WASHINGTON (CNS) — A system is only as good as the people who use it. And the people who make it.
When Dan Castellaneta, the voice of Homer Simpson, first saw the phrase “(annoyed grunt)” in a script for “The Simpsons,” he interpreted it as the now-classic “D’oh!”
There’s no saying what Castellaneta, or Homer, might say were they to try and untangle the knots of a new internet privacy-bashing protocol whose abbreviation is — get ready — DOH.
[hotblock]
This is how Stacie Hoffman of Oxford Information Labs in England explained it during a November symposium on child exploitation at the Capitol sponsored by the National Coalition on Sexual Exploitation. And it all has implications for identifying perpetrators online and adopting best practices in this area — both “will be harder,” she said.
The first set of initials to keep in mind is DNS, for Domain Name System. This is akin, Hoffman said, to “an online phone book.”
Usually, when someone wants to look up a website, they will type in a URL, which is short for uniform — sometimes universal — resource locator. That URL is sent to your internet service provider, known as ISP — usually some huge company like Comcast or Verizon.
The ISP can tell you if what you’ve typed is the correct address. If it is, it will take you to that address. Sometimes, though, there are issues, even if it is the correct URL. The ISP might have declared it to be unsafe, be it a virus or some other corruption. You yourself might have blocked access to a website you have deemed unfit for a minor to access, be it advertising-saturated. Or perhaps sex-saturated.
But wait, there’s more. This is where DOH comes in. DOH, explained Hoffman, is a new internet protocol that stands for DNS Over HTTPS.
[tower]
You may remember that a lot of Web addresses started with HTTP. But when hackers got too savvy, more security was brought to the Web. This meant that HTTP was replaced by HTTPS, the “S” standing for “secure.”
Under the DOH protocol, you type in the URL. But the request to access the webpage does not go to your ISP. In fact, the request may not even stay within the United States. And it will furnish the page upon request — virus or no, blocked or not.
If that is the case, then neither the ISP nor you, despite your best efforts to block unwelcome pages, can do a thing about it.
Hoffman said Mozilla, makers of the Firefox security service, already rolled out DOH in October, although it didn’t exactly hire any brass bands to bring attention to it.
Google, Hoffman said at the symposium, also is interested in rolling out DOH, but is still testing it and has not yet deployed it.
So what’s the big deal? For one thing, ISPs are subject to greater regulation than other players in the online world. Search engines, despite the grumping as of late in Congress, not so much.
Cloudflare, a relatively minor player, is another firm eyeing DOH seriously, according to Hoffman. But it’s already taken a tough stance. Cloudflare has said it will “not block or filter” websites or pages. Say you work for law enforcement and want to access a website’s history for an investigation. Cloudflare says it “will exhaust legal remedies” before complying with such requests, Hoffman said.
If DOH is adopted as an industry standard, Hoffman warned, “identifying perpetrators will be harder.” Moreover, she added, “it will be harder to adopt best practices.”
Does this mean we have to all turn off our computers? Not necessarily, Hoffman said.
“Technology is not the problem,” she said. “It’s the implementation of the technology that creates the problem.”
PREVIOUS: Fast-racing boomers are OK in ‘Ford v Ferrari’
NEXT: ‘A Beautiful Day in the Neighborhood’ makes viewers feel at home
Share this story