* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download find_panel.Nick
Survey
Document related concepts
Asynchronous Transfer Mode wikipedia , lookup
Wireless security wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Computer security wikipedia , lookup
Net neutrality wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Computer network wikipedia , lookup
Airborne Networking wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Net neutrality law wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Network tap wikipedia , lookup
Distributed firewall wikipedia , lookup
Deep packet inspection wikipedia , lookup
Transcript
Malice is a Feature… Nicholas Weaver Malice is a Feature or The Inner-Tubes Are Sewer Pipes, and I Like It That Way Nicholas Weaver International Computer Science Institute Malice is A Feature Malice is a Feature… Malice is a testament to network flexibility The same properties which enable botnets and worms allows Skype, Bittorrent, and BOINC (Seti@home) Detecting global malicious activity can be decidedly dual-use: A system to detect copyright violations or bots in the network traffic would have capabilities which would make even the Stasi hesitant Why should the network have to fix the end host? All are end-host applications which can run over the network How is BOINC not a botnet, apart from intent? Locking down malicious activity may have significant collateral damage Nicholas Weaver The only exception is traffic DDoS, which is an attack on the network not the host As for porn, terrorist information sharing, political dissent Do we even want the network to handle theses security issues? 2 I Don’t Want “Security” to Create A “Phone Network” Internet Malice is a Feature… The Internet billing model: “All you can Eat” or “Bits is Bits” A billing model I cound probably live with: “Bits at a given QOS (pick your metric) are Bits at a given QOS” (Weak Network Neutrality) Some implications I don’t understand But too much network control will create a Phone Network Internet: “Bits are Priced on Intent” like cellphones are today Data: $20 for 5 GB 2000 Mb/$ Voice: $.04/min at 8 kbps 12 Mb/$ SMS: $.04 for 1 kB 0.2 Mb/$ Not only is SMS the most valuable traffic for the phone company, it also needs the least quality of service Creates huge incentives for ISPs to muck with traffic (This is why ISPs don’t want Network Neutrality) Nicholas Weaver IM over IP is a huge potential loss of revenue combared with SMS Skype and Vonage hurt your telecom business Why do you think the iPhone is so incredibly locked down? Many security features enable discriminatory treatment of traffic 3 And There is Too Much “Security” Already Available Malice is a Feature… The Great Firewall of China et al “The Net treats censorship as damage and routes around it.” (John Gilmore) has proven to be severely strained… ISPs are beginning to manipulate traffic Most major ISPs are also telecom & video providers: Why carry the bits of your cheaper competition? Bittorrent uploads? Verso: Eliminate Skype and P2P in your [carrier] network Time/Warner Cable: Not using standard ports is a violation of the AUP because it interferes with traffic shaping Small ISP: Inserting advertisements into all viewed web pages!? NebuAd/Fair Eagle: Profiling users and inserting adds on the wire! AT&T: We will enforce copyright violations in the network! Nicholas Weaver Yes, Virginia, your ISP/Backbone wants to perform deep packet manipulation As well as build some NSA server rooms… So how are the current security tools, in the hands of the ISPs, not already a threat to the open Internet of today? Would future security built into the fabric be any better? Why can’t we simply tolerate malice as a feature? 4 (Backup) What Little Security I actually want: Malice is a Feature… Authenticated and reliable naming and routing: Obvious. If I ask for foo.com, I need to get to foo.com Lightweight authenticated pushback: Traffic DDoS is a Network problem: pushback doesn’t solve this, but it puts an upper bound on the number of packets each zombie can send Unsolicited conversation is a feature, but the recipient should be able to cheaply say “Go Away and Don’t Bug Me Again” Nicholas Weaver Mechanism needs to be scalable Probably also requires “no spoofing”, but ISPs should want this anyway End to end global fairness/congestion control (and a Pony)… Fix the biggest bug in the Internet: we need to enforce fairness along the network path, not at the endpoints But keep the current economics for constructing the network… I have no clue how to even start to think of how to do this: If I did, I would have submitted the FIND proposal already 5