TweetFollow Us on Twitter

July 02 Viewpoint

Volume Number: 18 (2002)
Issue Number: 07
Column Tag: Viewpoint

by Rich Morin

Privacy by Default

Making Rendezvous safe
“for the rest of us”

Although Apple does not use these words to describe it, their new Rendezvous system is designed to enable “opportunistic, promiscuous” IP discovery. That is, it will take advantage of any opportunity to collect IP information (hence, opportunistic) and it will happily interact with any cooperative system (hence, promiscuous). These characteristics make Rendezvous extremely convenient for the user.

Unfortunately, the same characteristics could also make Rendezvous extremely convenient for anyone who wants to “listen in” on network traffic. If a user walks into a conference facility or coffee bar with a PowerBook, how many uninvited recipients will see his network traffic?

I’d like to see Apple provide “convenient privacy”, as part of its convenient networking. To be specific, I’d like them to implement “opportunistic, promiscuous” packet-level encryption, basedon IPSec and related standards. This isn’t a new idea, by any means. The “Linux FreeS/WAN” project (http://www.freeswan.org) has been working on it for several years now; their early releases are currently being tried out in the field.

The high-level view of FreeS/WAN is quite simple. If my system has a packet to send to your system, it will first attempt to set up a VPN (Virtual Private Network), using IPSec, etc. If your system doesn’t honor the request, my system will simply send the packet “in the clear”.

If your system does understand the request, however, both systems will send off for each others’ public keys (e.g., from each others’ DNS servers). The two systems will then perform a key exchange, with the result that they both end up with the needed “session keys”. Et voila, we have a VPN!

The low-level description is a bit more complicated, but some folks may find it interesting. See http://www.freeswan.org/freeswan_trees/freeswan-1.95/doc/intro.html if you’re into that sort of thing...

Meanwhile, let’s look at some of the implications of the technology. In general, privacy and security tend to be at odds with convenience. And, as we all know, when “I really should” gets in a fight with “I don’t want to”, it usually loses. Consequently, although PGP and other strong privacy tools have been around for several years, they aren’t actually used very much. Even SSH has had an uphill fight against its (demonstrably insecure) predecessors.

By making network privacy the default, however, Apple could remove the “convenience factor” from the equation. Joe and Sally Sikspak don’t have to install privacy software, set up keywords, or any of that hassle. Better yet, they don’t have to decide which programs (or files, or ...) deserve encryption. No decisions, so no mistakes! In fact, they don’t even have to know that encryption is going on; their packets are simply a bit safer from snooping.

Apple likes to be seen as a standard-setter. By allying themselves with the Linux FreeS/WAN project (and, ideally, providing an Open Source BSD implementation), Apple could help to make opportunistic privacy an established standard. There are no guarantees, of course, but privacy and authentication are very salable attributes these days...

Even without total buy-in by the computer industry, the effects of opportunistic encryption could be quite dramatic. For instance, it would be quite possible to set up a FreeS/WAN “gateway server” at an ISP or on the border of a LAN, providing encryption capability for any external traffic. Like the Sikspaks, the machines being protected would never need to know that their packets were being encrypted.

In addition, large-scale use of packet-level encryption would make it much harder to single out encrypted data streams for attack. If even 5% of the Internet’s traffic is encrypted, the mere fact of encryption is no longer an “interesting” characteristic for snoopers.

Rich Morin has been using computers since 1970, Unix since 1983, and Mac-based Unix since 1986 (when he helped Apple create A/UX 1.0). When he isn’t writing this column, Rich runs Prime Time Freeware (www.ptf.com), a publisher of books and CD-ROMs for the Free and Open Source software community. Feel free to write to Rich at rdm@ptf.com.

 
AAPL
$473.06
Apple Inc.
+5.70
MSFT
$32.24
Microsoft Corpora
-0.64
GOOG
$881.20
Google Inc.
-4.31

MacTech Search:
Community Search:

Software Updates via MacUpdate

TrailRunner 3.7.746 - Route planning for...
Note: While the software is classified as freeware, it is actually donationware. Please consider making a donation to help stimulate development. TrailRunner is the perfect companion for runners,... Read more
VueScan 9.2.23 - Scanner software with a...
VueScan is a scanning program that works with most high-quality flatbed and film scanners to produce scans that have excellent color fidelity and color balance. VueScan is easy to use, and has... Read more
Acorn 4.1 - Bitmap image editor. (Demo)
Acorn is a new image editor built with one goal in mind - simplicity. Fast, easy, and fluid, Acorn provides the options you'll need without any overhead. Acorn feels right, and won't drain your bank... Read more
Mellel 3.2.3 - Powerful word processor w...
Mellel is the leading word processor for OS X, and has been widely considered the industry standard since its inception. Mellel focuses on writers and scholars for technical writing and multilingual... Read more
Iridient Developer 2.2 - Powerful image...
Iridient Developer (was RAW Developer) is a powerful image conversion application designed specifically for OS X. Iridient Developer gives advanced photographers total control over every aspect of... Read more
Delicious Library 3.1.2 - Import, browse...
Delicious Library allows you to import, browse, and share all your books, movies, music, and video games with Delicious Library. Run your very own library from your home or office using our... Read more
Epson Printer Drivers for OS X 2.15 - Fo...
Epson Printer Drivers includes the latest printing and scanning software for OS X 10.6, 10.7, and 10.8. Click here for a list of supported Epson printers and scanners.OS X 10.6 or laterDownload Now Read more
Freeway Pro 6.1.0 - Drag-and-drop Web de...
Freeway Pro lets you build websites with speed and precision... without writing a line of code! With it's user-oriented drag-and-drop interface, Freeway Pro helps you piece together the website of... Read more
Transmission 2.82 - Popular BitTorrent c...
Transmission is a fast, easy and free multi-platform BitTorrent client. Transmission sets initial preferences so things "Just Work", while advanced features like watch directories, bad peer blocking... Read more
Google Earth Web Plug-in 7.1.1.1888 - Em...
Google Earth Plug-in and its JavaScript API let you embed Google Earth, a true 3D digital globe, into your Web pages. Using the API you can draw markers and lines, drape images over the terrain, add... Read more
 

See All

The D.E.C Provides Readers With An Inter...
The D.E.C Provides Readers With An Interactive Comic Book Platform Posted by Andrew Stevens on August 13th, 2013 [ permalink ] | Read more »
Choose ‘Toons: Choose Your Own Adventure...
As a huge fan of interactive fiction thanks to a childhood full of Fighting Fantasy and Choose Your Own Adventure books, it’s been a pretty exciting time on the App Store of late. Besides Tin Man Games’s steady conquering of all things Fighting... | Read more »
Premier League Kicks Off This Week; Watc...
Premier League Kicks Off This Week; Watch Every Single Match Live Via NBC Sports Live Extra and Your iPhone or iPad Posted by Jeff Scott on August 13th, 2013 [ permalink ] | Read more »
Meet Daniel Singer, the Thirteen-Year-Ol...
Ever had the idea for an app, but felt like the lack of programming and design ability was a bit of a non-starter? Well, 13-year-old Daniel Singer has made an app. He’s the designer of Backdoor, a chat app that lets users chat with their friends... | Read more »
Flashout 2 Gets Revealed, Offers Up An E...
Flashout 2 Gets Revealed, Offers Up An Enhanced Career Mode and Exciting New Circuits Posted by Andrew Stevens on August 13th, 2013 [ permalink ] | Read more »
Mickey Mouse Clubhouse Paint and Play HD...
Mickey Mouse Clubhouse Paint and Play HD Review By Amy Solomon on August 13th, 2013 Our Rating: :: 3-D FUNiPad Only App - Designed for the iPad Color in areas of the Mickey Mouse Clubhouse with a variety of art supplies for fun 3-... | Read more »
Strategy & Tactics: World War II Upd...
Strategy & Tactics: World War II Update Adds Two New Scenarios Posted by Andrew Stevens on August 12th, 2013 [ permalink ] Universal App - Designed for iPhone and iPad | Read more »
Expenses Planner Review
Expenses Planner Review By Angela LaFollette on August 12th, 2013 Our Rating: :: PLAIN AND SIMPLEUniversal App - Designed for iPhone and iPad Expenses Planner keeps track of future bills through due date reminders, and it also... | Read more »
Kinesis: Strategy in Motion Brings An Ad...
Kinesis: Strategy in Motion Brings An Adaptation Of The Classic Strategic Board Game To iOS Posted by Andrew Stevens on August 12th, 2013 [ | Read more »
Z-Man Games Creates New Studio, Will Bri...
Z-Man Games Creates New Studio, Will Bring A Digital Version of Pandemic! | Read more »
See All

Price Scanner via MacPrices.net

Apple refurbished iPads and iPad minis availa...
 Apple has Certified Refurbished iPad 4s and iPad minis available for up to $140 off the cost of new iPads. Apple’s one-year warranty is included with each model, and shipping is free: - 64GB Wi-Fi... Read more
Snag an 11-inch MacBook Air for as low as $74...
 The Apple Store has Apple Certified Refurbished 2012 11″ MacBook Airs available starting at $749. An Apple one-year warranty is included with each model, and shipping is free: - 11″ 1.7GHz/64GB... Read more
15″ 2.3GHz MacBook Pro (refurbished) availabl...
 The Apple Store has Apple Certified Refurbished 15″ 2.3GHz MacBook Pros available for $1449 or $350 off the cost of new models. Apple’s one-year warranty is standard, and shipping is free. Read more
15″ 2.7GHz Retina MacBook Pro available with...
 Adorama has the 15″ 2.7GHz Retina MacBook Pro in stock for $2799 including a free 3-year AppleCare Protection Plan ($349 value), free copy of Parallels Desktop ($80 value), free shipping, plus NY/NJ... Read more
13″ 2.5GHz MacBook Pro on sale for $150 off M...
B&H Photo has the 13″ 2.5GHz MacBook Pro on sale for $1049.95 including free shipping. Their price is $150 off MSRP plus NY sales tax only. B&H will include free copies of Parallels Desktop... Read more
iPod touch (refurbished) available for up to...
The Apple Store is now offering a full line of Apple Certified Refurbished 2012 iPod touches for up to $70 off MSRP. Apple’s one-year warranty is included with each model, and shipping is free: -... Read more
27″ Apple Display (refurbished) available for...
The Apple Store has Apple Certified Refurbished 27″ Thunderbolt Displays available for $799 including free shipping. That’s $200 off the cost of new models. Read more
Apple TV (refurbished) now available for only...
The Apple Store has Apple Certified Refurbished 2012 Apple TVs now available for $75 including free shipping. That’s $24 off the cost of new models. Apple’s one-year warranty is standard. Read more
AnandTech Reviews 2013 MacBook Air (11-inch)...
AnandTech is never the first out with Apple new product reviews, but I’m always interested in reading their detailed, in-depth analyses of Macs and iDevices. AnandTech’s Vivek Gowri bought and tried... Read more
iPad, Tab, Nexus, Surface, And Kindle Fire: W...
VentureBeat’s John Koetsier says: The iPad may have lost the tablet wars to an army of Android tabs, but its still first in peoples hearts. Second place, however, belongs to a somewhat unlikely... Read more
 

Jobs Board

Sales Representative - *Apple* Honda - Appl...
APPLE HONDA AUTOMOTIVE CAREER FAIR! NOW HIRING AUTO SALES REPS, AUTO SERVICE BDC REPS & AUTOMOTIVE BILLER! NO EXPERIENCE NEEDED! Apple Honda is offering YOU a Read more
*Apple* Developer Support Advisor - Portugue...
Changing the world is all in a day's work at Apple . If you love innovation, here's your chance to make a career of it. You'll work hard. But the job comes with more than Read more
RBB - *Apple* OS X Platform Engineer - Barc...
RBB - Apple OS X Platform Engineer Ref 63198 Country USA…protected by law. Main Function | The engineering of Apple OS X based solutions, in line with customer and Read more
RBB - Core Software Engineer - Mac Platform (...
RBB - Core Software Engineer - Mac Platform ( Apple OS X) Ref 63199 Country USA City Dallas Business Area Global Technology Contract Type Permanent Estimated publish end Read more
*Apple* Desktop Analyst - Infinity Consultin...
Job Title: Apple Desktop Analyst Location: Yonkers, NY Job Type: Contract to hire Ref No: 13-02843 Date: 2013-07-30 Find other jobs in Yonkers Desktop Analyst The Read more

  • Generate a short URL for this page:



All contents are Copyright 1984-2011 by Xplain Corporation. All rights reserved. Theme designed by Icreon.