[discuss] we need to fix what may be broken

Alejandro Pisanty apisanty at gmail.com
Tue Apr 15 21:55:09 UTC 2014


so many of your statements here are false or twisted in your assumed
implications that it hurts. No time to go over each of them; plus it may
become one more massive distraction. Let's go on to something concrete:

How do you propose to fix it? can you provide an example of a system that
works like you wish to be the outcome of NetMundial? Like, a country that
has started some serious, scalable fixes? Direct cause-effect links would
be preferrable. Pick any paragraph if you don't want to go over the whole
list at once.

Alejandro Pisanty

On Tue, Apr 15, 2014 at 4:47 PM, Carlos A. Afonso <ca at cafonso.ca> wrote:

> Dear people,
> I recall our discussions with folks in the so-called "technical
> community" between IGFs 2006 and 2007, in which the mantra "do not fix
> what is not broken" was used to convince us all that management of the
> logical infrastructure of the net should not be even considered as an
> Internet governance topic in the IGF dialogues (and this with the IGF
> prohibited from making recommendations). Thanks to pressure from sectors
> of civil society and the government of Brazil (host to the 2007 IGF), we
> finally managed to insert the theme in the IGF agenda, but it had to go
> under the disguise of "critical Internet resources".
> A bit more than six years passed, and what we see? Relevant and
> frightening examples of the frailty of the current "governance" or
> coordination model of the network -- mostly in the expert hands
> basically of the I* group of entities and forums, which goes beyond just
> names, numbers and protocols, and badly in need of fixing (and I assume
> that the fix in general will involve more than just technical
> coordination measures):
> - The net was revealed as incredibly vulnerable by the revelations on
> NSA surveillance, and we discovered that the NIST was at cahoots with
> the NSA in "backdooring" the cryptographic systems.
> - The IPv6 transition was literally abandoned by Icann. This on the one
> hand is good, since I am one of the people who defend the
> decentralization of Iana functions, and the RIRs structure works
> technically quite well. But they cannot carry alone the burden of the
> political/economic aspects of this transition. A more assertive Icann
> (and other stances, such as the ITU pressuring their clients, the big
> telcos, and equipment manufacturers taking the transition really
> seriously) would have helped avoid this situation of crisis in the
> addressing system (just read the situation papers and strong alerts by
> Geoff Huston), which by the way increases vulnerability of the net with
> improvised concoctions such as CGNAT and so on.
> - The OpenSSL memory leak bug was sitting in our servers for years, to
> the joy of NSA and similar peeking folks, and this is an open source
> system maintained by the "technical community" -- supposedly, open
> source code is there to be verified, double-checked etc, particularly
> such a key security element of the net; there is nothing more disruptive
> of the net security that we know of since the net became so pervasive
> worldwide; I operate a very small non-profit Web service and am
> horrified by the implications of this failure to verify the code.
> Literally no one could know how far their servers' data have been
> compromised after Heartbleed was sitting there for so many years -- and
> who knows how many servers are still in need of patching.
> - Now Yahoo decides unilaterally to implement an email verification
> feature (DMARC) which is still in beta, affects all its users, and even
> the implementation they did is not clear, as Miles Fidelman verified,
> and I quote: "They knowingly did massive damage, published some
> suggestions on how to mitigate that damage - using a capability defined
> in the spec. that they deployed - then say "we don't support that"."
> - And there are signs that Gmail may be taking unilateral measures as
> well (not clear yet what is being done), as suspected recently by Lauren
> Weinstein.
> In the last two cases, there is a caveat -- they are free, opt-in
> services, no one is required to use them to be on the net. But hundreds
> of millions of users rely on their services, and these users are
> basically "voluntary shareholders" of them, as the profiling of their
> presence adds revenue to the respective companies -- but they are a
> special kind of shareholders whose share just earns them unlimited mail
> and social net services' use in exchange for their profiling. Someone
> described these users as "products", which also makes some sense. And
> the central fact is that these unilateral measures (using features which
> the "technical community" describes as still beta) impact on hundreds of
> thousands of email and listserv services worldwide, even on their own
> users (!), and their response seems to be "this is what we are doing,
> sorry".
> The OpenSSL failure is so incredibly disruptive that some entities who
> have Web sites in our servers are happy they never used SSL -- their
> argument is: "if I had SSL, it would attract peekers thinking that,
> well, this site uses SSL so there may be something worth mining there...
> and it is easy to mine!"
> Frankly, there are things scarily broken in this "governance" or
> coordination system (and let us recall that coordination does not
> necessarily mean centralization), and I hope NETmundial will provide an
> opportunity to dialogue on what to do. It is the billions of Internet
> users who are expecting us to do something better.
> fraternal regards
> --c.a.
> Carlos A. Afonso
> [writing in my personal capacity only]
> _______________________________________________
> discuss mailing list
> discuss at 1net.org
> http://1net-mail.1net.org/mailman/listinfo/discuss

- - - - - - - - - - - - - - - - - - - - - - - - - - -
     Dr. Alejandro Pisanty
Facultad de Química UNAM
Av. Universidad 3000, 04510 Mexico DF Mexico
+52-1-5541444475 FROM ABROAD
+525541444475 DESDE MÉXICO SMS +525541444475
Blog: http://pisanty.blogspot.com
LinkedIn: http://www.linkedin.com/in/pisanty
Unete al grupo UNAM en LinkedIn,
Twitter: http://twitter.com/apisanty
---->> Unete a ISOC Mexico, http://www.isoc.org
.  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://1net-mail.1net.org/pipermail/discuss/attachments/20140415/35c5e6bd/attachment.html>

More information about the discuss mailing list