UCB, USC To Build (And Hack) A Model Internet 218
darksoulz writes "Associated Press stories from TheKansasCityChannel.com and TheChamplainChannel.com have an interesting report today. It appears that the U.S. Government has given a $5.5 million grant to the University of California, Berkley and the University of Southern California so that they can build a model of the internet, so they can hack it. They are trying to find better defenses against hacking, without breaking the real Internet. The first phase is scheduled to be completed by February."
Weak Article (Score:1, Insightful)
Tin foil hat or not? (Score:1, Insightful)
The research is funded by the National Science Foundation and the Department of Homeland Security.
If they find fundamental flaws in the systems will they keep them secret to shore up US networks while leaving foreign networks susceptable? It could be a great tool for "cyberwarfare" against EvilDoers...
Re:Good (Score:2, Insightful)
If they do, I'm sure slashdot will be more than happy to help with stress testing.
In ten years... (Score:5, Insightful)
1. Good dissertations for CS PhDs.
2. More secure software, which will rarely be implemented and even more rarely be implemented well.
3. A whole bunch of research assistants who think they are l33t h4x0rs. And some of them will be right.
Quick question: (Score:3, Insightful)
Re:Good (Score:5, Insightful)
Re:I'll do it for 1 million (Score:1, Insightful)
Youre prob going to want more than 100 pc's also. some to mimick home lans on dsl, others cable, others behind a corporate network, others exposed right on the net, etc. These are just back of the envelope calculations.
your labor costs were not too bad, though I think youre still under in assuming 3 professors part time. I would think more like 3 full time for something like this. To do this correctly though, they will also need industry professionals configuring the higher end stuff.
As you can see, not nearly as simple as it sounded eh?
Just offer prizes to hackers (Score:5, Insightful)
I would take the $5.5 million and divide it up into $5000 prizes that are payable to any hacker that demonstrates and documents a hack on the real net. The profs and grad students could ajudicate the prize giving. They would find at least 1100 exploits this way (fewer if they have to pay those pesky grad students or usurious university accounting department overhead rates).
If letting hackers profit from hacking the actual internet is too scary/illegal, then the university could create a small publically exposed network running a variety of apps, OS, etc.
Re:I'll do it for 1 million rant. (Score:1, Insightful)
Issues are not all black and white, Linux is not necessarily the best thing for all or even most users, regardless of price. MS is not necessarily an evil company in every respect. This general hostile attitude really needs to change. The lack of interpersonal skills has long been noted in the industry, but I really think its time that something be done about it. Just take a friggen second to try and see the other person's point of view, understand where they are coming from, why they see their decision as best, then try to argue against it. Storming out of a meeting calling your manager and coworkers idiots isnt going to get you out of that cramped 3 walled cube.
Re:Just offer prizes to hackers (Score:3, Insightful)
Do the words "Cyber-Armageddon" mean anything to you? I imagine what some of the things they'll try to simulate are the really monstrous distributed denial of service attacks that would cripple the entire Internet for days and cause untold amounts of damage and inconvenience for millions all over the world. Things that would make a major slashdotting look like a mild hiccup. If they did that on the real Internet, the damage it would cause worldwide would be worth a helluvalot more than a piddly US$5.5 million.
I imagine they'll be dealing more with network structural problems than cracking problems. They'd also be doing experiments on some conjectures like the Warhol worms and flash worms we've heard about that can infect 60% or more of all the hosts on the Internet in under 15 minutes. If they did such an experiment on the real Internet, that would again cause a lot of major disruption, especially if they made a mistake in the worm's programming, and that's not exactly an unknown occurrence... The Great Worm itself had a bug that rendered it far less benign than Robert T. Morris planned. If that happened on one of the world's largest WAN's however, no big deal, it'll just inconvenience the grad students in charge of it, and they'd need to reinstall, which is probably part of what they'll be getting paid to do anyway.
What you're proposing by the way, would be tantamount to condoning acts that the Department of Homeland Security (which appears to be one of the agencies funding this project) has labeled terrorism, and which have been illegal since long before 9/11.
Re:This will fail (Score:4, Insightful)
I don't think the point is to re-create OpenBSD. The goal is probably more of a cross between network monitoring, intrusion detecion systems, and automatic network reconfiguration.
The Internet can already route around problems because of redundancy. Sophisiticated routers can control and shape traffic. But, as of yet, there's no widespread technology to protect entire networks from security problems. We will never create perfect systems... so we must create countermeasures so that when our systems fail, they fail in the smallest and least dangerous ways possible. It's like fault isolation.
Re:Quick question: (Score:3, Insightful)
What I presume this 'model' will be used for is to do things like simulate how fast and far a new kind of virus could spread.
It's extremely pertinent research and the price tag is trivial compared with the cost of damage to the real thing.
Re:Tin foil hat or not? (Score:2, Insightful)
I don't think Internet Explorer is a secret anymore
Re:Good (Score:3, Insightful)
Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar!
The "What if machine" (Score:2, Insightful)
What if everybody used IPv6?
What if you had to prove your id to send mail?
What if a Curious Yellow [blanu.net] -like worm were realeased?
What if.... well you get my point.
USE THE RIGHT WORD!!!!!! (Score:3, Insightful)
I expect this from mainstream media, but not here.
a model? (Score:4, Insightful)
This complexity is precisely what makes tracking and solving problems with today's Internet so hard.
I am curious as to what they expect to study and find from this model. Today's problems with the Internet and networking in general are largely social, economic, or political. Figuring out some neat new protocol isn't going to make backbone provider X update their entire network. Worms and the such are also the bain of a social problem. As long as we have smart programmers with free time, there will be worms and exploits of the system no matter what procedures are in place or how smart the network is; The fix for said worms are timely patches and updates, however most users won't and don't do this, hence the epidemics.
This might make some great academic research and a neat new toy for the University but I fail to see how it can find applications in the real world where the problems are much harder than the technical ones this project (presumably) hopes to solve.