[AusNOG] Consensus from the IETF 88 Technical Plenary - Internet hardening

Dobbins, Roland rdobbins at arbor.net
Sat Nov 9 12:14:06 EST 2013


On Nov 9, 2013, at 4:05 AM, Mark Newton <newton at atdot.dotat.org> wrote:

> Again, I feel like I'm being placed into the situation of having to tell the security vendor about what security is.

First of all, I'm speaking only for myself.  That should be clear to anyone reading this discussion, but I'll say it, anyways.

Secondly, I've been in this industry a long time, and I've a long track record in security - actual, measurable, security, not hand-waving and theorizing.  Including in your country.

Thirdly, all you're really telling me is that your experience with and understanding of the magnitude of threats to availability, and how to deal with them at scale, is minimal, at best.

> If you can raise the cost to an attacker, to the point where attacks become impractical, then you have attained a heightened state of security.

The problem is with the 'to the point where attacks become impractical' part.

You can't accomplish that against modern governments.

That was what the crypto wars of the 1990s were about.  PGP put public-key crypto into everyone's hands (well, at least tiny minority who had enough technical acumen to actually use it) - and so the governments made an end-run around it, resulting in the situation in which we find ourselves today.


> Raise the cost enough, or compromise their ability to reliably operate covertly, and they'll no longer be in a situation where, as now, they can hoover up everything on general principles.

This is the unrealistic part.  Unless political change is effectuated, they will simply pass laws requiring key escrow, or hand-over-your-keys-upon-demand (like RIPA in the UK), and then they will demand (and get) CALEA-like backdoors into cryptosystems, and they will use rubber-hose cryptography.

This is why political change is required.

<http://xkcd.com/538/>

>   They'll actually need a *reason* to go after someone.

No, quite the opposite - see the above.

> You're right, it isn't a serious discussion -- partly because you seem to think there's an answer to this exclusively within the realm of the polity.

Politics trumps technology every time.

> There is no political answer for us.

Of course there is.  It is for your own government to stop cooperating with this nonsense and to work to defend you against foreign governments doing this sort of thing.  

> You're focusing  on the threats your products respond to, and diminishing the importance of all the others.

I don't care about DDoS because I happen to work for Arbor.  I work for Arbor because I care very strongly about DDoS and availability in general.  And I'm not 'diminishing the importance' of all the others - I'm pointing out that not only would encrypting everything, all the time going to have a hugely negative impact in terms of the ability to maintain availability (which no one else on this thread has seriously addressed, choosing to dance around it and pretend it isn't a problem), it's going to lead to highly negative consequences in terms of how these various governments and their bureaux will respond.

And again, to be clear, I'm not speaking for Arbor, only for myself.

> Are DoS's bad?  Yup.  But they're not the worst.

When the online communications systems you use (email, IM, VoIP, whatever) are rendered unavailable by DDoS attacks, just how are you going to communicate securely with others?  The telephone?  The post?

What's that going to do for your commsec?  Will you have one-time pads printed up and distributed ahead of time to all those with whom you might possibly want to communicate?  Because otherwise, you won't have any effective commsec.

Enough.  I had to respond because of the vendor-bashing, but it seems pretty clear that there're some gaps in terms of both what people understand about maintaining availability as well as the fact that one simply can't win an economic contest against governmental entities with unlimited budgets and zero constraints.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

	  Luck is the residue of opportunity and design.

		       -- John Milton




More information about the AusNOG mailing list