It’s Time To Fix The Internet
February 15th, 2013 by« Previous Next »
As a mechanism for bringing people free and open speech, the internet is broken. I’m probably not saying anything new to you, I’d hazard a guess and say we all know it’s broken and that it has been for some time now. The internet of today suffers from three major flaws, the first of which is authenticity. How can you be sure that the server you reached is the server that you requested? SSL? And how can you be sure that the people verifying the certificates are trustworthy? Second, the internet is very vulnerable to censorship, whether it’s through new legislation (SOPA/PIPA, etc.) or physical means (Syria/Arab Summer). How can we ensure that, when we need it the most, the internet is available uncensored? And finally, the internet is (still) lacking in basic security measures. Transfers are broadcast in clear text, and various government agencies are taking full advantage of that fact regardless of the civil liberties they violate.
So, yeah, there’re some things wrong with the internet. Now let’s talk about how to fix them.
Security (With a Dash of Authenticity)
Security is probably one of the easiest problems to solve, it just requires the use of HTTPS everywhere. No, not the app from our friends at the EFF, but rather HTTPS needs to be the rule, and not the exception. End to end, traffic should be encrypted no matter what. These days, the cost of encryption is far outweighed by the benefit. SSL Offloading allows the hardware to deal with the encryption instead of the software, which makes the barrier to entry even lower. Newer CPUs have built in AES instructions. The hardware takes care of it for us, and hardware is fast. So no more excuses.
Not only do we need to start encrypting all our traffic end to end, we need to drop Certificate Authorities like first period French. CA’s have the keys to the digital kingdom, and they’ve already proven themselves untrustworthy. So, what do we do instead of trusting CAs? How about a web of trust model?
Let’s take me, for example. I take everyone I know and all the companies that I’ve determined to be legitimate and add them to my trusted list. And let’s assign each entity a weight for how much I trust them, since my mom is probably not going to trust people online that deserve it (Nigerian princes want to pay you for your help!) Now that we have the web of trust in place, we can start making requests of it. Let’s say I want to know if the certificate I received when I requested google.com is actually legit. Ask your web! If people you trust return the same certificate, then chances are you are at the right site. And why not include negative weights in this as well? If the Korean government says that your certificate for google.com is wrong, maybe that’s a positive indication that you’ve got the right one! This takes the reliance off the CA’s, who weren’t great at their jobs to begin with.
There are a few problems this model creates, however. First of all, people like you, me, and our mothers would have to start keeping an online identity in order to validate themselves. That means public/private keys for all, for all the good and bad it’ll do you. I don’t trust my mom to burn a CD without calling me, good luck trying to teach her how to determine if a site is legit or not. It’s a pipe dream to even imagine she would be able to manage or transfer a digital keyring. Second, the methods of encryption become much more important now, since weak crypto breaks the trust. Being able to swap encryption methods in and out is a must, so that weak techniques can be replaced with strong ones as soon as the weakness is found. Being able to cycle keys in and out becomes important, as well. But hey, we get to ditch those pesky CAs once and for all. And while we’re at it, why not get rid of the existing DNS system and tie that information to the public key and decentralize it as well? That’s a whole new can of worms that we maybe don’t want to open right now, but it would go a long way to strengthening the internet (and would be very possible). You may be saying “Yeah, this exists, and it’s called DNSSEC“. You’re right. Let’s take that to the extreme: Trust chaining is great, but only if I trust the people in the chain. So let me be in charge of that, at least to some degree.
Moxie Marlinskpike has a cool Firefox addon that addresses a few of these issues, called Convergence that’s a step in the right direction. Definitely check it out!
Reliability
Right now, we rely on wires to carry our packets around the world. Which is fine, I guess. It works, and it’s relatively fast. But it’s not very reliable, as we saw in the recent uprisings in Arab countries these past few years. A few wires get cut, and a country disappears from the internet entirely. That’s bad.
How do we fix it? That’s where mesh networks come in to play. Mesh networks are wireless, peer to peer networks that route traffic around the internet (or as much of the internet as the mesh can see). Moving to mesh networks not only solves the issue of reliance on wires, it also removes the reliance on internet providers. The internet could truly be open and free, as anyone with a mesh router could jump online and start sending/receiving data without worrying about who might be altering your informational diet. Coupled with SSL everywhere, you’re sure that the server you requested was the server you got, and the data between the two of you was not tampered with or snooped on. Well, to some extent.
Relating this back to security, mesh networks still aren’t very secure. Even with end to end encryption, people still can tell who is sending traffic, and where that traffic is headed. So why not include something like Tor on top of the mesh? If we allow traffic to make a few different stops before it reaches its end destination, finding out who sent what becomes a bit more difficult. All it would require is sending traffic to a mesh router that acted as a relay, and the information could take a few hops before finally landing at its destination. Reverse the path on the way back, and traffic that looks like it is between two recipients could just be the beginning of a larger communication. And with mesh networks routing the traffic, who knows what hops that data might take before it reaches its final destination? And let’s not stop a making a few relays, let’s make every router a relay. Imagine trying to pin down traffic when you can never be sure where it’s originating. It’s a happy thought.
Authenticity, Redux
We’ve already solved most of this problem when we were talking about reliability and security, but let’s hit it again. With everyone issued a public/private key pair, and a reliable way to cycle the keys among your trust network, the issue of who is who online goes away. I will know that I’m talking to my friend because his keys are the only ones that could decipher my message. And, for when security is more important that authenticity, individuals can ditch their known key pair for a brand new one (maybe as often as per session/website, if you’re that paranoid) and still get all the perks of end to end security without tying it to an online identity.
Just think of the possibilities of having an online identity that was verifiable (again, only if you wanted to use it). Sites could ditch usernames and passwords, thus making them more secure. Or they could keep usernames and passwords, and only allow you to do certain things when you were logged in with those credentials and your requests are able to be decrypted by your known public key. The sky would be the limit for what you could do. No more worrying about people impersonating you online, reading your emails, or accessing your banking records. Hell, for information that is VERY sensitive, websites could store it encrypted with your public key so that even they wouldn’t be able to leak the information!
Hurdles
So, what’s it going to take to get us to such an internet utopia? Well, the hardest part is going to be getting everyone on board. Like I said before, it’s a tough sell to people that aren’t technologically inclined. Also, currently there is a lot of fragmentation in the open source efforts to make these types of things a reality. Mesh networking has a lot of different routing protocols, and each is unique to the implementation. No standards exist for this type of thing yet, because it’s so new. There will have to be a unification of effort in order to make this work.
Not only that, but how do you keep the existing systems up and running while at the same time implement these new and radically different ideas? There would have to be some hard cutoff dates on a lot of technology, and the web world isn’t exactly too keen on letting go of old technologies. How many people are running FTP instead of SFTP? Who only offers HTTP access, and not HTTPS *cough*?
So, Now What?
What the hell do we do now? Well… the issues faced by this hypothetical internet of the future aren’t insurmountable. They aren’t easy, but nothing worth doing ever is. It’s probably going to take a major incident before people really decide that the internet needs to change, and there have already been incidents in the past year that were unimaginable not too long ago. So, we’re talking something really bad. But why wait? Why let it get that out of hand? We know what we have to do to make the internet a stronger place for freedom of speech and expression, so let’s start doing something about it today. Get involved: Donate time/money/skills to the Tor project. Or how about Freenet, a project that is headed in the right direction. Talk to your friends and family, let them know how important the freedom of information really is. Let’s do it now, so we’re not sorry later.
Incredibly well thought out arguement. Well said.
Why aren’t we blocking traffic from suspect countries? I’m sorry, but one of the best remediation steps we can take is to take China’s connection and drop it into a huge effing hole. We have created this awesome tool (the Internet) and we need to be willing to say “you are the weakest link. Goodbye” to China, and (as appropriate) Russia, Czeckoslalkjdflaj, and anyone else who endangers it.
“But,” say the whiny voices of progressivism, “what about the oppressed peoples of China?”
Different problem. SOO many problems would be mitigated by shutting off China’s connections to the US.
The scope of the post if enormous, however for some aspects dropping traffic based on geoIP is like identifying a thief based on what he wears. Most attacks are behind several layers of proxy nodes which are most likely in the US. Also, if you take a look at most security breach reports, the most common issues are not super chinese hackers, instead you have poorly configured devices, lack of common sense in sysadmins, no exercise of least privilege and so on.
theC, you’re right that the scope is rather… broad. But that’s because there’s a lot that needs improving! As for dropping traffic… that’s missing the point. We shouldn’t be making the internet *less* inclusive, we should be finding ways to secure it while making it available to the most number of people possible.