It's Time to Re-engineer the Internet

By: kent

17 May 2011

I recently posted about a privacy project proposal I submitted to the "Ideas for a Better Internet" project by Harvard and Standford Law and Computer Science students. This great initiative is now seeking further public input and comments on how the group should start about re-engineering the internet:

  • [W]e're announcing our Call 2.0, where we're asking the world for feedback to help develop the ideas for a better Internet. We've selected and consolidated the ideas that most resounded with our team, gathered and divided them into topic groups, and posted them on our new website:

There are a lot of great ideas here, but here's a quick rundown of a few of my favourites:

1. Mesh networks. Essentially, a mesh network is an internet without the top-down architecture that currently allows governments--such as the recent regimes in Egypt and Tunisia--to hit the internet kill-switch. An organization called the Open Technology Initiative proposes "an open source 'device-as-infrastructure' distributed communications platform that integrates low-cost and preexisting, off-the-shelf devices, such as users' existing cell phones, WiFi-enabled computers...".

A P2P internet architecture that uses existing devices is absolutely key at this stage in trying to get a viable mesh network off the ground. The most likely early adopters are persons in areas afflicted by oppressive regimes, and in areas unable to afford traditional internet access. In both of these regions, any requirement for new and different technologies would be either prohibitively expensive or simply not permissible by the government.

2. User Rating of Certificate Authorities. The internet's current system of Certificate Authorities, which we all rely upon to certify our secure https connections, are problematic in many ways. First of all, purchasing a certificate is expensive. Prices can easily run into the hundreds, or even thousands of dollars. This creates a significant barrier for small websites and individual webmasters to secure their sites. Secondly, the trust worthiness of even a few thousand dollar certificate is sometimes highly questionable.

Crowd-sourcing the validation and verification of a particular server's trustworthiness could make the certificate authority system more secure, and free!

3. Last, but not least, I *happen* to be a fan of my own proposal that has made the initial cut: ISP level privacy protections, which I've previously discussed here.

Remember that the crews at Harvard and Standford are actually going to start working on a couple of these innovative ideas! Comments are most welcome on the feasibility and possibilities for both my proposal and the others.