The Open Web Alliance is a lobby group that is opposed to secure and safe HTTPS traffic over the Internet and forms lobby group for the HTTP2 process to ensure that your Internet traffic can be intercepted and logged by service providers. This major purpose of this so-called technology innovation is that your personal information to can be harvested, exploited and sold from within the network. The secondary purpose is that network providers often use deep inspection of the network traffic to make decisions about network routing and is likely to form a significant compon
The members of the lobby group (below, taken from the website) have vested interests in traffic interception and inspection and it is reasonable to assume they wish to continue exploiting the lack of encryption today:
The OWA is part of the ATIS, a lobby group for service providers that:
ATIS gives our members a place at the table where today’s ICT standards decisions are being made. Our work helps members prepare for when the future becomes today. And, with the fast pace of innovation, the gap between today’s technologies and tomorrow’s networks is all but disappearing.
Man In The Middle Traffic Hijack
It is very common for network providers to cache web traffic, perform deep packet inspection and security inspection. Web caching reduces bandwidth and saves money, Deep packet inspection is fading but still used to provide Internet fast lanes (related to Net Neutrality) and Security Inspection is sometimes about protecting customers for a fee.
The original specification for SPDY (which became the larger part of the HTTP2 standard) required end-to-end encryption by default.
SPDY has been submitted to the IETF for standardization as HTTP 2.0, which is set to be proposed as a standardized protocol in November of 2014. However, the proprietary proxies, such as those that incorporate the SPDY protocol, do not give the user a voice in the trade-offs between speed, efficiency and privacy. SPDY proxies are one example of proprietary proxies that redirect Internet traffic through a single opaque tunnel across the network. This bundling could hinder reasonable network management, content distribution and network services. The SPDY proxy could “break” the existing content delivery optimization mechanisms service providers use, which would degrade service quality for consumers.
The HTTP2 protocol is more efficient when running over a encrypted connection and the intention was to ensure that Internet access was encrypted by default. This would protect users who are otherwise unable to protect their own privacy or maintain their own security on the Internet .
Why This Matters
Who Gets To Intercept: If a carrier can intercept your traffic then anyone can. Criminals, hackers, foreign and domestic governments.
Control: Interception can never be controlled. Dozens of instances of abuse of HTTPS demonstrate that abuse will happen if its technically possible.
Why ? : Carriers/Telcos make billions selling user data to a wide range of companies such as ad-tech. For example, its my view Verizon’s recent purchase of Yahoo was to match user and content data to enhance the value of its network surveillance position. This position improve the ad placement/relevance and extract revenue.
Private companies are conducting instituional-level surveillance as ‘business’ without any controls. Social media companies create profiles for people inside and outside their networks.