Last month (23 March) I was on an NTIA panel at the Department of Commerce, to recommend conditions on this broadband stimulus money, aka arm wrestling between companies. Gigi covers it in her blog; today was the deadline to finish my recommendations to DOC and NTIA:
[this thread on transfers is too painful to watch. here’s my take.]
Even if turning IP addresses into private property is the best policy decision of those available (which is far from demonstrated, since so little rigorous research of this question has actually occurred), executing such a policy by Board fiat while ARIN itself has no leadership is guaranteed to generate severe dissonance with ARIN’s organizational mission which includes forging public legitimacy entirely from its transparent, open processes.
Update: In May 2015, ownership of Spoofer transferred from MIT to CAIDA
We are studying an empirical Internet question central to its security, stability, and sustainability: how many networks allow packets with spoofed (fake) IP addresses to leave their network destined for the global Internet? In collaboration with MIT, we have designed an experiment that enables the most rigorous analysis of the prevalence of IP spoofing thus far, and we need your help running a measurement to support this study.
This week Rob Beverly finally announced to nanog an update to spoofer he’s been working on for a few months. Spoofer is one of the coolest Internet measurement tool we’ve seen in a long time — especially now that he is using Ark nodes as receivers (of spoofed and non-spoofed packets), giving him 20X more path coverage than he could get with a single receiver at MIT.
[drafted this entry a few months ago but have been reluctant to post because it’s incomplete. but after reading about the ARIN Board’s emergency proposal last week to create IPv4 address markets, variations of which have already been approved in European (RIPE) and Asia-Pacific (APNIC) IP address policy communities, i decided it’s complete enough. -k.]
A few policy questions on which the RIR-community should funnel address-registration tax dollars into peer-reviewed research:
I get this question as often as I get any question about the Internet. finally, a visiting intern Mia Zhang from Beijing Jiaotung University has done a thorough literature roundup, extracting the best available data pertinent to this question that she could find in the public domain.
I was delighted to see Sid Faber and Tim Shimeall co-teaching a “Network situational awareness” course at Carnegie-Mellon University last semester, using DatCat and DITL data, they even put the class projects online. Not only did some of the students use DITL data (contributed by Japanese academics), as well as Internet2’s netflow data, but they used DatCat to find both data sets. To quote Sid,
“About three weeks into the class, we finally got across one of the key features to the students: we were looking at how things really work on the internet, not just a theoretical discussion of RFCs. The data sets were invaluable, but we had challenges dealing with anonymization, sampling, and the overall volume of the data sets — kind of understandable for the first offering of the course.”
As a follow-up to the recent press flurry about Dima’s routing research, Voice of San Diego interviewed us for several hours last week, and no doubt spent twice that time focused on trying to get a complex story mostly right. Hyperbolic headlines notwithstanding, the journalist who interviewed us, David Washburn, did an outstanding job of fact-checking and making sure he accurately represented our views. If this is the future of journalism, I’m not the least bit worried about the death of 20th century journalism models. The real fourth estate is in good hands.
Last month I submitted two proposals to the National Cyber Leap Year call for input from the U.S. Networking Information Technology Research and Development (NITRD) Program. I submitted two ideas, the International Bureau of Internet Statistics, and Cooperative Measurement and Modeling of Open Networked Systems (COMMONS, a two-year old idea). The Bureau of Internet Statistics still strikes some as batty, but over the holidays I caught up on some panicky OECD state-of-malware-landscape papers on how uninformed we are and how little data we have, while the only concrete recommendation in the “ITU’s study on the financial aspects of network security: malware and spam” report was
Although the financial aspects of malware and spam are increasingly documented, serious gaps and inconsistencies exist in the available information. This sketchy information base also complicates finding meaningful and effective responses. For this reason, more systematic efforts to gather more reliable information would be highly desirable.
I’ve written before about the growing consensus among experts that the Internet’s underlying communications routing algorithms are fundamentally unscalable, so I am delighted to have CAIDA’s routing research group led by Dima Krioukov achieve some fundamental routing research results worth extensive media coverage. We have not solved the Internet’s routing scalability problem, but these recent discoveries will help that cause.
In November 2008 I had the honor of being invited to speak at the Chilean Computer Science Society Annual Meeting, this year at the Universidad de Magallanes in Punta Arenas, Chile. I followed a colleague who has been visiting CAIDA for the last two years, Sebastian Castro, back to his sponsoring institution, NIC Chile. We started out with an interesting meeting with a core of technical folk where I learned about the activities of NIC Chile’s recently established research arm (NIC Labs). We exchanged valuable information on the common (and less common) challenges of doing successful research in our respective environments.