The goal of our study was to better understand this complex ecosystem, the behavior of entities that constitute it (ASes), and the nature of interactions between those entities (AS links). How has the Internet ecosystem been growing? Is growth a more significant factor than rewiring in the formation of new links? Is the population of transit providers increasing (implying diversification of the transit market) or decreasing (consolidation of the transit market)? As the Internet grows in its number of nodes and links, does the average AS-path length also increase? Which ASes engage in aggressive multihoming? Which ASes are especially active, i.e., constantly adjust their set of providers? Are there regional differences in how the Internet evolves?

To answer these questions, we analyzed AS-level topology snapshots constructed from publicly available routing tables collected at Routeviews/RIPE. We selected a series of topology snapshots spaced 3 months apart, spanning twelve years from 1998-2010. Unfortunately, the available historical datasets from RouteViews/RIPE are not sufficient to study the evolution of settlement-free peering links. So we restricted the focus of this study to the evolution of AS types and of customer-provider links. We developed a method to classify ASes (with 75-80% accuracy according to our validation efforts, detailed in our recent TON paper) into a number of types depending on their business function, using observable topological properties of those ASes. The AS types we consider are large transit providers (LTP), small transit providers (STP), content/access/hosting providers (CAHP), and enterprise networks (EC).

Our findings highlight some important trends and evidence for how these trends may play out in the future:

• The IPv4 AS-level Internet has gone through two growth phases: an initial exponential phase up to mid/late-2001, followed by a slower exponential growth thereafter. Contrast this with the growth of the IPv6 AS-level graph, which has been growing exponentially since 2003.
  
  (More analysis comparing growth trends in the IPv4 and IPv6 topologies coming soon!)
• The average path length, however, remains practically constant around 4 AS hops, meaning that the network densifies.
• Currently, 81% of link births are associated with existing ASes rather than new ASes (rewiring versus growth); similarly, 86% of the link deaths are due to rewiring. This implies that most of the dynamics in the network are due to births and deaths of links between existing ASes.
• We classified ASes according to economic considerations and business types. We find that most of the growth is due to Enterprise Customers (ECs) at the network edge. The average multihoming degree of ECs has remained roughly constant, but has increased significantly for other network types — transit providers (both regional and global), and Content/Access/Hosting providers. The previously mentioned densification process is thus driven by transit providers and content/access/hosting providers. In terms of rewiring, CAHPs appear to be the most active, while ECs are the least active.
  
• We introduced two provider metrics, attractiveness and repulsiveness, to quantify the ability of a provider to attract and retain customers. We found that both the attractiveness and repulsiveness of a provider are correlated to its customer degree. Also, many providers exhibit strong repulsiveness 3-9 months after exhibiting attractiveness, i.e., these providers attracted new customers but were unable to retain them. We define the set of providers that accounted for 70% of all customer gains across two consecutive topology snapshots as attractors, and the set of providers that accounted for 70% of all customer losses as repellers. We found that the set of attractors and repellers is increasing in size. This set of providers is dominated by those in North America and Europe; while the number of such providers in Europe is increasing, that number in other regions is relatively flat. This indicates that the market of transit providers, at least in Europe, does not seem to be consolidating.
• With respect to regional growth, we find that the Internet market, in terms of the number of enterprise, access/hosting/content and transit networks is now larger in Europe than in North America. Additionally, since 2004-2005, a larger fraction of active customers (customers that changed their set of providers between two consecutive snapshots) are in Europe than in North America. We note that these trends refer to the number of networks in various regions, and do not reflect the size of their customer base or advertised IP address space. Our measurements hint at an increasing European influence on the Internet ecosystem.

We have made the datasets collected as part of this work publicly available. We have also developed an interactive interface to the data that allows a user to query the historical connectivity (number of customers, providers, and peers) of a set of ASes. The user can also compare the connectivity of selected ASes with the average of different types of ASes — classfied according to their business types as Enterprise Customer, Small Transit Provider, Large Transit Provider, and Content/Access/Hosting Provider. We also allow the option of computing the degrees at the level of organizations. The user must enter an AS number belonging to the organization (e.g., 7018 for AT&T), and if a matching organization is found for that AS number, we display the connectivity of the organization as a whole. We are in the process of expanding our AS-to-organization database, so in the future the script will incorporate a larger set of AS-organization mappings.

Then, last month, I had the opportunity to attend the Security at the Cyberborder Workshop in Indianapolis. This workshop focused on how the NSF-funded IRNC networks might (1) capture and articulate technical and policy cybersecurity considerations related to international research network connections, and (2) capture opportunities and challenges for the those connections to foster cybersecurity research.  I did not expect to find a new benefactor for storage of our telescope data at the workshop though, in fact, I did.

During the workshop, I mentioned to the group that  we were preparing to purge historic darknet data for lack of funds to pay for storage. Upon hearing of our plans to delete  the data, a NERSC System Administrator offered to store the data in NERSC’s tape archive. He understood the relevance of the data to cybersecurity research and the value of longitudinal analysis on this fairly rare and unique data type. In less than a month, we had accounts and began the work of moving the data.

CAIDA would like to thank the San Diego Supercomputer Center for archiving the UCSD Network Telescope data since 2003. The IBM HPSS  and more recently Sun SamQFS archival storage systems dutifully preserved and delivered the 100+ Terabytes of raw pcap traces we have archived over the last eight years.

We would also like to thank the National Energy Research Scientific Computing Center (NERSC) and ESnet for the resources that  allowed us to continue to preserve this data. On 22 March 2012, we started the transfer via ESnet shown in-flight in Figure 1  to  the NERSC HPSS facilities. The transfer completed in roughly one week’s time and sustained an average of 1.52 Gbps limited by local host disk I/O.

Figure 1. 100+ TB transfer of UCSD Network Telescope data from SDSC to NERSC via ESnet.

Figure 2 below presents an interesting heat map visualization of the data collection volume. Each vertical bar represents one day of data, while the horizontal bands represent the size of a compressed file (in pcap format) of captured traffic for an hour of the day. We color each data point based on its deviation from the median hourly captured traffic file size. Specifically, an hour equal to the median file size we color red. Hours with (compressed) traffic volumes at twice (or more) of the median we color yellow, and hours with no data appear black. So, hotter colors mean more data. Data collection on the telescope is a best-effort service — outages show up as vertical black bars. This plot also reveals an increase in the amount of data stored after April 2009 due to the removal of an upstream rate limit filter on incoming packets (We removed that filter in the wake of the advent of the Conficker worm, in order to study it.) The color changes in the heat map also show the diurnal variation in traffic volume, although since this type of traffic originates from most time zones of the world, the “busy hour” is not sharply delineated.

Figure 2. Heatmap of the UCSD Network Telescope data.

The papers are also available on CAIDA’s publications page.

Building on the success of our first (virtual) Workshop on Internet Economics (WIE09), we expanded the scope and depth of the second workshop in this series, inviting experts in the following topics of interest: peering strategies and conflicts; content delivery; traffic and topology dynamics of the peering ecosystem; sustainable business models and industry structure. The workshop format was structured to promote constructive, focused engagement. Attendees presented research results, offered updates on data sources, moderated topic discussions, served as formal respondents to other speakers, and critiqued the relevance and potential impact of the presented results An intended goal was to establish a set of open questions that can frame an Internet economics research agenda, and more specifically to improve the realism, utility, and predictive power of economic models of Internet topology and dynamics. Even this expanded scope falls short of the recognized breadth of the emerging discipline of Internet economics; we plan to include other recurring issues and questions at the next workshop, including the economics of privacy, advertising, censorship, and intellectual property.

We’re obsessed in medicine with having great components — the best drugs, the best devices, the best specialists — but pay little attention to how to make them fit together well. Berwick (president of the Institute for Healthcare Improvement in Boston) notes, “Anyone who understands systems will know immediately that optimizing parts is not a good route to system excellence”… He gives the example of a famous thought experiment of trying to build the world’s greatest car by assembling the world’s greatest car parts. We connect the engine of a Ferrari, the brakes of a Porsche, the suspension of a BMW, the body of a Volvo. “What we get, of course, is nothing close to a great car; we get a pile of very expensive junk.”

Nonetheless, in medicine that’s exactly what we have done. We have a $30B/year National Institutes of Health, which has been a remarkable powerhouse of medical discoveries. But we have no National Institute of Health Systems Innovation alongside it studying how best to incorporate these discoveries into daily practice — no NTSB equivalent swooping in to study failures the way crash investigators do, no Boeing mapping out the checklists, no agency tracking the month-to-month results.

The same can be said in numerous other fields. We don’t study routine failures in teaching, in law, in government programs, in the financial industry, or elsewhere. We don’t look for the patterns of our recurrent mistakes or devise and refine potential solutions for them.

But we could, and that is the ultimate point. We are all plagued by failures — by missed subtleties, overlooked knowledge, and outright errors. For the most part, we have imagined that little can be done beyond working harder to catch the problem and clean up after them. We are not in the habit of thinking the way army pilots did as they looked upon their shiny new Model 299 bomber — a machine so complex no one was sure human beings could fly it. They too could have decided just to “try harder” or to dismiss a crash as the failings of a “weak” pilot.

Instead they chose to accept their fallibilities. They recognized the simplicity and power of using a checklist.

And so can we. Indeed, against the complexity of the world, we must. There is no other choice. When we look closely, we recognize the same balls being dropped over and over, even by those of great ability and determination. We know the patterns. We see the costs. It’s time to try something else.

Try a checklist.

The Checklist Manifesto, Atul Gawande.

More on this topic the next time it happens, which I reckon won’t be too far into the future. (Cringe.)

DHS’s Science and Technology Directorate, through its PREDICT program, sponsored this report on ethics in Information and Communication Technology Research (ICTR). The culmination of a multi-year effort by network and security research stakeholders to lay out a guiding framework to identify, navigate, and resolve ethical issues in ICTR, this report is intended to be a dialogue launch point for the community of researchers, oversight entities, and policymakers to reflect on ethical issues in security and network research. Public comments are encouraged via the Federal Register through 27 February 2012. I’m pretty sure all comments are responded to and/or integrated into the next version of this report. Hopefully the report will also be the topic of discussion at some conferences and workshops this year, so that the community can get out ahead of these issues before we find ourselves facing legislative overreaction to catastrophe (or even perceived catastrophe). Please consider reading and submitting a comment.

Those familiar with the new emerging information-centric networking movement in the computer science research community will recognize NDN’s fundamental theme: replace the endpoint (identified by an IP address) as the fundamental anchor of the communications architecture with the data (identified by a name). To communicate in NDN, users post named interest(s) that propagate toward where the data resides (now relying on conventional routing protocols for the underlying routing fabric but eventually hopefully using previously developed revolutionary greedy routing mechanisms) and receives, from cryptographically vetted publishers, signed object(s) matching the requests. Conceptually simple, with many collateral benefits offered by the minimization of unnecessary layers. The application is much closer to the network. Mobility is inherent, since the notion of location has been removed as an architectural anchor.

While at least a dozen papers have resulted from this project thus far, even more tangible progress has occurred on the development and experimental deployment side. A key strength of this project (as mentioned previously) is a deployment path via a testbed overlay on the current Internet. Beichuan Zhang and Lan Wang have coordinated an OSPFN implementation that distributes name prefixes in OSPF and ccnd, and a ccnx-dhcp to help local bootstrapping, which will eventually include configuring default routes, local topology and hub discovery. Applications are already running on the NDN testbed including audio, video, and multi-user chat, which are being used by weekly project coordination calls; additional performance-related testing has been conducted using supercharged PlanetLab nodes.

In parallel, different teams are pursuing the various threads of research promised for the NSF project. Patrick Crowley is leading the investigation of how fast we can get NDN nodes to forward packets, and building traffic generators to evaluate and inform the protocol design. The security research team will present their first preliminary analysis of privacy, anonymization, and signature efficiency in NDN at this month’s NDSS conference. Edmund Yeh is creating a stochastic control and optimization framework to to formally (analytically) evaluate network performance, as well as coupling theoretical and experimental evaluation of joint forwarding and caching algorithms.

One of the next big R&D challenges is effective measurement techniques, not only for network management and performance evaluation — (“This node is being flooded with interests!”) — but also to support new types of network routing and application development and debugging (“Why is my application not getting the data?”).

We still need to study the impact of topology structure on network operations and management as we expand the set of external participants experimenting with the current platform and applications. We also still need core management functions such as methods to identify misbehaving nodes/apps, tools for debugging, log analysis, and traffic flow, the equivalents of chargen, traceroute, mechanisms for discovering one’s own local globally routable namespace (NDN prefix discovery) and other routing and institutional key information when joining a new network.

And of course, the eye of the volcano: the data namespace that NDN utlizes, including policy-relevant constraints that might determine what information should be exposed by the namespace structure. Because NDN object names may convey topological as well as content information, network elements could present treasures of performance, topology, and usage data that we can only dream about in the current architecture. But unlike today’s Internet, which convolves topological and organizational (peering) structure with the Autonomous System abstraction, the NDN architecture distinguishes these functions: signatures frame organizational/peer structure, while names frame the topological structure. There are obvious and not-so-obvious implications for privacy and attribution of communications, and we devoted an entire session to discussing social values that guide design decisions, with attorney Paul Ohm promising to help us assess the strength and form of expected tussles should an NDN architecture gain deployment traction.

Colorado State (home of PIs Dan Massey and Christos Papadopoulos) did a fantastic job of hosting the meeting, including a poster session and reception the evening of the first day. Several posters described undergraduate projects in Christos’ recent undergrad class on on NDN networking: running a traditional (modified) IP web traffic generator over the NDN testbed; repeating (and confirming) the 2009 CoNEXT paper experiment on PlanetLab); and a content caching study at CSU’s border router (estimating how much content is static (about half by requests) vs dynamic, and redundant request patterns). The second day included lots of discussion of what applications and supporting tools we should pursue next: including a graphical name space browser; graphical PIT viewer; a serverless Twitter-like application with scope control over message distribution; and a distributed, topic-based discussion board application to facilitate collaboration.

Toward the end of the meeting we discussed NSF’s request for thoughts about next steps after the FIA program currently funding this work (now half-way through its three-year budget). There are tremendous opportunities for synergy with other NSF-funded information science communities such as the Cyber-Physical Systems or the DataNets programs, to experimental deployment in production science settings such as the Open Science Grid (OSG), a national distributed computing grid for data-intensive research. Perhaps most exciting is the potential opportunity that Kevin Thompson (of NSF’s Office of Cyberinfrastructure) described at Internet2′s last Joint Techs meeting: in response to recently commissioned strategic advice, NSF wants to leverage successful R&D investments by transitioning them into campus environments on a broad scale, i.e., with a dedicated program. Since the NDN architecture was designed to solve many of the problems now being faced by campus networks (as well as the rest of the world), I’m optimistic that we could someday see an NDN-NSFNET. Lots of known unknowns and unknown unknowns along that path, but what an exciting path!

[Thanks to our lead PI Lixia Zhang of UCLA for help with this entry.]

Interestingly, at this meeting the FCC staff themselves presented some thoughts on the way forward for the PSTN, before the working group got to present, thus some redundancy ensued. Still no resolution on numbering, or its post-PSTN replacement “identification”. Several TAC members including Vint Cerf and Dan Reed emphasized the importance of naming conventions for an expansive set of services now displacing what we used to call voice. Furthermore, since most people still use mobile phones in the same small set of locations, the permanent connectivity or attachment of the phone number to the individual is even more fundamental to the architecture than constant mobility.

As the working group emphasized back in July, the PSTN transition is neither a TAC nor an FCC initiative — consumers are driving it, i.e., dropping their landlines with alacrity. There was rough consensus on the need to consider several technical and policy issues, including: promoting competition; universality and carrier of last resort (including USF and reciprocal compensation); transitioning services that depend on the PSTN; reliability, continuity, accessibiity, 911; homeland security/CALEA; and privacy/personal security. Open questions include those as mechanical as “What replaces RJ11?” and as economic as “What/Where are the most efficient points of interconnection?” (Well, both questions bear mechanical and economic considerations.) The industry still lack IP-based technical standards to ensure quality and reliability of voice, and the FCC’s regulatory posture carries an embedded assumption — understandable given its century of commissioned responsibility — that voice is something to specifically protect rather than treat as another bucket of data being transported across the network.

Tom Wheeler captured a less surprising industry opinion that unencumbering industry from the body of laws and court precedents based on the PSTN would facilitate the advance of market forces. Marvin Sirbu was worried we might be overestimating the speed at which citizens are really moving to VOIP. While there was disagreement over details, there was broad consensus that IP was going to be the mechanism for most end-to-end carriage.

Less time, about 15 minutes, was spent discussing the IPv6 working group’s results (a “benchmarking document”) and recommendations, mostly punting the problems to next year starting with a joint workshop with NTIA in February. There was only time for one comment, from Vint, before the FCC chairman spoke, after which we went on to the next topic. Vint had four rapid-fire points: (1) IPv6 is NOT a transition, but rather introduction of an additional capability; (2) there is a very real threat of a cascading NAT environment; (3) NIST should be involved in IPv6 measurement; (4) OMB should be involved in government procurement guidelines for IPv6 network services. I disagree with his first point, but the lack of government coordination and consistency is painfully clear. OMB already has an IPv6-related mandate, but there are no IPv6 support conditions on the broadband stimulus money or other sources of USG funding (IPv6 conditions on USF funding are being discussed). My bigger concern with benchmarking is that current IPv6 measurement activities send mixed signals to industry — customers are not planning since the best available data implies that carriers are not planning to deploy it in the next 18 months.

The best suggestion I have heard so far (from Geoff Huston) is for the FCC to ask of its own constituency to publish their 24-month IPv6 deployment objectives so that current and potential customers of their services are aware of their plans, and then in 18 months ask the same set of to folks publish their actual IPv6 deployment achievements and what their objectives are for the ensuing 24 months. This recommendation would be consistent with the FCC’s “transparency and disclosure” approach to other issues. But there was no time to discuss IPv6 at this meeting, maybe next time. Hopefully I will have some results to report from CAIDA’s IPv6 growth scenario computational modeling study.

We agreed to narrow the set of TAC study topics for 2012 to three: IPv6; the PSTN transition; and receiver standards to support sharing. Next meeting in March 2012.

On July 13, 2011, a workshop of economists was convened at the Federal Communications Commission to discuss certain economic issues of AT&T’s proposed acquisition of T-Mobile. The workshop was divided into two panels. The first, on Market Definition and Unilateral and Coordinated Effects, included the following panelists: representing the Applicants from Compass Lexecon, Dennis Carlton, Robert Willig, and Mark Israel. Representing Sprint from Charles River Associates were Steven Salop, Serge Moresi, and Craig Romaine.

Participating in the second panel, which discussed Efficiencies, the But-For World, and Exclusionary Effects/Raising Rivals’ Costs, were the following panelists: representing the Applicants from Compass Lexecon, Dennis Carlton, Robert Willig, and Mark Israel. Representing Sprint from Charles River Associates were Steven Salop, Stanley Besen, and John Woodbury.

When it is available, the transcript of the workshop will be provided for review by individuals with access to highly confidential and confidential information.

http://fjallfoss.fcc.gov/ecfs/document/view?id=7021692592

But equally eye-opening is the economic consulting firm AT&T is using — the same one ICANN used to “study” whether gTLD expansion would benefit consumers. Unlike this transcript, that study I was actually allowed to read, so I and many others learned how dishonest it was. It is not clear who will learn about “certain economic issues of AT&T’s proposed acquisition of T-Mobile”…

It strangely reminds me of CCIED’s spam value chain study which revealed “the first strong evidence of payment bottlenecks in the spam value chain; 95% of spam-advertised pharmaceutical, replica and software products are monetized using merchant services from just a handful of banks.” This shared-economist coincidence might be evidence of similar bottlenecks in economic policy development, due to too few neutral economists capable of generating sensible policy recommendations. Like most “independent” pharmaceutical researchers, most economists seem to be on the receiving end of funding from organizations who stand to gain financially from their research generating a certain result.

Policy making has become predominated by sponsored research, politics, campaign contributions and rhetoric. In light of an apparent disinterest for the facts it comes as no surprise that the network neutrality debate highlights opposing perceptions about the impact from changes in the next generation Internet. Regrettably no unbiased fact finding appears readily available, because politicization at the FCC prevents fair minded assessment by the Democratic and Republican Commissioners and heretofore the conflict has not generated a question of law or fact reviewable by a court.
— Rob Frieden: Internet 3.0: Identifying Problems and Solutions to the Network Neutrality Debate, 2007.

in June I participated on a panel on network neutrality hosted at the June cybersecurity meeting of the DHS/SRI Infosec Technology Transition Council (ITTC), where “experts and leaders from the government, private, financial, IT, venture capitalist, and academia and science sectors come together to address the problem of identity theft and related criminal activity on the Internet.” Here is a belated recap of my thoughts on that panel, including what network neutrality has to do with cybersecurity.

Many academics have gotten a lot of mileage (publications, funding, tenure) out of spreading the “network neutrality” meme since law professor Timothy Wu introduced the term in a 2003 paper in the University of Colorado’s law journal. I find the meme and its surrounding literature represent a weak substitute for public policy research based on real data from real networks. (An allegation that could equally be directed at other sub-disciplines of Internet science, and for the same reasons.)

The success of the meme is also symptomatic of a post-traumatic stress response to the death of a similar meme with far higher stature and longevity — common carriage, the demise of which Eli Noam predicted way back in 1994. His paper accurately predicted that the success and ubiquity of networks and the increasing convergence of communications and computing — and competition — would (did) lead to the death of common carriage in the industry.

There is plenty of blame to spread around. You can blame the government for improper oversight. You can blame the private sector for lobbying/bribing the government not to do proper oversight. You can blame failure of consumers to understand the issues. (Sound like the sub-prime mortgage crisis yet?) With enough money, you can, and many did, weight disproportionate attention to blaming various factors that are not you. But what is under the (generally proprietary) hood of all network neutrality controversy is simple: the economics of building and operating sustainable packet-switched networks in the 21st century. Not coincidentally, economic considerations are also at the root of most of our cybersecurity problems, or more precisely of our failures to make progress on them.

One point on which I disagreed with other panelists (and others who fondly recall when we had 3,000+ DSL providers in the early 90′s) was about whether network neutrality was merely about the lack of competition for broadband access. The history of common carriage, analyzed in detail by academic scholars Andrew Odlyzko and Susan Crawford, reveals that vertically integrated industries (i.e, a single company owns the infrastructure carries services on top of it) have tremendous incentives to discriminate, even when competition exists. For the Internet, the implication is that while re-establishing competitive access to fiber (layer one) is necessary, it is not sufficient — society still needs a mechanism (not just policy) to guarantee non-discriminatory access.

It used to be that non-discriminatory access to (what were termed) essential facilities was a universal good of any network intended for public use, not just communication networks: railroads, canals, roads — it goes way back. It was also a fundamental tenet of the 1996 Telecommunications Act, which although entertaining the notion that layer one (fiber, conduit, “tubes”, “facilities”) might not always be a natural monopoly, at least temporarily required non-discriminatory access to facilities, while facilities-based competition was (ostensibly expected) to develop. And indeed, for while in the early 90s we had (not facilities-based) competition.

But the 1996 Telecom Act was so poorly written that its only reliable ramification was wealth transfers to lawyers and lobbyists, as industry and government spent several years suing each other over its interpretation, and industry lobbyists spent many millions of dollars convincing receptive courts and the FCC to remove these obligations to provide non-discriminatory access. Although considered by many to be an inflection point, the Brand-X decision was more of an evolutionary step in the long trajectory away from open access to such essential facilities in the United States.

In essence, the [Federal Communications] Commission has shifted from the notion that non-discriminatory access to general-purpose communications networks is always necessary because of their public-ness and the spillover effects they create (non-discrimination presumption) to the idea that non-discriminatory requirements are only necessary where firms have monopoly power (discrimination presumption). It is on this “monopoly” rationale, and on the basis of its belief that the market for high-speed Internet access is competitive, that the Commission has gradually lifted non-discrimination obligations from providers of high-speed Internet access.
— Susan Crawford, Transporting Communications, 2009

So the FCC, and the surrounding regulatory apparatus, came to believe that non-discriminatory access was no longer a universal requirement, but only an issue in need of oversight in situations lacking competition. But it was exactly the non-discriminatory access requirement that enabled the competition in broadband access in the first place (and also enabled the Internet), and when the non-discriminatory access requirement went away, so did the competition. Unfortunately for consumers, for the rest of the decade the FCC also continued to embrace the belief that we had competition. Although they have recently recognized the need for a reality check on both of these beliefs, they have not yet outwardly admitted that they are simply not true. Instead their strategy seems to be to back themselves into a corner while struggling to operationalize this fundamentally broken network neutrality meme.

As in the financial (and many other IT-related sectors, which is most sectors by now) it is not too hard to convince congressmen that technology is moving so fast that the government could not possibly understand enough to design, implement and execute enlightened regulation of it. Ironically, the underlying network and routing protocols under the hood of the Internet have not fundamentally changed in decades.

My three concluding recommendations related to network neutrality were not original, and both also apply to persistently unsolvable cybersecurity problems, since what network neutrality and cybersecurity have most in common is the lack of available empirical data on operational networks driving policy discourse. First, as S&T Division Director Doug Maughan has long and tirelessly argued, we must educate the lawyers. (Former FCC chairman Michael Powell has also suggested restructuring the FCC to have a much smaller fraction of them..)

Second, as fellow panelist Rob Frieden has long argued, the FCC should require more meaningful disclosure related to network management practices, performance characteristics, and terms and conditions of their broadband services. The gaping and unavoidable loophole of the FCC’s proposed network neutrality framework is that differential treatment of traffic based on content must only be allowed for “reasonable network management”, which includes anything related to security, a blithely moving and necessarily subjective target.

But it is precisely because the government is in no position to define and enforce “reasonable network management”, that the endgame must be that carriers do not have financial interest in the content of what they’re carrying — the same conditions that made the Internet possible. So my third recommendation is also a prediction — we must replace this broken unit of policy discourse with a more demonstrably productive one. The network neutrality meme is in the process of costing us another decade of empirically grounded debate, and it will ultimately fail to accomplish its own objective: non-discriminatory access to the infrastructure. The real solution, as history repeatedly has taught us with other critical infrastructures, is to structure (architect, regulate) the industry to financially separate the pipe owner from the providers delivering services over it. Pipe owners must not be able to monetize the semantics of the bits by design As the other panelists and other realists would assure you, structural separation is unlikey to happen in this country in the foreseeable future. Even non-discriminatory (“open”) access requirements will be hard to recover, despite the fact that in all countries with much higher penetration or much higher bandwidth to the home, such open access requirements exist. The structural separation meme has not yet really begun to spread, but history suggests it is merely a matter of time.