A Canadian ISP colleague of mine suggested that the NANOG constituency might be interested in this, given some recent 'revelations', so I forward it here for you perusal.
"Preliminary analysis of more than 25,000 traceroutes reveals a
phenomenon we call �boomerang routing� whereby Canadian-to-Canadian
internet transmissions are routinely routed through the United States.
Canadian originated transmissions that travel to a Canadian destination
via a U.S. switching centre or carrier are subject to U.S. law -
including the USA Patriot Act and FISAA. As a result, these
transmissions expose Canadians to potential U.S. surveillance activities
� a violation of Canadian network sovereignty."
Not just a Canadian issue but one we should look at in the US as well. Deploying more IXs and routing our traffic direct instead of through the "big guys" can secure our own communications from our own government until we change who we have in office.
I agree this is a problem, but its been a problem since at least 1994 (
my first exposure ) and I suspect longer, the issue is east we capacity in
Canada is very $$, pushing traffic from Toronto east to points south to get
it to Vancouver is much more cost effective.
It's a good point to consider however that omits the probabilty that
Canada is doing exactly the same thing as the U.S. and thus this may
free you from certain legalities but does not actually ensure privacy.
The other fact of this is that we are well aware that the NSA's
database is being accessed freely by (at the very least) England and
Australia (I think that's who I read) I believe with reciprical
agreements and I'd be shocked if Canada isn't in there too. What are
the ramifications of that? Do we even know?
Yes, far better to keep those communications within Canada - where CSEC can hand them over to GCHQ, who'll then hand them over to NSA . . .
;>
There are no technical solutions to purely social ills. This set of issues has nothing to do with technology, and everything to do with civil society. Any meaningful change in the status quo will not originate the technological realm, but rather in the political sphere.
Quite frankly, all this chatter about technical 'calls to arms' and whatnot is pointless and distracting (thereby calling into question the motivations behind continued agitation for technical remedies, which clearly won't have any effect whatsoever).
But I don't think every secret service have installed his own
backdoors in all popular software and protocols.
And the NSA can't share these backdoors/weakness with all his
"friends", because if you tell a secret to everyone, it stop being a
secret. The existence and nature of these backdoors will be revealed,
and the affected software will fix them.
So probably the NSA works like Wall-Mart Secrets. And they sell
secrets, 100.000$ for a list of human rights activist, 2 millions
for the emails of the leaders of the opposition.
Quite frankly, all this chatter about technical 'calls to arms' and
whatnot is pointless and distracting (thereby calling into question
the motivations behind continued agitation for technical remedies,
which clearly won't have any effect whatsoever).
cool. then i presume you will continue to run using rc4 and rsa 1024.
smart folk over there at arbor.
The point is that no matter what crypto algorithms are developed and implemented, it's generally trivial for authorized (for whatever value of 'authorized' applies in a given situation) entities to obviate them by simply compromising the endpoints under color of law, if nothing else.
If folks are unhappy with the current state of affairs, they ought to concentrate on writing laws, not code.
In 1985 I was working in Toronto and did a proposal for a national X.25 network. The pragmatics for reliability were simple at a national scale: Essentially all Canadian telecom links went through a few common sites across the country; if you wanted redundancy you had to have a second, independent path through the US.
Given that most Canadian population occupies a relatively thin band (close to the US border), this topological fragility was/is largely inherent.