So I complain about a lull in the news about the more-or-less complete compromise of the Internet by the National Security Agency et al, and then this goes and happens.
One of my old standard interview questions for people applying for jobs with some responsibility for information security was “are you paranoid”? When the lighting was good, and my eyes bugged out just right, this could be a little scary. It’s time to retire this question, I think, because the answer would seem to be “no, I am clearly not paranoid enough”, unless the applicant shows up to the interview in a tin-foil hat.
This is the fourth post I’ve started on the pervasive, indiscriminate, uncontrolled surveillance of electronic communications by the ministries of state security of the North Atlantic world. I stopped writing each of the last three either because the rant got too paranoid, or further revelations showed that the rant was not yet too paranoid enough.
But the stream of new information seems to have dried up a bit, as the news cycle has distracted itself with something called a Miley Cyrus, whatever that is, so I’ve had a chance to catch up a bit. And as a researcher in network measurement who left a job funded by security-academic-industrial-complex money to move to Europe to work on a project seeking to apply technical privacy guarantees to network monitoring systems (which ironically was named PRISM, and which I must forevermore footnote on my CV as “no, not that PRISM"), I feel I should make some statement on all of this. So here it is, predictable and unoriginal though it may be:
Pervasive surveillance is anathema to a functioning democratic society, and nations which do not exercise effective civilian oversight of their state security apparati end up being controlled by them.
Last Thursday, I sat on a panel with Swiss Telecommunications Association President Peter Grütter, Swisscom CEO Carsten Schloter, and Green National Councilor Balthasar Glättli, on the subject of network neutrality, and whether legal protection therefor is necessary in Switzerland. Not surprisingly, the panel was of different opinions on this matter. Swisscom and the telecom industry group support self-regulation, making the very good point that laws change too slowly with respect to Internet technology too quickly to be effective; and Glättli making the equally good point that as several obvious violations of neutrality can already be observed in Switzerland, trusting the industry to regulate itself has so far had dubious results.
Coverage (in German) of the event can be found at computerworld.ch and the Neue Zürcher Zeitung, and if you’ve got 55 minutes to kill, video of the event itself (also in German) is available at the website of the Parliamentary Group on Digital Sustainability.
I’ll be giving a talk to the Internet Society (ISOC) Switzerland Chapter at a meeting in Bern, at 18:30 on Tuesday 27 November, entitled “The Open Internet under Threat”. After my talk, Green National Councillor Balthasar Glättli will speak on Internet-related topics in Swiss national politics, so it promises to be a really interesting evening for Internet geeks and policy wonks alike!
ICANN will hold a press conference in Miami on Thursday, presumably announcing the exhaustion of the IANA IPv4 address pool. This is when 102/8, 103/8, 104/8, 179/8, and 185/8 — each a block of 16 million addresses — will be handed out to the regional registries (RIRs), thereby ending the allocation of IPv4 address space at the first level of delegation.
I’m going to go ahead and predict right now that almost every journalist covering this event will get something subtle but essential wrong, and that the result will be fifteen minutes of panic followed by business as usual for everyone except those who understand the minutia of IP address allocation policy until we start seeing pressure at the lower levels of delegation.
As a disclaimer, I’m not actually one of those people who understands the minutia of IP address allocation policy, but you’re reading this on the Internet, so you’ve already proven yourself willing to believe things you read from random people who have no credibility whatsoever, and you certainly can’t do any worse with me than with the thirty-second blurb you might hear about this on your favorite cable news noisebox. So with that in mind, here’s what this actually means: