O'Reilly Media Asks: Is It Time To Build A New Internet?

An anonymous reader shares an article from O'Reilly Media's VP of content strategy: It's high time to build the internet that we wanted all along: a network designed to respect privacy, a network designed to be secure, and a network designed to impose reasonable controls on behavior. And a network with few barriers to entry -- in particular, the certainty of ISP extortion as new services pay to get into the "fast lane." Is it time to start over from scratch, with new protocols that were designed with security, privacy, and maybe even accountability in mind? Is it time to pull the plug on the abusive old internet, with its entrenched monopolistic carriers, its pervasive advertising, and its spam? Could we start over again?

That would be painful, but not impossible... In his deliciously weird novel Someone Comes To Town, Someone Leaves Town, Cory Doctorow writes about an alternative network built from open WiFi access points. It sounds similar to Google's Project Fi, but built and maintained by a hacker underground. Could Doctorow's vision be our future backboneless backbone? A network of completely distributed municipal networks, with long haul segments over some public network, but with low-level protocols designed for security? We'd have to invent some new technology to build that new network, but that's already started.
The article cites the increasing popularity of peer-to-peer functionality everywhere from Bitcoin and Blockchain to the Beaker browser, the Federated Wiki, and even proposals for new file-sharing protocols like IPFS and Upspin. "Can we build a network that can't be monopolized by monopolists? Yes, we can..."

"It's time to build the network we want, and not just curse the network we have."

With..,

With blackjack and hookers!

Re:With..,

[freeze128]

...and IPV6!

Confusing wording/philosophy?

"a network designed to respect privacy, a network designed to be secure, and a network designed to impose reasonable controls on behavior."

Privacy, secure and... "controls on behavior"?

"designed with security, privacy, and maybe even accountability in mind?"

Again, it speaks of security, privacy and... accountability?

I'm not arguing against this as I don't understand what is meant. I simply want to understand how privacy can work together with that last thing they keep bringing up.

Re:Confusing wording/philosophy?

[hord]

Privacy doesn't mean anonymity. With encrypted protocols it's possible to share pieces of data or perform collective actions without revealing personal information. There is still a worry of data accumulation (logging) but ideally you can identify bad actors and remove them from the system with minimal damage rather than the wild west of identity we have today.

Re: Confusing wording/philosophy?

Can't speak for that guy but here is one example - let's say we want to build in defense against DDoS. It seems possible to have some network rules about respecting the destination and refusing to forward packets along a route where the destination has replied saying "stop sending me packets so fast" , the routers in between don't need to know anyone's identity in order to slow down that stream, and if everyone did this then eventually attacker can only get packets across one hop from each zombie , stopping the DDOS without breaching privacy.

Yes, service to that destination will be degraded for real folks who own the zombie machined , but that's either irrelevant (they're not accessing that site anyway) or even good (they can be notified they were asked to slow down, and coupled with fact they didnt try to access it should tip them to fact they are owned and maybe they can recover their PC).

Re: Confusing wording/philosophy?

It's not all or nothing.

I have a family , I have friends, I have coworkers... If I can speak to them privately it means nobody knows what we are saying. It doesn't ALWAYS mean that nobody even knows we are talking. It's like taking someone to the side at a party - everyone can see you talking but doesn't know what you are saying. That's a limited form of privacy and it is adequate for many personal communications.

The absolute privacy you're talking about is either anonymity (someone can see you talking but doesn't know who you are) or secrecy (nobody even knows you are communicating).

That last one is what worries the NSA because it's what enemies of the state need.

Everyone else , including paranoid business folks workong on confidential projects , usually is fine with regular privacy or anonymity. Maybe some aren't but the point is that there ARE shades of this that are acceptable to many without saying it's ok for state to spy on everyone.

Re:Confusing wording/philosophy?

[skids]

Make your own wires and leave all the spies and rent seekers and thought police behind.

...and when you try to control the flood of criminal sploit traffic making those wires useless, you become the spy. ...and when you cannot afford to keep that wire working, you become the rent seeker. ...and when you decide you don't want your pipe used for something you find morally unconscionable, you become the thought police.

All I can say is, if the idea of a "new Internet" gets tried yet fucking again, there are plenty of technologies already available to implement it. Some of them are really well designed. Ignore them, because whoever implements it will select the worst of the bunch and/or roll their own amateur crap.

Reasonable to whom?

[BitterOak]

and a network designed to impose reasonable controls on behavior.

Who gets to decide what controls are "reasonable"? What kind of "behavior" is to be controlled, and how?

Re:Reasonable to whom?

Basically IPV6 and end to end encryption. Sorry ISPs you do not get a say anymore.

Needs more than just that.

A new internet needs to be decentralized and anonymous to the point that nobody except participants can tell who had a conversation with whom. If the government decides A is bad and they know you talked to A or did a DNS lookup for A's website, then it doesn't matter if the channel was encrypted - they can beat whatever info they want out of you.

At the same time, a new internet needs to be able to absolutely prove (if and only if you want) that you are you and whoever you are talking to is who they say they are.

Maybe there are protocols out there right now that can do these things without too much hassle?

Re:Reasonable to whom?

[martinX]

That's not shitty Orwellian wording. It is not some semantic mistake. It says exactly what they mean it to say, and the implications are as bad as it sounds.

Imagine, for a moment, the results of China having a say on "a network designed to impose reasonable controls on behavior". China has about a fifth of the world's population. Why shouldn't they get a proportionally large say?

It's definately time

[Maxo-Texas]

The current internet has almost become worthless.

Festering with ads and malware.

Tracking everything you search for and selling that data to the highest bidder.

Unfortunately a little naive

Building new infrastructure doesn't fix the trolling/abuse issues: those are governance and I'm not sure how you fix that kind of issue without adding MORE oversight instead of reducing it as the article suggests.

The other issue is that infrastructure costs big bucks.
- Think interstate haulage, inter-country haulage.
- Wifi uses shared spectrum and just won't scale to the size we need for the most common applications these days. You see this in local free nets now & even in over-subscribed public networks.
- Additionally security requires additional bandwidth and compute. The compute is inexpensive these days, but the article is suggesting lower bandwidth infrastructure: there's going to be a collision of requirements.

The last line of the article shows the depth of ignorance: 56K modems require serious telco infrastructure to terminate the calls: a 56K modem essentially can't be used by hackers unless they terminate to a telco. the best non-telco analogue speed you can expect is 33K.

Re:Sure we can, but will it be different?

[rmdingler]

Every swinging internet user has a vote on how things work. How you browse the internet, which sites attract the volume of your time, where you shop... you're either the customer or the product, so depending on how you vote with your time & wallet, some of this shit is your fault.

Don't like Facebook or twitter? Me neither, but the voters have spoken and we're in the minority.

DECnet should be considered

[Tjp($)pjT]

DECnet lost out to IP. It should be reconsidered. The network was fairly easily expanded indefinitely where addresses were only bounded by specific specs for the implementation phases. The routing as to first of 1024 addresses where the next 1024 addresses under one of the first 1024, etc. Each node learned some basic weights to give its interfaces based on dynamic results of traffic passing. Could be improved over the last Phase V DECnet spec, based on modern knowledge. The architecture was not limited to address space. Any node could have 1024 sub-nodes to extend it. So no dynamic IP allocation issues. Then redo all the protocols used considering modern processors are very very fast and that human readable traffic is not required. So encrypt everything with very strong encryption. Make everything traceable to its source. If you have the keys. Lots of ways to revamp the Internet with an eye to the future. And instead of tunneling DECnet under IP, have an IP tunnel under DECnet. Or UNnet if you want to be politically correct. Done correctly I can have worldwide satellite offices and netboot a machine in Sweden from a server in Switzerland and do it in a secure encrypted manner. Can't spoof email if it is always signed and can be verified ... Can't spoof domain resolution if everything is verified and secure. Redoing the Internet? Make it secure from the start.

First World Problems

[Kohath]

I have instant access to the world's people and knowledge. But there are ads and Netflix might have to write a check to Comcast (or something equally dire).

So yeah, let's scrap it in favor of a bunch of stuff that's barely more than an idea.

You can't have privacy & accountability

[rsilvergun]

the two are fundamentally incompatible. Privacy only matters when powerful organizations (basically government & mega corps) are abusing it. Accountability requires consequences that are enforced. Meaning no anonymity since if you're anonymous punishment can't be enforced.

Sorry O'Reilly, but there are no simple answers to the complex problems caused by global telecom network open to all commers. It's either going to be a hodge podge of solutions tailored to solve specific problems, a broken chaotic mess or locked down by the ruling class. I'm for the first option.

Re:You can't have privacy & accountability

[guruevi]

You don't have to "know" everything about a person in order to make them accountable, especially not on the Internet, it's how Bitcoin works.

There is also no need to punish anyone for what they do on the Internet, anything "bad" that can be done on the Internet is easily resolved by some form of censorship whether it's firewalling, blocking or removing the content.

The main reason why this idea won't float is because the Internet or it's protocols inherently aren't broken. Sure there is a lot of old cruft in eg. TCP/IP or FTP but modern implementations scale very well and can be done securely.

The main "problem" with the Internet sits not between Layer 1 and Layer 5, it sits with Layer 6 and 7, and most of the trouble there is owned by Microsoft and to a lesser extent Google & co (ad companies) and a bunch of shovelware (both in hardware and software) vendors. Moving to another network of any kind will not resolve it since anyone will be able to couple the two networks and it still doesn't resolve the layers causing trouble.

It's called IPv6

[WaffleMonster]

The Internet is almost perfect. Restoring the Internet to a network of PEERS would make it perfect. Currently most credible path forward is continued deployment of IPv6.

Remainder of authors concerns can be fully addressed by a robust implementation of RFC3514.

This isn't about a physical network

[MobyDisk]

Half of the trouble we face today with the internet doesn't require a new *physical* network. We need instead to prefer standard protocols, and stop centralizing information with big companies. That means run your email address from your own domain instead of using gmail for everything. Don't use Facebook to login to everything. Share pictures with friends over email. Put your public thoughts on your own blog instead of tweeting them. If people are interested in following you, they will use your RSS or Atom feed.

Everything these big companies are doing to mine your data and overwhelm you with useless information are inferior (but more convenient!) replacements for the standard decentralized protocols we already had.

Unfortunately, having a few monopolies control the wires is the cheapest most efficient way to build a network. Mesh networks are just not enough to span planet earth. We are only going to address the neutrality issue with appropriate regulation. As-is, the regulation stifles competition rather than promoting it.