An article has been published this weekend in the NY Times about a hot topic: “Do we need a new Internet?“.
To resume, the journalist, John Markoff, explained that the current Internet is not able to survive to attacks from malicious codes (viruses, malwares and other nice things). Unfortunately, deploying a brand new Internet (based on IPv6 like suggested John) will never solve the problem. Why?
Whatever the protocols or applications used, business will grow and a high-revenue e-business means a growing interest from criminals! They evolved from destructive attacks (remember the DDoS golden years) to more malicious activities to stealth valuable data.
First, if you consider a chain, its strength will be equal to the one of the weakest link. The same model applies to security (and Internet): in this case, the weakest link is… the user! This is by nature: Humans tend to trust too easily. And IPv6 or any new bullet-proof technology will never change their behavior. However, new tools can warn the user and help them to take the right choice (basically, “to click on this link or not?” or “to open this attached file or not?“). User education stays a key topic (regular awareness trainings are required).
On the other side, do we really need a new Internet to face the growing demand in bandwidth and IP addresses? For years now, organizations like IANA or RIPE warn about a very-soon lack of IPv4 addresses (just as reminder: 32 bits == 4294967296 addresses). A one-time switch from IPv4 to IPv6 is impossible. Cohabitation will continue for years with mixed environments (Examples: backbones running on IPv4 and private networks on IPv6). IMHO, the highest demand in IP addresses will come from new electronic devices which will require network connectivity but which will not be publicly available in the Internet (think about sensors of all kinds).
Finally, take care with IPv6. It’s not yet widely deployed and almost unknown to the end-users. At this moment, it means, except the standard security features introduced in the new protocol version, a global lack of security around IPv6. If not properly secured, it will be for sure an important vector of penetration in networks or systems. Just my 0.02€!