China Wants to Control All the Internet With ‘New IP’ Plan

The Chinese Communist Party wants to remake the internet in its own image. It’s supported by such open, democratic and transparent regimes as Russia, Saudi Arabia and Iran.

Unsurprisingly, perhaps, the proposal is an authoritarian’s wet dream. It includes the ability to centrally censor and authorize connections.

DevOps Connect:DevSecOps @ RSAC 2022

And all this is wrapped up in a proposal to “fix” problems that don’t seem to exist. In today’s SB Blogwatch, we thank Fred it’s Friday.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Miso turds.

IPv七?[You’re fired—Ed.]

What’s the craic? Catalin Cimpanu reports—“RIPE opposes China’s internet protocols upgrade plan”:

 [European]-based Internet governance body RIPE is opposing a proposal to remodel core internet protocols, a proposal backed by the Chinese government, Chinese telecoms, and Chinese networking equipment vendor Huawei. Named “New IP,” this proposal consists of a revamped version of the TCP/IP standards to accommodate new technologies, a “shutoff protocol” to cut off misbehaving parts of the internet, and a new “top-to-bottom” governance model that centralizes the internet.

The proposal received immediate criticism … due to its obvious attempt to hide internet censorship features behind a technical redesign of the TCP/IP protocol stack. [It] was described as the Chinese government’s attempt to export and impose its autocratic views onto the rest of the internet. … RIPE NCC, the regional Internet registry for Europe, West Asia, and the former USSR, formally expressed a public opinion against.

RIPE … says that any endeavors to revamp internet protocols should be left to the Internet Engineering Task Force (IETF), the international body that has been in charge of defining internet standards for decades. Such issues should not be left to the ITU, which is the United Nation’s telecommunications body, and an agency where political influence rules, rather than technically-sound arguments.

“This proposal is not about a real need for new technology, but about trying to alter the governance structure of the Internet.”

Wait, what? Dev Kundaliya has more—“The proposal appears to favour authoritarian regimes”:

 In this proposal, Chinese state controlled telecoms and hardware providers argue that existing TCP/IP is broken and won’t perform well in future internet which will include things like space-terrestrial communications and holographs. [But] the proposal talks about top-down check and balances that would eventually centralise the internet and put it into the hands of some selected node operators.

Moreover, the new system would include a “shut up command” that would let a central controller … cut off data going to or from a specific address – a feature that many governments would find useful to silence activists. … The new standard could also require authorisation and authentication of not only new internet addresses, but also the individuals involved and the data packets being transmitted.

Russia, Iran, and Saudi Arabia have expressed their support for the proposal.

I bet they have. RIPE’s Marco Hogewoning asks the fundamental question—“Do We Need a New IP?”:

 Any evolution of the Internet should be left to the IETF. … We have been tracking this and related work for a while now and used our ITU membership to send a response objecting.

It is clear that the long-term vision is for this new architecture to … replace the Internet. [It would] depart from the core philosophy behind TCP/IP … an open and flexible system that is much more the result of decades of evolution rather than a single master plan.

The simple fact that you can change things doesn’t mean you should. … The open framework provided by the Internet protocol suite and its layered model … has provided an enabling environment which is often championed as “permissionless innovation.”

The most problematic and dangerous part of the proposal is not the technology, but the fundamental beliefs behind it. … Staff from Huawei and Futurewei, its R&D branch, have made it clear on several occasions that they see New IP as an opportunity to redesign the governance model into a top-down structure.

Access to the network itself would be controlled from centralised authorities. … This is much more of a fundamental shift than it first appears to be, as it would give control to the core of the network instead of leaving it to the end points, as … on the Internet today.

What’s really going on here? Madhumita Murgia and Anna Gross offer background—“Inside China’s controversial mission to reinvent the internet”:

 Whereas today’s internet is owned by everyone and no one, they [are] in the process of building something very different — a new infrastructure that could put power back in the hands of nation states, instead of individuals. … The idea was to illustrate that the current internet is a relic that has reached the limits of its technical prowess. It was time … for a new global network with a top-down design, and the Chinese should be the ones to build it.

Many experts see the internet as a civic space that requires better public hygiene. … The US, UK and Europe, for example, are interested in adapting the current system to introduce more regulatory power. … The Chinese New IP proposal is far more radical, and could embed a system of centralised rule enforcement into the technical fabric of the internet.

Huawei claims that New IP is being developed purely to meet the technical requirements of a rapidly evolving digital world, and that it has not yet baked a particular governance model into its design. … Traditional IP protocol is described as “unstable” and “vastly insufficient”, with “lots of security, reliability and configuration problems.”

One of the loudest critics of New IP has been Patrik Fältström, a long-haired maverick engineer, known in his native Sweden as one of the fathers of the internet. … For Fältström, the beauty of the internet is its “permissionless” nature, as demonstrated during the Arab spring. “We have to remember,” he says, “it is a balance between being able to communicate and control, but people having a voice is always more important.”

In China, one needs to apply for a licence to … host their own website. … Actions such as calling [President] Xi a “steamed bun” in a private chat group [are] punished by two years in prison.

Speaking of fathers of the internet, Craig Timberg channels Vint Cerf—“Your Internet is working. Thank these Cold War-era pioneers”:

 “This basic architecture is 50 years old, and everyone is online. … And the thing is not collapsing. … Resiliency and redundancy are very much a part of the Internet design.”

Some credit goes to [the] giant, well-resourced corporations essential to the Internet’s operation today. But perhaps even more goes to the seminal engineers and scientists like Cerf, who for decades worked to create a particular kind of global network — open, efficient, resilient and highly interoperable so anyone could join and nobody needed to be in charge.

Bell, which dominated U.S. telephone service until it was broken up in the 1980s, and similar monopolies in other countries wanted to connect computers through a system much like their lucrative telephone systems, with fixed networks of connections run by central entities that could make all of the major technological decisions, control access and charge whatever the market … would allow. … Cerf also was among a gang … who led an insurgency against the dominant forces in telecommunications at the time [and] legacy technologies.

The result was a network — or really, a network of networks — with no chief executive, no police, no taxman and no laws. In their place were technical protocols, arrived at through a process for developing expert consensus.

[It] goes a long way toward explaining why an Indonesian shopkeeper with a phone made in China can log on to an American social network to chat … instantaneously with her friend in Nigeria. … The lack of a central authority is key to why the Internet works as well as it does.

But could there be scope for replacing TCP/IP? Iain Morris worms his way into that angle—“Non-IP squares up to New IP in battle”:

 Demos of futuristic 5G services have become as common a feature of the technology press conference as rancid coffee and noisy typing. … Experts are seriously worried that TCP/IP … simply will not cope with services that demand a far shorter signaling delay than is usual in today’s smartphone world.

The alternative is something completely different. … The European Telecommunications Standards Institute (ETSI) … announced the formation of a new working group it calls Non-IP Networking (NIN). As the name implies, its proposal is to replace IP with a more efficient technology.

Some 5G supporters think a latency-related crunch can be fixed in other ways. Network slicing, a feature supposedly baked into the mobile industry’s forthcoming but COVID-19-delayed Release 16 standard, should theoretically allow traffic lanes to be reserved for some applications.

One thing’s for sure: … the eventual fix will be anything but straightforward.

Wait, what? (again) phantomfive cuts to the chase:

 At what point have you ever said, “this system is unstable and unreliable, we should make it more reliable by centralizing control”? Another name for “centralized control” is “Single point of failure.”

And dwx agrees it’s silly:

 We have NPUs like Tomahawk 4 which can forward 25+Tbps of IP traffic with port to port forwarding times less than 1uS. This … seems like it was written … 15+ years ago.

Delay is caused by congestion and distance. Distance you can’t really do anything about. … Congestion is definitely an area of study worth looking at, but it’s orthogonal to the header. … Whether its IP, “New IP”, etc. doesn’t really matter as long as the hardware support is there to process and forward the packet.

Meanwhile, Rick Schumann modestly proposes a compromise:

 They’re very obviously unhappy with how the internet is … so I say we just cut them off from it, and they can have their own little internet all to themselves. That’s what they really want anyway except they also want to dictate to everyone else how the internet should be. Well they can shove that up their *****.

Cut them loose and they can have their own Chinese-only internet.

And Finally:

Speaking of weird standards

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE.

Image sauce: DonkeyHotey (cc:by)

Featured eBook
7 Must-Read eBooks for Security Professionals

7 Must-Read eBooks for Security Professionals

From AppSec to SecOps, Security Boulevard eBooks deliver in-depth insights into hot topics that matter to the Cybersecurity and DevSecOps professionals. Our staff of writers are the best in the business, with decades of practical and award-winning experience and credentials. We are excited to share our 2019 favorites. Take a look and download some of ... Read More
Security Boulevard

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 370 posts and counting.See all posts by richi