UCB, USC To Build (And Hack) A Model Internet 218
darksoulz writes "Associated Press stories from TheKansasCityChannel.com and TheChamplainChannel.com have an interesting report today. It appears that the U.S. Government has given a $5.5 million grant to the University of California, Berkley and the University of Southern California so that they can build a model of the internet, so they can hack it. They are trying to find better defenses against hacking, without breaking the real Internet. The first phase is scheduled to be completed by February."
5.5 squintillions (Score:1)
Is it dead already? (Score:1)
(dammit, it's supposed to be a joke and I'm just not funny today. grrr.)
Re:Is it dead already? (Score:5, Funny)
Of course he went to Cal-Tech (Which I've always heard was a trade school for surfers
Re:Is it dead already? (Score:2, Informative)
Now you're giving Berkeley too much credit. LSD was synthesized by Albert Hoffman [bris.ac.uk] of the Sandoz Chemical Corporation of Basel, Switzerland in 1938.
They might've used a lot of LSD in Berkeley during the 60's, but it wasn't discovered there.
Re:Is it dead already? (Score:2)
Good (Score:5, Interesting)
Re:Good (Score:2, Insightful)
If they do, I'm sure slashdot will be more than happy to help with stress testing.
Re:Good (Score:3, Insightful)
Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar!
Re:Good (Score:3, Funny)
ROBOT! (Score:2)
Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar
I'M ON TO YOU ROBOT! You may think we don't know that you are actually the computer you speak of but some of us have tinfoil hats and a keen sense of smell.
Re:Good (Score:2)
Of course, this is a simulation of the internet, so it will have a simulation of Slashdot, and thus we are all now simulations somewhere in a computer in California, simulating the Slashdotting of simulated small, interesting web sites. Wow, I now have an avitar!
But really, we're all here and just hooked into the simulated
Re:Good (Score:5, Insightful)
Re:Good (Score:2)
Ah, machines > 1. Cute idea, be interesting to see how it scales up against the real one.
Particularly the increasing quantity of worm 'noise'.
Re:Good (Score:2, Interesting)
They are smart collegians mind you, however the wild spawns the actual entity they are trying to catch. Distributed honeypot net would be more effective in my opinion.
They will not have the same results.
USE THE RIGHT WORD!!!!!! (Score:3, Insightful)
I expect this from mainstream media, but not here.
Some things just aren't safe on the real net (Score:2)
If they build a shub-Internet it won't have the same scaling as the real thing, but they can at least model lots of
Re:Good (Score:2, Informative)
Mod Parent Up - Has Real Info (Score:2)
Re:Good (Score:2)
Re:Good (Score:2)
Well, not much, but I doubt the government realizes this. If they exposed it to real hackers, it would no longer be a "closed" system, now would it?
I think the problem is that the few threads of trust that once existed between the authorities and true hackers is gone now. If they invited the world's best hackers to come to Berkeley to participate in their litt
Re:This will fail (Score:4, Insightful)
I don't think the point is to re-create OpenBSD. The goal is probably more of a cross between network monitoring, intrusion detecion systems, and automatic network reconfiguration.
The Internet can already route around problems because of redundancy. Sophisiticated routers can control and shape traffic. But, as of yet, there's no widespread technology to protect entire networks from security problems. We will never create perfect systems... so we must create countermeasures so that when our systems fail, they fail in the smallest and least dangerous ways possible. It's like fault isolation.
Watch for the lawsuits now (Score:2, Funny)
(Just like you'll have a few lawyers salivating over the lawsuits if someone creates their own copy protection method for CD's and cracks it during testing. DMCA!!! DMCA!!!)
Wow (Score:1)
Weak Article (Score:1, Insightful)
Are they doing the FULL internet here? (Score:5, Funny)
Re:Are they doing the FULL internet here? (Score:2, Funny)
Re:Are they doing the FULL internet here? (Score:2, Funny)
Free Porn to them (Score:1)
That's it, I'm getting out my transfer papers, USC here I come!!
Re:Are they doing the FULL internet here? (Score:1)
Thank you. I thought your rather immature comment was quite funny as well.
Look. The thought ran across my head, and it certainly has its merits. Are they going to represent content in this model internet? Are they just going to represent the servers themselves? So the thought lead to that post. If you don't like it, fine. But you really don't need to be so childish in saying so.
Tin foil hat or not? (Score:1, Insightful)
The research is funded by the National Science Foundation and the Department of Homeland Security.
If they find fundamental flaws in the systems will they keep them secret to shore up US networks while leaving foreign networks susceptable? It could be a great tool for "cyberwarfare" against EvilDoers...
Re:Tin foil hat or not? (Score:1)
Oh wait, did you say "Dept. of Homeland Security"? Aw fuck. We'
Re:Tin foil hat or not? (Score:4, Interesting)
Besides, in order to "shore up the US", there would need to be a lot of cooperation among the multitudes of private enterprises that actually run and maintain the network. Most of the big players in this arena are large, multinational companies that would be inclined to shore up ALL their networks, not just the ones in the US.
Re:Tin foil hat or not? (Score:3, Interesting)
Re:Tin foil hat or not? (Score:2)
Well, this is different for a number of reasons:
1. The article you quoted is talking about the privatization of university research and the nastiness of getting your academic research entangled with private enterprise. Neither the NSF nor the DHS are private organizations. They are federal government and they
Re:Tin foil hat or not? (Score:2, Insightful)
I don't think Internet Explorer is a secret anymore
I'll do it for 1 million (Score:5, Funny)
What do we got?
$100,000 parts
$200,000 space
$350,000 labor
--------
$650,000
What's the other ~5 million going for?
Oh wait... they must need Windows licenses and full copies of Outlook to properly test the hacks...
Re:I'll do it for 1 million (Score:5, Funny)
Mountain Dew doesn't come cheaply, my friend....
Gimme a mountain... (Score:2)
OK, or maybe it's not so odd...
Re:I'll do it for 1 million (Score:2)
VMWare (Score:1)
It would definately cut down on cable wiring costs.
Re:I'll do it for 1 million (Score:3, Informative)
If you get paid $50,000 a year by your employer (before taxes), how much do you think you cost to your employer? $50,000? Ha. Try $100k. They play various kinds of employment taxes, insurance, maybe a bit to a personnel management company... a good rule of thumb is that you cost 2x your salary to an employer. (Plus, you're taxed again on your end
Re:I'll do it for 1 million (Score:1)
try more like 100k per tenured professor, 50k per non-tenured prof. and more along the lines of 35k per student. 20k is just what they get paid out to live on the other 15k goes toward paying off their tuition.
you'll have 2-3 tenured prof. running the show and 4-5 non-tenured profs. working the show. With 5-6 Grad students per prof doing all the research.
Your, labor costs are a bit more if you look at it that way. And this project will not only go 1 year... sounds more like an ongoing thing.
later
Not to mention... (Score:1)
perhaps some huge bandwidth...
powdered donuts, guarana(beats the hell outta Mt. Dew), and (with machine to make said drink), and all the neato little geek trinkets and apparrel.
Re:I'll do it for 1 million (Score:1, Insightful)
Re:I'll do it for 1 million (Score:2)
Maybe routers, switches, hubs, fiber optics gear. You know, the stuff that makes it a network instead of a bunch of computers sitting on a warehouse floor.
Re:I'll do it for 1 million (Score:2)
Re:I'll do it for 1 million (Score:2, Informative)
um? (Score:1)
Re:um? (Score:1)
Sheesh (Score:2, Funny)
Model of the Internet? (Score:2)
diversity (Score:1)
Re:diversity (Score:1)
I smell something . . . (Score:2, Funny)
$250,000 = lifetime supply of cheetoes and pr0n!
Re:I smell something . . . (Score:2)
Not bloody likely. More like a week supply.
Re:I smell something . . . (Score:2)
In ten years... (Score:5, Insightful)
1. Good dissertations for CS PhDs.
2. More secure software, which will rarely be implemented and even more rarely be implemented well.
3. A whole bunch of research assistants who think they are l33t h4x0rs. And some of them will be right.
Re:In ten years... (Score:2, Interesting)
What is this? (Score:2)
Me thinks this will pay for $500k worth of cisco gear and workstations for the modem, and $5 mil worth of 'testing labor'?
DUPLICATE? (Score:1)
PLEASE oh please oh please! (Score:3, Funny)
Re:PLEASE oh please oh please! (Score:3, Funny)
The real hackers (Score:1)
"Berkley" (Score:1)
Simulating current internet activity (Score:2, Interesting)
Questions remain (Score:4, Interesting)
It would be interesting to see how they implement this network.
I don't think that we have a requirement to see any of the information that I've questioned above but this information could lead /. to be more informed on this situation.
Re:Questions remain (Score:2)
Easy--they'll just make sure to build the network out of cheap (insert your least favorite brand here) routers, and pass the savings on to the professor's salaries!
Just pretend don't hate me... (Score:4, Funny)
This is in the name of science!
I won't be real bad, just demand they hand over all their old video cards when they get new ones.
I'm still running my old Voodoo 3 3500, yeah baby it still ROCKS!
break the internet? (Score:1)
Al Gore would not like that
Partly Completed Already (Score:1, Funny)
Quick question: (Score:3, Insightful)
two quick answers (Score:2)
-discovering flaws in protocols not specific to particular implementations
Re:Quick question: (Score:2)
Re:Quick question: (Score:3, Insightful)
What I presume this 'model' will be used for is to do things like simulate how fast and far a new kind of virus could spread.
It's extremely pe
Re:Quick question: (Score:2)
First you have to be able to shoot silver arrows. Then you can beat the end guy.
The Real Reason (Score:5, Funny)
From now on, rather than spending several hours trying to explain the concept of the internet to people who have trouble walking and chewing gum at the same time, tech supporters will be able to simple say, "Yes."
Here is my offer... (Score:2)
Just offer prizes to hackers (Score:5, Insightful)
I would take the $5.5 million and divide it up into $5000 prizes that are payable to any hacker that demonstrates and documents a hack on the real net. The profs and grad students could ajudicate the prize giving. They would find at least 1100 exploits this way (fewer if they have to pay those pesky grad students or usurious university accounting department overhead rates).
If letting hackers profit from hacking the actual internet is too scary/illegal, then the university could create a small publically exposed network running a variety of apps, OS, etc.
Re:Just offer prizes to hackers (Score:3, Insightful)
Do the words "Cyber-Armageddon" mean anything to you? I imagine what some of the things they'll try to simulate are the really monstrous distributed denial of service attacks that would cripple the entire Internet for days and cause untold amounts of damage and inconvenience for millions all over the world. Things that would make a major slashdotting look like a mild hiccup. If they did that on the real Internet, the damage it would cause worldwide would be worth a helluvalot more than a piddly US$5.5 mi
Re:Just offer prizes to hackers... or not? (Score:2)
Yes, I would never suggest rewarding or encouraging hackers to create real damage, only encourage them to document what is possible. But perhaps you are right, the prize represents a very dangerous inducement for people to play with fire.
The bigger issue is the potential for flaws in the methodology. I was pointing out a big versimilitude problem with the model vs. real internet. This problem is on two levels. First are the scale issues -- a ne
Re:Just offer prizes to hackers (Score:2)
And then I would sue you because of all the damage done to MY machines on the real Internet as a result of the hacking you encouraged.
Does your company QA test your software by releasing it to the public as soon as you think it mostly works, or is there a process of internal and structured beta testing? (obvious Microsoft joke goes here)
Similar Project at Iowa State University (Score:5, Interesting)
Iowa State Computer Security Lab [iastate.edu]
Re:Similar Project at Iowa State University (Score:2)
The nature of government grants (Score:5, Informative)
I'd be interested to find out if the "model internet" was a proposed idea. In terms of government funding, $5 million isn't all that much, so I wouldn't be surprised to see if this was an idea pitched by people at UCB and USC during the open call. I'd heard that big names asking for reasonably small amounts of money were getting through pretty easily.
I tried to convince my company to pitch a variant of our crime analysis/trendspotting tools. Include a reference per recorded crime that indicates political or religious bias as the motive of the crime. Get a concentration of those - even if they are "lesser" crimes like vandalism or simple assualt - and you've got "smoke". And where there's "smoke"...
Re:The nature of government grants (Score:2)
... someone gets fired?
And six hours later... (Score:2)
How Cool Would It Be To... (Score:2)
So is this anti-terrorism too? (Score:2, Interesting)
So they're building a model of the internet to hack, so they can better deal with threats. Is the government really that much at risk that they need to do this? Surely they could just hire some really good hackers at ludicrous salaries to protect themselves?
Or is this really more war on terror stuff? Do they think that terrorist groups are operating over the internet and are they actually setting up some sort of training ground for an elite anti-terrorism unit to stop Osama Bin Laden getting his email or
It can be both (Score:2)
here's the real scoop (Score:5, Informative)
http://www.isi.edu/stories/70.html
excerpt:
"The DETER testbed will consist of approximately 1,000 computers with multiple network interface cards, located off the actual Internet. Three permanent hardware clusters, or nodes, at UC Berkeley and at ISI's Southern California and Virginia facilities, will serve as the core of the system.
"This isolated mini-Internet will serve as a shared laboratory where researchers from government, industry and academia can test existing and new security technology, using a wide variety of attack techniques."
Total waste of money (Score:2)
Re:Total waste of money (Score:2)
I don't know. I would think that hardware would be only a single component to the heterogenouse internet. There are plenty of different OS's connected to the real net. Many, many, many, different software applications that use the net. Perhaps the two universities would be able to create a more representative, small scale system than a corporation. Corporations are generally only good at what makes them money. In the case of networking companies that is hardware and software manufacturing for servicin
UCB still in business? (Score:3, Funny)
The "What if machine" (Score:2, Insightful)
What if everybody used IPv6?
What if you had to prove your id to send mail?
What if a Curious Yellow [blanu.net] -like worm were realeased?
What if.... well you get my point.
Is it really just defensive? (Score:3, Interesting)
a model? (Score:4, Insightful)
This complexity is precisely what makes tracking and solving problems with today's Internet so hard.
I am curious as to what they expect to study and find from this model. Today's problems with the Internet and networking in general are largely social, economic, or political. Figuring out some neat new protocol isn't going to make backbone provider X update their entire network. Worms and the such are also the bain of a social problem. As long as we have smart programmers with free time, there will be worms and exploits of the system no matter what procedures are in place or how smart the network is; The fix for said worms are timely patches and updates, however most users won't and don't do this, hence the epidemics.
This might make some great academic research and a neat new toy for the University but I fail to see how it can find applications in the real world where the problems are much harder than the technical ones this project (presumably) hopes to solve.
Re:great... (Score:1)
Teaching hacking = Yes (Score:2)
Yes, an article [earthweb.com] from a few months ago has some info.
Re:GA Tech does this already! (Score:2)
4483 tools CD is the one I am thinking of.
Re:GA Tech does this already! (Score:2)