|
Thursday, December 01, 2005 The Internet Is BrokenThe Net's basic flaws cost firms billions, impede innovation, and threaten national security. It's time for a clean-slate approach, says MIT's David D. Clark. By David Talbot
This article -- the cover story in Technology Review's December 2005/January 2006 print issue -- has been divided into three parts for presentation online. This is part 1; part 2 will appear on Tuesday, December 20, and part 3 on Wednesday, December 21. In his office within the gleaming-stainless-steel and orange-brick jumble of MIT's Stata Center, Internet elder statesman and onetime chief protocol architect David D. Clark prints out an old PowerPoint talk. Dated July 1992, it ranges over technical issues like domain naming and scalability. But in one slide, Clark points to the Internet's dark side: its lack of built-in security. In others, he observes that sometimes the worst disasters are caused not by sudden events but by slow, incremental processes -- and that humans are good at ignoring problems. "Things get worse slowly. People adjust," Clark noted in his presentation. "The problem is assigning the correct degree of fear to distant elephants." [Click here to view graphic representations of David D. Clark's four goals for a new Internet architecture.] Today, Clark believes the elephants are upon us. Yes, the Internet has wrought wonders: e-commerce has flourished, and e-mail has become a ubiquitous means of communication. Almost one billion people now use the Internet, and critical industries like banking increasingly rely on it. At the same time, the Internet's shortcomings have resulted in plunging security and a decreased ability to accommodate new technologies. "We are at an inflection point, a revolution point," Clark now argues. And he delivers a strikingly pessimistic assessment of where the Internet will end up without dramatic intervention. "We might just be at the point where the utility of the Internet stalls -- and perhaps turns downward." Indeed, for the average user, the Internet these days all too often resembles New York's Times Square in the 1980s. It was exciting and vibrant, but you made sure to keep your head down, lest you be offered drugs, robbed, or harangued by the insane. Times Square has been cleaned up, but the Internet keeps getting worse, both at the user's level, and -- in the view of Clark and others -- deep within its architecture. Over the years, as Internet applications proliferated -- wireless devices, peer-to-peer file-sharing, telephony -- companies and network engineers came up with ingenious and expedient patches, plugs, and workarounds. The result is that the originally simple communications technology has become a complex and convoluted affair. For all of the Internet's wonders, it is also difficult to manage and more fragile with each passing day. That's why Clark argues that it's time to rethink the Internet's basic architecture, to potentially start over with a fresh design -- and equally important, with a plausible strategy for proving the design's viability, so that it stands a chance of implementation. "It's not as if there is some killer technology at the protocol or network level that we somehow failed to include," says Clark. "We need to take all the technologies we already know and fit them together so that we get a different overall system. This is not about building a technology innovation that changes the world but about architecture -- pulling the pieces together in a different way to achieve high-level objectives." Just such an approach is now gaining momentum, spurred on by the National Science Foundation. NSF managers are working to forge a five-to-seven-year plan estimated to cost $200 million to $300 million in research funding to develop clean-slate architectures that provide security, accommodate new technologies, and are easier to manage. They also hope to develop an infrastructure that can be used to prove that the new system is really better than the current one. "If we succeed in what we are trying to do, this is bigger than anything we, as a research community, have done in computer science so far," says Guru Parulkar, an NSF program manager involved with the effort. "In terms of its mission and vision, it is a very big deal. But now we are just at the beginning. It has the potential to change the game. It could take it to the next level in realizing what the Internet could be that has not been possible because of the challenges and problems." |
Share »
Digg this
Add to del.icio.us
Add to Reddit
Add to Facebook
Slashdot It!
Stumble It!
Add to Newsvine
Add to Connotea
Add to CiteUlike
Add to Furl
Googlize this
Add to Rojo
Add to MyWeb
Favorite
Print
E-mail
Defending Laptops from Zombie Attacks
03/21/2008
Comments
Guest (Eileen McCluskey) on 12/19/2005 at 10:09 AM
1
Guest (artMonster) on 12/19/2005 at 11:43 AM
1
Guest (Bellinghamster) on 12/19/2005 at 4:52 PM
1
Guest (Matej) on 12/19/2005 at 9:11 PM
1
when this article was mentioned on "The World" (WGBH) they mentioned that NSF is planning to release $300M for "development of new protocols which would make Internet safe" (and another $300M later for implementation). Why in the world we need another protocols when we are not using the current ones? My Linux here has support for IPv6, S/MIME, etc. etc. but no-one in the world uses them, because the problem with unsafe Internet is not in the technology, but in the organization and social problems (like how to make everybody identifiable over Internet, when US public doesnt want to be identified in the first place)?
Matej
Guest (Mike) on 12/20/2005 at 1:30 AM
1
If they want to spend $200M, send it my way and Ill demonstrate a cool solution to make it easier to deploy new web-based services, to any device, saving major corporations Billions in the process. Cheers!
Guest (Owen N. Martinez) on 12/20/2005 at 5:47 AM
1
Guest (Rider) on 01/11/2006 at 12:00 AM
1
Guest (Si) on 12/20/2005 at 4:31 AM
1
Guest (Fergus Doyle) on 12/20/2005 at 5:39 AM
1
Guest (E Feustel) on 12/20/2005 at 6:30 AM
1
Guest (mrxsmb) on 12/28/2005 at 4:30 AM
1
The issues highlighted with MS [the debilitating Operating System, not the debilitating Physical Affliction] and its usability over functionality approach are all valid, but other OSs and applications have their own issues.
Of course business could actually pony up the money to build their own networks and not use the internet, but then how would that save them money? I believe some already do, as do Governments and sensibly so.
One bank in Australia has actually got with the program and realised they should issue their on-line banking customers with a swipe and pin security system the same as on an ATM, at each and every house. How much of the "problems" discussed would be solved by this simple change in attitude?
Guest (coet) on 02/04/2006 at 12:00 AM
1
Guest (George) on 05/05/2006 at 12:00 AM
1
I would say the question behind the security issue is what is required in terms of software and what is required in terms of network protocols to really achieve security.
Guest (CEC) on 01/07/2006 at 10:43 AM
1
The only thing to be gained by making the infrastructure more complex is a slower internet and more vulnerabilities in routers and other infrastructure devices.
The end point should be designed for the level of security it requires. I have no problem with network prevention of obvious malicious traffic (ie. worms), but I dont want the government owning this surveillance. I certainly dont want the internet to change only for the benefit of commercial interests and governments wishing to stamp out political dissent - that is belittling to the purpose of the internet.
Guest (liufly) on 04/22/2006 at 12:00 AM
1
Guest (p) on 12/20/2005 at 8:31 AM
1
I admit largeer TCP ISNs would be good, and SMTP should have a way to reject mail per-user after the mail server has read all of it.
Apart from that what you need is security in execution environmensts (where some of those EEs are OSs and some are browsers etc.).
This is one of several similar approaches - its no longer adequate to let a program do anything it chooses. The programs cant be rusted while handling suspect data. This is a different threat model from most computer security work historically.
http://www.google.co.uk/url?sa=U&start=5&q=http://www.cs.columbia.edu/~smb/papers/subos.pdf&e=42
Extensions to existing OS s/w are effective at providing this kind of security.
http://whitepapers.zdnet.co.uk/0,39025945,60150583p-39000584q,00.htm
Guest (Dr Hacker) on 12/20/2005 at 10:35 AM
1
Guest (Sundararajan Srinivasan) on 12/28/2005 at 5:47 AM
1
Internet and all the related protocols could have been designed more secure. But it would not have got the same popularity, as it is now. That is why, we are now paying security experts to build layers of security.
Guest (rmarino) on 12/30/2005 at 9:53 PM
1
Guest (The P-man) on 01/08/2006 at 8:36 PM
1
Guest (sorpigal) on 03/09/2006 at 12:00 AM
1
IM2k uses a 'pull' method of distribution which is inherently more reliable and safer. Go read up on it and make the switch.
Guest (Nart) on 01/11/2006 at 12:00 AM
1
Guest (J Tyrrell) on 02/13/2006 at 12:00 AM
1
Guest (webfrog) on 01/11/2006 at 12:00 AM
1
It was never built with security in mind because it was initally a private network between a select set of sites. It was designed to facilitate the easy movement of information between dis-similar systems, oh and by the way the government was already involved in the initial version which later expanded into the internet. It was called ARPANET and was devised by the U.S. DOD in the 60's
Guest (David Schurman in Berlin) on 01/13/2006 at 12:00 AM
1
And the arrogance that "perhaps some other labs than in US might take part"... WAKE UP... you don't grasp the damage done to the US reputation by GWB and Co.
Guest (Rahul) on 01/15/2006 at 12:00 AM
1
The article comes none too soon.
However, what about the users who cannot get off it? Suffer till help is on the way? What is the estimated damage?
Guest (Laszlo) on 01/20/2006 at 12:00 AM
1
Guest (Schmick) on 02/09/2006 at 12:00 AM
1
Guest (Abraham Y. Chen) on 02/26/2006 at 12:00 AM
1
Whtat goes into one side (Edge) comes out on the other side (Edge), no more, no less & no distortion, except perhaps some time delays due to natural physics.
Expecting Internet to take care of the security issues induced by poor caliber of late computer Operating Systems is going the wrong way from this basic rule.
A recent IETF (Internet Engineering Task Force) proposed activity, PWE3 (Pseudo Wire Emulation Edge to Edge) based on TDMoIP (Time Division Multiplex over IP) technology might be a good sanity check point.