Title: Danny Hillis: The Internet could crash. We need a Plan B
Publish Date: Mar 2013
Description: In the 1970s and 1980s, a generous spirit suffused the internet, whose users were few and far between. But today, the net is ubiquitous, connecting billions of people, machines and essential pieces of infrastructure -- leaving us vulnerable to cyber-attack or meltdown. Internet pioneer Danny Hillis argues that the Internet wasn't designed for this kind of scale, and sounds a clarion call for us to develop a Plan B: a parallel system to fall back on should -- or when -- the Internet crashes.
Views: 2067
Total Comment:1 Total Replies:0
Time Transcript Action
00:00:17 this book that i have in my hand is a directory of everybody who haven't email
00:00:22 address
00:00:23 in nineteen eighty two (1982)
00:00:27 actually is is deceptively large
00:00:30 there's actually only about twenty people on each page
00:00:33 because we have the name of your essential for a number of every single
00:00:37 person
00:00:38 and and fact everybody's listed twice because it sorted of once by name in once
00:00:42 by email address
00:00:45 um... obviously a very small community
00:00:48 uh... there were only two other danny's on the internet then
00:00:51 i knew them both
00:00:53 we didn't all-knowing each other but
00:00:55 we all kind of trust with each other
00:00:58 and that basic feeling of trust
00:01:02 sort of permeated the whole network
00:01:04 and there was a real sense that
00:01:07 we depend on each other to do things
00:01:09 so uh... just to give you an idea of the level of trust in this community let me
00:01:13 i tell you what it was like to
00:01:16 register our domain name in the early days
00:01:19 now it
00:01:20 just so happened that i got to register the third domain name on the internet
00:01:24 so i could do anything i wanted to other than bbn dot com in symbolic dot com
00:01:28 so
00:01:30 i pick
00:01:31 think dot com
00:01:33 but then i thought that there's a lot of really interesting names out there
00:01:36 maybe i should register few extras just
00:01:39 just in case
00:01:41 and then i thought
00:01:42 naaah that wouldn't be very nice
00:01:50 that added to the only taking what you needed was really
00:01:55 what everybody have on the network nowadays and in fact it wasn't just the
00:01:59 people on the network
00:02:01 that was actually kind of bills into the protocols and of the internet itself
00:02:05 so the basic idea of IP, internet protocol
00:02:09 and the way the thought of the routing algorithm that used it
00:02:13 where fundamentally from each according
00:02:16 to their ability to each according to their need
00:02:19 and so
00:02:20 if you had some extra bandwidth you deliver a message for someone if they
00:02:24 had some extra bandwidth they would deliver a message for you
00:02:27 because depend on people who do that and that was
00:02:30 that was a sort of building block through the ashes interesting in such a
00:02:33 communist principal was the basis of the system developed during the cold war by
00:02:36 the defense department
00:02:40 but it obviously worked really well
00:02:42 and
00:02:43 we also or solve what happened with the internet is incredibly successful
00:02:47 in fact
00:02:49 it was so successful but there's no way that
00:02:52 these days you can make a book like this
00:02:54 uh... I've
00:02:56 my rough calculation is that would be about twenty five miles thick
00:03:00 but of course you couldn't do it because we don't know the names of all the
00:03:03 people of america with
00:03:05 internet or email addresses
00:03:07 and even if we did know their names i'm pretty sure that they would not want
00:03:10 their name address and telephone number
00:03:13 published everyone
00:03:15 so the fact is that there's a lot of bad guys on the internet these days
00:03:20 so we've dealt with that by making
00:03:23 kind of wall communities along
00:03:26 secure subnetwork
00:03:28 VPN's little things that are really the internet but made out of the same
00:03:32 building blocks
00:03:33 but we're still basically building out of the same
00:03:36 building blocks with those same assumptions of trust
00:03:40 and uh... that means that is vulnerable to a certain kinds of mistakes that can
00:03:44 happen
00:03:44 or certain kinds of delivered a tax but
00:03:47 even the mistakes have been have it can be bad so
00:03:50 uh... for instance uh... in all of asia recently
00:03:55 it's impossible to get Youtube for a little while
00:03:58 because pakistan made some mistakes and it was censoring Youtube
00:04:02 in it's internal network
00:04:04 they didn't intend to screw up asia
00:04:06 but they did because of those of the way that the protocols work
00:04:10 uh... another example but may have affected many of you in this audiences
00:04:13 you may remember how a couple of years ago all the plane's west of the
00:04:17 mississippi were grounded
00:04:19 because of single routing core in salt lake city
00:04:22 got a bug in it
00:04:24 you know really think that
00:04:27 airplane system depends on the internet and sometimes it does it'll come back to
00:04:31 that later
00:04:32 but the fact is that people couldn't take off because
00:04:35 something's going wrong on the internet and router was down
00:04:39 and so
00:04:40 the many of those things that stood up and out
00:04:43 it wasn't just a minute happened last april
00:04:46 all the sudden
00:04:47 very large percentage of the traffic on the whole internet
00:04:50 including
00:04:52 a lot of the traffic between US military installations started uh...
00:04:55 getting rerouted through china
00:04:57 so for a few hours it'll pass through china
00:05:00 now china telecom says it was just an honest mistake
00:05:05 and it is actually possible then it was the way things it's work
00:05:09 but certainly somebody could make a dishonest mistake of that sort of thing
00:05:13 it if they wanted it to, it's shows you that how vulnerable the system is even
00:05:16 from the mistakes
00:05:17 imagine how vulnerable the system is to
00:05:20 delivered attacks
00:05:22 so if somebody really wanted to attack
00:05:24 the United States or western civilization these days they're not going to do
00:05:28 with tanks
00:05:30 that that will not succeed
00:05:32 so what they'll probably there was something very much like
00:05:36 the attack that
00:05:37 happened in the Iranian nuclear facility
00:05:40 nobody has claim credit for that
00:05:43 basically it's a factory
00:05:45 of industrial machines
00:05:46 it didn't think of itself is being on the internet it part of itself is being
00:05:49 disconnected from the internet
00:05:51 but it was possible for somebody to smuggle usb drive in their something
00:05:55 like that
00:05:56 and software got in there that causes the
00:05:58 centrifuges anarchist actually
00:06:01 destroyed themselves
00:06:02 now that same kind of software could destroy an oil refinery or
00:06:05 pharmaceutical factory or
00:06:07 a semiconductor plant
00:06:10 and so there's a lot of i'm sure you've read a lot of papers about worries about
00:06:13 cyber attacks in
00:06:15 defenses against us
00:06:17 but the fact is people mostly focused on the filming the computers on the internet
00:06:21 who's been surprisingly little attention to defending the internet itself as a
00:06:26 communications media
00:06:28 and i think we probably do need to pay some more attention to that because it
00:06:32 is kind of fragile
00:06:33 so actually in the days in the early days back when it was Arpanet
00:06:38 they're actually time, at a particular time when it failed completely
00:06:42 because of one single
00:06:43 uh... message processor
00:06:45 actually got a bug in it
00:06:48 and the way the internet works is
00:06:50 the routers are a bit are basically exchanging information about
00:06:54 how they can get messages surpluses
00:06:56 and this one processor
00:06:57 because of a are broken core decided it could actually get in
00:07:01 a message to someplace in negative time
00:07:04 so in other words it claimed it could deliver a message before you sent it
00:07:08 so of course
00:07:10 the fastest way to get a message anywhere was to send it to this guy
00:07:14 send it back in time and get it there super early
00:07:17 so every
00:07:18 every message in the internet started getting
00:07:21 switch through this one node of course they plug everything up everything start to
00:07:25 breaking
00:07:27 the interesting thing was though
00:07:29 that this is a men's able to fix it, but
00:07:31 they were they had a basically turned every single thing on the internet off
00:07:35 of course you couldn't do that today i mean that everything office like
00:07:39 you know the service called you get from the cable company except for the whole
00:07:42 world
00:07:45 now in fact they could do for a lot of reasons today one of the reasons of a
00:07:48 lot of the telephones
00:07:50 use IP protocol and new things like Skype and so on the go through the
00:07:53 Internet right now
00:07:55 and sometimes from becoming the
00:07:56 depending on it
00:07:58 from more and more in different things like
00:08:01 when you take off from LAX, you really not thinking of using the internet
00:08:05 when you pump gas, you really don't think you using the internet
00:08:09 but what's happening increasingly though is the systems are beginning to use the
00:08:12 internet
00:08:13 most of them are based
00:08:15 on the internet yet but they starting to use the internet for service functions for
00:08:18 administrative functions
00:08:20 and so if you take something like
00:08:22 the cell phone system which is still relatively independent of the internet
00:08:26 for the most part
00:08:28 internet pieces of beginning sneak into it
00:08:31 in terms of some of the control
00:08:33 an administrative functions and some attempting to use the same building
00:08:36 blocks because they work so well but cheap
00:08:39 the repeated and so on so all of our systems more and more
00:08:43 assigned to use the same technologies or depend on this technology
00:08:47 and so even a modern rocket ship these days actually uses
00:08:50 internet protocol to talk from one end of the rocket ship to the other
00:08:54 and that's crazy, it was never designed to do things like that
00:08:58 so, we built the system
00:09:01 where we understand all the parts of it but we're using it in a very very different
00:09:05 way than we expected to use it
00:09:07 and it's gotten very very different scale when it was assigned for
00:09:11 and in fact nobody really exactly understands all the things that's being
00:09:15 used for but now
00:09:17 is turning into a news big emergent systems like the financial system
00:09:21 but we have design all the parts but nobody really exactly understands
00:09:25 how it operates and all the little details of the group what kinds of emergent
00:09:29 behaviors that can have
00:09:31 and so, if you hear an expert talking about the internet and
00:09:35 so that you can do this and does do this, it will do that
00:09:37 you should treat it with the same skepticism that you might
00:09:41 treat the comments of a columnist about the economy or whether men about the weather
00:09:45 or something like that they believe they have
00:09:47 and informed opinion
00:09:49 that's changing so quickly that even the experts don't know exactly what's going
00:09:52 on
00:09:53 so if you see one of these maps of the internet
00:09:56 it's just somebody's guess, nobody really knows what the internet is right now because
00:10:00 different than it was from an hour ago, constantly changing, constantly
00:10:04 reconfiguring
00:10:05 and the problem was it is, i think
00:10:08 we're setting ourselves up for current disaster like the disaster we had the
00:10:11 financial system
00:10:13 for we take a system that's basically
00:10:15 bit built on trust
00:10:18 was basically built for or smaller scale system and we plan expanded that way
00:10:22 beyond the limits on how it means to operate
00:10:25 and so right now i think literally true
00:10:29 that we don't know what the consequences of an effective denial of service attack
00:10:35 on the internet would be
00:10:36 from whatever it would be is going to be worse next year or more next year and
00:10:39 so on so what we need
00:10:41 is a Plan_B
00:10:42 there is no Plan_B right now there's no
00:10:45 clear backup system that would very carefully cap to be independent of the
00:10:48 internet may not completely different sets of
00:10:51 building blocks
00:10:53 so what we need is something that
00:10:55 doesn't necessarily have to have the
00:10:57 performance of the internet but the police department has to be able to call
00:11:00 the fire department even without the internet, or the hospitals have to
00:11:03 order fuel
00:11:05 this does not need to be a multi-billion-dollar
00:11:08 government project
00:11:09 actually relatively simple to do technically because they can use
00:11:14 existing fibers that are in the ground existing wireless infrastructure
00:11:18 it's basically a matter of deciding to do it
00:11:21 is it want or people won't decide to do it until it becomes recognized the need for
00:11:25 and that's the problem that we have right now so this
00:11:28 they plenty of people
00:11:30 plenty has it been
00:11:31 quietly kind of arguing that we should have this independent system for
00:11:35 years that's very hard to get people focused on Plan_B when Plan_A
00:11:39 seems to be working
00:11:41 so well
00:11:43 so i think that
00:11:45 if people understand how much they're we're starting to depend on the internet
00:11:49 and how vulnarable it's
00:11:51 we could get focused on
00:11:53 just wanting this other system to exists
00:11:56 i think if enough people so yeah i would like
00:11:58 to use that i'd like to have such a system in
00:12:01 it it could it build so it's not that hard a problem
00:12:04 it definitely be done by people in this room
00:12:07 and so i think that this is actually
00:12:11 all the problems we gonna hear about
00:12:13 at the conference this is a probably one of the very easiest to face
00:12:18 so i'm happy to have a good chance of tell you about it, thank you very much