Future of Internet security

Within the last weeks there has been several things that can affect to the future of the Internet. First United Nations officially condemned the practice of countries shutting down access to the internet at a meeting of the Human Rights Council. It effectively extends human rights held offline to the internet – including freedom of expression. A resolution entitled The promotion, protection and enjoyment of human rights on the Internet effectively extends human rights held offline to the internet. It was passed by consensus, but only after a determined effort by a number of countries, including China and Russia, to pull out key parts of the text. UN council effectively says Seriously, nations, stop switching off the damn internet. That was the good news.

The bad news is that many countries have already tried to exploit the emotions from latest terrorist attacks to pass all kinds of invasive legistlation in the name off protecting against terrorism. The worst news comes from Russia where Putin Is Literally Breaking The Internet. A few weeks ago there was push by the Russian Duma to pass a massive new surveillance bill that would mandate backdoors to encryption as well as massive data retention requirements for service providers, including saying that they need to store recordings of phone calls.  Now Vladimir Putin signed that controversial anti-terrorist legislation bill into law.

Putin has also signed an executive order telling the FSB (the modern version of the KGB) to make sure it gets encryption keys to unlock everything within the next two weeks. It seems that President Putin ordered the Federal Security Service to produce “encryption keys” capable of decrypting all data on the internet. No one is really sure what this means exactly, but the FSB has two weeks to make them. And that is practically impossible to do in practice in many cases as more and more communications is encrypted locally or where there are private keys, there isn’t any way for service providers to turn over any keys. What happens next is a little unclear. But it seems likely that the Russian government will use this to attack certain encrypted communications services, and potentially block and/or fine them for failing to comply with the new law.


And all this is done in name of protecting against terrorism.In theory, the new laws pretend to stop “terrorist acts” and “armed uprisings.”  What does all this have anything to do with “anti-terrorism?” Encryption does much more to protect everyday citizens than it does to hide the communications of “terrorists.” Undermining that puts a lot more people at risk of people hacking into their stuff than being a victim of a terrorist attack. The end game of the “anti-terrorist” legislation bundle would presumably be to create a central data center (let’s call it “basket”) to store all of the keys (let’s call them “eggs”).

These regulations aren’t just terrifyingly invasive – just read the details from Putin Is Literally Breaking The Internet article. They’re technically nonsense, and they’re so costly to try to implement that they could put many internet and phone service providers out of business, force noncomplying foreign companies out of Russia and kick a massive dent into Kremlin’s already crumbling infrastructure budget.

For the rest of thw world end-to-end encryption gets more and more widely used. Just a few years ago, end-to-end encryption was a nerdy niche – but this year it has hit mainstream. Apple has used a form of end-to-end encryption in iMessage for years. WhatsApp rolled out full end-to-end encryption to its billion-plus users in April. Viber added the protection to its 700 million users’ messages just weeks after WhatsApp. Google announced in May that its new messaging app Allo would offer end-to-end encryption as an option. On Friday, Facebook plans to roll out a beta version of a new feature it calls “secret conversations.” Facebook’s secret conversations will use a protocol called Signal. Communications companies are doing this despite complaints from law enforcement agencies that the feature hampers surveillance capabilities.



  1. Tomi Engdahl says:

    Turkey accidentally shuts down its Internet after trying to block citizens using Google to find censored material
    Read more: http://www.dailymail.co.uk/news/article-3658615/Turkey-accidentally-shuts-Internet-trying-block-citizens-using-Google.html#ixzz4DudG8mOM

  2. Tomi Engdahl says:

    Putin signs anti-terrorism law requiring communication providers in Russia to store user calls, messages, other data for 6 months, metadata for up to 3 years — Moscow (AFP) – Russian President Vladimir Putin has signed into law a package of controversial anti-terror amendments dubbed …

    Putin signs controversial anti-terror measures into law

    Moscow (AFP) – Russian President Vladimir Putin has signed into law a package of controversial anti-terror amendments dubbed “Big Brother” measures by critics that may cost internet companies billions.

    The measures, posted online Thursday by the government, boost the surveillance powers for the security services by requiring communication providers to store users’ calls, messages, photographs and videos for six months, as well as metadata for up to three years.

    They also have to provide security services with access to this data and any necessary encryption mechanisms necessary to use it.

    They also criminalise several offences, lower the age of criminal responsibility to 14 for some crimes and extend prison sentences for online crimes like abetting terrorism.

    The passage of the bills through Russia’s lower and upper houses of parliament sent shockwaves through the internet and telecoms industries.

    EO of Megafon mobile provider Sergei Soldatenkov said that the law as it stands would require the company to spend 200 billion rubles ($3.1 billion) to ensure the data storage requirement — four times its annual profit.

    “This bill financially kills the telecommunication industry,”

  3. Tomi Engdahl says:

    Killing Russian Criminal Law

    The “Yarovaya laws” threaten to undermine the core principles of Russian criminal law. With the Criminal Code stripped bare and the revival of a number of notorious Soviet legal principles—including the ability to hold people criminally responsible for withholding information—legal textbooks will soon have to be rewritten.

    At the end of June, Russia’s upper and lower houses of parliament approved the “Yarovaya laws,” a controversial package of legislative amendments that Edward Snowden has called “an unworkable, unjustifiable violation of rights.”

    It makes “failure to report a crime” a criminal offense; any individual who becomes aware of “reliable information” about plans to carry out an act of terrorism, armed mutiny, or any of a dozen other crimes and does not notify the authorities will face up to a year in prison.

    The laws have been very effective in depoliticizing the Russian population.


Leave a Comment

Your email address will not be published. Required fields are marked *