OpenFlow: The beginning of a new (manipulated) Internet?

www.dnaindia.com...

I find it strange that this doesn't get more coverage. It is indeed a great tool for developers, but could TPTB use this to have the ultimate control on what you're doing on the Net?
This technology is made for researchers and developers to make "tests" on current live networks like the Internet without interrupting the flow of it. I.e. it's "masked" to the end user.
OpenFlow can even take control on the net's traffic flow and separate it from its infrastructure putting it under proprietary's net control, another users, or individual applications.

This is the official website

This is on an experimental stage yet, but they're encouraging every major switch vendor and universities to use it. Will they install it on every LAN card as well on the future?

To your question "could TPTB use this to have the ultimate control on what you're doing on the Net? "

The answer is no and then maybe. First it helps to understand what it does. My home router has different options I can set. These are just stupid things like if I want to open and close ports to the outside. However, I can set a password so nobody else can change them.

I can start the web browser and type a special address that will take me to the configuration program. If you type the same address you'll get your setup program instead of mine. If we have different brands of routers we'll get two different configuration programs.

Big commercial routers that power the net are sort of the same way. Some of them are dumb and you can't really configure anything. Some are, but every single brand has a different way to do the configuration. And for the most part they're dumb enough you can't really teach them to do new tricks if needed. In other words they do their job really fast, but not really smart.

That means if you have a whole bunch of them from different brands and you want to manage them or update them from a central location you have to write a program that can talk to all of them or simply buy new hardware cause you can't teach it new tricks.

OpenFlow is basically just a specification for a standard set of features that all routers would support and a standard of way of talking to them so you could use one central management program to configure them and update them with software instead of having to chuck the whole box for a new one.

They're still your routers though and you can set the passwords on them so no one can configure them but you. The only problem would be is if OpenFlow had a back door like a master password or a special command that the government could use on all of them, but if they had that the hackers will probably find it pretty quickly.



[edit on 4-4-2009 by tinfoilman]

reply to post by tinfoilman

---

Thanks for the req. Yes, it's true, but if they can do things like "redirect traffic" and tests, my fear is this to evolve into some sort of "LAN ID" where everything you do gets recorded and they can monitor it as they please. Who knows in this specific case which instructions or coding is used to future enhancements.
I make this assumption in the basis that, if someone wanted total internet control, instead of sensoring, it would be much better to simply surveill every user. Of course I believe they do this right now, but in a crude fashion comparing to what could it be.

You're not wrong to have worries. With every router running the same software it would make it easier for the government to use one software program to monitor what's happening on every router and take control of them. If it's easier for you to control it would be easier for them too assuming they had a back door.

That's why I think it's a maybe. I don't see any problem with it now, but that doesn't mean people shouldn't keep their eye on it. I know I'll be keeping an eye on it and things like it.

I was under the understanding that modern routers and switches already logged traffic information, and could be manipulated accordingly to streamline data flow via point of presence by a network technician.

... so why the need for firmware that remotely does what the network technicians already do?


Installing a universal control throughout the network would just be implementing a mode of control that can be used against its will.

IE... if they allow universal remote control over the networks, the black hat hackers would have a field day with it.


Won't matter anyways.
I can almost guarantee the first few days of real-world field trials will be met with the full destructive curiosity of hackers worldwide. Enough so that network techs will likely never allow the firmware to be installed on their equipment again.

It's a mistake waiting to happen.
Luckily, the hackers will likely have their way with it and make a mockery of it before it gets implemented on too many systems.

reply to post by johnsky

---

Let's hope it turns out that way, they would have to implement a whole new paradigm in networking to prevent hacking. But maybe this is a beginning in that step. If they can measure traffic and connections, maybe they'll be able to detect from where this hacker is doing it, based on the physical embedded code new cards could get.

reply to post by seb2882

---

Well, we will have to watch this as it progresses.

Remember the old proverb about Control.
Tighten your grasp hard enough, and everything slips through your fingers.


If too much control is placed on this network... it's not hard to imagine a new network being born on the cheap using yesterdays hardware in order to circumvent the monitors.

... if that second network is born, I would expect everyone who values privacy and freedom to jump over to it and render the "official" internet to be a world wide network of paperweights.

[edit on 7-4-2009 by johnsky]