|
||
|
||
From the perspective of Internet security operations, here is what Net
Neutrality means to me.
I am not saying these issues aren’t important, I am saying they are basically arguing over the colour of bits and self-marginalizing themselves.
For a while now I tried not to comment on the Net Neutrality non-issue, much like I didn’t comment much on the whole “owning the Internet by owning the Domain Name System” thingie. Here it goes anyway.
Two years ago I strongly advocated that consumer ISP’s should block some ports, either as incident response measures or as permanent security measures.
On the one hand it would significantly help secure the Internet and its usability, as well as protect millions. On the other, why should the ISP’s have the right to censor us? In this text I will discuss how Net Neutrality is just a business approach, among many others that can and will be taken whether by legislation or as a fact of life. I will discuss security as a counter-example of why Net Neutrality is just hypocrisy and why it is needed, even if it is inherently wrong. Why? Well, ever heard of botnets?
Blocking port 25 outgoing stops most spam of the day, but causes spam to evolve (at least in a direction we want it to, for once). Blocking port 445 stops many worms and exploits littering the Internet in a non-stop thunder-storm.
The first would decrease spam from your network, the second would decrease spam from your network. The first would stop it from being sent and in the foreseeable future force spammers to use real compromised users rather than fake ones that can be blocked. The second would stop many users from getting infected and compromised in the first place.
Ports change, threats change, blocking ports? That’s almost a freedom of speech violation (which we will discuss later). Who is the ISP to tell the user what to use and what not to use? Simple fact is, we are currently at global incident response stage and we lost.
If the ISP’s provide users who are most likely never to use anything more than a web browser and some other basic clients with an easy way to get un-blocked service, why is this a bad thing?
I met with deadly criticism from ISP’s, yet several large ISP’s implemented such barriers. Why?
They did it for the business case which they were big enough to notice. Paying abuse personnel just so that they can discontinue service to clients… what kind of business is that? Stopping users from sending spam and getting infected worked for them and saved them:
Still, most ISP’s absolutely refused to consider it, as it would mean spending on the users’ security, which they are not:
The technical guys had a good case, too:
The right? That’s right. The Internet is not lanes on a highway or even a market or whatever other analogy people may come up with. The Internet is somewhat comparable to the sky or the ocean. A boat can travel it the same as a fighter carrier. How the space is used and traveled is to be determined by what’s in that space already.
ISP’s are not Sea or Air Ports, they are air corridors. They determine which user goes when and where. They do not determine who the user is or does. As with any analogy, this one is flawed and a counter analogy can be found for it immediately.
In the recent year I have heard more and more of Net Neutrality legislation, where ISP’s, who objected to protect their users by just blocking ports now ask to limit services and get paid for them. That isn’t new to me. My ISP limits my P2P speed considerably while I can otherwise download freely, disconnect me occasionally or make me use a dialer so that they can monitor my usage. They just deny it when I ask them about it.
It is all about the business.
What I do with my DSL line is my business, not theirs. The problem starts when the ISP does not want to give me the said service, as it utilizes more of the line I buy. It’s a business concern. They over-sold under the calculation I won’t use what I buy.
Well, I have a few things to say about that:
Net Neutrality doesn’t make technological sense, no matter how you present it. It makes perfect business sense, the ISP’s see an opportunity to save costs and earn extra cash on what they are already supposed to sell. Maybe that is alright, I am not sure… after all, if the industry is at a serious loss, that should be solved somehow and indeed, the Internet services just keep taking more and more bandwidth. That is not how this is presented, though.
What I am sure about is that whichever way Net Neutrality goes, in the end it won’t matter much for the future of the Internet, even if it is inherently wrong. Either we pay more money for the phone lines we have and can say whatever we want on them, or we pay for specific languages that we speak on our phone line. We may also end up being limited and not know it.
Wrong or not, and it is wrong, the Internet will move on and hey, just remember, the Internet is far bigger than just the United States. Whoever wants to get by these silly filters can. One problem this will present is that Internet Development in the United States will become less friendly and other countries may be preferable.
The security issues I discuss happen often, as another example, a few months ago I had a similar discussion with ISP tech folks about a different technology, now commonly referred to as the so-called “walled garden approach”. “Filter your bad users until they fix themselves and help them do it online by sending them only to a support website.” or similar
I guess someone saw the business case, as suddenly I am mainstream. Woohoo.
The Internet today reminds me of an Orwellian society where everybody is happy, but underneath the surface it’s all Big Brother, only that in the case of the Internet everyone is happy, and regardless of Big Brother, everybody is also part of terrorist cells called botnets and a ton of people lose their money, work and are constantly annoyed in their daily life. Just below their critical annoyance level. It’s all about fleas, billions of them. But just a few for each person.
Zombies. Reasonable measures to stop the epidemic of millions on millions of compromised computers, bank accounts, etc. are fair game. We need to get passed the black plague. That however, does not bring money to ISP’s, therefore, we will keep talking about philosophically critical issues such as Net Neutrality, which in the long run just don’t matter as the business case will win regardless, in other means if need be.
With approximately 2 billions dollars lost in phishing alone this year and several Trojan horses (bots) installed on almost every computer on the Internet (in numbers vs. amount of computers), the future Internet is going to be very interesting indeed.
It seems to me though that the United States, whenever it comes to Internet Governance issues, is self-marginalizing itself in every turn. Why?
Net Neutrality isn’t evil, it’s silly to the point of ridiculous. It won’t really mean much in the long run though. In the short-term it is just capitalistic America at it again.
Time to go read William Gibson again!
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix
A World-Renowned Source for Internet Developments. Serving Since 2002.
Finally, some actual thought about the matter!
The author is essentially correct. People have been living in HappyFunNetLand—things have been working well enough, or giving the illusion of that, that people actually believed that net neutrality existed, or didn’t pay attention to the issues of security, etc. The strains are starting to show and suddenly people realize that they might have to leave HappyFunNetLand and deal with the realities.
I think a problem is that this is not exactly a technology issue. It’s a mix of resource management (bandwidth is limited, if it wasn’t, we wouldn’t have the over-selling issue and the Tier 1 peering issues), and people management (people abusing the network intentionally or unintentionally.) The tech-utopia proponents of HappyFunNetLand (i.e. Net Neutrality) are going to tend to propose more technology as the solution (more access points, bigger pipes, spam filters, etc. etc.) This will just make the problem worse because more resources simultaneously equals greater (potential for) abuse.
(i.e. The equivalent of solving the problem of road rage and drunken driving by increasing the size and speed of the cars on the road and the number of roads/intersections, under the assumption that if more people can get where they want to go faster, there will be less trouble, but no one wants to talk about speed limits, seat belts, or even having different lanes for different types of traffic. It’s not a problem with the cars, it’s a problem with the drivers getting along with one another. Improving the cars only goes so far.)
However, I am pretty sure that the tech-utopia folks will continue to propose technology-based solutions, the business folks will continue to propose market/pricing/business solutions, and the legistlative folks will continue to propose laws and regulations to solve the problem. I am also pretty sure that all of these will fail to, in practice, solve anything. They may, however, at least cause some movement towards an eventual solution of some sort.
The future of the Internet will indeed be very interesting.
It definitely is silly, and it is 100% capitalism. At the end of the day it’s all about the bells trying to change the rules of the game so that more money lands in their pockets. They are playing all the little tricks as well, trying to build a case for why they think they deserve more money.
I debunked one such case in my own blog.
I should probably note that what I attack is the legislation by the telco’s rather than Net Neutrality itself as a concept, which I am in favor of.
Thanks for your article. I find it synchronous with my own hesitations on commenting on this topic.
It seems to me that the whole ‘Network Neutrality’ fiasco is due to the business and political worlds catching up to the fact (in an easily digested meme) that relatively recent technologies can start to manage high network traffic in a very very granular way.
The SBC CEO’s comment about questioning whether core network providers should charge network content providers (google et al) ‘silk road’ tarrifs caught the imagination and criticism of many idealists, and as a consequence brought the concept of neutrality into the public mind.
Concepts such as ‘network neutrality’ seem in direct conflict to the general overreaching environment of network provisioning.
It’s my opinion and idealism that if policy makers really want to make a difference, then perhaps other issues are of more burning importance.
For socially relevant policy decisions, surely asymetric bandwidth provisioning, NATed services (making service provisioning so much harder than consumption), and volume charging models are issues that should affect the technological development of the Internet environment (not the Internet product).
National policy makers of many countries often wish to see their country wired up to the Internet for demographic penetration numbers to increase, rather than see their population be intrinsically and affordably involved in its development.
‘Network Neutrality’ is a sham that will soon fade(no service provider wants the support expense of explaining to customers that they can only use brand X of VOIP, brand Y of search engines, etc), and the (idealistic) activists that support it should concentrate on other policy issues that will really make a difference to the Internet and the people utilising it.
For nearly two years I oppose an IETF RFC (3066 Bis) which permits to organize language / racial / religious filtering in standardizing content language tags and develop “retro-meta-spam” (you receive a mail taged for a language or a theme: in responding the mail you tell that you know the language or are interested in the theme - a dynamic cookie).
This means that it is possible to identify querries, traffic, users in “en-latn-US” as more financially rewarding than in “iw-hebr-il”, and to give them priorities. Let consider a major search service with twice less information in a language than in an other one. In processing the querries twice slower, it will retain the attention of the user on its advertizing the same time. etc.
Net neutrality is not only to be neutral to ports, but to people, languages and cultures. A topic some American stakeholders seem not to see the need for - or to well understand the costs and constraints - or is it that Net Neutrality can also be understood as equal opportunity for all? Why would a dominant group of interests want to lose their position?
In trying to wade through the argument I have found it usefull to distinguish several types of Internet providers: client, server and transit. Not all arguments are equally strong for every actor. See my blog