Last month I submitted two proposals to the National Cyber Leap Year call for input from the U.S. Networking Information Technology Research and Development (NITRD) Program. I submitted two ideas, the International Bureau of Internet Statistics, and Cooperative Measurement and Modeling of Open Networked Systems (COMMONS, a two-year old idea). The Bureau of Internet Statistics still strikes some as batty, but over the holidays I caught up on some panicky OECD state-of-malware-landscape papers on how uninformed we are and how little data we have, while the only concrete recommendation in the “ITU’s study on the financial aspects of network security: malware and spam” report was

Although the financial aspects of malware and spam are increasingly documented, serious gaps and inconsistencies exist in the available information. This sketchy information base also complicates finding meaningful and effective responses. For this reason, more systematic efforts to gather more reliable information would be highly desirable.

In fact the only conclusions of that report seemed to be: “(1) We have no real data, so we have no idea what’s really going on. (2) But things are still worse than ever, and they must be worse than we think (3) the United States is the biggest source of damage. (maybe).” It’s a pretty unsettling report. You really do expect to read a proposal for a Bureau of Internet Statistics by the end of this paper, but the idea is pure fantasy for anyone who knows a moderate amount about how the Internet works. (hint: no data-sharing.) if Bagehot is right that the greatest pleasure in life is to do what people say you cannot do, some people should have a lot of fun building one.

This entry was posted on Friday, January 9th, 2009 at 12:06 am and is filed under Commentaries, Data Collection, International Networking, Measurement, Suggestions. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.