O'Reilly Media Asks: Is It Time To Build A New Internet?

An anonymous reader shares an article from O'Reilly Media's VP of content strategy: It's high time to build the internet that we wanted all along: a network designed to respect privacy, a network designed to be secure, and a network designed to impose reasonable controls on behavior. And a network with few barriers to entry -- in particular, the certainty of ISP extortion as new services pay to get into the "fast lane." Is it time to start over from scratch, with new protocols that were designed with security, privacy, and maybe even accountability in mind? Is it time to pull the plug on the abusive old internet, with its entrenched monopolistic carriers, its pervasive advertising, and its spam? Could we start over again?

That would be painful, but not impossible... In his deliciously weird novel Someone Comes To Town, Someone Leaves Town, Cory Doctorow writes about an alternative network built from open WiFi access points. It sounds similar to Google's Project Fi, but built and maintained by a hacker underground. Could Doctorow's vision be our future backboneless backbone? A network of completely distributed municipal networks, with long haul segments over some public network, but with low-level protocols designed for security? We'd have to invent some new technology to build that new network, but that's already started.
The article cites the increasing popularity of peer-to-peer functionality everywhere from Bitcoin and Blockchain to the Beaker browser, the Federated Wiki, and even proposals for new file-sharing protocols like IPFS and Upspin. "Can we build a network that can't be monopolized by monopolists? Yes, we can..."

"It's time to build the network we want, and not just curse the network we have."

Re:It's definately time

Because as we all know a new internet will have none of those things. You're a fucking stupid dumbass moron.

Re:Confusing wording/philosophy?

[hord]

Privacy doesn't mean anonymity. With encrypted protocols it's possible to share pieces of data or perform collective actions without revealing personal information. There is still a worry of data accumulation (logging) but ideally you can identify bad actors and remove them from the system with minimal damage rather than the wild west of identity we have today.

Re: Confusing wording/philosophy?

Can't speak for that guy but here is one example - let's say we want to build in defense against DDoS. It seems possible to have some network rules about respecting the destination and refusing to forward packets along a route where the destination has replied saying "stop sending me packets so fast" , the routers in between don't need to know anyone's identity in order to slow down that stream, and if everyone did this then eventually attacker can only get packets across one hop from each zombie , stopping the DDOS without breaching privacy.

Yes, service to that destination will be degraded for real folks who own the zombie machined , but that's either irrelevant (they're not accessing that site anyway) or even good (they can be notified they were asked to slow down, and coupled with fact they didnt try to access it should tip them to fact they are owned and maybe they can recover their PC).

Re:Sure we can, but will it be different?

[rmdingler]

Every swinging internet user has a vote on how things work. How you browse the internet, which sites attract the volume of your time, where you shop... you're either the customer or the product, so depending on how you vote with your time & wallet, some of this shit is your fault.

Don't like Facebook or twitter? Me neither, but the voters have spoken and we're in the minority.

DECnet should be considered

[Tjp($)pjT]

DECnet lost out to IP. It should be reconsidered. The network was fairly easily expanded indefinitely where addresses were only bounded by specific specs for the implementation phases. The routing as to first of 1024 addresses where the next 1024 addresses under one of the first 1024, etc. Each node learned some basic weights to give its interfaces based on dynamic results of traffic passing. Could be improved over the last Phase V DECnet spec, based on modern knowledge. The architecture was not limited to address space. Any node could have 1024 sub-nodes to extend it. So no dynamic IP allocation issues. Then redo all the protocols used considering modern processors are very very fast and that human readable traffic is not required. So encrypt everything with very strong encryption. Make everything traceable to its source. If you have the keys. Lots of ways to revamp the Internet with an eye to the future. And instead of tunneling DECnet under IP, have an IP tunnel under DECnet. Or UNnet if you want to be politically correct. Done correctly I can have worldwide satellite offices and netboot a machine in Sweden from a server in Switzerland and do it in a secure encrypted manner. Can't spoof email if it is always signed and can be verified ... Can't spoof domain resolution if everything is verified and secure. Redoing the Internet? Make it secure from the start.

Re:Reasonable to whom?

You cannot have both privacy and accountability.

Also, you cannot have the provision of a valuable service without monopolization.

This should be obvious, at least to adults.

Re:Reasonable to whom?

Basically IPV6 and end to end encryption. Sorry ISPs you do not get a say anymore.

Needs more than just that.

A new internet needs to be decentralized and anonymous to the point that nobody except participants can tell who had a conversation with whom. If the government decides A is bad and they know you talked to A or did a DNS lookup for A's website, then it doesn't matter if the channel was encrypted - they can beat whatever info they want out of you.

At the same time, a new internet needs to be able to absolutely prove (if and only if you want) that you are you and whoever you are talking to is who they say they are.

Maybe there are protocols out there right now that can do these things without too much hassle?

You can bet ...

[Billly+Gates]

... that if we do the MPAA, telecoms, ISPs, and media companies will be sending out their lobbyists to make sure they own 100% of before the bill is even finished. Also the NSA and CIA will want backdoors and own all the private keys.

Russia and China will make their own internet where they will be owned by their own special dirty interest groups and government agency.

Yeah great job. As crappy as what we have now at least DNS with ICAAN and much of what we have is somewhat decentralized even if the it reaks of American rule for many international readers.

The problem is not evil ISPs. It is EVIL LOBBYING by ALL governments and special interests that is the root of the problem. The USA is a bad 1st world country where it's citizens vote on evolution, abortition, in over representated districts in rural areas to help Republican votes count more and feels giving money == free speech. Go try that with a judge folks and say your honor here is free speech and hand him $100 and see how long you get before being thrown in prison!

Yet when a company does it it is their GOD GIVEN right.

Still compared to Russia, China, and India the US is still a God send but even the EU is a little dirty.

Re: Confusing wording/philosophy?

It's not all or nothing.

I have a family , I have friends, I have coworkers... If I can speak to them privately it means nobody knows what we are saying. It doesn't ALWAYS mean that nobody even knows we are talking. It's like taking someone to the side at a party - everyone can see you talking but doesn't know what you are saying. That's a limited form of privacy and it is adequate for many personal communications.

The absolute privacy you're talking about is either anonymity (someone can see you talking but doesn't know who you are) or secrecy (nobody even knows you are communicating).

That last one is what worries the NSA because it's what enemies of the state need.

Everyone else , including paranoid business folks workong on confidential projects , usually is fine with regular privacy or anonymity. Maybe some aren't but the point is that there ARE shades of this that are acceptable to many without saying it's ok for state to spy on everyone.

Re:You can't have privacy & accountability

[guruevi]

You don't have to "know" everything about a person in order to make them accountable, especially not on the Internet, it's how Bitcoin works.

There is also no need to punish anyone for what they do on the Internet, anything "bad" that can be done on the Internet is easily resolved by some form of censorship whether it's firewalling, blocking or removing the content.

The main reason why this idea won't float is because the Internet or it's protocols inherently aren't broken. Sure there is a lot of old cruft in eg. TCP/IP or FTP but modern implementations scale very well and can be done securely.

The main "problem" with the Internet sits not between Layer 1 and Layer 5, it sits with Layer 6 and 7, and most of the trouble there is owned by Microsoft and to a lesser extent Google & co (ad companies) and a bunch of shovelware (both in hardware and software) vendors. Moving to another network of any kind will not resolve it since anyone will be able to couple the two networks and it still doesn't resolve the layers causing trouble.

Re: Confusing wording/philosophy?

[skids]

Meant to add before my itchy submit finger, some of those do require a sender identity. If you have a DoS stream incoming that is not DDoS, (or a DDoS using your network as a reflector), you need to have an identifiable source to tell the ISP to blackhole. Lacking this ability, anyone with a fatter pipe than yours can prevent other people on the network from reaching your service. This is one example where a network identity is required to maintain network sanity.

Your proposal to "stop forwarding along routes" from which a backpressure message has been received would either require backbone routers to be magically connection-aware without a source identity (ATM could do so, but IP core routers mostly are not up to this task, and ATM is AFAIK still well behind IP in scaling and not getting much investment), or some sort of mechanism by which routers closer to the victim stop blocking traffic sooner than ones closer to the attacker, which would require additional state, and would be pretty slow to converge and probably subject to relapses. Not impossible, but a whole lot of technical trouble just to forgo using a source address.

Re:Reasonable to whom?

[martinX]

That's not shitty Orwellian wording. It is not some semantic mistake. It says exactly what they mean it to say, and the implications are as bad as it sounds.

Imagine, for a moment, the results of China having a say on "a network designed to impose reasonable controls on behavior". China has about a fifth of the world's population. Why shouldn't they get a proportionally large say?

Re: Confusing wording/philosophy?

[hawkeyeMI]

Wireless is hard. I run a wireless ISP in a rural area. Every time I see these "independent mesh network" pipe dreams come up, all I can do is shake my head and laugh.
Good luck, it's not going to happen. A much more reasonable idea is to run an encrypted meta-network on top of the existing infrastructure. That's been tried too (freenet, Tor hidden services) and it's not easy but it's at least feasible.