The Internet Engineering Task Force has issued a new RFC 7258 that is titled "Pervasive Monitoring Is an Attack".
IETF debated last year the group's position in regards with Pervasive Monitoring, and this RFC seems to be the first step: it proposes the official inclusion of the Pervasive Monitoring in the list of recommendations of RFC 3552 (namely: "Guidelines for Writing RFC Text on Security Considerations") so that future protocol specifications and/or updates superseding older RFC will address pervasive monitoring specifically.
From the RFC text:
Pervasive Monitoring (PM) is widespread (and often covert) surveillance through intrusive gathering of protocol artefacts, including application content, or protocol metadata such as headers. Active or passive wiretaps and traffic analysis, (e.g., correlation, timing or measuring packet sizes), or subverting the cryptographic keys used to secure protocols can also be used as part of pervasive monitoring. PM is distinguished by being indiscriminate and very large scale, rather than by introducing new types of technical compromise.
The IETF community's technical assessment is that PM is an attack on the privacy of Internet users and organisations. The IETF community has expressed strong agreement that PM is an attack that needs to be mitigated where possible, via the design of protocols that make PM significantly more expensive or infeasible. Pervasive monitoring was discussed at the technical plenary of the November 2013 IETF meeting [IETF88 Plenary] and then through extensive exchanges on IETF mailing lists. This document records the IETF community's consensus and establishes the technical nature of PM.
Engineering problem addressed by engineering means? Good chances solutions will emerge.
(Score: 3, Interesting) by kaszz on Tuesday July 01 2014, @07:44AM
It's useful because you can specify in a protocol description that it's designed in the X way to mitigate all known types of attack. Like Pervasive Monitoring (PM). It's about defining this activity as hostile and something that can be labeled.
Perhaps one should intentionally distribute bits along multiple paths and encrypt links them selfs through certain jurisdictions.