Do We Need a New Internet? 690
Richard.Tao and a number of other readers sent in a NYTimes piece by John Markoff asking whether the Internet is so broken it needs to be replaced. "...[T]here is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start over. What a new Internet might look like is still widely debated, but one alternative would, in effect, create a 'gated community' where users would give up their anonymity and certain freedoms in return for safety. Today that is already the case for many corporate and government Internet users. As a new and more secure network becomes widely adopted, the current Internet might end up as the bad neighborhood of cyberspace. You would enter at your own risk and keep an eye over your shoulder while you were there." A less alarmist reaction to the question was blogged by David Akin: "If you build a new Internet and you want me to get a license to drive on it, sorry. I'm hanging out here in v.1."
Harden up (Score:5, Informative)
Fucking cry babies who literally want to trade liberty for security.
Re:Yes we do. All systems become antiquated. (Score:5, Informative)
The people working on core Internet protocols have known that these things have problems for a long time. This article doesn't contribute anything to the conversation. Microsoft themselves could contribute a lot to the problem of an "insecure Internet" if they just fixed their f'ing OS.
Re:Harden up (Score:5, Informative)
The option to be anonymous is liberty.
Closed ballots and open democracy go hand in hand.
Why not? (Score:5, Informative)
Whenever I read this kind of stuff I really don't think any of these people get what an "internet" is... Once more with feeling the internet is not a network; it is a network of networks.
Last time your home windows computer went down with a virus, my computer worked fine. Even with the incompetents we have in outsourced IT support, last time your corporate network collapsed under attack, mine didn't. The internet is the cess pool^W^W happy village square where we all meet together. Your own network is not the "internet" and you can run it any way you want; it won't influence the rest of the world. If you cut off the internet it by declaring "a gated community" as the article (you did read the article didn't you?) suggests, you are no longer part of the internet.
Anyone trying to build a "new" internet should be encouraged at the same time as given a gentle education in basic network theory. If it's any good, then enough people will join it that when other particular bits of the internet collapse, they can still continue with their own useful lives. We need this kind of thing. If someone could build a network for their own country which could be relied on for emergency calls and at the same time let me read slashdot that would make a real difference (no BT's "all IP" network doesn't count). Definitely it would have to have some priority mechanism so that my slashdot couldn't get in the way of your emergency stuff; however, there's no way that such a new network can be successful if it can't cope with being connected to the current internet. That would just be security through obscurity and uselessness. Like claiming a computer is secure because it's had concrete poured into it.
Instead of a new internet (Score:2, Informative)
Re:Why not? (Score:5, Informative)
Last time your windows computer went down with a virus, I had to install a virus scanner for KMail, not because your viruses were in any way likely to infect my computer, but because there so many of the dammed things in my inbox that I needed something to filter them out so I could find my real mail amongst them.
And your infected Windows computer is the reason why my uninfectable Linux computer gets bombarded with so many ads for fake pills etc.
Re:as old ben would say (Score:3, Informative)
It's based on the WiFi network you are connected to. There are companies like Skyhook which create maps of WAPs, and uses that to find your location. Much more accurate than cell towers, much less than GPS.
Re:as old ben would say (Score:2, Informative)
Oh come on. Remember Napoleon?
I live in Europe and hate the French just as much as anyone, but you have to admit that their stance on the Iraq war was both reasonable and correct. Why the grudge? Cling to talking points much?
Re:No way in hell! (Score:5, Informative)
It's hilarious that you mention that. One of my clients lives in a gated community where the average home price is 3 million dollars, even by today's standards. HOA fees are about as much as rents for some cheap apartments. Gates, armed guards, 24 hour security, and constant surveillance on the streets.
Last night around 2am a group of people entered the community, broke into over a dozen cars on the streets, stole everything of value from them, AND stole three cars outright.
Where was the security? At the gates eating pizza and watching TV. Where was the surveillance footage of the cars entering? Those systems have not worked in over a year and it was just a "visual" deterrent. Where was the license plate numbers and inspection of the drivers licenses required by policy? Not performed on entry, as the guards barely looked at them before letting them in. Can't even recall who came in around 2am or what they may have looked like.
The illusion of safety here is not an opinion. It is a fact. All the hassle of having the guards and the costs of the HOA are apparently wasted in this community.
Yes, I think this a PERFECT example of what would happen in Secure Internet 2.0 :)
Re:as old ben would say (Score:2, Informative)
I'll admit, the beginning of my comment was a sucker punch, but it was a well deserved one.
I've had the pleasure of implementing networks and maintaining security for many different types of organizations including manufacturing, education, scientific research, financial industries, wireless ISPs and lately a popular .com company. Over the years, it honestly makes more sense to watch what goes out as much as what comes in from the internet.
Stupid users aren't as bad as stupid network administrators. With the users, you have to expect they'll do something goofy that may compromise the integrity of your network. In most cases, it's not the users' jobs to monitor the network and worry about security. They have other job functions in the company.
Poor administration means you never catch it, and/or can't prevent the leak of information from the inside.
There are all kinds of dedicated appliances available today that make full-duplex protection fairly simple to implement. Just search for "unified threat management", and start reading. It's not always cheap, but it's necessary if you rely on your network and computer systems to do business every day.
A wider deployment of UTM devices and services would go a long way towards cleaning up the internet. Yes, it's packet inspection in some cases, but it's packet inspection that can still provide a level of anonymity if configured correctly (don't log).
Re:No way in hell! (Score:5, Informative)
To quote my main man on the C-Note [wikipedia.org]: "They would trade essential liberty in return for a little temporary safety deserve neither." The B-man was talking about firearms, but it goes for the Intartubes as well.
The correct quote is "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety." [google.com] The quote is in the context of Massachusetts resisting the amendment of its laws by Parliament, and doesn't seem to have anything to do with gun control.
New architecture has to recognize current strength (Score:2, Informative)
The concern that I have with any so-called 'Clean Slate' approach to reinventing the Internet, is that it would tend to focus on problems perceived in the current Internet (security, mobility, etc.). The danger is that the strengths of the current architecture are likely to be overlooked.
Any new Internet architecture should hold true to the principles articulated in RFCs 1958 and 3439.
A focus on security issues without respecting current Internet architecture strengths is likely to result in something more closely resembling the PSTN or Cable TV networks. Both those networks are highly secure (relative to the Internet) and both are centrally managed. Of course, the downside is that the network manager exerts a large degree of control over what can be done on their network. This naturally has an negative impact on innovation. Innovation can only occur within the limits of what the network owner can currently think of and allow.
Internet architecture (in broad terms) differs from PSTN or Cable networks in using intelligent end-points and a relatively simple network core. PSTN and Cable networks are just the opposite: The 'intelligence' is contained in the network core and end-points are relatively 'dumb'.
I'm all for blue-sky investigation into all possibilities, but lets not rush forward with a focus on current problems without recognition of exactly what has made the current Internet a success.
Re:No way in hell! (Score:4, Informative)
Really? How much bandwidth does it take to run a cracking script? I'd bet most bandwidth is "lost" to peer-to-peer downloads.
I host a few servers at a local, regional ISP. I was out there the other day taking care of a power problem with the net ops, and he mentioned all the network upgrades, OC this, fiber that, and I asked him what was driving all the upgrades.
He didn't hesitate, even for a second. "Online Video!". Turns out that everybody is discovering sites like hulu.com [hulu.com], youtube.com [youtube.com], wtso.net [wtso.net], Netflix instant play [netflix.com], and on and on.
Yeah, Bit Torrent isn't anything to sneeze at. But the change is in the air, and my household is living proof. We moved to a nicer house (that cost less!) on the 1st of this month. First on our list was DSL service with a 3.0 Mb plan. Our dual-TV dish DVR? Sent back. We have no intention of bothering with cable.
The TV (we brought over only one) in the living room is only used for the Wii and the PS2. Everything else is done online, on a computer, or on my HTC Mogul [mobiletechreview.com] - awesome phone.
We really haven't missed the "normal" TV much at all.
Already have it #2 (Score:2, Informative)
1. You have to give up some identification when you enter/join (even if it's quite weak: ie. usually you're verified email address)
2. You have to introduce yourself (or be introduced as in LinkedIn) before you can send anyone a message.
3. All you communications are through a central server that verifies the identity of both endpoints and records all communication (possibly for ever!).
And, yes, it's been seen that people happily give up a whole heap of private info to be part of these clubs...
It would be interesting to find out what the ratio is between email and social-site IM'ing these days.