Feeds

Meltdown ahoy!: Net king returns to save the interwebs

Cometh the hour. Cometh the Van. Again

3 Big data security analytics techniques

When Michael Jackson killed the internet

TCP/IP is a "success" because it provided a ubiquitous communications infrastructure where anything can talk to anything. It's a "disaster" because TCP/IP is not built to handle today's wealth of data, unlimited numbers of users, or mobile computing. TCP/IP comes from a world of a few, fixed PCs used by lots of users processing a relatively small quantity of data. As such, TCP/IP connects one endpoint to another using a stable, known IP address.

This is a "conversational" model borrowed from the phone system, where the endpoints are trusted and known. According to Jacobson, the problem is that people on the net aren't having "conversations" — despite what the Web 2.0 crowd say. Ninety-nine per cent of traffic is for named chunks of data — or content. People are downloading web pages or emails.

TCP/IP was not built to know what content people want, just to set up the conversation between the endpoints and to secure those connections. That's a problem because people can — and do — flock to the same servers to watch exactly the same video or get the same piece of information, and proceed to overload sections of the network and take sites down.

Switchboard operator

Connecting conversations: not the way today's web works

In the past, Jacobson has cited the example of an NBC network server severely congested with requests for 6,000 copies of the same piece of video from one year's Winter Olympics of US downhill-skiing medal winner Bodie Miller storming to victory. Everybody wanted the same video, but the NBC router had no idea. It thought it was handling 6,000 different conversations not 6,000 requests for exactly the same piece of content.

More recently, in the summer of 2009, we saw the same effect when Google News, TMZ, Twitter, the LA Times, and other sites all slowed down or failed as people rushed the web to find out about one big event: the death of Michael Jackson. CNN claimed a fivefold rise in traffic in just over an hour, receiving 20 million page views in the hour the story broke.

Network overload isn't the only problem. Privacy is an issue too. Over on sites like Facebook, as you post content, you're offered such broad disclosure options that they really provide very little control. Your choices are friends, friends and acquaintances, or world + dog. These are not very accommodating if you want to broadcast, on a case-by-case basis, specific content to only a select group of people — such as a video of your toddler walking meant for the grandparents, maybe a post about yourself wearing your airline's uniform in an out-of-work context, or just share your contact details.

YouTube is similar. You can upload your video, but if you want only selected people to see it, then you have to make sure the recipients have a YouTube account — which suits YouTube's owner Google because it wants to serve more ads to as many people as possible. Otherwise, you can upload your videos to YouTube's "unlisted category", which won't put your video in YouTube's search results, but it does mean your video can be shared by anyone who happens to come across it. And I do mean anyone.

"We have these wonderful, useful web services like Twitter and Facebook and YouTube, but by their nature you got to make a lot of privacy compromises because they are aggregating the content in one place to distribute it," Van Jacobson told us. "That's because the architecture doesn't solve scalable content distribution."

Research dead end

One way around this is to broadcast that video of the kids to the grandparents, but then the ISP would shut you down for file-sharing. "The only way I can do that is to upload the videos to YouTube, but then I have to work in their business model and their privacy mode. I'd like to encrypt them and hand out the keys to the people," he said.

Another problem in the TCP/IP world is that hackers and spammers get a foot in the door. You may well be getting a secure TCP/IP packet signed by your bank's web site, but what if the site's been compromised and that packet you're downloading contains a worm or a keystroke logger as we speak? TCP/IP doesn't know, because it doesn't know what the content is.

Jacobson reckons that network research in the US has failed to keep pace with any of this. Since the middle of the last decade, network research has been stuck in a dead end when this should be a wonderful time thanks to ubiquitous wireless and phones, and a wealth of information available and retrievable through things such as Google indexing.

3 Big data security analytics techniques

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.