Re: Internet protocol proposal raises privacy concerns

From: Robert J. Bradbury (bradbury@www.aeiveos.com)
Date: Mon Oct 18 1999 - 13:50:06 MDT


On Sun, 17 Oct 1999, Matthew Gaylor wrote:

>
> Privacy groups scramble to influence the outcome of a proposed Internet
> protocol in the wake of revelations that the standard could make it easier
> for companies and law enforcement to monitor Net users.
>

I noticed this, but find I can't get excited over it. Maybe I
don't understand encryption, but it seems the logical thing
would be to encrypt all of the server-client communications?

If I have a secure server and there is a protocol "extension"
that allows me to send my private key to the server, can't
the server send everything back to me in an encrypted form
so law enforcement & companies have no way of knowing what
is being transmitted to me?

If a company wants to distribute "restricted" material the
logical thing would seem to be to get a site offshore
(just as the Gambling sites have now all moved to the
Carribean).

Now, of course the group in Israel has cracked the encryption
codes, so if law enforcement/government had widespread access
to the technology then could be a problem. Would hardware
chips to provide rapid encryption with longer codes solve this?
If so it seems like AMD could further differentiate itself
from Intel by providing on-chip 4096-bit RSA encryption.

Does this make any sense to anyone?

It seems the motivation behind this is that parents are pushing
the politicians to find a way to keep their children out of the
X & V sites (or in Germany, the N sites). However, even if the
sites are rated, the browsers are software and I would have
to expect that programmers somewhere will release browsers
that ignore the ratings. So if the ISP carriers can't see
the data and the browsers ignore the ratings, I don't see
how this can be stopped. Sure parents can scan the hard drives
for the "open" browsers and remove them, but with floppies
pushing 100 MB, you can be sure kids will pass around the
illicit software among themselves so parents are completely
in the dark about what children have access to.

It seems with the rapid advancement of technology the privacy
advocates (the small guy) should promote accelerating technology
innovations, leaving the big [bureaucratic] guy (government,
law enforcement, etc.) playing continual "catch-up".

I think the genie is out of the bottle and it will take several
rounds of politicians saying "See, we fixed the problem", before
it is clear that it can't be fixed. In that situation the best
thing to do would be to get through those attempts as quickly
as possible so we will stop it and move onto something else.

Solutions that work when you control the information providers
(broadcasters) and receiving device manufacturers (TV manufacturers)
simply cannot work when everyone (including people outside
your country) are potential providers, many people can create
the receiving devices (software) and what goes in between
cannot be examined for "censorship".

It is going to be very interesting to see if governments get to
the point of trying to regulate the actions of their citizens
in other countries!?! I.e. A German citizen who wants to manage
a N site located in the U.S. or a U.S. citizen who wants to
sell guns on a site in Cuba, etc.

If I ship my gun to a friend in Cuba, he takes 10% and then
ships the gun to some teenager in the U.S., have I violated
a law? [Perhaps a "conspiracy" to violate a law?] Governments
may have some hope of regulating the sale of guns or drugs,
but "data" seems pretty impossible to regulate.

Robert



This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:05:32 MST