Re: [Cerowrt-devel] Random thought - reactions?

[Joel Wirāmu Pauling]

Here in New Zealand ; any provider operating a 'Network of National
Significance' must hand over any encryption keys on demand to what is
our local equivalent of the NSA. This makes a very high disincentive
for anyone to provide end to end encryption by design in their access
and transport networks. I would wager the US is likely to see a
similar provision to combat this sort of approach getting commercial
backing.

Whilst I completely agree this sort of this is needed, not being able
to create commercial services off it that are user-transparent is a
big barrier. Because for this approach to work you need as many people
to opt in as possible.

-Joel

On 16 December 2017 at 10:11,   wrote:
> Thanks for this. I hadn't seen it yet.
>
>
>
> On Friday, December 15, 2017 2:32pm, "tapper"  said:
>
>> Motherboard & VICE Are Building a Community Internet Network
>>
>> https://motherboard.vice.com/en_us/article/j5djd7/motherboard-and-vice-are-building-a-community-internet-network-to-protect-net-neutrality
>> It seems that people are all thinking the same thing, but coming up with
>> different things!
>
> I'm all for what Motherboard and VICE are contemplating. It's a great
> option, and may create an interesting opportunity for wireless mobile, too.
> But that's far more complex to fund and maintain than constructing an
> overlay over an already subscribable infrastructure. I wish them well, and I
> hope that the key idea of maximizing interoperability of all functions
> (including paying for upstream capacity) will be front and center in their
> minds. Balkanization of the subnets of the public Internet is a big worry -
> boundaries will destroy the Internet as effectively as content selectivity
> and content-based rate limiting will.
>
>
> ___
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
___
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel

Re: [Cerowrt-devel] Random thought - reactions?

[dpreed]

Thanks for this. I hadn't seen it yet.
 
On Friday, December 15, 2017 2:32pm, "tapper"  said:



> Motherboard & VICE Are Building a Community Internet Network
> https://motherboard.vice.com/en_us/article/j5djd7/motherboard-and-vice-are-building-a-community-internet-network-to-protect-net-neutrality
> It seems that people are all thinking the same thing, but coming up with
> different things!


I'm all for what Motherboard and VICE are contemplating. It's a great option, 
and may create an interesting opportunity for wireless mobile, too. But that's 
far more complex to fund and maintain than constructing an overlay over an 
already subscribable infrastructure. I wish them well, and I hope that the key 
idea of maximizing interoperability of all functions (including paying for 
upstream capacity) will be front and center in their minds. Balkanization of 
the subnets of the public Internet is a big worry - boundaries will destroy the 
Internet as effectively as content selectivity and content-based rate limiting 
will.___
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel

Re: [Cerowrt-devel] Random thought - reactions?

[tapper]

Motherboard & VICE Are Building a Community Internet Network
https://motherboard.vice.com/en_us/article/j5djd7/motherboard-and-vice-are-building-a-community-internet-network-to-protect-net-neutrality
It seems that people are all thinking the same thing, but coming up with 
different things!


The internet will never die!
On 15/12/2017 17:18, dpr...@reed.com wrote:
The disaster in the FCC's move to reverse the Open Internet Order will 
probably continue.


As some of you may know, but most probably don't, I have a somewhat 
nuanced view of the best way to preserve what is called network 
neutrality. That's because I have a precise definition of what the 
Internet architecture is based on. Essentially, access providers (or for 
that matter anyone who stands between one part of the Internet and 
another) should forward packets as specified in the IPv4 or IPv6 header, 
with best efforts. In particular, that means: meet the protocol 
specification of the IP layer, base routing, queueing, and discarding 
only on the information therein contained. "Best efforts" does not mean 
queueing or discarding packets selectively based on addresses or 
protocol. However, ToS can be used.


It turns out that the Open Internet Order pretty much matched that 
definition in effect.


But we are about to enter a new age, where arbitrary content inspection, 
selective queueing, and modification are allowed at the access provider 
switching fabric. Based on any information in the packet. Also, data 
collection and archiving of content information (e.g. wiretapping) is 
likely to be OK as well, as long as the data is "protected" and there is 
a contract with the customer that sort of discloses the potential of 
such collection.


Companies like Sandvine, Ellacoya, Phorm, NebuAd and more modern 
instantiations will be ramping up production of "Deep Packet Inspection" 
gear that can be customized and deployed by access providers. (10-15 
years ago they ramped up to sell exactly this capability to access 
providers).


I have never viewed the FCC rulemaking approach as the right way for the 
Internet to deal with this attack by one piece of the transport network 
on the integrity of the Internet architecture as a whole. However, it 
was a very practical solution until now.


So I've been thinking hard about this for the last 15 years.

The best and most open Internet we had for end users was available when 
the Internet was "dialup". That includes modems, ISDN digital, and some 
DSL connectivity to non-telco POPs. There was competition that meant 
that screwing with traffic, if detected, could be dealt with by 
switching what were then called ISPs - owners of POPs. This died when 
Cable and Telco monopolies eliminated the POPs, and made it impossible 
to decide where to connect the "last mile" to the Internet.


So can we recreate "dialup"?  Well, I think we can. We have the 
technical ingredients. The key model here is IPv6 "tunnel brokers" (I 
don't mean the specific ones we have today, which are undercapitalized 
and not widely dispersed). Today's Home Routers (minus their embedded 
WiFi access points) could be the equivalent of ISDN modems.


What we need is to rethink the way we transport IP packets, so that they 
are not visible or corruptible by the access provider, just as they were 
not visible or corruptible by the phone company during the "dialup" era.


I don't think I am the first to think of this. But the CeroWRT folks are 
a great resource for one end of this, if there were companies willing to 
invest in creating the POPs. I know of some folks who might want to 
capitalize the latter, if there would be a return on investment.


Under the Open Internet Order, there was no meaningful potential of a 
return on investment. Now there is.


I think the missing piece is a "stealth" approach to carrying packets 
over the access provider's link that cannot be practically disrupted by 
DPI gear, even very high speed gear with good computing power in it. 
That involves encryption and sort-of-steganography. Tor can't solve the 
problem, and is not really needed, anyway.


Anyway, I have some protocol ideas for transporting arbitrary IPv6 and 
IPv4 packets to POPs, and some ideas for how to evolve POPs in this 
novel context.


I'm interested in thoughts by the CeroWRT developers. Not just technical 
thoughts, but practical ones. And especially "services" that such POP 
operators could offer that would allow them to charge a bit of 
cost/profit, on top of the basic access provider services that will be 
needed to reach them.


BTW, the same applies to cellular, where I think the problem of breaking 
the Internet architecture will be a lot worse. We need to make cellular 
Internet access more like "dialup".



___
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel



___

[Cerowrt-devel] Random thought - reactions?

[dpreed]

The disaster in the FCC's move to reverse the Open Internet Order will probably 
continue.
 
As some of you may know, but most probably don't, I have a somewhat nuanced 
view of the best way to preserve what is called network neutrality. That's 
because I have a precise definition of what the Internet architecture is based 
on. Essentially, access providers (or for that matter anyone who stands between 
one part of the Internet and another) should forward packets as specified in 
the IPv4 or IPv6 header, with best efforts. In particular, that means: meet the 
protocol specification of the IP layer, base routing, queueing, and discarding 
only on the information therein contained. "Best efforts" does not mean 
queueing or discarding packets selectively based on addresses or protocol. 
However, ToS can be used.
 
It turns out that the Open Internet Order pretty much matched that definition 
in effect.
 
But we are about to enter a new age, where arbitrary content inspection, 
selective queueing, and modification are allowed at the access provider 
switching fabric. Based on any information in the packet. Also, data collection 
and archiving of content information (e.g. wiretapping) is likely to be OK as 
well, as long as the data is "protected" and there is a contract with the 
customer that sort of discloses the potential of such collection.
 
Companies like Sandvine, Ellacoya, Phorm, NebuAd and more modern instantiations 
will be ramping up production of "Deep Packet Inspection" gear that can be 
customized and deployed by access providers. (10-15 years ago they ramped up to 
sell exactly this capability to access providers).
 
I have never viewed the FCC rulemaking approach as the right way for the 
Internet to deal with this attack by one piece of the transport network on the 
integrity of the Internet architecture as a whole. However, it was a very 
practical solution until now.
 
So I've been thinking hard about this for the last 15 years.
 
The best and most open Internet we had for end users was available when the 
Internet was "dialup". That includes modems, ISDN digital, and some DSL 
connectivity to non-telco POPs. There was competition that meant that screwing 
with traffic, if detected, could be dealt with by switching what were then 
called ISPs - owners of POPs. This died when Cable and Telco monopolies 
eliminated the POPs, and made it impossible to decide where to connect the 
"last mile" to the Internet.
 
So can we recreate "dialup"?  Well, I think we can. We have the technical 
ingredients. The key model here is IPv6 "tunnel brokers" (I don't mean the 
specific ones we have today, which are undercapitalized and not widely 
dispersed). Today's Home Routers (minus their embedded WiFi access points) 
could be the equivalent of ISDN modems.
 
What we need is to rethink the way we transport IP packets, so that they are 
not visible or corruptible by the access provider, just as they were not 
visible or corruptible by the phone company during the "dialup" era.
 
I don't think I am the first to think of this. But the CeroWRT folks are a 
great resource for one end of this, if there were companies willing to invest 
in creating the POPs. I know of some folks who might want to capitalize the 
latter, if there would be a return on investment.
 
Under the Open Internet Order, there was no meaningful potential of a return on 
investment. Now there is.
 
I think the missing piece is a "stealth" approach to carrying packets over the 
access provider's link that cannot be practically disrupted by DPI gear, even 
very high speed gear with good computing power in it. That involves encryption 
and sort-of-steganography. Tor can't solve the problem, and is not really 
needed, anyway.
 
Anyway, I have some protocol ideas for transporting arbitrary IPv6 and IPv4 
packets to POPs, and some ideas for how to evolve POPs in this novel context.
 
I'm interested in thoughts by the CeroWRT developers. Not just technical 
thoughts, but practical ones. And especially "services" that such POP operators 
could offer that would allow them to charge a bit of cost/profit, on top of the 
basic access provider services that will be needed to reach them.
 
BTW, the same applies to cellular, where I think the problem of breaking the 
Internet architecture will be a lot worse. We need to make cellular Internet 
access more like "dialup".___
Cerowrt-devel mailing list
Cerowrt-devel@lists.bufferbloat.net
https://lists.bufferbloat.net/listinfo/cerowrt-devel