The start of Metanet

Way back in the depths of the late 90s, I was a young brash 20-something with this concept that I would change the Internet for the better. I never really looked at people properly. I took them at face value, and it led to many problems.

Metanet and Bitcoin started with the concept of an economically incentivised Internet.

What fools promote.

The plan was to be able to create a system that was secure through economic incentives. It is an area where I have been ridiculed for promoting it for most of my 30 years in information security. Unlike some such as Marcus Ranum who promoted the concept that a pair of pliers is the ultimate firewall isolating a network and stopping all commercial activity, I saw such a scenario as the attack. In my scenario, I see a world where attackers have to pay more and more as they attack a network.

If a user wishes to engage with the site and use the services being provided, they could put up an escrow amount that they could get back at the end of the session. The site could charge small micropayments for continued use, or it could allow free access with a small deposit.

The ability would incentivise many forms of commercial activity without having to rely on the sale of user data in the breach of privacy that we see in the ad-based tragedy of the commons in the Internet today.

Everything needed to achieve such an end has been developed now. There is a lot of work still to do, and the ideas need to be fleshed out and developed fully, but having said so, it is important to note that the foundation has been laid and the patents have been filed.

Some of the steps that were thought necessary turn out to be less valuable than required. In the 1990s, I started at the wrong side of the problem. And I did not realise that the solution was far simpler than I had imagined initially. I had thought that digital money such as in the form of eCash could be issued from each site. Back in the early days of the cypherpunks, there was a lot of conjecture about such a form of digital cash. We still see it in the “crypto” community today.

Such is the fallacy, where everybody can have their own coin or money. When I started the project, I fell for the same flawed misconception — not realising that in fact it is a system that is less effective than barter. Money is best when universal. If every site has their own form of tradable currency, the reality is that no site has currency. To be money, it needs to be universal.

In the early versions of economically incentivised servers, I foresaw that sites would sell individual coins and tokens generated along the lines of something like Hashcash.

In such a scenario, each system would simply create its own universal proof of work and then sell it individually to control access. It is the current multi-coin system we see in the cryptocurrency world right now. It is also the scenario I had abandoned in the early 2000s. When you start to think it through and take it to its logical conclusion, the problem with such a world becomes manifest. If every individual and every site have their own payment system, we in fact have something that is less effective than barter. If I want to go to Alice’s site, I need to swap Alice coin for Craig coin. The computational intensity in managing the exchange of so many forms of currency removes the informational value of money. The reason gold was successful is because it gave a single measure to the financial economy on a global basis. The value of money comes from the value of information.

AGIMO IPv6 session

I was involved in the training of a number of government departments concerning security and IPv6. It is an area I’ve been looking at for a long time. In particular, IPv6 alters the security position of many sites. The ability to find hosts through port scanning is incredibly limited using IPv6, with an attacker being expected to spend decades scanning a single range. More importantly, we can integrate IPv6 directly into Bitcoin. We have been working on intellectual property that allows for the allocation of addressing over mobile IP sessions that is based directly on the allocation of a payment through Bitcoin. In such a way, attackers would have to deposit an escrow amount that they could get back only if they follow the rules and that they lose if they breach them in any way. Even a simple distributed denial-of-service attack would become infeasible.

With the ability to allocate separate session addresses for each and every client tied to a deposited bitcoin amount, an attacker would need to expand an immense amount of money to engage in a simple attack such as for a denial of service.

Of course, there is an issue of truth in all of it here. Metanet creates an immutable Internet. It allows the right to be forgotten through key dis-allocation, whilst maintaining a copy of all material ever posted to the Internet. From an attacker point of view, it is the worst invention ever. Not only would attackers be required to pay money for the use of a site as they attack it, an immutable record of all the changes and the attack itself would be created.

We can imagine a system like GitHub and associate it with every change ever created on any system globally. Imagine every single change is digitally signed with an evidential quality ledger. Internal errors will be reversed leaving a trace of the error and private details of the changes including the parties responsible.

Now take it as a basis for the entire global network. Imagine a cyber attacker seeking to alter the state of the machine. Over an encrypted and secured channel, the attacker would need to exchange keys and access a role-based identity system linking the individual to his or her actions. We could simultaneously allow pseudonymous access to public pages whilst logging every action conducted by any party that loads or alters any information. From a business point of view, the attacker would have to pay the business for the right to attack it, and at the same time every alteration would be immutably stored.

I was involved with SANS.org from the late 90s on. It was until I dropped off the face of the earth in 2015 and effectively vanished from such a side of my life. Whilst I was involved, I completed more training than anyone else before or after me. I also taught occasionally. Two of my favourite courses included SEC560 and SEC660 [1]. Metanet alters the entire framework of the course in every way possible. Fully implemented, reconnaissance and scanning become infeasible. Imagine having the equivalent of a network access policy that is sold as a template in Bitcoin. On purchase, an immutable record of the transaction can be logged and audited immediately.

More importantly, the audit function can be separated entirely; the audit and monitoring function can be provided by an indexing service on the blockchain. The process of attacking the network and auditing the attack can be completely separate. The simple act of scanning the network will require the purchase of the rights to access each individual service or at the least an algorithmically defined escrow payment.

In learning to be a computer hacker, one of the most critical aspects is how to clean up the logs. Effectively, it is the destruction and deletion of the evidence of the attack. To be successful, an attacker needs to both break into the system and cover the records and access logs. They need to hide from the system administrators and slowly pivot across the network. Metanet alters the scenario radically. With Bitcoin, we now have a means of incentivising people to use the network correctly but also to record every action that they do while attacking. The consequence is that an attack would be immediately alerted at remote locations. An attack would be instantly reversible.

No system is perfect, and insiders may always copy and leak information, but with the ability to record all access on a write-once-read-many media format on the blockchain, we radically alter the economics of information security. Bitcoin is not merely an information commodity. It is the ultimate information-security tool, and it drastically shifts the balance of power away from the attacker to the defender.

Years ago now, I taught FOR572 under Jonathan Ham. One of the things I remember was the forensic process and how live logs could be used to capture and stop an attack before it could escalate. The system I’ve been developing within Bitcoin will eventually become the global backbone for the entire Internet. It will enable the people defending a network and servers to watch and monitor all access to their systems. Every stream will be able to be captured using payment channels in Bitcoin transactions. All static information will end up stored and associated with Bitcoin transactions that are controlled cryptographically. The end result being that attackers foolish enough to target a system will find themselves logged on an unalterable data store that is replicated globally.

Interestingly, IPv6 supports jumbo frames of up to 4 GB. Such can be incorporated into Bitcoin transactions as we scale the system, allowing for payment-channel-based exchanges using:

  • OP_PUSHDATA4;
  • {Data}; and
  • OP_DROP

in a transaction and exchange. The data can be streamed using a payment channel, and as transactions are malleable, the data can be authorised, and a hash may be used when sending to the blockchain rather than the data. In other words, Alice sends a block of data to Bob who hashes it for validation and sends the redacted transaction (which has been signed but which he malleates) to be verified by the miners.

Notes:

IPv6

The IPv6 protocol was designed to supersede IPv4 addressing while supporting the growth of the Internet. While the IPv4 protocol accommodates 4.2 billion unique IP addresses with a 32-bit address, the allocation of IP addresses on the Internet was not completed in the most efficient manner, leaving a shortage of available IP addresses. With deployment of technologies such as NAT and CIDR, the Internet continued its growth, but was still somewhat limited without the widespread availability of globally unique IP addresses. New technologies such as mobile phones and PDAs connecting to the Internet have increased demand for addresses, as has the spread of Internet technology to populous countries such as China and India. As a result, a new mechanism was needed to accommodate continued growth and adoption of Internet-connected technology.
 
The IPv6 protocol was designed to meet such growth demands, expanding the address size from 32 bits to 128 bits. A 128-bit address is approximately 340 undecillion or 340,282,366,920,938,463,463,374,607,431,768,211,456 addresses. With so many unique addresses, the IPv6 protocol can accommodate 7 unique IP addresses for each atom in every human on earth.
 
Of course, all of our atoms don’t need so many IP addresses. Instead, the sheer volume of available IP addresses provides for more flexible deployment of address space on the Internet. For example, ISPs will be able to geographically assign IPv6 prefixes to different parts of the world, allowing for the simplified routing of traffic on the Internet. Organisations can obtain an IPv6 prefix with sufficient available addressing to accommodate all present and future addressing needs.

IPv6 features

A key feature of IPv6 is the expansion of address space, permitting route aggregation on core Internet routers through geographic address space allocation, improving delegation and management of addresses to organisations and ISPs alike, and providing hierarchical distribution of address space that makes troubleshooting and Internet routing simpler. 
 
Another valuable feature of IPv6 is support for addressing auto-configuration. Anyone who has been responsible for manually assigning IP addresses to hosts understands that it is a problematic and cumbersome process. With 128 bits of address space, it becomes possible to use the globally unique MAC addresses on all network cards as IP addresses. In such a way, administrators can simply introduce a new node to an IPv6 network without manually specifying an IP address; the IP address is configured automatically based on the local MAC address and advertisement information from the default gateway on the network. 
 
During the transition process between IPv4 and IPv6, it is possible to establish IPv6 tunnels over the existing IPv4 Internet using IPv4 Protocol 41 or one of several tunneling protocols such as AYIYA (Anything In Anything) or Teredo (Tunneling IPv6 over UDP through NAT). It is also possible to continue supporting IPv4 traffic on an IPv6 backbone using gateway services that translate IPv4 packets into an IPv6 format.

Another significant change in the IPv6 protocol is the use of a fixed IP header. While the IPv4 header could expand to include additional information such as strict or loose source routing, the IPv6 protocol has a fixed header length of 40 bytes. In order to accommodate additional flexibility in the protocol, IPv6 introduces a Next Header field that indicates what the embedded protocol contained in the packet payload is. It is similar to IPv4’s embedded protocol field, but unlike such a field, the next protocol can include multiple embedded protocol fields, one right after another. Currently supported protocols in the IPv6 Next Header include the encapsulating security protocol (ESP) and authentication header protocol (AH) for IPSec, the destination-options header to specify processing options at the destination system, and upper-layer protocols such as UDP, TCP, and ICMP.

References

[1] https://uk.sans.org/course/network-penetration-testing-ethical-hacking