Vviewpoints
DOI: 10.1145/2184319.2184332
privacy and security
security of the Internet and
the Known Unknowns
The Internet Is not secure. The fundamental mechan- icsofthe Internethavewell- known and long-standing security issues that occasionally disrupt it. This is usually an
accident and mostly caused by human
error, but it is speculated that by exploiting the openness and trust on
which the Internet is built, “bad people” could build a “cyber nuke” to take
down the network. Serious as these
security issues appear to be, they have
not apparently created any serious
problems thus far. Does this mean
we have simply been lucky, or are the
issues more theoretical than actual?
blaCk Hole IMaGe by sGaMe/sHutterstoCk. CoM
When we think about the Internet,
we tend to think about the equipment
and the protocols—the technology
that makes it all work. But the Inter-
net is a many-layered system that de-
pends not only on technology, but
also on people, coffee, and money.
The equipment and protocols are the
network layer. Each network in the
Internet has a Network Operation
Center (NOC) that monitors its own
network and its connections to oth-
er networks, responds to incidents
when they occur, and continually
strives to maintain acceptable levels
of service and reliability, at an accept-
able cost. Each NOC acts indepen-
dently and interacts with other NOCs,
collectively forming the operational
layer—people and coffee. Every net-
work operator makes their own com-
mercial decisions, forming the com-
mercial and economic layer(s), driven
by money. Finally, there is the policy
or regulatory layer, which sets the
context in which all networks oper-
ate. Each layer is a complex system in
its own right, and each one plays its
part in the security and reliability of
the Internet. Consider, for example,
the Border Gateway Protocol (BGP), a
key component of the network layer.
Layers of Complexity
The essence of the Internet is that
every network is able to reach every
other network. The routing informa-
tion that each network needs is dis-
tributed across the Internet by BGP.
Unfortunately, BGP is not secure. BGP
will happily distribute invalid rout-
ing information, and offers no way to
distinguish valid from invalid routes.
Every now and then, some network ad-
ministrator somewhere makes a small
mistake that generates bogus routing
information that BGP blindly accepts
and relays across the Internet. The ef-
fect of such a “route leak” is that data
