{"id":335,"date":"2015-04-23T21:04:52","date_gmt":"2015-04-24T01:04:52","guid":{"rendered":"https:\/\/www.bu.edu\/macs\/?p=335"},"modified":"2015-10-28T14:26:54","modified_gmt":"2015-10-28T18:26:54","slug":"internet-insecurity","status":"publish","type":"post","link":"https:\/\/www.bu.edu\/macs\/2015\/04\/23\/internet-insecurity\/","title":{"rendered":"Safeguarding the Internet and Defending Civil Rights"},"content":{"rendered":"<p>We don\u2019t often think about what happens when we hit \u201cSend,\u201d but the internet\u2019s architecture determines whether our emails end up where we want them to go. And it\u2019s easier than you might think to mess with that architecture.<\/p>\n<p>The internet is made up of tens of thousands of independently operated networks (a large employer might be one network; Verizon, another) interconnected via the Border Gateway Protocol (BGP). Every computer in every network has a unique Internet Protocol (IP) address, like every phone has a number. In the absence of a central internet authority, the system functions on trust: there\u2019s no way to prevent networks from lying about the addresses they own, so one network can hijack another\u2019s traffic just by claiming its addresses\u2014it\u2019s almost as if you told the post office you owned your neighbor\u2019s house and asked it to deliver all the mail for that address to you. Developing fixes for insecurities like this one can be like patching a dam\u2014plug one hole and the pressure shifts, forcing water out of a new one.<\/p>\n<p>Sharon Goldberg specializes in anticipating and resolving the negative side effects of these fixes. With funding from the NSF, Cisco Systems, and Verisign Labs, she recently partnered with Leonid Reyzin, a CAS professor of computer science, to write a paper revealing how a flaw in one proposed solution to routing insecurity\u2014the Resource Public Key Infrastructure (RPKI)\u2014would challenge the fundamental openness of the internet.<\/p>\n<p>RPKI is a certification system that would prevent one network from masquerading as another to hijack its traffic. If the owner of a network\u2014ranging from internet service providers to universities to medium-size companies\u2014does not have the right certificate, the network would not be able to connect to the internet. The trouble, Reyzin and Goldberg found, is that this system would put a lot of power in the hands of large multinational and national network owners, like governments, and would create a new avenue for censorship. The controlling organizations would have the power to disconnect portions of the internet they found objectionable. A government would be able to take networks\u2014for example, those hosting content it doesn\u2019t like, such as a journalist\u2019s blog\u2014off-line. Reyzin and Goldberg have suggested modifications to the proposal that would alert networks to suspicious structural changes that could affect routing.<\/p>\n<p>Although these structural maneuverings enable the routing of our communications, \u201cit\u2019s unlikely the end user will even know this is happening,\u201d Goldberg says. We typically notice structural issues only when there is an internet outage, when the internet connection fails, or when traffic is hijacked. \u201cThis is like internet plumbing,\u201d she says. \u201cYou don\u2019t think about the plumbing until it stops working.\u201d<\/p>\n<p><span><a href=\"https:\/\/www.bu.edu\/today\/2015\/internet-insecurity\/\" target=\"_blank\">Read more at BU Today<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We don\u2019t often think about what happens when we hit \u201cSend,\u201d but the internet\u2019s architecture determines whether our emails end up where we want them to go. And it\u2019s easier than you might think to mess with that architecture. The internet is made up of tens of thousands of independently operated networks (a large employer [&hellip;]<\/p>\n","protected":false},"author":10066,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/posts\/335"}],"collection":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/users\/10066"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/comments?post=335"}],"version-history":[{"count":3,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/posts\/335\/revisions"}],"predecessor-version":[{"id":382,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/posts\/335\/revisions\/382"}],"wp:attachment":[{"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/media?parent=335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/categories?post=335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bu.edu\/macs\/wp-json\/wp\/v2\/tags?post=335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}