Post 3271321 by bhtooefr@mastodon.social
(DIR) More posts by bhtooefr@mastodon.social
(DIR) Post #3269170 by kaniini@pleroma.site
2019-01-22T23:52:14.987398Z
1 likes, 0 repeats
can someone calculate the amount of KWh consumed and CO2 emissions by #InfoSec stupidity like HTTPS for content distribution, unnecessary SELinux policies, etc?thanks. I'm sure it will be enlightening and that you'll get a MacArthur grant or something as a result.
(DIR) Post #3269402 by ramsey@phpc.social
2019-01-22T23:59:56Z
0 likes, 0 repeats
@kaniini Does HTTPS protect people who access content from states where Internet access is monitored? That is, could it protect them from being persecuted for viewing content that their government might not want them to see (and prevent their government from seeing that they viewed it)? I’ve often heard this as an argument for requiring HTTPS everywhere.
(DIR) Post #3269403 by kaniini@pleroma.site
2019-01-23T00:01:03.329309Z
0 likes, 0 repeats
@ramsey LOL. CNNIC is a trusted root in all browsers. China can use CNNIC root to man in the middle all TLS traffic.Shit is jokes, my friend.
(DIR) Post #3269426 by foxwitch@queer.af
2019-01-23T00:00:01Z
1 likes, 1 repeats
@kaniini those I think pale in comparison to the power consumption of unnecessary/misconfigured security appliances. You know, like having a WAF appliance in front of your HTTP server because you have a broken ass web app and either a shitty dev team or no pull with the vendor.
(DIR) Post #3269771 by schmittlauch@toot.matereal.eu
2019-01-23T00:08:30Z
0 likes, 0 repeats
@kaniini AES-NI is a thing though.What's your stance on disk crypto, is that an unnecessary waste of energy as well?
(DIR) Post #3269772 by kaniini@pleroma.site
2019-01-23T00:13:01.144336Z
1 likes, 0 repeats
@schmittlauch yeah, because AES-NI helps out the people on iPads and shit, right?the appropriateness of on-disk encryption, much like transport encryption, depends on context.
(DIR) Post #3270034 by bhtooefr@mastodon.social
2019-01-23T00:20:00Z
2 likes, 4 repeats
@kaniini Estimated 2017 IP traffic was 1.5 ZB: https://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-741490.pdfAssume 100% HTTP, 100% encrypted.Per Intel benchmarketing OpenSSL v1.1.0f aes-128-gcm takes 0.65 cycles/B on Skylake: https://software.intel.com/en-us/articles/intel-xeon-scalable-processor-cryptographic-performanceXeon Platinum 8176 is 28C, 2.1 GHz base clock, 165 W TDP: https://ark.intel.com/products/120508/Intel-Xeon-Platinum-8176-Processor-38-5M-Cache-2-10-GHz- If I did my math right, that comes out to ~1.97 TB/Wh.That would imply ~760 MWh spent encrypting. Per the EPA, that's about ~537 t CO2, equivalent to ~229 kl of gasoline: https://www.epa.gov/energy/greenhouse-gases-equivalencies-calculator-calculations-and-references
(DIR) Post #3270609 by ffs@shitasstits.life
2019-01-23T00:49:27.070403Z
1 likes, 0 repeats
There are mad men in this world, and I love them for it.You're god damn mad @bhtooefr cc @kaniini
(DIR) Post #3270635 by sluglife@social.smurpspaek.de
2019-01-23T00:24:22Z
0 likes, 1 repeats
@bhtooefr @kaniini Meanwhile Bitcoin mining uses 46.92TWh in the same timeframe.https://digiconomist.net/bitcoin-energy-consumption
(DIR) Post #3270636 by alcinnz@floss.social
2019-01-23T00:50:29Z
0 likes, 0 repeats
@sluglife @bhtooefr @kaniini For those who are terrible with large numbers like me, a megawatt is much larger than a terawatt.
(DIR) Post #3270671 by kaniini@pleroma.site
2019-01-23T00:52:07.782132Z
0 likes, 0 repeats
@alcinnz @bhtooefr @sluglife you got that backwards. TWh is larger than MWh.
(DIR) Post #3270686 by alcinnz@floss.social
2019-01-23T00:54:00Z
0 likes, 0 repeats
@kaniini @bhtooefr @sluglife I said I'm terrible at this, lol.Now to reinterpret what I've read.
(DIR) Post #3270691 by kaniini@pleroma.site
2019-01-23T00:53:40.313538Z
0 likes, 0 repeats
@ffs @bhtooefr oh, he's always good for crunching the numbers.
(DIR) Post #3270702 by bhtooefr@mastodon.social
2019-01-23T00:54:57Z
0 likes, 2 repeats
@alcinnz @sluglife @kaniini 1 TWh is 1,000,000 MWh.So, yes, bitcoin (and other proof-of-work cryptocurrencies) is many orders of magnitude worse than encrypting all internet traffic.
(DIR) Post #3270793 by kaniini@pleroma.site
2019-01-23T00:57:10.502431Z
0 likes, 1 repeats
@bhtooefr @sluglife @alcinnz note my question wasn't just about encrypting all internet traffic, but about the energy loss cost of bad security practices in general (SELinux for example, WAFs also)
(DIR) Post #3270901 by pony@blovice.bahnhof.cz
2019-01-23T01:04:04.159739Z
1 likes, 0 repeats
@bhtooefr @kaniini assume you pay 100 dollars per MWh (way too much), it's not even a single dev salaryassume the load is distributed perfectly evenly (which obviously doesn't make sense), you need like one wind turbine (not even those huge offshore ones) to cover it three times overi mean, it's not a very scary number(don't @ me over the security nonsense here pls)
(DIR) Post #3270938 by kaniini@pleroma.site
2019-01-23T01:05:14.316324Z
0 likes, 0 repeats
@pony @bhtooefr but it's not just TLS. it's all of the stupidity. especially WAFs and SELinux policies which bring machines to a crawl. all of this terrible advice comes from #InfoSec professionals.
(DIR) Post #3271320 by bhtooefr@mastodon.social
2019-01-23T01:09:18Z
0 likes, 0 repeats
@pony @kaniini I'm not gonna say that it's the biggest problem by any stretch of the imagination, and it could be offset easily enough, but those numbers are best-casethey're assuming you're using a lightweight cipher on one of the most efficient CPUs available and that Intel's benchmarks are realistic, and that you're only encrypting the traffic once, not multiple times
(DIR) Post #3271321 by bhtooefr@mastodon.social
2019-01-23T01:10:09Z
1 likes, 0 repeats
@pony @kaniini oh, also, I'm an idiotthat's only *ENCRYPTING*decrypting is needed too!