"Two Years Ago, I Would Have Said the Internet Is Fantastic”: What Scares Networking Pioneer Radia Perlman

(Page 2 of 3)

the thing done by the International Standards Organization had a 20-byte address where IP has a four-byte address. And not only were the addresses even bigger than IPv6, but it had some magic properties that are so much better than IPv4 or IPv6.

This is sort of a little bit subtle, but I’ll see if I can explain it quickly. If everything were connected with IP routers, every link has to have a different set of addresses. You have to configure all the routers as to which addresses are on which ports. If you have a computer move from one point to another, it has to change its address. Now, one could design networks that didn’t care what address someone was at and you could change your address, but the rest of the network, and your connection, your conversation will break if you change your address. People would like to be able to behave like a data center that has a flat address space, meaning you can move virtual machines around and stuff; it doesn’t change their Layer 3 address when you do that. That’s why people are still using Ethernet. Because IP requires that if you hook the whole data center together with IP, then when you move a machine around you have to change your address. But with the Ethernet it allows you to keep your Layer 3 address, because IP thinks that the whole data center is a single length.

Now, going back to a competitor of IP, it was called CLNP, the Connectionless Network Protocol. That one had a 20-byte address where the top 14 bytes was a prefix that everybody in a large cloud shared. So, you can have everybody in the data center using the same 14-byte prefix and you can move around within the data center and keep your Layer 3 address. And this was much better than Spanning Tree. It was a real, honest-to-goodness Layer 3 protocol. If the world had gone to the CLNP instead of IP when they had a big fight in ’92, then we wouldn’t have needed IPv6, we would have had an internet working with much bigger addresses. But it was only the rivalry between standards bodies and “not invented here” and stuff like that that caused them to reject in 1992 the notion of replacing IPv4 with this other thing.

X: That’s a good analogy to some current debates over whether there might be different ways to conceive the way the internet works, like content-centric networking.

RP: Information-centric networking? I think that’s total garbage, honestly.

X: I’d love to hear why. But the real point of my question was, if there were an idea that promised, for example, that the data you need will always be closer to you in the network—if there were an imaginative leap in the way the network is organized—would we even be able to adopt it? Or, is there so much inertia and so many established institutions running the internet—IETF, IEEE, ICANN, all of these acronyms—that we would have a really hard time implementing it now, even if it was a better idea?

RP: If there were something that were way better, then perhaps. But this information-centric networking does not offer anything. It’s actually significantly worse than anything you could do today. One of the things they touted is that you can move data around. Well, you can do that today. There are web proxies that cache the data. All the things they say you can do, you can actually do but even better and more efficiently today, without having to do internet search assuming that there is kind of a universal namespace. That stuff is just so unworkable.

Every once in a while, the funding agencies, either NSF or DARPA, thinks that something is cool and then they throw a bunch of money at it and then a bunch of researchers write papers about it. And because if they want funding they have to get it from that pool.

At any rate, I really could explain the way information-centric networking is not a promising approach. One of the things they say, which makes me mad as a security person, is that before they invented this stuff, in order to trust the data you had to trust whom you got it from. But they have this concept that you can actually sign the data so you can receive it from any place you want. Well, that’s Crypto 101. You can have digitally signed stuff. You can move it around. And it has nothing to do with information-centric networking.

Let’s look at BitTorrent, which is an incredibly cool thing. You want to receive data and there is some sort of server that keeps track of where all the data is. And it lets you know who to ask for the data, and even more cleverly you can simultaneously get the data from multiple places. You can ask for ranges of the data. You can say you want Alice to send you this part, and Bob to send you that part.

X: Would it be a fair summary to say the internet’s infrastructure is actually remarkably robust and flexible? And that almost anything that we can think of doing, we can already do with it, and it doesn’t need fundamental renovation?

RP: No, it does need fundamental renovation, but at a much higher layer than looking at the protocols.

I’m actually reasonably sophisticated about security and networking and stuff, and I was tricked into giving my credit card to a criminal because I was searching for how to renew my driver’s license. I was in a hurry, I was tired, and I typed into Google, “Renew Washington state driver’s license,” which I knew you can do online. I clicked on the top result, which is always the right one. And it was a very well-organized website. The URL looked perfectly reasonable. It was something like washington.licensing.org. And I clicked on “Renew license” and I put in my address, my name, my credit card number. And then afterwards it said, “Here’s a bunch of offers you are qualified for.” Which made me realize, “Wait a minute, the real thing wouldn’t have done that.”

And I looked more carefully, and indeed the site only claimed that it would give me information about how to get a license, not that it would actually give me a license. It didn’t even tell me how much it was going to charge me for not giving me a license. So, I called my bank, and they said that there was a pending charge of $3.99. That’s not so bad. A couple of days later, the fraud department called me, they said it had charged $3.99 the first day, $9.99 the second day, $19.99 the third day. The fraud department said, “Which of these are fraudulent charges?” And I gave them the story. They denied all of those charges and changed my credit card number.

That’s fine. But the thing is, people don’t search for things based on URLs. They search based on Google names. And yes, if I had looked at it carefully, it said “Ad,” because these bad guys get to be first in the search order because they pay Google. But even if there wasn’t a way to pay Google, they would know the algorithm that Google had and create a bunch of pages to cite their pages, and they could wind up being first in the order. So, how are people supposed to cope?

One thing that I really think all engineers should be forced to repeat every day is, “Don’t blame the user.” It’s not the user’s fault. So, how can you make that stuff more secure? How can you stop people from getting 300 emails every day? How can you get them to stop getting frantic-looking emails from what looks like their bank, saying you need to log in and click on this link? Because the real bank also sends you links. It’s not like you type in the URL every time you want to talk to the bank.

There’s that whole issue that suddenly everything is on the internet, and everything seems to have flaws. This higher-layer stuff, plus the fake news stuff, is absolutely terrifying. The internet is great because everyone becomes a journalist. News can happen when there isn’t a Channel 4 News crew on site, but there’s somebody with a cell camera to record the event. And that’s great. But you can also create a false video that, forensically, we don’t have the science to know that it’s false. Or you could just create a print article saying this happened, make up names and all that, and it spreads so virally on the internet. That’s terrifying.

X: You just mentioned a whole array of flaws that have cropped up. And a lot of them are the result of deliberate human mischief, and some of them are the result of bad design. As an engineer, can you imagine solutions for some of these things? Is there a layer of the network at which we could make some tweaks to prevent some of these problems? Like the fact that Google has become a default directory of the entire internet, even though it’s liable to being gamed by people with an advertising budget. Can you imagine network-level solutions to that kind of thing?

RP: Well, there are things like Snopes.com. I trust them. I can look things up and find out if they’re true or not. I have no idea how Snopes manages to scale well enough to keep on top of most of these hoaxes. But the thing is that, although I trust Snopes, the people who have an arsenal of guns and want to believe all this bad stuff, they’re not going to trust Snopes. If they get some sort of viral information that “All them green people are dangerous, and we should go out and kill them all,” or whatever group they are being taught to hate that week, they’re going to believe that. I’m not sure if there is a way. Back in the old days, the only way you can get your news was from three major networks and a few newspapers that just couldn’t be absolutely absurdly libelous and false. You’d also be exposed to other ideas. But these days you can tune in on just what you want.

On YouTube, the machine learning algorithm tries to keep you engaged as long as possible. It makes you more and more extreme. If you want to look at … Next Page »

Single Page Currently on Page: 1 2 3 previous page