There are indications that the Internet, at least the Internet as we know it today, is dying.
I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces.
That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet.
Between viruses and spammers and just plain old bad code, the net is now subject to a heavy, and increasing level of background packet radiation. And the net has very long memory - I still get DNS queries sent to IP addresses that haven't hosted a DNS server - or even an active computer - in nearly a decade. Search engines still come around sniffing for web sites that disappeared (along with the computer that hosted them, and the IP address on which that computer was found) long ago.
Sure, most of this stuff never makes it past the filters in my demarcation routers, much less past my inner firewalls. But it does burn a lot of resources. Not only do those useless packets burn bits on my access links, but they also waste bits, routing cycles, and buffers on every hop that those useless packets traverse.
It will not take long before the cumulative weight of this garbage traffic starts to poison the net. Already it is quite common for individual IP addresses to be contaminated from prior use. I am aware of people who are continuously bombarded by file access queries because a prior user of that address shared files from that address. Entire blocks of IP addresses are also contaminated, perhaps permanently, because they once hosted spammers thus causing those address blocks to be entombed into the memories of an unknown number of anti-spam filters not merely at the end user level but also deep in the routing infrastructure of the net. And a denial-of-service virus, once out on the net, can only be quieted, not eliminated; such viruses remain virulent and ready to spring back to life.
The net does not have infinite resources - even if IPv6 is deployed the contamination of IP address space will merely be slowed, not stopped.
Better security measures, particularly on the sources of traffic, will help, but again, unless something radical happens, the contamination will merely be slowed, not stopped.
I believe that something radical will happen: We may see the rapid end to the "end-to-end" principle on the Internet.
We are already observing the balkanization of the net for political and commercial reasons. Self-defense against the rising tide of the net's background packet radiation may be another compelling reason (or excuse) for net communities to isolate themselves and permit traffic to enter (and exit) only through a few well-protected portals.
This balkanization may be given additional impetus by a desire to escape from the ill effects of poorly designed regulatory systems, such as ICANN.
So, between spam, anti-spam blacklists, rogue packets, never-forgetting search engines, viruses, old machines, bad regulatory bodies, and bad implementations, I fear that the open Internet is going to die sooner than I would have expected. In its place I expect to see a more fragmented network - one in which only "approved" end-to-end communications will be permitted.
The loss of open end-to-end communications will, in itself, be a great loss.
But of even more concern will be the fact that these portals, or gates, will require gatekeepers, which is merely a polite word for censors. Our experience with ICANN has shown us how easily it is for focused and well-financed interests to capture a gatekeeper. In the present political climate in which government powers are conferred, without a counterbalancing obligation of accountability, onto private bodies, the loss will be much greater.
Posted with permission from the CaveBear Blog
|Cybersquatting||Policy & Regulation|
|DNS Security||Registry Services|
|IP Addressing||White Space|
Minds + Machines
Neustar DDoS Protection
Neustar DNS Services