»BGP and the Rule of Custom«
2017-12-27, 21:45–22:15, Saal Dijkstra
When bad actors can simply move servers from country to country, why does the internet remain reasonably civil ? How does one get on, or get kicked off, of the internet ? Why do fraud and child abuse websites regularly get shut down but thepiratebay remains living ? I will explain BGP, the protocol that knits the internet together, also covering the world of last resort hosting, bulletproof hosting and high profile cases of servers that were taken offline and servers which could not be taken offline despite significant effort.
We have been taught that someone must be in charge, there must be a supreme court of arbitration, otherwise chaos will reign. But we have before us an example of a network which does not have any supreme court, nor any official law or governing body besides ICANN.
The internet is made up of tens of thousands of organizations (known as Autonomous Systems) who interconnect with one another voluntarily in what are known as peering agreements. Over 99% of all peering agreements are handshake agreements with no written contract and providers trust one another to follow social norms which are present within the internet community.
Certain behavior such as denial of service attacks, email spam, and malware propagation are generally recognized as anti-social and autonomous systems which are dedicated to these types of business have in the past found themselves disconnected by their providers and unable to find anyone who will connect with them.
Some hosting providers describe themselves as "bulletproof" or "last resort" hosting, providers who will host websites which are not able to find hosting in other places. Bulletproof hosting charges large sums of money and then allow their customers to do anything (including sending of spam and malware), last resort hosting providers by contrast often reach out to high profile organizations who have been disconnected by their original provider for political reasons.
This system without explicit rules has proven to be highly favorable to freedom of speech while still managing to prevent some types of activity which is generally recognized as bad. In the development of new federated apps, we can learn from the successes of BGP and the challenges which it has faced over the past 40 years.