Surveillance or Security?: The Risks Posed by New Wiretapping Technologies by Susan Landau Page B
Authors: Susan Landau
Ads: Link
in which a "client"
initiates an action, such as accessing a web page or requesting a file,
and the "server" provides that service. Internet architecture supports a
peer-to-peer network, in which nodes function as both clients and servers
to other nodes (in other words, as peers). The peer-to-peer model relies on
the robust connectivity of the Internet and is extremely efficient for file
distribution, whether for illegal copyrighted music or legal downloads
(such as music under Creative Commons licenses)," or some open-source
operating systems.
Skype is an example of a peer-to-peer program that takes security seriously. The program encrypts all calls end to end. This prevents computers
routing the call from eavesdropping on the conversation as well as preventing the call itself from corrupting any machines through which it travels.74
Such careful attention to security is not the norm for peer-to-peer systems.
Underlying peer-to-peer systems is the idea that the user is accessing
useful information from an unknown source. While the server is also
something of an unknown entity in a client/server interaction, it is generally the case that servers are better protected than random nodes on the
network. Because the average user does not know and does not check what
is being downloaded onto her system, it is entirely possible that a malicious
node on the peer-to-peer system has included a virus among its shared
files. And because the average user does not know how peer-to-peer applications work, and does not know to protect her own machine, many of
the user's files can be "shared" while on a peer-to-peer connection. In 2007,
a U.S. House of Representatives committee examined possible consequences of using a peer-to-peer file-sharing program:
We used the most popular P2P [peer-to-peer] program, LimeWire, and ran a series
of basic searches. What we found was astonishing: personal bank records and tax
forms, attorney/client communications, the corporate strategies of Fortune 500
companies, confidential corporate accounting documents, internal documents from
political campaigns, government emergency response plans, and even military operations orders.75
The risks created by peer-to-peer file sharing have raised concerns in
Congress. The circulation of copyrighted material via peer-to-peer networks
has induced some to propose controls to eliminate P2P file sharing. While
the intent is that such schemes apply only to application-layer peer-to-peer
networking (rather than IP layer routing), experience indicates that such
legislation would sow confusion in the networking world. In any case,
laws restricting P2P file sharing undoubtedly would be disruptive to the
development of many beneficial P2P applications. Such legislation is rarely
proposed by anyone who understands why the network works so very well.
3.7 Attribution and Authentication
One idea that often seems attractive and that has periodically been proposed is that all Internet communications include attribution. Packets
would authenticate themselves before being received by an endpoint; in
some proposals, network users would also authenticate themselves before
using the network.76 While this would not preclude anonymous network communication," it would certainly make such forms of communication
more difficult.
In fact, attribution is quite complex, and several problems are being
mixed together. We might want to know the IP address of the host that
initiated the DDoS attack, identify an originator's email address for attacks
carried out by email (e.g., phishing), establish the physical location of the
source of an attack, or identify the individual who launched the attack .71
These differing needs argue for different types of attribution: machine,
human, digital identity.
Packet-level attribution identifies the machine, but not the user. While
packet attribution might specify which machine is launching a DDoS
attack, it does
initiates an action, such as accessing a web page or requesting a file,
and the "server" provides that service. Internet architecture supports a
peer-to-peer network, in which nodes function as both clients and servers
to other nodes (in other words, as peers). The peer-to-peer model relies on
the robust connectivity of the Internet and is extremely efficient for file
distribution, whether for illegal copyrighted music or legal downloads
(such as music under Creative Commons licenses)," or some open-source
operating systems.
Skype is an example of a peer-to-peer program that takes security seriously. The program encrypts all calls end to end. This prevents computers
routing the call from eavesdropping on the conversation as well as preventing the call itself from corrupting any machines through which it travels.74
Such careful attention to security is not the norm for peer-to-peer systems.
Underlying peer-to-peer systems is the idea that the user is accessing
useful information from an unknown source. While the server is also
something of an unknown entity in a client/server interaction, it is generally the case that servers are better protected than random nodes on the
network. Because the average user does not know and does not check what
is being downloaded onto her system, it is entirely possible that a malicious
node on the peer-to-peer system has included a virus among its shared
files. And because the average user does not know how peer-to-peer applications work, and does not know to protect her own machine, many of
the user's files can be "shared" while on a peer-to-peer connection. In 2007,
a U.S. House of Representatives committee examined possible consequences of using a peer-to-peer file-sharing program:
We used the most popular P2P [peer-to-peer] program, LimeWire, and ran a series
of basic searches. What we found was astonishing: personal bank records and tax
forms, attorney/client communications, the corporate strategies of Fortune 500
companies, confidential corporate accounting documents, internal documents from
political campaigns, government emergency response plans, and even military operations orders.75
The risks created by peer-to-peer file sharing have raised concerns in
Congress. The circulation of copyrighted material via peer-to-peer networks
has induced some to propose controls to eliminate P2P file sharing. While
the intent is that such schemes apply only to application-layer peer-to-peer
networking (rather than IP layer routing), experience indicates that such
legislation would sow confusion in the networking world. In any case,
laws restricting P2P file sharing undoubtedly would be disruptive to the
development of many beneficial P2P applications. Such legislation is rarely
proposed by anyone who understands why the network works so very well.
3.7 Attribution and Authentication
One idea that often seems attractive and that has periodically been proposed is that all Internet communications include attribution. Packets
would authenticate themselves before being received by an endpoint; in
some proposals, network users would also authenticate themselves before
using the network.76 While this would not preclude anonymous network communication," it would certainly make such forms of communication
more difficult.
In fact, attribution is quite complex, and several problems are being
mixed together. We might want to know the IP address of the host that
initiated the DDoS attack, identify an originator's email address for attacks
carried out by email (e.g., phishing), establish the physical location of the
source of an attack, or identify the individual who launched the attack .71
These differing needs argue for different types of attribution: machine,
human, digital identity.
Packet-level attribution identifies the machine, but not the user. While
packet attribution might specify which machine is launching a DDoS
attack, it does
Similar Books
