[Cryptography] Opening Discussion: Speculation on "BULLRUN"

ianG iang at iang.org
Mon Sep 9 03:48:08 EDT 2013 

Hi Jeffery,

On 8/09/13 02:52 AM, Jeffrey I. Schiller wrote:

> The IETF was (and probably still is) a bunch of hard working
> individuals who strive to create useful technology for the
> Internet.


Granted!  I do not want to say that the IETF people are in a conspiracy 
with someone or each other, or that they are not hard workers [0].

But, I do want to say that, when it comes to security, we now have 
enough history and experience to suggest:

     the committee may be part of the problem [1],

*and*

     it is not clear that it can ever be part of the solution.

Insultingly;  those who've spent a decade or so devoting themselves to 
this process will not take to that notion kindly.  It's sad and 
frustrating -- I also spent a lot of time & money pushing OpenPGP code 
-- but that does not change the basic economic data we have in front of 
us.  In the 1990s we had little or no real data about Internet security. 
  Now we're 20 years on.  We have real data.


> In particular IETF contributors are in theory individual
> contributors and not representatives of their employers. Of course
> this is the theory and practice is a bit “noisier”


The notion that employees are there as individuals is noble but 
unrealistic, naive.  That's to ignore business and politics, h/t to John 
Young.

Individuals without funded interests are rare, and tend to only be 
around for brief periods [2].  It is the case that the IETF has done 
better than other industry groups by insisting on open access and rough 
consensus [3].

But the IETF has done nothing to change the laws of economics:  Being on 
a committee costs a huge amount of time.  Only corporates who are 
engaged in making money off of the results can typically re-invest that 
money, and only individuals committed to working *that job* from 
corporates would spend that time on their own dime.

So, naturally, the corporates dominate the committees.  To argue 
anything else is to argue against economics, perhaps the strongest force 
in human nature.


> but the bulk of
> participant I worked with were honest hard working individuals.


There's nothing dishonest or lazy about defending ones job.


> Security fails on the Internet for three important reasons, that have
> nothing to do with the IETF or the technology per-se (except for point
> 3).
>
>   1.  There is little market for “the good stuff”. When people see that
>       they have to provide a password to login, they figure they are
>       safe... In general the consuming public cannot tell the
>       difference between “good stuff” and snake oil. So when presented
>       with a $100 “good” solution or a $10 bunch of snake oil, guess
>       what gets bought.


Although it is nicely logical and oft received wisdom, this is not 
historically supported.  Skype, SSH, Bitcoin, OTR, iMessage are 
successful security products.

There is clearly a market for "good stuff" but we the engineers don't 
see how to get there, and corporates don't either.  Putting us in a 
committee doesn't improve that, and probably makes it worse.


>   2.  Security is *hard*, it is a negative deliverable. You do not know
>       when you have it, you only know when you have lost it (via
>       compromise).


2. counter-points in abundance:  transaction databases, protocols, 
monies, browsers, webservers, file sharing, p2p chats, office, 
languages, registries, source control, kernels, etc.  These are all 
hard.  We have a long list of projects and systems where we (the 
non-committee'd internet) have produced very difficult things.


>       It is therefore hard to show return on investment
>       with security. It is hard to assign a value to something not
>       happening.


ROI:

a. it is hard to show quality at any points behind the screen.  The only 
things that are easy to show are pretty widgets on screens.  Everything 
else is hard.

b. I often show ROI models as to why security saves money.  (The model 
derives from support costs, if anyone doubts this.  Also, see Lynn 
Wheeler's discussion of credit card fees for the basic economics.)

Which is to say, the problems the net face in security are somewhat 
distinct from them being just hard & hard to show;  correlation maybe 
but causality?


>   2a. Most people don’t really care until they have been personally
>       bitten. A lot of people only purchase a burglar alarm after they
>       have been burglarized. Although people are more security aware
>       today, that is a relatively recent development.


2a., I agree!  I now feel bitten by Skype, and damn them to hell!



>   3.  As engineers we have totally and completely failed to deliver
>       products that people can use.


Right.  (It is a slow-moving nightmare moving all our people to OTR, 
which is dominated at the usability level by Skype.)


>       I point out e-mail encryption as a
>       key example. With today’s solutions you need to understand PK and
>       PKI at some level in order to use it. That is likely requiring a
>       driver to understand the internal combustion engine before they
>       can drive their car. The real world doesn’t work that way.


Right.  And the reasons for that failure are well understood, in 
multiple parts:  a. economics, b. architecture, and c. committees & 
standards [4].

Meanwhile, there have been several *successful* deliveries of secure 
person to person communications where they have challenged those 
assumptions.


> No government conspiracy required.


Absolutely!  Required, no.  But if there is interest in this direction, 
we made it too easy:

http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html


> We have seen the enemy and it is...

us,

and in committee, MORE OF US.  In caps, pun not intended :)

The real question is, for me, is whether we are less our own enemy 
apart, and more our own enemy when we get together?



Which all is not to say that the IETF people are bad, or easier to trick 
than other engineers, or dishonest or not hard working.  These 
complaints are strawmen.

It is to say that the IETF's long-chosen model of committees does have 
unforeseen consequences.

These consequences have been historically shown to correlate against 
security.  Perhaps only security, perhaps mildly, but the point is that 
there is precious little evidence that they have improved security.

So maybe all we want to say is that it is time for the IETF engineers to 
look at the numbers, and maybe be skeptical about whether the approach 
is generating security for the end users?



iang







[0] I was there in one of the committees for a decade or so (my company 
could only afford one, the OpenPGP one).  It was hard work, and this was 
an easy committee, with no real competition...  I never saw anyone being 
dishonest.  People worked hard.

[1] In the PGP case, I think it would, in the end, have been far better 
if Jon had just written the whole thing himself and published it as an 
informational draft.  We would have saved 9 of 10 years;  time that 
could have been spent on better UI integration.

[2] perhaps because their personal interests take them elsewhere on a 
learning path, they hop in to learn, then hop off.

[3] consider the disastrous counterpoint of CABForum, the committee for 
the security of the PKI revenue stream.

[4] a. the economics trap of "free" and "open to access."  If e.g., 
either of these things didn't exist, spam wouldn't exist.
b. Email architecture is impractical to secure.  It's in the "too hard" 
basket, IMHO.  Too much metadata, too broad a standards approach over 
too many systems.
c. S/MIME was a product of standards committee, and the result is 
perhaps the best example of how not to do things.  The major email 
vendors all purchased the standards committee approach, again a 
reflection of established and mandated barriers to entry.  (Meanwhile, 
no major vendors signed up for OpenPGP, which at least was free to enter.)

More information about the cryptography mailing list