Stories
Slash Boxes
Comments

SoylentNews is people

Vint Cerf on 3 Mistakes He Made in TCP/IP

posted by janrinok on Tuesday May 09, @11:33AM   Printer-friendly

upstart writes:

The co-creator of the Internet's protocols admits his crystal ball had a few cracks:

Vint Cerf, the recipient of the 2023 IEEE Medal of Honor for "co-creating the Internet architecture and providing sustained leadership in its phenomenal growth in becoming society's critical infrastructure," didn't have a perfect view of the Internet's future. In hindsight, there are a few things he admits he got wrong. Here some of those mistakes, as recently told to IEEE Spectrum:

  • 1) "I thought 32 bits ought to be enough for Internet addresses."
  • 2) "I didn't pay enough attention to security."
  • 3) "I didn't really appreciate the implications of the World Wide Web."

These are only his top three - can you think of some that are missing from that group? What about any mistakes that aren't top 3 but still in hindsight should have been done differently?

Original Submission

 
This discussion was created by janrinok (52) for logged-in users only. Log in and try again!
Vint Cerf on 3 Mistakes He Made in TCP/IP | Log In/Create an Account | Top | 20 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Insightful) by looorg on Tuesday May 09, @12:26PM (2 children)

    by looorg (578) on Tuesday May 09, @12:26PM (#1305505)

    It would seem that more or less all the issues are the same one or two issues -- I/we couldn't predict and see into the future. What they did made sense for back then and a few years into the future. Beyond that things get very hazy. Also the rapid change of systems back then they probably didn't expect some of these things to be around for very long before they got replaced by something new.

    Sort of like I don't think we can really make good predictions today on what the internet will be like in 30-40 years time from now. But if we just follow the curve it will be hellish.

    The amusing 32-bits ought to be enough for everyone and everything. Until they started to give one to every machine under the sun from computers, cars, phones, fridges and god only knows what else. Not to mention all the billions of people that all of a sudden want to be online to facebook, look at naked people and shop for things they don't really need. Didn't take them into the equation. Oops. My bad!

    The security is legit tho. A large chunk of naivete. But then the internet wasn't for the masses or for sending monetary transaction as it is today or a giant mechanism for gathering data on people so you can stalk them or show them ads. So it had other security concerns back then, if any. If you can just send passwords in plaintext or store them all on the server in a plaintext file, sometimes not even encrypted or as a hash then you are living in a different world compared to today.

    These are only the top3? Was there a more extensive list? I can't seem to find it. But over all they are probably all about not being able to predict the future, a lack of security features and that you more or less trusted everyone back then so there was no need for much checking. If you got hooked up you were in the club and was ok. After all not a lot of people on the internet back in the 70's and 80's. You could know all the machines connected and the people that took care of them. Unlike today.

    Also he is only the co-creator now? Did Al Gore demand that they share credits?

    Starting Score:    1  point
    Moderation   +3  
       Insightful=2, Interesting=1, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 5, Interesting) by zocalo on Tuesday May 09, @03:29PM

    by zocalo (302) on Tuesday May 09, @03:29PM (#1305536)
    That was my thought too. IP was designed in the early '70s, the WWW didn't come along until the early '90s, (OK, there was Gopher, etc.), so while it's technically legit "with hindsight", I think it's also fair to say that there was no way you could have foreseen the WWW and the resultant mass-consumerisation of the Internet that resulted to have done things much differently.

    Security? 100%, that was a SNAFU. Not just Vint Cerf, of course, almost everyone involved was working from an ivory tower then; some of Jon Postel's application protocol RFCs would quite rightly be ridiculed as insanely naive if they were proposed today. I first got directly on the Internet proper without CompuServe or BBS gateways etc., in the late-80s (about 5 years before the WWW for the young 'uns), and we already had a lot of problems with some of the protocols being so fundamentally insecure, from application layer all the way down, and especially so if you could drop arbitrary packets onto the wire or manipulate them in transit (with the tools to do just that usually installed by default on many *NIX servers). It was trivially easy, and almost a rite of passage for some, to grab admin/root passwords in-clear from the wire with packet capture tools or extract them from system memory across a whole bunch of application protocols and go from there; hell, SSH wasn't even a thing until 1995, two years after the September that never ended, FFS!

    Address space, I think falls between the two. Yes, with hindsight, it could have been much better to have had another two or four bytes, possibly bringing in some routing or geographical coding, but this was at a time where computer memory *and* storage capacity was often measured in KB, and the Intel 4004 was state of the art, so it would have been a big ask to use 6- or 8-octet addresses, unless some of those octets were only needed for the actual internet working and could be omitted from local network segments. Realising that it would possibly be an issue at the time though? Even with the wasted address space from classful allocations, especially those 126 Class As, it might have been a stretch to extrapolate out just how many IP enabled devices there were going to be would exceed the practical amount of available and usable space. Not impossible though; every college/university globally having at least one computer lab full of IP-enabled terminals, as well as a lot of larger business/industry users replacing typewriters with some kind of IP-enabled terminal, wasn't beyond the realms of possibility for the eventual usage of IP, and once "home computers" really started to became a thing, the writing was all over the wall.

    For me, I think the biggest "with hindsight" fix I'd like to see is probably to have had a larger address space, and ideally bringing in some more geographical structure with it to assist with high-level routing, attribution/ownership, and traffic filtering decisions, even it it would have been fairly wasteful of the overall address space. Something like the first 4 bytes coding in the RIR (roughly "continent"), the LIR/country, the end-customer ID, and working akin to a BGP AS, and possibly even optional for local network traffic depending on an IP flag perhaps? IMHO, gutting WHOIS for privacy should never have been allowed, so much better if it had been essentially baked into the network stack from the get-go. While not great, a lot of the security issues can be pushed up the network stack for a solution (HTTPS rather than HTTP, SSH rather than Telnet) or retrofitted in a similar manner to how we actually did it (VPNs, and other end-to-end link encryption); not ideal, but it works. The IPv4 vs. CGNAT vs. IPv6 adoption issues, on the otherhand, are going to be causing pain for a long time to come yet.
    --
    UNIX? They're not even circumcised! Savages!

  • (Score: 1) by steveg on Wednesday May 10, @11:41PM

    by steveg (778) on Wednesday May 10, @11:41PM (#1305807)

    He and Robert Kahn designed the protocol. That makes him co-creator.