Making the Internet Great Again; An Interview with Michael Schapria
(Technical writer, ex-robot manual creator gone privacy enthusiast/VPN expert)
Michael Schapira is an associate professor at the School of Computer Science and Engineering at the Hebrew University of Jerusalem, as well as the scientific co-leader of the Fraunhofer Cybersecurity Center at Hebrew University. He is at the forefront of research and development of the internet, his focus being on how to increase the performance of the internet, as well as address growing security concerns and making users less vulnerable to attack. We met Michael after a presentation he gave on Securing Internet Routing at Network Security Day at Bar Ilan University, and he agreed to an interview so that we could get some insight into what he does and address some questions that we had. Share
What does your research mainly consist of today?
Michael: From a performance perspective, the issues are piling up. Cloud computing, for example, presents a big challenge. The communication demands are growing at a very fast pace, and because the internet was designed in a very different era, we are seeing suboptimal performance. We are left having to catch up, to accelerate the internet and make it more secure. One of the biggest issues we face is that we cannot shut down the internet and replace it, as might be the best solution; a single solution that we can all adhere to. Our focus is really on coming up with solutions that address security and performance, are easy to deploy, and have a significant impact even in very partial deployment.
We have an exciting project going on in this area, a partnership with the Israeli Cyber Bureau and the German Cyber Bureau, which is looking at how a nation-state can defend itself against cyber-attacks when an external attacker attempts to hijack its traffic. This is one thing that we are actively promoting. Another project that we are working on now, which is performance oriented, is a partnership with researchers from University of Illinois Urbana-Champaign. This project is aimed at accelerating the internet by replacing the Transmission Control Protocol (TCP) technology, which would achieve internet performance that is a magnitude higher, without having to replace it (the internet). We’re looking to make the internet great again!
That sounds very exciting. This leads me to my next question, which is that of the Border Gateway Patrol (BGP). This is something you have researched extensively and from what I understand, a big security issue. Can you tell me when you are with that?
Michael: It is a huge problem, actually the biggest security hole that exists in the internet. Essentially, BGP is the glue that holds the internet together; it establishes routes from the different parts that make up the internet. Unfortunately, it was not designed with security in mind. Consequently, it is easy to launch attacks aimed at exploiting its weaknesses. For instance, from just about anywhere, one could shut down Amazon by hijacking traffic to or from it. There are many attacks that often go under the radar, and then there are more high profile attacks, such as the most recent one on Bitcoin, where a hacker was able to steal a large amount of money using BGP highjacking. Another was in 2010, when China Telecom rerouted a large fraction of Internet traffic by advertising false routing information into BGP. These are just two out of many incidences like this.
And it takes remarkably little knowledge to pull something like this off; you need access to a BGP router. Someone who has managed to hack into a compromised router can do a lot of damage. Several approaches for securing BGP have been proposed, but the problem with these approaches is that no one has the incentive to be the first, or the second or the third person to adopt such a solution, as it is such an undertaking and as this might not be worth the effort unless everyone else adopts. Identifying practical solutions to BGP’s alarming insecurity is a major focus of my research group.
Is being in Israel beneficial for your research? Conversely, is being far from Silicon Valley detrimental? As I remember, you spent some time in California.
Michael: I did spend quite a bit of time in the States, and part of my time in fact, was spent at Berkeley. I prefer to be in Israel, but I do certainly like to go back there, and I often do, for work. In Israel, there is a strong focus in both Academia and the industry on cybersecurity. Israel is quite small and very cyber-oriented, which is a big advantage for the bodies that aim to protect it from cyber attacks, such as the Israel National Cyber Bureau.
As for being away from the US, from Silicon Valley, it is not so much of a disadvantage. Securing the internet infrastructure is not something that lies within the jurisdiction one specific company; there is no one company that protects the internet. It is much more global. There’s definitely advantages to being in the U.S. as that’s where a lot of the activity is. A lot of the huge network operators are there, taskforce groups. There’s definitely an advantage in that respect. As I said, I do go back to the U.S, especially for the collaborative work that I do.
Is there a specific part of the world that you think is more security conscious?
Michael: I do not think it is specific to a certain area. I think that it has become an increasingly big issue all over the world. I think there are areas that are more privacy-aware, such as Europe. But overall, with the way things are now, it is very global.
Can you speak at all to the advent of quantum computers and whether they will make it easier to protect your privacy, or conversely, easier to hack into accounts?
Michael: This is not my area of expertise, but I can say that Hebrew University does have an extremely strong group in that area. There’s a large amount of research going on in the both the physics-related and other areas of quantum computing.
After reading one of your articles entitled Approximate Privacy, I came to the question of whether or not we will (or even have) reach the level of perfect privacy. Is that something that is attainable?
Michael: I think, theoretically speaking, it is possible. The problem is when theoretical machinery meets the real world, that’s where the challenges arise. It’s a question of “can it scale?” Can you actually use all of the theoretical cryptography and still maintain a reasonable speed? The other problem is human error. People make mistakes. So while a lot of the concepts are perceived as wonderful, something often goes wrong due to human error. So at this point, attaining what would be thought of as perfect privacy is an ambitious goal.
You teach high school level classes. With the growing threat of internet attacks, not just on companies, but on ordinary people, do you think it would be beneficial for high schools to have a mandatory course on internet protection measures?
Michael: Yes, I teach a course called “From Turing to Cyber” intended for gifted high-school children. The course covers how the Internet is built, step-by-step, from the bottom up, lingering on the algorithmic, architectural, and other conceptual questions each step entails. I also expose them to questions relating to security.
That being said, I am very ambivalent about the frenzy about teaching “cyber” in high schools. Time would be much better spent, in my view, learning mathematical and scientific foundations.
Michael’s presentation at Bar Ilan University’s Net Security Day: