Greetings. In Proposal for Breaking the Internet Network Neutrality Deadlock, I recently suggested a project for the gathering and analysis of worldwide Internet traffic data and characteristics, for Network Neutrality-related and other purposes, based on a distributed architecture of processes running mainly on end-user computers.

I've now dubbed this project the "Global Internet Measurement Analysis Array" (GIMAA).

I'd like to now touch very briefly on a few of the many practical considerations that such a project would entail, including deployment, security, and privacy issues.

To be useful, the measurement collection environment requires a very large number of participating end-user sites. While standalone versions of the GIMAA programs will of course be needed for a variety of hardware platforms, deployment could be significantly hastened by including the associated code into other already widely used end-user packages, e.g. popular browser/OS toolbars and/or free utility application bundles. It may even prove possible to primarily use the existing application/toolbar data traffic as the foundational operational corpus for the measurement system itself, supplanted as necessary by purpose-generated measurement-related data.

To the extent that the vendors of such toolbar and application packages are interested in the potential ongoing output of a GIMAA environment, such "packaging" would seem an attractive possible route for dissemination of the system, with the goal of reaching a practical deployment level as quickly as possible.

A range of security and privacy issues accompany a project like GIMAA, some of which will likely be leveraged by some entities into objections against the entire project.

Clearly the GIMAA code modules, measurement payload data, and any associated aggregated data will need to be secure and as protected against manipulation and tampering as current technology will allow. User data on participating systems must be protected as a first priority concern.

A more unique issue with the GIMAA methodology is that the techniques envisioned, if they prove out and are very widely deployed, could be extremely powerful. As such, concerns are sure to be raised that GIMAA may publicly reveal network traffic, topological, vulnerability, and other data that some network participants, and others, might prefer to keep hidden for business, security, or other reasons.

It can be anticipated, for example, that some firms (including ISPs) would become concerned that GIMAA node activity could reveal what they consider to be proprietary aspects of their network topologies, and that attempts to block GIMAA measurement traffic, and/or the writing of prohibitions against such measurement techniques into Terms of Service agreements, would be forthcoming.

Of course, one of the key purposes proposed for GIMAA is to detect vulnerabilities and abuses so that they can be corrected (through technical or policy means, as appropriate), and it would be expected that some of those entities responsible for such conditions would not be enthusiastic about their being so exposed.

I also consider it likely that GIMAA will be criticized from some quarters on national security grounds, with the argument being that the Internet infrastructural data that could be exposed would make attacks on the Internet and its attached systems more effective.

All of these concerns are real, and considerable effort will be needed to balance the benefits and risks associated with a project like GIMAA.

But aside from the more obvious cost/benefit analysis that can be applied to this project, there's another basic reality that renders some of these concerns relatively moot in important respects.

The categories of measurement methodologies proposed for GIMAA could be deployed on a clandestine basis by technologically skilled adversaries, perhaps as part of widely disseminated computer viruses and the like. If GIMAA does not move forward, that doesn't guarantee that "bad guys" won't get access to such data via their own GIMAA-like technologies that could infect systems around the world. Blocking GIMAA would only assure that honest players wouldn't have access to the same sorts of important information.

In my book, it's nonsensical and dangerous to block open and honest use of even potentially sensitive data, while the unscrupulous can likely gain access to similar data via their own means and for their own purposes. Sometimes sunlight really is the best disinfectant, and in the case of the Internet the old paradigm of "security through obscurity" has been widely discredited.

GIMAA, while not without real risks, will hopefully shed some needed light on aspects of the operational Internet that have been in the shadows for far too long, having caused a resulting lack of trust that only more open availability of data in these respects can likely ameliorate.

Thanks as always for your consideration.

--Lauren--