken, Samaranch not the same as your own!

Anonymous 20 May 2014 - 9:17am

Good choice, better reflect their own perfection. A uniqueBruidsjurken, Samaranch not the same as your own!

Dennisnona 19 May 2014 - 4:03pm / Afghanistan

Ralph Lauren is usually an outline of any American dream: the long grass, antique crystal , the name Marble horse . His product , of your house clothing or furniture , whether it's perfume or containers, have focused on the top of class customers yearning for a perfect life . Or as Ralph Lauren himself said : " The main my design really should be to polo
attain the like people's minds - the simplest imaginable reality ." Ralph Lauren is the ideal type of it is the actual realization in the American dream : he construction from a $ 3 billion business center, a own fashion empire. Cheap Ralph Lauren Polo Citt¨¤

1939 Ralph Lauren produced in the Polish immigrant family members are not romantic , his original name is termed : "Ralph Lifschitz". Young, Ralph Lauren and absolutely the fashion ambition , he was simply a combination of affinity for uomini di Ralph Lauren Polo a righe

clothes . In those days , the next boys are dressed like Marlon Brando, dressed up in jeans and one motorcycle shirt, but only he dressed gentle, such as a university student. Eleven or twelve year-old, he attracted people anticipated garment elegant and ask . His early education originated the fashion film and Esquire magazines . His idol was the Duke of Windsor and Katherine Hepburn. polo by ralph lauren

Ralph Lauren 16 year-old, his brother Jerry ( incumbent Polo men's boss ) , suggested their particular brothers would often tease Lifschitz rid surname . After a brains in the search, they finally found the rhythm very harmonious "Lauren". From the completion of high-school , Ralph Lauren about the City University of brand new York about a business class, but threw in the . ralph lauren outlet uk

Anonymous 19 May 2014 - 4:03pm

Good choice, better reflect their own perfection. A unique Trouwjurken, Samaranch not the same as your own!

Anonymous 18 May 2014 - 6:29am

Trouwjurkenstyles: V-neck, big sweetheart neckline is a wise choice, you can lengthen your face from the visual to make your cute little round face looks fine, avoid high-necked collar and large.

Anonymous 17 May 2014 - 7:26am

Nostalgia. If you have some nostalgic feeling, no need to expend energy to be customized in the old style, consider direct to your mother or grandmother's dress wear it to take overCocktailjurken 2014

Anonymous 16 May 2014 - 10:16am

Cocktailjurken 2014Ascertain in advance the price. Can patience to figure out the best wedding venue in consumption levels and prices, so when you buy costumes and decorations would not be lost in the mind can grasp the targeted price.

Anonymous 16 May 2014 - 10:12am

, Hand-sewn wedding dress. Can be purchased directly at the bridal salon in a basic style of wedding dress, along with her mother and then hand sewn on decoration, this may only save a little money, but significance.Cocktailjurken

Anonymous 16 May 2014 - 10:05am

With the continuous improvement of people's quality of life, the concept of continuous improvement dress, new Goedkope Galajurken is also higher for the expectations and requirements. From the previous to the wedding photography shop or Cocktailjurkenhire shop in hi to buy wedding apparel in recent years become the norm. Today, as part of a higher

quality of life seeking newcomers are more willing to choose one of their own unique dream wedding dress was finally out of the marriage ----- props "Destiny" from the true

meaning has been given the meaning of love and happiness. Thus, as the representative of a group to Lander wedding design brand gradually appeared in public view in.

clemente 30 April 2014 - 3:43pm

The onus to adopt the standards lies with the software developers. - Eric Ludy

Ginnastica Posturale Milano 15 April 2014 - 12:52am

I really like the way Axl Pavlik identifies the problem of trust: “In the end, it’s down to public policy, governments, secret services. And maybe the secret court orders to release a key [which] we will never know about. That shatters the trust of the internet as we know it. That’s the very bad situation that we need to get out of.”

Ginnastica Posturale Milano

Tiffiny 2 April 2014 - 10:28pm / Brazil

Designing apps for Android can be a daunting task, specifically
for the newbie Android developers. There are some subscription charges but you
can download it for free. For example, if you are into restaurant business, you can check the incoming orders and table booking requests instantly.

Review my site - snapchat cbs

Me Again 30 March 2014 - 7:11am / Australia

Thanks for this interesting story. Though miss the old RNW days when I could listen to it (MORE RELAXING) on either SW radio or via audio on the Internet rather than tax my eyes reading it on the PC :-(

RNW a mere shadow of itself & its grand old days.............

Ar condicionado automotivo 24 March 2014 - 8:40pm

Wonderful illustrated information. I thank you about that. Thanks so much for writing all of the excellent information!

ar condicionado automotivo

Anonymous 31 October 2013 - 11:02pm / NZ

You just undermined yourself by SHOUTING and then saying NO ONE whose. Such a basic grammar mistake.

Razer Ray 29 October 2013 - 7:44pm / USA

IETF is one of the old-line orgs that HELPED the NSA make it's spying possible & NEVER COMPLAINED as the internet was turned from a 'flexible network' into a latter day portalled version of the BBS Bang Path system that preceded it. So that OTHER group of vultures requiring mass surveillance, ADVERTISERS could stalk us. NO ONE whose involved in the design or engineering of the Internet will EVER do ANYTHING to hinder the NSA in any substantial way if they want to continue working with the IETF. But they'll tell us they did.

Post new comment

Please be reminded all comments must be in English, short and to the point - guideline 250 words. Abusive and inappropriate comments will be removed.

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <p> <br>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

RNW on Facebook

RNW Player

Video highlights

Ladies on the move
RNW is keen on featuring inspiring women in our target countries, women who...
What about men?
In many countries, men don't stick around to raise their children. This is...