1 00:00:00,000 --> 00:00:14,990 *34c3 intro* 2 00:00:14,990 --> 00:00:22,770 Herald: And now please join me in welcoming Caleb, for his talk BGP and the Rule of Custom 3 00:00:22,770 --> 00:00:26,120 *Applause* 4 00:00:26,120 --> 00:00:30,050 Caleb James DeLisle: Thank you. 5 00:00:30,050 --> 00:00:32,790 Thank you and thanks for 6 00:00:32,790 --> 00:00:38,870 coming. Tonight I'm going to speak to you about the BGP protocol but it's not going 7 00:00:38,870 --> 00:00:44,469 to be that technical. Specifically I'm going to concentrate on the way that BGP 8 00:00:44,469 --> 00:00:53,969 molds human interactions. So there I'm aiming at making this a reasonably 9 00:00:53,969 --> 00:00:58,530 accessible talk so if you catch me using slightly incorrect terms for something 10 00:00:58,530 --> 00:01:04,159 consider that I'm optimizing not only for the clarity of the correctness but also 11 00:01:04,159 --> 00:01:10,860 for the widest possible audience. So protocols that are at their root systems 12 00:01:10,860 --> 00:01:16,750 of governance. So I'm gonna propose a framework to think about governance and 13 00:01:16,750 --> 00:01:22,820 then as I describe BGP we can we will be able to analyze it through the lens of 14 00:01:22,820 --> 00:01:31,240 that framework and so as my slide shows here I find it useful to dichotomize 15 00:01:31,240 --> 00:01:36,750 governance systems into either institutional like democracy or network 16 00:01:36,750 --> 00:01:42,890 like the family or like the CCC, and when you think about institutional governance 17 00:01:42,890 --> 00:01:46,930 think about democracy, think about law, think about rights, equality, these are 18 00:01:46,930 --> 00:01:52,579 all concepts which are protected for us by an institution in this case it's the state 19 00:01:52,579 --> 00:01:55,690 and when you think about networks think more about the family, think about 20 00:01:55,690 --> 00:02:00,479 reputation, honor, mutual respect. These are representations of the network 21 00:02:00,479 --> 00:02:04,219 governance model, and the network governance model turns out to be very 22 00:02:04,219 --> 00:02:09,419 important to BGP. Now I'm gonna argue that we need both institutional and networks 23 00:02:09,419 --> 00:02:19,080 governance and each one should be used for what it's best for. So but first I'm going 24 00:02:19,080 --> 00:02:25,209 to talk about where BGP came from. The year was 1989 and there were two people 25 00:02:25,209 --> 00:02:30,930 named Kirk Lougheed and Yaakov Rekhter and they were having lunch and at the time the 26 00:02:30,930 --> 00:02:37,390 Internet of the day, then known as NSFNET was facing impending collapse let's say. 27 00:02:37,390 --> 00:02:42,620 The NSFNET was at the time, experiencing explosive growth and the EGP 28 00:02:42,620 --> 00:02:47,680 routing protocol was reaching the point where it just could no longer work. So 29 00:02:47,680 --> 00:02:52,290 during that lunch they defined a new protocol, which they jokingly referred to 30 00:02:52,290 --> 00:02:55,510 as a two napkin protocol, because they had drawn their 31 00:02:55,510 --> 00:03:02,479 diagrams out on those napkins. And we have here some photographs of those napkins. 32 00:03:02,479 --> 00:03:08,600 Something to understand about BGP at the time, and it was that at this time the so- 33 00:03:08,600 --> 00:03:13,750 called Internet was considered kind of this weird anarchist experiment. You see 34 00:03:13,750 --> 00:03:20,269 real networks used grown-up protocols such as X.25 which among other things made sure 35 00:03:20,269 --> 00:03:25,189 at the protocol level that when you sent a piece of data it would actually reach its 36 00:03:25,189 --> 00:03:31,750 destination. By contrast, Internet Protocol was what we call a best-effort protocol 37 00:03:31,750 --> 00:03:35,930 meaning that sometimes a packet might arrive mangled or maybe it wouldn't arrive 38 00:03:35,930 --> 00:03:42,470 at all. Computers on the Internet usually just use the TCP protocol to put the 39 00:03:42,470 --> 00:03:47,790 pieces back together and to resend the broken ones but TCP is not really part of 40 00:03:47,790 --> 00:03:51,720 the Internet itself. It's more an application that runs over it and it's 41 00:03:51,720 --> 00:03:57,439 telling that in this era the Internet was referred to as TCP / IP because at the 42 00:03:57,439 --> 00:04:04,610 time it was expected that any network must be providing reliable transport. Now the 43 00:04:04,610 --> 00:04:09,409 effect of IP's simplicity as compared to other networking protocols cannot be 44 00:04:09,409 --> 00:04:17,108 overstated and to consider a different protocol even the one used in telephone 45 00:04:17,108 --> 00:04:22,380 networks even to this day it's so mind- numbingly complex that it actually 46 00:04:22,380 --> 00:04:27,280 encourages the telephone companies to monopolize in order to manage the protocol 47 00:04:27,280 --> 00:04:32,750 that they use. In fact the SONET protocol that's used in the American telephone 48 00:04:32,750 --> 00:04:36,590 companies - there's an equivalent one here in Europe - it actually requires 49 00:04:36,590 --> 00:04:41,190 synchronized atomic clocks in the routers in order to schedule the messages so that 50 00:04:41,190 --> 00:04:45,580 there's an empty moment in each line that's just for the message to pass 51 00:04:45,580 --> 00:04:52,190 through. And in contrast the simplicity of IP and the political design of BGP have 52 00:04:52,190 --> 00:05:03,150 allowed for just about anybody to become a network operator. So what is BGP? BGP is 53 00:05:03,150 --> 00:05:09,090 a protocol which every Internet router uses to talk to other routers when they're 54 00:05:09,090 --> 00:05:15,210 talking across an organizational boundary. See inside an organization you control all 55 00:05:15,210 --> 00:05:18,860 the computers so you can have them talk any way they want 56 00:05:18,860 --> 00:05:25,110 but when you talk across boundaries the lingua franca of 57 00:05:25,110 --> 00:05:33,100 routing protocols is BGP. And BGP involves two types of identifiers which 58 00:05:33,100 --> 00:05:39,000 organizations need to apply for. These are IP addresses which most people know about 59 00:05:39,000 --> 00:05:44,050 and there are the lesser-known autonomous system numbers and each network provider 60 00:05:44,050 --> 00:05:49,780 has an AS number. Both IP addresses and AS numbers are issued by ICANN through its 61 00:05:49,780 --> 00:05:56,320 regional registries which manage this an issuance kind of in accordance to need. 62 00:05:56,320 --> 00:06:02,130 And an autonomous system is a network operator such as an ISP or hosting 63 00:06:02,130 --> 00:06:07,919 provider and having the AS number means that they're able to speak as equals 64 00:06:07,919 --> 00:06:13,819 with all the other network operators. It also means that when they interconnect 65 00:06:13,819 --> 00:06:18,080 with another network operator the fact that they're interconnected is public and 66 00:06:18,080 --> 00:06:26,029 that's a very important little piece of BGP. Now BGP is unlike the EGP routing 67 00:06:26,029 --> 00:06:31,190 protocol before it, a mesh protocol and this fact has proven highly significant 68 00:06:31,190 --> 00:06:36,840 because it's created what I call the imperative to peer. And to understand the 69 00:06:36,840 --> 00:06:42,030 imperative to peer, I'll give you a scenario. Let's say that you and I are each 70 00:06:42,030 --> 00:06:47,489 a medium-sized network operator. So your customers want to talk to my customers, my 71 00:06:47,489 --> 00:06:52,259 customers want to talk to your customers but as medium-sized network operators we 72 00:06:52,259 --> 00:06:56,270 both need to buy Internet from somebody else that's bigger than us. In the 73 00:06:56,270 --> 00:07:01,650 industry we call this the upstream provider and if my customers are asking 74 00:07:01,650 --> 00:07:06,509 for web sites hosted by your customers normally what's going to happen is I'm 75 00:07:06,509 --> 00:07:10,139 going to get those requests and I'm gonna have to send them to my upstream provider, 76 00:07:10,139 --> 00:07:12,590 they're going to give them to your upstream provider who is going to give 77 00:07:12,590 --> 00:07:18,379 them to you. But since we're both paying for those links to our upstream providers 78 00:07:18,379 --> 00:07:26,060 there's, we're sort of paying for that traffic in a way, and now if you and I 79 00:07:26,060 --> 00:07:30,419 happen to have routers in the same datacenter then we could just run a wire 80 00:07:30,419 --> 00:07:35,949 across the room and then peer with one another and BGP will bypass our upstream 81 00:07:35,949 --> 00:07:38,330 providers and route the traffic between me and you and 82 00:07:38,330 --> 00:07:42,580 you and me. And it's much more efficient. Now it's important to 83 00:07:42,580 --> 00:07:48,370 understand that peering means you and your customers will talk directly to me and my 84 00:07:48,370 --> 00:07:54,520 customers. What it doesn't mean is that you can use me to reach my other peers, or 85 00:07:54,520 --> 00:07:59,289 my peers peers, or my upstream, or someone else. To have to do that, you'd have to be 86 00:07:59,289 --> 00:08:05,080 my customer because peering has this limitation it's usually mutually 87 00:08:05,080 --> 00:08:10,830 beneficial for two ISPs to just peer and usually it happens with no money changing 88 00:08:10,830 --> 00:08:16,550 hands and in fact it almost always happens there's not even any paper contract 89 00:08:16,550 --> 00:08:23,430 that they just say that makes sense let's run a wire. Now in this scenario you and I 90 00:08:23,430 --> 00:08:28,199 needed to have the upstream provider and you might wonder well who doesn't need an 91 00:08:28,199 --> 00:08:33,260 upstream provider there must be someone at the top where is the core. Well the core 92 00:08:33,260 --> 00:08:46,710 is a series of what we call Tier 1 providers. And in this picture we have 93 00:08:46,710 --> 00:08:51,890 white lines which represent the peering agreements and the red lines represent the 94 00:08:51,890 --> 00:08:57,170 customer agreements. The Tier 1's are the people up at the top and they can reach 95 00:08:57,170 --> 00:09:03,410 anywhere on the Internet using a peering agreement or a customer. They don't need 96 00:09:03,410 --> 00:09:10,230 to buy Internet from anyone. However they do need to pay the upkeep on their massive 97 00:09:10,230 --> 00:09:14,510 fiber-optic networks which give them the global reach to get these peering 98 00:09:14,510 --> 00:09:17,890 agreements and to get these customers which makes them a Tier 1 in the first 99 00:09:17,890 --> 00:09:23,640 place. And you can also see some interesting things in the case you can 100 00:09:23,640 --> 00:09:29,509 have you can be a customer and also a peer and you can also have multiple upstream 101 00:09:29,509 --> 00:09:38,060 providers. But with Tier 1 there's a bit of politics, see Tier 1's are hesitant to 102 00:09:38,060 --> 00:09:43,000 peer with smaller operators if there is a chance that if they refuse to peer the 103 00:09:43,000 --> 00:09:48,210 smaller one might alternatively become a customer and so it's a bit like marriages 104 00:09:48,210 --> 00:09:53,959 between wealthy families because peering between Tier 1's it's a complex process and 105 00:09:53,959 --> 00:09:59,480 they're each striving to ensure reciprocity of value. Now small networks 106 00:09:59,480 --> 00:10:03,030 on the other hand they're not so concerned about this and so they're ready 107 00:10:03,030 --> 00:10:07,721 to peer with each other quite liberally and this has created a situation known in 108 00:10:07,721 --> 00:10:11,940 the industry as doughnut peering where in the Tier 1's are actually increasingly 109 00:10:11,940 --> 00:10:18,199 being routed around and it's worthy of reflection the fact that while SONET with 110 00:10:18,199 --> 00:10:24,460 a synchronized atomic clocks has made an incentive to monopoly. BGP with it's 111 00:10:24,460 --> 00:10:31,520 imperative to peer has created a situation where monopoly is discouraged. However 112 00:10:31,520 --> 00:10:37,730 this system also has means of preventing bad behavior on the Internet which it 113 00:10:37,730 --> 00:10:42,900 works astonishingly well while at the same time preserving almost absolute free 114 00:10:42,900 --> 00:10:51,760 expression. So this is a chart of the percentage of all email that is spam and 115 00:10:51,760 --> 00:10:57,480 to understand why this chart is remarkable consider what a bad protocol email 116 00:10:57,480 --> 00:11:03,660 is. Email is basically a push protocol with an unlimited free speech. So all you 117 00:11:03,660 --> 00:11:07,980 got to do is get on the Internet, fire up a mail server and you can just send spam to 118 00:11:07,980 --> 00:11:20,750 anyone. It's magic. So really this percentage should be like over 99% but 119 00:11:20,750 --> 00:11:29,059 it's not. Well email is an old and heavily used protocol and the network operators 120 00:11:29,059 --> 00:11:33,959 have made it kind of a special case. Email is actually one of the few protocols where 121 00:11:33,959 --> 00:11:38,640 messing with it can get you kicked off the whole Internet even if you have your own 122 00:11:38,640 --> 00:11:43,189 network AS number even if you are a network operator with peers and everything 123 00:11:43,189 --> 00:11:51,799 you can still get chucked off the Internet if you mess around with mail. So I'm gonna 124 00:11:51,799 --> 00:11:56,809 try to explain how this works and I'm going to do it by trying to think of 125 00:11:56,809 --> 00:12:07,809 different types of actors that are, that exist in the Internet service sphere. So 126 00:12:07,809 --> 00:12:14,280 there is a lot of actors of course but I've made these four main categories which 127 00:12:14,280 --> 00:12:19,230 I think helps to explain the situation. And they're the customer, the provider, 128 00:12:19,230 --> 00:12:25,130 the network operator and the civil society organization. So the customer is someone 129 00:12:25,130 --> 00:12:30,290 like me. I take an IP address on loan from my cable provider at home and I take one 130 00:12:30,290 --> 00:12:36,371 from my web hosting provider. It's not my IP address and it's not assigned to me. It 131 00:12:36,371 --> 00:12:39,070 doesn't have my name on it and they can take 132 00:12:39,070 --> 00:12:45,490 it back when I stop working with them. But that means I have relative anonymity 133 00:12:45,490 --> 00:12:49,939 because I'm not out there looking for peers I have my provider they know who I 134 00:12:49,939 --> 00:12:55,780 am, they know me, I know them, nobody else needs to know who that IP address is 135 00:12:55,780 --> 00:13:01,040 associated with. However my provider can trivially turn off my access to the 136 00:13:01,040 --> 00:13:05,950 Internet but by the same token I can usually choose which provider to patronize 137 00:13:05,950 --> 00:13:11,980 as well modulo the monopolies in the cable companies. Providers on the other hand 138 00:13:11,980 --> 00:13:15,450 they are not anonymous they have to maintain relationships with network 139 00:13:15,450 --> 00:13:21,510 operators, they have to seek customers. They're out in the public. Providers also 140 00:13:21,510 --> 00:13:27,079 have an incentive to keep customers so they can't be obviously scammy and they 141 00:13:27,079 --> 00:13:31,750 shouldn't, they can't provide bad service. They probably shouldn't be scummy 142 00:13:31,750 --> 00:13:36,010 and they can't provide bad service. They also have an imperative to stay friendly 143 00:13:36,010 --> 00:13:40,540 with at least one network operator. If all the network operators just hate them then 144 00:13:40,540 --> 00:13:46,830 they can't find Internet. Providers have their own IP addresses they're assigned to 145 00:13:46,830 --> 00:13:51,550 them from the Internet registries and so they can connect with multiple network 146 00:13:51,550 --> 00:13:55,930 operators including even having peers although in practice they often keep their 147 00:13:55,930 --> 00:14:03,030 networks fairly simple. But because of the way BGP exchanges information, their peers 148 00:14:03,030 --> 00:14:08,240 and their providers are publicly known, whereas me the little customer borrowing 149 00:14:08,240 --> 00:14:14,540 an IP address I'm fairly opaque. Now network operators they're somewhat like 150 00:14:14,540 --> 00:14:19,920 providers, they provide a service but in general they make their business around 151 00:14:19,920 --> 00:14:23,800 providing raw Internet access to smaller providers and that's why I've 152 00:14:23,800 --> 00:14:29,160 differentiated them. Network operators are very much not anonymous they have to have 153 00:14:29,160 --> 00:14:34,799 large numbers of peering agreements and customers which again all of these 154 00:14:34,799 --> 00:14:40,330 connections are transparent, because of the way BGP works and they're strongly 155 00:14:40,330 --> 00:14:46,270 pressured by the imperative to peer. If they're not able to find peers then all 156 00:14:46,270 --> 00:14:49,219 the network traffic will have to be paid for. It can even squeeze them out of the 157 00:14:49,219 --> 00:14:53,140 market. They do have som powers though they can 158 00:14:53,140 --> 00:14:57,169 refuse to peer with a network operator and they can even disconnect a customer which 159 00:14:57,169 --> 00:15:01,929 they might do to maintain their reputation. Last group here is civil 160 00:15:01,929 --> 00:15:07,059 society these are organizations like Team Cymru and Spamhaus. They dedicate their 161 00:15:07,059 --> 00:15:10,829 time to shedding light on the bad guys of the Internet. They're not anonymous as 162 00:15:10,829 --> 00:15:15,580 organisations although their members can be hidden and they also maintain lists of 163 00:15:15,580 --> 00:15:20,059 IP addresses and AS numbers which are either known to be operated by spam 164 00:15:20,059 --> 00:15:27,020 organizations or which are just unused and shouldn't be existing. Internet civil 165 00:15:27,020 --> 00:15:31,280 society doesn't have any direct power but their power comes from their reputation 166 00:15:31,280 --> 00:15:36,540 for providing valid and useful data. They're also able to do their job because 167 00:15:36,540 --> 00:15:42,540 of the transparency of providers and network operators which is built into BGP. 168 00:15:42,540 --> 00:15:46,380 I'm going to tell you a story about two providers. One is called McColo and the 169 00:15:46,380 --> 00:15:51,120 other is called PRQ, both of these organizations were founded in 2004 and 170 00:15:51,120 --> 00:15:55,410 both of them have been subject to certain controversy but tellingly one of them 171 00:15:55,410 --> 00:16:03,280 still remains with us and the other one is long gone. So this is a splash page of 172 00:16:03,280 --> 00:16:08,309 McColo back in 2008 before it went dark. McColo was founded by a 19 year old 173 00:16:08,309 --> 00:16:13,380 student named Nicola McColo and it thrived for four years before being taken down. 174 00:16:13,380 --> 00:16:16,890 McColo provided what's known as bulletproof hosting. That means hosting 175 00:16:16,890 --> 00:16:21,650 where the provider will keep your server online no matter what you do with it. 176 00:16:21,650 --> 00:16:25,949 Bulletproof hosting providers choose not to cooperate with civil society or even 177 00:16:25,949 --> 00:16:32,240 law enforcement unless they're forced to. And in November of 2008 the Washington 178 00:16:32,240 --> 00:16:37,410 Post gathered some damning evidence that McColo was a hosting provider mostly 179 00:16:37,410 --> 00:16:42,829 interested in providing service for spammers. What's interesting is that 180 00:16:42,829 --> 00:16:46,779 rather than send this evidence to the police they sent it to McColo's network 181 00:16:46,779 --> 00:16:51,300 operators. Like many providers McColo bought Internet access from two major 182 00:16:51,300 --> 00:16:54,449 network operators. In this case it was a Hurricane Electric and Global 183 00:16:54,449 --> 00:16:58,630 Crossing. When Hurricane and Global Crossing were given this information from 184 00:16:58,630 --> 00:17:03,050 The Washington Post they voluntarily chose to abruptly ceased doing business with 185 00:17:03,050 --> 00:17:08,190 McColo and the provider was caught off guard and it and all of its customers went 186 00:17:08,190 --> 00:17:18,679 offline. Here is the global volume of spam which dropped to that day by as much as 187 00:17:18,679 --> 00:17:24,040 75%. Needless to say no other network provider was beginning or ready to begin 188 00:17:24,040 --> 00:17:32,640 selling service to McColo and their business crumbled. Now PRQ is in some ways 189 00:17:32,640 --> 00:17:40,110 similar to McColo *heeey* and in some ways they're quite different. PRQ was founded 190 00:17:40,110 --> 00:17:44,780 by two Swedish guys known in BitTorrent circles as anakata and Tiamo and they 191 00:17:44,780 --> 00:17:49,280 provide what I call last resort hosting. They've hosted highly controversial 192 00:17:49,280 --> 00:17:53,850 websites such as WikiLeaks but they're probably best known for hosting The Pirate 193 00:17:53,850 --> 00:17:58,750 Bay. The Pirate Bay stands out is probably one of the most famous websites to 194 00:17:58,750 --> 00:18:06,180 publicly flaunt copyright. Going to the extent of actually publishing abuse 195 00:18:06,180 --> 00:18:17,780 complaints along with their sarcastic and humiliating responses. This is something 196 00:18:17,780 --> 00:18:22,140 that the copyright industry had never seen before. High-power lawyers are just not 197 00:18:22,140 --> 00:18:28,530 accustomed to getting replies signed go fuck yourself. So all four of the founders 198 00:18:28,530 --> 00:18:31,910 have spent some time in prison and the site's data centers have been raided 199 00:18:31,910 --> 00:18:36,520 multiple times and supposedly Hollywood even use threats of trade sanctions 200 00:18:36,520 --> 00:18:43,030 against Sweden to force them to shut this thing down. But we find that as McColo has 201 00:18:43,030 --> 00:18:48,440 drifted into historical obscurity, The Pirate Bay is still alive and has even 202 00:18:48,440 --> 00:18:54,440 become something of a cultural institution. And we also find that unlike 203 00:18:54,440 --> 00:18:59,340 McColo, PRQ and The Pirate Bay have never had any problem with their network 204 00:18:59,340 --> 00:19:05,290 operators. So one of the fundamental tenets of the Internet is that network 205 00:19:05,290 --> 00:19:10,670 operators are morally but not legally responsible for the activities of their 206 00:19:10,670 --> 00:19:15,560 customers and peers. So they may choose who they do business with and they will 207 00:19:15,560 --> 00:19:24,560 not be held to legal account for these decisions. What are the lessons that we 208 00:19:24,560 --> 00:19:28,220 can take away from this? Recently there's been a lot of 209 00:19:28,220 --> 00:19:33,470 work done on federated social networking protocols. I'm sure some of you will take 210 00:19:33,470 --> 00:19:38,860 part in this development but the vast majority of you will be evaluating them to 211 00:19:38,860 --> 00:19:43,900 make decisions about which technology to adopt and I urge you to give some thought 212 00:19:43,900 --> 00:19:48,880 toward the political identities of the protocols which you make or which you 213 00:19:48,880 --> 00:19:55,850 choose to make your own. Like many things systems of communication are defined 214 00:19:55,850 --> 00:20:02,310 largely by what they reject, whether that be packets larger than 1500 bytes or Nazi 215 00:20:02,310 --> 00:20:08,610 propaganda. And in a protocol I identify three main ways that these rules can be 216 00:20:08,610 --> 00:20:13,981 defined. The first is what we hard code into the software source code. Some 217 00:20:13,981 --> 00:20:18,260 examples are message formats and permission systems but hardcoded rules 218 00:20:18,260 --> 00:20:23,950 can be extended further with cryptography and especially with block chains. Hard 219 00:20:23,950 --> 00:20:29,060 coded rules are a perfect example of institutional governance they can be very 220 00:20:29,060 --> 00:20:34,330 fair. They are very fair because code applies the rules equally to everyone and 221 00:20:34,330 --> 00:20:38,820 for things which we consider a basic human right such as private communications and 222 00:20:38,820 --> 00:20:43,150 things which are easily quantifiable in software, hardcoding can be the best 223 00:20:43,150 --> 00:20:49,890 solution. However hard rules do have a downside, Ethereum a cryptocurrency based 224 00:20:49,890 --> 00:20:54,120 heavily on the libertarian philosophy of freedom of contract found itself in a bit 225 00:20:54,120 --> 00:20:59,050 of a quandary when a bug was discovered in one of the very significant contract 226 00:20:59,050 --> 00:21:03,330 allowing for all the money to be stolen out of that contract. For those who don't 227 00:21:03,330 --> 00:21:07,950 follow the topic Ethereum was hard forked in order to stop the errant contract and 228 00:21:07,950 --> 00:21:14,380 everybody had to update and while the fork itself protected the participants in the 229 00:21:14,380 --> 00:21:21,230 contract it struck a serious blow to the fundamental philosophy of Ethereum and it 230 00:21:21,230 --> 00:21:25,620 serves as a warning that we have a downside to hardcoding. The second source 231 00:21:25,620 --> 00:21:30,231 is of course the central authority. The Internet uses ICANN as a central authority 232 00:21:30,231 --> 00:21:35,650 to manage allocation of domain names, IP addresses and autonomous system numbers. 233 00:21:35,650 --> 00:21:38,530 The central authority is kind of a poster child of institutional 234 00:21:38,530 --> 00:21:43,240 governance. Like hardcoded rules, rule by central authority also tends to be 235 00:21:43,240 --> 00:21:49,750 egalitarian. Moreover a central authority is actually capable of equity because it 236 00:21:49,750 --> 00:21:54,061 can comprehend people's different situations and adapt to them. Something 237 00:21:54,061 --> 00:22:00,220 that a hardcoded rule cannot do but a central authority like a hardcoded rule 238 00:22:00,220 --> 00:22:06,010 is prone to coldness and bureaucracy and moreover it's quite difficult to create 239 00:22:06,010 --> 00:22:11,170 central authorities which do not give certain individuals unaccountable power 240 00:22:11,170 --> 00:22:16,730 over others. The third source of rules or in this case customs where this talk gets 241 00:22:16,730 --> 00:22:22,800 its name is from the network and this is how the network operators and how BGP 242 00:22:22,800 --> 00:22:26,890 mostly managed to keep email spam and other bad things off the Internet. The 243 00:22:26,890 --> 00:22:31,580 network is by far the most humane form of governance. Social norms are passed along 244 00:22:31,580 --> 00:22:36,340 from friend to friend rather than rules being forced down upon people by central 245 00:22:36,340 --> 00:22:41,350 authority or source code. And we see network-like systems in families ancient 246 00:22:41,350 --> 00:22:46,670 tribal societies as well as royalty and elite in kingdoms and of course online. 247 00:22:46,670 --> 00:22:53,990 However in electronic networks we tend to associate it with, we get to choose who 248 00:22:53,990 --> 00:23:00,060 we associate with from any connected person in the world and but networks also 249 00:23:00,060 --> 00:23:04,830 have a downside they're not egalitarian in any way. Those central in the network are 250 00:23:04,830 --> 00:23:10,140 simply more powerful than those on the edges. In the feudal system law was often 251 00:23:10,140 --> 00:23:14,410 applied differently to a person based on how they were dressed or what family they 252 00:23:14,410 --> 00:23:20,610 were from. And the origin of the term rule of law it was initially described as a 253 00:23:20,610 --> 00:23:27,340 better alternative to rule of the king or rule of man. We have the law we 254 00:23:27,340 --> 00:23:33,380 have the state because people demanded them as in this case the inequity of the 255 00:23:33,380 --> 00:23:38,260 network rule proved unacceptable. But there's an important difference between 256 00:23:38,260 --> 00:23:45,580 BGP's rule of custom and the patently unjust feudal system. BGP is transparent. 257 00:23:45,580 --> 00:23:49,630 We know which network operators are interconnected with whom and we know who 258 00:23:49,630 --> 00:23:55,080 is protecting the bad actors and in every case we find dystopia 259 00:23:55,080 --> 00:23:59,550 whenever there's power without transparency either in opaque proprietary 260 00:23:59,550 --> 00:24:05,240 code, unaccountable central authorities or in networks which form mafias, secret 261 00:24:05,240 --> 00:24:11,350 societies in the feudal system. And I think the key message from BGP has to be 262 00:24:11,350 --> 00:24:17,930 that whether in central authorities or in networks. Power and privacy do not mix. 263 00:24:17,930 --> 00:24:23,820 With any measure of power there must be equal transparency and accountability. 264 00:24:23,820 --> 00:24:29,960 *Applause* 265 00:24:29,960 --> 00:24:36,150 So in closing. I hope you go out there and make protocols and make systems which far 266 00:24:36,150 --> 00:24:43,860 surpass what we have today and to do that I suggest looking at the past and what 267 00:24:43,860 --> 00:24:49,270 protocols have been highly successful and try to identify why they worked. Also look 268 00:24:49,270 --> 00:24:56,620 at the ones that didn't work. Look at the things that died in a hell storm of spam 269 00:24:56,620 --> 00:25:01,640 and try to keep it simple. I developed some software before and something I 270 00:25:01,640 --> 00:25:06,750 learned the hard way is that complexity becomes the enemy of adoption so maybe 271 00:25:06,750 --> 00:25:11,409 it's a good idea we all write our protocols on napkins. Thank you. 272 00:25:11,409 --> 00:25:21,920 *Applause* 273 00:25:21,920 --> 00:25:24,260 Herald: Thank you Caleb. We now have five minutes 274 00:25:24,260 --> 00:25:28,330 for questions you know the drill. Please line up at the microphones there's four 275 00:25:28,330 --> 00:25:32,430 microphones two in the middle, one there, one there. please don't leave the room 276 00:25:32,430 --> 00:25:36,220 until the talk is over. If you stood up you can leave but the rest please 277 00:25:36,220 --> 00:25:39,360 stay seated you can spare five minutes it's a lot of noise that people keep 278 00:25:39,360 --> 00:25:43,490 leaving during the Q&A. Microphone number one please. 279 00:25:43,490 --> 00:25:49,940 Question: Hello I'm from Sweden. I really like to talk to have a overview of 280 00:25:49,940 --> 00:25:56,570 this I think it was mostly correct. I would say that I'm working with both the 281 00:25:56,570 --> 00:26:05,870 BGP and DNS and those association with ICANN but I think you put them all on the 282 00:26:05,870 --> 00:26:10,260 you give them a bit too much power they are not that powerful unless you describe 283 00:26:10,260 --> 00:26:16,180 them. They don't decide everything about DNS and everything. They're running the 284 00:26:16,180 --> 00:26:21,080 IANA contract for these domain names and numbers and stuff like that. On behalf of 285 00:26:21,080 --> 00:26:27,240 the community like the IETF and other multi-stakeholder organizations. So they 286 00:26:27,240 --> 00:26:33,040 only have the power over the new top-level domains they don't have the power over the 287 00:26:33,040 --> 00:26:41,100 common domain or .se domain in Sweden or .ch in Switzerland so if .se or .ch would 288 00:26:41,100 --> 00:26:46,100 like to have The Pirate Bay, ICANN has nothing to do with that. 289 00:26:46,100 --> 00:26:47,730 Herald: Could you get to the question please? 290 00:26:47,730 --> 00:26:50,590 Question: No it's not a question. More to show that ICANN is 291 00:26:50,590 --> 00:26:55,680 not the king. Herald: There are other people queueing please. 292 00:26:55,680 --> 00:27:00,200 Herald: Microphone number two please. Question 2: Thank you. Great great 293 00:27:00,200 --> 00:27:09,380 lecture. So what actually is the reason why some illegal activities are tolerated 294 00:27:09,380 --> 00:27:16,841 by ISPs and some like child abuse is not? Speaker: That's a great question. I 295 00:27:16,841 --> 00:27:27,050 think that what it comes down to is what is socially acceptable. So when you have 296 00:27:27,050 --> 00:27:31,400 why does some activity, why does some illegal activity like smoking a joint 297 00:27:31,400 --> 00:27:38,080 outside, not cause you to have the police and other activity like murdering somebody 298 00:27:38,080 --> 00:27:42,540 would. It's all about what is socially acceptable to the people around you and 299 00:27:42,540 --> 00:27:46,990 what is socially acceptable to the people around them and in the case of ISPs 300 00:27:46,990 --> 00:27:50,600 somebody is peering with the the people that serve The Pirate Bay somebody else 301 00:27:50,600 --> 00:27:55,040 looks at that and says it's not, I don't feel that that's a problem somebody else 302 00:27:55,040 --> 00:27:58,920 looks at them and says I don't feel but people who think that is a problem and so 303 00:27:58,920 --> 00:28:02,120 it's okay. I hope this answers your question. 304 00:28:02,120 --> 00:28:07,180 Herald: Do we have an Internet question? No. Okay microphone number one please. 305 00:28:07,180 --> 00:28:13,590 Question 3: Why do you think network operators being morally but not literally 306 00:28:13,590 --> 00:28:18,500 responsible for what content they accept on the network worked so well for McColo 307 00:28:18,500 --> 00:28:22,690 and PRQ and doesn't work at all for social media? 308 00:28:22,690 --> 00:28:27,370 Speaker: Oh great great question. Why it doesn't work. If I understand you 309 00:28:27,370 --> 00:28:35,340 properly? Why Twitter is still a crap hole. It is. Well here's the thing Twitter 310 00:28:35,340 --> 00:28:42,130 has it's - I am probably getting sued - it's a, it's basically an 311 00:28:42,130 --> 00:28:46,230 institutional governance system. They said like we're in charge everybody is flat on 312 00:28:46,230 --> 00:28:53,050 here so on top of a network governance system they built in a institutional 313 00:28:53,050 --> 00:28:57,210 governance system and the institutional governance system it's like a high school 314 00:28:57,210 --> 00:29:04,940 it's just it's terrible. So I should use this opportunity to plug Mastodon because 315 00:29:04,940 --> 00:29:10,480 Mastodon is an example of a system which is federated and looks well it doesn't 316 00:29:10,480 --> 00:29:15,779 look exactly like BGP but I think it will in five years. 317 00:29:15,779 --> 00:29:22,519 *Applause* 318 00:29:22,519 --> 00:29:24,710 Herald: One hopefully brief question from two please. 319 00:29:24,710 --> 00:29:29,330 Question 4: Yes. Hi. Thank you very much for talking about BGP. As someone who 320 00:29:29,330 --> 00:29:33,100 knows a lot about BGP and I was kind of wondering if you could help answer a 321 00:29:33,100 --> 00:29:38,251 question and that's that I kind of view BGP is kind of like a static protocol and 322 00:29:38,251 --> 00:29:42,190 it was stuck it was written on two napkins and it's been a little bit expanded beyond 323 00:29:42,190 --> 00:29:48,420 that. My concern is like with, with rogue countries or someone else harnessing IP 324 00:29:48,420 --> 00:29:53,880 blocks and like sync holding traffic for google.com or facebook.com which has 325 00:29:53,880 --> 00:29:57,580 happened several times in the last couple years can you think of a way where you can 326 00:29:57,580 --> 00:30:03,929 either get BGP to conquer that problem or with the new decentralized protocol to 327 00:30:03,929 --> 00:30:08,160 conquer that problem? Speaker: Filters, filters, filters. 328 00:30:08,160 --> 00:30:14,110 Basically. I don't know that much about BGP but I know that some people are in the 329 00:30:14,110 --> 00:30:18,150 business of making their filters from the data that's in the WHOIS database that 330 00:30:18,150 --> 00:30:22,120 just say this is what you're allowed to announce cool this is we'll build a filter 331 00:30:22,120 --> 00:30:27,480 that's what your your box can send to us. The problem is that ISPs are lazy and we 332 00:30:27,480 --> 00:30:33,350 don't have we don't have standardized stuff for making these filters so we end 333 00:30:33,350 --> 00:30:37,180 up with a lot of people just sit putting no filter and saying yeah announce 334 00:30:37,180 --> 00:30:41,100 whatever you want and then you know China announces Google and all the traffic goes 335 00:30:41,100 --> 00:30:45,030 like this. Herald: And that's all for today. 336 00:30:45,030 --> 00:30:47,513 Thank you Caleb. 337 00:30:47,513 --> 00:30:50,064 *Applause* 338 00:30:50,064 --> 00:30:55,482 *34c3 outro* 339 00:30:55,482 --> 00:31:12,000 subtitles created by c3subtitles.de in the year 2018. Join, and help us!