Privacy is good. Perfect privacy is really hard, probably unachievable. It’s not a binary thing, but a big dial we can turn up or down. So obviously, we should be turning it up.

The economics · It’s like this. If there’s data flowing over the Net that the intelligence community can scoop up for free, they will, and they’ll store it forever. Criminals and stalkers will scoop too, looking for credit-card numbers and home addresses and so on.

But the Internet volume is so high that if it processing a conversation takes any non-zero investment of effort or money, then spooks and crooks won’t bother (unless you’re a real target); nobody can afford X times billions/day, no matter how small X is.

Thus every time you turn the privacy dial up, even just a little, you make certain classes of surveillance and of crime uneconomic. This is a good thing.

The perfect and the good · There are people out there who want more: They’re not sure HTTPS is good enough (it is), they think your private key should be locked away in specialized hardware (it shouldn’t), and they think Tor and Tails are appropriate for everyday Net use (they’re not).

The problem is twofold: First, the level of privacy the purists want is really complicated, irritating and inconvenient. But we don’t want to give people the impression that basic privacy is hard, because then they just won’t bother.

The other half is that what purists propose won’t work. If democratic-government employees seriously think you’re planning to blow up infrastructure, or are smuggling Uzis to narcos, they’re gonna bypass all the encryption and just put a microphone in a camera in the places where you work. If the Chinese government thinks you might be about to expose official theft, or remind people of June 1989, they’ll take similarly extreme measures. I dunno, maybe Jason Bourne and George Smiley know tricks to hide in plain sight, but you and I are going to have to settle for ordinary strong privacy or maybe even common privacy.

Tor makes all sorts of sense if you occasionally need to purchase something illegal, or you’re a journalist in Thailand working on an exposé concerning the royal family; and you can imagine other scenarios. But if you want to stop the vast majority of daily-life surveillance, just do something so it’s not free any more.

Mechanics · It’s worth checking out Opportunistic Security: some protection most of the time, a draft being kicked around in the IETF, which I predict will gain consensus and become policy.

The idea is simple: Sometimes when you make a Net connection that begins with “http:”, the infrastructure could go ahead and encrypt it for you anyhow. Of course, a real “https:” connection not only does the encryption but tries to prove who you’re talking to, thus making it really hard for someone to read (and maybe change) the messages between you and your bank.

But really, who cares? Given basic modern cryptography, man-in-the-middle attacks require active subversion of the infrastructure, possible but tricky and time-consuming. Which means: It Just. Won’t. Happen. At scale anyhow, against ordinary people doing ordinary things using reasonably modern technology.

The purists are predictably against this, saying it’ll discourage the use of “real” privacy tech, give a false sense of security, and so on. And yeah, real “https:” is better and you should be doing it anyhow.

But opportunistic privacy is better than none. A strong password is better than a weak one. A password manager is better than your memory. A second factor is better than just a password. An encrypted disk is better than a wide-open one. None of these things buy you anything absolute. But every time the dial turns, certain bad things stop happening, and the world becomes a better place.



Contributions

Comment feed for ongoing:Comments feed

From: SomeGuy (Jul 29 2014, at 10:20)

Just wanted to ask why you claim that people need to pay X times Billions , when they can just do targeted attacks?

Pick a small number of random small businesses and DDoS them for ransom money. Or find a number of "high value" persons and attack them. I dont mean billionaires. Someone with wealth in the 100s of thousands is wealthier than something like 95% of the world (according to some wealth calculators) .

Thoughts?

[link]

From: Jack Parsons (Aug 03 2014, at 18:10)

"No one can afford X times billions/day". Ah. Once you have the ability to draft zillions of edge routers and internal servers to do your bidding, the amount of computational power available to you explodes. Limited of course by available bandwidth, jitter and willingness to expose information.

[link]

From: Derek S (Aug 07 2014, at 10:17)

I like the dial concept; too often even in regular conversation are people making privacy an issue of "I have it or I do not".

[link]

author · Dad · software · colophon · rights
picture of the day
July 28, 2014
· Technology (81 fragments)
· · Security (35 more)

By .

I am an employee
of Amazon.com, but
the opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.