Are higher speeds really a good thing?

[Guest]

Something I thought I might bring up as a topic of discussion is these new internet speeds being rolled out - are they really a good thing? Sure, everyone loves loading their YouTube video faster however in these times of cybercrimes and DDoS attacks, is it really a good idea for residents being able to access 1gigabit speeds or in the case of Japan; 2gigabit. 

 

My biggest concern is the lack of national high bandwidth infrastructure. Not residential lines but major exchanges. If everyone suddenly has these huge lines, countries lagging behind in exchange infrastructure may start having issues with DDoS attacks.

 

Something else to have a read of; 

 

http://blog.cloudflare.com/the-ddos-that-almost-broke-the-internet

 

Your thoughts?

 

[Volbet]

You raise a valid point, and I have thought about these things myself. But as I see it, the internet is a tool and as a tool it can be used and it can be misused. We can't slow down progression in fear of what a select few will use that progression for. High speed internet can also be used for a greater good. It will allow for faster communication between countrys and may even help with scientific progress. See for example The Human Brain project, it is relying on fast internet speed to simulate the human brain, and therefor furthering our understanding of it.

The Human Brain Project website: http://www.humanbrainproject.eu/

Of course we could ask ourself: Does the average cosumer really need 1Gb/s speed to load YouTube videos and download Steam games?

[mr moose]

The thing that annoys me most about this is that we have a tool with massive potential for everyone.  Then we get the spammers and greedy organisations that want exclusive rights to use it anyway they see fit and if they can't have it their way then they will attack it and destroy it so nobody can use it.

[sonarctica]

That might even be a good thing, if countries that have lagged behind get DDoS attacked, it's an incentive to upgrade their exchange infrastructure. Now, I'm going to point fingers at Finland which is 20 years behind in every possible way, this would be a good thing for it to start working towards better infrastructure so these attacks wouldn't work anymore, therefore everyone would be happy again. It'll do damage yes but I feel like it's worth it if it means better results in the end and if one gets attacked, I'm sure everyone else will get scared and start upgrading their stuff.

 

Hopefully I didn't misunderstand the OP completely hah

[Darren]

As long as ISPs keep purchasing more bandwidth, it'll be fine. IX's have plenty of bandwidth to spare. LINX only peaks at 1.5Tbps, AMSIX at 2.2, DECIX at 2.5 etc... 

[LAwLz]

 Now, I'm going to point fingers at Finland which is 20 years behind in every possible way, this would be a good thing for it to start working towards better infrastructure so these attacks wouldn't work anymore, therefore everyone would be happy again.

As far as I know, Finland isn't really behind at all as far as Internet infrastructure goes.

 

Anyway, I don't think this is bad OP. Even IF (big if here) it will result in huge DDOS attacks I still think that it's worth the huge benefit it brings, and like some other people said, it might encourage building better infrastructure. If we had taken this into consideration and thought like you do OP, then we would have stopped at for example 1 Mbps, because with enough people you could take out some people in Africa's Internet. Luckily we didn't do that, and it's just because of that we have come this far today. You can't always cater to the lowest common denominator, especially not in technology.

[mrenusso]

Don't forget that not even 10% of the entire internet connected devices have speed over 100Mb/s. Let alone Gb/s.

It may become a problem in the future, but the perpetual improvements in the backbone are pretty much following the evolution of "end user" speeds.

Don't worry too much about IXes, they're actually one of the easiest part of the network to upgrade (Everything is in the same place, you just need to replace equipment and increase the number of fibers between them). 

Finally, I also believe more and more ISPs and Tier 1 providers are implementing counter-measures against DDoS type of attacks and hardware vendors are also creating tools to protect networks (Cisco Network Foundation Protection comes to mind). 

 

Interesting read, btw !

[tom564]

Imagine that the zombie machines that bot-net owners have control over upgrade to gigabit, they would have huge amounts of bandwidth available to hit targets with. 

[aikoels]

I would be happy even for 10mb down and 1 mb up.....

 

I have about 4.7 down and .4 up, so to me higher speeds are worth risking it.

However I do see how that could also be terrible as you said above. The issue is that the internet is really a double edged sword, we just have to hope for the best. 

[s0nrise]

A single connection sending a gigabit of a ddos attack of some sort will be blocked very fastly by who is getting it.

I dont really see a problem from this perspective, ISP's should be able to filter / nullroute who is sending that kind of traffic.

If everyones connection gets faster, it wont change anything in terms of ddos vulnerability (services / servers), but in the other hand, Botnets could get much more powerful.

A mid-sized botnet may consist of around 70-100 zombies, each zombie having about 2-5 megabits of throughput, now think about this, each zombie now has a gigabit of throughput, that botnet would go from having a power of 500mbits all the way up to 100gbits, which yes, will make it MUCH more powerful.

This would be avoided by having server/datacenter/and international connections progress at the same speed, all scales, so If everything progresses equaly, everything will stay the same.

[acturisme]

Every tool has to potential to be misused.  But that is a risk one must take in order to get the usefulness from the tool itself.  You cannot close Pandora's box on technology. 

[Darren]

People here are mentioning DDoS. The largest we've seen is 300Gbps which is a fraction of that global infrastructure.

 

Imagine that the zombie machines that bot-net owners have control over upgrade to gigabit, they would have huge amounts of bandwidth available to hit targets with. 

 

The largest DDoS' don't come from peers alone -- http://blog.cloudflare.com/deep-inside-a-dns-amplification-ddos-attack

[tom564]

People here are mentioning DDoS. The largest we've seen is 300Gbps which is a fraction of that global infrastructure.

 

 

The largest DDoS' don't come from peers alone -- http://blog.cloudflare.com/deep-inside-a-dns-amplification-ddos-attack

Correct me if i am wrong but the more bandwidth and computing power the attacker has available to send requests in a DNS amplification attack influences amount of request that can be sent  meaning that that more bandwidth is available for hitting targets? 

[Darren]

Correct me if i am wrong but the more bandwidth and computing power the attacker has available to send requests in a DNS amplification attack influences amount of request that can be sent  meaning that that more bandwidth is available for hitting targets? 

 

Well yes, but it only amplified to that extend due to so many open DNS resolvers. In an ideal world everyone would have measures in place so that their DNS resolver couldn't be exploited by these attacks, so the issue wouldn't exist (or at least a level where it can be used to take down sites at will). Maybe we'll get there one day. It's cool how CloudFlare's systems allow their clients to be more resistant to attacks like these. It's an amazing service really