Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
The Internet Education Security

UCB, USC To Build (And Hack) A Model Internet 218

Posted by timothy from the smaller-scale dept.
darksoulz writes "Associated Press stories from TheKansasCityChannel.com and TheChamplainChannel.com have an interesting report today. It appears that the U.S. Government has given a $5.5 million grant to the University of California, Berkley and the University of Southern California so that they can build a model of the internet, so they can hack it. They are trying to find better defenses against hacking, without breaking the real Internet. The first phase is scheduled to be completed by February."
This discussion has been archived. No new comments can be posted.

UCB, USC To Build (And Hack) A Model Internet More

UCB, USC To Build (And Hack) A Model Internet

Comments Filter:
  • someone's gonna get a shiny new network outta this
  • Man, we already know what came out of Berkeley before is a resounding success (see here [freebsd.org]). Is it time to have a stillborn?

    (dammit, it's supposed to be a joke and I'm just not funny today. grrr.)

  • Good (Score:5, Interesting)

    by delirium28 ( 641609 ) on Wednesday November 05, 2003 @11:39AM (#7396593) Journal
    This is an intersting approach, but if they keep this a "closed system" (i.e. a hidden internet), then how much real "hacking" can they expect? Are they going to use honeypot data? Will they expose this system externally for real "hackers" to play with? Just my $0.02 worth.

    • Re:Good (Score:2, Insightful)

      by Tin Foil Hat ( 705308 )
      Will they expose this system externally for real "hackers" to play with?

      If they do, I'm sure slashdot will be more than happy to help with stress testing.

      • Re:Good (Score:3, Insightful)

        by Rick the Red ( 307103 )
        It can't be a proper model of the internet unless it contains its own Slashdot, complete with the Slashdot Effect.

        Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar!

        • Re:Good (Score:3, Funny)

          by bhtooefr ( 649901 )
          And then, the simulated /. will announce that a simulation of the simulation has been announced, and it will have a simulated /., which will announce that a simulation of the simulation of the simulation has been announced, and it will...

        • ROBOT! (Score:2)

          by e2d2 ( 115622 )

          Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar

          I'M ON TO YOU ROBOT! You may think we don't know that you are actually the computer you speak of but some of us have tinfoil hats and a keen sense of smell.

        • It can't be a proper model of the internet unless it contains its own Slashdot, complete with the Slashdot Effect.

          Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar!

          But really, we're all here and just hooked into the simulated /. thinking it's real /. while they use our meat-bodies for energy ..

    • Re:Good (Score:5, Insightful)

      by Anonymous Coward on Wednesday November 05, 2003 @12:00PM (#7396831)
      I think the real point here is to make a testbed where they can unleash worms and then try different techniques to try and trace, contain, stop, and prevent them. Not to actually attract hackers. They will be the hackers, do the hacking, etc. Also to play with DDOS attacks and whatnot, without saturating any existing networks. I think the operative term is hacking a model 'internet' not a machine on the internet.
      • "I think the operative term is hacking a model 'internet' not a machine on the internet."

        Ah, machines > 1. Cute idea, be interesting to see how it scales up against the real one.

        Particularly the increasing quantity of worm 'noise'.

      • Re:Good (Score:2, Interesting)

        by h8macs ( 301553 )
        How much 'actual' good data will this contain? Sounds more like a money funnel to me.

        They are smart collegians mind you, however the wild spawns the actual entity they are trying to catch. Distributed honeypot net would be more effective in my opinion.

        They will not have the same results.

      • It's "cracking", not "hacking", dammit!
        I expect this from mainstream media, but not here.
      • It's not just a problem of not saturating the real net - there are some things that are just too nasty to risk having them escape, so you need somewhere isolated to run them. That doesn't mean that you can't build observation ports in from the outside, but you have to be really careful about firewalling them so they don't leak whatever viruses you're playing with this week onto the real net.

        If they build a shub-Internet it won't have the same scaling as the real thing, but they can at least model lots of

    • Re:Good (Score:2, Informative)

      by Anonymous Coward
      More info can be found here [isi.edu] on the USC Information Sciences Institute website
    • They've already had honeypots in locked rooms for a couple of years at USC
    • This is an intersting approach, but if they keep this a "closed system" (i.e. a hidden internet), then how much real "hacking" can they expect?

      Well, not much, but I doubt the government realizes this. If they exposed it to real hackers, it would no longer be a "closed" system, now would it?

      I think the problem is that the few threads of trust that once existed between the authorities and true hackers is gone now. If they invited the world's best hackers to come to Berkeley to participate in their litt

  • Watch for the lawsuits now (Score:2, Funny)

    by Anonymous Coward
    Watch for someone to sue these guys under DMCA and government hacking laws because they create their own net and hack it.

    (Just like you'll have a few lawyers salivating over the lawsuits if someone creates their own copy protection method for CD's and cracks it during testing. DMCA!!! DMCA!!!)

  • Wow (Score:1)

    by beady ( 710116 )
    How useful it was to have two completely unique articles, both of which shed light on the issue in a completely different way to the other...

  • Weak Article (Score:1, Insightful)

    by Anonymous Coward
    The articles (which are identical) don't go too much into details. What exactly are they doing that is going to cost $5.5 million dollars? Are they planning on making it a coast to coast thing? Isn't the internet just a big ass network?

  • Are they doing the FULL internet here? (Score:5, Funny)

    by paroneayea ( 642895 ) on Wednesday November 05, 2003 @11:42AM (#7396634) Homepage
    I mean, will sixty percent of it be model porn?

  • Tin foil hat or not? (Score:1, Insightful)

    by grub ( 11606 )

    The research is funded by the National Science Foundation and the Department of Homeland Security.

    If they find fundamental flaws in the systems will they keep them secret to shore up US networks while leaving foreign networks susceptable? It could be a great tool for "cyberwarfare" against EvilDoers...
    • They could try, but considering the liberal nature of Berkely in general, it's probably doomed to failure. This is the university that gave us BSD after all, and continues to be a force in open source technology. Besides, it is actually in the government's best interest to help make the internet more secure worldwide. Attacks on computer networks in foreign countries could hurt the U.S., especially if they interfere with our interests abroad...

      Oh wait, did you say "Dept. of Homeland Security"? Aw fuck. We'

    • Re:Tin foil hat or not? (Score:4, Interesting)

      by ShinmaWa ( 449201 ) on Wednesday November 05, 2003 @12:34PM (#7397157)
      I'm absolutely positive that part of the agreement was that Berkeley could publish their findings once the project was over. If absolute secrecy was important, then it wouldn't be done at Berkeley (and it wouldn't be reported on Slashdot). Its that simple.

      Besides, in order to "shore up the US", there would need to be a lot of cooperation among the multitudes of private enterprises that actually run and maintain the network. Most of the big players in this arena are large, multinational companies that would be inclined to shore up ALL their networks, not just the ones in the US.
      • Interesting view you have of Berkeley, and publishing secrecy. Berkeley professors have been placed in tough spots before [theatlantic.com], and I don't see any reason why this would be different. Absolute secrecy may not be needed for this sort of project, but the Homeland Defense group isn't the only people concerned about publication. You can expect that any paper to be published must be sent to the Homeland Defense and the NSF groups and approved, with about six months delay, depending on the scope and severity of the di
        • Interesting view you have of Berkeley, and publishing secrecy. Berkeley professors have been placed in tough spots before [theatlantic.com], and I don't see any reason why this would be different.

          Well, this is different for a number of reasons:

          1. The article you quoted is talking about the privatization of university research and the nastiness of getting your academic research entangled with private enterprise. Neither the NSF nor the DHS are private organizations. They are federal government and they
    • "If they find fundamental flaws in the systems will they keep them secret to shore up US networks?"

      I don't think Internet Explorer is a secret anymore

  • I'll do it for 1 million (Score:5, Funny)

    by the_skywise ( 189793 ) on Wednesday November 05, 2003 @11:43AM (#7396653)
    Why do you need 5 million for that? How many computers can it possibly take? 50? 100? Let's say 100. That's $100,000 (and that's generous these days) Let's say $200,000 to lease building space and power for 2 years (also generous) and let's pay 3 professors part time, plus 10 students work study wages (Figure $50,000 per professor and $20,000 per student...$350,000)

    What do we got?
    $100,000 parts
    $200,000 space
    $350,000 labor
    --------
    $650,000

    What's the other ~5 million going for?

    Oh wait... they must need Windows licenses and full copies of Outlook to properly test the hacks...

    • Re:I'll do it for 1 million (Score:5, Funny)

      by dr_dank ( 472072 ) on Wednesday November 05, 2003 @11:47AM (#7396695) Homepage Journal
      What's the other ~5 million going for?

      Mountain Dew doesn't come cheaply, my friend....
      • It's so odd that the caffeine-shock drink originally advertized as something for very active, sexy people playing around outdoors in the mountains ended up as the mascot drink of one of the most sendentary class of professionals...

        OK, or maybe it's not so odd...
    • They're clearly trying to jumpstart the economy...via targeted "grants" to struggling IT network infrastructure companies.
    • These people should get set up with vmware, it might save them some money.

      It would definately cut down on cable wiring costs.

    • Re:I'll do it for 1 million (Score:3, Informative)

      by Anonymous Coward
      Sorry but you're pricing things according to how much they look like they'd cost to you. Not how much they'd cost to the people who are actually buying them.

      If you get paid $50,000 a year by your employer (before taxes), how much do you think you cost to your employer? $50,000? Ha. Try $100k. They play various kinds of employment taxes, insurance, maybe a bit to a personnel management company... a good rule of thumb is that you cost 2x your salary to an employer. (Plus, you're taxed again on your end
    • Wow...
      try more like 100k per tenured professor, 50k per non-tenured prof. and more along the lines of 35k per student. 20k is just what they get paid out to live on the other 15k goes toward paying off their tuition.

      you'll have 2-3 tenured prof. running the show and 4-5 non-tenured profs. working the show. With 5-6 Grad students per prof doing all the research.

      Your, labor costs are a bit more if you look at it that way. And this project will not only go 1 year... sounds more like an ongoing thing.

      later
    • they'll need exchange...IIS...
      perhaps some huge bandwidth...
      powdered donuts, guarana(beats the hell outta Mt. Dew), and (with machine to make said drink), and all the neato little geek trinkets and apparrel.

    • Re:I'll do it for 1 million (Score:1, Insightful)

      by Anonymous Coward
      To properly simulate the internet youre going to need alot more than off the shelf PC's. Youre talking Many different types of hardware, including high end enterprise stuff. Network switches of all types, from dlink home routers to mind bogglingly priced cisco stuff, and people to configure ALL of it. To do it right, youre not going to throw a grad student a cisco manual and have him learn by trial and error. Same w/ software configurations, apache to IIS to Websphere, all kinds of stuff to properly simula
    • What's the other ~5 million going for?

      Maybe routers, switches, hubs, fiber optics gear. You know, the stuff that makes it a network instead of a bunch of computers sitting on a warehouse floor.
    • What about all the time needed for the all important LAN Party "stress" test ;)
    • The $5,000,000 is for a little thing called overhead. To pay the guys in the lab where I work to do this (yep, they're upstairs) costs salaries, benefits, insurance, retirement plans, and so on. Then, add in the cut that USC and every other middleman takes and you're left without too much cash. Labor is the big cost. A dozen G5's to tinker with? Don't bother getting a discount. Need a digital video camera to put "content" on your intranet? Here's $3,000. And so on...

  • um? (Score:1)

    by jdoe407 ( 651709 )
    How the hell would you make a 'model' of the internet. It's just a bunch of linked up servers, is it not? Hell, just run all the services on the same box and 'hack' it remotely or locally... I don't see where the 5.5 million comes into play unless they are going to make a 'model' of a big lanparty...

  • Sheesh (Score:2, Funny)

    by ItWasThem ( 458689 )
    So basically they just spent $5.5 million built the worlds most expensive intranet? Man with that kind of money I would've rather had the government buy 2 more toilet seats.
  • Since Internet is quite a proper name nowadays I wouldn't call it "model of the internet". It's just a simple WAN intended as a test-bed for various incidents which can happen on the Internet.
  • how do they think they'll reproduce the Internet's first characteristics : diversity, with a budget that might at most buy them 10000 computers ?
  • That smell is REWARD [slashdot.org]!

    $250,000 = lifetime supply of cheetoes and pr0n!

  • In ten years... (Score:5, Insightful)

    by sandbenders ( 301132 ) on Wednesday November 05, 2003 @11:48AM (#7396702) Homepage
    In ten years everyone will wonder why USC and Berkley produced all of the decade's best crackers. This project will result in three things:

    1. Good dissertations for CS PhDs.
    2. More secure software, which will rarely be implemented and even more rarely be implemented well.
    3. A whole bunch of research assistants who think they are l33t h4x0rs. And some of them will be right.

    • Re:In ten years... (Score:2, Interesting)

      by cheekyboy ( 598084 )
      What you need is a real virus writer to join the Uni and join this program. Then he can 'sim' a new worm that is smart to avoid blocks and firewalls.

  • A "model" of the internet? Are they referring to an electronic model of the physical structure? A very large LAN? $5.5 mil will buy a lot of hardware.

    Me thinks this will pay for $500k worth of cisco gear and workstations for the modem, and $5 mil worth of 'testing labor'?
  • Didn't we discuss this the other day???

  • PLEASE oh please oh please! (Score:3, Funny)

    by MoxCamel ( 20484 ) on Wednesday November 05, 2003 @11:49AM (#7396723)
    I want on that internet! This one sucks, please oh please for the sake of all that is good and fermented, let me off this one! :)
  • What made them pick those schools to do this? Did they do a survey or check for a high quantity of hackers in those schools? They should just open it publicly and let people take trys at it and submit logs of what they did. "Open-Source Internet"
  • It's Berkeley. Cripes.
  • I wonder how they will be going around to simulate the current p2p and other activity on it...

  • Questions remain (Score:4, Interesting)

    by bwaynef ( 692229 ) on Wednesday November 05, 2003 @11:55AM (#7396770) Journal
    I think this is a straight-forward approach but there are problems that need to be addressed.

    • How will they implement the latencies and delays that commonly befall the internet.
    • Where will the millions of unique traffic-data originate.
    • How will they mimic the different styles of hacking.

    It would be interesting to see how they implement this network.

    • Are they going to be two seperate networks.
    • Will they be one network connected over an existing internet link?
    • If they connect over an existing internet link how will they deal with that connection as its no longer a simulation

    I don't think that we have a requirement to see any of the information that I've questioned above but this information could lead /. to be more informed on this situation.

    • How will they implement the latencies and delays that commonly befall the internet.

      Easy--they'll just make sure to build the network out of cheap (insert your least favorite brand here) routers, and pass the savings on to the professor's salaries!

  • Just pretend don't hate me... (Score:4, Funny)

    by Dareth ( 47614 ) on Wednesday November 05, 2003 @11:56AM (#7396785)
    ... but can I be the RIAA and sue all the users of your model internet???

    This is in the name of science!

    I won't be real bad, just demand they hand over all their old video cards when they get new ones.

    I'm still running my old Voodoo 3 3500, yeah baby it still ROCKS!

  • "Berkeley engineer said they can't do experiments on the real Internet, because they can't afford to break it."

    Al Gore would not like that
  • I hear they already have the free pr0n servers up and running. Just waiting for the rest of the system to be built. ;)

  • Quick question: (Score:3, Insightful)

    by mblase ( 200735 ) on Wednesday November 05, 2003 @11:59AM (#7396820)
    I know you can hack a server, but how exactly do you hack "the Internet" (model or otherwise)?
    • -worms and viruses
      -discovering flaws in protocols not specific to particular implementations
    • Same way there are flaws in FTP that are not specific to any implentation (FTP bounce specificly). Of course it has been worked around, but the workarounds arnt part of the spec.
    • Hacking the Internet is quite different from hacking a server. A single server behaves in an obvious and predictable fashion. The Internet behaves like a natural system: clearly there are always going to be a number of hacked systems, but the overall impact depends on how these systems have been hacked, what damage the hackers do, how fast the damage spreads, etc.

      What I presume this 'model' will be used for is to do things like simulate how fast and far a new kind of virus could spread.

      It's extremely pe
    • I know you can hack a server, but how exactly do you hack "the Internet" (model or otherwise)?

      First you have to be able to shoot silver arrows. Then you can beat the end guy.

  • The Real Reason (Score:5, Funny)

    by fireboy1919 ( 257783 ) <rustypNO@SPAMfreeshell.org> on Wednesday November 05, 2003 @12:08PM (#7396911) Homepage Journal
    Tech support companies the world over are tired of people calling up and asking, "Is your internet better than the internets of other companies?" They made a plea to the US government to do something about it, who, out of embarassment for the American people's stupidity, promptly made up a new reason to make another, lower quality internet.

    From now on, rather than spending several hours trying to explain the concept of the internet to people who have trouble walking and chewing gum at the same time, tech supporters will be able to simple say, "Yes."
  • This would be a huge bunch of scripts.
    1. [Script #1] go to Netcraft. Compile stats on each OS usage. If you don't want to write a script for this, just enroll a couple of MBA students to click repeatedly on all the links and call it "market research"... ;-)
    2. Compile a list of the top 20+ vendors of OS used on the Internet, including the relevant web sites . For instance: HP, Sun, SGI, IBM, Microsoft, Linux distros, BSDs, etc...
    3. [Script #2] Using the list defined on step B, compile stats on each specific vend

  • Just offer prizes to hackers (Score:5, Insightful)

    by G4from128k ( 686170 ) on Wednesday November 05, 2003 @12:13PM (#7396952)
    I'm not sure how they plan to "model" the internet, but I would argue that the internet is its own best model. Anything else will lack some exloits present in the "real" net while have other exploits absent in the real net (bugs in the model's software).

    I would take the $5.5 million and divide it up into $5000 prizes that are payable to any hacker that demonstrates and documents a hack on the real net. The profs and grad students could ajudicate the prize giving. They would find at least 1100 exploits this way (fewer if they have to pay those pesky grad students or usurious university accounting department overhead rates).

    If letting hackers profit from hacking the actual internet is too scary/illegal, then the university could create a small publically exposed network running a variety of apps, OS, etc.

    • Do the words "Cyber-Armageddon" mean anything to you? I imagine what some of the things they'll try to simulate are the really monstrous distributed denial of service attacks that would cripple the entire Internet for days and cause untold amounts of damage and inconvenience for millions all over the world. Things that would make a major slashdotting look like a mild hiccup. If they did that on the real Internet, the damage it would cause worldwide would be worth a helluvalot more than a piddly US$5.5 mi

      • Do the words "Cyber-Armageddon" mean anything to you?

        Yes, I would never suggest rewarding or encouraging hackers to create real damage, only encourage them to document what is possible. But perhaps you are right, the prize represents a very dangerous inducement for people to play with fire.

        The bigger issue is the potential for flaws in the methodology. I was pointing out a big versimilitude problem with the model vs. real internet. This problem is on two levels. First are the scale issues -- a ne
    • I would take the $5.5 million and divide it up into $5000 prizes that are payable to any hacker that demonstrates and documents a hack on the real net.

      And then I would sue you because of all the damage done to MY machines on the real Internet as a result of the hacking you encouraged.

      Does your company QA test your software by releasing it to the public as soon as you think it mostly works, or is there a process of internal and structured beta testing? (obvious Microsoft joke goes here)

  • Similar Project at Iowa State University (Score:5, Interesting)

    by logrey ( 27960 ) on Wednesday November 05, 2003 @12:15PM (#7396971)
    Iowa State has a similar project funded with a $500,000 grant from the U.S. Department of Justice.
    Iowa State Computer Security Lab [iastate.edu]

  • The nature of government grants (Score:5, Informative)

    by mystery_bowler ( 472698 ) on Wednesday November 05, 2003 @12:15PM (#7396975) Homepage
    For the last few years I've been developing software systems for law enforcement, so occassionally I pick up interesting bits of information about how government funding works. If you didn't hear about it - and not many people did - the Dept. of Homeland Security made a sort of "open call" (via the Dept. Of Justice, if I remember correctly) about a year or so ago. It was - more or less - an open invitation for vendors to propose innovative ideas to the DHS about fighting terrorism within the United States. The really interesting thing about the open call was that it was specifically worded to encourage "innovative" and "new" approaches. I joked at the time that I actually felt good about the open call...it seemed like the guys at the DHS were acknowledging that they didn't have a clue what to do and where looking for expert help on making things radically better.

    I'd be interested to find out if the "model internet" was a proposed idea. In terms of government funding, $5 million isn't all that much, so I wouldn't be surprised to see if this was an idea pitched by people at UCB and USC during the open call. I'd heard that big names asking for reasonably small amounts of money were getting through pretty easily.

    I tried to convince my company to pitch a variant of our crime analysis/trendspotting tools. Include a reference per recorded crime that indicates political or religious bias as the motive of the crime. Get a concentration of those - even if they are "lesser" crimes like vandalism or simple assualt - and you've got "smoke". And where there's "smoke"...
  • Too bad that 6 hours after they turn it on, all those model mailboxes will be overflowing with spam.
  • This would be a very cool project to get involved with. Imagine building the internet from scratch knowing what we know now. I bet that this project will be able to resovle many of the large problems associated with the public internet. Latenancy, DDOS, Spam, Virus'. If even one of these things could be effectively resolved think of the millions it would save businesses in the future.

  • So they're building a model of the internet to hack, so they can better deal with threats. Is the government really that much at risk that they need to do this? Surely they could just hire some really good hackers at ludicrous salaries to protect themselves?

    Or is this really more war on terror stuff? Do they think that terrorist groups are operating over the internet and are they actually setting up some sort of training ground for an elite anti-terrorism unit to stop Osama Bin Laden getting his email or

    • A huge fraction of the activity in the "anti-terrorism" and "critical infrastructure protection" space is somewhere between bogus, naive, cynical, greedy, and/or a malicious attack on the civil rights of our society by Big Brother, Prohibitionists, and the Military-Industrial Complex. The war on terror isn't primarily about whether they think there _are_ terrorist groups doing these things, but instead about whether they can get the public to believe that there are, and so far they've been quite successful

  • here's the real scoop (Score:5, Informative)

    by t_parker16 ( 154804 ) on Wednesday November 05, 2003 @12:38PM (#7397203) Journal
    all this speculating on what's involved, but the project is described in pretty good detail over at the ISI web site. (and so, its apparently not USC specifically but the usc information sciences institute):

    http://www.isi.edu/stories/70.html

    excerpt:

    "The DETER testbed will consist of approximately 1,000 computers with multiple network interface cards, located off the actual Internet. Three permanent hardware clusters, or nodes, at UC Berkeley and at ISI's Southern California and Virginia facilities, will serve as the core of the system.

    "This isolated mini-Internet will serve as a shared laboratory where researchers from government, industry and academia can test existing and new security technology, using a wide variety of attack techniques."

  • Wouldn't you think that a company like Cisco or Juniper, etc. who make hardware, network operating systems, implementations of routing protocols like BGP, etc, don't build models and try to wreck them on routine basis? And their test labs are probably way more advanced than anything professors can come up with on a 5.5mil budget.

    • I don't know. I would think that hardware would be only a single component to the heterogenouse internet. There are plenty of different OS's connected to the real net. Many, many, many, different software applications that use the net. Perhaps the two universities would be able to create a more representative, small scale system than a corporation. Corporations are generally only good at what makes them money. In the case of networking companies that is hardware and software manufacturing for servicin

  • UCB still in business? (Score:3, Funny)

    by molrak ( 541582 ) on Wednesday November 05, 2003 @02:19PM (#7398274) Homepage
    It's good to see that the UCB [uprightcitizens.org] is still in business, even after their show got cancelled. It makes me wonder if this project is somehow related to their Bucket of Truth project [rr.com].

  • The "What if machine" (Score:2, Insightful)

    by brakett ( 690755 )
    The way I understod the article, this is supposed to be a wan that can be used as a what-if-machine. This would be a way to se the results of changing widely used standards.

    What if everybody used IPv6?
    What if you had to prove your id to send mail?
    What if a Curious Yellow [blanu.net] -like worm were realeased?
    What if.... well you get my point.

  • Is it really just defensive? (Score:3, Interesting)

    by billstewart ( 78916 ) on Wednesday November 05, 2003 @10:10PM (#7403161) Journal
    I'm sure that most of the work that'll be done with this project is defensive, but is some of it really going to be offensive as well? Most of the time it's going to be modelling different methods of attacking network interconnection and different methods of defending against it, but when you've got a thousand machines with heavy-duty cracker tools located a few dark-fiber meters away from several Internet2 routers and just down the road from the San Francisco and DC area internet junction points, it's got to be real tempting to not only mail out CDs of crackerware to the military's cyberwarriers, but also to occasionally jack in to the real Internet and go pound some target, or upload a few hundred thousand copies of Zombieware N.2 to their public-side counterparts.

  • a model? (Score:4, Insightful)

    by hyrdra ( 260687 ) on Wednesday November 05, 2003 @10:52PM (#7403448) Homepage Journal
    The problem with their "model" is that something as complex as the current Internet as it exists today can't really be modeled, at least not very well. It's a huge chaotic system thats constantly changing and growing, so when you try to model it your model is going to be out of date before you can do anything useful with it. I really don't think $5 million can buy even a small representation of what the Internet is today. Think of the OSI layers and all the different software, hardware, protocols, methods, systems and manufactures in place at each layer. Each of those has its own set of vulnerabilities, holes, etc. and keep in mind there are many different versions of each of those running at the same time across different networks.

    This complexity is precisely what makes tracking and solving problems with today's Internet so hard.

    I am curious as to what they expect to study and find from this model. Today's problems with the Internet and networking in general are largely social, economic, or political. Figuring out some neat new protocol isn't going to make backbone provider X update their entire network. Worms and the such are also the bain of a social problem. As long as we have smart programmers with free time, there will be worms and exploits of the system no matter what procedures are in place or how smart the network is; The fix for said worms are timely patches and updates, however most users won't and don't do this, hence the epidemics.

    This might make some great academic research and a neat new toy for the University but I fail to see how it can find applications in the real world where the problems are much harder than the technical ones this project (presumably) hopes to solve.

Slashdot Top Deals

I have hardly ever known a mathematician who was capable of reasoning. -- Plato

Close