Tuesday, 1 June 2010

Needles in haystacks vs. needles in very large piles of needles

Everyone knows the saying 'Like finding a needle in a haystack'. You take something very small and put it into something very large and hope it stays hidden because it's too difficult to find. In fact, this is the metaphor implied by the laudable Haystack Network (although it's not exactly how it works!).

The needle (secure communications) is wrapped up in a larger (haystack) of communications. There are lots of ways to can make the needle harder to find. You can make the needle smaller. You can make the haystack larger. But, sometimes someone comes along with a metal detector. They're very good at finding little bits of metal in a very large haystack.

Secure communications are more complex - it's not so much the needle that you're hiding as what's inside the needle. Someone scanning your haystack for needles isn't after the needle, but what's inside. And, when your barn is filled with hay, just one ping on their metal detector (deep packet inspection) lets them know you're hiding needles in there somewhere.

How can you hide your needle (secure communications) when someone is using a metal detector (deep packet inspection, national-scale network snooping)? It's always going to be pretty tough to find out what's inside of the needle. You could find a way to make your needles look more like straw, so it's harder to find them - but, straw-like needles sound like they'd be easy to open. By making your needles more straw-like you're making it easier for someone to get the messages out of them.

A metal needle.
If you know they're using metal detectors, you could switch to ceramic or plastic needles. But science might have already invented a a ceramic detector or plastic detector. Or maybe you try to encourage other people to start putting more needles into the haystack hoping that as more needles are added to the haystack it becomes harder to find the needle you're looking for.

What is that point I am getting to here? It's that Google is turning on SSL encryption for search. That's right - Google just replaced lots of straw with needles. You needles are mixed in with everyone else's - making it much harder to someone to find your needles and whatever is inside of them. If needles are always hard to open, adding more needles is the safest way to protect all needles. You can turn your hay into needles even if your not bothered about people snooping. It just makes everything a little more secure for those people who do need to hide their needles in a hay/needlestack.

And because Google cache lots of pages (search for cache:http://www.website.com/page.html) hopefully you'll be able to securely access a lot more of the internet.

Many people have criticised Google (rightly) for privacy invasions and lots of caveats apply here - there are many potentially weak links in the chain, but SSL encryption for search is a very good thing and it is great to see Google doing this. Many people are more likely to entrust their privacy and security to Google than some other nefarious or weaker-willed companies, organisations, secretive government bodies, etc.

Visit https://www.google.com today!

No comments:

Post a Comment

Comments with links, feedback, etc. greatly appreciated. Spam will be deleted.

Note: only a member of this blog may post a comment.