The NSA is worried about civilian communications “going dark”. Personally I’m hopeful they will, since I think the government will continue to invade our privacy by any means available to them, 4th Amendment be damned.
But what does it mean to “go dark”? The NSA seems to simply mean “secure encryption”, where the communication is encrypted end-to-end. The NSA has the data, but they cannot read it unless they devote meaningful resources to cracking it. This sort of “going dark” would prevent widespread data collection, but it wouldn’t prevent the NSA from listening in on any one particular conversation.
I think of “going dark” in broader terms. It applies to more than just communication, and it’s a lot more than just encryption. I think of “going dark” as matter of increasing privacy and avoiding centrality on both software and physical layers. Darkness is a matter of degree.
Let me give you a few examples.
In the communications realm, consider a simple text-message program that allows for coms between any two mobile devices somewhere in the world; there’s a number of different ways to increase privacy and avoid centrality. Here’s some of them –
- End to end encryption. This increases privacy. And of course there’s many sub-concerns within the realm of encryption, like perfect forward secrecy or using a trustworthy random number generator.
- Decentralized protocol. Like Bittorrent’s new chat program, there’s no central server, just peers. This decreases centrality, as there’s no one server or cloud company for the Feds to co-opt.
- Onion routing. This increases privacy on the software layer by hiding metadata. The contents of packets are encrypted, but so is the path. Any one server only knows who to pass a packet to, not its source or final destination.
- Forgetfulness. This is important, and often overlooked. Data should only be retained as long as necessary to serve the end-user’s intended purpose, then discarded. Worrying about today’s tyrants is bad enough; worrying about what tomorrow’s tyrants might do with what you said five years ago will make your hair grey.
- Mesh networking. This technology avoids centrality at the physical layer. At least in theory a sufficiently large mesh network would replace the telecom companies like Verizon and Comcast entirely. However, you don’t need to a global mesh network – even local mesh networks that also employ encryption, onion routing, and forgetfulness are useful to hide within once data reaches the (presumably co-opted) main backbones.
- Locality. Protocols that avoid backbones except when necessary would decrease centrality. Local communications remain local, avoiding compromised central nodes.
And each of the above can be employed either alone, or together. There’s synergy to adding more kinds of privacy on top of one another. A decentralized protocol using end-to-end onion encryption over a forgetful community mesh-network would be “dark” far beyond anything contemplated by an “off the record” Google Hangout.
Now let me repeat – this isn’t just about communications. “Going dark” is something that can be applied to commerce, finance, and even personal travel to some extent. One of the hot topics of 2013 is BitCoin, but by the standards outlined above, BitCoin isn’t very dark at all. It’s decentralized, but it’s not encrypted, forgetful, local, or mesh. Forked coin projects like Anoncoin and Namecoin address these issues, and I expect one of them to become more successful than BitCoin in the long run.
But also consider how “going dark” could apply to commerce. Right now much of American commerce in physical goods goes through just a couple main central networks – FedEx, UPS, and the Postal Service. The technology is coming soon that will allow the total disintermediation of FedEx, and allow much of boxed commerce to “go dark”. I will expand on that thought in another post.
For now, I will leave you with the following thought exercise: Consider as many aspects of your life as possible, and ask if there’s benefit to them going dark, and if so, just how dark you could make it.