"Two Years Ago, I Would Have Said the Internet Is Fantastic”: What Scares Networking Pioneer Radia Perlman

Xconomy National — 

[Editor’s note: This is part of a series examining the internet’s first 50 years and predicting the next half century. Join Xconomy and World Frontiers Forum on July 16 for Net@50, an event exploring the internet’s past and future.]

Bob Metcalfe co-invented Ethernet, the communications standard still used for most local on-site networking, but Radia Perlman made it work. Her creation of the Spanning Tree Protocol while working for Digital Equipment Corporation in 1983 made it possible to link individual Ethernet networks into a vast interconnected system—that is, the thing we now call the internet.

After Digital, Perlman worked for Sun Microsystems and Dell EMC, where she’s currently employed. She’s written fundamental textbooks on networking, including Interconnections in 1992. Along the way, Perlman landed the honorific “the mother of the internet,” in recognition of her work on network routing and bridging, but she dislikes the title.

I reached Perlman in Washington state while researching my feature article “Special Report 2069: Predicting the Internet’s Next 50 Years.” Here’s an edited version of our conversation.

Xconomy: When you consider what the internet might look like in 2069, you have a chance to think about the underlying technology, the big forces at work, and which trends we can expect to continue in the future. For example, do you expect the internet’s underlying protocols to have changed by then?

Radia Perlman: This obsession with TCP and IP and these little components—it’s sort of like talking about, if we want to build a civilization should we base it on Italian, Greek, German, or English? It doesn’t matter. It’s like saying, we have wars and stuff, so what if we switch to Italian? Would that help? The bigger issues have nothing to do with the exact format of the underlying things.

X: I get what you’re saying: Changing to Italian wouldn’t change human nature. But once you have a language like English in place, or a protocol like TCP/IP, and it becomes a global standard, you might start to notice ways in which it could be improved, but the fact that it’s so embedded and it has so much momentum makes it horribly tricky to actually do that.

RP: Absolutely. I’m sure we could come up with a better language than English. English is a horrible language, if you look at spelling and pronunciation. But we can do anything we need to do with it. And it can change in small ways. Every year, we add new words, we remove words, we change the grammar rules, and stuff like that a little bit.

One of the things that people think about is: Is there a whole new way of thinking about how to build a network, other than sort of this layered thing where there is this underlying infrastructure that knows how to signal a bit on the wire—which is kind of that Layer 1—and then Layer 2 says, “How can I send the whole message to my neighbor?” And Layer 3 finds the whole path.

I think that basic premise is flexible enough that it’s unlikely the internet will ever change. Nor do I think it would benefit from doing anything other than having a low level that just moves data around and higher layers that do the authentication and stuff like that.

Now, just as I’m listening to those words coming out of my mouth, there are other issues like denial of service that people didn’t foresee. We have all of these incredibly buggy end nodes, and we’re asking humans to do absurd things like “Don’t click on suspicious links,” whatever that means. We’re blaming users when their machines get infected, which I’m appalled at. It’s not their fault. But given that it is possible to infect so many machines, it could be that the very simple notion of “Just let the underlying layers move the data around” might not actually be sufficient. Because it could be that sufficient numbers of bots controlled by bad guys can completely starve out what’s going on.

Other than those sorts of things, I think that the simple things they’re doing today are just fine.

X: Well, let’s go at this from a couple of other angles. You started programming in the ’70s, and you’ve been involved in this field ever since. And I’m wondering if I traveled back in time and interviewed you in, say, 1983, would you believe me if I told you that basically the same internet that was coming together then would still be around in 2019? Did you expect that the protocols would be this long-lived?

RP: I had no idea how long things would last. So, for instance, Spanning Tree Protocol. It was a hack that I thought would live for, like, six months. The reason for Spanning Tree was that when Ethernet came out, it was really just intended to be something where a bunch of nodes, like maybe 100 or 200 within a building, would all share the same wire, so that if anybody talked everyone else would hear them. It was a nice, simple design. And the cleverness about it was how do you manage to make it so that only one guy is talking at once, without having a leader that calls on people and gives them permission to speak. So, that was what Ethernet was.

What I was doing was Layer 3, which was the thing that hooks a bunch of links together and finds a path across the network. Ethernet came along, and I said, “Oh, here’s a new type of link, and I have to modify how Layer 3 works to be more efficient with this new kind of link that has hundreds of neighbors.” I had to do certain things to the routing protocol to make it more efficient because this new kind of link had different properties. Fine. I did that. But because Ethernet was bright and shiny and widely hyped, people thought that was the new way of doing networking. They built applications leaving out my stuff, the Layer 3 stuff, and directly worked on Ethernet. That’s fine if your application is only going to work on a single Ethernet. But the Layer 3 routers that move data from link to link wouldn’t work unless you cooperate with them and implement, for instance, IP, and that’s going to be your Layer 3 protocol.

I was trying to say, “Build your applications on top of Layer 3, and then you can have Ethernet be your link,” but people ignored me, as they always do. A few years later, in 1983, my manager said, “Hey, people want to have their applications work across networks, from one net to another.” The right way to do that was to have the computers at the end nodes put in Layer 3, but that was going to be a lot of work. As a quick fix, I designed this magic box that would move Ethernet packets around, even though the end node thinks it’s just speaking on a single Ethernet. That design required there to be no alternate path. There had to be exactly one way to get from one place to another. That’s what the Spanning Tree was.

I expected this to last for about six months until we had a chance to upgrade all of the end nodes to put in Layer 3. But within a year of that the original design of Ethernet didn’t exist anymore. It’s all the thing I had designed, basically, which was moving Ethernet packets around with Spanning Tree constraining the current routes being used for data.

X: This hack that you envisioned might last six months is actually still in place 36 years later. It’s probably because it actually works. If it ain’t broke, don’t fix it, right? But I think we have this assumption that technology moves at a certain pace and that things will be improved and replaced over time. Perhaps our expectations are wrong. Maybe fundamental technologies actually wind up staying around a lot longer than we’ve come to expect.

RP: Right. But also, when does it become a new protocol? For instance, are we still using Ethernet? People think Ethernet is a great success, but it has nothing to do with what was originally designed; it just has the same name. It has the same packet format. But the real cleverness was this contention protocol for sharing a link.

Now, that’s another interesting thing. If we’re looking backwards rather than forwards, the way networking is taught—and this is very politically incorrect of me to say, but I will—it’s taught as if TCP/IP arrived on tablets from the sky in its awesome perfection. Students are supposed to memorize, “This is the way networks work,” so that graduates of the college can immediately start configuring Cisco routers, but without any sort of critical thinking about it.

As it turns out, there were competitors to IP, and a lot of them were better. In particular, the thing done by the International Standards Organization had a 20-byte address where IP has a four-byte address. And not only were the addresses even bigger than IPv6, but it had some magic properties that are so much better than IPv4 or IPv6.

This is sort of a little bit subtle, but I’ll see if I can explain it quickly. If everything were connected with IP routers, every link has to have a different set of addresses. You have to configure all the routers as to which addresses are on which ports. If you have a computer move from one point to another, it has to change its address. Now, one could design networks that didn’t care what address someone was at and you could change your address, but the rest of the network, and your connection, your conversation will break if you change your address. People would like to be able to behave like a data center that has a flat address space, meaning you can move virtual machines around and stuff; it doesn’t change their Layer 3 address when you do that. That’s why people are still using Ethernet. Because IP requires that if you hook the whole data center together with IP, then when you move a machine around you have to change your address. But with the Ethernet it allows you to keep your Layer 3 address, because IP thinks that the whole data center is a single length.

Now, going back to a competitor of IP, it was called CLNP, the Connectionless Network Protocol. That one had a 20-byte address where the top 14 bytes was a prefix that everybody in a large cloud shared. So, you can have everybody in the data center using the same 14-byte prefix and you can move around within the data center and keep your Layer 3 address. And this was much better than Spanning Tree. It was a real, honest-to-goodness Layer 3 protocol. If the world had gone to the CLNP instead of IP when they had a big fight in ’92, then we wouldn’t have needed IPv6, we would have had an internet working with much bigger addresses. But it was only the rivalry between standards bodies and “not invented here” and stuff like that that caused them to reject in 1992 the notion of replacing IPv4 with this other thing.

X: That’s a good analogy to some current debates over whether there might be different ways to conceive the way the internet works, like content-centric networking.

RP: Information-centric networking? I think that’s total garbage, honestly.

X: I’d love to hear why. But the real point of my question was, if there were an idea that promised, for example, that the data you need will always be closer to you in the network—if there were an imaginative leap in the way the network is organized—would we even be able to adopt it? Or, is there so much inertia and so many established institutions running the internet—IETF, IEEE, ICANN, all of these acronyms—that we would have a really hard time implementing it now, even if it was a better idea?

RP: If there were something that were way better, then perhaps. But this information-centric networking does not offer anything. It’s actually significantly worse than anything you could do today. One of the things they touted is that you can move data around. Well, you can do that today. There are web proxies that cache the data. All the things they say you can do, you can actually do but even better and more efficiently today, without having to do internet search assuming that there is kind of a universal namespace. That stuff is just so unworkable.

Every once in a while, the funding agencies, either NSF or DARPA, thinks that something is cool and then they throw a bunch of money at it and then a bunch of researchers write papers about it. And because if they want funding they have to get it from that pool.

At any rate, I really could explain the way information-centric networking is not a promising approach. One of the things they say, which makes me mad as a security person, is that before they invented this stuff, in order to trust the data you had to trust whom you got it from. But they have this concept that you can actually sign the data so you can receive it from any place you want. Well, that’s Crypto 101. You can have digitally signed stuff. You can move it around. And it has nothing to do with information-centric networking.

Let’s look at BitTorrent, which is an incredibly cool thing. You want to receive data and there is some sort of server that keeps track of where all the data is. And it lets you know who to ask for the data, and even more cleverly you can simultaneously get the data from multiple places. You can ask for ranges of the data. You can say you want Alice to send you this part, and Bob to send you that part.

X: Would it be a fair summary to say the internet’s infrastructure is actually remarkably robust and flexible? And that almost anything that we can think of doing, we can already do with it, and it doesn’t need fundamental renovation?

RP: No, it does need fundamental renovation, but at a much higher layer than looking at the protocols.

I’m actually reasonably sophisticated about security and networking and stuff, and I was tricked into giving my credit card to a criminal because I was searching for how to renew my driver’s license. I was in a hurry, I was tired, and I typed into Google, “Renew Washington state driver’s license,” which I knew you can do online. I clicked on the top result, which is always the right one. And it was a very well-organized website. The URL looked perfectly reasonable. It was something like washington.licensing.org. And I clicked on “Renew license” and I put in my address, my name, my credit card number. And then afterwards it said, “Here’s a bunch of offers you are qualified for.” Which made me realize, “Wait a minute, the real thing wouldn’t have done that.”

And I looked more carefully, and indeed the site only claimed that it would give me information about how to get a license, not that it would actually give me a license. It didn’t even tell me how much it was going to charge me for not giving me a license. So, I called my bank, and they said that there was a pending charge of $3.99. That’s not so bad. A couple of days later, the fraud department called me, they said it had charged $3.99 the first day, $9.99 the second day, $19.99 the third day. The fraud department said, “Which of these are fraudulent charges?” And I gave them the story. They denied all of those charges and changed my credit card number.

That’s fine. But the thing is, people don’t search for things based on URLs. They search based on Google names. And yes, if I had looked at it carefully, it said “Ad,” because these bad guys get to be first in the search order because they pay Google. But even if there wasn’t a way to pay Google, they would know the algorithm that Google had and create a bunch of pages to cite their pages, and they could wind up being first in the order. So, how are people supposed to cope?

One thing that I really think all engineers should be forced to repeat every day is, “Don’t blame the user.” It’s not the user’s fault. So, how can you make that stuff more secure? How can you stop people from getting 300 emails every day? How can you get them to stop getting frantic-looking emails from what looks like their bank, saying you need to log in and click on this link? Because the real bank also sends you links. It’s not like you type in the URL every time you want to talk to the bank.

There’s that whole issue that suddenly everything is on the internet, and everything seems to have flaws. This higher-layer stuff, plus the fake news stuff, is absolutely terrifying. The internet is great because everyone becomes a journalist. News can happen when there isn’t a Channel 4 News crew on site, but there’s somebody with a cell camera to record the event. And that’s great. But you can also create a false video that, forensically, we don’t have the science to know that it’s false. Or you could just create a print article saying this happened, make up names and all that, and it spreads so virally on the internet. That’s terrifying.

X: You just mentioned a whole array of flaws that have cropped up. And a lot of them are the result of deliberate human mischief, and some of them are the result of bad design. As an engineer, can you imagine solutions for some of these things? Is there a layer of the network at which we could make some tweaks to prevent some of these problems? Like the fact that Google has become a default directory of the entire internet, even though it’s liable to being gamed by people with an advertising budget. Can you imagine network-level solutions to that kind of thing?

RP: Well, there are things like Snopes.com. I trust them. I can look things up and find out if they’re true or not. I have no idea how Snopes manages to scale well enough to keep on top of most of these hoaxes. But the thing is that, although I trust Snopes, the people who have an arsenal of guns and want to believe all this bad stuff, they’re not going to trust Snopes. If they get some sort of viral information that “All them green people are dangerous, and we should go out and kill them all,” or whatever group they are being taught to hate that week, they’re going to believe that. I’m not sure if there is a way. Back in the old days, the only way you can get your news was from three major networks and a few newspapers that just couldn’t be absolutely absurdly libelous and false. You’d also be exposed to other ideas. But these days you can tune in on just what you want.

On YouTube, the machine learning algorithm tries to keep you engaged as long as possible. It makes you more and more extreme. If you want to look at erotic images of fairly young models, like 20, it will keep showing you younger and younger ones, down to 5- and 6-year-olds. Likewise, if you are into religious extremism at all, it will keep showing you more and more extreme material until you wind up joining ISIS or something. The internet with the machine learning stuff that radicalizes you more and more and sort of tunes in with tunnel vision on what it thinks you want—that’s another area that’s kind of terrifying.

X: In that case, you could easily just say you’re going to turn off the recommendation engine for videos with children in them. There are people calling for that exact change at YouTube. But that’s a policy solution.

RP: And policy things are dangerous. Suppose whoever is in power decides that getting information about where to get an abortion or birth control is stuff that they don’t want to see promulgated?

X: Good point. There’s this founding philosophy on the internet that more information is better, and we can trust people to regulate how they use it, and that censorship is almost always bad.

RP: Yes. But when you publish how to make a bomb, or how to make a poison that you can drop into the water supply and poison an entire city, is it censorship to say you shouldn’t do that?

X: That’s a free speech question analogous to whether you should be allowed to shout “Fire!” in a crowded theater. The answer to that one is a clear “no.” There are always gray zones for the courts to decide. But the thing about the internet is that all these gray zones are popping up everywhere, and too fast for the courts to decide. So, citizens and consumers and programmers too have to get involved in these discussions.

RP: The good side of the internet is you can have a successful business without a store, and you can reach a global audience. And if you want to buy an obscure product you don’t have to travel 400 miles to find a store that carries it. All of these things are fantastic. But there’s also the downside that we didn’t see, which is that everybody is a journalist and you can’t tell who it is that’s doing things. We have all of this magic cryptography where you can sign things, but you can create as many false identities as you want. Voting doesn’t count when you don’t really know who people are because you can create a million false identities and have them all vote.

I mean the downsides right now—I mean, you caught me on a bad day when I’m sort of thinking, well, maybe we should just have an asteroid hit the Earth. This is never going to lead any place good.

X: Do you have good days?

RP: Probably, when I’m not thinking about this stuff. But yeah, there are all sorts of really difficult problems to solve that may or may not be solvable. I don’t have easy answers. How do you tell what is truth anymore? That’s very difficult. How do you get people to not be so hate-driven? It’s really easy to hate blue people if you’ve never met one. But if you have one living next door, you start realizing they are normal people. But if you only hear about blue people from highly radicalized stuff on the internet, and you only tune into things like that, you don’t actually interact with very many people. That, again, is sort of very discouraging and scary.

X: If you were handed the scales of justice and you were asked to say whether, on balance, the internet has been worth all the trouble—are we better off for having the internet or not—what would you say? And do you think we’re going to get better at this stuff over time? Fifty years from now, will we have solved some of these problems?

RP: Two years ago, I would have said absolutely, the internet is really fantastic. It’s made everybody able to have access to high quality college courses and be able to easily communicate with all of your friends and family. That’s really great. It’s just recently it’s gotten scary, and it looks like it might get worse and worse. But I think something like the internet was inevitable. And now society can’t survive without it. Like buying an airplane ticket—unless you interact online it’s very difficult to get anything done.

X: I talked to Bob Metcalfe about these same questions. He’s an inveterate, almost genetic optimist. And he acknowledges the same problems we’ve been talking about, and his theory about why they have cropped up is that we wound up with more connectivity than we ever expected to have, much faster, much sooner than we ever expected to have it. And that we as a species haven’t figured out how to really make use of that level of connectivity. But we will figure it out. Does that strike you as a reasonable point of view?

RP: It’s hard to see the future. But as far as I can see, the polarization of society is getting worse and worse. And having bad actors purposely try to foment hatred. I don’t really see how it’s going to get better. I really am quite pessimistic right now.

X: I am too, sometimes, but part of my job as a technology journalist is to help people understand the high-tech world around them. And I feel like I’m falling down on the job if I leave them feeling more pessimistic. I want to try and give people ways to think and things to do so that they can feel like they’re helping to make the world better. I bet you have all sorts of opportunities to talk with young people about whether they should go into engineering and whether they should become coders?

RP: Absolutely, they should. There’s no question about that. There are all of these things, like blockchain, where people say, “Oh, blockchain will solve that,” and that’s total nonsense. And information-centric networking has nothing to add. But to young people I would say, “All of the problems are challenges.” When I was young, I kept being real nervous that, “Oh no, everything will have been solved by the time I’m grown up and able to actually do anything.” But it’s great that there are still interesting problems to solve. Maybe there’ll be some incredibly imaginative ways of forcing people to see different viewpoints. I don’t have the solutions, but what I would tell young people is, this gives you opportunities for things to think about.

X: So, you’re a hopeful pessimist.

RP: Maybe. Or I pretend to be when talking to young people. Rather than, “We’ve totally screwed up the world, between global warming and pollution and hatred. It’s not going to be worth living here in 20 years. Good luck.” I wouldn’t say that.