The Internet's Broken. Who's Going To Invent a New One?

aarondubrow writes: "The Internet has evolved to support an incredibly diverse set of needs, but we may be reaching a point at which new solutions and new infrastructure are needed in particular to improve security, connect with the Internet of Things and address an increasingly mobile computing landscape. Yesterday, NSF announced $15 million in awards to develop, deploy and test future Internet architecture in challenging real-world environments. These clean-slate designs explore novel network architectures and networking concepts and also consider the larger societal, economic and legal issues that arise from the interplay between the Internet and society.

Each project will partner with cities, non-profit organizations, academic institutions and industrial partners across the nation to test their Internet architectures. Some of the test environments include: a vehicular network deployment in Pittsburgh, a context-aware weather emergency notification system for Dallas/Fort Worth, and a partnership with Open mHealth, a patient-centric health ecosystem based in San Francisco."

How is it broken, exactly?

[mark-t]

Honestly, the only thing I can think of that might qualify as really so "broken" that it simply needs replacing with something different is ipv4.

A replacement for that has been invented already, but nobody seems to want to use it. I can't imagine it would be any different with anything else people might try and point out about the internet that they think is broken would get any better public reception.

Re:Commercial Internet

[Obfuscant]

1. Require a business license to get a .com

A business license from whom? Not everyplace requires a business license to have a business.

2. Require 501 non-profit status to get a .org

Good. Limit .org to US only.

Look at how well this worked for .edu. (must be an accredited, four year, degree-granting organization).

Really? The local community college has a .edu name. As I recall, phoenix.edu too.

Re:No one!

[geekoid]

Smith actually new we would need regulation. What people quote from him was about a economic based society that could only exist inside the head of an economic philosopher, and he knew that.

So don't blame Smith, blame the jack asses that either don't read him, or don't understand them.

These people cherry pick his quotes out of context... just like they do with the bible..hmm I see a pattern.

Re:How is it broken, exactly?

[WaffleMonster]

How about starting with TCP & UDP?

I would rather start above layer 4 with DNS, SNMP, NTP, SIP and other niche UDP based offenders giving away insane DOS amplification to any script kiddie in the world who wants to cause havoc. These are relatively trivial problems to fix from protocol design perspective and provide highest returns on investment even after factoring in lag time to get changes propagated thru a good enough percentage of worlds network stacks.

They were somehow designed on the assumption that all participating machines are well behaved good citizens. In practice this ain't
happening (see SYN flood for example, there are "mitigation" measure but none is a definitive "fix").

SYN flood has never offered an attacker amplification..it was limited to a cheesy device to overload host TCP implementations. Cookies have since been universally deployed rendering these attacks useless. Today they are only useful for covert signaling and masking source of non-amplified attack... More importantly these things only work at all because operators are lazy and refuse to implement Ingress filtering. It isn't IP's fault.

These need to be replaced with something that would be resistant to mischief by design.

I'm all ears ... what do you propose?

Personally I think the premise is invalid. All the network need do is deliver packets with some degree of probability of being delivered. I think it is architecturally correct to leave the edge to sort out how to conduct business in in a mischief avoidant manner.

Otherwise as far as I am aware the only way to stop "mischief" is to turn the Internet into a trusted network. A trusted network is not a free and open network...neither is it particularly practical as we have seen again and again the demonstrated futility of managing planet scale trust anchors.

If ever there was an example of the road to hell being paved with good intentions this type of "secure the Internet" thinking I assert fits that bill.

I think our time is better spent looking above IP layer to fix what is most broke and that which causes most actual damage to actual users. (e.g. SMTP)

What?

[s.petry]

Wait a second, analogy time and I'll even use a car analogy.

Any time 2 more more cars are driving down a street, there is the potential for one person to cut the other off, crash into them, or slam on their brakes in front of them. When it's critical that you can commute from point A to point B, and assuming you own point A and point B you make a private road to reduce the chances of a shithead messing up your commute. If you don't own both points and are forced onto public roads, you expect that there may be a shithead. Cops can stop them, but maybe not before your day gets ruined.

Claiming automatic driving cars are the answer is a crock. I can break an automatic driving car and make it manual, or even better I could even build a mini-bike and mess up a whole Freeway really fast. I can even stand near a Freeway and throw bricks into people's path, so I don't have to be on the Freeway to mess your day up.. just close.

This is human nature, documented long before we had cars or even roads (read Plato's The Republic if you are a doubter, it'll change your life).

Cars above is obviously your data and computers, roads are networks, private roads are VPNs, and Cops are Firewalls. I could have gone into more detail about traffic lights and such but no need.

Considering my amazing car analogy, why would you think you could possibly design a set of public roads without a shithead driving on them? Seriously, I want to know.