Impacts of Encryption Everywhere (any solution?)
nanog at ics-il.net
Sat Jun 16 20:13:53 UTC 2018
But privacy! *sigh*
People may just have to know how to turn the proxy on and off. It's a requirement we wouldn't dare consider in the US, but if you're in the middle of nowhere and you can get megabit or higher speeds (instead of dialup) if you learn how to turn a proxy on and off... you'll learn quickly.
Sadly, it's just falling on deaf ears. Silicon Valley will continue to think they know better than everyone else and people outside of that bubble will continue to be disadvantaged.
Intelligent Computing Solutions
----- Original Message -----
From: "Lee Howard" <lee.howard at retevia.net>
To: nanog at nanog.org
Sent: Tuesday, May 29, 2018 9:55:18 AM
Subject: Re: Impacts of Encryption Everywhere (any solution?)
On 05/28/2018 10:23 AM, Mike Hammett wrote:
> Has anyone outside of tech media, Silicon Valley or academia (all places wildly out of touch with the real world) put much thought into the impacts of encryption everywhere?
See "Effects of Pervasive Encryption on Operators."
TLS1.3 uses ephemeral keys, so even if you own both endpoints and
everything in the middle, you can't decrypt a flow without some
QUIC encrypts everything, and of course, HTTPS.
> So often we hear about how we need the best modern encryption on all forms of communication because of whatever scary thing is trendy this week (Russia, NSA, Google, whatever). HTTPS your marketing information and generic education pieces because of the boogeyman!
> However, I recently came across a thread where someone was exploring getting a one megabit connection into their village and sharing it among many. The crowd I referenced earlier also believes you can't Internet under 100 megabit/s per home.
Yeah. Too many people forget that most of the Internet is mobile, and
mobile != LTE. People also assume packet loss < 0.1%, latency <100ms,
and power reliability >99%.
> However, this could be wildly improved with caching ala squid or something similar. The problem is that encrypted content is difficult to impossible for your average Joe to cache. The rewards for implementing caching are greatly mitigated and people like this must suffer a worse Internet experience because of some ideological high horse in a far-off land.
> Some things certainly do need to be encrypted, but encrypting everything means people with limited Internet access get worse performance OR mechanisms have to be out in place to break ALL encryption, this compromising security and privacy when it's really needed.
> To circle back to being somewhat on-topic, what mechanisms are available to maximize the amount of traffic someone in this situation could cache? The performance of third-world Internet depends on you.
A proxy is all I've thought of. But it means everything is dependent on
the proxy, and it's even in-path for things that really should be
encrypted, like email and messaging.
I can't imagine why the weather should be encrypted, when everyone in a
location wants to know the forecast.
More information about the NANOG