Weaponizing the Internet Using the “End-to-end Principle” Myth

CircleID CircleID: At the outset of the Internet Engineering Task Force (IETF) 100th meeting, a decidedly non-technical initial “Guide for human rights protocol considerations” was just published. Although the IETF has always remained true to its DARPA origins as a tool for developing disruptive new technical ideas, it launches into bizarre territory when dealing with non-technical matters. The rather self-referential draft Guide asserts research containing 19 different proposed “guidelines” based on work of a small group of people over the past two years known as the Human Rights Protocol Considerations Research Group (HRPC). The preponderance of the work and postings were those of the chair, and 2/3 of all the posts were from only five people. Whatever one might think about the initiative, it is a well-intentioned attempt by activists in several human rights arenas to articulate their interests and needs based on their conceptualisation of “the internet.”

At the outset of the guidelines is a clause dubbed “connectivity” that consists of an implementation of the internet “end-to-end principle.” Connectivity is explained as

the end-to-end principle [which] [Saltzer] holds that ‘the intelligence is end to end rather than hidden in the network’ [RFC1958]. The end-to-end principle is important for the robustness of the network and innovation. Such robustness of the network is crucial to enabling human rights like freedom of expression. [Amusingly, the first citation is not freely available and requires $15 to view]

There are several ironies here. The Saltzer article was written in 1984 shortly after DARPA had adopted TCP and IP for use on its own highly controlled packet networks. RFC1958 was written in 1996 shortly after the DARPA Internet became widely used for NREN (National Research and Educational Network) purposes and still largely controlled by U.S. government agencies for deployments in the U.S. and its international scientific research partners. Already, the DARPA Director who had originally authorized DARPA internet development in the 1970, had become significantly concerned about it becoming part of a public infrastructure and weaponized. The concern was turned into action as CRISP (Consortium for Research on Information Security and Policy) at Stanford University. The CRISP team described in considerable detail how the DARPA internet in a global public environment was certain to be used to orchestrate all manner of network-based attacks by State and non-State actors on public infrastructures, end-users, and trust systems.

Twenty years later, it is incredulous that decades-old technical papers prepared for closed or tightly managed U.S. government networks are being cited as global public connectivity mantras for human right purposes — after the predicted profoundly adverse CRISP exploits have been massively manifested. Never mind that the notion is also founded on a kind of chaotic utopian dream where running code somehow provides for unfettered communication and information capabilities for every human and object on the planet rather than business, legal, and economic systems.

To the extent that global internetworking capabilities have actually come into existence, it has occurred first and foremost by commercial mobile providers and vendors using their own internet protocols, combined with the telecommunication, commercial internet, and cable providers and vendors worldwide.

The “end-to-end principle” which has never really existed except as some kind of alt-truth political slogan, is plainly a recipe for disaster on multiple levels. It is disastrous because the complexities and vulnerabilities of our networking infrastructure today results in a highly asymmetric threat environment. Those possessing the massive resources and incentives to pursue those threats and “innovate,” will always far exceed the ability of individual end-users to protect themselves — whether it is the Federal Security Service of the Russian Federation or a neo-Nazi organization bringing about regime change in the West, or criminal organizations engaging in widespread cybercrime, or an ISIS trolling for recruits, or a malicious hacker dispersing malware.

To the credit of the Guide authors, they do recognize that “Middleboxes … serve many legitimate purpose.” However, what the human rights activists get wrong is that there is no end-to-end free ride. There are shared ownerships, service and regulatory obligations, and other fundamentally important requirements along all the transport facilities and cloud data centres that comprise the entire end-to-end path. It is also the “node intelligence” in those paths that is going to protect end-users from attacks and exploitations — and that is a human right as well.

So, if the activists really want to help end-users, they need to support the widespread industry efforts today across multiple bodies with solutions to manage the challenges. Simply promulgating myths about end-to-end connectivity simply furthers internet weaponization that defeats their own altruistic human rights objectives.
Written by Anthony Rutkowski, Principal, Netmagic Associates LLCFollow CircleID on TwitterMore under: Internet Governance

The post Weaponizing the Internet Using the “End-to-end Principle” Myth appeared first on iGoldRush Domain News and Resources.

Transcom – The UK’s No.1 Business Host

Domain Registration and Free Business Hosting