The Internet's Broken. Who's Going To Invent a New One? 162
aarondubrow writes: "The Internet has evolved to support an incredibly diverse set of needs, but we may be reaching a point at which new solutions and new infrastructure are needed in particular to improve security, connect with the Internet of Things and address an increasingly mobile computing landscape. Yesterday, NSF announced $15 million in awards to develop, deploy and test future Internet architecture in challenging real-world environments. These clean-slate designs explore novel network architectures and networking concepts and also consider the larger societal, economic and legal issues that arise from the interplay between the Internet and society.
Each project will partner with cities, non-profit organizations, academic institutions and industrial partners across the nation to test their Internet architectures. Some of the test environments include: a vehicular network deployment in Pittsburgh, a context-aware weather emergency notification system for Dallas/Fort Worth, and a partnership with Open mHealth, a patient-centric health ecosystem based in San Francisco."
Each project will partner with cities, non-profit organizations, academic institutions and industrial partners across the nation to test their Internet architectures. Some of the test environments include: a vehicular network deployment in Pittsburgh, a context-aware weather emergency notification system for Dallas/Fort Worth, and a partnership with Open mHealth, a patient-centric health ecosystem based in San Francisco."
The NSF (Score:1)
Waves!!! (Score:4, Funny)
I've got it!!! We could send some sort of waves out that would be easily picked up by some sort of antenna. We could have stations transmit these waves so there's no gap, and best of all they would cover wide areas as the waves would bounce of the atmosphere. People would only have to buy a receiver set with the antenna and all the programing could be paid for with advertising alone! No more bills! ;p
Re: (Score:3)
Re: (Score:2)
You jest, but that's exactly how NASA's Disruption Tolerant Network (space Internet) works. We should just implement that planetside. Store and forward naturally moves data closer to endpoints and a DHT's infohash for data identity provides better security and automatic deduplication. The one to many problem is a solved problem since radio. No more fees, you buy a node and become part of the mesh.
Space Internet + shortwave packet radio + distributed hash table = replacement for Internet. Anyone who say
How is it broken, exactly? (Score:5, Interesting)
Honestly, the only thing I can think of that might qualify as really so "broken" that it simply needs replacing with something different is ipv4.
A replacement for that has been invented already, but nobody seems to want to use it. I can't imagine it would be any different with anything else people might try and point out about the internet that they think is broken would get any better public reception.
Re:How is it broken, exactly? (Score:4, Insightful)
Re:How is it broken, exactly? (Score:5, Insightful)
Everything these days should be designed from the ground up with the assumption that the requested actions are hostile in nature.
Re: (Score:2)
Re:How is it broken, exactly? (Score:5, Insightful)
That sounds great in theory, but at this point I'm kind of reserved to the fact that "resistant to mischief" just means we would have a year or two of peace before the inevitable flaws were so totally exploited that we were right back where we started.
Re: (Score:2)
Then that "new internet" should keep that in mind as part of its design. It needs to be updateable without breaking compatibility. That's the core element of making something secure: Making it patchable.
Re: (Score:3)
Not really possible. Usually people expect very specific responses. Even if we "upgraded it" then everyone would have to rewrite their code. Some people may never rewrite the code so we'll by necessity then also have a "legacy mode" for those older solutions. All of the attackers will simply communicate in "legacy mode" and we won't be able to tell if they're a way out of date grandmother on a 10 year unpatched machine or else a hostile application.
Re: (Score:2)
Maybe we need to just bite the bullet and drop backwards compatibility once a security flaw is discovered. Even if it is only a privacy issue. Let consumers whine to the device manufacturer. After a few years they would all be doing fairly timely patches, or be out of business.
Re: (Score:2)
With a sensible system of abstraction, it's unlikely that you'd have to rewrite too much.
Re: (Score:3, Informative)
And add to that TLS/SSL. Layering encryption on top of an insecure protocol like TCP results in a network layer that provides authentication and privacy, but fails to provide robustness. A secure transport layer should provide all three: robustness, authentication and privacy, and I would add a fourth: authorisation.
Of course this is all protocol that can be fixed by adding another IP protocol value to the proto field in IPv4 or IPv6.
There is a problem in IPv4, that is partially but not sufficiently mitigat
Re: (Score:3)
I don't consider topological addressing to be a real problem. In fact I consider it to be an undesirable security concern.
Switches and routers are supposed to learn and adapt to optimal routes during the course of an exchange. That's PART of what the Internet is all about, and contributes to robustness. Robustness does not require perfect information all the time. On the contrary: adaptation is desirable and in fact a requirement, because you don't get both at the same time.
The DNS system is an enormous problem. The architecture is very flaky, totally insecure especially with the addition of DNSsec. relies on a very expensive, and in this case, I will say corrupt bureaucracy for the allocation of names and is a generally ill thought out and ineffective way for locating network objects.
Y
Re: (Score:2)
Why are you posting as AC?
Maybe he doesn't have an account. Jeez.
Didn't expect a kind of Spanish Inquisition...
Re: (Score:3)
Everybody expects the spanish inquisition!
Re: (Score:2)
True, actually. They'd write and give you notice of their pending, uh, inquisit.
Re: (Score:3)
Topological addressing is only a security concern if you have such an asinine authentication design that you consider a network address as a credential.
Unfortunately, much of the internet does consider it a credential, regardless of whether that is fallacious thinking.
Re: (Score:2)
Damn my mod points just ran out. But you got an out loud laugh, so you deserved to know.
Re: (Score:3)
Re: (Score:3)
SCTP already exists, and is reasonably well supported. No one uses it because it turns out TCP and UDP actually do most of what we need pretty well.
A more recent alternative, which gets through firewalls better, is Google's QUIC protocol (successor to SPDY). It's built on top of UDP which means it can't do quite as much as an IP-level protocol can, but it can be and is a lot smarter than TCP. It also provides multiplexed streaming, server push and other performance features and has NO unencrypted mode. It's all encrypted and authenticated, all the time.
Re:How is it broken, exactly? (Score:5, Interesting)
How about starting with TCP & UDP?
I would rather start above layer 4 with DNS, SNMP, NTP, SIP and other niche UDP based offenders giving away insane DOS amplification to any script kiddie in the world who wants to cause havoc. These are relatively trivial problems to fix from protocol design perspective and provide highest returns on investment even after factoring in lag time to get changes propagated thru a good enough percentage of worlds network stacks.
They were somehow designed on the assumption that all participating machines are well behaved good citizens. In practice this ain't
happening (see SYN flood for example, there are "mitigation" measure but none is a definitive "fix").
SYN flood has never offered an attacker amplification..it was limited to a cheesy device to overload host TCP implementations. Cookies have since been universally deployed rendering these attacks useless. Today they are only useful for covert signaling and masking source of non-amplified attack... More importantly these things only work at all because operators are lazy and refuse to implement Ingress filtering. It isn't IP's fault.
These need to be replaced with something that would be resistant to mischief by design.
I'm all ears ... what do you propose?
Personally I think the premise is invalid. All the network need do is deliver packets with some degree of probability of being delivered. I think it is architecturally correct to leave the edge to sort out how to conduct business in in a mischief avoidant manner.
Otherwise as far as I am aware the only way to stop "mischief" is to turn the Internet into a trusted network. A trusted network is not a free and open network...neither is it particularly practical as we have seen again and again the demonstrated futility of managing planet scale trust anchors.
If ever there was an example of the road to hell being paved with good intentions this type of "secure the Internet" thinking I assert fits that bill.
I think our time is better spent looking above IP layer to fix what is most broke and that which causes most actual damage to actual users. (e.g. SMTP)
Re: (Score:3)
Not this won't really work, what would you do, after verifying the identity of the other party and comparing with your whitelist you would assume that it's "trusted" and thus well behaved citizen. Which may not be true (compromised host with a trojan sending malformed packets etc).
The only robust method would be to assume at protocol design phase that the stack would be connected to a hostile envi
Re: (Score:2)
Re: (Score:2)
But, as WaffleMonster already pointed out:
A trusted network is not a free and open network...neither is it particularly practical as we have seen again and again the demonstrated futility of managing planet scale trust anchors.
What? (Score:5, Interesting)
Wait a second, analogy time and I'll even use a car analogy.
Any time 2 more more cars are driving down a street, there is the potential for one person to cut the other off, crash into them, or slam on their brakes in front of them. When it's critical that you can commute from point A to point B, and assuming you own point A and point B you make a private road to reduce the chances of a shithead messing up your commute. If you don't own both points and are forced onto public roads, you expect that there may be a shithead. Cops can stop them, but maybe not before your day gets ruined.
Claiming automatic driving cars are the answer is a crock. I can break an automatic driving car and make it manual, or even better I could even build a mini-bike and mess up a whole Freeway really fast. I can even stand near a Freeway and throw bricks into people's path, so I don't have to be on the Freeway to mess your day up.. just close.
This is human nature, documented long before we had cars or even roads (read Plato's The Republic if you are a doubter, it'll change your life).
Cars above is obviously your data and computers, roads are networks, private roads are VPNs, and Cops are Firewalls. I could have gone into more detail about traffic lights and such but no need.
Considering my amazing car analogy, why would you think you could possibly design a set of public roads without a shithead driving on them? Seriously, I want to know.
Re: (Score:2)
True, but you always have the ultimate threat which is to yank the offending machines/networks/ISPs/countries off the Internet. That we don't seems to indicate we don't really care that much that, no matter how virus infested and trojan-laden we keep them online.
Re: (Score:2)
It started to become broken once corporations butted in. Now it's probably broken beyond repair.
Next time you plan an internet, keep the beancounters away from it.
Re: (Score:2)
No one! (Score:4, Funny)
We just let the Free Market, may its name ever be praised, sort it out. As stated in the immaculate scripture given to us by the
Profits (sic) Rand and Smith points out we just need to deregulate and the miracle will follow. Praise be!
Re:No one! (Score:5, Interesting)
Smith actually new we would need regulation. What people quote from him was about a economic based society that could only exist inside the head of an economic philosopher, and he knew that.
So don't blame Smith, blame the jack asses that either don't read him, or don't understand them.
These people cherry pick his quotes out of context... just like they do with the bible..hmm I see a pattern.
Actually... (Score:3)
Re: (Score:2)
I actually have a mesh network replacement for the Internet in my garage. We came up with it right after Fidonet -- The BBS version of the Internet. If you deregulate the HAM radio spectrum I'll give it away for free.
Internet2 (Score:5, Funny)
What about Internet2? :P
Re: (Score:2)
Why do we even need an internet when we can just get all our data from the cloud?
Buzzword bingo 2.0! (Score:3)
So I guess we've moved on from "TEH CLOUDS" to "The internet of things"?
Fucking shoot me.
Re: (Score:1)
internet of things was a buzzword before the cloud was a buzzword
be that as it may, i agree whoever shoots him shoot me too
Re: (Score:2)
internet of things was a buzzword before the cloud was a buzzword
Everything old is new again. The cloud was around long before it was called the cloud.
Re: (Score:3)
You forgot terms like "paradigm shift" and "monitization" also "hashtag."
Re: Buzzword bingo 2.0! (Score:5, Funny)
Don't get caught up in the synergy!
Re: (Score:2)
well, one depend on the other, so not moved on so much as just about solved and now dealing with the next advancement.
But hey, people like you have no grasp of technology and society, so you just belittle the terms.
Re: (Score:2)
No, I'm the poor bastard that continually gets sucked into meeting after meeting with ignorant salesdrones spouting nonsense like "Internet of Things" and "Clouds" ( when they, themselves, haven't got a god damned clue what they're saying ), wasting time I should be spending on actual IT work.
High enough to be technical lead, not high enough to farm that shit out to my staff.
Ah, but if I don't go to it and correct the bullshit as it happens, it will have time to implant itself into management's head, and by
Just no. (Score:3)
As for this BS marketroid term "Internet of Things"... Please people, just... Don't let them win. The internet has always had "things" on it. Whether that "thing" means your PC or your phone or your microwave. The idea of having every device in your house online should terrify you, not delight you, so fuck upgrades that make it easier for your fridge to tell the NSA that you eat the same things as Joe Terrorist.
Re: (Score:1)
The main thing that is wrong with the Internet is that it's still an academic plaything.
It was invented for use in a lab, and extended for use by trustable peers across the country. Then someone opened the floodgates.
What we need is a base infrastructure that is paranoid by design, not trusting by nature.
Oh and one that is capable of handling bazillions of entities on it.
Re:Just no. (Score:4, Insightful)
The internet has nothing wrong with it that we couldn't fix with a combination of net neutrality and convincing American ISPs to get off their asses and bring us up to speed with the rest of the third world.
Net neutrality and speed increases would not solve the intrinsic problems with DNS architecture, NAT proxies breaking things, gigantic non-aggregate BGP tables, limited IPv4 address space, limitations of TCP protocol, ICMP mismanagement, lack of standards to address continuous disruption in mobile environments, and a whole mess of other problems that are currently addressed by patchwork solutions, or simply no solutions.
As for this BS marketroid term "Internet of Things"... Please people, just... Don't let them win. The internet has always had "things" on it. Whether that "thing" means your PC or your phone or your microwave. The idea of having every device in your house online should terrify you, not delight you, so fuck upgrades that make it easier for your fridge to tell the NSA that you eat the same things as Joe Terrorist.
At one time, people said the same thing about PC connectivity to the internet. Who are you that you need to connect to the global internet. The internet is for mainframes and important computers; why would you want anyone else to be able to connect to your computer, and why should we allow you to connect to everyone elses?
Paranoia notwithstanding, it should be up to individuals to decide what they connect and how they connect and what capabilities they decide to leverage. But if you think its bad for your fridge to be connected to the internet, I have no idea why you would allow your computer to be connected to it either. That's infinitely more dangerous.
Re: (Score:2)
Security.
Simple. (Score:1)
We must integrate cloud solutions with modern app interfaces. Then we can utilize a lateral optimization strategy to compete on a global level.
Re: (Score:2)
i love what you've done there
sad thing is, I've been in meetings which you would have only just barely met the minimum level off bullshit buzzwords in a sentence to hang out with the cool kids
Commercial Internet (Score:1)
Back when they started to allow commercial content on the Internet, they should have made a few more rules:
1. Require a business license to get a .com .org /24 network to get a .net
2. Require 501 non-profit status to get a
3. Require a
4. Make a new TLD for everything else.
Look at how well this worked for .edu. (must be an accredited, four year, degree-granting organization).
Re: (Score:2)
Or it should have been setup in such a way that we had no TLDs in the first place. It's just obnoxious to have CocaCola.org Cocacola.net Cocacola.org Cocacola.tv Cocacola.biz etc.
Just have CocaCola. The end. Nothing more.
Re: (Score:2)
Just have Pepsi.
FTFY!
No wait, screw that.
Just have Water.
There we go.
Re: (Score:1)
Look at how well this worked for .edu. (must be an accredited, four year, degree-granting organization).
Community colleges are not four year schools and they all have .edu addresses.
Re:Commercial Internet (Score:4, Interesting)
1. Require a business license to get a .com
A business license from whom? Not everyplace requires a business license to have a business.
2. Require 501 non-profit status to get a .org
Good. Limit .org to US only.
Look at how well this worked for .edu. (must be an accredited, four year, degree-granting organization).
Really? The local community college has a .edu name. As I recall, phoenix.edu too.
Re: (Score:3, Informative)
Surprisingly, Phoenix University is accredited, although it has been placed on notice -- i.e., subject to losing its accreditation as documented on their website [phoenix.edu]
Of course, this indicates that accreditation is not exactly a true Gold Standard.
We can do it. (Score:3)
We'll build our own Internet. With Booze, Blackjack and Hookers!
Wait, that's the current Internet. Uhm, how about faster speeds, lower prices and some privacy? That'd be a good start.
Re: (Score:2)
I'd already settle for lower speeds, higher price sand some privacy. Like, say, it was two decades ago. Before the arrival of corporations.
In other words, the easy fix for better internet is simple: Kick corporations out and hang spammers from their nuts.
Re: (Score:3)
So you want like AOL and Earthlink back?
Re: (Score:2)
Re: (Score:2)
I thought I'd never say it, but the times were better when they still existed. Though I guess that's more coincidence, not correlation.
The only broken (Score:1)
require a test (Score:3)
Just like getting a HAM license, and use call letters as unique identifiers too.
Re: (Score:2)
CQCQCQDX..
My ideal internet (Score:2)
It's fast and secure
Anonymous if you want, although I think most people really don't care
Totally free of any and all censorship..of any kind..absolutely..no exceptions
I don't care how compelling your argument is..no censorship..ever..for anything..ever
Reality may be ugly..but truth is good, no exceptions
Here's our chance (Score:2)
Let's make the evil bit flag a reality!
my guess? (Score:2)
Al Gore's son.
The internet is not broken... (Score:1)
Internet is broken. Health care is broken. (Score:5, Insightful)
Immigration is broken. The VA is broken. Congress is broken.
Can we please stop labeling everything as being "broken."
What about when it's true? (Score:2)
Immigration is broken. The VA is broken. Congress is broken.
Can we please stop labeling everything as being "broken."
I don't mine the label if people actually took it seriously and started trying to fix all this broken stuff. Yeah, really is all broken. Lets get workin!!
Comment removed (Score:3)
Re: (Score:2)
Possibly related to hillary benghazi female kidnapping tea party obamacare, actually.
I knew it all made sense!
Its not broken (Score:2)
But it is being perverted into something it isn't intended on being. ( a privacy sucking marketing tool )
OSI ? (Score:1)
I spent a lot of time OSI-ing (Open System Interconnect) in my youth. Had lots of great features, even way back then. Much thought went into how to solve many of the problems that we seem to have with today's Internet. No need to start from scratch. We could even run DECnet over it. I could hook up my old VAX!
Needs an IQ test to enter (Score:2)
The problem with the internet is that if you add commerce and a clueless general population, you get behavior that is only appropriate in dive bars.
Make the same internet, put an IQ test on the door, and let in 120s and up and you'll have someplace worth attending.
Re: (Score:2)
Replace IP addresses with public keys (Score:3)
You shouldn't be connecting with "host IPs" but with services addressed with their public keys.
I was about to say about the same thing (Score:2)
The DNS/IP thing is a nightmare. The system should be based on discovery, and not a distributed list like it is.
I was going to go with some kind of md5hash deal, but your idea is much better. And I think ports should become
part of the address. So that you can run thousands of services on the same machine. Instead of the virtual hosts
thing they do with websites.
Re: (Score:2)
Just have a different public key for each service whether they are on the same machine or not. Every public key is a "port" into the service space.
Re: (Score:2)
Hmm, I kinda like my idea better. I think having the port in the key, will cut down on extra connections. The port could be delivered during discovery, but I would hate to get that mangled by evildoers running a service on the same machine somehow.
But I am probably not undertanding your idea. Anyway, well done.
Re: (Score:2)
Re: (Score:2)
Cool!
Uh OK (Score:2, Insightful)
How about we just make use of the technologies we have already, namely mesh networks and IPv6, to make backbone providers irrelevant aside as links between countries? Oh wait, the entrenched powers writing the laws won't have any of that shit.
Re: (Score:2)
However, they have a problem I've never been able to see how to resolve. In the mesh, everyone has a limited amount of bandwidth, maybe gigabit or even let's say terabit or something, but still limited. The people who live next to Google or Netflix or Facebook are really going to be screwed, because all that traffic is going through their wireless routers.
How do you solve the problem that ultimately most of the traffic on the intern
Re: (Score:2)
Mesh has it's pros and cons, it can be more secure but the tradeoff is that you suffer a performance penalty the more hops that are incurred. This doesn't give you some of the layer three switching optimizations that are available now in most backbone networks. I'm not saying it couldn't be accomplished but it's not there now. Secondly it doesn't have to be wireless, it could be but it doesn't have to be. I think there's also some great opportunity with the emerging MIMO over Multimode Fiber (MMF) [stanford.edu] work
Re: (Score:2)
How do you solve the problem that ultimately most of the traffic on the internet goes to a few places?
There will still be ISPs, and you will still subscribe to them if you want lots of bandwidth. Anything that's not instant streaming that needs lots of bandwidth can be buffered. People who don't feel the need to stream mostly won't even need an ISP. Some sites which are currently streaming-only will implement buffered playback if there is demand. For everything else, there's a traditional long-haul ISP. If you don't actually need an ISP to do the basic things that we take for granted these days like IM, ema
Re: (Score:2)
internet of things (Score:2)
shut up, just shut the fuck up.
ahem, sorry.
i definitely look forward to the day when my fridge and microwave can start blogging about about what a pig i am.
So? (Score:2)
broken is relative (Score:2)
The Internet works fine for 99% of the users and stakeholders. Good enough is better than perfect[1] and the Internet is good enough. What we need is legal protection, because the current problems of the Internet are not technological, but political. Privacy is a political goal, for example. Do-Not-Track Header[2], I was laughing when I first heard of that and of course it's a failed concept.
The new Internet must be 200% better then the current Internet. You can see how slow and reluctant new (and even nece
Who, is the correct questions. (Score:2)
Who's Going To Invent a New One? That's the rub.
I have to wonder. If the Americans came out today with a super-duper new internet, would the rest of the world use it? I do not think so. More and more companies and governments are trying to get their data out of the US for obvious reasons. Many years ago Europeans trusted American tech by default, but now the reverse it true.
Before you flame, I am not saying they do not use it, I am saying they do not trust it. And, they shouldn't. Just as the US does not tr
Suspicious (Score:2)
WILL THIS NEW INTERNET HAVE THE SPYING BUILT-IN (Score:2, Insightful)
Re: (Score:1)
Can't you read?
"These clean-slate designs explore novel network architectures and networking concepts and also consider the larger societal, economic and legal issues that arise from the interplay between the Internet and society.
So yeah.. that's spying and censorship and making sure you pay extra for it too.
Re: (Score:2)
Then they can keep it.
Something new must be better to eventually overcome the old. It's already hard enough to convince people to move away from what they know, when it got bad press it's not really something that will sell well.
Re: (Score:2)
governments will NEVER permit a new internet that didn't have built-in spying [and will kill people trying to implement a new system which didn't permit them to spy].
they know how powerful the current internet is, and they are busy trying to reign it in as fast as they can.
Re: (Score:2)
That they WANT that is a given. That is pretty much confirmed.
What we may hope for not becoming truth is them GETTING it.
Re: (Score:3)
seems that the internet already is a mesh network...
Re: (Score:3)
Re: (Score:2)
Ted Stevens is still dead.
Re: (Score:2)
Dammit, you beat me to it. Oh well, I'll have to wait until this conversation comes up again, and we're talking about Internet3.0a.