Government Involvement on the Internet

We’re right on the edge of the worst thing that could happen to the Internet, or at least America’s activity on it. First, this week, the Senate is considering in committee a bill named Combating Online Infringement and Counterfeits Act. Now, the idea behind this bill is to keep people from buying similar domain names (like if someone were to buy http://gogle.com, which is a bad example since Google already owns that), and use them either to drive traffic to their own sites, or people who set up phishing scams.

In a way, this is a lot more important since May of this year, when ICANN began supporting internationalized domain names, since there are characters in Unicode that look very similarly in most fonts, but are technically different codes. This bill is a problem, because it allows for the creation of a list, maintained by the Attorney General’s office, which…well here’s the text

(i) a service provider, as that term is defined in section 512(k)(1) of title 17, United States Code, or other operator of a domain name system server shall take reasonable steps that will prevent a domain name from resolving to that domain name’s Internet protocol address;

Basically, if the Attorney General blacklists a domain, it is now the responsibility of an ISP (or probably anyone who runs a DNS server) to ensure that these domains no longer resolve. Alright, so what criteria get a domain on this list?

  1. Something that appears to only be around to violate Title 17, or copyright law.
  2. A site designed to sell ‘counterfeit’ material, as was defined in the [Lanham Act](http://en.wikipedia.org/wiki/Lanham_Act
  3. A site engaged in selling something that is subject to forfeiture according to US Code regarding stolen property.

Clearly the justification behind this bill is to protect American business from illegitimate and illegal competition, which is fine. The problem with the creation of this list, is the precedent it sets. It’s government censorship (yes, of illegal activity, but that is beside the point). And, once something like this is created, it becomes far more likely that it’s scope will expand, but it would likely never go away.

Remember the 17th Century Proverb, Hell is paved with good intentions. The government feels this is a necessary expansion of powers to enforce copyright and trademark law in the Internet Age. That is not a bad goal, but if we sit back and let this happen, not only could this law be used to try to shutdown sites like YouTube, but the list could be more easily expanded in the future, and that’s the real danger. I, for one, gladly signed the petition at Demand Progress, and encourage you to do the same.

Then, yesterday, stories were posted regarding the US Government wanting to modify wiretapping laws in a way that would force service providers to be able to decrypt communications and provide them to the government. The New York Times has a really good story, but they require registration now, so fuck them.

The argument presented by the FBI and others in law enforcement, is that the internet has dramatically reduced law enforcements ability to monitor communications. This is true. The Plain Old Telephone System (POTS) was designed in a way that made tapping it trivial. In the earliest days, when calls were routed by a switchboard operator physically plugging in wires to connect two phones, many switchboard operators were notorious for listening in on calls. When the switchboards went mechanical, tapping it was still trivial, because all you need to do was go to the central office and tap into the leads that were attached to the line you were interested in.

By the time we went digital, the legal precedent for wiretapping telephony was well established, and the digital routing systems, in the interest of performance, didn’t use encryption, and later they used a symmetric encryption method that the phone company could decrypt but others couldn’t. Cell phone networks were designed by the same people who did the telephone networks, so they were also designed in a way that made tapping them fairly trivial, for the network operator.

These systems have another weakness in addition to their ease of tapping. They are easy to disrupt, because of their centralized nature. Cell phones operate at well established frequency ranges (for good reason), that make them simple to disrupt. GSM has an insecure default failure mode.

The Internet was designed to avoid these problems. It was designed to route around damage in the network, in order to allow communication to continue. And it works, sort of, many communities may only have one trunk entering them. But even if that community gets taken down, the number of people affected by the outage is relatively small.

This design philosophy of the internet has contributed to the design of other Peer-to-Peer (p2p) mechanisms, like BitTorrent and Skype, where a central server is not necessarily, and data can route between members of the network in order to reach it’s destination. The other piece necessary to make this work is encryption, so that the random masses hosting the nodes in the mesh network can’t spy on the traffic passing through. Some p2p topologies can even mask who the sender and receiver are, to an extent.

If this legislation (which has not been introduced yet) were to be passed into law, service providers, including companies like Skype, would be legally required to insert a backdoor into their services, that would allow them to decrypt user data to get access to information that they currently can not. This would allow them to turn that information over to the government when subpoenaed.

Good encryption is designed in such a way that the only people who can decrypt the data are the people who know the secret that was used to encrypt it. It comes in two kinds, slow public-key mechanisms where there is a public ‘secret’ that is used to send messages that can only be decrypted by a private secret, and symmetric, where there is a shared secret. Most real-time cryptosystems use public-key cryptography to authenticate each other, and then share a key to be used for faster symmetric operations. However, without the private key, or the shared key, a good encryption scheme should be impossible to break, without using brute force techniques. Which is why the NSA and NIST got so much bad press in 2007, when it was shown that a new encryption algorithm they released, DualECDRBG could have a weakness whereby a set of constants could exist that made it possible to decrypt any message encrypted using the constants in their reference implementation (and most implementations probably would have just taken the NSA constants).

It is entirely likely the NSA did not do this on purpose, and I’ll leave it up to you to decide how likely a conspiracy is.

Now, if the government gets it’s way, every encryption mechanism used, at least by US Based Services, perhaps by any encrypted communication system used by Americans, would need to have a backdoor like the one in DualECDRBG. However, the ‘secret’ keys needed to unlock the encrypted communication are an enormous weakness in the cryptosystem. Like HDCP, the encrypted standard used to close the ‘analog loophole’ and protect the output of blu-ray players and set-top boxes, had it’s master key leaked recently, meaning that the entire cryptosystem has been compromised. This has happened before. Many times.

But, going back to Skype. Let’s say Skype does implement an encryption mechanism that operates like this. Now, if the master key that Skype can use to decrypt any communication were ever to be leaked, then anyone running a Skype node would be able to decrypt all the communication running through their node.

Valerie E. Caproni, General Counsel of the FBI, was quoted in the New York Times saying that companies “could still advertise having strong encryption” since they’d only have to decrypt and turn over the data in the event of a subpoena. Ms. Caproni completely misses the point. The moment the ability for a third party, any third party, to read a message is introduced into a cryptosystem, it is automatically insecure.

At the end of the day, I’d rather terrorists and criminals have access to secure means of communications than give up my own access. Yes, law enforcement’s job is getting harder, but any tool that shifts liberty from the government to the people is going to do that, and any tool that can accomplish that is absolutely worth having around.