The FRA law may make the internet a more secure place.
I live in Norway. And with the advent of the new FRA law in Sweden a lot of shouting about political intervention and pressure has come forth in the local media. Big companies in Norway are asking if there can be ways to route traffic around Sweden to their destination. Complaints have been lodged to the EU. And philosophical discussions have surfaced that this is a way to treat everyone as a criminal until proven innocent - turning the entire legal system on its head.
However, I won't discuss this, but another aspect which hasn't been discussed much. This case gives the public insight into how the protocols of the internet work: Internet traffic crosses borders. This is a fact. Even if sender and recipient is in the same country traffic can cross national borders. This is how this technology is built, and is even considered one of the strengths of the internet. As one node goes down traffic will still find a way through somehow.
One more thing this also teaches the public: People can see your traffic in the clear. This means that anyone controlling a node in the network that your traffic goes through can read your email (your, and others internet providers). We technicians have always known this. This is one of the reasons why projects such as TLS, Tor, Freenet and PGP have come to life - to make it easier for people to communicate securely without other people eavesdropping.
In general there are two things we need from the internet in these times; anonymity and security. We want to be able to criticize the current power infrastructure in a way that doesn't put yourself as a person at a risk. This might be an exxaggurated point in a democratic nation you say, but suddenly we have terrorist watch lists and whatnot crawling the web for rants and adding you to a no-fly list.
For businesses, the people with the cash, this anonymous point is probably of little concern. But the point of transacting secure dialogues with business partners is important. You do not wish to divulge important information to your competition. And considering how easy it is to sniff network traffic between two points you might really consider this.
The old school way of sending secure messages is via ordinary mail. You can see if your mail has been tampered with. You can even send it with a special courier. The equivalent of doing these things in the email era is also possible. Tools exist to securely encrypt messages between sender and receiver. And the cost of doing it outweighs the dangers of your business critical secrets leaking to the competition.
However, until businesses see the value and start using cash on securing their information instead of crying out in the media, we will continue to be ripped off when questions regarding national security are asked in the tone that everyone is a potential terrorist.
Hopefully advances in secure message handling between businesses will also trickle down onto our moms and dads using a computer to voice their opinion.
You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.
