Internet History

Dr. Charles Severance <csev@umich.edu>

http://www.dr-chuck.com/
Twitter: @drchuck

https://www.coursera.org/course/insidetheinternet
 Copyright Thanks

• Thanks to IEEE Computer for permission to use IEEE Computer

magazine articles associated with the videos

• Thanks to Richard Wiggins for the use of his video material

• Thanks to Dave Malicke and Open Michigan (open.umich.edu) for help

with copyright review of these materials
 High Level Phases
• Dawn of Electronic Computing

• Pre-Internet Communication

• Research Networks - 1960s - 1970’s

• The First “Internet” - Mid 1980’s

• The Web Makes it Easy - Early 1990’s

• Ubiquity of the Internet - 1996 and beyond

 Alan Turing and Bletchley Park

• Top secret code breaking effort

• 10,000 people at the peak (team effort)

• BOMBE: Mechanical Computer

• Colossus: Electronic Computer

http://www.youtube.com/watch?v=5nK_ft0Lf1s
Graphic: Matt Pinter 24:50
 Post-War (1940s)
• Alumni of the US and UK code breaking efforts
and other started building general purpose
computers

• Manchester Baby

• Ferranti Mark I

• Harvard Mark I

• US Army ENIAC
http://upload.wikimedia.org/wikipedia/commons/b/bb/SSEM_Manchester_museum.jpg
http://en.wikipedia.org/wiki/File:Classic_shot_of_the_ENIAC.jpg
 Post-War (1950s)
• Math / Science “Won the war”

• Broad-based investment in maintaining the

US/West intellectual lead

• Mathematicians were valued, recruited,

brilliant, arrogant, and quirky

• "A Beautiful Mind" gives a sense of the

culture of the time

http://www.youtube.com/watch?v=CemLiSI5ox8
 John Forbes Nash

• Received his Phd. Mathematics at Princeton in

1950 at 22 years old

• Mathematics faculty at MIT - 1951 - 1958

• Schizophrenia 1959 - 1995

• Nobel Prize in Economic Sciences - 1994

http://en.wikipedia.org/wiki/John_Forbes_Nash
 Phone Line Networking
Leased

Dialup

Clipart: http://www.clker.com/search/networksym/1
Modem: http://en.wikipedia.org/wiki/Modem
 Dial-Up Access
• You were happy to connect to one
computer without having to walk
across campus

• You could 'call' other computers long

distance

• The characters were encoded as sound

• Pretty Common in the 1970’s

6:00
http://deepblue.lib.umich.edu/handle/2027.42/79576 (1969)
 Data Transfer with Leased Lines
• You could get a dedicated connection between two points from the
phone company

• No dialing was needed leased lines are always connected

• Reserved dedicated phone wires and permanent connections

• Expensive because of limited copper - cost was based on distance

• Think bank branch offices and other places where cost is significant

http://en.wikipedia.org/wiki/Leased_line
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
Saving Money with
More "Hops"
 Store and Forward Networking

• Typically specialized in Mail

• E-Mail could make it across the country in

six hours to about 2 days

• You generally focused your life on one

computer

• Early 1980’s

http://en.wikipedia.org/wiki/IBM_3270
 BITNET
• Typically specialized in Mail

• E-Mail could make it across the

country in 6-hours to about 2
days

• You generally focused your life on

one computer

• Academic network in the 1980’s

http://www.columbia.edu/acis/history/bitnet.jpg
Research Networks
1960-1980’s December 1969

• How can we avoid having a direct

connection between all pairs of
computers or long snake-like
connections?

• How can we dynamically handle outages

switching between multiple paths?

• How to transport many messages August 1972

simultaneously and efficiently?
http://som.csudh.edu/fac/lpress/history/arpamaps/
 Efficient Message Transmission:
Packet Switching
• Challenge: in a simple approach, like store-and-forward, large
messages block small ones

• Break each message into packets

• Can allow the packets from a single message to travel over different
paths, dynamically adjusting for use

• Use special-purpose computers, called routers, for the traffic control

 Packet Switching -
Hello there, have a nice day.
Postcards

Hello ther (1, csev, daphne)

e, have a (2, csev, daphne)

nice day. (3, csev, daphne)

http://www.flickr.com/photos/stephoto/1519649375/
 Packet Switching -
Postcards

e,
Hello
have
nice ther
a (3,
day. (2,(1, csev,
csev, daphne)
daphne)

Hello there, have a nice day.

http://www.flickr.com/photos/stephoto/1519649375/
 Shared Network
Router Wide Area
Network

Local Area
Network Cable or
DSL

Clipart: http://www.clker.com/search/networksym/1
 An Example Problem to Solve
• With each router having only a local / subset knowledge of the shape
of the network, how do we avoid confusion if the information is a little
"messed up"?

To: 67.149.*.*

Clipart: http://www.clker.com/search/networksym/1
Heart, F., McKenzie, A., McQuillian, J., and Walden, D., ARPANET Completion Report,
Bolt, Beranek and Newman, Burlington, MA, January 4, 1978.
http://som.csudh.edu/fac/lpress/history/arpamaps/arpanetmar77.jpg
 University of Illinois
at Urbana-Champaign
 Supercomputers...

• As science needed faster and faster

computers, more universities asked
for their own Multimillion dollar
supercomputer

• The National Science Foundation

asked, “Why not buy a few
supercomputers, and build up a
national shared network?”
CC: BY-SA: Rama (Wikipedia)
http://creativecommons.org/licenses/by-sa/
2.0/fr/deed.en_GB
 NCSA - Innovation
• We now “assume” the Internet and
the Web - it was not so easy...

• A number of breakthrough
innovations came from the National
Center for Supercomputing
Applications at Urbana-Champaign,
Illinois Larry Smarr, NCSA

• High Performance Computing and

the Internet were deeply linked
http://www.vimeo.com/6982439 (11:53)
 University of
Michigan

University of Illinois
at Urbana-Champaign
 NSF Net
• NSFNet was funded by the National
Science Foundation

• Standardized on TCP/IP

• The first national TCP/IP network that

was “inclusive”
ARPANET August 1972
• Initially the goal was all research
universities
http://som.csudh.edu/fac/lpress/history/arpamaps/
 Michigan's State-Wide Network

In 1969, Merit was one of the earliest network

projects that was intended for use by an entire
campus population of students, faculty, and
alumni. [1]

Merit PDP-11 based Primary

Communications Processor
(PCP) at the University of
[1] http://www.zakon.org/robert/internet/timeline/ Michigan, c. 1975
NSFNet @ University of Michigan
• University of Michigan did not get a
Supercomputer Center

• Proposed a $55M high-speed network

for $15M

• Partners: University of Michigan, Merit

Network, IBM Corporation, MCI, and
State of Michigan

• Operated from 1988-1995 http://www.vimeo.com/11044819

13:14
Source: http://hpwren.ucsd.edu/~hwb/NSFNET/NSFNET-200711Summary/
 NSFNET T1
Backbone and
Regional
Networks, 1991

http://virdir.ncsa.uiuc.edu/virdir/raw-material/networking/nsfnet/NSFNET_1.htm
 NSF Net Advocacy

• Initially aimed at research universities

• Cleveland FreeNet and similar efforts provided indirect Internet access

to the average citizen

• In about 1989-1990, the "academic-only" started being relaxed - led to

Internet Service Providers making "dial-up Internet" available to the
general public
 University of
CERN
Michigan

University of Illinois
at Urbana-Champaign
 CERN - High-Energy (physics)

• Brilliant physicists from all over the world

• Work on long, highly detailed projects - 15-20 years

• Have a lot of time to think..

• (And have fun)

http://musiclub.web.cern.ch/MusiClub/bands/cernettes/
http://www.youtube.com/watch?v=A1L2xODZSI4
"...You Prefer your Collider"
Visits to CERN!

http://club-softball.web.cern.ch/club-softball/Canettes/
http://www.youtube.com/watch?v=f90ysF9BenI
The Beginning of the Web: CERN
• The Internet was infrastructure -
the web gave the Internet a “user
interface and URLs

• The Web was invented at CERN by

Tim Berners-Lee and Robert
Cailliau Robert Cailliau
CERN
• CERN developed browsers and
servers - with a goal of worldwide
hyperlinked documents
(9:42)
http://www.youtube.com/watch?v=x2GylLq59rI
http://info.cern.ch/images/NextEditorBW.gif
 University of
CERN
Michigan

Stanford

University of Illinois
at Urbana-Champaign
 The First Web Server in America
• The first web server in America
was at the Stanford Linear
Accellerator (SLAC)

• It was a database of 300,000

Paul Kunz
research papers
SLAC
• Dr. Paul Kunz

• December 12, 1991

http://www.youtube.com/watch?v=lOgqP2yoKwc (5:30)
 1993: Gopher is Dominant
• Internet Engineering Task Force (IETF) Meeting

• March 29-April 2, 1993 - Columbus, Ohio,

USA (638 attendees)

• Gopher BOF - 200 attendees

• World-Wide Web BOF - 15 attendees

including Tim Berners-Lee

• P.S. DVD is invented this year

http://www.ietf.org/proceedings/26.pdf
What industry was
thinking in 1993...

http://www.youtube.com/watch?v=sYNUcFMCIzw
0:30
0:30
 University of
CERN
Michigan

Stanford

University of Illinois
at Urbana-Champaign
The Explosive Growth of the Web

• The web was invented in the early

1990’s

• Growing in Academia 1993

• Growing everywhere 1994 - 1995

• Cable Modems to the home started

in the mid 1990’s

http://gladiator.ncsa.uiuc.edu/Images/press-images/mosaic.1.0.tif
Mosaic - Netscape - Mozilla - Firefox
• Mosaic was the first “consumer” web browser
developed at NCSA

• NCSA created the httpd web server which is

the basic for the Apache web server

• While most of the NCSA programmers Joseph Hardin, UM

formed Netscape and made their fortunes,
NCSA released their browser for free and
focused on building standards to keep the web
open
http://www.vimeo.com/7053726 9:01
 1994:Year of the Web

• Netscape Founded - April 4, 1994

• WWW Conf: May 25-26-27 1994, CERN, Geneva (Switzerland)

• WWW Conf: October 17-19, 1994, Chicago, IL

• October 1994, Tim Berners-Lee founded the (W3C) at MIT

• November 8, 1994 - Windows 95 beta 2 - With a vengance!

 11:59

Netscape, JavaScript and FireFox

• As Microsoft worked to suffocate Netscape::

• JavaScript was invented to compete with Visual

Basic (1995)

• Netscape slowly leaked out into Open Source as

Mozilla - which later became FireFox (late
1990's)

• FireFox's search box gave the small Mozilla

Foundation millions of dollars of revenue
http://www.youtube.com/watch?v=IPxQ9kEaF8c
Did Microsoft Save the
World-Wide Web?
• Netscape wanted to make the web
browser, web server, and web
protocols propritary and owned by
them

• The web browser would be $50-

$100 and sold separately

• This threatened to make the desktop

operating system irrelevant
http://xkcd.com/1118/
 World-Wide-Web Consortium

• The W3C was formed in October 1994 (www.w3c.org)

• Led by Tim Berners-Lee who moved from CERN to MIT

• Goal was to develop standards for the web and avoid proprietary
balkanization of the Web

• Many large companies (Microsoft, IBM, etc) joined quickly

http://en.wikipedia.org/wiki/World_Wide_Web_Consortium
 When You Can
Assume the Web

Internet: TCI Show 08

http://www.vimeo.com/4275919

December 11-14, 1995

http://www.w3.org/Conferences/WWW4/
1:22
• Larry Smarr wanted to make supercomputers available to
physicists

• University of Michigan sneaked in 1.54Mb/sec instead of 56kb/sec

backbone for their NSFNet proposal

• Tim Berners-Lee and Robert Cailliau were building a system for

network hosted documentation

• Paul Kunz was trying to make his article database easier to use

• Joseph Hardin wanted to make supercomputers more user

friendly

• Mitchell Baker - Just wanted us to have a free and open source

browser
 The Web Land Rush...

• In the late 1990’s there were many

fortunes to be made - simply by being
first in a market

• Everything was “novel” when it was

re-invented on the web

• New brands were quickly established

and became dominant
http://www.vimeo.com/7048422
5:39
 The Modern Internet
• In the late 1990’s in the boom there was a great deal of Fiber optic
that was installed in the US

• High speed and long distance were cheap and common

• Many national backbone networks emerged - commercial, government,

academic, etc

• These networks swap data at “peering points” so we see one seamless

Internet - after about 1999 - this was all pretty boring - it just worked

http://en.wikipedia.org/wiki/Internet_Exchange_Point
http://www.zakon.org/robert/internet/timeline/
The “Web Effect”
A History of Open Source ....

http://www.vimeo.com/7307422

http://www.vimeo.com/3800796

http://www.vimeo.com/6215179
 Other Resources

• Hobbes Internet Timeline

• http://www.zakon.org/robert/internet/timeline/

• A Brief History of the Internet. Barry M. Leiner, et al. 2009.

SIGCOMM Comput. Commun. Rev. 39, 5 (October 2009), 22-31.
DOI=10.1145/1629607.1629613

• http://doi.acm.org.proxy.lib.umich.edu/10.1145/1629607.1629613
 Additional Source Information
• TuringBombeBletchleyPark: Sarah Hartwell, Wikimedia Commons, http://upload.wikimedia.org/wikipedia/commons/2/23/
TuringBombeBletchleyPark.jpg. CC: BY-SA, http://creativecommons.org/licenses/by-sa/3.0/deed.en

• SSEM Manchester museum: Parrot of Doom, Wikimedia Commons, http://commons.wikimedia.org/wiki/File:SSEM_Manchester_museum.jpg,

CC: BY-SA, http://creativecommons.org/licenses/by-sa/3.0/deed.en

• John f nash 200611023: Elke Wetzig, Wikimedia Commons, http://en.wikipedia.org/wiki/File:John_f_nash_20061102_3.jpg, CC: BY-SA, http://
creativecommons.org/licenses/by-sa/3.0/deed.en

• US Mail: Steve Johnson, Flickr, http://www.flickr.com/photos/stephoto/1519649375/, CC:BY-SA, http://creativecommons.org/licenses/by-sa/2.0/

deed.en

• EPFL CRAY-I 1: Rama, Wikimedia Commons, http://commons.wikimedia.org/wiki/File:EPFL_CRAY-I_1.jpg, CC:BY-SA, http://

creativecommons.org/licenses/by-sa/2.0/fr/deed.en

• Mitchell Baker: James Duncan Davidson/O’Reilly Media, Wikimedia Commons, http://upload.wikimedia.org/wikipedia/commons/8/8a/

Mitchell_Baker.jpg, CC: BY, http://creativecommons.org/licenses/by/2.0/deed.en
 Reuse of these materials

• I intend for these materials to be reusable as open educational resources

for those who would do so in a responsible manner

• Please contact me if you are interested in reusing or remixing these

materials in your own teaching or educational context
 Internet Technology
Dr. Charles Severance <csev@umich.edu>
http://www.dr-chuck.com/
Twitter: @drchuck

https://www.coursera.org/course/insidetheinternet
 Copyright Thanks

• Thanks to IEEE Computer for permission to use IEEE Computer

magazine articles associated with the videos

• Thanks to Dave Malicke and Open Michigan (open.umich.edu) for help

with copyright review of these materials
http://xkcd.com/742/
 Store and Forward Networking

Leased

Dialup

http://en.wikipedia.org/wiki/BITNET

Clipart: http://www.clker.com/search/networksym/1
Research Networks
1960-1980’s December 1969

• How can we avoid having a direct

connection between all pairs of
computers?

• How to transport messages efficiently?

• How can we dynamically handle

outages? August 1972

http://som.csudh.edu/fac/lpress/history/arpamaps/
Len Kleinrock - The First Two Packets on The Internet
Heart, F., McKenzie, A., McQuillian, J., and Walden, D., ARPANET Completion Report,
Bolt, Beranek and Newman, Burlington, MA, January 4, 1978.
http://som.csudh.edu/fac/lpress/history/arpamaps/arpanetmar77.jpg
 Efficient Message Transmission:
Packet Switching
• Challenge: in a simple approach, like store-and-forward, large
messages block small ones

• Break each message into packets

• Can allow the packets from a single message to travel over different
paths, dynamically adjusting for use

• Use special-purpose computers, called routers, for the traffic control

 Packet Switching -
Hello there, have a nice day.
Postcards

Hello ther (1, csev, daphne)

e, have a (2, csev, daphne)

nice day. (3, csev, daphne)

1
2 3
 Packet Switching -
Postcards

Hello
e, have
nice ther
a (3,
day. (2,(1, csev,
csev, daphne)
daphne)

Hello there, have a nice day.

 Shared Network
Router Wide Area
Network

Local Area
Network Cable or
DSL

Clipart: http://www.clker.com/search/networksym/1
 Shared Networks
• In order to keep cost low and
the connections short
geographically - data would be
forwarded through several
routers.

• Getting across the country

usually takes about 10 “hops”

• Network designers continually Source: http://en.wikipedia.org/wiki/

add and remove links to “tune” Internet_Protocol_Suite
their networks
 Layered Network
Model Application Layer
Web, E-Mail, File Transfer

• A layered approach allows the

Transport Layer (TCP)
problem of designing a network to
be broken into more manageable Reliable Connections
sub problems
Internetwork Layer (IP)
• Best-known model: TCP/IP—the Simple, Unreliable
“Internet Protocol Suite”

• There was also a 7 layer OSI: Open Link Layer (Ethernet, WiFi)
Physical Connections
System Interconnection Model
 Internet Standards
• The standards for all of the Internet
protocols (inner workings) are
developed by an organization

• Internet Engineering Task Force

(IETF)

• www.ietf.org

• Standards are called “RFCs” - Source: http://tools.ietf.org/html/rfc791

“Request for Comments”
 Layered
Architecture
• The Physical and Internet Layers are
like trucks and trains - they haul
stuff and get it to the right loading
dock - it takes multiple steps

• The Transport layer checks to see if

the trucks made it and send the
stuff again if necessary

Source: http://en.wikipedia.org/wiki/Internet_Protocol_Suite
 Link Layer (aka Physical Layer)
• As your data crosses the country
may use a different physical
medium for each “hop”

• Wire, Wireless, Fiber Optic, etc.

• The link is “one hop” - Is it up or

down? Connected or not?

• Very narrow focus - no view at all

of the “whole Internet”
Source: http://en.wikipedia.org/wiki/Internet_Protocol_Suite
Problems solved by the Link Layer
• Common Link Technologies
• Ethernet
• How does data get pushed • WiFi
onto a link?
• Cable modem
• How is the link shared?
• DSL
• Satellite
• Optical
 Link Layer Addresses

• Many physical layer devices have addresses built in to them by the

manufacturer

• Ethernet

• Wireless Ethernet (Wifi)

 Link Layer
• Physical addresses are to allow
systems to identify themselves on
the ends of a single link

• Physical addresses go no farther

than one link

• Sometimes links like Wifi and

Wired Ethernet are shared with
multiple computers
0f:21:63:12:b3:1a 98:2f:4e:78:01:b4
Source: http://en.wikipedia.org/wiki/Internet_Protocol_Suite
 Sharing Nicely - Avoiding Chaos
• CSMA/CD Carrier Sense • Wait for silence
Multiple Access with
Collision Detection • Begin Transmitting data
• To avoid garbled messages, • Listen for your own data
systems must observe
“rules” (Protocols) • If you cannot hear your own data
clearly, assume a collision, stop and
wait before trying again
• Ethernet rules are simple
• Each system waits a different
amount of time to avoid “too much
politeness”
 Ethernet

• Invented at PARC (Xerox)

• The first Local-Area-Network

• Connected PC's to laser printers

• Inspired by an earlier wireless

network called Aloha from the
University of Hawaii
 Internetwork Layer Application Layer

(IP) Web, E-Mail, File Transfer

Transport Layer (TCP)

Reliable Connections
http://en.wikipedia.org/wiki/Internet_Protocol
Internetwork Layer (IP)
http://en.wikipedia.org/wiki/Traceroute Simple, Unreliable

http://en.wikipedia.org/wiki/Ping Link Layer (Ethernet, WiFi)

Physical Connections
 Internet Protocol Layer

• Goal: Gets your data from this

computer to the other computer
half way across the world

• Each router knows about nearby

routers

• IP Is best effort - it is OK to drop

data if things go bad...

Source: http://en.wikipedia.org/wiki/Internet_Protocol_Suite
 IP Addresses
• The IP address is the worldwide number which is associated with one
particular workstation or server

• Every system which will send packets directly out across the Internet
must have a unique IP address

• IP addresses are based on where station is connected

• IP addresses are not controlled by a single organization - address

ranges are assigned

• They are like phone numbers – they get reorganized once in a great
while
 IP Address Format
• Four numbers with dots - each number 1-255 (32 bits)
• Kind of like phone numbers with an “area code”
• The prefix of the address is “which network”
• While the data is traversing the Internet - all that
matters is the network number

(734) 764 1855 141.211.144.188

Network
Area code Number 141.211.*.*
While in the network, all
that matters is the
Network number.
67.149.102.75

141.211.144.188

To: 67.149.*.*
67.149.*.*
To: 67.149.94.33
To: 67.149.94.33
67.149.94.33

Clipart: http://www.clker.com/search/networksym/1
No single router knows the
whole network - just which
way to send data to get it
“closer” 67.149.102.75

141.211.144.188
To: 67.149.*.* ?
?

67.149.*.*

67.149.94.33
Clipart: http://www.clker.com/search/networksym/1
 Router Tables
To: 67.149.*.*
Lists of where to send packets, based on ?
destination network address; ?
bandwidth on adjacent links;
traffic on adjacent links;
state of neighbor nodes (up or not);
...

Updated dynamically
Routers “ask each other” for information

Clipart: http://www.clker.com/search/networksym/1
 Thousands of
IP Is Simple network connections.
Billions of bytes of data
per seconds.

Local
Network

67.149.*.*
Thousands of
user systems
One “area code” to keep
track of inside the
100’s of servers Internet.
Clipart: http://www.clker.com/search/networksym/1
DHCP = Dynamic Host Configuration Protocol

Hello?
Here I am

What IP 141.26.14.1-100
Address can I
141.26.14.1
use?

Use 141.26.14.7
 Non-Routable Addresses

• A typical home router does Network Address Translation (NAT)

• Your ISP gives your home router a real global routable address

• Your router gives out local addresses in a special range (192.168.*.*)

• The router maps remote addresses for each connection you make
from within your home network

http://en.wikipedia.org/wiki/Network_address_translation
 141.206.14.3

192.168.0.20 192.168.0.1

192.168.0.104 192.168.0.1 35.8.2.10

192.168.0.20 192.168.0.1 173.44.26.18

NAT = Network Address Translation Clipart: http://www.clker.com/search/networksym/1

http://xkcd.com/742/
 Peering into the Internet
• Most systems have a command that will reveal the route taken across
the internet (traceroute on Mac and tracert on Windows)

• Each IP packet has a field called “Time to Live” - TTL

• The TTL is used to deal with loops in the network - normally if

routers got confused and ended up with a loop - the network would
clog up rapidly.

To: 67.149.*.*

Clipart: http://www.clker.com/search/networksym/1
 How Traceroute Works

• Normal packets are sent with a Time to Live (TTL) of 255 hops

• Trace route sends a packet with TTL=1, TTL=2, ...

• So each packet gets part-way there and then gets dropped and
traceroute gets a notification of where the drop happens

• This builds a map of the nodes that a packet visits when crossing the
Internet.
 Traceroute
$ traceroute www.stanford.edu
traceroute to www5.stanford.edu (171.67.20.37), 64 hops max, 40 byte packets
1 141.211.203.252 (141.211.203.252) 1.390 ms 0.534 ms 0.490 ms
2 v-bin-seb.r-bin-seb.umnet.umich.edu (192.122.183.61) 0.591 ms 0.558 ms 0.570 ms
3 v-bin-seb-i2-aa.merit-aa2.umnet.umich.edu (192.12.80.33) 6.610 ms 6.545 ms 6.654 ms
4 192.122.183.30 (192.122.183.30) 7.919 ms 7.209 ms 7.122 ms
5 so-4-3-0.0.rtr.kans.net.internet2.edu (64.57.28.36) 17.672 ms 17.836 ms 17.673 ms
6 so-0-1-0.0.rtr.hous.net.internet2.edu (64.57.28.57) 31.800 ms 41.967 ms 31.787 ms
7 so-3-0-0.0.rtr.losa.net.internet2.edu (64.57.28.44) 63.478 ms 63.704 ms 63.710 ms
8 hpr-lax-hpr--i2-newnet.cenic.net (137.164.26.132) 63.093 ms 63.026 ms 63.384 ms
9 svl-hpr--lax-hpr-10ge.cenic.net (137.164.25.13) 71.242 ms 71.542 ms 76.282 ms
10 oak-hpr--svl-hpr-10ge.cenic.net (137.164.25.9) 72.744 ms 72.243 ms 72.556 ms
11 hpr-stan-ge--oak-hpr.cenic.net (137.164.27.158) 73.763 ms 73.396 ms 73.665 ms
12 bbra-rtr.Stanford.EDU (171.64.1.134) 73.577 ms 73.682 ms 73.492 ms
13 * * *
14 www5.Stanford.EDU (171.67.20.37) 77.317 ms 77.128 ms 77.648 ms
 Traceroute
$ traceroute www.msu.edu
traceroute to www.msu.edu (35.8.10.30), 64 hops max, 40 byte packets
1 141.211.203.252 (141.211.203.252) 2.644 ms 0.973 ms 14.162 ms
2 v-bin-seb.r-bin-seb.umnet.umich.edu (192.122.183.61) 1.847 ms 0.561 ms 0.496 ms
3 v-bin-seb-i2-aa.merit-aa2.umnet.umich.edu (192.12.80.33) 6.490 ms 6.499 ms 6.529 ms
4 lt-0-3-0x1.eq-chi2.mich.net (198.108.23.121) 8.096 ms 8.113 ms 8.103 ms
5 xe-0-0-0x23.msu6.mich.net (198.108.23.213) 7.831 ms 7.962 ms 7.965 ms
6 192.122.183.227 (192.122.183.227) 12.953 ms 12.339 ms 10.322 ms
7 cc-t1-ge1-23.net.msu.edu (35.9.101.209) 9.522 ms 9.406 ms 9.817 ms
8 ***
 Traceroute
$ traceroute www.pku.edu.cn
traceroute: Warning: www.pku.edu.cn has multiple addresses; using 162.105.129.104
traceroute to www.pku.edu.cn (162.105.129.104), 64 hops max, 40 byte packets
1 141.211.203.252 (141.211.203.252) 1.228 ms 0.584 ms 0.592 ms
2 v-bin-seb.r-bin-seb.umnet.umich.edu (192.122.183.61) 0.604 ms 0.565 ms 0.466 ms
3 v-bin-seb-i2-aa.merit-aa2.umnet.umich.edu (192.12.80.33) 7.511 ms 6.641 ms 6.588 ms
4 192.122.183.30 (192.122.183.30) 12.078 ms 6.989 ms 7.619 ms
5 192.31.99.133 (192.31.99.133) 7.666 ms 8.953 ms 17.861 ms
Michigan
6 192.31.99.170 (192.31.99.170) 59.275 ms 59.273 ms 59.108 ms Tennessee
7 134.75.108.209 (134.75.108.209) 173.614 ms 173.552 ms 173.333 ms
8 134.75.107.10 (134.75.107.10) 256.760 ms 134.75.107.18 (134.75.107.18) 256.574 ms 256.530
9 202.112.53.17 (202.112.53.17) 256.761 ms 256.801 ms 256.688 ms Seoul
10 202.112.61.157 (202.112.61.157) 257.416 ms 257.960 ms 257.747 ms
11 202.112.53.194 (202.112.53.194) 256.827 ms 257.068 ms 256.962 ms
12 202.112.41.202 (202.112.41.202) 256.800 ms 257.053 ms 256.933 ms Beijing
The perfect is the enemy of the good
Le mieux est l'ennemi du bien. --Voltaire

• IP Does: Best effort to get data across bunch of hops from one
network to another network

• IP Does Not: Guarantee delivery - if things go bad - the data can

vanish

• Best effort to keep track of the good and bad paths for traffic - tries
to pick better paths when possible

• This makes it fast and scalable to very large networks - and ultimately
“reliable” because it does not try to do too much
Vint Cerf: A Brief History of Packets

• Instrumental in the design and

development of the ARPANET

• Vint was a graduate student as the

notions of packet-switching were
emerging across academia
 Domain Name System
The Domain Name System
convert user-friendly
names, like

www.umich.edu

to network-friendly IP
addresses, like

141.211.32.166 Source: http://en.wikipedia.org/wiki/

Internet_Protocol_Suite
 Domain Name System

• Numeric addresses like 141.211.63.45 are great for Internet routers

but lousy for people

• Each campus ends up with a lot of networks (141.211.*.*, 65.43.21.*)

• Sometimes (rarely) the IP address numbers get reorganized

• When servers physically move they need new IP addresses

 DNS: Internet Address Book
• The Domain Name System is a big fast distributed database of
Internet names to Internet “phone numbers”

• IP Addresses reflect technical “geography”

• 141.211.63.44 - read left to right like a phone number

• Domain names reflect organizational structure

• www.si.umich.edu - read right to left like postal address

• 2455 North Quad, Ann Arbor, MI, USA, Earth

 .edu .com
.org .nl

umich.edu

si.umich.edu
http://en.wikipedia.org/wiki/File:Domain_name_space.svg
 Internetwork Layer Application Layer

(IP) Web, E-Mail, File Transfer

Transport Layer (TCP)

Reliable Connections
http://en.wikipedia.org/wiki/Internet_Protocol
Internetwork Layer (IP)
http://en.wikipedia.org/wiki/Traceroute Simple, Scalable, Unreliable

http://en.wikipedia.org/wiki/Ping Link Layer (Ethernet, WiFi)

Physical Connections
 Application Layer

Transport Layer Web, E-Mail, File Transfer

Transport Layer (TCP)

Reliable Connections

Internetwork Layer (IP)

http://en.wikipedia.org/wiki/ Simple, Scalable, Unreliable
Transmission_Control_Protocol
Link Layer (Ethernet, WiFi)
Physical Connections
 Review: The Magic of IP
• What it does - Tries to get one packet across a 5-20 of hops from one
network to another network

• Keeps track of the good and bad paths for traffic - tries to pick better
paths when possible

• But no guarantee of delivery - if things go bad - the data vanishes

• This makes it fast and scalable - and ultimately “reliable” because it

does not try to do too "everything"
 Internet Protocol

• So many links / hops

• So many routes

• Things can change dynamically

and IP has to react (links up/
down)

• IP can drop packets

Source: http://en.wikipedia.org/wiki/
Internet_Protocol_Suite
 Tramsmission Protocol (TCP)
• Built on top of IP

• Assumes IP might lose some

data

• In case data gets lost - we keep a

copy of the data a we send until
we get an acknowledgement

• If it takes “too long” - just send it

Source: http://en.wikipedia.org/wiki/
again Internet_Protocol_Suite
 Sender Receiver

100

200

300

400

500

Break Messages
into Pieces
 Sender Receiver

100 100

200 200

300 300

400

500

Break Messages
into Pieces
 Got 100 Receiver
Sender Where is 200

100 100

200

300 300

400

500

Break Messages
into Pieces
 Sender Got 200 Receiver

100 100

200 200

300 300

400 400

500

Break Messages
into Pieces
 Sender Got 400 Receiver

100

200

300 300

400 400

500 500

Break Messages
into Pieces
 Sender Got 500 Receiver

100

200

300

400 400

500 500

Break Messages
into Pieces
 Sender Receiver

100

200

300

400

500

Break Messages
into Pieces
 Billions of computers
connected to the internet;
100 thousands of routers.
Hundreds of billions bytes
of data enroute at any
moment.

Storage of enroute data

done at the edges only!
Clipart: http://www.clker.com/search/networksym/1
 One (of many) Scary Problem(s)
• In 1987 as local campuses with 10
MBit networks were connected
together using 56Kbit leased lines,
things kind of fell apart

• At some point, when there was a

little too much traffic, it all fell
apart...

http://www.youtube.com/watch?v=1Vg1MeRYmWI
http://en.wikipedia.org/wiki/Van_Jacobson
http://en.wikipedia.org/wiki/TCP_congestion_avoidance_algorithm
 Transmission Protocol (TCP)

• The responsibility of the transport layer is to present a reliable end-

to-end pipe to the application

• Data either arrives in the proper order or the connection is closed

• TCP keeps buffers in the sending and destination system to keep data
which has arrived out of order or to retransmit if necessary

• TCP provides individual connections between applications

 Application Layer

Application Layer Web, E-Mail, File Transfer

Transport Layer (TCP)

Reliable Connections

Internetwork Layer (IP)

Simple, Unreliable

Link Layer (Ethernet, WiFi)

Physical Connections
 Quick Review
• Link layer: gets the data onto the link,
and manages collisions on a single hop

• Internet layer: moves the data over

one hop, trying to get it “closer” to its
destination

• Transport layer: Assumes that the

internet layer may lose data, so request
retransmission when needed—
provides a nice reliable pipe from Source: http://en.wikipedia.org/wiki/
Internet_Protocol_Suite
source to destination
 Application Protocol
• Since TCP gives us a reliable
pipe, what to we want to do
with the pipe? What problem do
we want to solve?

• Mail

• World Wide Web

• Stream kitty videos Source: http://en.wikipedia.org/wiki/

Internet_Protocol_Suite
Two Questions for the Application
Layer

• Which application gets the data?

• Ports

• What are the rules for talking with that application?

• Protocols

http://en.wikipedia.org/wiki/TCP_and_UDP_port
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
 Ports
• Like extensions in a phone number

• The IP address network number (the area code) gets to the LAN

• The IP address host number (the telephone number) gets you to the
destination machine

• The port (the extension) gets you to a specific application

141.211.144.188!
(734) 764 1855, ext. 27!
Port 25!
 TCP, Ports, and Connections

http://en.wikipedia.org/wiki/TCP_and_UDP_port

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
 www.umich.edu

Incoming 25
E-Mail

Login 23 blah blah

blah blah

80 74.208.28.177
Web Server
443

Personal 109
Mail Box
Please connect me to the
110
secure web server (port 443)
on http://www.dr-chuck.com
Clipart: http://www.clker.com/search/networksym/1
 Common TCP Ports
• Telnet (23) - Login • IMAP (143/220/993) - Mail
Retrieval
• SSH (22) - Secure Login
• POP (109/110) - Mail
• HTTP (80) Retrieval
• HTTPS (443) - Secure • DNS (53) - Domain Name
• SMTP (25) (Mail) • FTP (21) - File Transfer
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Application Protocols
http://en.wikipedia.org/wiki/Http

http://en.wikipedia.org/wiki/Pop3
 Application Protocol
• Since TCP gives us a reliable
pipe, what to we want to do
with the pipe? What problem do
we want to solve?

• Mail

• World Wide Web

• Stream kitty videos Source: http://en.wikipedia.org/wiki/

Internet_Protocol_Suite
 HTTP - Hypertext Transport
Protocol
• The dominant Application Layer Protocol on the Internet

• Invented for the Web - to Retrieve HTML, Images, Documents etc

• Extended to be data in addition to documents - RSS, Web Services,

etc..

• Basic Concept - Make a Connection - Request a document - Retrieve

the Document - Close the Connection

http://en.wikipedia.org/wiki/Http
HTTP Request / Response Cycle
Web Server
HTTP HTTP
Request Response

Browser
Internet Explorer,
FireFox, Safari, etc.
http://www.oreilly.com/openbook/cgi/ch04_02.html Source: http://www.dr-chuck.com/
 HTTP Request / Response Cycle
Web Server <head> .. </head>
<body>
HTTP HTTP <h1>Welcome to my
GET /page2.html
Request Response application</h1>
....
</body>
Browser
Internet Explorer,
FireFox, Safari, etc.
http://www.oreilly.com/openbook/cgi/ch04_02.html Source: http://www.dr-chuck.com/
 Internet Standards
• The standards for all of the Internet
protocols (inner workings) are
developed by an organization

• Internet Engineering Task Force

(IETF)

• www.ietf.org

• Standards are called “RFCs” -

“Request for Comments”
Source: http://www.ietf.org/rfc/rfc1945.txt
Source: http://www.ietf.org/rfc/rfc1945.txt
 “Hacking” HTTP
Last login: Wed Oct 10 04:20:19 on ttyp2 Web Server
si-csev-mbp:~ csev$ telnet www.dr-chuck.com 80
Trying 74.208.28.177...
Connected to www.dr-chuck.com. HTTP HTTP
Escape character is '^]'. Request Response
GET http://www.dr-chuck.com/page1.htm
<h1>The First Page</h1>
<p> Browser
If you like, you can switch to the
<a href="http://www.dr-chuck.com/page2.htm">
Second Page</a>.
</p> Port 80 is the non-encrypted HTTP port
 Accurate Hacking
in the Movies
• Matrix Reloaded

• Bourne Ultimatum

• Die Hard 4

• ...

http://nmap.org/movies.html (scroll down for video)

Or search YouTube for "Trinity hacking scene"
http://nmap.org/movies.html (scroll down for video)
Or search YouTube for "Trinity hacking scene"
 Application Layer Summary

• We start with a “pipe” abstraction - we can send and receive data on

the same “socket”

• We can optionally add a security layer to TCP using SSL - Secure

Socket Layer (aka TLS - Transport Layer Security)

• We use well known “port numbers” so that applications can find a

particular application *within* a server such as a mail server, web
service, etc
The Architecture of Application Layer
Web, E-Mail, File Transfer

the Internet Transport Layer (TCP)

Reliable Connections

August 1972 Internetwork Layer (IP)

Simple, Unreliable

Link Layer (Ethernet, WiFi)

Physical Connections
The Architecture of Application Layer
Web, E-Mail, File Transfer

the Internet Transport Layer (TCP)

Reliable Connections

Internetwork Layer (IP)

Simple, Unreliable

Link Layer (Ethernet, WiFi)

Physical Connections
 Application Layer
Web, E-Mail, File Transfer

Transport Layer (TCP)

Reliable Connections

Internetwork Layer (IP)

Simple, Unreliable

Link Layer (Ethernet, WiFi)

Physical Connections
http://www.zakon.org/robert/internet/timeline/
 Application Layer
Web, E-Mail, File Transfer

Transport Layer (TCP)

Reliable Connections

Internetwork Layer (IP)

Simple, Unreliable

Link Layer (Ethernet, WiFi)

Physical Connections

http://en.wikipedia.org/wiki/File:Internet_map_1024.jpg
 The Internet: An Amazing Design

• Hundreds of millions of computers

• Thousands of routers inside the Internet

• Hundreds of millions of simultaneous connections

• Trillions of bytes of data moved per second around the world

• And it works
 The Internet

• It is said that “The Internet is the largest single engineering effort ever
created by mankind”

• It was created to work in an organic way - to repair itself and

automatically adjust when parts fail

• No one part of the Internet knows all of the Internet (like life)

• It is never 100% up - but it seems up all the time

We are not done experimenting...
• There is still very active exploration on
how network technology can be
improved

• Content-Centric Networking is only

one advanced idea

• Routers in the future can have *lots* of

memory - lets try not to send the same
piece of data more than once
 Additional Source Information
• xkcd, http://xkcd.com/742/, CC: BY-NC, http://creativecommons.org/licenses/by-nc/2.5/

• Internet Protocol Suite Diagrams: Kbrose, Wikimedia Commons, http://upload.wikimedia.org/wikipedia/commons/c/

c4/IP_stack_connections.svg, CC:BY-SA, http://creativecommons.org/licenses/by-sa/3.0/deed.en

• All your bases are belong to me: Karin Dalziel, Flickr, http://www.flickr.com/photos/nirak/270213335/, CC:BY, http://
creativecommons.org/licenses/by/2.0/deed.en

• Internet Map: The Opte Project, Wikimedia Commons, http://upload.wikimedia.org/wikipedia/commons/d/d2/

Internet_map_1024.jpg, CC:BY, http://creativecommons.org/licenses/by/2.5/deed.en
 Reuse of these materials

• I intend for these materials to be reusable as open educational resources

for those who would do so in a responsible manner

• Please contact me if you are interested in reusing or remixing these

materials in your own teaching or educational context
 Internet Security
Dr. Charles Severance <csev@umich.edu>
http://www.dr-chuck.com/
Twitter: @drchuck

https://www.coursera.org/course/insidetheinternet
 Paranoia
• Who is out to get you?

• If you are interesting or influential people want to get into your

personal info.

• If you are normal, folks want to use your resources or take your
information to make money…

• Usually no one cares… But it is safest to assume some is always

trying…
 Security is always a Tradeoff

• "Perfect security" is unachievable - Must find the right tradeoff

• Security .versus. Cost

• Security .versus. Convenience (See also, "profit")

• "More" is not always better – vendors of products will try to convince

you that you *cannot live* without their particular gadget
 Alan Turing and Bletchley Park

• Top secret code breaking effort

• 10,000 people at the peak (team effort)

• BOMBE: Mechanical Computer

• Colossus: Electronic Computer

http://www.youtube.com/watch?v=5nK_ft0Lf1s
http://en.wikipedia.org/wiki/Bombe
http://en.wikipedia.org/wiki/Colossus_computer

http://en.wikipedia.org/wiki/Tony_Sale
http://nmap.org/movies.html
http://en.wikipedia.org/wiki/Tony_Sale
January 1931 – August 2011

http://www.youtube.com/watch?v=5nK_ft0Lf1s
Lets Meet
some Nice
People

http://en.wikipedia.org/wiki/Alice_and_Bob
 People With Bad Intent
• Carol, Carlos or Charlie, as a third participant in
communications.

• Chuck, as a third participant usually of malicious

intent

• Dan or Dave, a fourth participant,

• Eve, an eavesdropper, is usually a passive attacker.

While she can listen in on messages between Alice
and Bob, she cannot modify them.

• .......
http://en.wikipedia.org/wiki/Alice_and_Bob
 Terminology

• Confidentiality

– Prevent unauthorized viewing of private information

• Integrity

– Information is from who you think it is from and has not been
modified since it was sent
 Ensuring Confidentiality
Encryption and Decryption
 Terminology

• Plaintext is a message that will be put into secret form.

• Ciphertext is a transformed version of plaintext that is unintelligible to

anyone without the means to decrypt
 Terminology

• The transformation of plaintext to ciphertext is referred to as

encryption.

• Returning the ciphertext back to plaintext is referred to as

decryption.

• The strength of a cryptosystem is determined by the encryption and

decryption techniques and the length of the key.
 Two Kinds of Systems

• Two basic types of cryptosystems exist, secret-key and public-key.

• In a secret-key scheme, the key used for encryption must be the same
key used for decryption. Also called symmetric-key cryptosystem.

• Secret-key cryptosystems have the problem of secure key distribution

to all parties using the cryptosystem.
 c=d
Plaintext: a=b Plaintext:
"candy" n=o "candy"
d=e
y=z
Encrypt
Decrypt

CipherText: Message Might CipherText:

"dboez" be Intercepted "dboez"

Alice Eve Bob

Caesar Cipher Shift of 3

Caesar cipher is one of the simplest and most widely

known encryption techniques. It is a type of substitution
cipher in which each letter in the plaintext is replaced by a
letter some fixed number of positions down the alphabet.

http://en.wikipedia.org/wiki/Caesar_cipher
 Secret Decoder
Ring

http://www.youtube.com/watch?v=zdA__2tKoIU
 Secret Decoder Ring - Shift Number

PP: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
01: B C D E F G H I J K L M N O P Q R S T U V W X Y Z A
02: C D E F G H I J K L M N O P Q R S T U V W X Y Z A B

08: I J K L M N O P Q R S T U V W X Y Z A B C D E F G H
09: J K L M N O P Q R S T U V W X Y Z A B C D E F G H I
10: K L M N O P Q R S T U V W X Y Z A B C D E F G H I J
11: L M N O P Q R S T U V W X Y Z A B C D E F G H I J K
12: M N O P Q R S T U V W X Y Z A B C D E F G H I J K L
13: N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
14: O P Q R S T U V W X Y Z A B C D E F G H I J K L M N

http://www.dr-chuck.com/Secret-Decoder.pdf
 Break the Code I

CipherText:
"upbtu"

For each number 1..26, see if

when you decrypt the
message using that shift, it
makes sense.
 Break the Code I

CipherText: Plaintext:
"upbtu" "toast"

00: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
01: B C D E F G H I J K L M N O P Q R S T U V W X Y Z A

A shift of 1
 Break the Code II

Uryyb, zl anzr vf Puhpx naq V arrq zbarl naq n wrg.

 Break the Code II

Uryyb, zl anzr vf Puhpx naq V arrq zbarl naq n wrg.

Hello, my name is Chuck and I need money and a jet.

www.rot13.com
Cryptographic Hashes
Integrity
 Terminology

• Confidentiality

– Prevent unauthorized viewing of private information

• Integrity

– Information is from who you think it is from and has not been
modified since it was sent
 Cryptographic Hash

A cryptographic hash function is a function that takes an

arbitrary block of data and returns a fixed-size bit string, the
(cryptographic) hash value, such that an accidental or
intentional change to the data will change the hash value. The
data to be encoded is often called the "message," and the hash
value is sometimes called the message digest or simply digest.

http://en.wikipedia.org/wiki/Cryptographic_hash_function
http://en.wikipedia.org/wiki/Cryptographic_hash_function
 http://www.dr-chuck.com/sha1.php

http://en.wikipedia.org/wiki/SHA-1
 Hashes for Passwords
• As a general rule, systems do not store your password in plain text
their databases in case they 'lose' their data

• When you set the password, they compute a hash and store the hash

• When you try to log in they compute the hash of what you type as a
password and if it matches what they have stored - they let you in.

• This is why a respectable system will never send your PW to you -

they can only reset it!
 Setting a new password Store the 'hashed password' in the database.

fluffy SHA-1 d9d71ab718931a89de1e986bc62f6c988ddc1813

Log in attempt

pony SHA-1 2629fb6d2384da89796a4811ef6db5f2ac657bab

fluffy SHA-1 d9d71ab718931a89de1e986bc62f6c988ddc1813

Match
http://www.dr-chuck.com/sha1.php
Digital Signatures
Message Integrity
 Message Integrity

• When you get a message from someone, did that message really come
from who you think it came from?

• Was the message altered while in transit or is the copy you received
the same as the copy that was sent?
 You

"Eat More
Insecure
Medium Ovaltine
-- Annie"

How might we be very sure this message really came

from Annie and it was not altered enroute?
 Simple Message Signing

• Shared secret transported securely 'out of band'

• Before sending the message, concatenate the secret to the message

• Compute the SHA digest of the message+secret

• Send message + digest across insecure transport

 Receiving a Signed Message

• Receive message + digest from insecure transport

• Remove digest and add secret

• Compute SHA digest for message + secret

• Compare the computed digest to the received digest

Eat More Ovaltine
Eat More OvaltineSanta SHA-1 a79540

Eat More Ovaltinea79540

Eat More Ovaltinea79540

Eat More Ovaltine a79540

Match! :)
Eat More OvaltineSanta SHA-1 a79540

http://www.dr-chuck.com/sha1.php
Eat More Ovaltine
Eat More OvaltineSanta SHA-1 a79540

Eat More Ovaltinea79540

Eat Less Ovaltinea79540

Eat Less Ovaltine a79540

NO MATCH!!
Eat Less OvaltineSanta SHA-1 109a15

http://www.dr-chuck.com/sha1.php
 Eat More Ovaltinea79540

Eat More Ovaltine a79540

Match! :)
Eat More OvaltineSanta SHA-1 a79540

Free Cookies84d211

Which of these is real and which is fake?

Free Candy26497c

http://www.dr-chuck.com/sha1.php
 Eat More Ovaltinea79540

Eat More Ovaltine a79540

Match! :)
Eat More OvaltineSanta SHA-1 a79540

Free Cookies84d211 Free CookiesSanta c14d5d X

Free Candy26497c Free CandySanta 26497c

http://www.dr-chuck.com/sha1.php
 Security for TCP
http://en.wikipedia.org/wiki/Secure_Sockets_Layer
 Packet
Sniffing

Clipart: http://www.clker.com/search/networksym/1
Photo CC BY: karindalziel (flickr)
http://creativecommons.org/licenses/by/2.0/
 Transport Layer Security (TLS)

• Used to be called “Secure Sockets Layer” (SSL)

• Can view it as an extra layer “between” TCP and the application layer

• It is very difficult but not impossible to break this security - normal

people do not have the necessary compute resources to break TLS

• The IP and TCP are unaware whether data has been encrypted
v
 System to System Secure TCP/IP

Clipart: http://www.clker.com/search/networksym/1
Photo CC BY: karindalziel (flickr)
http://creativecommons.org/licenses/by/2.0/
Web-Scale Secret Management
Public Key Encryption
 Secret Key Shortcomings
• Every pair of people/systems needs a secret key

• In the Internet, key distribution cannot be via the Internet because

communications are insecure until you get the key!

• For the Internet to work we need an approach where keys can cross
the insecure Internet and be intercepted without compromising
security
 Establishing Keys at a Distance

• Proposed by Whitfield Diffie and Martin Hellman in 1976

• Public-key cryptosystems rely on two keys which are mathematically

related to one another. Also called asymmetric-key cryptosystem.

• One key is called the public key and is to be openly revealed to all
interested parties.

• The second key is called the private key and must be kept secret.

http://en.wikipedia.org/wiki/Public-key_cryptography
http://en.wikipedia.org/wiki/Ralph_Merkle
http://en.wikipedia.org/wiki/Martin_Hellman
http://en.wikipedia.org/wiki/Whitfield_Diffie

https://www.youtube.com/watch?v=ROCray7RTqM
 Public Key

• A message encrypted with one of the keys can only be decrypted with
the other key.

• It is computationally infeasible to recover one key from the other

• Public-key cryptosystems solve the problem of secure key distribution

because the public key can be openly revealed to anyone without
weakening the cryptosystem.
 Generating Public/Private Pairs

• Choose two large* random prime numbers

• Multiply them

• Compute public and private keys from that

very large number

* The definition of "large" keeps getting bigger as computers get faster

 Public Key Math (light)

• Some functions are easy in “one direction”, but in the other, not so
much!
Example: What are the factors of 55,124,159?
 Public Key Math (light)

• What are the factors of 55,124,159 (a nearly prime number)

• What do you multiply 7919 by to get 55,124,159?

• If you know that one of the factors is 7919, it’s also easy to find 6961!

US Patent 4,200,700 (Sep 6, 1977)

 RSA Encryption

• Implementation of secure channel based

on public / private keys

• Ron Rivest, Adi Shamir and Leonard

Adleman

US Patent 4,405,829 (Dec 14, 1977)

http://people.csail.mit.edu/rivest/photos/Len-Adi-Ron.jpg
 RSA Math (Light)
• Prime numbers: 3 * 11 = 33

• Public key: (33,7) (7 is computed from 3 and 11)

• Private key: 3

• Encrypt the letter f=6 (6**7) % 33 = 30 (sent)

• Decrypt received text: (30**3) % 33 = 6 (f)

http://www.youtube.com/watch?v=M7kEpw1tn50
http://en.wikipedia.org/wiki/Fermat's_little_theorem
http://sergematovic.tripod.com/rsa1.html
 https
You Amazon.com

Message Might
Plaintext: be Intercepted
"Visa928"
 You Amazon.com

Message Might
Plaintext: be Intercepted
"Visa928"
Public Key

Private Key
 You Amazon.com

Message Might
Plaintext: be Intercepted Plaintext:
"Visa928" "Visa928"

Encrypt Public Key Private Key

Decrypt

CipherText: Message Might CipherText:

"ablghyuip" be Intercepted "ablghyuip"
 You Amazon.com

Message Might
Plaintext: be Intercepted Plaintext:
"Visa928" "Visa928"

Encrypt Public Key Private Key

Decrypt

CipherText: Message Might CipherText:

"ablghyuip" be Intercepted "ablghyuip"
Certificate Authorities
Integrity
 Public-Key Issues

• Public-key cryptosystems have the problem of securely associating a

public key with an individual

• I am about to type in my credit card and send it - am I being Phished?

• The remote server sent me a public key.

• Should I use it? Is this really Amazon's public key?

http://en.wikipedia.org/wiki/Phishing
 Digital Certificates
In cryptography, a public key certificate (also known
as a digital certificate or identity certificate) is an
electronic document which uses a digital signature to
bind a public key with an identity — information such
as the name of a person or an organization, their
address, and so forth. The certificate can be used to
verify that a public key belongs to an individual.

http://en.wikipedia.org/wiki/Public_key_certificate
Certificate Authority (CA)
A certificate authority is an entity that issues digital
certificates. The digital certificate certifies the
ownership of a public key by the named subject of the
certificate. A CA is a trusted third party that is
trusted by both the owner of the certificate and the
party relying upon the certificate.

http://en.wikipedia.org/wiki/Certificate_authority
 Your browser comes with
certificates/public keys from
some certificate authorities
built in. Like Verisign.
Public/Private Keys for Signing

http://en.wikipedia.org/wiki/Public-key_cryptography
How Amazon Verisign Private Key
gets a public Verisign
key signed by
Verisign

Verisign Public Key

Amazon
Your Laptop
When you bought your laptop
 Verisign Private Key
Verisign

Amazon Public Key

Amazon Private Key

Verisign Public Key

Amazon
Your Laptop
Six months ago
 Verisign Private Key
Verisign
Amazon Public Key

Amazon Public Key

Amazon Private Key

Verisign Public Key

Amazon
Your Laptop
Six months ago
 Verisign Private Key
Verisign
Amazon Public Key

Cert: Amazon
Amazon Public Key -- Verisign

Amazon Private Key

Verisign Public Key

Amazon
Your Laptop
Six months ago
 Verisign Private Key
Verisign
Amazon Public Key

Cert: Amazon
-- Verisign

Amazon Private Key

Verisign Public Key

Amazon
Your Laptop
Six months ago
 Verisign Private Key
Verisign
Amazon Public Key

Cert: Amazon
-- Verisign

Amazon Private Key

Verisign Public Key

Amazon
Your Laptop
Five seconds ago
 Verisign Private Key
Verisign
Amazon Public Key

Cert: Amazon
-- Verisign

Amazon Private Key Amazon Public Key

Cert: Amazon
-- Verisign

Verisign Public Key

Amazon
Your Laptop
Five seconds ago
 Verisign Private Key
Verisign
Amazon Public Key

Cert: Amazon
-- Verisign

Amazon Private Key Amazon Public Key

Cert: Amazon
-- Verisign

Verisign Public Key

Amazon
Your Laptop
One second ago
Certificate Authority (CA)
A certificate authority is an entity that issues digital
certificates. The digital certificate certifies the
ownership of a public key by the named subject of the
certificate. A CA is a trusted third party that is
trusted by both the owner of the certificate and the
party relying upon the certificate.

http://en.wikipedia.org/wiki/Certificate_authority
v
 Summary

• Message Confidentiality / Message Integrity

• Encrypting / Decrypting

• Message digests and message signing

• Shared Secret Key / Public Private Key

Gambling with Secrets: http://www.youtube.com/playlist?list=PLB4D701646DAF0817

 C OMP U TING C O N V ERS ATIO N S

Alan Turing and

Bletchley Park
Charles Severance
University of Michigan

This month marks the 100th anniversary of Alan Turing’s birth.

His ground-breaking work in the 1940s continues to have an
impact on computer science as we know it.

A
lan Turing is considered by Figure 1 offers an overview of you’ll save thousands of lives generates
many to be the father of Turing’s connection to the work done an intensely creative environment.
modern computer science. at Bletchley Park during World War II. The systems developed at Bletch-
Multiple foundational notions ley Park needed to break encrypted
in the field—the Turing test, Turing EARLY YEARS AND THE messages using whatever technol-
machine, Turing completeness, and SECOND WORLD WAR ogy was available. The decryption
Church-Turing computability—bear Turing graduated from Princeton devices combined mechanical and
his name in acknowledgment of his in 1938, where he had already proved electronic computation, but as the
early breakthroughs and influence. to be an amazing talent who thought war progressed and the cryptog-
It’s rare that a single genius, work- deeply about many topics. After he raphy techniques became more
ing alone, can achieve one great received his PhD, he returned to Cam- sophisticated, the need for faster com-
breakthrough, let alone several of bridge and started working part time putations pushed scientists from the
them. For the sake of simplicity, his- for the Government Code and Cipher primarily mechanical computations
torical accounts often remove the School at Bletchley Park. When Brit- of the BOMBE toward the electronic
details of the rich contexts that create ain declared war on Germany in 1939, computations of the Colossus.
the necessary preconditions for such Turing reported full-time to Bletchley
breakthroughs. But our institutions, Park and began working on breaking BUILDING THE BOMBE
colleagues, students, and even the the various cryptography techniques At the beginning of World War II,
people we have lunch with form a used by Germany during World War II. the Germans were able to move troops
context within which we all operate. Because the stakes were so high and other resources very quickly by
Here, the focus is less on the detail for Britain, Bletchley Park was a well- coordinating those movements using
of Turing’s particular accomplish- funded operation with more than wireless communications. Because
ments throughout his career, instead 10,000 people working at peak capac- their enemies could monitor wireless
examining some of the context in ity, representing a diverse mix of communications, it was necessary to
which he achieved his accomplish- mathematicians, engineers, linguists, encrypt any text before it was sent.
ments. The video associated with and experts in other fields. Women The Enigma was one of several
this article (www.computer.org/ made up two-thirds of its workforce. machines used to encrypt messages
computingconversations) explores Bletchley Park was the ideal place before they were sent in Morse code.
some of the activities at Bletchley to come up with a theory and watch It used moving wheels with internal
Park, where Turing did some of his literally hundreds of people adjust and electrical connections as well as a plug
greatest work—in particular, it looks refine it to get it into production as board to make it virtually impossible
at how Turing was deeply connected quickly as possible. Being surrounded to read the scrambled text without
to many other brilliant people during by adequate resources and knowing knowing the choice of the encryption
and after his time there. that if you solve the problems you face wheels’ initial settings and plug con-

6 COMPUTER Published by the IEEE Computer Society 0018-9162/12/$31.00 © 2012 IEEE

nections. Each day, all the Engima
operators for a particular communica-
tion network used a different machine
setup known as a key. If the operator
could determine the key using one
message on a particular day on a par-
ticular network, it was a simple matter
to decrypt all messages sent by opera-
tors on that network for that day.
Alan Turing designed a machine at
Bletchley Park called the BOMBE that
would mechanically help determine
the daily key used by a particular
group of Enigma operators by trying
many different possible key com-
binations very quickly. The BOMBE
had its roots in the BOMBA, an ear-
lier mechanical code-breaking device
developed in Poland by Marian
Figure 1. From Polish Bomba to the birth of the digital age: Alan Turing’s work at
Rejewski, Jerzy Różycki, and Henryk
Bletchley Park. Artist’s rendering by Matt Pinter.
Zygalski of the Polish Cypher Bureau.
The Polish team shared the design
with Turing and others at Bletchley repeatedly testing possible settings but he wasn’t involved in the Colossus
Park five weeks before the German for the wheels and stopping when it computer’s development.
invasion of their country in 1939. As found a possible correct setting. More There was no possible way to build
described by Paul Kellar of Bletchley than 200 BOMBE machines were built a mechanical code-breaking machine
Park, for use at Bletchley Park. for this new encryption technique, so
Although Turing designed the engineers at Bletchley Park started
[The Poles] told Turing and the people BOMBE’s algorithm, the machine was building electronic computers to
here everything they had done for engineered and built by a team at the implement faster code-breaking
which we are and should be very British Tabulating Machine Company, algorithms. After testing an earlier
grateful, but they also proved that it led by Harold (Doc) Keen. Gordon version (the Mark I), the Colossus
was possible and that was the spur Welchman, also from Cambridge, Mark II emerged—it could help break
that kicked the Brits into actually doing added the Diagonal Board concept, an encrypted high-command mes-
something about it. which dramatically reduced the sage in roughly six hours. The first
number of random or incorrect stops. Colossus Mark II was up and running
The Polish approach to breaking All in all, developing the BOMBE was at Bletchley Park on 1 June 1944 and
the Enigma depended on the way the very much a team effort. helped decrypt strategic traffic in
message header was added at the time to inform the D-Day invasion on
beginning of each message. But in BUILDING THE COLOSSUS 6 June 1944.
early May 1940, the Germans changed Later in the war, Germany started Tommy Flowers, a telecommuni-
their method for adding headers. using much more sophisticated cations engineer with the British Post
Turing’s solution was based on the encryption devices, including the Office, built the Colossus. According to
fact that many military messages are Lorenz SZ42. The SZ42 had 12 wheels Kevin Murrell of the National Museum
routine and use identical phrases day and sent encrypted data using five-bit of Computing at Bletchley Park:
after day, such as “Nothing to report” teleprinter codes rather than Morse
or “Weather forecast for today is …” code. Hitler and his generals used it Tommy came up with the idea to use
If the researchers had the encrypted for longer, more strategic messages. electronics to do this [solve the Lorenz
text and the guessed plaintext (the Manual decryption of a single mes- encryption]. At the time, the idea of
“crib”), it was only a matter of time sage took nearly six weeks, so the using more than half-dozen valves in
before they could compute the wheel Allies needed an automated solution. a circuit was never considered. Valves
settings used to encrypt the message. Turing was involved in developing had a bad reputation; people had
The BOMBE was a mechanical some of the approaches used to crack valves in their radios at home, and they
device that simulated 36 Enigmas, new messages encoded with the SZ42, failed when they switched the radios

JUNE 2012 7
 C OMP U TING C ON V ERS ATIO N S

on. The idea of using 2,500 [valves] meant that they could afford to take presented itself, he threw himself into
was simply phenomenal. But Tommy big risks on untried technologies, finding a solution.
understood that it was almost certainly decide to try more than one approach However, Turing wouldn’t have
the thermal shock that kills valves simultaneously, and quickly work out progressed as quickly as he did
in the first place. So if you leave the the engineering details on new tech- without the help of other math-
machine on and don’t subject it to that nologies. Once the war was over and ematicians, linguists, scientists, and
shock, you won’t have the problem. the pressure was off, Turing, Welch- engineers who could quickly vali-
man, Newman, and others went back date his ideas and improve on them,
Ultimately, the engineers at the into academia; with more time to and then build hardware that put the
British Post Office built 10 Colossus reflect, they adapted electronic tech- ideas into successful production. The
computers, and they were never nologies to build general-purpose quick turnaround on each idea and
powered off except when there was electronic computers. the need to solve increasingly com-
a failure. Using this technique, the plex cryptanalysis problems moved
valves turned out to be quite reliable, BLETCHLEY PARK TODAY computational thinking forward very
and some of the vacuum tubes in As a computer scientist, you owe it quickly during that time period.
the rebuilt Colossus machine that to yourself to visit Bletchley Park; it’s Sometimes, Turing was at the
runs today at the National Museum a necessary pilgrimage that helps you center of the design of something
of Computing at Bletchley Park date fully understand the foundations of like the BOMBE and at other times,
back to the 1940s. our field. What’s particularly striking he was on the periphery, such as in
is the juxtaposition of the BOMBE the Colossus’s development. As Joel
AFTER THE WAR as a highly developed mechanical Greenberg says,
All of the technology developed at computing device and the first
Bletchley Park remained top secret generation of electronic computing They threw together the smartest
long after the war. But the knowledge machines in the form of the Colossus. people in Britain, and said, “Here is the
that it was possible to build a fast, reli- Between the two devices, you can see budget, this is the end game.” That is
able electronic computer remained in the seeds of the electronic computing why they [the people at Bletchley Park]
the minds of those who had worked age. It’s like comparing a highly invented some of these technologies
on the technology. According to Joel refined horse-drawn carriage to the t h a t pr oba bly wou ld not h ave
Greenberg of Bletchley Park, earliest automobile. [otherwise] been invented for years.
One of the goals of Bletchley Park’s
At the end of the war, Turing went to curators is to make sure the historical The fact that Turing never had to
work at the National Physics Labora- systems actually run. When you visit, worry about funding his research or
tory, then he went to the University you can see and feel a rebuilt BOMBE even publishing the results in journals
of Manchester, where Max Newman, actually running; the Colossus is in (since they were top secret) let him
who had run the department where the daily production as if it were still focus on moving his thinking forward
Colossus computers had been located World War II. As you walk by it, as quickly as possible, unfettered
at Bletchley Park ended up as the head you can watch and hear paper tape with academic minutiae—at least
of mathematics. At that point, Turing whizzing by at 30 miles per hour and during his years at Bletchley Park.
became involved in the very early feel the heat radiating from the tubes.
computer developments in Britain … Until you can visit in person, watch Acknowledgments
like the Manchester Baby and Ferranti the video of my visit to Bletchley Park I thank the Bletchley Park Trust,
Mark I. Gordon Welchman immi- and the National Museum of Comput- the National Museum of Computing,
grated to the United States in 1948 and ing. I got an up close and personal Joel Greenberg, Paul Kellar, and Kevin
Murrell; I also greatly appreciate the
became involved in many of the early tour of a running BOMBE and Colos-
insightful comments from the review-
American computing developments, sus and spent some time in Alan ers of the video and article.
like Project Whirlwind. Welchman Turing’s office in Hut 8.
worked at MIT and taught the first
Charles Severance, Comput ing

T
course in computing science at MIT.
Conversations column editor and
uring was arguably one of the
Computer’s multimedia editor, is
Interestingly, the time pressures most brilliant mathematicians a clinical associate professor and
of immediate wartime needs at at Bletchley Park during World teaches in the School of Information
Bletchley Park kept Turing and his War II. He designed or influenced at the University of Michigan. You can
colleagues from building more gen- virtually every technology developed follow him on Twitter @drchuck or
eral-purpose computers, but it also there, and whenever a new challenge contact him at csev@umich.edu.

8 COMPUTER
C omp u ting C o n v ers at io n s

Monash
Museum of
Computing
History
Charles Severance
University of Michigan

Smaller, localized computing museums like the one hosted at

Australia’s Monash University offer an important complement to
larger sites.

I
love going to graduation cer- my idea of 30-year-old artifacts being of where each artifact fits into its
emonies and am always quick ancient history was a pretty silly historical context.
to volunteer when the university notion and turned to talk to someone
needs faculty representatives more interesting. AN AUSTRALIAN EXAMPLE
to fill one role or another. I love the The Monash Museum of Computing
energy of the graduates and their PRESERVING COMPUTING History (MMoCH) was founded in
families celebrating these successful HISTORY 2000 on the Caulfield campus of
educational efforts. I also like meet- If historians are not interested in Monash University near Melbourne,
ing a random cross-section of the history until artifacts are hundreds Australia. The museum received a
faculty from all over campus while or thousands of years old, then we in small grant to build public displays
we wait in the back room, eat snacks, computer science must work together and supporting materials. The facility
and get dressed in our robes and to be our own historians. We must consists of several public displays
funny hats. explicitly keep track of important on the first floor of the computing
At one of these pregraduation artifacts and record the stories and building (Building B) as well as storage
receptions, I sat next to someone from lessons that surround them. This space for artifacts not on display and
the history department and figured doesn’t mean that we should all fill limited support for artifact curation
that to get the conversation started, I our garages with outmoded devices and cataloging.
would tell him about my own fascina- until they become historica lly Judy Shea rd, director of the
tion with the history of computing. I significant. If each of us kept our museum and a university faculty
explained that computing and tech- own computer museums, we would member, describes the community’s
nology create “ancient” history at an all soon be in trouble with our friends involvement with the museum:
unprecedented pace. After 20 years in and families.
the field, even the most modern tech- It’s therefore indeed fortunate When school children come to the
nology looks like a quaint, disposable when a computing department invests museum, we have an hour tour. We
antique from a bygone era. I asked space, money, and time into retaining take them through the museum, start-
him if anyone in his field recognized and cataloging these artifacts. Not ing with the calculating machines. We
that we’re losing these artifacts and only are computer scientists often in talk about what people did before we
was interested in studying this very possession of them as they pass into had computers and explain, “What is
recent ancient history. He thought obsolescence, they have a good sense a computer?” and “How did we come

0018-9162/12/$31.00 © 2012 IEEE Published by the IEEE Computer Society MARCH 2012 7
 C OMPUTING C ONVERSATIONS

I
up with the word computer?” We have mary function of operating systems, hope that other schools will follow
a picture of women using slide rules [which is] to allocate resources and the the Monash Museum of Computing
in 1948 doing their calculations and efficient use of resources. History’s lead and integrate histor-
[explain] the idea that the first com- ical displays into their public spaces,
puters were people. Often they were The museum is a combination hallways, and curriculum. Having a
women, and so that is an interesting of the overall history of computing, sense of history close at hand makes
bit of social history. placed in the context of the history for more well-rounded students, and
of computing in Australia broadly as when enough time passes to capture
One of the advantages of hosting well as the particular contributions their interest, the “real” historians will
a computing museum at a university of the faculty and students at Monash be able to excavate at the sites of long-
is the ability to integrate university University. buried computer science buildings to
artifacts into teaching. According to It’s clearly a labor of love. Like any find the artifacts that we left behind.
Chris Avram, another faculty member museum, it faces a persistent lack Or perhaps, 2,000 years from now, all
at Monash University, of funds and low staffing levels, but of YouTube’s archives will be on the
those involved remain committed to average wristwatch, and everyone can
Even before we had the museum, we maintaining the collection. According just watch the video interview associ-
had the CSIRAC, the fourth stored pro- to Judy Sheard, ated with this article at //URL//.
gram digital computer in the world. In
1972, it arrived on campus for storage History is so quickly forgotten, and
Charles Severance, editor of the
Computing Conversations column
purposes, and they put it in a display there is a danger that we forget about
and Computer’s multimedia editor,
case. When I arrived in 1988, I would these things. If we don’t have them
is a clinical associate professor and
always take my introduction to archi- around for people to see, they forget teaches in the School of Information
tecture students past [the CSIRAC]. It about the history of the technology at the University of Michigan. Follow
had so much to tell students about the they are using. And I think that is a him on Twitter @drchuck or contact
origin of operating systems and the pri- real danger. him at csev@umich.edu.

8 computer
 S CIENCE
C OMP U TFIC
INGT IO
C ON
N PROTOT
V ERS AT ION
Y PING
S

Len Kleinrock:
The First Two Packets
on the Internet
Charles Severance, University of Michigan

Len Kleinrock describes the Internet’s humble beginnings.

A
lthough it might seem that all those other researchers have: During the design phase, some great
like the Internet has graphics, database, and all the rest.” people joined us. Herb Baskin said,
been around since the ARPA said it couldn’t afford that and “If this network can’t deliver short
beginning of time, it did offered access to those resources messages within a half-second, I
indeed start somewhere. The first through a network rather than by rep- can’t use it for time sharing,” so that
two packets ever sent on the Arpanet licating them; the need for the network became part of the specification. We
originated in a lab at the University of was for resource sharing, not to protect got it down to 200 milliseconds. Wes
California, Los Angeles, and ended up the US against a nuclear holocaust. Clark said the switch needed to be a
at the Stanford Research Institute on completely separate computer for
29 October 1969. Building a multi-institutional, communications. Artificial traffic gen-
I visited with Len Kleinrock at wide-area network to connect di- erators, measurement hooks, a way to
UCLA to learn the story of those first verse computing hardware would be evaluate the measurements—as a net-
two packets; visit www.computer. a significant effort that needed care- work researcher, I put all of that into
org/computingconversations to view ful coordination: the requirements.
our discussion.
ARPA brought in Larry Roberts—an The design was developed
OFF TO THE RACES office mate of mine at MIT—to manage throughout 1967, and in 1968, the
ARPA funded the Arpanet, the first this project. He came to me because he team sent out a formal Request
version of the Internet, because it knew my work; he watched me develop for Proposal. Bolt, Beranek, and
wanted to make the best use of its my simulation using his compiler on Newman (BBN) won the contract to
research investments, which were the TX-2 computer. He said, “Len, we produce the Arpanet’s first switch,
scattered in various university cam- need to know if this thing is going to and UCLA functioned as the first
puses across the country: work.” He knew that I had the theory, node and the Network Measurement
so I could show him that it would work. Center, responsible for testing and
The University of Utah had a terrific Later, he said that he never would have verifying the new networking hard-
graphics operating system, SRI had decided to spend millions of dollars ware and software:
database expertise, we had simula- of the US government’s money if he
tion technology, and the University of wasn’t sure that it would work. All those specs went to BBN, which
Illinois had high-performance comput- built the darned thing and delivered
ing. Every time ARPA brought on a new Len and Larry spent about a year the first switch to UCLA eight months
researcher, it offered to buy a computer bringing experts together to develop after it got the contract, on time and on
for that person, but researchers invari- a specification for the new network’s budget. It came here, we plugged it in,
ably said, “I want the same capabilities software and hardware: and bits began to move back and forth

10 COMPUTER Published by the IEEE Computer Society 0018-9162/14/$31.00 © 2014 IEEE

 between our time-sharing machine always on display for the public to One of the things I was very much
and that switch on the day after Labor see. It currently sits in Boelter Hall interested in was distributed control.
Day, 2 September 1969. in the exact room where those first I was a student of Claude Shannon,
two packets were sent from UCLA to and his best work came when a lot of
LO AND BEHOLD SRI. The room has been restored to things interacted—long code words, for
The second switch went to the SRI look exactly as it did in 1969. Even example. That’s when these emergent
in Palo Alto in October 1969, and the architects at UCLA are finding properties would arise. For this reason,
once it was connected to the SRI ways to commemorate the historic I wanted to design large networks, and
host computer, the team could join events that happened in Boelter Hall to design a large network, you cannot
the two switches and test them. that day: have a single point of control—you
The initial 50-Kbps connection was need to distribute control. When you
made up of multiple 4.8-Kbps leased If you come in the back entrance to distribute control, you delegate author-
lines ganged together: the building, you walk on a mosaic ity to all peers.
of tiles. It has a strange pattern that
One night in late October, Charley Kline turns out to be ASCII code for “Lo and ARPA believed in the research-
and I said, “Let’s communicate between behold!” The tiles memorializing our ers involved in the project and gave
these two machines,” so we got hold of message were quietly installed there them a lot of autonomy:
Bill Duvall at SRI and said, “Let’s log in by the UCLA architect, Erik Hagen,
from a terminal connected to the UCLA about a year and a half ago now, When ARPA started funding principal
computer and then from the UCLA only to be recently discovered by Viet investigators, it had the same philoso-
computer, log into the SRI computer Nguyen, a first-year computer science phy of delegating authority—“You’re a
over the network.” The host computers undergraduate student. smart guy, here’s some money, go do
were both time-sharing systems that the thing you do best, and we won’t sit
expected terminals to connect locally THE NEXT GENERATION on top of you.” When I received that
and use the machine’s services. The Although UCLA was initially respon- kind of money, I did the same with my
plan was to sit at a UCLA terminal and sible only for testing and measuring graduate students. They’re brilliant
log on to the UCLA machine and then the Arpanet, over the next decade, it kids, so I would tell them, “We need a
through this wonderful network, log assumed leadership of the Arpanet host-to-host protocol. You build it—I’m
on to the SRI computer as if we were a effort as graduate students includ- not going to sit on top of you.” That
local user at SRI. ing Vint Cerf, Steve Crocker, Jon isn’t a “product” mentality—that’s a
Postel, and Charley Kline became research and development and creative
To help debug the new software, the project’s leaders, managers, and mentality. And it works so well.
the team had an analog audio con- developers. Initially, BBN saw the

I
nection using one of the 4.8-Kbps Arpanet and IMPs as “black-box” t certainly did work well, and
lines between UCLA and SRI. They products, but ARPA ultimately forced after nearly 45 years, the
watched both systems and the com- BBN to open the system’s source code: notion of distributed control,
munication channels very carefully emergent properties from large
as they started the test: We could break it at will, and every networks, and delegating authority
time we did, we would call BBN and to our peers makes it possible for
Charley typed the L, and we asked if tell those guys to fix it because they us to almost forget that perhaps
Bill saw it—he said yes. Charley then wouldn’t give us the code. They kept the most complex collective engi-
typed the O, and Bill saw it on his end it proprietary until ARPA said that it neering endeavor humanity has
as well. We were trying to do “LOG” for had paid for the code and forced BBN ever attempted works so well we
“LOGIN,” but when Charley typed the to open it up. Once we had the code, we barely notice it anymore. “Lo and
G, the SRI computer crashed. So the would discover a fault and would show behold,” indeed.
first message ever on the network was them how to fix it, but it still took them
“LO” as in “Lo and Behold.” six months to fix it. Charles Severance, Computing
Conversations column editor and
For all the years since 1969, Klein- Over time, the project moved to Computer’s multimedia editor, is
rock has kept interface message a more open source approach over- a clinical associate professor and
processor (IMP) serial number 1 at all and drew its technical directions teaches in the School of Information
UCLA. There has been discussion of and leadership from the growing Ar- at the University of Michigan. Follow
putting it in the Smithsonian, but he panet community: him on Twitter @drchuck or contact
wanted to ensure that the IMP was him at csev@umich.edu.

MARCH 2014 11
 C omp
C oluuting
mn Sec
C ontion
v ersTit
atio
l en s

Len Kleinrock: The

Theory of Packets
Charles Severance

Len Kleinrock describes his path to packet networks.

I
n 1958, Len Kleinrock was hard and not of great significance. of processor time, you gave each
wrapping up his MS in electri- That wasn’t what I signed up for—I job a short time slice, and when that
cal engineering at MIT and wanted to work on a problem time was up, you gave the proces-
preparing to start at Lincoln that would be fun, exciting, and sor to another job for a time slice.
Labs when one of his professors, challenging, with a real impact. In this way, all jobs made some
impressed with his work, insisted progress toward completion and
that he continue his education Researchers at MIT and Lin- evenly shared the delay due to
and pursue a PhD. From there, coln Labs were building computers oversubscription:
the rest is history. I recently spoke that would ultimately need to talk
with Kleinrock about his life and to each other. Specifically, these I thought that time-slicing was a great
legacy; you can view our con- computers would need to have in- idea for sharing communications.
versation at www.computer.org/ teractions with many different We give everybody a little bit of com-
computingconversations. computers that were short and munications time—the little ones will
bursty, followed by relatively long filter through, and the long ones will
A New Direction periods of no communication at all: take a little longer, and they won’t
Kleinrock decided that if he was mind being interrupted by the little
going to invest the time, he would I knew that computers, when they guys but not conversely. The impor-
only work on an important problem, talk, go “blast” and then they’re quiet tant thing in this technology is to
one whose solution would make a for a while—a little while later, they protect the very short messages from
difference: suddenly come up and blast again. waiting behind very long ones. This
You can’t afford to dedicate a commu- automatic round robin for data com-
I decided I would work for the best nications connection for something munications is now called “packet
professor I knew at MIT and that was that almost never talks, won’t warn switching”. You chop messages into
Claude Shannon—the brilliant, won- you when it wants to talk, but that fixed lengths and give them a small
derful, magnificent Claude Shannon. when it does talk, it wants immediate fixed amount of time on the wire;
Working for the man was a delight. access. The circuit-switched tele- if that isn’t enough, you give them
He was a great engineer, a great math- phone network, which was designed another little bit, as each small piece
ematician, and smart as heck. for continuous talking, was totally goes flying through the network on
I looked around and observed inadequate. its own.
that most of my classmates were
working on problems involved with Kleinrock took his inspiration Packets Are the Answer
information theory, the field that from the techniques commonly Kleinrock realized that when
Shannon had created. It seemed to me used in the multiuser timesharing messages are broken into packets
that these problems were “left over” operating systems of the time. If and those packets are sent through
by Shannon, and so were probably multiple jobs needed a large amount the network using a round-robin

6 computer Published by the IEEE Computer Society 0018-9162/13/$31.00 © 2013 IEEE

scheduling approach, you could were amazingly close. So I had my which I could implement the technol-
use queuing theory to build a solid solution, I could prove the accuracy ogy I had developed.
model of the overall throughput and of my mathematical theory, show
average message delay. It seemed that the packets wouldn’t fall on the Finished with his PhD, Kleinrock
simple enough, but as Kleinrock got floor, and I could tell when things prepared to begin his career as a
into the details, it turned out to be would work well and when they Lincoln Labs researcher; it had sup-
challenging: would not. ported him financially as he earned
his MS and PhD:
I set up this mathematical model and With the mathematical model
found it was analytically intractable. and the independence assump- When I prepared to go to work there,
I had two choices: give up and find tion validated, Kleinrock finished the first thing they said was, “Look,
another problem to work on, or make Len, why don’t you look outside
an assumption that would allow me before you commit to work here so
to move forward. So I introduced I could prove the that you make sure there’s nothing
a mathematical assumption that accuracy of my out there that you really would like
cracked the problem wide open. mathematical model, better.” This was truly a magnificent
This “independence assumption” [and] show that step on their part. So I took a trip to
says that when a message travels the West Coast and interviewed with
packets wouldn’t
through the network, it changes its some of the aerospace companies;
fall on the floor.
length independently every time it I wasn’t interested in a university
hits a new node as it hops through position at all. But it turns out when
the network. Mathematically, this I was going up to San Francisco to
creates a statistical independence his PhD thesis in 1962; McGraw-Hill look at some of the high-tech com-
that allows you to proceed with the published it in 1964. The book was panies up there, a friend suggested
analysis, but it is clearly not a true a clear road map as to how to build that I interview at Berkeley. So I did,
assumption. From that point, I could the scalable shared wired and wire- but they changed chairmen and lost
just sail through the solution, derive less networks we take for granted my paperwork; I never heard from
the performance behavior, optimize today. Its model was solid and them.
the design, and uncover the underly- its conclusions clear; all that was
ing principles. needed was to get to work and build Kleinrock was finishing up at MIT
a network: when one of the professors at Berke-
The real question, of course, was ley who had met with him during
whether the simplifying assump- But nobody cared. I went to AT&T, the interview process came to MIT
tion skewed the theoretical results the biggest network of the time, and on sabbatical and they ran into each
so they wouldn’t be useful as an ap- explained, “You guys ought to give other:
proximation of real-world network us good data communications.” The
behavior. Kleinrock addressed this answer was, “What are you talking He saw me in the hall and said,
by building simulation software about? The US is a copper mine; it’s “Kleinrock! How are you?” He thought
that would test the independence full of telephone wires…just use that.” I was looking for an academic posi-
assumption: I said, “No, you don’t understand. It tion, so he contacted one of his
takes you 35 seconds to set up a call, friends at UCLA, who then invited me
I had to write a program to simulate you charge me a minimum of three out, offered me a job, and presented
these networks with and without minutes, and I want to send 100 milli- me with a dilemma: Do I want to
the assumption. I simulated many seconds of data.” And the answer was, teach? Do I want to cross the US and
networks on the TX-2 computer at “Little boy, go away.” be 3,000 miles from the East Coast,
Lincoln Laboratories. I spent four So little boy went away and with where the world is, for a job paying
months writing the simulation pro- others developed this technology half of what I could earn at MIT/Lin-
gram. It was a 2,500-line assembly that ate AT&T’s lunch. They said it coln Labs to try something that I had
language program, and I wrote it all wouldn’t work and even if it did, never tried before?
before debugging a single line of it. they wanted nothing to do with it. So I went to Lincoln Labs and
I knew if I didn’t get that simulation That was the environment we faced. said, “Look, I have this offer. It seems
right, I wouldn’t get my dissertation. It wasn’t until years later when the attractive. It’s a new challenge. What
I ran it, tested it with and without government decided that it needed a should I do?” And they gave a wonder-
the assumption, and the results network that suddenly I saw a way in ful and magnanimous answer: “Len,

AUGUST 2013 7
 C omp u ting c on v ers at io n s

try it, and if you don’t like it, come across the Arpanet were sent from Charles Severance, Computing
back.” So I started at UCLA 50 years Kleinrock’s lab at UCLA to a system Conversations column editor and
ago in August 1963, and I’m still here. at Stanford Research Institute. The Computer’s multimedia editor, is
network crashed after the second a clinical associate professor and
teaches in the School of Information
In his 50 years at UCLA, Kleinrock packet was sent.
at the University of Michigan. Follow
has accomplished enough to fill sev-

B
him on Twitter @drchuck or contact
eral books. As the Arpanet project eneath millions of network him at csev@umich.edu.
got off the ground, he founded the links, billions of comput-
Network Measurement Center and ers, and trillions of packets
along with UCLA graduate students flying around the world at any given
Vint Cerf, Steve Crocker, Jon Postel, moment, a solid mathematical
and many others, was an essential model developed back in the early Selected CS articles and
part of the early Arpanet develop- 1960s proves that all those moving columns are available for free at
ment. The first two packets ever sent parts actually can work reliably. http://ComputingNow.computer.org.

8 computer
 C omp
C oluuting
mn Sec
C ontion
v ersTit
atio
l en s

Katie Hafner:
The Origins of
the Internet
Charles Severance

Katie Hafner describes how she came to write her book, Where Wizards
Stay Up Late, about the history of the Arpanet.

T
he Arpanet was quietly There was this whole world of coders material. I felt like I should be paying
decommissioned on and hardware guys in the 1960s, and somebody to do this.
28 February 1990. The I thought to myself, “I bet there’s an
modern Internet, with interesting story in here.” My editor She started visiting Boston,
its speed, graphics, and video, might at Simon and Schuster was totally Washington, DC, and Los Angeles,
make its precursor seem like a behind it, but the working title was and attending various Internet
dusty antique from a much earlier really bad: “Building Cyberspace.” Society and Internet Engineering Task
age, but today’s Internet owes a Matt, my late husband, didn’t come Force meetings and conferences:
tremendous amount of its success on until about a year into it, when I
to research done while building the was getting overwhelmed—I had this The research took a couple of
Arpanet. new baby, I was working at Newsweek, years. Cyberpunk involved driving
Back in 1993, Katie Hafner, and I realized that there was much everywhere because it had three
then a Newsweek reporter and more to the story than I could do by different stories of three different
co-author (with John Markoff) of myself. It would have taken double hackers. Between that book and
Cyberpunk: Outlaws and Hackers the time. Wizards, email had become much
on the Computer Frontier, decided more popular, so we did a lot of
to write a book about the Arpanet’s The book research took over emailing back and forth.
history before it disappeared three years, as Hafner visited with I was living in Austin at the time,
forever. I recently interviewed and interviewed key members of the and I took a lot of trips from Austin to
Hafner about 1996’s Where Wizards Arpanet team: Boston, and I spent a lot of time in
Stay Up Late: The Origins of the Los Angeles.
Internet. You can see the entire One of the most amazing things
interview at ww.computer.org/ was visiting Larry Roberts. We were One of the Arpanet leaders with
computingconversations. at his house in Woodside, and we whom Hafner spent a lot of time was
went out into his garage, which Jon Postel, inventor of the Domain
AN IDEA FORMS had all these boxes of old mildewy Name System:
Hafner became involved papers—old letters from the 1960s
in the book project on the between Larry and the people at MIT. He died in 1998, which was a shock.
recommendation of friends. As They also contained this amazing I spent a lot of time with Jon. He had
the work progressed and its scope set of sketches of all the possible this very long Santa Claus-like beard
expanded, her husband, Matthew configurations of what this network and lived in a tiny house in the LA
Lyon, became involved in the could look like. I just loved finding area with his girlfriend, a very nice
project: all this incredible primary source woman named Susan. Jon lived so

6 computer Published by the IEEE Computer Society 0018-9162/13/$31.00 © 2013 IEEE

 unpretentiously. He had all his files in the December 1994 issue of used. Books like Katie Hafner’s Where
right there in his study in this little Computer, “Innovation Delayed Is Wizards Stay Up Late do a wonderful
house, and he was so patient as he Innovation Denied” (pp. 45-47). job of capturing these breakthrough
tried to explain things to me. When moments close to the time when
I was working on the book, I sent they actually happened. Thanks to
him an email that said, “Just out I just loved finding her and other writers like her, when
of curiosity, why haven’t you ever all this incredible we finally realize the importance
wanted to get rich?” That was when primary source of these breakthroughs many years
people were starting to get rich, material. I felt like later, we can go back and learn from
in the mid 1990s. He replied, “That’s I should be paying those who made them.
not what this is about.” That’s who somebody to do this.
he was. Charles Severance, Computing
Conversations column editor and
SHINING A LIGHT Computer’s multimedia editor, is

W
a clinical associate professor and
I asked Hafner why she thought e in the computing
teaches in the School of Information
the mainstream computing and profession are often far
at the University of Michigan. Follow
networking companies effectively too quick to drop last him on Twitter @drchuck or contact
ignored the ideas behind the year’s model and replace it with him at csev@umich.edu.
Arpanet for such a long time: next year’s shiny toy. We forget the
moments when a technology truly
Think about it—back then, the was breakthrough and instead focus Selected CS articles and
1960s, AT&T was a monopoly. on its later iterations, which are columns are available for free at
The people running AT&T simply naturally more polished and widely http://ComputingNow.computer.org.
didn’t see it; they were in their own
context, and, really, thank goodness
they didn’t get their hands on this
thing. Ditto IBM and DEC. It sounds
terrible to say this, but it was a
happy accident of coincidences.

Another issue is the role of the

government in creating the funding
and policy conditions to allow work
like the Arpanet to exist and thrive.
I asked Hafner how she saw Al
Gore’s place in the history of the
Internet:

Al Gore is totally underestimated

and unappreciated. Every time I
tell people I wrote a history of the
origins of the Internet, they say very
mockingly, “Oh, did Al Gore invent
it?” I won’t play into that because he
had a huge role in terms of policy
and direction. When Bill Clinton ran
for president, they were out there
with this very important technology
white paper. You can’t do things like
this unless you have the support that
people like Al Gore provided.

Interested readers might want to

read the article that Gore wrote

JULY 2013 7
 C OMP
C OLUUTMN
ING SEC
C ONT VION
ERSTIT
ATLION
E S

Doug Van Houweling:

Building the NSFNet
Charles Severance, University of Michigan

Doug Van Houweling describes how the NSFNet went from connecting a
few supercomputers to becoming “the Internet.”

T
he Arpanet connected centers, and the University of own communications processors
ARPA’s computers to Michigan was one of many that built on Digital Equipment Corpora-
researchers during the wanted in. However, the in- tion systems.
1970s and 1980s. In the clusion of the Japanese-built
mid-1980s, the National Science IBM-370–compatible computer in Although Merit wasn’t deeply
Foundation (NSF) decided to deploy its proposal was a risk because involved in the early Arpanet proj-
shared supercomputing resources it turned out that the US govern- ect, it had extensive experience
at several universities around the ment wasn’t inclined to spend in packet-switched networks and
country. It connected those centers scarce research dollars purchas- helped to operate the 56-Kbit first-
with a TCP/IP network that would ing major computing equipment generation TCP/IP-based NSFNet
eventually become known as the from a company outside the US: backbone that initially connected
NSFNet and later evolve to be the the five supercomputer centers
public Internet. I was visiting the NSF and had gotten starting in 1986.
Doug Van Houweling was the to know Eric Bloch, its director at the
University of Michigan’s CIO back time, so we talked about Michigan’s NEW PARTNERS
in the 1980s and was instrumental proposal. It was clear to me from our The team at Merit wanted to keep
in bringing together several part- conversation that there was no way the budget for the project under
ners to craft the grant that greatly that the Michigan proposal would be $15 million to make sure the
broadened the NSFNet—he was funded. I told Eric that it might be proposal was financially attractive
also involved in guiding the project even better for Michigan if we could to the NSF:
through 1995. Visit www.computer. run the net work that would con-
org/computingconversations to view nect all the centers together. At the As we thought about how we would
our discussion. time, I was chairman of the board at create this proposal, we realized very
Merit, Michigan’s statewide network. rapidly that $15 million would only
STARTING WITH Over the years, in parallel with the fund a 56-Kbit network, which we
SUPERCOMPUTERS packet-switching protocol develop- already knew would be insufficient. So
In the mid-1980s, the NSF issued ments that had been involved in the we immediately started thinking about
a request for proposals from uni- Arpanet, Merit had developed its own how we could expand the envelope for
versities to host supercomputer packet-switching network, using its the proposal.

0018-9162/14/$31.00 © 2014 IEEE Published by the IEEE Computer Society APRIL 2014 7

r4con.indd 7 3/20/14 1:07 PM

 C OMP U T ING C ON V ERS AT ION S

Merit started looking for partners got a commitment of $1 million per to build prototype cards that would go
who would be willing to contribute year from the State of Michigan: at 1.5 Mbits. When we the put the 1.5-
hardware, software, services, and Mbit cards into our test network, they
money to expand the project’s scope We submitted a proposal to the NSF for worked just fine, but when we put them
while staying within budget. Van $14.7 million—we knew the budget was into the production network, it started
Houweling had a friend named Al $15 million. But by including all this in- failing. After a lot of testing, we discov-
Weis who worked at IBM Research: kind activity, it was actually more like ered that the folks who had built the
a $55 million proposal. And it wasn’t T1 hardware for MCI had planned on
I called Al and described this as a great designed to be 56 Kbits—we could start using certain bit patterns for diagnosis
opportunity, but IBM wasn’t going to be at T1 or 1.5 Mbits with planned upgrades on the network and had never antici-
successful here, so I needed his help. over the period of the network’s life. pated someone using the full 1.5 Mbits
Al rallied some folks at IBM Research— as a single channel.
people who were actually working on A UNIQUE PROPOSAL
TCP/IP protocols. We had another meet- With an unlikely set of partners, MOVING ON UP
ing, after which some of us admitted and large in-kind contributions, Over the first few years of the
that some people in IBM do know some- the University of Michigan/Merit NSFNet, these technical details got
worked out, and the network started
to take off as regional networks
Once the NSFNet was upgraded to 45-Mbit formed and campuses were con-
communication links, it had enough bandwidth to nected. By 1990, the T1 circuits were
handle traffic growth for the life of the project. filling up, so it was time to move
to DS3 (45-Mbit) connections. This
would require entirely new router
thing about TCP/IP, and yes, they could Network offering was quite different software and hardware technologies
be partners. We got a tentative agree- from the rest of the proposals to to be developed:
ment from IBM that it would contribute build the NSFNet:
the hardware and the software to create Merit was still the principle investiga-
the network’s routing structure. We subsequently learned that our pro- tor on the grant, but it subcontracted
posal was received with considerable the development of this new 45-Mbit
Continuing to work through his skepticism by the reviewers at the NSF network to Advanced Network Services
IBM contacts, Van Houweling was because IBM was thought of as the [ANS], another not-for-profit organiza-
introduced to a former IBM em- enemy of the Internet because it was tion we created and headquartered
ployee named Dick Liebhaber, who so focused on its own proprietary pro- in Armonk, New York. IBM, MCI, and
was then the CTO and chief net- tocols. The reviewers really wondered Nortel each contributed $3 million to the
work operations officer for MCI. about our technical ability to pull this founding of this new organization, so it
Together, they approached MCI to off. The first review was conducted had the staff and facilities to do the inno-
donate the communications lines without reference to the actual funding vation necessary to get us up to 45 Mbits.
for the project: pattern, so when the wraps came off
about the amount of resources being Once the NSFNet was up-
At that time, MCI was a fledgling committed by our partners, we went graded to 45-Mbit communication
organization that some people had to the top of the list. links, it had enough bandwidth to
described as a law office trying to handle traffic growth for the life
create an environment that could offer But once the proposal was of the project. But as the 1990s
telecommunications up against AT&T’s awarded, Merit, IBM, and MCI progressed, there was increasing
lobbying efforts. It had just succeeded needed to deliver on their promises: pressure to move management and
in reaching that goal and had started operation of the “national Internet”
establishing facilities across the US. When we started the network, we had to the private sector:
Dick thought being part of the NSFNet T1 circuits, but there were no cards for
proposal was an opportunity to move computers that would go at 1.5 Mbits, The NSFNet was decommissioned in
MCI into the big time. so we had to build our initial routers 1995 when Congress decided that the
with 448-Kbit cards, subdivide the T1 federal government shouldn’t be in
With IBM providing the hardware circuits into three 448-Kbit circuits, the business of supporting something
and software and MCI providing the and build a mesh network among all that by that time, in its view, should
connectivity, Van Houweling also the routers. It took about a year for IBM have been a commercial facility. I

8 COMPUTER

r4con.indd 8 3/20/14 1:07 PM

 won’t ever forget sitting in a House in high-speed routing technology nondiscriminatory global network
hearing room in the Capitol next to for Internet backbones at that time, infrastructure that we enjoy today.
Mitch Kapor and the CEO of a small decided to kill all the work it had done
Internet startup who were complain- in developing these routers because it
ing that it was inappropriate for the threatened the company’s proprietary Charles Severance, Computing
NSFNet to be funded by the NSF network efforts. Canceling the router Conversations column editor and
because the startup could provide a effort within IBM was almost certainly Computer’s multimedia editor, is
national backbone as a commercial responsible for the fact that Cisco a clinical associate professor and
service. Meanwhile, the commer- became the dominant router provider teaches in the School of Information
cial backbone networks were using in the US rather than IBM. at the University of Michigan. Follow
him on Twitter @drchuck or contact

L
the NSFNet as their backup to carry
traffic when their much less reliable ooking back, it’s easy to him at csev@umich.edu.
networks failed. imagine that our current
networking environment
As Merit, MCI, and IBM transi- might have been quite differ-
tioned away from daily operations ent if the first research-centered
and maintenance, they were still in national TCP/IP backbone had
possession of the world’s fastest and been limited to a $15 million
most reliable router technologies. MCI budget between 1985 and 1990.
used its expertise and reputation to But when the NSFNet award was
quickly become a successful national given to an unlikely group of col-
backbone network provider. IBM had laborators, we ended up with a
to decide if it wanted to evolve its national network that was fast
market-leading routing hardware and enough for nearly a decade to
software into a commercial product: function as a platform for inno- 27 Nov and 28 Nov 2014,
Seeon Monastery, Germany
vations such as Gopher and the Full Paper Submission deadline: 16 May 2014
Conference Website
In a classic “innovator’s dilemma” World Wide Web, leading us www.ecsee.eu
moment, IBM, which was the leader to the shared, free, open, and

Expert Online
Courses —
Just $49.00
Topics:
Project Management, Software
Security, Embedded Systems,
and more.

www.computer.org/online-courses

APRIL 2014 9

r4con.indd 9 3/20/14 1:07 PM

C OMP
C O LUUTMN
ING SEC
C ONTIO
V ERS
N TAT
IT LION
E S

Nii Quaynor: Bringing

the Internet to Africa
Charles Severance, University of Michigan

The story of bringing the Internet to Africa is one of cooperation and

collaboration for the common good.

I
n the early 1990s, African sector in this case was me. I realized good because we really felt that we had
countries started upgrading that I would have had to wait on a to pull together or we would fail.
from “store and forward” university forever because it depends
networks such as FidoNet and on the government, and I would have Just like anywhere else in the
uucp to “always on” Internet con- had to wait on the government forever world, the first step was simply to
nections. I spoke with Nii Quaynor, because it had no clue. I knew how to get connected one way or another.
a founding member of the Depart- do it, so I decided to go for it no matter Once people found out about the In-
ment of Computer Science at the how small it ended up being just to ternet, they were in a hurry to get
University of Cape Coast in Ghana, make the point that it’s possible, and there by any means possible:
about what it took to build a com- in so doing, maybe I could create an
munity around Internet technology avalanche that will carry us forward. It was a mad rush, but it was a good
in Africa. Visit www.computer.org/ community-building activity in the
computingconversations for more of Elsewhere in Africa, different sense that we wanted to help each
this discussion. models prevailed for bringing in In- other. That sense of community across
ternet connections. In Egypt, the operators continues to this day. I run
WITHIN GHANA government was interested and the African Network Operator’s Group
As the Internet spread around the involved very early on. In South [AFNOG], the principle function of
world in the late 1980s, the first Africa, strong academic leadership which is to help operators support their
connections typically were to uni- made a difference. In West Africa, building capacity in many different
versities. But for many countries in Quaynor encouraged and helped areas, mostly in infrastructure-related
Africa, interest in the Internet was small private-sector efforts through- things such as routing issues or servers
initially limited to a relatively small out the region: for those who want to build informa-
group. Quaynor didn’t want to wait tion resources.
for the government or his university, I allowed Togo and other countries to
so he took the initiative and started transit their data through my connec- AFNOG (www.afnog.org) is
working through a small private tion in Ghana, and I sent engineers to home to most of the African con-
company to bring the first Internet install nodes in Gambia. Swaziland tinent’s technical community. The
connection to Ghana: brought telephone company staff to group meets two weeks each year:
me to be trained, and I did consult- one week is dedicated to training
Government wasn’t interested, so the ing services to help Ethiopia. We were and workshops, and the following
private sector took it up. But the private helping each other for the common week involves discussions around

0018-9162/14/$31.00 © 2014 IEEE Published by the IEEE Computer Society SEPTEMBER 2014 7
 C OMP U T ING C ON V ERS AT ION S

governance, research, and other As the Internet in Africa matured, members would elect their representa-
activities. One of the main goals is it was important for Africans to take tive and that person would serve on the
to continue to grow the commu- over this network management task. board for a period of one to three years
nity and build network talent across AfriNIC would be the world’s fifth with staggered reelections.
Africa: RIR, but it was important that the
entire continent be a single registry The effort to create a formal legal
Nobody gets paid, but we try to raise regardless of country and political structure for AfriNIC continued, but
money for student participants. Cisco boundaries. Operating a regional In- was repeatedly set back as connec-
is a regular funding source, and we get ternet registry requires a great deal tivity exploded in the late 1990s. Jon
funding from the International Devel- of agreement, technical know-how, Postel administered the worldwide
opment Research Center, the Internet and organizational capability: Internet Assigned Numbers Author-
ity and was a great supporter of
AfriNIC’s formation. He and Quaynor
Pull Quote Here were close friends:

Jon told me “just do it—it has to

happen,” so I invited him to come to
a meeting with African engineers. In
the middle of the meeting, someone
got up and said, “Why don’t we just
Society, Francophonie, Google, and The particular case of AfriNIC was split this up into the individual coun-
many others. Over time, we’ve become interesting. It took us 10 years to get tries and have us all go our separate
more self-sustaining. We ask par- accreditation. Of course, in the begin- ways?” At that point, I thought we were
ticipants from telco operators to pay ning, we didn’t even know what a “NIC” done. And to be honest with you, I’ve
higher rates so we can raise funds for was, but we knew it was very impor- never felt so ashamed because I had
academic and research participants. tant, so we started to build consensus been part of the interface between the
around it. African technical community and the
Once initial connectivity was in global community. I knew Jon Postel
place for these countries, a whole In the mid 1990s, when there as a friend and he had come to help
range of scaling, deployment, and were a few connections in each me, but my people weren’t ready. Jon
policy issues became the focus. country and most of the operators simply told me, “Get your people ready,
AFNOG functioned from the begin- knew each other, it seemed like a and you will have it.”
ning as an incubator for governance relatively simple matter to create Af-
efforts such as the Africa Top Level riNIC. But as Internet connectivity The efforts to build AfriNIC
Domain Organization (www.aftld.org). in Africa expanded, new stakehold- continued, and it was formally
ers kept joining the discussion. It recognized as the RIR for the Af-
TOWARD AFRINIC was clear that more structure was rican continent in April 2005. But
The Internet is built on Internet needed, so the people involved in the struggle wasn’t without its
Protocol addresses. Their careful the creation of AfrNIC switched consequences:
management and coordination is from an informal process to a more
necessary to make sure that pack- formal one in 1998: I realized that over those 10 years, I had
ets are properly routed between upset a lot of people. The other regis-
systems connected to the Internet The first proposal was made in 1995 tries had to give something up so that
anywhere in the world. and another in 1997, but we realized AfriNIC could exist. To me, it was obvi-
The first IP addresses for those that we had to move beyond casual ous that I couldn’t continue in the same
early connections on the African meetings. We went to Cotonou, Benin capacity as the leader of AfriNIC once it
continent were managed in an ad in 1998, to agree on specifics such became official.
hoc manner, with each country get- as, “Who would be on the board?”
ting address blocks from one of the We decided to do it geographically to Quaynor also feared that his
other four Regional Internet Regis- avoid questions like, “Why are there leadership might be a barrier to
tries (RIRs): North America (ARIN), so many people from the North and broader involvement of the more
South and Central America (LACNIC), nobody from the South?” We decided recent participants. He felt the need
Europe (RIPE NCC), and Asia-Pacific that each one of the geographical sub- for a fresh start as AfriNIC was
(APNIC). regions would elect one person. The being formed:

8 COMPUTER
 If I were to continue as the leader, we long-time leaders in the movement brings people together to find what
would get less participation—there to step aside and allow new leaders they have in common.
would be less motivation for people to emerge:
to make an effort. I felt it was more Charles Severance, Computing
important for more people to make A complete fresh start created a cer- Conversations column editor and
an effort than to have just one person tain flow of new entrants who wanted Computer’s multimedia editor, is
driving things forward. I knew that the to contribute service and leadership a clinical associate professor and
problem space was so large that even if to the community; it continues to this teaches in the School of Information
I had nothing to do with AfriNIC, there day, and it’s been very good for AfriNIC. at the University of Michigan. Follow
was plenty for me to do elsewhere. him on Twitter @drchuck or contact
him at csev@umich.edu.

T
At the moment when AfriNIC was he story of bringing the
legally transitioning from its startup Internet to Africa is one of
board and chairman to its first of- cooperation and collabora-
ficial board and chair, Quaynor tion for the common good. One of
dissolved the board and resigned the benefits of the Internet is that Selected CS articles and
as chair. He didn’t run for elec- it crosses political, geographical, columns are available for free at
tion and encouraged many other business, and legal boundaries and http://ComputingNow.computer.org.

Take the
CS Library
wherever
you go!
IEEE Computer Society magazines and Transactions are now
available to subscribers in the portable ePub format.

Just download the articles from the IEEE Computer Society Digital
Library, and you can read them on any device that supports ePub.
For more information, including a list of compatible devices, visit

www.computer.org/epub

SEPTEMBER 2014 9
C OMP
C O LUUTMN
ING SEC
C ONTIO
V ERS
N TAT
IT LION
E S

Nii Quaynor: Bringing

the Internet to Africa
Charles Severance, University of Michigan

The story of bringing the Internet to Africa is one of cooperation and

collaboration for the common good.

I
n the early 1990s, African sector in this case was me. I realized good because we really felt that we had
countries started upgrading that I would have had to wait on a to pull together or we would fail.
from “store and forward” university forever because it depends
networks such as FidoNet and on the government, and I would have Just like anywhere else in the
uucp to “always on” Internet con- had to wait on the government forever world, the first step was simply to
nections. I spoke with Nii Quaynor, because it had no clue. I knew how to get connected one way or another.
a founding member of the Depart- do it, so I decided to go for it no matter Once people found out about the In-
ment of Computer Science at the how small it ended up being just to ternet, they were in a hurry to get
University of Cape Coast in Ghana, make the point that it’s possible, and there by any means possible:
about what it took to build a com- in so doing, maybe I could create an
munity around Internet technology avalanche that will carry us forward. It was a mad rush, but it was a good
in Africa. Visit www.computer.org/ community-building activity in the
computingconversations for more of Elsewhere in Africa, different sense that we wanted to help each
this discussion. models prevailed for bringing in In- other. That sense of community across
ternet connections. In Egypt, the operators continues to this day. I run
WITHIN GHANA government was interested and the African Network Operator’s Group
As the Internet spread around the involved very early on. In South [AFNOG], the principle function of
world in the late 1980s, the first Africa, strong academic leadership which is to help operators support their
connections typically were to uni- made a difference. In West Africa, building capacity in many different
versities. But for many countries in Quaynor encouraged and helped areas, mostly in infrastructure-related
Africa, interest in the Internet was small private-sector efforts through- things such as routing issues or servers
initially limited to a relatively small out the region: for those who want to build informa-
group. Quaynor didn’t want to wait tion resources.
for the government or his university, I allowed Togo and other countries to
so he took the initiative and started transit their data through my connec- AFNOG (www.afnog.org) is
working through a small private tion in Ghana, and I sent engineers to home to most of the African con-
company to bring the first Internet install nodes in Gambia. Swaziland tinent’s technical community. The
connection to Ghana: brought telephone company staff to group meets two weeks each year:
me to be trained, and I did consult- one week is dedicated to training
Government wasn’t interested, so the ing services to help Ethiopia. We were and workshops, and the following
private sector took it up. But the private helping each other for the common week involves discussions around

0018-9162/14/$31.00 © 2014 IEEE Published by the IEEE Computer Society SEPTEMBER 2014 7
 C OMP U T ING C ON V ERS AT ION S

governance, research, and other As the Internet in Africa matured, members would elect their representa-
activities. One of the main goals is it was important for Africans to take tive and that person would serve on the
to continue to grow the commu- over this network management task. board for a period of one to three years
nity and build network talent across AfriNIC would be the world’s fifth with staggered reelections.
Africa: RIR, but it was important that the
entire continent be a single registry The effort to create a formal legal
Nobody gets paid, but we try to raise regardless of country and political structure for AfriNIC continued, but
money for student participants. Cisco boundaries. Operating a regional In- was repeatedly set back as connec-
is a regular funding source, and we get ternet registry requires a great deal tivity exploded in the late 1990s. Jon
funding from the International Devel- of agreement, technical know-how, Postel administered the worldwide
opment Research Center, the Internet and organizational capability: Internet Assigned Numbers Author-
ity and was a great supporter of
AfriNIC’s formation. He and Quaynor
Pull Quote Here were close friends:

Jon told me “just do it—it has to

happen,” so I invited him to come to
a meeting with African engineers. In
the middle of the meeting, someone
got up and said, “Why don’t we just
Society, Francophonie, Google, and The particular case of AfriNIC was split this up into the individual coun-
many others. Over time, we’ve become interesting. It took us 10 years to get tries and have us all go our separate
more self-sustaining. We ask par- accreditation. Of course, in the begin- ways?” At that point, I thought we were
ticipants from telco operators to pay ning, we didn’t even know what a “NIC” done. And to be honest with you, I’ve
higher rates so we can raise funds for was, but we knew it was very impor- never felt so ashamed because I had
academic and research participants. tant, so we started to build consensus been part of the interface between the
around it. African technical community and the
Once initial connectivity was in global community. I knew Jon Postel
place for these countries, a whole In the mid 1990s, when there as a friend and he had come to help
range of scaling, deployment, and were a few connections in each me, but my people weren’t ready. Jon
policy issues became the focus. country and most of the operators simply told me, “Get your people ready,
AFNOG functioned from the begin- knew each other, it seemed like a and you will have it.”
ning as an incubator for governance relatively simple matter to create Af-
efforts such as the Africa Top Level riNIC. But as Internet connectivity The efforts to build AfriNIC
Domain Organization (www.aftld.org). in Africa expanded, new stakehold- continued, and it was formally
ers kept joining the discussion. It recognized as the RIR for the Af-
TOWARD AFRINIC was clear that more structure was rican continent in April 2005. But
The Internet is built on Internet needed, so the people involved in the struggle wasn’t without its
Protocol addresses. Their careful the creation of AfrNIC switched consequences:
management and coordination is from an informal process to a more
necessary to make sure that pack- formal one in 1998: I realized that over those 10 years, I had
ets are properly routed between upset a lot of people. The other regis-
systems connected to the Internet The first proposal was made in 1995 tries had to give something up so that
anywhere in the world. and another in 1997, but we realized AfriNIC could exist. To me, it was obvi-
The first IP addresses for those that we had to move beyond casual ous that I couldn’t continue in the same
early connections on the African meetings. We went to Cotonou, Benin capacity as the leader of AfriNIC once it
continent were managed in an ad in 1998, to agree on specifics such became official.
hoc manner, with each country get- as, “Who would be on the board?”
ting address blocks from one of the We decided to do it geographically to Quaynor also feared that his
other four Regional Internet Regis- avoid questions like, “Why are there leadership might be a barrier to
tries (RIRs): North America (ARIN), so many people from the North and broader involvement of the more
South and Central America (LACNIC), nobody from the South?” We decided recent participants. He felt the need
Europe (RIPE NCC), and Asia-Pacific that each one of the geographical sub- for a fresh start as AfriNIC was
(APNIC). regions would elect one person. The being formed:

8 COMPUTER
 If I were to continue as the leader, we long-time leaders in the movement brings people together to find what
would get less participation—there to step aside and allow new leaders they have in common.
would be less motivation for people to emerge:
to make an effort. I felt it was more Charles Severance, Computing
important for more people to make A complete fresh start created a cer- Conversations column editor and
an effort than to have just one person tain flow of new entrants who wanted Computer’s multimedia editor, is
driving things forward. I knew that the to contribute service and leadership a clinical associate professor and
problem space was so large that even if to the community; it continues to this teaches in the School of Information
I had nothing to do with AfriNIC, there day, and it’s been very good for AfriNIC. at the University of Michigan. Follow
was plenty for me to do elsewhere. him on Twitter @drchuck or contact
him at csev@umich.edu.

T
At the moment when AfriNIC was he story of bringing the
legally transitioning from its startup Internet to Africa is one of
board and chairman to its first of- cooperation and collabora-
ficial board and chair, Quaynor tion for the common good. One of
dissolved the board and resigned the benefits of the Internet is that Selected CS articles and
as chair. He didn’t run for elec- it crosses political, geographical, columns are available for free at
tion and encouraged many other business, and legal boundaries and http://ComputingNow.computer.org.

Take the
CS Library
wherever
you go!
IEEE Computer Society magazines and Transactions are now
available to subscribers in the portable ePub format.

Just download the articles from the IEEE Computer Society Digital
Library, and you can read them on any device that supports ePub.
For more information, including a list of compatible devices, visit

www.computer.org/epub

SEPTEMBER 2014 9
 C OMP U TING C O N V ERS ATIO N S

The Second-Order
Effects of Steve Jobs
Charles Severance
University of Michigan

Jobs-inspired Apple and NeXT products were platforms for many of

the amazing innovations we take for granted today.

M
uch has been written Web, his technologies quite often you had another window, every time
about Steve Jobs’ amazing were the platforms used to launch you clicked on a diagram, you had the
leadership at Apple and those innovations. diagram in another window, when
how he transformed the you clicked on a map, you got the map
company into one of the world’s most A BRIEF HISTORY in PostScript, scalable and perfectly
recognizable and profitable brands I n t he m id-1990 s, I ho s t e d printable.
after his return from NeXT. Internet:TCI, a short-lived national
But if you look closer, it’s easy to TV show about the Internet that was Bet ween 1990 and 1993, the
find examples of how Jobs-inspired produced and distributed by TCI Web’s success wasn’t at all assured,
Apple and NeXT products were Cable. Because a talk show about the as Gopher servers and clients were
platforms for many of the amaz- Internet was a rarity at that time, my simpler and seemed better suited
ing innovations we take for granted co-host Richard Wiggins and I were to the kind of hardware available to
today. Between 1987 and 1997, we able to interview many of its early the general population. But the NeXT
experienced a Cambrian-like explo- innovators. In retrospect, it’s amazing software development environment
sion of completely new ideas bursting to realize how often our guests cited made it possible to sustain Web
from computer science research labs Apple or NeXT technology as their innovation with a minimal investment
into broader society at an unprec- source of inspiration. of developer time.
edented rate. Although Jobs wasn’t When Tim Berners-Lee and Robert In 1993, a team led by Larry Smarr
directly involved in the innovations Cailliau invented the first version of and Joseph Hardin at the National
around the Internet and World Wide the Web at CERN in 1990, the first Center for Supercomputing Applica-
webserver was a NeXT Cube and the tions wrote Mosaic and released free
first browser a NeXT workstation. versions for Unix, Macintosh, and

C omputing Conversations, a monthly

multimedia-enhanced column, is in-
tended to put a more human face on the
According to Cailliau in the video you
can find at //URL TO COME//,
Windows workstations. What made
Mosaic’s development practical was
technologies we’re using in computer
the fact that the NCSA had invested
science. Future installments will present … this development system [NeXT- significant effort in the NCSA Image
both full interviews and edited video STEP], is so much better that porting Library, which worked across the
segments featuring the founders and what we had here [on the NeXT] to any Unix, Mac, and PC platforms and
leaders in our field (www.computer.org/ other platform took an order of mag- allowed scientists to share visual-
computingconversations). nitude more time. For example, every izations of the data produced by
time you clicked here [on the NeXT], the programs that ran on the NCSA

12 COMPUTER Published by the IEEE Computer Society 0018-9162/12/$31.00 © 2012 IEEE

supercomputers. As Smarr said in the plummeted to the point where our the finance department to decide his
video, picture frames and refrigerators now future product strategy. His roadmap
have Wi-Fi. I assume there was little wasn’t limited by concerns about the
… we wanted to build a world of or no profit margin on those early profitability of the next few quarters.
infrastructure where it was as easy Apple wireless products, but Jobs was Instead, the only question was how
to move an image around as it was to willing to sacrifice short-term profits to get to the future as quickly as
move a word. When the Mac II came to force the entire marketplace past possible, and once there, find a way
out, it had 256 color levels. Apple gave petty bickering. to make it profitable.
us 50 Mac IIs, which was stunning. IBM Apple invented the 3.5-inch floppy Jobs earned the right to make
at that time was telling its customers, drive and then later made it obsolete innovation his top priority when he
‘You don’t need color: we’ve already with the introduction of the iMac. left Apple, ostensibly because the
provided it. You have four of them— Although this move seemed illogical board and management valued top-
black, [yellow], cyan, and magenta.’ at the time, it forced the market to down, business-style control over
invest in the USB-based storage that a relentless, quirky, unpredictable,
The Macintosh’s far superior is now commonplace and far superior and seemingly risky quest to push
graphics capabilities made it possible to any floppy technology. Apple also the envelope of feasibility. When
to think of a commodity computer he left for NeXT, Jobs focused on
as a widely available, powerful, moving toward what he saw as “what
scientific workstation. Having the
For 20 years, Steve was next,” even if it meant financial
NCSA Image Library helped Mosaic’s Jobs provided us with failure.
developers quickly build a browser a gift—technology Apple didn’t fare so well while Jobs
that could combine graphics, text, from the future. was gone, and the company slowly
and hyperlinks in a way that made lost its innovative edge. When Jobs
the Web an engaging experience came back, he made it very clear that
for users from the first time they led the way in moving the industry Apple’s purpose was to innovate:
installed Mosaic. from CD burners to DVD burners the financial team was tasked with
by including them in its entire maximizing the revenue and profit
PUSHING FORWARD product line well before it seemed from those innovations, not telling
S t e ve Jo b s pr o du c e d o t her like a logical business decision. The Jobs which things he was allowed to
innovations that pushed the industry market had to match the company’s work on.
forward, sometimes against its will. In lead, and in a remarkably short time,

I
the mid-1990s, wireless networking DVD burners were the norm, with no
was the future, but a market battle increase in system price. t took Steve Jobs a decade of his
between two competing IEEE 802 When Jobs put an accelerometer life and plenty of personal risk
technologies made it difficult for into the first version of the iPhone, to prove that for Apple to be
anyone to purchase products at scale was it to enable gaming software, successful, he needed to focus its
in case they mistakenly chose the facilitate the building of amazing collective psyche on inventing the
technology that ultimately lost. One augmented reality soft ware, or future and pulling the market and
technology used frequency hopping encourage users to throw angry society into an increasingly exciting,
and the other used direct sequence, birds at pigs? I’m sure he had some technologically enhanced world.
so vendor groups in both camps ideas about how an accelerometer Jobs wasn’t just a talented person
worked feverishly to build network might be used for a few applications, or a visionary leader or a successful
cards and base stations that would but he must have known that once executive. For 20 years, he provided
tempt the market in their favor. 100,000 creative engineers had us with a gift—technology from the
In those early days, network cards access to a handheld device with an future.
were more than US$500, and base accelerometer, a camera, wireless
stations cost thousands of dollars. In networking, and GPS technology,
1999, Apple chose direct sequence the future would simply happen—
and introduced a $99 network card whatever that future was to be. Charles Severance, editor of the Con-
versations with Computing column
and the $300 Apple AirPort Base How was it that Apple introduced
and Computer’s multimedia editor,
Station. With Apple tipping the so many products that surprised us is a clinical associate professor and
balance, the market immediately and then radically changed how we teaches in the School of Information
shifted to direct sequence, and think? The simple answer is that Steve at the University of Michigan. Contact
the price of wireless hardware Jobs didn’t use a spreadsheet from him at csev@umich.edu.

JANUARY 2012 13
 C OMP
C OLUUTMN
ING SEC
C ONT VIOERS
N TIT
ATLION
E S

Joseph Hardin:
NCSA Mosaic
Charles Severance

Joseph Hardin describes the emergency of Mosaic

and the rise of the browser.

T
wenty years ago, the In 2008, I met with Joseph Hardin systems. Larry Smarr recognized from
Web and Internet were to talk about his role as manager of the beginning—and we all loved the
transformed from a NCSA’s Software Development Group idea—that these small little things on
medium used primar- (SDG) in the early 1990s and the gen- the desktop were really gateways to
ily by academics and researchers esis, growth, and impact of the NCSA the big machines in the background
to one used by the general public. browser that became Mosaic. and that all of this would turn into one
The Mosaic Web browser helped To view the full inter- cloud behind the screen. We knew we
kick-start this evolution by making view, visit www.computer.org/ needed to figure out how to get the user
it very simple for users to download computingconversations. involved as much as possible.
and install a browser and experi-
ence the Web through a simple and BEFORE MOSAIC As they built easy-to-use tools
elegant interface on their Unix, Win- Although NCSA’s official purpose to give researchers access to cen-
dows, or Macintosh computers. was to deploy shared supercom- tral resources, it was a natural step
Although Mosaic wasn’t the first puting resources over the NSFNet, to move into building tools to help
browser, it was the first that had a there was an intense interest back those researchers share materials
primary goal of ease of installation in the early 1990s in how to make and work with each other:
across all major computing plat- the use of networked resources as
forms. Mosaic came from a culture simple as possible and to broaden It’s an easy extension to think about
of building user-friendly network- the population of those involved in collaborative technologies in the large.
ing tools at the National Center computing and networking: How do people work together? Not only
for Supercomputing Applications with these tools but also with simple
(NCSA) at the University of Illinois What I thought was interesting was communications like email, papers,
at Urbana-Champaign. In an earlier how people were using these new datasets that they want to share. Ini-
Computing Conversations column technologies to work together. We tially, our interest was in synchronous
("Larry Smarr: Building Mosaic," started out working with tools that tools for collaboration. We were build-
Apr. 2013, pp. 6–8), I spoke with supported simulation and computa- ing something called NCSA Collage,
Larry Smarr about NCSA’s culture. tions on the main supercomputing which was a set of tools that worked

10 COMPUTER Published by the IEEE Computer Society 0018-9162/14/$31.00 © 2014 IEEE

 across the three platforms—something code and doing whatever they wanted Collage session, or vice versa.
for the Unix people, the Windows envi- to do with it. We just put it all into the
ronment, and the Macintosh. That was public domain. Once the X-Windows version of
part of the underlying culture at NCSA: Mosaic was completed and released,
we wanted to make tools available to as The first X-Windows version of the next step was to build the com-
large a community as possible. Mosaic came out in early 1993, and plimentary Windows and Macintosh
the response was immediate. It was versions of Mosaic:
easy to download and install, and
COLLAGE SHOWS THE PATH because a rapidly growing number of Tom Redman was the lead for the
NCSA Collage’s goal was to allow existing websites popped up seem- Macintosh version of Mosaic, but
synchronous sharing of images, ingly overnight, it felt like the world Aleks Totic—who was an excellent
data, papers, and applications on was bursting with new content: developer—­d id most of the develop-
1990s hardware and networks. The ment and frequently was ahead of
team initially saw the browser as I remember an HP executive coming the other people working on various
just another potential component in in one time. Marc and Eric had written versions of Mosaic, especially on the
their Collage system, something to
allow shared synchronous viewing
of Web documents:
Pull Quote Here
That’s the context in which Dave
Thompson, the lead X-Windows devel-
oper for the Collage tool, pulled down
one of the early Web browsers. He went
through the effort of getting it working a filter that took Unix documentation Mac. Chris Wilson and Jon Mittelhauser
and brought it in and showed it to Marc and turned it into HTML, changing worked on the Windows version.
Andreessen and me. Both of us looked all the references into links. They hit
at the screen: Dave described what he an HP site, and this executive said, THE BIG TIME
had in front of us, and we said, “We “Where is this coming from?,” because By early 1994, the general public
can do better than that—it’s a compli- he was able to see all of his HP docu- was about to “get on the Web”:
cated system, and the interface looks mentation there in the room at NCSA
terrible.” Dave said that it was a real and navigate through it really easily. All of a sudden, we had a full suite
pain for him to download it, compile it, We said, “You have three or four folks of Mosaics that could work across
and get it working, and it only worked back there that have put up HTTP serv- X-Windows, Macintosh, and Microsoft
on an X-Windows box. Wouldn’t it be ers and you might not know what those Windows. That’s the point where the
cool if it worked across all three of the are yet. This is the kind of thing that’s president of the Internet Society said
boxes and was plug-and-go like the rest going to be really useful in the future we had “fired the shot heard around
of our tools? for people who are trying to manage the world.”
documentation in a distributed fash-
Marc and Eric Bina immediately ion.” We went on with the story like Once the doors to the Web were
started development of the X-Win- that, and this guy was bouncing up and thrown open, the next question was
dows version of NCSA Mosaic. They down in his seat. That was the kind of how it would affect society:
decided to make the source code response we got with it.
freely available from the beginning We were convinced deep down that
of the project: Since Mosaic had come out of all the new technologies and the digi-
the Collage effort, the early versions talization of the world was going to
This was before we really understood maintained a connection to the Col- make a huge difference, but we weren’t
what was meant by “open source,” but lage software: exactly sure how. When people came
we wanted everybody to be able to take to us early on in the Mosaic experience
the software and do whatever they Early versions of Mosaic had a Collabo- and said, “We want to commercialize
wanted with it. We weren’t concerned rate button at the top, which would let this and do this with it or do that with
with commercial advantage; we were you pull in something from a synchro- it,” we could only say, “We're not sure.”
more interested in it being open and nous Collage session. The idea was that
people being able to make contribu- you could work synchronously and use By mid-1994, commercial efforts
tions back to the code and taking the the browser to pull something into the started ramping up. Marc Andreessen

FEBRUARY 2014 11
 C OMP U T ING C ON V ERS AT ION S

and others formed the Mosaic Com- who had created the Web—Tim There was a feeling very early on that
munications Corporation (later Berners-Lee and Robert Cailliau— this was going to be a real gas. The
renamed Netscape) to build a com- and those building open source response was just so immediate. If
mercial Web browser and server. browsers became concerned that you go back and ask people sitting in
Bill Gates quickly pivoted Microsoft the success and popularity might front of machines in 1993 or 1994 if
development to add native TCP/IP lead to a situation where browsers, they remember the first time they ran
support in Windows as well as bundle servers, and HTML itself became Mosaic or used a browser if it wasn’t
the Microsoft Internet Explorer Web proprietary technologies: Mosaic, the vast majority of them
browser into Windows 95: remember it, that epiphany.
We always felt that there should be more

W
It wasn’t until the Netscape effort than one browser because we were
started up that there was sufficient interested in standards and openness. If hile the development of
energy and resources to really crank there were only one, then that company the Web has had many
up a group of x-hundred develop- gets to determine the standards. There critical moments, what
ers in a matter of months. They were were all kinds of hassles early on about happened in 1994, including the
almost immediately overshadowed by putting in different features and the release of Mosaic on X-Windows,
the effort that Microsoft put into it. I browsers driving the standards rather Microsoft Windows, and Macintosh,
remember one of the Netscape guys than the standards driving the browsers. was essential to bringing the Internet
saying that he had just come back from We encouraged diversity. to the widest possible audience.
a meeting in Seattle and that Microsoft
now had 2,000 developers working on Berners-Lee and others formed Charles Severance, Computing
a browser. This was when Netscape the World Wide Web Consortium Conversations column editor and
was at the top of its game. He realized (W3C) in October 1994 to guide and Computer’s multimedia editor, is
at that point that Netscape was going drive an open and standards-based a clinical associate professor and
to have some problems. approach to the evolution of Web teaches in the School of Information
technologies. By the end of 1994, at the University of Michigan. Follow
As Netscape and Microsoft Microsoft was shipping the beta re- him on Twitter @drchuck or contact
battled for market control, those leases of Windows 95: him at csev@umich.edu.

IEEE STC 2014

26th Annual IEEE Software Technology Conference

March 29-April 3, 2014

Long Beach, CA, USA
“Meeting Real World Challenges through Software Technology” is the theme of STC 2014. As technologists and as citizens, we
are faced with a myriad of challenges from defending national security, to ensuring the robustness of our critical infrastructure,
to sustaining and enhancing large portfolios of legacy systems – all within ever tighter resource constraints. Many of our
attendees and their customers, rather than creating brand new software-intensive systems, will be updating code in embedded
systems, integrating new capabilities, or otherwise retrofitting existing deployed systems.

http://ieee-stc.org/ Register today!

12 COMPUTER
 C omp u ting C o n v ers atio n s

Larry Smarr:
Building Mosaic
Charles Severance

Larry Smarr describes Mosaic’s birth and evolution at the National

Center for Supercomputing Applications.

O
ver the next two years, personal computers as the clients was totally radical because we were
we’ll celebrate 20-year and supercomputers as the servers. taking the supercomputer and the
anniversaries marking Long before Mosaic was imagined, mass storage systems out of Livermore
the release of the vari- NCSA worked on software that could and Los Alamos and literally cloning
ous versions of NCSA Mosaic—or make Macintosh and Microsoft DOS them. There was no notion of client
as it became more simply known, computers capable of connecting to server, there was just time sharing.
Mosaic—the first Web browser that and working with supercomputers:
worked across the Unix, Macintosh, Because NCSA wanted to allow
and Windows environments and We knew from the beginning that the anyone to access its supercomput-
led to the Internet’s rapid expansion personal computer was the real com- ers, it decided to give the software
beyond the academic world. puter and that it was going to change away at no charge and make the re-
Mosaic’s roots are in the National the world. We started the supercom- leases available using anonymous
Center for Supercomputing Appli- puter centers program two years after FTP servers:
cations (NCSA) at the University of the IBM PC came out. The Mac was light
Illinois. In an interview taped back years ahead of DOS, so we did a lot of We could have taken Telnet and tried
in 1997, three years after the first work on the Mac and some on DOS. to keep the intellectual property, but
Mosaic release, I talked with Larry The first thing that was clear is that instead we said if this is going to go
Smarr, who was then the NCSA di- Unix wizards knew how to do Telnet anywhere, let’s just give it to every-
rector, and asked him why Mosaic and remote login to bring remote com- body. Again, this was kind of radical.
happened at NCSA and not some- puters up on your screen, but ordinary Later on, the authors of NCSA Telnet
where else. You can view the entire folks with Macs and DOS didn’t have were part of a company called Inter-
interview at www.computer.org/ a clue, so we developed NCSA Telnet, Con, which later became a successful
computingconversations. which was software that allowed you private-sector company. But we didn’t
to have multiple remote computers let that interfere with our primary mis-
SUPERCOMPUTING open on your screen and do remote sion, which was to get software out
The first supercomputer centers sessions in them, which is how you to enable people to use high-perfor-
essentially focused on installing and had to behave if you were going to be mance computing.
maintaining supercomputer equip- in a networked world. We would make
ment and making it available to these pictures of the Macintosh screen We adopted the notion of putting the
customers. NCSA went a step further with a little Cray icon on the Mac and software up on anonymous FTP serv-
and built a client-server model using the title would be “Hide the Cray.” This ers and letting people download it; this

10 computer Published by the IEEE Computer Society 0018-9162/13/$31.00 © 2013 IEEE

 allowed the rapid prototyping that the and put them into software in NCSA Collage, it set out to build a way for
world now thinks is the way to go. This Image on the Mac. You could use the people to simultaneously view and
was being done in 1985 with NCSA mouse on your Mac and do what oth- annotate documents:
Telnet. Every time we would come up erwise would have cost $100,000 to do
with a new revision, we just put it up on if you were an elite specialist. We set up a team to go after docu-
the server. If NCSA decided, “Let’s build ment retrieval, and Dave Thompson,
a distribution system and a warehouse, Just as before, NCSA Image was who was another one of our computer
and let’s hire lots of secretaries to take also available for download at no science undergraduate guys, found
people’s names and numbers, and let’s charge through anonymous FTP this thing called the World Wide Web
charge for it,” the Internet would have servers. The next logical step was and that seemed pretty cool because
been much slower in coming because to build NCSA Collage, a synchro- it wasn’t just documents but hyper-
many people got their first impression nous collaboration environment. documents. So we put a team together
of the Internet using NCSA Telnet.

Having NCSA Telnet available We adopted the notion of putting the software on
throughout the late 1980s meant anonymous FTP servers and letting people download
that as the NSFNet was gaining pop- it; this allowed the rapid prototyping that the world
ularity, users of both Microsoft DOS now thinks is the way to go.
and Macintosh computers could par-
ticipate in the new and increasingly
networked world. Developed in 1990 and 1991, Collage to develop a module that would work
allowed multiple users at different with Collage, which became the
IMAGES AND BEYOND locations to interact, working on Unix version of Mosaic. In the early
Another trend throughout the data together using a shared white- versions of Mosaic for X-Windows,
late 1980s was a move from purely board and shared applications. there was a “Collaborate” button that
text-based interaction with com- NCSA Collage was one of the world’s allowed the users to use Mosaic to find
puters to the increasing use of earliest network-based virtual meet- and display documents and images
images to visualize and commu- ing rooms: in a Collage session. Marc Andrees-
nicate data. But managing large sen and Eric Bina were the two Unix
image files was challenging in a We had a meeting in San Diego with developers, and then we gradually
world of 720-Kbyte floppy disks, a lot of top government people, and developed Mac and Windows because
5-Mbyte hard drives, 640 x 480 we did a live demo that most of them by then, DOS had gone to Windows.
displays, and 2,400-baud modems. will never forget. We had people at The Mosaic browser module was dis-
Initially, managing images re- Cornell, Pittsburg, NCSA, and in San lodged from Collage and just became
quired costly and specialized Diego all on a Collage synchronous its own separate product.
hardware and software. NCSA linkup from their workstations. Then
tackled this by building software we had a teleconference call so they In a sense, Collage was too
to improve the PC’s image-han- could all talk simultaneously. One far ahead of its time for broad
dling capabilities: person would bring up a whiteboard adoption. While users at super-
or open up a color image, someone computer centers, research labs,
With NCSA Image, we said, “We want else would draw a line across it, and and leading universities had
to build a world of infrastructure in up would come a contour map across enough bandwidth and desktop
which it is as easy to move an image that line of the image. They were all computing power to handle mul-
around as it is to move a word.” That in this conversation, and from where tiuser screen-sharing sessions, the
was our design point and that was the you were sitting in the room, it was average person was lucky to have
way we talked about it back then. It all coming from this one speaker and the latest “high-speed” 14,400-bps
meant we had to scale the network, the this one screen because everything modem. The average user didn’t
disk drives, and the compute power, was melded together. All of a sudden, have enough power or bandwidth
and go to full color. When the Mac-II everybody got it—in cyberspace, dis- to do real-time two-way synchro-
first came out, it had 256 color levels. tance does not exist, everybody is in nous collaboration, but it was
Apple gave us 50 Mac-IIs, which was one point. possible to download and view
stunning. We could take things on simple webpages with a few em-
$100,000 computer graphics worksta- Because NCSA wanted to add bedded images and hyperlinks to
tions dedicated to image processing shared document viewing to other interesting pages.

April 2013 11
 C omp u ting C o n v ers atio n s

THE RISE OF THE WEB than that! I want people to see me!” Mosaic from Spyglass as did 100 other
NCSA Mosaic quickly became a So they got their copy of the NCSA companies. Increasing commercial
popular stand-alone product and webserver (httpd) and started putting investment led to Internet Explorer and
was ported to the Macintosh and their own stuff up. But then there was Netscape as the two dominant brows-
Windows systems—again, released more stuff to look at, so there was more ers in the business [in 1997].
as freely downloadable software for reason to download the viewer, which
non-commercial use. NCSA also de- put it into this bootstrapping loop. In The University of Illinois has a
veloped the NCSA webserver (httpd) the end, it was all driven by narcis- long tradition of developing software
and released it as freely download- sism—people wanted to put their own within the university and allowing
able, public domain software. The stuff so that others could see who they it to move outside the university as
NCSA httpd software would later were—a very strange effect. it becomes a commercial product.
become the basis of the Apache 1.x From the outset, NCSA and the Uni-
webserver. Almost as quickly as Mosaic cre- versity of Illinois were very clear
The combination of an easy- ated a viral storm of Web adoption, that their mission was to innovate
to-install and use browser and the attention quickly shifted from and advance the state of the art of
webserver, as well as the increasing software produced by academics to computing and networking tech-
speed of the NSFNet backbone and commercial Web browsers. The Uni- nology. They fully understood that
home Internet connections, set off a versity of Illinois licensed various building a commercial product adds
viral storm of people finding Mosaic aspects of Mosaic in early 1994, and many layers of complexity, and if
and using the Web: in August, the earlier NCSA spinout they got bogged down commer-
Spyglass negotiated the exclusive cializing any one product, it would
Once you had an easy-to-use point- right to re-license Mosaic for com- consume valuable resources and
and-click interface to the Web, people mercial use: shift the focus away from efforts to
started looking at the servers. Until develop the next innovation.

T
then, it had been geeks looking at Soon, a lot of the Mosaic programmers
geeks. But when people saw how cool went off and joined Marc Andreessen he introduction of NCSA
stuff looked when it was put on the and Jim Clarke and formed Netscape. Mosaic on Unix, Macin-
Web, they said, “I have cooler stuff Microsoft obtained a license for tosh, and Microsoft
Windows in 1993 and 1994 seemed
like an “overnight success.” How-
ever, in reality, Mosaic was the
result of nearly a decade of continu-
ous investment to build software
that ran across three platforms with
a goal of involving as many end
IEEE Open Access users in the network as possible
without requiring the purchase of
Unrestricted access to today’s groundbreaking research special high-end equipment.
via the IEEE Xplore® digital library
In a sense, once NCSA developed
Telnet, Image, and Collage, building
Mosaic was the next logical step for
NCSA—but the overall effort was a
IEEE offers a variety of open access (OA) publications: giant leap for mankind that has for-
• Hybrid journals known for their established impact factors ever changed our world.
• New fully open access journals in many technical areas
• A multidisciplinary open access mega journal spanning all
IEEE fields of interest
Charles Severance, Computing
Discover top-quality articles, chosen by the IEEE peer-review Conversations column editor and
standard of excellence. Computer’s multimedia editor, is
a clinical associate professor and
teaches in the School of Information
Learn more about IEEE Open Access at the University of Michigan. Follow
www.ieee.org/open-access him on Twitter @drchuck or contact
him at csev@umich.edu.

12-TA-0424-Open Access 3.25x4.75 Final .indd 1 9/24/12 10:06 AM

12 computer
C omp u ting C o n v ers at io n s

Mitchell Baker:
The Mozilla
Foundation
Charles Severance

Mitchell Baker describes how Firefox, which has its roots in the browser
wars of the mid-1990s, emerged from the ashes of Netscape.

T
he world has witnessed many tions Corporation emerged in early product and contributing their work
watershed events in the Web’s 1994. to the Mozilla open source project.
evolution over the past 30 Important young engineers at
years. One of the most impor- NCSA, notably Marc Andreessen, The technical direction of the for-
tant was the emergence of browsers were recruited to work for the new profit effort changed when Netscape
on desktop computers, signaling the company in Silicon Valley. For a was sold to America Online: the
migration of this technology from while, it appeared that Netscape browser now had to include fea-
academia to the public sphere. would not only succeed but actu- tures that would push traffic to AOL
Between 1994 and 1996, as ally dominate the market. This, of properties and benefit AOL part-
commercial investment in Web course, greatly threatened Microsoft, ners. Netscape became less about
technologies skyrocketed, there was which led to its major investment building the “best browser” on a
a war to become the browser that in what would become Windows 95 technical level and more about using
would gain enough market share to and Internet Explorer. the Netscape brand to benefit AOL.
set the Web’s technical agenda. The With Microsoft’s entry into the This led to friction as the Netscape
vendor that prevailed could expect marketplace, Netscape had to adjust browser continued to lose market
to extract a healthy profit from the its strategy to remain relevant, ulti- share to Internet Explorer:
growth that everyone knew was mately creating and funding mozilla.
coming. org to develop a hybrid approach We at mozilla.org were an anomaly
I recently met with the Mozilla that blended open source and pro- because our charter was to build
Foundation’s Mitchell Baker to talk prietary code. According to Baker, a successful open source project.
about these early days. Visit www. That worked for quite a while, but
computer.org/computingconver- Instead of Netscape versus Microsoft, there were tensions. We came to
sations to see the video of our Netscape would gather contributions understand that we needed to rebuild
discussion. of volunteers and other commercial our core technology. It took a long
partners and then build a product that time, and while we were doing it,
MOSAIC BEGETS NETSCAPE would be shared. The Netscape lead- Netscape’s market share continued
Mosaic, a free, open source ership knew that to be open source, to slide. These were the dark years
browser, was developed in late 1992 you had to be real. You couldn’t just for Mozilla. We were convinced we
at the National Center for Supercom- say, “We’re open source now—love wouldn’t be successful building a
puting Applications. When the NCSA us,” you really had to manage it differ- product to benefit AOL only—we
offered Macintosh and Windows ver- ently. At the time, there were eight of wouldn’t generate the kind of interest
sions in 1993, the commercial world us employed by Netscape as mozilla. from individual volunteers or com-
took notice. From these humble org staff and another 100 or 150 as mercial partners that we needed to be
beginnings, Netscape Communica- engineers, building the Netscape successful.

0018-9162/13/$31.00 © 2013 IEEE Published by the IEEE Computer Society February 2013 13
 C omp u ting C ONVERSATIONS

The long-awaited Netscape 6 zation was very clear about whose AOL decided to give Mozilla some
eventually shipped, but the Netscape leadership they were most interested money and other assets to get them
browser and brand were past the in following, so we had to work out a started:
point of no return: way in which the AOL management
and I could work together enough so We ended up getting $2 million of
Netscape 6 is universally acknowl- that they could ship the product they seed money from AOL, and Mitch
edged as a bad product, the end of the wanted to ship but that I continued to was helpful with that. We also got a
Netscape product line. Internally, the lead the Mozilla project. few other things, like the trademark,
management tensions continued, and the name “Mozilla,” and the four
the failure of Netscape 6 didn’t make Baker worked with the Netscape giant servers that were so important
anything easier. We fought a lot about team from the outside as a vol- to us at the time and had taken us
the user interface. UI is a constant unteer, and eventually a Mozilla almost 18 months to get through the
source of tension, but in our case, browser shipped in 2002. It was a purchase cycle at AOL. In 2003, the
it was worse because some of these solid technical product but had a Mozilla Foundation was formed, and
fights would be how it made sense to poor user experience and thus very Mitch Kapor was the first chairman.
AOL to put something in the product little uptake. To help conserve funds Bryan Behlendorf, Christopher Bliz-
and its interface with a button to an for the Mozilla project, Baker also zard, Brendan Eich, and I were on
AOL site or something with an adver- the board. AOL also understood that
tisement in it or some feature that a several people would be leaving when
partner paid for to generate revenue.
Pull Quote here they closed down the client group and
that those people would be coming to
The Mozilla team maintained that Mozilla.
the code base needed to remain true
to building the best possible browser The Mozilla Foundation started
technology: with 10 employees and enough
money to last two years, but the
We would say, “No, you can’t put browser needed major rework:
it into the core product, but you’re
welcome to have a build system on It was a little exciting, a little scary,
your own and add it in later.” Even in worked on another open source because we knew that $2 million
the very early days, the open source effort with Mitch Kapor, the founder wouldn’t go that far and that we had
Mozilla versions of the product of Lotus. a lot of work to do to make ourselves
received a lot more testing than the real. We were still 15 months away
Netscape versions. FIREFOX RISES from shipping Firefox. We decided
FROM THE ASHES unambiguously that Firefox would
Because everyone was on the By 2003, AOL had decided to get be a consumer product, which seems
payroll of Netscape/AOL, the ten- out of the browser business, which obvious, but when you’re a bunch of
sions couldn’t go on forever: would ultimately lead to the end developers, it’s not that easy. It means
of AOL funding for the fledgling that you have to strip out a lot of the
AOL client fortunes declined, and Mozilla project: things that are clunky for a general
Netscape market share declined pre- consumer. For example, we tried to
cipitously after Netscape 6. AOL was Fortunately, they knew that just kill- figure out what to do with the start
interested in laying off people, and ing Mozilla would be a mistake. They page because we knew that links to
one of the big layoffs in 2001 included knew enough about Mozilla and the Mozilla development tools weren’t the
me. My layoff was seen as a power name and the brand to think it would right answer. It took us forever, and
struggle as well because by that time, be good to do something with it. we looked at all sorts of things before
the fights about what we were build- Some of the AOL people knew Mitch finally deciding the one thing we
ing and who was making decisions Kapor, so we spent a chunk of time knew everybody did was search. We
were pretty well known within the trying to figure out what was possible. talked with search providers and had
engineering organization. I was laid Brendan Eich [now CTO of Mozilla] a very fruitful discussion with Google.
off or fired, depending on how you was still at Netscape and very eager to
want to describe it, but I continued make a move. Many of the key people But Baker didn’t want to estab-
working for Mozilla as a volunteer. at Netscape were desperate to keep lish an exclusive relationship with
The Netscape engineering organi- working on Mozilla. a single partner, so she insisted that

14 computer
Yahoo would be one of the search more people had a comfort level to but others in the industry so that we
options in addition to the Google try it. We had a beautiful product, an start to see more of the things we
search: important product, and the alterna- care about.
tive was horrendous and dangerous
We did something that I believe and awful. All of that combined to

T
had never been done before, which create this giant excitement, and
was to make sure that Google and Firefox market share started to climb. he modern Web owes a debt
Yahoo were right there next to each It was a viral storm with nothing of gratitude to the people
other. I negotiated that, and it was an driving it other than the product and involved in the Mozilla efforts
absolute “I will walk away from the the market need. We had 10 or 11 since 1998. These people held true
deal” moment. You know how you employees, so we were hoping that a to their principles when things
get on a plane and you want a Diet few million dollars from the search seemed bleak and continued to work
Coke, but the plane only has Diet box revenue would support us over on a free and open product that they
Pepsi because they have some deal? I the next year. It turned out that we believed we all needed. Regardless
used that example and said, “I’m not generated that amount of money in of what browser we use today on
going to have Firefox users angry at about six weeks. our personal computers or handheld
us because they wanted one or the devices, we continue to need the
other.” With the right product at the right Mozilla Foundation and what it rep-
time, and a solid business model that resents.
The Mozilla project valued open- brought in far more revenue than
ness and inclusion as core values. the minimum they needed to sur-
Team members knew that it was vive, Mozilla began the next chapter
important to retain real indepen- of its existence: Charles Severance, Computing
dence from any single corporate Conversations column editor and
Computer’s multimedia editor, is
entity even if it meant failing finan- Actually, things got even more stress-
a clinical associate professor and
cially. Near the end of 2004, the ful and more hectic at that point teaches in the School of Information
rewrite that was initially named because now you’ve kind of got the at the University of Michigan. Follow
Phoenix and later called Firefox preverbal tiger by the tail and we him on Twitter @drchuck or contact
finally shipped with the Google/ were still 12 people. By 2005, we were him at csev@umich.edu.
Yahoo search box: in a really different world where we
began to actually influence others.
We had seen a rise in interest from And that’s always been the goal. I
Firefox 0.8 and 0.9 that was pretty mean market share is nice, and it’s
noticeable, but once we hit the nice when people love your product,
release version, it just exploded.… but market share is only a validation
Internet capabilities had grown that you’ve produced the right thing.
enough to where people could actu- An equally important goal is to be
ally download a browser easily, and able to influence not only ourselves

Engineering and Applying the Internet

IEEE Internet Computing reports emerging tools,

technologies, and applications implemented through the
Internet to support a worldwide computing environment.
For submission information and author guidelines,
please visit www.computer.org/internet/author.htm

February 2013 15
C OMP U TING C ON V ERS AT IO N S

JavaScript:
Designing
a Language
in 10 Days
Charles Severance
University of Michigan

The evolution and use of JavaScript, a language developed in

10 days back in 1995, is really just getting started.

W
hen Net scape hired 1993, the Web became portable across appeal to nonprofessional program-
Brendan Eich in April Windows, Macintosh, and Unix and mers much like Microsoft’s Visual
1995, he was told that gave software developers the hope Basic and interpretable for easy
he had 10 days to create that they could develop applications embedding in webpages. According
and produce a working prototype of for all of these environments. to Eich,
a programming language that would But HTML wasn’t sufficient by itself
run in Netscape’s browser. Back then, to define a new application develop- If I had done classes in JavaScript back
the pace of Web innovation was furi- ment environment or OS. To cement in May 1995, I would have been told
ous, with Microsoft suddenly making the portable OS concept, the Web (and that it was too much like Java or that
the Internet the focus of its Win- Netscape) needed portable program- JavaScript was competing with Java …
dows 95 operating system release ming languages. I was under marketing orders to make
in response to Netscape’s emerging Sun’s Java language seemed to be it look like Java but not make it too big
browser and server products. the solution for portable heavyweight for its britches … [it] needed to be a
Netscape got so much attention applications. A compiled language silly little brother language.
from Microsoft at that time because that produced byte code and ran in
Netscape considered the Web browser the Java virtual machine, Java sup- Given all these requirements, con-
and server as a new form of a dis- ported rich object-oriented patterns straints, and limitations, Eich needed
tributed OS rather than just a single adopted from C++and seemed likely to produce a working prototype on a
application. Once Mosaic debuted in to be able to achieve performance tight schedule that would meet both
similar to C++ and C. Java was the Sun’s needs and the Netscape 2.0 Beta
Web’s answer to Microsoft’s Visual release schedule.

C omputing Conversations, a monthly

multimedia-enhanced column, is in-
tended to put a more human face on the
C++.
TECHNICAL INSPIRATIONS
technologies we’re using in computer
ENTER JAVASCRIPT Although the schedule and con-
science. Future installments will present Knowing that Java was a rich, com- straints might have been impossible
both full interviews and edited video plex, compiled language aimed at for most programmers, Eich had a long
segments featuring the founders and professional programmers, Netscape history of building new programming
leaders in our field (www.computer.org/ and others also wanted a lightweight languages, starting from his experi-
computingconversations). interpreted language to complement ence as a student at the University of
Java. This language would need to Illinois, where he built languages just

0018-9162/12/$31.00 © 2012 IEEE Published by the IEEE Computer Society FEBRUARY 2012 7
 C OMP U TING C ON V ERS ATIO N S

to experiment in syntax. At Silicon … JavaScript had enough good stuff at highly interactive user interface func-
Graphics, he created languages that the beginning to survive. If you think tionality moved into the browser to
could be used to build extensions for back to the 1990s, JavaScript was create increasingly rich desktop-like
network monitoring tools. cursed because it was mainly used for experiences in applications such as
Clearly, building “yet another” annoyances like little scrolling mes- Google Mail and Google Maps.
language wasn’t the hard part for sages in the status bar at the bottom of As the amount of code and data
Eich—the hard part was producing your browser or flashing images. With needed for each page increased,
a rich and powerful language while JavaScript getting some evolutionary it exposed the weaknesses of the
being prohibited from using the improvements [during the late 1990s] JavaScript runtime’s browser imple-
object-oriented syntax reserved for through the [ECMA] standards pro- mentations. Instead of restarting the
Java. He wanted to embed advanced cess, it became fast enough and good JavaScript runtime every minute or
features in JavaScript without using enough in 2004 and 2005 to beget the so, the same webpage would stay in
language syntax so the language Web 2.0 revolution. a browser for several minutes with
would initially appear simple and large, dynamic, in-memory data
lightweight, yet sophisticated pro- As HTML5 emerges, elements and nearly continuous
grammers would be able to exploit background communication with
its underlying power.
it’s entirely possible servers. Google built its own Chrome
Like many other languages, Java- that JavaScript will browser and the V8 JavaScript inter-
Script took its basic syntax from the soon become a domi- preter to put the browser marketplace
C language, including curly braces, nant programming on notice that low-performance
semicolons, and reserved words. It language for both JavaScript implementations wouldn’t
was to be a light, friendly version of be tolerated. The market quickly fol-
C with simpler semantics and better
mobile and desktop lowed suit and improved JavaScript
dynamic memory characteristics. applications. interpreter performance across the
Because a typical webpage’s lifetime board.

P
lasted from a few seconds to a few Although the original version of
minutes, JavaScript could take a very JavaScript might not have been per- rojects such as Node.js make
simplified approach to concurrency fect, its initial adoption was for rather it possible to use JavaScript
and memory management. simple applications, so it had time to as the language for building a
Eich built a simplified object model slowly evolve behind the scenes and Web application’s server elements.
that combined structs from the address its early weaknesses. More- Because JavaScript has been event-
C language, patterns from SmallTalk, over, because JavaScript’s richness based from the beginning, building
and the symmetry between data and was in its runtime support rather than highly scalable Web applications
code offered by LISP. The Hypercard in its language syntax, improving using JavaScript without managing
event model inspired the pattern for JavaScript implementations without the complexities of multithreading
adding events to the HTML docu- requiring changes to the syntax of becomes quite natural.
ment. Object-oriented patterns were existing JavaScript programs was As HTML5 emerges, it’s entirely
possible but via runtime semantics relatively straightforward. possible that JavaScript will soon
with prototypes (as in Self) instead of become a dominant programming
compiler-supported class syntax (as THE MODERN ERA language for both mobile and desktop
in Java and C++). JavaScript had been in browsers for applications. The evolution and use
almost a decade when the Ajax revo- of JavaScript is really just getting
AN OVERNIGHT SUCCESS? lution started, moving JavaScript into started, which is impressive for a
Virtually all successful program- the mainstream as an essential part language developed in 10 days back
ming languages need a version 2.0 of application development. Microsoft in 1995.
before they really hit their stride, but triggered Ajax’s domination in Web To view my interview with Eich,
we have yet to see—and will likely interfaces by adding the XMLHTTP- visit /http://youtu.be/IPxQ9kEaF8c.
never see—a JavaScript 2.0. Noth- Request feature to its Internet Explor-
Charles Severance, editor of the
ing built in 10 days is perfect, but er browser. Other browsers quickly
Computing Conversations column
once something is released into the added similar features to allow Java-
and Computer’s multimedia editor,
wild, bugs or imperfections quickly Script to retrieve data from serv- is a clinical associate professor and
become essential features and are ers and update the HTML document teaches in the School of Information
nearly impossible to change. Accord- without requiring a full-page request- at the University of Michigan. Contact
ing to Eich, response cycle. With this innovation, him at csev@umich.edu.

8 COMPUTER
 C omp u ting C o n v ers atio n s

The Apache
Software Foundation:
Brian Behlendorf
Charles Severance, University of Michigan

From “A Patchy Server” to the Apache Software Foundation that

is an important part of the open source movement today, Brian
Behlendorf describes the ASF’s history.

T
he Apache Software Founda- HUMBLE BEGINNINGS base, and we combined patches and
tion (ASF) is seen by many as The group that would become the decided to call it “A Patchy Server.” The
the leading example of how ASF got its start in 1995 when the model of how we worked was based
an open source soft ware National Center for Supercomputing upon us as a group of peers proposing
foundation should be run. Applications (NCSA) dropped support ideas, vetting each other’s ideas and
The ASF comprises more than for its open source Web server (httpd). patches, and fixing bugs as a group as
160 open source projects, each with As Behlendorf describes it, a team.
a team of volunteers responsible for
the design, planning, and develop- We got our start in the early days as T h e A p a c h e We b s e r v e r ’s
ment of the software tools in wide a group of webmasters who were popularity grew along with the Web,
use in millions of technology projects using a piece of freely available Web and it was able to keep up with as well
worldwide. These tools include soft- software but had difficulty with it. We as fuel the rapid online innovation
ware like the Tomcat Java-based Web were fixing bugs and sharing these bug occurring during the late 1990s.
server, httpd Web server, the Lucene fixes—patches—with each other like Because the people who made up the
search engine, the Hadoop distributed baseball trading cards. Apache community were working at
computing engine, the Apache Shin- One day, we discovered that the organizations pushing the leading
dig OpenSocial implementation, and group that had put out the webserver edge of Web application technologies,
many others. that we were using basically folded it’s natural that the Apache webserver
Apache provides a meeting point when all its developers left to join a had the latest and greatest features.
where engineers from large com- new company called Netscape. We
panies like IBM, Google, Yahoo, thought, “Hey, we’re dependent on this BECOMING A LEGAL ENTITY
Sun, and Oracle work as volunteers software, but we don’t want to become In 1998, the community decided
alongside talented individual contrib- full-time webserver developers. We that it was important to create a
utors to build open source software want to be able to use this thing that more formal legal structure around
infrastructure. we’ve had for free and improve it.” its software efforts, so it formed the
Brian Behlendorf, one of the ASF’s So we formed a mailing list of web- nonprofit ASF on 1 June 1999. It’s
cofounders, describes the project’s masters and people working at some impressive that the group was able to
history; visit www.computer.org/ early Internet service providers, web- coordinate its efforts without a formal
computingconversations for the full site design companies, or places like legal structure or centralized gover-
interview. Amazon and the Internet Movie Data- nance for nearly five years:

6 computer Published by the IEEE Computer Society 0018-9162/12/$31.00 © 2012 IEEE

 It turns out to be not that hard to work their best engineers work on a pro- An open source license like we had on
together when people have the same prietary version of a webserver and our product carries with it the right to
common goal, which is, “let’s build a still contribute freely to a parallel fork, which means that if I were to say,
product that does all this great stuff.” open source version of that same soft- “We’re going to go over here!” and no
One thing we did that made it easier ware. They can maintain their unique one else wanted to follow, they could
to make decisions was to have a very proprietary features and integrations decide to pick up the code and start
modular API, which made it easy for and also leverage the talent available a different project somewhere else.
us to say, “If you want that special cool across an open source team. This right to fork means that you don’t
feature, do it as a separate thing, and have to have any tolerance for dicta-
we’ll decide whether to bring it into the OPEN SOURCE REVOLUTION tors, you don’t have to deal with people
product once it has become successful Increasingly, companies view who make bad technical decisions—
or not.” Apache as a natural place to contrib- you can put the future into your own
ute their proprietary code when they hands, and if you find a group of other
The ASF’s creators made sure to people who agree with you, you can
build a set of operating principles create a new project around it. I think
into the organization that were The Apache license the right to fork limits the excesses we
based on their experience of working encourages anyone see when we talk about how groups
together successfully. Core to these to make copies or to make decisions and conflict arises and
founding principles was that people how you deal with that conflict.
alter and redistribute
had to work together as volunteers
and peers. Because no member of their own version of Many organizations have worked
the group could hold anything over the software, even if to adopt open source approaches
another member of the group, there the new version isn’t to management and leadership for
was no need to layer any kind of open source. internal projects. In 1999, Behlendorf
formal structure on top of a project’s founded CollabNet along with Tim
activities or to assign team members O’Reilly of O’Reilly publishing to help
official positions or job titles: see no further reason to “hide” their companies apply open source prin-
product’s source code. The Apache ciples within their own organizations.

I
The style of leadership isn’t so much Tomcat Java-based webserver was
command and control and plotting originally developed at Sun Micro- n a way, the ASF has grown up
moves ahead of time but instead being systems as a proprietary product and alongside the Web—but it eventu-
able to get people on your side to con- then later contributed to Apache. The ally emerged to become one of the
vince them that you’re going to value Apache Shindig Project is an open predominant sources of infrastruc-
the contributions they make. That’s source reference implementation ture for building large-scale Web
really the story of successful open of the OpenSocial API pioneered by applications. Because this infrastruc-
source projects writ large: people Google. ture has been built as open source,
working together on common tech- Apache makes it quite natural for everyone can use best-of-breed tools
nologies to solve common problems a company to interact with the open without worrying about cost. Having
so they can go off and make money source community in a way that these powerful tools available has
other places or so they can have fun brings significant value to both the greatly contributed to the culture
and try new ideas. That’s really the company and the community. of innovation that keeps the Web
same story of Apache, Linux, and other A core value of Apache is that evolving.
open source projects. everyone participates because they
want to be there, not because they Charles Severance, Comput ing
Beyond using a flat organizational were coerced. Another core value is Conversations column editor and
Computer’s multimedia editor, is
structure within projects, the ASF that Apache does not feel the need
a clinical associate professor and
also has a liberal license on its soft- to be the only open source organiza- teaches in the School of Information
ware. The Apache license encourages tion. Anyone has the right to make a at the University of Michigan. You can
anyone to make copies or to alter and copy of the entire code base and move follow him on Twitter @drchuck or
redistribute their own version of the it to another open source organiza- contact him at csev@umich.edu.
software, even if the new version isn’t tion. Making a copy and starting a
open source. This approach to intel- new thread of development is called Selected CS articles and columns
lectual property allows companies a fork of the software. According to are available for free at
like Google, IBM, and Oracle to let Behlendorf, http://ComputingNow.computer.org.

OCTOBER 2012 7
 C omp
C oluuting
mn Sec
C ontion
v ersTit
atio
l en s

Bob Metcalfe:
Ethernet at Forty
Charles Severance

Bob Metcalfe describes how the Ethernet local area network was created
40 years ago at Xerox Palo Alto Research Park.

I
t’s pretty much impossible “invented” 40 years ago at Xerox I happened to be at the Xerox Palo
today to find computing Palo Alto Research Center (PARC) Alto Research Center when a prob-
technology that doesn’t on 22 May 1973. Visit computer. lem evolved that had never before
support Ethernet or that didn’t org/computingconversations to occurred—the problem of having a
evolve from it, such as Wi-Fi. We watch the full interview. Metcalfe building full of personal computers.
simply assume that everything from is quick to point out that many I was the networking guy, so they
our phones to our laptops to our brilliant engineers contributed to turned to me and said, “Network these
printers and backup systems come Ethernet and other popular forms puppies.” We had just finished start-
ready to plug into a high-speed of high-speed local area networking ing the ARPANET, which was packet
wired or wireless network. In fact, over the years. Although it’s an switching, and it was pretty clear that
many homes now have both a wired oversimplification to give him sole we wanted this [personal computer]
and wireless local area network. credit for inventing it, Metcalfe was network to connect to the [not yet
But 40 years ago, LANs didn’t definitely on the front lines all those called the Internet] thing.
exist. The typical approach to years ago.
distributed computing was to There was also a desire to
connect terminals in offices PERSONAL COMPUTERS connect the personal computers of
throughout a building with serial In the quest to build the “office of the future with the printers of the
cables that ran from the back of the future” during the early 1970s, future:
the terminal to the mainframe. the creative people at PARC decided
Sometimes, this connection was that instead of having terminals Our first printer—whose name
done through phone lines and a connected to a single central was EARS, and that is a whole
dial-up modem. computer, they would give every other story—could do a page per
I recently spoke with Bob person a “personal” computer and second at 500 dots per inch. If you
Metcalfe, who described how the connect those computers together. do the math, that’s about 20 Mbits
Ethernet local area network was According to Metcalfe, per second. Existing methods

6 computer Published by the IEEE Computer Society 0018-9162/13/$31.00 © 2013 IEEE

 of interconnection had a lot of If the stations detected that the Once Metcalfe was convinced
problems. First, they were all “home data wasn’t successfully sent, they that he could reliably send high-
run,” so all these wires, one from would calculate a random time to speed data over long distances using
every desk, would come to this one wait before retransmitting in the coax cable, it was time to define
place in the building. Second, the hope that they wouldn’t overlap the details and build the hardware.
existing interconnects ran at 300 when they retransmitted the data. He was joined by David Boggs, who
bits per second, 14,400 bits per This allowed multiple computers had some experience working in a
second if you really revved them up, to share the same media—a radio television studio. Boggs helped with
which wasn’t even close to 20 Mbits frequency—by using randomized both the hardware and software
per second. We wanted to keep the retransmission. This approach design.
printer busy by sending documents appealed to Metcalfe because he The team decided to use
to it from all these PCs that hadn’t wanted to have multiple personal Manchester encoding to send the
been built yet. We were literally computers share a single Ethernet bits over the cable. In Manchester
building the printer and the PCs at cable: encoding, the first half of the bit
the same time. time is the opposite of the bit’s value,
and the second half of the bit time is
Charles Simonyi designed an Metcalfe wanted the bit’s actual value, guaranteeing
earlier effort to network personal to have multiple a voltage transition in the middle of
computers, called SIGNET (Simonyi’s personal computers every bit:
Infinitely Glorious Network), but share a single
Metcalfe felt it was too complex and Ethernet cable. The beauty of Manchester encoding is
wanted something simpler. He came that while you were sending a packet,
across a wireless network in use at you could tell whether it was going by
the University of Hawaii: I was trying to avoid this big rat’s nest so you didn’t have to listen for it for
of wires—I only wanted one wire, not long—usually, 340 nanoseconds.
In the course of investigating how to 16 or 32, and I wanted a distributed One of the first differences
organize Ethernet, I ran into a packet solution for how to share this single between the Ethernet and AlohaNet
radio network at the University of cable. was this carrier sense. In AlohaNet,
Hawaii called AlohaNet. What was you couldn’t tell if someone else was
beautiful about AlohaNet is that it SHARED CABLE transmitting at the same time as you,
solved a distributed problem. How If Ethernet was going to be a but on the Ethernet, you could. By
could we share a radio channel back single, long, shared cable, it was waiting, you avoided destroying each
to the mainframe at the University important to see how data could be other’s packets.
of Hawaii if we’re just a bunch of transmitted at high speeds over long The Ethernet rule was that before
terminals scattered around the distances: sending, a station would listen
Hawaiian islands and can’t easily talk first to avoid stepping on ongoing
to each other and get coordinated One of the first things I did was to packet transmissions. This meant
around the sharing of an inbound buy a mile of cable. Then I hooked up that once you had been sending a
radio channel? a pulse generator to one end, hooked packet for a short while, you would
Norm Abramson at the University an oscilloscope to the other end, have “acquired” the Ether and could
of Hawaii devised a randomized and started launching square waves continue without interference. The
retransmission procedure in which down the cable to see what came out maximum packet length was limited
a person would type a card image the other end. I figured this would to ensure shared access to the Ether.
80 columns wide. After typing in be good preparation for building a
your card image, you would hit network. But what came out the other Another advantage of Manchester
“Send,” and then your terminal side wasn’t a square wave: it had a encoding was detecting collisions
would send it to the mainframe lazy rise time and lazy fall time. If after you had started transmitting a
and wait a short time to see if it you put a digital gate on the receiving packet:
returned an acknowledgement end, you could recover the square
on the outbound channel. If so, wave. I had some confidence that if PARC’s Ethernet could pull the cable
everything was fine, but if there was we could get the stations connected up to a voltage or leave it open with
no acknowledgement, it probably to the cable, they could inject their no voltage. If you are leaving the
meant that two terminals had sent at square waves, and the other stations cable open (half the time under
the same time. could recover them. Manchester encoding) and if you

MAY 2013 7
 C omp u ting c on v ers at io n s

detect the cable pulled up anyway, David Liddle did cable television approaches as IEEE 802.3
then you have detected a collision. installations when he was in grad (Ethernet), IEEE 802.4 (token bus),
school in Toledo, and he suggested and IEEE 802.5 (token ring) and
In addition to carrier sense and that we use the Gerald tap because let the market work out which
collision detection, each packet had it was already being made in volume technology it would adopt.
a source and destination address and worked just fine. You would drill Given the slow process, DEC,
so that each workstation or printer a little hole in the outer casing of the Intel, Xerox, and 3Com (Metcalfe’s
could identify the traffic being sent coax, screw in this tap, and it would newly formed company) decided not
to it: puncture the insulation and go right to wait and simply started building
to the copper and tap in. and shipping interoperable Ethernet
The addresses were 8 bits, so on the hardware to an eager marketplace.
backplane of these little personal LAN WARS One of the keys to 3Com’s rapid
computers, we would wire wrap in Other computing companies success was that personal computer
a code between zero and 255, and became interested in using Ethernet- vendors didn’t want to build network
that would be the machine’s serial like approaches and started working hardware onto the motherboards
number. You would read the address with Metcalfe, who decided that the until the IEEE process had reached a
off the backplane and put it in the best way to ensure interoperability conclusion. This meant that for many
packet. Having two addresses was among the various implementations years, the only way to get Ethernet
different from AlohaNet, which had support for a personal computer was
one address because it had two one- to purchase and install an expansion
After a long battle,
way channels. card. For a while, 3Com was
the IEEE 802 working
We also added cyclic redundancy selling well over a million Ethernet
group standardized
checksum (CRC) on the end of the expansion cards per month.
packet, which we implemented in
all three approaches While 10 Mbits seemed fast
hardware so that you could tell if a as IEEE 802.3 (Ether- enough for personal computers in
packet had been damaged. If there net), IEEE 802.4 (token the mid to late 1980s, the Ethernet
was a collision, and the contending bus), and IEEE 802.5 community always felt the need to
stations backed off, there would be a (token ring) and let go faster. According to Metcalfe:
hunk of garbage on the cable. When it the market work out
was received, the checksum wouldn’t which technology it In 1992, I was involved in Grand
match, so you would throw the packet would adopt. Junction Networks, a company
away. that would introduce the 100-Mbit
Ethernet. I remember a group of us
In addition to designing the was to develop a standard, which at my home trying to think of how
protocol to put the bits onto the wire, led to the formation of the IEEE 802 we would make a faster Ethernet.
the team also looked for a device working group. Digital Equipment Efficiency depends on the diameter
to allow adding new workstations Corporation, Xerox, and Intel of the network in bit times, and as
to the network without taking the submitted the “Blue Book” Ethernet you go faster and faster, the efficiency
network down: specification in 1980. goes down. We realized that since the
But once word got out that the market had switched to using hubs,
We didn’t have to run a cable through IEEE 802 working group would we could assume a maximum cable
the building and back to the rat’s nest be developing a LAN standard, length of 100 meters instead of 1,000.
every time we installed a new PC. several Ethernet alternatives And that was the factor of 10 that we
We wanted to put one cable down were quickly put forward. IBM needed! By changing the collision
the middle of the corridor, and every claimed its token ring approach interval, you can maintain the same
time you wanted to add a PC, you was superior, and General Motors theoretical efficiencies by assuming
just ran the cable and tapped into the championed a token bus as the that you’re going 100 meters instead
coax. We didn’t want the network best approach. The early efforts of a kilometer. That got us to 100
to go down while tapping into it of the IEEE 802 working group Mbits per second.
because we wanted 24/7 access to the were fraught with politics as
network. the three solutions fought for Later, the IEEE 802.11 (Wi-Fi)
This requirement led to a device supremacy. Ultimately, after standard implemented an Ethernet-
we found in the cable television a long battle, the working like protocol using wireless
industry called the Gerald tap. group standardized all three transmission. Over the years, there

8 computer
have been improved versions of IEEE data was lost. But a few design May 2013 at the Computer History
802.11 with increased speeds. But innovations from Bob Metcalfe, Museum in Mountain View,
even 100 Mbits wasn’t fast enough David Boggs, and others who California. It will be a gala event with
for the Ethernet community: built that first Ethernet at PARC industry briefings and all the many
form the foundation of nearly all Ethernet inventors invited to come
Then we went to gigabits, followed modern LAN technologies: adding and share in the festivities and tell
by 10 Gbit, which is the mainstream source and destination addresses their stories.
now. You can’t be a computer scientist to every packet, carrier sense,
and build that kind of hardware collision detection, and CRCs. Charles Severance, Computing
now—you need to be a real hardware These patterns led to relatively Conversations column editor and
engineer. But after 100 Gbits, we’ll simple LAN hardware solutions Computer’s multimedia editor, is
want terabits, and I’ve already begun that are inexpensive to make a clinical associate professor and
giving talks about terabit Ethernet. and scale to very high levels teaches in the School of Information
of performance, while making at the University of Michigan. Follow
him on Twitter @drchuck or contact
efficient use of the medium’s

E
him at csev@umich.edu.
thernet used AlohaNet available bandwidth. These
as a starting point and patterns have served us well over
built on the concept of a the past 40 years. Selected CS articles and
shared transmission medium and Ethernet’s 40th birthday will columns are available for free at
randomized retransmission when be celebrated in style on 22-23 http://ComputingNow.computer.org.

MAY 2013 9
 C omp u ting C o n v ers atio n s

Vint Cerf: A Brief

History of Packets
Charles Severance

TCP/IP evolved from 20 years’ research that sought a way to move

from a telephone-style circuit-switched infrastructure to a packet-
switched infrastructure.

I
n the late 1980s and early 1990s, resources for every active pair of users mounted radios to create a highly
academics, governments, and to a packet-switched infrastructure connected environment so that if
companies around the world had where all active users dynamically holes are knocked out by nuclear
built and deployed our current shared all resources: explosions, information can still get
shared Internet infrastructure using from one end to the other.” You chop
the TCP/IP protocol. Having a well- L e ona rd K lei n rock spe ci f ic a l ly up the speech into little 20-millisecond
developed open protocol implemented studied the packet-switching concept pieces and dynamically route it like a
on a wide range of computers was an at MIT in 1961. Kleinrock focused on “hot potato”—if you get something, you
essential prerequisite for the Internet’s message switching and did a brilliant get rid of it as fast as you can. That’s
rapid success and growth. dissertation on the use of queuing around 1962 and is documented in an
The simple answer to the question, theory to analyze what networks of 11-volume series called “On Distributed
“Where did TCP/IP come from?” is queues would look like with a message- Communications,” but he can’t sell it to
that its basis was ARPANET, an earlier switching approach. Although he never anybody. The traditional telcos—AT&T
small-scale research network. I used the word “packet,” Kleinrock’s in particular—and the people who
recently spoke about this technology’s analysis is as applicable to packet were in the Defense Communications
emergence with Vint Cerf, who is switching as it is to message switching. Agency laughed him out of the room
recognized as one of the “fathers of and say it’s a silly idea that can’t
the Internet” and was a cofounder of One adva nt a ge of a packet- possibly work, so he should just go
the Internet Society, which was estab- switched net work is that it can away. He never gets anywhere with the
lished in 1992 to provide leadership dynamically route data around idea in spite of all his documentation.
in establishing Internet-related stan- partial network outages as might
dards, education, and policy. be experienced during wartime or But academics were starting to do
To view the full video of this perhaps due to a severe large-scale research on how to break data into
interview, visit www.computer.org/ weather event, such as a hurricane packets and send those packets over
computingconversations. or t yphoon. While work ing at the traditional telephone network or
RAND in 1962, Paul Baran created “local area” wired networks:
FROM THE GROUND UP an extensive design for a resilient
Of course, the real answer to packet-switched voice network. As In the 1964-1965 timeframe, Donald
the question of TCP/IP’s origins is Cerf describes it, W. Davies of the National Physical
that it ultimately emerged from Laboratory in London also gets the
20 years’ research into a wide array Before the existence of integrated packet-switching bug and tries to get
of topics that explored moving from circuits or anything else, [Paul] is money from the science research
a telephone-style, circuit-switched saying, “We really should be digitizing commission in England, but he only
infrastructure that required dedicated and packetizing voice and using pole- gets enough to build one node. He

6 computer Published by the IEEE Computer Society 0018-9162/12/$31.00 © 2012 IEEE

 builds a network and invents the term computers and computer terminals Cerf, Crocker, and Jon Postel—all
“packet” to describe what these objects to meet the military’s information- UCLA graduate students who had
are—and it works. He has a bunch of processing needs: attended the same high school in
terminals and other things hanging California’s San Fernando Valley—
off this one node so in a funny way, Robert W. Taylor comes along to were recruited to join Kleinrock’s
he builds a local-area network, but it’s run the IPTO after Licklighter and lab to help design and build the
based on physical wires. In 1966, Larry is all hacked-off because he has technology that would be used in
Roberts along with Thomas Merrill three terminals in his office at the ARPANET:
does a point-to-point experiment to test Pentagon connected to three different
packet switching. It’s between the ANS machines: “Why can’t there be one I’m the principal programmer, Steve
FQ-7 machine at System Development terminal talking to all three? We need Crocker ta kes responsibilit y for
Corporation in Santa Monica and a network!” As he’s pursuing this idea managing and leading the network
the TX-2 machine at MIT Lincoln with Charlie Herzfeld, the head of working group, which led to the
Laboratories, which is where Larry is. ARPA at the time, Charlie hands him documents describing the host-to-host
They demonstrate on a 2,400-bit per $1 million over a 20-minute con- protocols, and Jon Postel becomes the
second modem that can move packets versation, and now Taylor has to figure keeper of the documentation. He’s the
back and forth. out who will actually do this. Taylor Request for Comments editor, the guy
isn’t a technologist, he’s a psychologist- who becomes the numbers czar to
While the resea rch into the type, so he recruits Larry Roberts from keep track of the address spaces and
theoretical and technical aspects Lincoln Laboratories, who did that allocations.
of packet switching was under way, earlier packet experiment over the
another thread of inquiry explored 2,400-baud modem. ARPANET eventually evolved to
what people m ight do w it h a the point that, in 1972, it worked well
ubiquitous always-on network: enough for a demonstration:
Another thread of
J.C.R. Licklider is a psychologist at
inquiry explored what The first demonstration of ARPANET
MIT, but he’s convinced in the early people might do with happens in the basement of the
1960s that computing is important a ubiquitous always- Washington Hilton Hotel in October
to non-numeric processing: it will on network. 1972. A bu nch of pe ople f rom
allow people to collaborate in ways the packet-switched net work ing
they never could before. He starts the community attend, not only from the
Information Processing Techniques With $1 million to spend on US but also from France, England,
Of fice at A R PA a nd encounters resea rch into a sha red packet- It a ly, Germa ny, a nd elsewhere.
Douglas Engelbart at SRI International. switched network infrastructure, the That group of about 25 or 30 people
The two bond because Engelbart’s IPTO wrote a Request for Quotation convenes, sees ARPANET in operation,
oN-Line system (NLS) is all about non- (RFQ) to solicit research proposals. and then forms this international
numeric computing and the ability of Cerf wrote one of many responses to network working group modeled after
people to build up a superstructure of the ARPA RFQ for network research: the working group that Steve Crocker
communication and documents and managed. At this point, I become
interact with each other. Engelbart has I help to write one of them with my the chairman of that group because
a World Wide Web in a box at SRI, and colleague Steve Crocker while we’re Steve’s busy at ARPA doing artificial
Licklider sends out slightly tongue-in- still at UCLA as graduate students and intelligence.
cheek notes to his community of people consulting with a company called
about this “intergalactic network.” Jacobi Systems in Santa Monica, but EVOLVING PROTOCOLS
Licklider really gets credit for having our proposal is not funded. But the At the end of 1972, Cerf graduated
put this meme of communication and next thing we know, Len Kleinrock, from UCLA and became a faculty
collaboration in place at ARPA. who wrote the original dissertation member at Stanford. Bob Kahn
work on packet-switched networking moved from BB&N to ARPA and took
MAKING CONNECTIONS at MIT, has come to UCLA to teach and the ARPANET project to the next level:
In addition to the growing notions explore queuing theory. Len is a close
of how people could collaborate via compatriot of Larry Roberts because In 1973, Bob comes out from ARPA
a shared digital network, there was they were both at Lincoln Labs together, and says that ARPA is also working on
also the practical consideration of so Len gets the network measurement networking capabilities beyond the
deploying increasing numbers of center piece of the ARPANET project. original ARPANET for the military. If

DECEMBER 2012 7
 C omp u ting C on v ers atio n s

we’re serious about putting computers within the academic and commercial As the number of workstations
in command and control, they have to communities: and mainframe computers that could
be mobile: we need mobile radio and support TCP/IP and be connected to
satellite, in addition to the fixed wire Bob and I get the first paper written ARPANET grew and an increasingly
systems represented by ARPANET. and published in IEEE Transactions on rich set of networked applications
Bob’s brillia nt idea is not to Communications in May 1974. Nobody were developed, more universities
build one network with all those pays much attention to it. Meanwhile, and research labs wanted to be
technologies embedded in it—instead, ARPA is funding us to make this connected to ARPANET, and its
he breaks them apart and says let’s actually work. At Stanford, I’m working infrastructure started to groan under
build a packet satellite network that with my graduate students, some at the network traffic load:
takes into account that it has a half- Xerox PARC and some at Stanford,
second of round-trip time. Let’s build a on detailed specifications of TCP/IP. All of this places huge demands on
packet-radio network that optimizes a We publish it in December 1974, and the ARPANET backbone, which is only
system whose connectivity is changing it’s the first time the word “Internet” running at 50 kilobits per second, and
with time as things move around and shows up in print anywhere. eventually leads to the need for higher
you get variable delay and interference. speed. NSF jumps into the fray, seeing
how valuable all this is for the academic
Expanding from the original
From its earliest days, community, and concludes that it
telephone-line based ARPANET to a ARPANET focused on should build a network that runs even
network architecture that included connecting people, faster. It does, and the result is NSFNet.
information, and

W
many cooperating networks with
points of interconnection required a technology. hat’s amazing about the
new design: story of ARPANET is that
from it s ea rliest days,
We decide to build a gateway that From 1973 to 1978, the research it focused on connecting people,
today we call a “router” and also team designed and implemented information, and technology. It’s
introduce other things like how to refer four complete iterations of the also a story of having patience
to another network. Each network Internet protocols as they found and being willing to take the time
thinks it’s the only network in the and solved new challenges. One to build it right technically, even if
universe. At that time, you didn’t have a innovation was to separate the TCP doing it right meant starting over
vocabulary that said, “Take this packet layer into the TCP and IP layers, from time to time. A relatively small
and move it to another computer on which let real-time applications group of well-funded researchers
another network somewhere else that use the Internet without the error worked closely together for more
you might not even be connected to.” correction added by TCP: than 20 years, starting over and
So we have to invent an “Internet” redesigning their systems multiple
address space to solve that problem. For the next five yea rs, we do times as new use cases presented
We have to find a way to allow packet everything we can to get TCP/IP themselves. It’s fortunate that by
losses in this path to be recovered. TCP implemented on every operating the mid-1980s, TCP/IP was a well-
now becomes a manager of reliability system we can find. It goes onto IBM developed technology that provided
on an end-to-end basis instead of machines, Digital machines, HP, Unix. a s olid ba si s for t he Inter net
relying on each underlying network We sent a Unix version built by BB&N revolution of the 1980s and the Web
to be reliable. ARPANET was built on out to Berkeley to the BSD release revolution of the 1990s.
the assumption that you could build guys, and Bill Joy says, “I don’t like
a reliable underlying network. The that code,” so he writes his own and Charles Severance, Comput ing
Internet was based on the assumption puts it into BSD 4.2, the version of Unix Conversations column editor and
that no network was necessarily that carries TCP/IP to the academic Computer’s multimedia editor, is
a clinical associate professor and
reliable and you had to do end-to-end world. Around the same time, Sun
teaches in the School of Information
retransmissions to recover. Microsystems comes along and builds
at the University of Michigan. Follow
these fantastic workstations; it wants him on Twitter @drchuck or contact
This work on a “net work of to use open protocols, so it adopts him at csev@umich.edu.
networks” began in earnest as a Unix, and TCP/IP comes along with it.
research project funded by ARPA. Ethernet connects the workstations Selected CS articles and columns
Cerf and his colleagues did all of their together. Sun drives the academic are available for free at
design work in the open and shared it community to TCP/IP. http://ComputingNow.computer.org.

8 computer
 C omp u ting C o n v ers atio n s

Van Jacobson:
Getting NSFNet
off the Ground
Charles Severance
University of Michigan

Approximately 20 years ago, TCP/IP got a big boost from

Van Jacobson and his team in the form of the slow-start
algorithm.

F
or those of us closely watching hardware and software connected control without the sluggishness of
the earliest implementation to it. proprietary companies that worried
of t he N a t ion a l S c ie nc e If NSFNet had selected DECnet most about reducing their market
Foundation Network (NSFNet) as its underlying protocol instead share. Our baby sea turtle had
in the mid to late 1980s, it felt like of TCP/IP, in all likelihood, instead successfully dodged the seagulls and
witnessing a baby sea turtle hatch far of carrying an Apple or Android made it into the ocean.
from the water and then sprint toward phone right now, you would have a But soon a f ter NSF Net f ir st
the safety of the ocean, all the while DEC phone in your pocket running deployed, the previously solid TCP/
dodging hungry seagulls. the VMS operating system. If this IP protocol started to experience
Telephone companies wanted seems fanciful or unlikely, look up extended out a ge s. I t a lked to
to maintain their monopoly on the “AT&T You Will” advertisements Van Jacobson of PARC, a Xerox
long-distance data transport, using from 1993 on YouTube. The future company, about the causes of those
leased-line technology in the US would have been very different if early problems and what it took
and X.25 data networks in Europe proprietary forces found a way to own to get NSFNet running smoothly
a nd elsewhere. Well-developed the Internet’s core in the late 1980s. a ga in (see w w w.computer.org /
proprietary networks were already The seagulls were completely computingconversations for our full
available from commercial vendors, aware of this situation, and they discussion).
including IBM’s SNA and DECnet from knew what was at stake. It’s why such
Digital Equipment (DEC). a large flock gathered over this lone TCP/IP FAILS TO SCALE
The stakes were high. Through baby sea turtle sprinting for the safety One reason for our excitement
patents, licenses, and usage fees, of the ocean way back then. about TCP/IP was that it allowed
telephone companies could extract When the NSF decided that its us to write a limitless number
profit from every aspect of distributed first national network would adopt of applications for the network.
computing, and if NSFNet succeeded, the TCP/IP protocol, we all breathed Researchers could develop low-
it would prevent those companies a sigh of relief. At least with TCP/IP, latency applications such as instant
from providing a full-stack solution university computer scientists and messaging or remote log in, medium-
to wide a rea dat a net work ing. other open-minded technologists bandwidth applications such as
Companies that owned the core would collectively own the network e-mail, or latency-tolerant high-
network technology also owned the technology. We could make the bandwidth applications such as bulk
edges of that network and could network a neutral ground and move file transfer and mix them all up on
ultimately set the agenda for all innovation forward under our own the same network infrastructure.

6 computer Published by the IEEE Computer Society 0018-9162/12/$31.00 © 2012 IEEE

 Proprietary networks like SNA and hills above the Berkeley campus, and up. This was simply a small flaw in
DECnet supported limited use cases I was also teaching on the Berkeley TCP/IP that needed fixing. They knew
via carefully crafted implementations campus. Even in the mid-1980s, for that TCP/IP was well engineered and
that made sure each application got every class, there was a message had performed exceedingly well in
the network access it needed. By [netnews] group that was set up, all other networks with diverse types
deeply understanding each particu- the assignments would be put online. I of application traffic but with fewer
lar type of traffic, these proprietary was trying to get course materials from users. Their first hypothesis was that
networks could maintain balance my office in LBL to a machine in Evans there must be a bug in the software:
between the needs of competing Hall at Berkeley, and there was zero
applications. throughput in the network. It was one I went down and talked to Mike Karels,
Although this functioned well, packet every 10 minutes or so. who was heading the BSD group,
it meant that each new use case on the people that developed Berkeley
these proprietary networks required The same problem was happening Unix. He was getting reports of these
careful engineering to fit it in with the all across NSFNet and anywhere else problems from all over the country.
rest to avoid destabilizing the overall where TCP/IP was used for wide area We talked for a long time about what
network. This approach kept network networking. It seemed that almost was going wrong. Is there a mistake
performance consistent but at the as soon as a new connection was in the protocol, a mistake in the
cost of extremely slow innovation. added, it worked for a few days until protocol implementation? [TCP/IP]
TCP/IP net work s were tr uly more users joined, then everything was working on smaller-scale tests,
layered in that the lower levels and then it suddenly fell apart. We
didn’t discriminate based on the struggled for three or four months, just
This failure to scale
traffic-generation application. The going through the code, writing tools
hope was to support a wide range of rekindled the debate to capture packet traces, and looking
applications without requiring special as to whether TCP/ at the packet traces, trying to sort out
case tuning for each new application. IP was a suitable what was breaking.
As NSFNet rolled out, it proved protocol for such
to be an immediate success, with They spent months searching
a complex and
the growth of traffic and number for an elusive bug in the design or
of connected hosts increasing at 15 difficult task. implementation that they would
percent per month—in fact, NSFNet’s ultimately never find. In a moment
size doubled every five months. This ground to a halt as the link became of desperation, they decided that
led to some problems, as described completely clogged with traffic. And perhaps their initial assumption was
by Jacobson: no one knew why. simply wrong:
This failure to scale rekindled the
We were tying together 10-megabit debate as to whether TCP/IP was a I remember the two of us were sitting
campus infrastructure with 56-kilobit suitable protocol for such a complex in Mike’s [Karels] office after we had
wires, and it was wildly popular and difficult task. Many suggested been pounding our head against the
because people who couldn’t talk scrapping TCP/IP and switching to wall for literally months and one of
suddenly could. They’re sending DECnet. The physics community had us said, You know, the reason that I
e-ma ils, moving huge files, a nd already built HEPNet, a wide area net- can’t figure out why it is breaking is
everybody is really excited. But anyone work based on DECnet protocols. It that I don’t understand how it ever
on any of those campuses [connected seemed to work quite well and could worked. We’re sending these bits out
to NSFNet] could oversubscribe the smoothly balance low-latency access at 10 megabits—they’re zipping across
[backbone] network by a factor of such as remote login with high-band- campus—and they’re running into this
1,000, so we had a lot of packets piling width access file transfer activity. 56-kilobit wire. We expect them to go
up and getting dropped. Perhaps TCP/IP just wasn’t up to the through that wire and pop out the
task. Perhaps academics couldn’t other side. How could that function?
Jacobson confronted the failure of build robust networking protocols, That turned out to be the crucial
using TCP/IP over slow leased lines and using networking software from starting point. At that point, we started
to extend campus networks nearly a commercial vendor was a better saying, What is it about this protocol
every day: option. that makes it work? How does it deal
Jacobson and the teams that with all those bandwidth changes?
At the time, I was a researcher at built the TCP/IP implementation in How does it deal with the multiple
Lawrence Berkley Lab, which is in the Berkeley Unix weren’t about to give hops?

MAY 2012 7
 C omp u ting C on v ers atio n s

They switched their focus from IMPLEMENTING SLOW knew what the problem was, these
searching for a bug to measuring START kernel modifications weren’t particu-
TCP/IP’s behavior when it functioned An absolutely critical element of larly well thought out or elegant:
properly across a wide area network the slow-start algorithm is that every
with a combination of fast and slow computer in the network needs to I had this horrible driver hack that
network links. TCP/IP wants to pre- implement it in a similar manner. If would let us snarf packets from the
send more than one packet, to fill the some operating systems implemented kernel. You set what you wanted to
pipeline with packets and maximize slow start and others didn’t, those snarf was by using adb [a debugger] to
its use of available bandwidth. The computers that sent packets more patch the kernel [while it was running]
sending system starts by sending a g gre s sively wou ld get bet ter with the ports you wanted to look at.
several packets (initial window size) throughput than the “responsible,” The driver would capture those into
and then waits to send more until it slow-start-using computers. There a circular buffer, and you would read
receives acknowledgments (ACKs) was concern that if some but not all kernel memory to pull those packets
from the remote system. of the TCP/IP implementations used out. Craig Leres and Chris Torek, who
If the initial number of packets slow start and new market entrants were working in my group at LBL and
is too small, it isn’t possible to effi- didn’t, it would lead to repeated were both long-time kernel hackers,
ciently use high-speed connections, net work collapse a nd end less were embarrassed at [my kernel hacks]
and if the initial number of pack- arguments as to who was at fault. so they put together a really nice, clean
ets is too large, the packets pile up driver called the Berkeley Packet Filter
at the slowest connection, and the [BPF] that would let you pull packets
An absolutely critical
system drops them. At some point, out of the kernel via a very efficient
the sending system detects a timeout element of the slow- ioctl() interface.
and resends the packets, which only start algorithm is
makes the problem worse. According that every computer Once the first version of the slow-
to Jacobson: in the network needs start algorithm seemed to be working
on the Berkeley computers, it was
to implement it in a
If you turn them on, suddenly you get time to share the code with other
in this repetitive failure mode where
similar manner. schools running Berkeley Unix to
you saturate the buffering that was validate the idea and determine if the
available at some gateway; when you Time was of the essence, as new patches actually solved the problem.
retransmit, you do the same thing TCP/IP implementations were under Jacobson and Karels sent the patches
again. So we were always losing active development in many com- to the TCP/IP mailing list, and an
packets. But if you turned it on more panies and universities. Thankfully, eager group of software developers
gradually, you wouldn’t overload the according to Jacobson, and system administrators started
buffering: you would get enough of a f u r iou sly te st ing be c au se t he
clock going so that you could control At that time [in 1988], there were like problem on their networks was so
the amount of backlog to fit the four implementations on the market. acute. The initial results weren’t very
available buffer even as the number There was Berkeley Unix, there was the promising—installing the patches
of packets in flight increases. You MIT PC/TCP [for Windows systems], crashed the system. But working with
would start with a sporadic clock, but there was a BBN [Bolt, Beranek, and the other developers, Jacobson and
you would eventually fill in the detail Newman] one for Butterfly and IMP his team quickly improved the code
and get a per-packet clock. ... The hard [Interface Message Processors; an in several subsequent releases over
part in TCP is not in keeping it running, early router] systems, and there was the next 24 hours:
it’s in getting it started. Because once a Multics one.
you have it running, a clock tells you After about a day, we got a version that
exactly what to do. Once the slow-start design was didn’t immediately panic [crash] and
in place, the team quickly started to then started working on the actual
Jacobson called it the “slow-start develop fixes to the Berkeley Unix algorithm with a little bit of tuning to
algorithm.” If we could get every operating system to demonstrate the make sure that it actually helped all
TCP/IP implementation to imple- algorithm. Up to that point, they had the time and didn’t do any harm. It
ment the slow-start algorithm we made lots of changes deep inside the was completely a community effort,
could get our baby turtle back off Unix kernel to instrument the net- and when the community was saying
the beach and back into the ocean work protocols and develop models that this mostly does good and never
for good. of what was going wrong. Before they seems to do harm, that was what

8 computer
 Mike [Karels] needed to put it into the leads to an unnecessary reduction TCP (stream) level, thus it can’t take
[Berkley Unix] kernel. in throughput. A router’s proper advantage of knowing how packets fit
behavior is to discard packets that together to form continuous content.
It took about a month between the have been stuck in a router too long Although it’s a gross oversimpli-
first release of the slow-start patches to properly communicate the nature fication, content-centric networking
and when the code was of sufficient of their network communication to uses the buffer space already pres-
quality to be included in the official the sending and receiving systems. ent in routers to provide the ability to
Berkley Unix release. It eventually efficiently access streams of content

V
debuted publicly as a core capability from a single source going to mul-
of the BSD Unix 4.3 (Tahoe) release a n Jacobson continues to tiple destinations. Content-centric
in June 1988. The other major TCP/ resea rch the best way to networking naturally handles widely
IP implementations quickly followed use the resources in packet- varying network connection through-
suit, and in a remarkably short time, switched networks. His latest thinking puts as well as relaxes the need to
the slow-start algorithm was virtually is content-centric networking (www. send every single packet to all loca-
universal. parc.com/work/focus-area/content- tions synchronously.
centric-networking/), which puts the We plan to visit Jacobson again in
ALL’S WELL vast amounts of memory and process- a future article to explore content-
Although TCP/IP engineering and ing power found in backbone routers centric networking in more detail.
improvement is nearly continuous, to good use instead of causing prob-
the slow-start algorithm solved the lems like buffer bloat.
Charles Severance, editor of the
last major engineering issue that Increasingly, we’re streaming
Computing Conversations article
caused the entire Internet “to crash.” content from places like YouTube, and Computer’s multimedia editor,
With billions of computers connecting Netflix, and live TV over the Internet. is a clinical associate professor and
and millions more coming on every IP Multicast has long been a hoped-for teaches in the School of Information
month (including several in your solution in this space, but it has proven at the University of Michigan. You can
pockets or purses), it’s comforting difficult to completely synchronize all follow him on Twitter @drchuck or
to know that they all come from the sources and destinations connected contact him at csev@umich.edu.
factory with the slow-start algorithm to a common stream and adjust
built in. to varying net work connection
The algorithm’s very simple con- speeds and congestion conditions. Selected CS articles and columns
cept allows a TCP/IP implementation In addition, Multicast operates at are available for free at
to gauge the bandwidth for each the IP (packet) level and not at the http://ComputingNow.computer.org.
connection by starting out a little ten-
tatively, and once it gets a sense of the
available throughput for the connec-
tion, it quickly expands its window of
in-flight packets to make best use of
that throughput.
Interestingly, as the routers that
make up the Internet’s fabric become
faster and have more memory, they’re
storing more in-flight packets longer
and then forwarding them later,
when the TCP/IP protocol would
suggest that the packets be dropped.
When this happens, the packets
that are successfully transmitted
after a delay have a slower apparent
round-trip time. When your system
sees this slower round-trip time,
the slow-start a lgorithm starts
backing off because it thinks there’s
a bottleneck somewhere between
the sender and receiver, which

MAY 2012 9
C omp u ting C o n v ers at io n s

Van Jacobson:
Content-Centric
Networking
Charles Severance

Content-centric networking is much more than caching of content—it also

works well for live streams of popular data

A
s engineers, every once in a system for computers. People Although the ARPANET and the
while, we need to seriously wanted their computers to exchange Internet were very different from
revisit our underlying data, and the model we had for the telephone network in their
assumptions and make sure communication for 140 years had implementation and use of physical
they still hold true. In terms of the been the phone system. We said, wires, they were similar in that
best architecture for the Internet, the ‘Okay, communication is conversation the ultimate goal of TCP/IP was to
four-layer model based on TCP/IP is over long distances,’ so let’s make allow two distinct applications to
pretty much accepted as absolute protocols and infrastructure “call” each other, get a connection,
and unquestionable truth. that allow computers to have a and let those applications have a
I recently interviewed Van conversation. The first cut of that conversation. This conversational
Jacobson of PARC, and we talked was the ARPANET—a network that model between applications was
of a major re-architecting of the would handle different bandwidths very general and allowed rich
Internet to deal with the fact that and didn’t require the global clock research into many different kinds
it is increasingly a global content distribution of a telephony network. of uses for the Internet. It kept the
distribution system layered atop Instead, it substituted buffering. four-layer architecture pristine and
a communication model, with avoided embedding application-
computers making virtual “long- The earliest telephone systems specific understanding in routers:
distance phone calls” to each other. used the dialing of a phone number
What if they took a more content- to physically configure relays and This really changed the world, but
centric approach? create a temporary “physical” the bulk of that change didn’t happen
Visit www.computer.org/ wire that could transmit amplified in the 1970s, 80s, or early 90s, when
computingconversations to view analog audio signals over long the Net was first growing out—it
a video of this interview. distances: happened in the late 1990s and
2000s, when the Web took off. The
THE TELEPHONE MODEL A crucial thing coming out of Paul Web had nothing whatsoever to do
To delve into a possible alternate Baran was to not emulate the phone with computers having a conversation
future, we must first let go of the system, where communication was all model. It had to do with people
notion that the current state-of- about building a wire hop-by-hop or creating and consuming content.
the-Internet architecture is “right” link-by-link between two end points, The Web showed us for the first time
simply because we’re using it and it basically instructing the switching what happens if we leave behind this
seems to work: system how to make one long wire. 18th century model of telephony
Instead, Paul said, ‘Just identify the between applications, stop looking
If you look at how the Internet has end points and let the network take at the wires, and instead focus on the
evolved, it started as a telephone care of getting the data there.’ information in the wires.

0018-9162/13/$31.00 © 2013 IEEE Published by the IEEE Computer Society JANUARY 2013 13
 C omp u ting C ONVERSATIONS

The Web gave us a way to name TCP/IP is architected around the and destination addresses that we
information, and representational notion that the network number conventionally think of as IP, so it’s
state transfer (REST)-style Web portion of an IP address connects at the front of the packet to be used
services gave us a namespace for to one and exactly one router in the by the network layer, and then we
data as content. Today, we enter a global Internet. To support world- have ports that are TCP, so they’re
URL into our browser to indicate scale applications, it was increasingly a little bit deeper in because they’re
“what we want” instead of “how to necessary to “lie” to TCP/IP about supposed to be used by the end node
get it.” We layer the HTTP protocol what’s really happening: for its de-multiplexing to get you
atop a conversational model, to a particular application. Inside
but as moving data and content If you look at YouTube, Google, that, we have sequence numbers
becomes the dominant use of Amazon, Facebook, Twitter, all of that are used when you get to the
Internet infrastructure, perhaps the these very heavily used services that application to reassemble the larger
conversational model is becoming manifest themselves to the Net as unit of information, and inside that,
our limiting factor: an IP address that looks like a single we have URLs, which are used by a
location, if they’re a single location higher-level part of the application
We’re having massive scaling with hundreds of millions of users, for session meaning and the like.
problems today trying to join You just have all this information,
together the very information- and it’s all fundamentally name
centric Web model with the very Content-centric information that indicates “What do
host-centric TCP/IP model. Look at these bits mean?” If you pull together
networking is
what it takes to build something the source addresses, the ports, the
much more than
like YouTube. You can create videos sequence numbers, and the URLs,
caching content—
and put them on your own website, they all give you context. They’re all
but you have to pray that they never
it also works well the “name” of the information.
become popular. If they get popular, for live streams of
your ISP will almost immediately popular data. What if I just said that packets have
shut you down because your link a name on the front and all that
will be completely saturated, in information gets collected to the
what we call the “Slashdot effect.” the traffic in a conversational model name? At any point in the network,
That problem is intrinsic to the always scales like the popularity, it you look at the name to do your job. If
conversational model: we don’t do scales like the number of consumers. just the front part will work because
broadcast television by making If you’re doing a Twitter update or all you’re doing is gross-level steering,
phone calls to the television creating a video that will be seen by just look at the front. If you need
station because there is no way to millions, you can’t deploy it in a pure to look at more of it, we don’t have
scale that. We broadcast it out to conversational model, and so you’re layers, we have a set of structured
everybody who wants to listen, and forced to spend all your time fooling information, and we know that we’ll
we don’t know who they are--they the Net. be looking at different parts of it for
aren’t individually identified. different reasons.
In a world-scale Web application
WORLD SCALE like Google or Facebook, the CONTENT IS KING
As world-scale applications and destination IP address in a packet Once we switch to a naming
services became the norm on the that has little to do with your scheme that uniquely identifies
Internet, it was impossible to have a request’s ultimate destination. The each packet or segment of content,
single connection from something address is simply the quickest way it no longer matters where the data
like Google to the rest of the Internet to get your request into a nearby actually comes from. The content
and route all traffic from around datacenter, where Google looks segment could come as easily
the world to a single network more deeply into the request to from a nearby router as from the
connection to a single server room figure out what you want so it can originating source. Packets could
in Mountain View, California. For virtually route it to the closest copy then be cached throughout the
Google to function effectively, of the requested information: network in the memory of the
it needs many facilities around routers, and those packets could be
the world and many connections Information that’s qualitatively the reused for popular content.
between Google facilities and the same is spread randomly across Content-centric networking
public Internet. the whole packet. We have source is much more than caching of

14 computer
content—it also works well for live copy and now you’re done with your Antipolis, France, in September
streams of popular data. One of distribution. 2012, with 29 presentations, nine
the many prototype applications demonstrations, 16 poster sessions,
built on top of CCN’s early Of course, it’s one thing and attendees from many different
implementations is a multiuser/ to postulate that we need a organizations. You can find more
multipoint video conferencing fundamental paradigm shift in the information on CCN and related
system. As the popularity of a live architecture and yet another to projects at www.ccnx.org.
video conference or event scales, the move a new approach into broad Perhaps the next time you have
likelihood of packet reuse increases world-wide production. Like the shift a little free time while you wait
dramatically: from voice to data communications for a YouTube video to buffer, you
from the 1960s to the 1990s, shifting might let your mind wander and
If you don’t care where you’re getting data communications from a imagine for a moment how you
the data—if all that matters to you is conversational model to a content- might re-engineer the Internet
what the data is, not where it comes centric one will also take time and architecture to better handle our
from—then all of this memory that require many experiments. And increasingly content-oriented use of
has to be in the network as buffering like the engineering of TCP/IP itself, the network.
in order to manage the multiplexing there will likely be many versions as
suddenly becomes a viable source researchers identify new issues and
of data. Having the load scale with use cases. Charles Severance, Computing
Conversations column editor and
popularity is strictly a function
Computer’s multimedia editor, is

T
of the fact that the data can only
a clinical associate professor and
originate from one place. If you just he good news is that an active teaches in the School of Information
care about the data, just start going community is exploring CCN at the University of Michigan. Follow
toward that place, and as soon as you and its applications worldwide. him on Twitter @drchuck or contact
run into that data, now you have a The CCN community met in Sophia him at csev@umich.edu.

JANUARY 2013 15
 COMPUTING CONVERSATIONS

Bruce Schneier: The

Security Mindset
Charles Severance, University of Michigan

Security guru Bruce Schneier talks about what it

takes to think like a security expert. I think computer security is the
most exciting part of computing

N
right now, because it has some-
etworked technology increasingly touches all thing that nothing else has: an adversary relationship
aspects of our lives. When essential systems between the parties. When you do graphics or operating
are connected to a networked environment, it systems or anything else, there’s no one trying to thwart
becomes important to make sure that they’re you at every turn. That’s what you have in security,
protected from attack. We continue improving the math­ and that’s what makes it exciting and interesting.
ematics and algorithms used to secure these systems, but Security involves psychology, economics, computing,
attackers tend to exploit weaknesses in how the math­ law, policy, and so many other things. It’s a constantly
ematics and technologies are used. evolving arms race between attacker and defender.
As effective security becomes more vital, many com­
puter science students are becoming interested in mak­ In many other areas of computer science, we’re itera­
ing security part of their education. I talked to Bruce tively improving something, such as the algorithms that
Schneier, a leading cybersecurity thinker, and asked him power databases. We gain new understanding of the un­
how students might prepare themselves for a career in derlying problems and then improve our solutions to the
this field. See the entire interview at www.computer.org problems. But because the “underlying problems” in se­
/computingconversations. curity are often creative, highly motivated human adver­
saries, there are always surprising new twists and turns.
WHY STUDY SECURITY? We simply can’t know in advance what skills we’ll need to
In some ways, the security field is different from other tra­ succeed as security professionals:
ditional areas of computer science like hardware, compil­
ers, or OSs: Security is a mindset. It’s a way of thinking about the
world. Think about the definition of “hacker.” A hacker
is someone who cobbles stuff together and makes it
See www.computer.org/computer-multimedia work. You could hack a tool that works one way, and add
for multimedia content related to this article. some other piece to it, and suddenly it does something
else—maybe something it wasn’t intended to do.

112 CO M PUTE R P U B LISH ED BY TH E I EEE COMP UTER SOCI E T Y 0018-9162/16/$33.00 © 2016 IEEE
 EDITOR CHARLES SEVERANCE
University of Michigan; csev@umich.edu

Those with the intent to break secu­ Follow whatever interests you, how we can regain security. All
rity don’t follow rules; they don’t stay because what you’re really learn- of my books are general inter-
in a well-defined box. We can’t just tell ing is how to think like a security est, for those who want to learn
folks to “behave.” expert. Honestly, if you get a job more about the topic. I always
where you’re securing VPNs, you hope my books spark different
If I’m the hacker, I get to attack can easily pick up how VPNs interests in different directions.
whenever I want. I get to do it at work. The hard part is how to They’re going to give people
the most inopportune time [for think about security, and not the ideas that they research further.
you]. I get to do it in a way that technical details of the problem. That’s how you get your passion;
makes your system fail as badly that’s how you get your calling.
as possible. And you have to think Students interested in a career in
about security that way. Not about security need to expose themselves to
how to build something and make open-ended challenges to develop the

T
it work, but how to make it fail security mindset: he good news for students who
in precisely the right way to do aspire to join the security field is
precisely the right sort of damage. A lot of hacker conferences have that demand is growing for peo­
Capture the Flag contests [where ple with expertise in this area. Although
To get into the security mindset is participants] build their own pri- it’s important for a student to master
to try to understand the unexpected vate network to cut down on both core skills in computer science, those
directions from which attacks might network latency and federal law skills must be placed in the context of
come: violations. You’re going to learn a security mindset. Because this takes
a lot by breaking other people’s a long time to develop, and draws from
I remember a class in security systems. And that’s probably going many diverse areas of study, students
where one of the assignments was to involve illegal activity. We have can think of their entire education as
to come in the next day and write this clash between the technol- preparation for a career in security.
down the first hundred digits of ogy imperative and what society
pi. There are two aspects to this wants. You can go in and try to
test. First, you can’t memorize a hack your own smartphone or
CHARLES SEVERANCE is a clinical
hundred digits of pi overnight, so computer and there’s a lot of stuff associate professor and teaches
you have to cheat. Second, if the you can learn. But it’s going to be in the School of Information at
students were caught cheating, more fun if you can hack some- the University of Michigan, and
is Computer’s multimedia editor.
they would fail. Students were body else’s phone or computer. I
Follow him on Twitter @drchuck or
forced to think outside the box prefer things to be open ended. contact him at csev@umich.edu.
and explore the security mindset.
Over the years, Schneier has writ­
The security mindset isn’t some­ ten many books that explain security
thing that can be taught directly. concepts and issues to a nontechnical
There’s no “principles of the security audience including Secrets and Lies:
mindset” section in a textbook that we Digital Security in a Networked World
can all learn and then apply to become (Wiley, 2000) and Liars and Outliers:
security experts. But a security expert Enabling the Trust that Society Needs to
must understand many different topic Thrive (Wiley, 2012). His most recent
areas, because adversaries are looking book is about surveillance and data:
for any way to break into systems:
My latest book is called Data and
I’m often asked, “Should I study Goliath: The Hidden Battles to
forensics or cryptography or Collect Your Data and Control Selected CS articles and
network security or protocols Your World [W.W. Norton, 2015]. columns are also available for
or embedded devices or SCADA It discusses what’s going on in free at http://ComputingNow
.computer.org.
systems?” Study what you want. the world of surveillance and

FEBRUARY 2016 113

 COMPUTING CONVERSATIONS

Bruce Schneier:
Building
Cryptographic
Systems they just thin veils that can easily be
pierced by the government? I posed
these questions to leading security
expert Bruce Schneier. Watch the
Charles Severance, University of Michigan
entire interview at www.computer.
org/computingconversations.
Security expert Bruce Schneier discusses
CRYPTOGRAPHY AND
security from the perspectives of both the THE NSA
When asked whether a cryp-
National Security Agency and the National tographic standard like the Ad-
vanced Encryption Standard (AES)
Institution of Standards and Technology. offers protection against well-
funded and highly skilled prying

S
eyes, Schneier replied:
ince the 1930s at Bletchley Park, there has been a
continuous arms race to both improve and break One of the things we’ve learned from the Snowden
cryptography. The files leaked by National Secu- documents is that broadly applied cryptogra-
rity Agency (NSA) contractor Edward Snowden phy gives the NSA trouble, at least at scale. The
made it clear that governments regularly gather data on NSA does a lot of cryptanalysis and breaks a lot
average citizens, which makes us wonder if privacy is even of systems. But well-designed and well-imple-
possible. Do our carefully designed cryptographic sys- mented cryptography does stymie [the NSA].
tems protect our information as we expect them to, or are
All cryptography can eventually be broken—the only
question is how much effort is required:

See www.computer.org/computer-multimedia
Cryptography forces attackers to have a priorities list.
for multimedia content related to this article.
Depending on their time and budget, they’ll work their

40 CO M PUTE R P U B LISH ED BY TH E I EEE COMP UTER SOCI E T Y 0018-9162/16/$33.00 © 2016 IEEE

 EDITOR CHARLES SEVERANCE
University of Michigan; csev@umich.edu

way down the priorities list. Your There’s an important corollary of that, there’s going to be some
hope is that you’re below their here: complexity is the worst interaction you didn’t notice. And
budget line. Without cryptog- enemy of security. The more that interaction will be the vulner-
raphy, an organization like the complex you make your system, ability that breaks your system.
NSA can bulk-collect data on the less secure it’s going to be,
everybody. With cryptography, or- because you’ll have more vulner-
ganizations are forced to be more abilities and make more mistakes CRYPTOGRAPHY AND NIST
targeted. That’s extraordinarily somewhere in the system. We To make sure the underlying mathe-
valuable because it means the FBI learn again and again when we matics of cryptography are solid, the
will go after criminals, the NSA see analyses of voting systems, National Institute for Standards and
will go after agents of a foreign embedded systems, cell phones, Technology (NIST) runs a public mul-
power, and the Chinese govern- messaging systems, or email tiyear evaluation process where peo-
ment will go after US government systems that the vulnerability is ple are invited to submit an algorithm
officials that rise to whatever level always outside the cryptography. for consideration as the standard. The
it wants to spy on. The cybercrim- It’s almost always something that most recent encryption standard se-
inals will just go after a few of us, the designer, implementers, coders, lected was AES in 2001:
and the rest of us are protected. or users got wrong. The simpler we
can make systems, the more secure NIST is trying to build standards,
In truth, having good cryptography they are. We recently learned and it has a standard for the crypto
algorithms doesn’t automatically about vulnerabilities in the key algorithm, which is currently AES.
ensure security because the algo- agreement protocols that are used It was selected using a public
rithms must be realized in real-world to secure a lot of VPNs [virtual process where multiple groups
systems: private networks] and Internet submitted algorithms and NIST,
connections. If you look at where representing the consensus of the
When we say we trust the that vulnerability occurred, it was community, picked a winner. It
cryptography, all we’re saying due to a shortcut that allowed for wasn’t dictated from on high and
is that we trust the mathemat- massive pre-computation. The there were no secret criteria. The
ics. Everything I know about math works great, but the imple- AES algorithm was the one that
cryptography tells me the math mentation of the math was flawed. most of us thought was the best.
is good. Certainly there will be Actually, there were several we
cryptographic advances, and One way to weaken a security standard thought were good candidates, and
some things will be broken in the is to introduce complexity: NIST picked one. But there is a lot
future, but by and large the math of trust in the process because it
works. But math has no agency. The Internet Engineering Task is public, open, and international.
Math can’t do anything—it’s Force [IETF] process for Internet SHA-3, the new secure hash stan-
equations on a piece of paper. In standards doesn’t really work for dard, used the same sort of process.
order for math to do something, security because those standards
some of us need to take that math are compromises made by a com- Schneier designed and submitted an
to write code, embed that code in a mittee. They put in all the options algorithm called Twofish as one of
program, and embed that program to make everyone happy. They put the entries in the AES competition.
on a computer with an operating in as much flexibility as necessary Twofish was one of the finalists, but
system on a network with a user. to make the system as comprehen- NIST selected an algorithm called Ri-
All those things add insecurity. sive as possible. That approach jndael as the AES standard:
is anathema to security. Security
Those who would defeat cryptography needs as few options and to be AES was an interesting process.
rarely attack the mathematics directly; as simple as possible. You don’t It started with 64 algorithms,
instead, they attack the systems, net- want to compromise. You want one of which 56 met the submission
works, and humans that implement group to win because that group criteria. Then NIST whittled it
and use the security: has a self-contained vision. If you down to 15 or 16, and then in the
have a piece of this and a piece next round whittled it down to five,

APRIL 2016 41
COMPUTING CONVERSATIONS

and then eventually to one. So it things that have not been broken
was a constant winnowing process. before. They can publish papers
My Twofish algorithm made it into and gain credibility in the field.
the top five. There were no bad al-
gorithms among the finalists. The It’s a unique aspect of security re-
differences were more about secu- search that the “coin of the realm” is
rity margin and implementability poking holes in results produced by
in the hardware versus embedded your colleagues in the field:
systems or otherwise constrained
systems. To me, it came down to You go to a security or crypto
three algorithms. I thought they conference and there are going to
were all good choices. Twofish was be papers from people who break
one of the three and Rijndael (the each other’s stuff, so you need a
eventual winner) was another. thick skin. You have to understand
that we are all learning. I produce
For Bruce, winning the competition a protocol and you break it. Sure,
was less important than making sure I’m unhappy, but I’ve learned
the selected algorithm was something something—and so have you
we all could trust: and so has everyone else. That
knowledge is more important than
While it would have been great to my particular creation surviving.
be the winner, I think there was Anyone can invent a cryptosystem
a lot of value in NIST picking a that he or she can’t break. The
non-US algorithm. By choosing only way to get better at design
an algorithm created by cryp- is by breaking others’ designs.
tographers from Belgium, NIST
said to the world that it picked
what it thought was the best

O
algorithm, not just an Ameri- nce we accept the fact that
can one. That was an important there is no unbreakable cryp-
consideration I hadn’t thought tography and certainly no
of at the time. So I can’t fault unbreakable computing system, the
this process at all. It was really goal is to get to the point where we
fun to participate and I would have the best possible algorithms and
do it again. I also participated in a high level of trust in them. The secu-
the SHA-3 competition with an rity field has been well served by the
algorithm called Skein. Someone cryptographic algorithms produced
else won, which was fine with me. through the NIST standardization
process. By using an open process and
Given that these competitions take encouraging competition and critique
several years and it could be more from all participants, we have the best
than a decade between competitions, chance of developing solid and trusted
they make a big impact in the security cryptographic algorithms.
research community:

These competitions are lots of fun

for cryptographers and students.
CHARLES SEVERANCE is a clinical
They give students lots of targets.
associate professor and teaches
One of the hard things as a crypto
in the School of Information at
student is that you have to learn
the University of Michigan, and
to break stuff. The only way to
is Computer’s multimedia editor.
learn how to make things is by
Follow him on Twitter @drchuck or
breaking them. These competitions
contact him at csev@umich.edu.
allow students to start breaking

42 COMPUTER  W W W.CO M P U T E R .O R G /CO M P U T E R