A Chat with Paul Vixie
Paul Vixie is an Internet Pioneer. Over the past 25 or so years, Paul has established himself as a respected internet elder. He is NOT the “father of BIND” but he IS the author of several standard UNIX programs (including vixie cron), a substantial contributor to the IETF, a founder of ISC (Internet Systems Consortium), an ARIN board member, a founding member of ICANNs SSAC and RSSAC, and much more. I had the privilege of asking Paul some Internet related questions recently, here’s how it went:
dp: How do you describe the Internet to someone who has never experienced it?
PV: For the nontechnical, I often describe the Internet as “humanity’s nervous system”.
dp: What was your first experience with a computer?
PV: 1976. Herbert Hoover Junior High School. TTY33 KSR. HP 2000/F Time Shared Basic.
dp: What was your first experience with the Internet?
PV: 1983. Guest access (via modem, probably 1200 baud) at U C Berkeley, 4.1C BSD, VAX.
dp: What was the first involvement you had with Internet technology development?
PV: 1984. Implemented screwball version of UUCP in VAX11 C on VAX/VMS 3.X, wired it up to VAXMAIL.
dp: What was the first involvement you had with Internet policy development?
PV: Root name server operator, 1995-ish.
dp: What has been, in your opinion, your most significant contribution to the Internet so far?
PV: Taking over maintenance of BIND 4.8 in 1989-ish.
dp: What is your biggest regret (so far), wrt your involvement with the development of the Internet?
PV: I made a huge mistake in 1991. I wanted to rewrite BIND completely, and come up with a more extensible and non-backward-compatible DNS protocol, using some new UDP port number (so, not 53). I mistakenly thought that the installed base was too large to accept such a change “at that late date”. I would have made wildcarding a client-side operation, and I would have done away with ASCII case folding. Which in turn would have allowed for DNSSEC and IDN at least ten years earlier than we got them, and in simpler forms.
I made another huge mistake in 1996-ish when I decided to fight spam using network reputation — that is, I started the first “realtime blackhole list” (RBL) and the company (MAPS). This not only caused me to become the most sued person I know, it also hardened the problems. I should have taken the MAAWG approach instead. Thank the living stars that MAAWG came along or the spam problem now would be much worse than it is.
Sort of a toss-up, don’t you think?
dp: How do you use the Internet today (favorite sites, applications, etc.)?
PV: Nothing special here. I run Windows 7 on my various computers. Firefox and Thunderbird are “my apps”. My favorite site is probably Google Calendar.
dp: What do you see as the next big thing for the Internet?
PV: The Internet is at this moment the principal battleground for the soul of human society. The young hairless apes of today are eager to trade their privacy to get more shiny objects, and Apple, Microsoft, Facebook, Google, and the others all know this. If television was the opiate of the masses, then the Internet is their crack cocaine. Against that backdrop, quite a lot of the Internet’s edge has become web-only which means that many the interesting new apps tunnel over HTTP.
So what I see as the next big thing for the Internet is what Dr. Suess in his book, Fox In Socks called “a tweetle beetle bottle puddle paddle battle muddle”.
dp: Where do you see the Internet taking us in 10 years?
PV: I think in the next 10 years that the Internet will finish killing off any entertainment or communications industry which does not fully embrace the Internet. By which time the old capital represented by those industries will have moved into the Internet industry in what I think will be a much fairer battle with new money. Innovation won’t exactly triumph but it will no longer be as suppressible. Privacy problems will get a lot worse, spurring legislative and regulatory action in more countries around the world. We won’t talk about “the Internet” as a distinct thing separate from human (meatspace) society any more.
dp: What are you working on today?
PV: Security. Since 2007 I’ve been working on smashing information silos and making it easier for network operators to share their security-relevant telemetry with all or at least many responsible interested parties. Today security companies can still compete based on how much they know about threats in real time, and so they compete on exclusive data sharing relationships with network operators. That’s a perceived good for the shareholders and employees of those security companies and perhaps for their customers, but is an actual and real good only for the bad guys. The ISC Security Information Exchange (SIE) aims to sweep all that away and align the interests of security companies, their customers, network operators, and the rest of us. See http://security.isc.org/ and especially https://dnsdb.isc.org/ for more details and examples.
dp: What should folks just getting into Internet technology be focusing on?
PV: Security and innovation. Security means, don’t write stupid code that allows remote exploits through integer underflows or buffer overruns, and don’t think that Java or PHP will save you from these or that you have to pay a huge runtime cost to get programmatic safety and correctness. Innovation means, don’t write silly Android apps that are nothing but a thin veneer around a web browser — try to find something new.
I’m answering this in terms of programming because the days of disconnected-mode programs are waning and I think that most Internet innovation is going to take the form of new programs, mostly mobile and thin computing.
Oh and one more thing — if you can focus on revenue while also foregoing closed platforms, do it. A world in which only one company controls the innovation flow through mobile devices would be Orwellian. Be open and choose partners who are open, unless buying food and paying rent means you have to compromise as a short term expedient before you go back to insisting on openness.
dp: What should folks just getting into Internet policy be focusing on?
PV: They should be worrying about whether the edge of the Internet can support new protocols, other than HTTP over TCP. They should stop worrying about any form of network neutrality having to do with traffic priority because that’s a business issue between network owners. The big game here is whether a provider can legally inject spurious TCP resets or whether a hotel disallows wide area UDP (thus breaking DNSSEC).
dp: Is there something out there that will dwarf the Internet (wrt impact on society)?
PV: No. Or rather, yes there probably is, but we will call it “the Internet” when it happens.
dp: Thanks Paul!
Are you an Internet Pioneer? Know of one I should chat with? Let me know!