That's a very good point. The majority of people have no idea that many Governments are already monitoring and data mining everything they say or do online. Websites should already start switching to HTTPS (or SPDY) to protect their users against this stealth monitoring, of which they know nothing about.
But if they don't and if this law passes (I hope it doesn't) maybe some good will come out of it, and it will jumpstart a trend for switching to encrypted connections.
What makes you think that those with the resources to implement dragnet surveillance do not have access to properly signed certificates, which let them Man-In-The-Middle the connection without triggering a browser warning?
As you say, some of the parties engaging in the drags absolutely do have the capability. But not all and stopping them has value. More importantly:
A man in the middle attack is _highly_ detectable and will leave irrefutable evidence when detected. So it can only be used secretly if it's used very sparingly. And highly overt interception, if its even tolerated by the public, at least solves the problem of people having no idea (being in denial) they're being watched.
Moreover, because MITM can be defeated by de-trusting the rogue CA or via key pinning using it for "mere" surveillance would destroy a valuable and potent weapon, so they won't do it. It simply isn't suitable for dragnet use.
Its also practically much more costly to scale. (E.g. instead of passive optical taps and cheap packet sampling for targeting they must fully intercept all the traffic and decrypt/reencrypt before they even know if its "interesting") Simply making the watchers have to spend a lot more money per unit of traffic monitored is a win for civil rights because it should result in more conservative use of the capability. Without the crypto the surveillance is maximally cheap and undetectable... anything is an improvement even if it can still be compromised.
It really isn't. It's only "zero" because you're greatly overestimating the cost of intercepting the traffic at all.
To do dragnet surveillance you need an optical tap, an expensive phy, and a fairly modest number of gates to apply a stateless filter purely from onchip memory to capture 100% of interesting flows and grab some small fraction of all other traffic, and some modest switch fabric to carry captured data to a modest amount of storage and processing to deal with it. Programmed correctly commodity network processors for switches have all the right logic already, we're talking in the <$200 per 10G port parts-cost level. Detailed analysis of the sample data and the known-interesting data gives tells you about new hosts you should be matching for detailed inspection (and you update the can filter with 50ms latencies or so). The cost of maintaining a cheap military aircraft gets your terabits of sampling capacity.
Adding a MITM attack on top of the model used for dragnet surveillance currently, which involves intercepting 100% of the potentially interesting traffic at all times, performing a costly public key operation per every single connection, and then reencrypting the results is insanely expensive by comparison. Before you even get killed by the crypto costs you've long since run out of memory bandwidth.
It's possible to do client-side known-public-key verification, which would detect a MITM attack. The idea is basically maintaining a local trusted cert list (other than the broad ones in the OS), but using known site public keys instead of root signing certificates (which I will admit are a security nightmare for SSL).
Chrome does this for Google-controlled domains; they call it "public key pinning." I'm not sure if any of the other major browsers do it, but it would be pretty simple to implement.
Even if the government had a root CA-signed cert for "mail.google.com", Chrome would throw an error because the government's signed cert public key would not match the public key pinned inside the Chrome browser source code. Chrome would barf with a certificate error.
The fact that this would get noticed if they did this for dragnet surveillance. They can (and likely do) do targeted MITM, but doing it across the board would be noticed quickly.
This is one reason why enacting this kind of legislation is such a terrible idea for the very people advocating it. Right now most of the web is ridiculously open and unencrypted. If authorities get the appropriate warrants it's almost guaranteed they will be able to spy on almost anybody doing almost anything because the default mode is unencrypted and nobody really thinks about it. But that default mode is only the default because people think their communications are reasonably private anyway, precisely because this kind of logging is pretty expensive and impractical. Laws to enforce it will motivate everyone to move to encrypted connections, greatly increase use of VPNs for all non-trivial communications, and ensure that criminals become educated about how to encrypt their activities.
If governments around the world seriously pursue this, far from reaping the windfall they are hoping for they will actually kill the golden goose that could be helping them solve more crimes than ever.
Unfortunately Wikipedia chose to go with a separate cluster for SSL. If they ran SSL on their normal front end then it would already scale up to this: The public key crypto is free on hyperthreaded cpus because it can run currently with memory accesses for other requests, and modern CPUs have harware accel for the symmetric crypto that make it ~free.
I can almost hear the politicians now: Oh please, Jimmy, please! Please don't enable SSL!
But seriously, what he's suggesting is the truth. Any website that thinks it might be seen as slightly toxic for its users will move to SSL if it wants to stay in use.
The problem with this play is that turning on SSL for all Wikipedia users would be really very expensive. Encryption costs a lot of CPU cycles and entropy.
The UK isn't the only trusted western country apparently synchronising internet data mining capability. Australia is seriously considering a two year retention of web traffic by ISP's.
Maybe a little bit of a sensationalist title, websites switching to HTTPS only isn't that much of a threat, yes the bill is bad and yes he should be opposing it but Ars seem to frame it as though it's drastic or has a negative effect on anyone. While I disagree with the bill and the concept of monitoring peoples internet, I don't think they're doing it so they can find out what you're reading on Wikipedia or who you're messaging on Facebook.
> I don't think they're doing it so they can find out what you're reading on Wikipedia or who you're messaging on Facebook.
What makes you think that sort of information isn't exactly what they're interested in?
Even if they don't care about it right now, once it starts being collected, if any future government decides they do care about it, it'd be very easy for them to get their hands on it.
This is actually one of the more interesting things about how data is being collected these days... because we (or rather, our machines) now have the capacity to scavenge and parse so much more data than we could've dreamed of before, people, corporations, governments, etc. have already caught on to the idea that you don't actually need to know your angle before you execute. Gathering tons and tons of data may seem completely worthless or missing the point, but the reality is that "the point" no longer exists. It's all just floating data that, when the time comes, either passes through the filter or throws a flag.
Basically, the government may not care who you're messaging on facebook now, but if someone discovers a correlation to some other problem in the future they'll be damn pleased that they have that data.
It's arguably immoral that the site doesn't switch to https by default and give the public the privacy they think they already have.