Impacts of Encryption Everywhere (any solution?)

Mon May 28 16:37:46 UTC 2018

The "do not search a culprit" stuff:
What is the point with encryption ?

If your users have a very-low bandwidth, they will get a crappy service,
with or without encryption
This is our world, our http-based internet is NOT made for a 40k connection

The "tip stuff":
If you simply do not care about encryption, or are willing to trade
privacy for caching because you have no-bandwidth, you can simply break SSL
It costs nothing, and you will not mind the "red lock" (remember: trade-off)

The "philosophical stuff":
About your last part, you are absolutely right, this is a sad situation,
yet not true

Niklaus Wirth (the pascal guy) said in 1995:
"Software gets slower faster than hardware gets faster."
This has never been so true ..

On 05/28/2018 06:09 PM, Mike Hammett wrote:
> I can't imagine rural third-country villages have much influence over the departments of the appropriate companies to affect all of the junk getting added to sites these days. 
> 
> I'm also not foolish enough to think this thread will affect the encrypt-everything crowd as it is more of a religion\ideology than a practical matter. However, maybe it'll shed some light on technical ways of dealing with this at the service-provider level or plant some doubt in someone's mind the next time they think they need to encrypt non-sensitive information. 
> 
> The same goes for all development. My phone is significantly slower today than a couple years ago when new without a significant change in the amount of stuff that I run because developers are lazy and fill the space the latest platforms offer them. 
> 
> 
> 
> 
> ----- 
> Mike Hammett 
> Intelligent Computing Solutions 
> 
> Midwest Internet Exchange 
> 
> The Brothers WISP 
> 
> ----- Original Message -----
> 
> From: "Rich Kulawiec" <rsk at gsp.org> 
> To: nanog at nanog.org 
> Sent: Monday, May 28, 2018 10:00:36 AM 
> Subject: Re: Impacts of Encryption Everywhere (any solution?) 
> 
> On Mon, May 28, 2018 at 09:23:09AM -0500, Mike Hammett wrote: 
>> Some things certainly do need to be encrypted, but encrypting everything 
>> means people with limited Internet access get worse performance OR 
>> mechanisms have to be out in place to break ALL encryption, this 
>> compromising security and privacy when it's really needed. 
> 
> There are better places to reduce traffic while simultaneously enhancing 
> security and privacy. The new EU version of the home page of USA Today 
> is about 20% the size of the one presented in the US -- because it's 
> had all the tracking and scripting stripped out -- with a concomitant 
> reduction in load time and rendering time. Much more drastic reductions 
> are available elsewhere, e.g., mail messages composed of text only are 
> typically 5% to 10% the size of the same messages marked up with HTML. 
> 
> The problem (part of the problem) is that the people doing these foolish 
> things are new, ignorant, and privileged: they don't realize that bandwidth 
> is still an expensive and scarce resource for most of the planet. I've 
> said for years that every web designer should be forced to work in an 
> environment bandlimited to 56K in order to instll in them the virtue 
> of frugality and strongly discourage them from flattering their egos 
> by creating all-singing all-dancing web sites...that look great in the 
> portfolios they'll show to their peers but are horribly bloated, slow, 
> unrenderable in a lot of browsers, and fraught with security and privacy 
> problems. (Try pointing a text-only browser at your favorite website. 
> Can you even read the home page?) 
> 
> ---rsk 
> 