Having spent the last 20 years in the telecom/ICT industry, I have recently come to become involved and very interested in Green IT or Green ICT. In fact I realise that as we focus on our efforts to migrate to NGN (Next Generation Networks) we have a great opportunity now to focus on NGGN (Next Generation Green Networks). Why should we be focusing on Green?Is it a feel good or Corporate Social Responsibility undertaking, or does it make sense today from a business fundamental sense. When researching for a panel at ITU Asia Telecom’08 in Bangkok which I chaired entitled “Going Green: Feel Good or Good Business”, here are some data I found along the way: - It is estimated that carbon emissions from the ICT industry alone exceeds the carbon output of the entire aviation industry-That whilst ICT consumes anywhere between 2-6% of the worlds energy, it emits 2-3% of Green House Gases (doubling every 5 years or quicker if you take broadband into consideration)-It is becoming known today that it costs more to power and cool equipment in datacentres than it is to purchase the equipment (i.e. OPEX is greater than CAPEX)-Some experts feel that there will not be sufficient energy to power about 50% of the data centres around the world by 2009-Idle ICT equipment still requires about 90% of energy required to power active equipment (annual costs of electricity in the US from idle PCs is $1.7 billion)-e-waste is a real problem (only 11% of electronics are recycled)-mobile networks in India alone require 2 billion litres of diesel to power up diesel power backup generators-more energy and environmental hazards are caused by the manufacturer rather than the operation of ICT equipment …and the list goes on.This sounds very depressing indeed and there is definitely a call for action globally. What is fortunate today is that it makes good business sense to Go Green (so our panel discussion concluded). Meanwhile, international metric and coordination is needed though for us to have meaningful metrics to compare Green ICT successes. (I will discuss this in a later posting) Whilst ICT is a culprit, it still only emits 2-3% of GHG. What is more exciting is its potential to help reduce GHG in other industries. It also is useful to assist with climate change monitoring and avoiding lost of lives. Thomas Friedman in his latest book (Hot, Flat and Crowded), talks about the coming together of IT and ET (Energy Technology). Inspired by all this and the workI have been focusing on over the last year or two, my next posts will be focuses primarily on this. So GetIT has gone Green IT!More to come later!Laina Greene check out my interview on TELECOMTV 
http://web20.telecomtv.com/pages/?id=ba36bdf8-5396-49e9-92df-66830d2a38b5&vidid=3215&view=video&page=1 �
October 15th, 2008
We all know about White Hats (Cyber Good Guys), Black Hats (Cyber Bad Guys), and Grey Hats (White Hats who skirt the edge of legality).
We’re missing a group. The three defined groups are all easily described by their economic motivations for doing what they do. But we have another group who are not easily defined - the Red Hats. Red Hats are groups motivated by politics. These groups have a stated political aim - Free Tibet - and will do what they need via the cyber world to achieve their goals. Since political agenda clash, we will often have Red Hat groups going against each other.
Red Hat groups use all means available - legal and illegal. The same group might at one time be doing something legal (working with law enforcement agencies) and the next moment doing something illegal (using SPAM to get hijacking malware on computers of their opposition).
So as we watch the Olympic 2008 Cyberwar progress (i.e. all the activity around Tibet and the Torch), be mindful that this is not a cyber battle between White, Grey, and Black Hats. It is a battle between Red Hats - Groups whose motivation is political.
April 13th, 2008
This week, we saw an indication of what could be massive disruptions on the Internet. Way back in 2002, I pointed out our continued vulnerability to prefix injection attacks - from intentional and unintentional insertions (see NANOG BGP Security Update). This weekend, we had the Pakistan Telecom Authority (PTA) order their ISPs to block access to YouTube - specifically addresses in 208.65.153.0/24. Blocking is not the problem. Leaking the prefix used to trigger the block is a problem. A problem which spread from one side of the Internet to the other.
While we have our dialog on NANOG and peers blog about the problem (Danny McPherson @ http://tinyurl.com/3y3pzl & Martin A. Brown @ http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml ), lets look at this from two angles. First, what is the immediate problem we need to resolve. Second, what is the real threat we need to worry about.
First, the immediate problem is simple. We had a censorship order to block access to an IP address. The SP in questions - Pakistan Telecom (AS 17557) - looks to have tried to do a BGP Shunt. When they did the BGP Shunt, they had two major mistakes:
- They did not add BGP Communities no-advertise and an extra BGP filter that can be used for a egress Murphy Prefix Filter.
- They did not have a Murphy’s Law prefix filter on their egress advertisements to their upstreams.
The consequence - 208.65.153.0/24 being leaked out to the Internet. That in turn had a consequence of all traffic to 202.54.153.0/24 going to AS 17557.
Action Plan for the Community - We need better documentation of how BGP Shunt is suppose to work. The problem is not the technique, nor is it clue. The problem is that we - the industry - do a poor job in communicating and empowering our peers through out the world how things really work. As a consequence, we get problems like this leak of YouTube’s routes.
Next - on the immediate problem thread - we have the upstream to AS 17557’s response. Here you have all this traffic heading down towards AS 17557, people calling their NOC, complaints coming from all over, so what do they do? PCCW (AS 3491) does not do the logical action - add to their ingress prefix filter on AS 17557 a simple line to filter out 208.65.153.0/24. No, instead, they unplug the customer.
Action Plan for the Community - Transit NSPs need to ingress filter the prefixes coming from their customers. This would allow them a tool to specific stop problems like this leak, with out unplugging them.
So, while the community start exploring the sBGP vs soBGP debate or how organizations should be using RADB tools, lets now loose sight of some quick simple tools which would help to mitigate this problem.
Now for the second problem ….. it is front page news that you can inject BGP prefixes from one side of the Internet and impact the entire Internet. Back in 2002, I was not drastically worried about this issue. Principle #3 of the current seven principles of the miscreant economy puts a behavioral check on the threat of using BGP prefix injection as a tool to massively disrupt the Internet (and the global IP NGN). Today, I’m worried. We have people out in the world who are increasing their skills. It would be feasible for a small group of people to grab a range of BGP speaking routers which have been violated and owned (i.e. someone as broken into them) to advertise BGP prefixes from all over the Internet. The result would not take out the Internet - but it would cause massive disruption. Massive disruption of the telecommunications system exacerbates a crisis - which is what you want if you want your terrorist attack to have a more impactions.
In other words, the press coverage of this BGP prefix leak is shining light on an attack vector which can cause some serious havoc during a period where people will need the Internet the most.
February 25th, 2008