Web Security CEO Warns About Control Of Internet Falling Into Few Hands (cnbc.com) 87
The idea behind the internet was to make a massive, decentralized system that wasn't under control of anyone, but that is increasingly changing, according to Matthew Prince, CEO of web security company CloudFlare. His statements come at a time when Google and Facebook and other companies are increasingly building new products and services and locking in users to their respective walled gardens. From a CNBC report: "More and more of the internet is sitting behind fewer and fewer players, and there are benefits of that, but there are also real risks," said Matthew Prince, chief executive officer of web security company CloudFlare, in an interview with CNBC. His comments came at CloudFlare's Internet Summit -- a conference featuring tech executives and government security experts -- on Tuesday in San Francisco. "If everything sits behind Facebook and you can't publish pictures like that, is the world a better place? Probably not," said Prince. "Before you know it, you could wake up and find more of the internet sits behind a small number of gate-keepers," said Prince. Putting that sort of power in the hands of a small number of people and companies "might not be the best thing," he said. Still, the wave of consolidation among the major internet companies is likely to continue, at least for now, he said.
A good thing. (Score:5, Insightful)
Re:A good thing. (Score:5, Funny)
Facebook reminds me of early AOL...
Just waiting for someone to link FB Messenger with IRC O_o
Wait, what? (Score:2)
A social media outlet who has been repeatedly proven to censor information harmful to certain Marxist/Progressive/Socialist agendas, and been advocate for propaganda to politicians is being criticized and you claim the person making the criticism is a Russian Troll? How about you talk about issues which are derived in fact and stop protecting the various forms of media which would make the Pravda jealous? Are you paid to shill using the rules for radicals? Mkay then
Re: (Score:3)
Re: (Score:3)
I remember a few years back, having a FB account was pretty much a job requirement, where I got told to bugger off because I didn't tell the world how many coils I dropped in the commode that morning. It has gotten better, but for a while, I eventually just wound up making a dummy account on there, Twitter, and other places just to make the HR people happy.
It isn't just Facebook. I'm seeing companies put all their eggs in the AWS basket. My fear is that cloud providers overtake having servers in-house, a
Re:A good thing. (Score:4, Insightful)
Cloud places have their use, but there is always the security question, and there is always the grave concern about data sitting on a remote site where you have zero physical control over it.
There's also the outage question. Microsoft's Azure has had two significant outages [zdnet.com] in the last 10 days. Companies using Google's Apps For Work suffered a 7+ hour outage of Gmail [google.com] this week during (US) business hours. When your enterprise is built on one of these services, what do you do when it goes down? You wait. That's all you can do, sit there and wait and hope the services come back up soon. Sure, you'll get a credit against your SLA after the fact, but that doesn't offset the fact that your ability to conduct business was down for hours on end and there was absolutely nothing you could do about it.
At least when you're running services on premise, you have some control over the situation. You can investigate and resolve the problem yourself. Getting your company's service restored is the #1 priority, not priority #1852 among 5,000 other companies all suffering through the cloud outage.
Correct, but.. (Score:3)
We have customers demanding that we host their data in the cloud. Making matters worse, our executives all see it as a great way to cut costs. In other words, people worried about security are ignore when people above them can get fat bonus checks for cost cutting. Given the lack of punishment those people receive from all levels, that won't be changing any time soon.
Re: (Score:1)
You can lie as much as you want, as long as you don't state during your interview that everything stated on your FB page *is real.
And they trust that information? Idiots...
Re: (Score:2)
Remember (Score:2)
More often than not posts are considered "trolls" because they differ from, or harm the opposition. I occasionally get posts rated "troll" where the only argument against my position is ad hominem. My position tends to harm the progressive agenda, go figure.
As to not restrict my point to my own personal anecdotes, see how Trump has been treated since day one in media. I don't agree with all of Trumps policies and can happily debate where I think there are problems. The media flat out lies and claims he
Re: (Score:2)
Re: (Score:2)
More often than not posts are considered "trolls" because they differ from, or harm the opposition.
Friend, you're FAR from being alone in that. Happens to me all the time. Finally, I gave up any semblance of civility and just cut loose, because it's not like the real trolls are holding anything back. Any attempts to defend myself in 'dignified' ways just gets twisted into something else anyway. Largely, the Internet has become just a sewer for the lowest common denominators of humanity. The vast majority of civil, intelligent, insightful conversations I have, are still face-to-face.
Re:you won't be allowed to use the Internet anymor (Score:1)
Anyway, why not 'invent' your own internet?
You could start with a bulletin box connected to a telephone modem...
Then establish an organisation with members that are allowed to access that box, etc. etc. and before you know it, you have your own internet.
Just wondering whether you'd start tracking your clients or not.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Just wondering whether you'd start tracking your clients or not.
Screw you, jackass.
Re: (Score:2)
Won't happen. Facebook is common, but they don't have everybody.
Since you don't seem to read and/or comprehend everything posted, I'll reiterate: I'm describing a possible dystopian future where Facebook is required. Sadly, I also think it's not too far-fetched, just like I don't think it's too far-fetched that in another possible dystopian future, everyone on the gods-be-damned Internet will be required to log in somehow using their real name, no more anonymity allowed -- at which points, I go back to using Public Libraries with printed books for everything, and paying
Re:we're happy... (Score:1)
Re: (Score:2)
Too late (Score:5, Insightful)
We've already lost that fight in terms of a truly decentralized Internet. The various governments and large corporations already are fighting to stake out various levels of control. The companies that operate the core infrastructure also have an outsized level of control.
I think the idea of a communication system that relied on numerous small autonomous nodes was a great one, but unless we can make some sort of giant mesh network, it will never happen. Even a big mesh is likely to get controlled by governments in one way or another.
Re: (Score:3)
Re: (Score:2)
We've been talking about a 'second net' for many years now, one with no lusers. Perhaps Tor is it?
FreeNet and Internet2 (for starters) were both supposed to be 'it'...
(hell, FreeNet [freenetproject.org] still exists. Who'da thunk it? Pity that my corporate firewall denies access outright, no?)
Re: (Score:1)
I think the idea of a communication system that relied on numerous small autonomous nodes was a great one, but unless we can make some sort of giant mesh network, it will never happen. Even a big mesh is likely to get controlled by governments in one way or another.
The reason everyone moved away from decentralized things like usenet and email (outside of gmail) was spam everywhere, giant mesh networks will probably have the same problem.
Re: (Score:2)
That can be solved. It would take a PKI, but I can see something like USENET with some trusted CAs, ability for people to chose whom they trust, and signed messages doing a good job at stopping spam. If someone does spam, their cert gets revoked, or if a SLC based system is used, the CA just doesn't bother to sign the certs, and the nodes forwarding traffic just drop anything from that key.
The problem is that decentralized PKI research stopped at PGP, and the world moved to SSL/TLS's model of all or nothi
Re: (Score:2)
I've ended up using VPNs to get around that. It isn't cheap, but a Linode box acting as a NAT/proxy box [1], with a VPN to your real machines can get around most of that. You can also use AWS, a router OS like VyOS or PFSense, and a VPC to also allow for your home servers to have a "legitimate" IP to handle incoming traffic.
[1]: Assume the Linode box can be compromised at any moment, so don't terminate your TLS connections there. Terminate them on your machines. It also is wise to have provisioning scr
Re: (Score:1)
Tor hidden services do not require permission from the ISP. They do not even require permission from your own router. It looks like and acts like regular traffic which will not be blocked. Which means that if the users embraced tor, we could all run our own email and chat servers. Plus it would have the added side effect of an additional level of privacy.
Most computer support the Tor Browser and most phones support Orbot. It could be widely deployed and would be accessible by most client hardware today.
Re: (Score:1)
The reason everyone moved away from decentralized things ... was spam everywhere, giant mesh networks will probably have the same problem.
If people really had their own servers/services hosted at home and they could easily white list the people they wanted to allow communication with, then there would be zero spam.
Maybe the idea that strangers should be able to contact you from a single common and global email address should disappear... and then the spam problem just solves itself.
Re: (Score:1)
Re: (Score:2)
We've already lost that fight in terms of a truly decentralized Internet. The various governments and large corporations already are fighting to stake out various levels of control. The companies that operate the core infrastructure also have an outsized level of control.
It has never been easier for peers to communicate amongst themselves and never easier for people to host whatever content they want from their own fat pipes. What a single broadband customer has today in bandwidth entire corporations and universities wished they had 20 years ago.
websites are the biggest problem? (Score:2)
what about Cisco and other big "security" and traffic control appliance makers
Social Media Alternative (Score:1)
We are ditching you Internet peeps (Score:1)
Sorry, we got annoyed at all your misuse, so we're all migrating to Internet 3 and you can whine about stuff on your lonesome, while we play in our 40 Gbps puddle without you and your spam and other irritations.
Can't say we'll miss you.
It's (not) been fun!
Not really a problem, IMHO. (Score:3, Interesting)
Google and Co. are basically what Compuserve, AOL and T-Online were back then.
All that needs to happen is that a few FOSS developers finally get fed up and finally redo all protocols that have gone bad or broken and replace DNS with some Blockchain based namecoin thingie, replacing email and perhaps even web on top of that with some new, fully network abstracted and end-to-end encrypted data exchange layer sans anoying ads and Facebook is history.
Until then we're simply a two class internet, with ordinaries on Facebook and experts on encrypted Jabber and maybe diaspora.
Facebook, Snapcrap, WhatsCrap and the liked are basically todays mass media channels. But unlike the unwieldy and expensive radiostations of yesteryear they can be replaced by the next teenager with a laptop, some extra time and the next fad up his sleve.
I really don't see much of a problem here. Not yet that is.
It is not the software... (Score:1)
but the physical network that needs to be replaced. What is needed today is for projects like seattle wireless and others that previously offered free wifi to the internet to instead roll out mixed media point to point links to begin providing a meshed and decentralized network akin to what the internet was intended to be back in the late 80s early 90s, before commercial interests began recentralizing it under the banner of corporate governance.
Having said that, in order to get rid of the centralized custod
Re: (Score:2)
All that needs to happen is that a few FOSS developers finally get fed up and finally redo all protocols that have gone bad or broken and replace DNS with some Blockchain based namecoin thingie, replacing email and perhaps even web on top of that with some new, fully network abstracted and end-to-end encrypted data exchange layer sans anoying ads and Facebook is history.
2 words:Network effect. Unless enough number of people decide to adopt whatever decentralized solution you describe above (or similar), it will be business as usual. As an example, the Signal app by OpenWhisper Systems provides secure, encrypted voice calls and messaging, but who are you going to call when everyone you know is using Whatsapp or FB Messenger and aren't about to switch away?
This isn't news (Score:2)
The idea behind the internet was to make a massive, decentralized system that wasn't under control of anyone.
That may have been the idea behind it, but centralized control has been in place since the DNS system was put in. Yeah, in theory, you can do stuff by IP address, but in practice, that hasn't actually worked since Apache added virtual servers. No, the web isn't the internet, but it's the only internet most people actually use any more.
Re: (Score:1)
DNS is not, nor can it be, "centralized control".
ANYONE can put up a competing DNS tree.
Been there, done that, for several years - and it worked just fine. The only requirement is consensus - those that want to use the independent tree just add a reference.
Anyone can do that.
The ONLY centrally controlled feature was IP number allocation - and that goes away with IPv6.
Re: (Score:1)
... centralized control has been in place since the DNS system was put in.
A Tor Hidden service bypasses DNS. Set up a service and then tell your Tor service to provide it as a hidden service. You will get back an onion address. Give the onion address to anyone and the request will get through to your server box without DNS ever being contacted.
I think that the Tor network maintains a list of some sort to make sure onion requests get directed back to your server. But they do not have a mechanism for determining the difference between one onion server and another. So there is no wa
Oh the irony (Score:1)
That, coming from the Cloudflare CEO...
Into a few hands, like cloudflare? (Score:1)
I agree with you guy, but lets include your own company in this. How many sites is cloudflare sitting in front of? What are they doing with the information they collect on the traffic that passes through them?
Hrmmph
Re:Into a few hands, like cloudflare? (Score:4, Informative)
Yeah, I was thinking the same thing: that's rich coming from Cloudflare - the company that single-handedly decides you can't access vast swathes of the internet if you're connecting from a TOR exit node.
That company does more than all the others put together to make my internet browsing experience completely miserable...
The biggest threat to this is Google... (Score:1)
Who uses any other search engine than Google? What happens when Google/Alphabet decide they want to lock shit down, censor search results, or even stop providing search services because it becomes unprofitable? Then what? Hell, the first two are already happening in some countries.
We should have competition in the search space, unfortunately bing is near useless, and there is really nothing else.
Re: (Score:1)
I have been using Bing for over a year now.
I used to cross query with Google, but it turned out that Bing was at least as good, and a lot of times better. Plus, I like the gadgets Bing has... like a Base64 encoder/decoder and other geeky stuff.
I also like the changing wallpaper. It's just pretty.
Kim Yanhee (Score:1)
Ohhh, really? is CloudFlare MITM as a service?
Look who's talking (Score:1)
CloudFlare has many criminal customers.
Check out this recent list of DDoS/"Stresser"/"Booter" websites proudly hosted by CloudFlare:
alphastress.com, anonymous-stresser.net, aurastresser.com, beststresser.com, boot4free.com, booter.eu, booter.org, booter.xyz, bullstresser.com, buybooters.com, cnstresser.com, connectionstresser.com, crazyamp.me, critical-boot.com, cstress.net, cyberstresser.org, darkstresser.info, darkstresser.net, databooter.com, ddos-fighter.com, ddos-him.com, ddos.city, ddosbreak.com, ddos
The Vertical Web (Score:2)
http://nodemy-ghost.herokuapp.... [herokuapp.com]
Saturated industries often consolidate for vertical integration. Large companies buy smaller competitors, and they also purchase their vertical supply chain to reduce costs and manage dependencies. A classic example is the American car industry, which went from 1500 companies to today's Big Three (and the occasional glitch like Tesla).
If the IT industry is post-inflective, then vertical integration might be happening. This spreadsheet defines the "Vertical Web" as power prod
Re: (Score:2)
From Wikipedia's List of the largest information technology companies [wikipedia.org]:
(1) Apple
(2) Samsung
(3) Foxconn
(4) Amazon
I think only one of your Big Three (or Four) is on that list...
The rest of the list:
(5) HP
(6) Microsoft
(7) IBM
(8) Google
(9) Dell
(10) Sony
(11) Panasonic
(12) Huawei
(13) Intel
Facebook's revenue is one-third of #13's
The List of largest Internet companies [wikipedia.org] is even more unrecognizable. Twitter
I don't see how the dots connect? (Score:2)
Surely it is about who controls the DNSs and top level routers that affects control of the Internet. That is a real issue to worry about but as I understand things those are not controlled by the big websites.
The reverse way of looking at it is if people waste their time in walled gardens so what? As long as the rest of the Internet still works who cares. How is people limiting themselves to a few websites stopping me f
Standards (Score:5, Interesting)
I think the root of the problem here is that, in the past several years, there has been no focus on developing common open standards.
I think the easiest example to give is the difference between messaging apps and email. If I use Gmail and I want to send an email to someone whose email is on Office 365, AOL, Yahoo, a private email server, or any email server at all, there's not really any difficulty. I can connect to my server either by using Google's website or by using a standard protocol (SMTP), the email gets transferred to the recipient's mail server through a standard protocol (again SMTP), and then the recipient can probably download it using a standard protocol (e.g. IMAP). SMTP and IMAP aren't without their shortcomings, and the openness of this system has had problems because of its openness (e.g. spam), but overall it works wonderfully. However, things would not work this way if they were designed today.
In contrast, several companies (including Facebook, Apple, Google, and Microsoft) have developed messaging applications, which are to some degree aimed at replacing SMS, IM, and/or email. These applications each use proprietary protocols for sending and receiving messages, and there is no compatibility between them. While I can use Thunderbird to send and receive my email on my Gmail account, there isn't a 3rd-party open source Hangouts app, because (at least as far as I know) the protocols for it are not open. From my Gmail account, I can send email to users with "facebook.com" email addresses, but I can't use hangouts to message with Facebook Messenger users. I need a Facebook account in order to do that.
This is just an easy and obvious example. I chose to compare email to messaging because I think it makes for an easy comparison, and it's clearly a bit stupid. There isn't really anything so complex about text messaging that Facebook, Apple, Google, WhatsUp, and all other messaging apps couldn't simply message each other. However, I don't think this a fluke, but instead the easiest-to-understand example of how the internet is moving more and more toward walled gardens. Nobody is developing open standards, or at least, nobody is really agreeing to use them.
To give another example, many sites let you log in with your Facebook account or your Google account-- I think some let you use a Twitter or LinkedIn account. This is great, since it diminishes the number of login credentials that you need to know, memorize, or secure. However, each of these companies are basically offering their own separate incompatible authentication service. The site developer has to decide to actively support Google Authentication, and if they do, it doesn't allow me to authenticate on their site against my Facebook credentials (for example). They must support each method of authentication individually, rather than having one framework that allows authentication against whichever identity provider the user wishes to use.
And although some people will think I'm a crackpot, I think this is a very widespread problem that includes Silicon Valley's obsession with "apps". Instead of developing a photo-hosting service, you have to have a photography app that's tied to a service. They make it so you can't use the app with a different service, and you can't use the service with a different app. Then a couple of companies (e.g. Google, Microsoft, Facebook, Apple) buy all these different apps, and make it so the apps and the services only interact well with their other apps and services. It's not hard to see how this quickly turns into a set of walled gardens.
In my view this all goes back to the issue of standards. If these apps and services used standard protocols and standard APIs, then they could all interact with each other.
Re: (Score:1)
Braw analysis.
what i think is really going on (Score:3)
Re: (Score:2)
i had to fix that
Re: (Score:1)
I don't use it either, but I'm not so naive. You can have your little FB-free experience... as long as you never want to log into anything, never want to talk to your friends or family, never want to shop or bank online, never want to use government services like renewing your number plates, never want to click on a link because they all point behind the walled garden, etc etc. Have fun with that. At some point, might as well unplug your network cable.
(Yes, we're not quite there yet, but we've set off do