Blockchain and the Journey Toward a New Internet Architecture

5,026 reads

2017 has come and gone and blockchain has essentially become mainstream. The technology is set to disrupt multiple industries and creates incredible potential to bank the unbanked and fundamentally change the way we transact and communicate.

Another strong claim from the community is that blockchain technology portends the arrival of the new Internet, in a sense a return to its decentralized roots. In the early days, anyone could run his or her own server and connect to peers, creating an incredible, decentralized “web” of content. However, this original Internet eventually grew more centralized — consumers flocked to convenience and better interfaces at the expense of control over their information.

As a consequence, the internet today is dependent on large, powerful providers of cloud services, search engines, servers, and social media. With the advent of blockchain, there is a new possibility to return ownership and operation of these servers back to the users, which is quite exciting in and of itself.

What I am most interested in, however, is blockchain technology’s potential to resolve some of the endemic flaws inherent to the Internet protocol itself in conjunction with a redesign of the web’s original architecture. Despite the fact that NASA recently announced its ambitious plan to send someone to Mars and despite all our incredible achievements in the 21st century, we have yet to address the design faults that make Distributed Denial of Service (DDoS) attacks, malware, and viruses still possible today. Many of these issues stem from a faulty and outdated architecture predicated on hardware from the 70’s and 80's.

The idea of a quasi-utopian ecosystem empowered by blockchain, one in which people, companies, and devices transact in a “trustless” manner and interact through decentralized applications, or dApps, is not complete in my opinion without a long-overdue rethink of the Internet’s fundamental design. While there exist any number of blockchain projects with ambition to become a “World Computer”, in the short term we have become laser-focused on cramming as many transactions as possible into blocks verified by a strained network of nodes. The tech, despite the recent bloom in popularity, is still very much in early stages or, as Vlad Zamfir states, “amateur hour”.

Yet from an operating system perspective, I think this focus on transaction throughput and adoption is not enough. When it comes to an entire web or ecosystem, asking blockchain to do it all is an incredible ask. Running thousands of dApps atop a main chain and node network is similar to running way too many applications on your personal PC, with blockchain nodes resembling its internal communication bus. Given the issues with the internet today, blockchain should work as a tool to enable the new internet ecosystem, not become the ecosystem itself. It’s the tractor, not the farm!

For the first time in human history, through blockchain we have a means of issuing and affirming persistent identity. In my view, this capability is vital in setting out to solve some of the fundamental issues in the Internet’s design and the way our machines talk to each other. Blockchain tech, even in its current state, is enough to enable the next generation of the web that will enable IoT, frictionless & trusted commerce, and crisp file-sharing and P2P communications — as long as we can design out existing Internet protocol issues with a new architecture and end-to-end solution.

Internet: The Bad and the Ugly

One of the best events illustrating the terrifying cyber hell we live in today is the Dyn cyberattack that occurred in October of 2016. Dyn, a domain name system (DNS) provider, suffered multiple DDoS attacks that disabled a multitude of major internet services and platforms across Europe and North America.

DNS providers such as Dyn serve as the mapping service for Internet domain names, matching the URL you type into your web browser to its corresponding IP address. The way this massive attack worked was to overwhelm this provider with an extraordinary number of DNS lookup requests from an extensive botnet consisting of IoT devices such as printers, cameras, routers, etc. infected by malware.

The reason this kind of attack is possible is due to the set of rules that govern the internet today. This protocol, referred to as TCP/IP, dictates how data is communicated over the web, breaking it up into packets that are transmitted from sender to recipient.

In a DDoS attack, millions upon millions of these packets are spammed at a target such as Dyn to overwhelm a server. While there exist certain protections and algorithms to identify and mitigate these attacks, as a whole it is impossible to prevent these attacks from occurring.

Moreover these packets can be intercepted by a malicious actor, who can not only spy on your data but also modify it, changing the destination address or faking its origin. The ability to perform these “man-in-the-middle” attacks is closely tied to viruses and malware. Most of the time, we have “daemons”, more boringly referred to by Windows as background processes, to thank for that.

Daemons, aka Background Processes

Everyone reading this has surely at one point experienced something going terribly wrong on a personal computer. We are all too familiar with the routine — press CTRL + ALT + DELETE to open task manager and determine which daemon to exorcise. Aside from those preloaded onto your machine by the manufacturer, the bulk of undesirable daemons likely infested your machine through the music player, pornographic video, or online game you downloaded. You might have installed a program that you have only used once, but the daemon accompanying it will “live” in the background of your machine forever, possibly spying on your data, creating popups, or just generally being a bro-hater in the worst way.

Writers of Avenue Q were wrong. Turns out the Internet actually isn’t that great for porn.

You cannot really blame the average user for not knowing any better. It is entirely plausible, for instance, to think that someone might make the mistake of connecting to a fake airport WiFi hotspot and accept the download of an “access program” that proceeds to load multiple malicious background processes. These daemons then allow their owner to watch you through your webcam and monitor your activity, if left undiscovered, forever. Just one mistake is all it takes!

The notion of downloading something from the internet that, surreptitiously or not, then proceeds to install a background process on your machine dates back decades to some of the early operating systems.

A Gentle History of Operating Systems

There have essentially been three generations of operating systems — DOS, NT, and Windows 10. For the purposes of this discussion, I will briefly touch on DOS and NT.

The DOS paradigm started in the late 70s/early 80s and lasted about 20 years. DOS, as the very first operating system, was a single process environment where all apps ran in the same space. This meant that if one app crashed, everything would crash!

Starting in 1992, Windows NT was the first multi-process OS for consumers from Microsoft in which all your apps “live in different rooms”. When Microsoft Word crashes, Internet Explorer is unaffected! However, these apps still shared the same file systems. This was the advent of administrator privileges and permissions that allowed access and read/write abilities across all these apps.

While some of you reading this might be too young to remember, hard drives did not exist back then. Instead, these processes or “jobs” ran on floppy disks. Because “floppies” flat-out sucked, daemons or background processes were introduced and preloaded so that the system could even keep up with simple user input such as typing!

Even though advancements in technology sped things up significantly in the 90s, the deadly combo of administrative privilege and daemons was the breeding ground for all sort of nasty viruses and malware. If you installed a malicious service or device driver, chances are it would be granted or inherit administrative privileges from you that would allow it to run amok. Such services can install all kinds of daemons that can modify your registry, listen to your traffic, and today, threaten to encrypt all your files unless you pay a ransom in Bitcoin!

The Problem of Third-Party Name Servers

The fact that we are operating on daemons, essentially relics from what should be a bygone age, is also predicated on an unsolvable issue at the heart of the current Internet protocol.

There are three components for communication on the existing Internet:

(1) Client: hardware or software looking to access a service provided by a server. As this server is usually on another computer, the client needs to access it through a network.

(2) Server: machine or program that responds to the client’s request and delivers the requested content.

(3) Name Server: a specialized server that handles your request and tells you the location of your server. You can think of it as an operator or a phone book. The catch is that it maps to data loaded by a daemon on your OS.

So when you type a URL in the address bar or your browser, you as the client query the name server, who assigns you the correct server to provide your content.

Unfortunately, as the client-DNS-server process was designed for usability and not security, there is an entire host of attacks that take advantage of its vulnerabilities. The worst part about this is that operating system manufacturers are powerless when it comes to malicious daemons and third-party name server exploits. Manufacturers cannot control what users decide to put on their machines or the behavior of programs, malicious or not, created by third-parties. Their best efforts are to create patches and tools to remove existing and known malware — but at that point the damage has usually been done.

Altogether, these undesirable elements all prey on today’s existing internet architecture that enables unknown, external entities to access and modify your operating system itself and take advantage of hapless users.

Time To Stop Giving Apps So Much Control

Given all these issues from TCP/IP, background processes, and third-party programs with administrative privileges, the need for an end-to-end solution cannot come soon enough. We need to completely abandon our reliance on daemons and create an environment where applications are forbidden from influencing the operating system, period.

As an illustration, consider two scenarios of a video camera within your home. In today’s traditional internet, routers act as firewalls that prevent external data from passing through into your home. However, like a one-way mirror, your router does nothing about traffic going out.

High budget illustration of a creepy dude packet sniffing your cheap Walmart video camera.

In this way, your video camera is constantly broadcasting, and someone sitting in a suspicious van in front of your home might very well be intercepting those packets and exposing your greatest secrets, like the fact that you pour the milk in the bowl before the cereal.

For a new Internet that can meet the security needs of IoT and P2P transactions, devices such as video cameras and sensors should not be permitted to broadcast data at all. Instead, data should only be accessible on-demand. Only an app on your phone privy to the blockchain-secured UUID of that camera should be able to pull that data feed.

Now let’s scale it up to industrial IoT. Recently, I had the opportunity to interview Rong Chen, a very distinguished OS architect who worked with Microsoft in the 90s developing ActiveX, IE, and NT. He shared with me some of the issues he encountered consulting the Chinese on their national energy grid. This State Grid needed to consume and digest data from millions of sensor devices. With the current internet protocol design, the team quickly realized that securing such a network was untenable.

Given the fact that each of these “smart” devices would be constantly broadcasting and managed by background processes, State Grid would have to take it on faith that the manufacturers did not skimp on encryption or introduce malicious code into any number of devices. Checking the code of each device on such an enormous network was simply impossible, making it just as impossible to assure that foreign entities could not spy on the data or worse, introduce some malicious, hidden virus set to activate and cripple the grid after 10 or 20 years! This particular issue is an enormous obstacle to any industrial IoT implementation.

So how can industrial-scale IoT be enabled? As long as third-party device drivers, daemons, etc. are in play, can we ever trust that your driverless car will not kidnap you?

For enterprises and governments this means taking end-to-end control. For the general and public Internet that goes far beyond just IoT, it is much trickier by far.

The Enterprise Solution for IoT

For enterprise, the simplest solution is actually more centralization — managing the entire end-to-end traffic of the internet and completely removing the risk of malicious daemons, drivers, and everything else evil under the sun.

When it comes to enterprise, Microsoft is actually in an incredible position to completely dominate the market when it comes to industrial IoT. While this may come as a surprise to some, Windows 10 is actually the most advanced operating system ever conceived! In fact, many of the concepts discussed earlier (dispensing with background processes, eliminating third party name servers) are actually already native and possible with Windows 10!

To further blow your mind, I can also tell you that Windows 10 is actually the last operating system that Microsoft will create.

That’s right, there will be no Window 11 or Windows 12! The reason for this is the completely new operating system paradigm of ubiquitous computing, where computing occurs anytime, anywhere, across a universe of devices. Windows 10 was actually built with this IoT-enabling notion in mind, and this ecosystem focus actually precludes the company from ever offering another operating system version.

The reason is quite interesting — in the past, if you upgraded your operating system, the manufacturers of your accessories or third-party devices would need to upgrade their drivers as well. If you have ever had to plug in a mouse or upgrade the drivers of an external monitor when you bought a new PC, you should understand what I mean. Unfortunately, in an IoT ecosystem, it is simply not feasible to expect thousands of manufacturers to upgrade drivers across millions of IoT devices! As such, improvements must be pushed through Windows 10 as it is again an ecosystem and no longer an isolated OS unto itself.

But wait — you can still press CTRL + ALT + DEL in Windows 10 and see all the background processes, right?

Let me introduce you to the Upside Down, the shadow realm that nobody really uses.

Now you’re in the sunken place.

I’m sure most of us have navigated to this interface before and thought nothing of it. In fact, it turns out most of us are using Windows 10 in legacy mode; you can actually access all your favorite apps from within this alternative interface that does not use background processes. It is the difference between installing Skype for Windows vs. Skype for Desktop. Long story short, the technology is already here!

Because of its firm technological grip with Windows 10 (which is also advanced in several other ways outside the scope of this article), Microsoft can simply take over the entire network and remove the need for name servers entirely, ensuring a level of unprecedented security and safety.

While I am sure we can all agree that we do not want to the general internet to be owned by Microsoft, this approach is absolutely perfect for the enterprise level as (1) you have an end-to-end secure solution where everything on the network that can communicate is vetted by Microsoft and (2) you have someone to sue if something goes wrong. I would be very surprised if Microsoft’s Windows 10 and blockchain teams are not already exploring such an opportunity.

Yet nothing precludes national governments from moving in this direction as well. Popular messaging app WeChat, which has close ties with the Chinese Government, has already created a secure economic environment of sorts. Links accessed through WeChat open through its own private browser, and it is impossible for users to download anything malicious that would disrupt the service or the ability to make payments. The trade-off, of course, is the censorship and intercept protocols the platform is notorious for.

The Chinese Government did not like this image…

This reality really hit home for me when a friend of mine with a China telecom-issued phone number tried to send a WeChat group a jpeg image that, ironically, discussed the government’s use of tech companies to spy on its own citizens. It popped up instantly on my phone associated with a US phone number, but to my surprise nobody else with a Chinese number in the same group received the image, and there was no notification that the message had been blocked! Spooky.

With WeChat as a centralized service, identity is managed with phone numbers associated with accounts on the platform. If Tencent so chooses (and this has happened to friends of mine!), the company can choose to ban you from the platform at any time!

So this more centralized enterprise/government-run Internet is one such way to advance internet security at the expense of privacy and competition. For the general web, it is necessary to develop a decentralized WeChat of sorts, where payments, P2P file-sharing, and general communications can occur without an external entity/third party tracking or having control over identities. For this we need blockchain.

Blockchain’s Central Role in Identity for the New Web

If we are able to quarantine the application layer from ever communicating or influencing the plumbing of the internet, the next issue to resolve is that of identity. Enterprises and the government do not have this problem as they simply assign them, but for a new, public, and decentralized Internet we do not have that luxury.

Naming devices today is pretty meaningless in how effortlessly malicious actors can spoof hundreds of thousands of IP addresses and propagate fake routers and devices. Blockchain technology, however, provides the extraordinary utility of making issuing and tracking of persistent identity possible.

The problem of tackling a new Internet that allows for persistent identification to enable frictionless transactions without the need for hundreds of passwords and authentication apps is not a trivial one, but the consequences of the current system cannot be tolerated.

Walter Isaacson, biographer of Steve Jobs, points out that the current architecture of the internet “enshrined the potential for anonymity…For years, the benefits of anonymity on the Net outweighed its drawbacks…Now the problem is nobody can tell if you’re a troll. Or a hacker. Or a bot…This has poisoned civil discourse, enabled hacking, permitted cyberbullying, and made email a risk. Its inherent lack of security has allowed Russian actors to screw with our democratic process.”

The ultimate end-to-end solution to return to a decentralized internet will require a peer-to-peer element and decentralized cloud servers, drawing on the P2P foundations built by Jed McCaleb’s eDonkey and the journey of projects such as Urbit, focusing on a network of personal servers, and Blockstack, which enables users to store data locally on their device and uses blockchain to verify it and authenticate ownership of it.

Today, the most expansive and complete solution in my opinion is unquestionably Rong Chen’s Elastos project, which has progressed to over 10 million lines of code to develop a virtual machine layer to separate foundational network communications from the activities at the application layer.

In this way, these critical security properties and proofing against daemon-related malware, viruses, and malware attacks are enforced as core elements of the system, taking the burden off developers to anticipate these current and inherent flaws in every line of code they write. It is my hope that the open source community will embrace the concepts behind this project to create a new network environment where transactions and interactions can occur securely and consistently. In other words, a place where my grandmother would not be able to accidentally download ransomware to my machine no matter how many popups tell her that she has won the lottery!

Intent & Capability

In January of 2010, inspectors at an Iranian uranium enrichment plant noticed that its centrifuges were failing rapidly. Nobody, not even the plant’s technicians, could figure out why. Almost a half year later, a security firm called in to diagnose some Iranian computers that kept crashing and rebooting also could not determine the cause.

After some determined research, computer scientists extracted a nasty set of files comprising Stuxnet, known to be the world’s “first digital weapon”, or “digital missile”.

For the first time, a computer virus had emerged from the digital universe to influence the physical world! It turns out that Stuxnet had been quietly sabotaging the power plant’s centrifuges for more than a year by cleverly adjusting valve pressure to damage the devices and ultimately destroy them.

This virus was created to attack with surgical precision; in fact, it was only discovered far after the fact that it even had the capability to draw an “electrical blueprint” of the power plant to understand how the Iranian’s computers were controlling the centrifuges. This complex worm was delivered through a simple thumb drive by a double agent.

This might sound like something out of the movies, but it is all very real. Some group out there, and there are many theories, designed a horrifyingly advanced and contagious weapon to disrupt Iran’s nuclear program. The current state of the internet and the fact that attacks like this are possible is nothing short of terrifying.

While there is something to be said for the ability to transact anonymously that is present in the current incarnation of Internet, I believe we need a transparent alternative such as Elastos for IoT devices and for secure transactions that is a holistic end-to-end solution utilizing blockchain’s unique properties for persistent identity. In other words, we need a service that is the opposite of Tor, and blockchain can take us there without the interference or oversight of less than beneficent third parties.

Yet to call blockchain itself the next generation of the internet is a gross oversimplification; simply increasing transaction throughput and creating decentralized applications is not enough. We need to upgrade the fundamental architecture of the internet protocol itself.

We have been very lucky so far — there is a saying that when it comes to the Internet, those who have the intent, don’t have the capability, while those with the capability don’t have the intent.

It is high time we bring forward the next generation of the Internet before some malicious entity stumbles across both.

This article would not be possible without the contributions and conversations with Rong Chen, Chairman of the Elastos Foundation. A huge thank you to him for sharing the insights gained from his life’s work and it’s my hope that his team and other interested members of the blockchain and open source community help to usher in the next generation of the web.

Tags