Proposing more public RIPE Atlas data and clarifying the current situation
Dear colleagues, Sharing information about Internet performance is at the heart of collaborative efforts such as RIPE Atlas. Most of the RIPE Atlas probes and RIPE Atlas measurements are already public, and we'd now like to suggest opening up the publication of RIPE Atlas data further. We also want to clarify exactly what is and isn't public in the current system. We describe this in more detail in this RIPE Labs article, where we also ask for community feedback about our suggested plan to move forward: https://labs.ripe.net/Members/becha/proposing-making-ripe-atlas-data-more-pu... Our proposed plan is to make all *new* measurements and technical information about the *new* probes public from an agreed upon date in the future. We propose implementing this change in mid-April. All probes and measurements that were not marked "public" by April 2014 would remain non-"public". For a detailed description of what this means, please see the RIPE Labs article (above). Although we believe that having public measurement data contributes to the goal of RIPE Atlas, the RIPE NCC greatly values our users' privacy. We want to ensure you that we will continue to protect our probe hosts' personal information. We look forward to your feedback and comments on the MAT Working Group Mailing List. Regards, Vesna Manojlovic Senior Community Builder Measurements Community Building RIPE NCC
On 17 Dec 2013, at 12:23, Vesna Manojlovic <BECHA@ripe.net> wrote:
Dear colleagues,
Sharing information about Internet performance is at the heart of collaborative efforts such as RIPE Atlas.
Most of the RIPE Atlas probes and RIPE Atlas measurements are already public, and we'd now like to suggest opening up the publication of RIPE Atlas data further. We also want to clarify exactly what is and isn’t public in the current system. We describe this in more detail in this RIPE Labs article, where we also ask for community feedback about our suggested plan to move forward: https://labs.ripe.net/Members/becha/proposing-making-ripe-atlas-data-more-pu... [...]
We look forward to your feedback and comments on the MAT Working Group Mailing List.
Hello, Thanks for the initiative. I support this. Additionally, would it be possible to open the built-in measurements of public probes? (via REST API) Suppose, I am interested in analysing the latency to k.root-servers.net from probes X (public) and Y (public) specifically. I have 3 options: a) Search a UDM that is running this measurement on probe X and Y, and download that JSON data. b) Run my own UDM using probe X and Y. c) Fetch the RIPE’s in-built ping4 and ping6 measurements to k.root-servers.net for X and Y. a) is tedious. b) is what I would do now, however it not only consumes my credit, but also puts measurement load on X and Y, even though X and Y are already running this through RIPE’s in-built measurement. In addition, the timeline of your in-built measurement will be much richer than what I can achieve through a UDM. It would be great if I could make a REST call to fetch the richer dataset in c) Best, Vaibhav ----------------------------------------------------- Vaibhav Bajpai Research I, Room 86 Computer Networks and Distributed Systems (CNDS) Lab School of Engineering and Sciences Jacobs University Bremen, Germany www.vaibhavbajpai.com
Hi, On Tue, Dec 17, 2013 at 12:23:56PM +0100, Vesna Manojlovic wrote:
Our proposed plan is to make all *new* measurements and technical information about the *new* probes public from an agreed upon date in the future. We propose implementing this change in mid-April.
I'd support changing the default to "public", but I can't see a compelling reason why you would want to make *everything* public. What if I'm measuring something, where I know some bits of my network are broken but need to figure out the overall damage, that I don't want the competition and media to know (if they figure it out themselves, fine, but not handing it on a silver platter). Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Hi,
I'd support changing the default to "public", but I can't see a compelling reason why you would want to make *everything* public.
What if I'm measuring something, where I know some bits of my network are broken but need to figure out the overall damage, that I don't want the competition and media to know (if they figure it out themselves, fine, but not handing it on a silver platter).
I agree very much with this thinking. Personally I could live with non-public data becoming public a few days after the measurement, but if everything is public in realtime Atlas would lose a lot of its attractiveness as debugging tool. best, Gilles -- Fondation RESTENA - DNS-LU 6, rue Coudenhove-Kalergi L-1359 Luxembourg tel: (+352) 424409 fax: (+352) 422473
On Tue, Dec 17, 2013 at 01:28:21PM +0100, Gilles Massen wrote:
I agree very much with this thinking. Personally I could live with non-public data becoming public a few days after the measurement, but if everything is public in realtime Atlas would lose a lot of its attractiveness as debugging tool.
there are two aspects: 1) disclosure of the meaasurements and results I agree with Gilles and Gert that there is a difference between the results of measurements and the fact that something is measured right now and here. A publication delay seems the minimum to me, but for one off measurements in particular there might be reasons to not ever disclose them. 2) privacy of the probe host Maybe we need to work on "privacy considerations for probe hosts"; The ability to track the last 25 "connections" allows tracking the probe's IP address (maybe that's possible even easier?) and I'm not sure every host is aware of that. Opt-In is probably the very least we can do. -Peter
gilles.massen@restena.lu:
Hi,
I'd support changing the default to "public", but I can't see a compelling reason why you would want to make *everything* public.
What if I'm measuring something, where I know some bits of my network are broken but need to figure out the overall damage, that I don't want the competition and media to know (if they figure it out themselves, fine, but not handing it on a silver platter).
I agree very much with this thinking. Personally I could live with non-public data becoming public a few days after the measurement, but if everything is public in realtime Atlas would lose a lot of its attractiveness as debugging tool.
Agreed. ... and I would add that I don't want DDoS culprits to be able to use Atlas as a real-time assessment tool of the effectiveness of their attacks. (Maybe they can already, but let's not help them more.) Publishing delayed data is better. Cheers, /Liman #---------------------------------------------------------------------- # Lars-Johan Liman, M.Sc. ! E-mail: liman@netnod.se # Senior Systems Specialist ! Tel: +46 8 - 562 860 12 # Netnod Internet Exchange, Stockholm ! http://www.netnod.se/ #----------------------------------------------------------------------
On Wed, Dec 18, 2013 at 02:15:17PM +0100, Lars-Johan Liman <liman@netnod.se> wrote a message of 31 lines which said:
... and I would add that I don't want DDoS culprits to be able to use Atlas as a real-time assessment tool of the effectiveness of their attacks.
I do not see the relationship between this requirment and the discussion about the proposed new policy. If I run a dDoS, I can run the Atlas tests too (there is not process to filter out the bad guys...), I would not rely on other people's measurements.
On Tue, Dec 17, 2013 at 01:28:21PM +0100, Gilles Massen <gilles.massen@restena.lu> wrote a message of 24 lines which said:
I could live with non-public data becoming public a few days after the measurement,
One of the goals of the new policy is to simplify the Atlas code and documentation. What you suggest would add new code and complexity.
On 23/12/2013, 17:19 , Stephane Bortzmeyer wrote:
I could live with non-public data becoming public a few days after the measurement,
One of the goals of the new policy is to simplify the Atlas code and documentation. What you suggest would add new code and complexity.
Over making everything public, certainly. Compared to the current public/private distinction the additional complexity looks negligeable (naively I'd say replace the private flag with a timestamp that will expire - added complexity: one cron job, and a few queries to adapt). However it would meet the other goal: make all data public and thus avoid duplicate jobs. Anyway, making jobs private (forever or temporarily) means a lot to me, and so I would be willing to tolerate quite some complexity (I know that I'd hardly feel the cost personally...) Best, Gilles
On Mon, Dec 23, 2013 at 6:55 PM, Gilles Massen <gilles.massen@restena.lu>wrote:
Anyway, making jobs private (forever or temporarily) means a lot to me, and so I would be willing to tolerate quite some complexity (I know that I'd hardly feel the cost personally...)
I host a probe because I believe Atlas is a valuable tool for the *community*. I do not host a probe to help you to debug your network and/or to keep the data for yourself. Keeping the results public will make sure Atlas does not become a cheap monitoring solution for enterprises only. Thanks, Pierre.
On 23/12/2013, 19:09 , Pierre Blanchet wrote:
I host a probe because I believe Atlas is a valuable tool for the *community*. I do not host a probe to help you to debug your network and/or to keep the data for yourself.
We have been hosting a TTM Box for years and have now several probes and an anchor - because we believe in the tool, not in the return of investment. Atlas does have two sides though: it is the RIPE NCC membership and the sponsors that are footing the bill, but it will not work without the community at large helping to host probes. I see no reason for Atlas not to be able to accommodate those (overlapping) groups.
Keeping the results public will make sure Atlas does not become a cheap monitoring solution for enterprises only.
"temporarily" was the keyword. Besides, the credit system is well taking care of the 'cheap'. And as long as it's called the *Inter*net, I want it to be debugged and to work. Even the purely commercial parts. Best, Gilles
Hi, On Mon, Dec 23, 2013 at 07:09:34PM +0100, Pierre Blanchet wrote:
On Mon, Dec 23, 2013 at 6:55 PM, Gilles Massen <gilles.massen@restena.lu>wrote:
Anyway, making jobs private (forever or temporarily) means a lot to me, and so I would be willing to tolerate quite some complexity (I know that I'd hardly feel the cost personally...)
I host a probe because I believe Atlas is a valuable tool for the *community*. I do not host a probe to help you to debug your network and/or to keep the data for yourself.
Well, we host an Atlas Anchor, which we paid for ourselves, so we can use this for diagnosing problems in our network - and which we are happy to see used by other folks to improve their networks. I don't particularily care for *your* probe, for which you didn't pay anything...
Keeping the results public will make sure Atlas does not become a cheap monitoring solution for enterprises only.
Forcing all results to be public will result in Atlas not being used for things people will not want to see public, and *that* is quite likely to result in people that are going to invest more into Atlas than "yeah, give me a probe for free!" to, well, *not* invest. Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
+1 On 12/17/13 6:54 AM, "Gert Doering" <gert@space.net> wrote:
Hi,
On Tue, Dec 17, 2013 at 12:23:56PM +0100, Vesna Manojlovic wrote:
Our proposed plan is to make all *new* measurements and technical information about the *new* probes public from an agreed upon date in the future. We propose implementing this change in mid-April.
I'd support changing the default to "public", but I can't see a compelling reason why you would want to make *everything* public.
What if I'm measuring something, where I know some bits of my network are broken but need to figure out the overall damage, that I don't want the competition and media to know (if they figure it out themselves, fine, but not handing it on a silver platter).
Gert Doering -- NetMaster -- have you enabled IPv6 on something today...?
SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
Dear colleagues, Three weeks ago, the RIPE NCC published a clarification about the current state of RIPE Atlas public measurement data and the privacy of probe data. We also proposed making some changes to the current situation. There has been some lively discussion about our proposal to make the probe and measurement data public for new and existing users starting at a future date. Most comments did not support this proposal. Some people are in favour of keeping the situation as it is (i.e. making it possible to opt out of making your measurements public), while others proposed an alternative solution of delaying the publication of measurement data for a day (or a week). We'd like to hear more opinions, either for or against any of these proposals, including your motivation or the use case you have in mind. Please take part in the discussion on the mailing list. We will consider your input and come up with an updated proposal in February. Regards, Vesna Measurements Community Building RIPE NCC On 17-dec.-13 12:23, Vesna Manojlovic wrote:
Dear colleagues,
Sharing information about Internet performance is at the heart of collaborative efforts such as RIPE Atlas.
Most of the RIPE Atlas probes and RIPE Atlas measurements are already public, and we'd now like to suggest opening up the publication of RIPE Atlas data further. We also want to clarify exactly what is and isn't public in the current system. We describe this in more detail in this RIPE Labs article, where we also ask for community feedback about our suggested plan to move forward: https://labs.ripe.net/Members/becha/proposing-making-ripe-atlas-data-more-pu...
Our proposed plan is to make all *new* measurements and technical information about the *new* probes public from an agreed upon date in the future. We propose implementing this change in mid-April.
All probes and measurements that were not marked "public" by April 2014 would remain non-"public". For a detailed description of what this means, please see the RIPE Labs article (above).
Although we believe that having public measurement data contributes to the goal of RIPE Atlas, the RIPE NCC greatly values our users' privacy. We want to ensure you that we will continue to protect our probe hosts' personal information.
We look forward to your feedback and comments on the MAT Working Group Mailing List.
Regards,
Vesna Manojlovic Senior Community Builder Measurements Community Building RIPE NCC
I'm in favor of keeping the option to have a measurement be private. As is. Thanks
Op 9 jan. 2014 om 16:22 heeft Vesna Manojlovic <BECHA@ripe.net> het volgende geschreven:
Dear colleagues,
Three weeks ago, the RIPE NCC published a clarification about the current state of RIPE Atlas public measurement data and the privacy of probe data. We also proposed making some changes to the current situation.
There has been some lively discussion about our proposal to make the probe and measurement data public for new and existing users starting at a future date.
Most comments did not support this proposal. Some people are in favour of keeping the situation as it is (i.e. making it possible to opt out of making your measurements public), while others proposed an alternative solution of delaying the publication of measurement data for a day (or a week).
We'd like to hear more opinions, either for or against any of these proposals, including your motivation or the use case you have in mind.
Please take part in the discussion on the mailing list.
We will consider your input and come up with an updated proposal in February.
Regards,
Vesna Measurements Community Building RIPE NCC
On 17-dec.-13 12:23, Vesna Manojlovic wrote: Dear colleagues,
Sharing information about Internet performance is at the heart of collaborative efforts such as RIPE Atlas.
Most of the RIPE Atlas probes and RIPE Atlas measurements are already public, and we'd now like to suggest opening up the publication of RIPE Atlas data further. We also want to clarify exactly what is and isn't public in the current system. We describe this in more detail in this RIPE Labs article, where we also ask for community feedback about our suggested plan to move forward: https://labs.ripe.net/Members/becha/proposing-making-ripe-atlas-data-more-pu...
Our proposed plan is to make all *new* measurements and technical information about the *new* probes public from an agreed upon date in the future. We propose implementing this change in mid-April.
All probes and measurements that were not marked "public" by April 2014 would remain non-"public". For a detailed description of what this means, please see the RIPE Labs article (above).
Although we believe that having public measurement data contributes to the goal of RIPE Atlas, the RIPE NCC greatly values our users' privacy. We want to ensure you that we will continue to protect our probe hosts' personal information.
We look forward to your feedback and comments on the MAT Working Group Mailing List.
Regards,
Vesna Manojlovic Senior Community Builder Measurements Community Building RIPE NCC
gboonie@gmail.com:
I'm in favor of keeping the option to have a measurement be private. As is.
+1 Cheers, /Liman #---------------------------------------------------------------------- # Lars-Johan Liman, M.Sc. ! E-mail: liman@netnod.se # Senior Systems Specialist ! Tel: +46 8 - 562 860 12 # Netnod Internet Exchange, Stockholm ! http://www.netnod.se/ #----------------------------------------------------------------------
hi Vesna, all, Another potential way to resolve the tension between public and "private" policies would be to allow each probe host to decide which of their probe(s) are available for non-public* measurements. Here, each probe has a "public-only bit". Probes with the public-only bit cleared can be used for public or non-public UDMs, and generate credits which can be used for public or non-public UDMs. Probes with the public-only bit set can only be used for public UDMs, and generate credits which can only be used for public UDMs. Probes default to having the public-only bit cleared; this allows probe hosts to opt out of allowing their probes to be used for non-public UDMs, but at the expense of being able to do non-public UDMs themselves. This arrangement would allow the whole community to decide for itself, in a decentralized manner. It would also require a bit of redesign, but so would measurements that would remain non-public for some escrow period. There are probably details I'm missing. For one, if we're going to allow non-public UDMs at all, all the anchors probably have to have their public-only bit cleared, otherwise the core of the network fragments. The default measurements for all probes must be public in all cases, as well. * I use "non-public" here as opposed to "private" intentionally, because the very notion of "private measurements" on a widely distributed volunteer active measurement network is somewhat dubious. It's trivially easy to find out what an Atlas probe is doing if you have access to the network it's on, so your measurements and results are leaking to a set of probe hosts even in the case of a some bit being set in the database. You cannot know the degree of collusion among Atlas probe hosts, so using the term "private" here gives an inaccurate impression of who can know what about non-public. If it's actually important that you can control who knows what about the measurements you're doing, what you want is a different architecture than Atlas provides. A non-public measurement is simply a measurement which can be later redacted from certain views of the database. And in the interests of disclosure, I'm one of the freeloading research types, so of course I want everything to be eventually public, and in return I agree not to care who knows that v6 connectivity to my web host could be better (https://atlas.ripe.net/atlas/udm.html?msm_id=1402190#!tab-probes1402190). I do large-scale, long term work, so it's less important to me that I can see all of today's UDMs today, and more important that I can see all the measurements from 2012 to 2017 in 2017, so a user-definable embargo period for UDMs would be a good solution too, if that addresses business-sensitivity concerns. Cheers, Brian Vesna Manojlovic wrote:
Dear colleagues,
Three weeks ago, the RIPE NCC published a clarification about the current state of RIPE Atlas public measurement data and the privacy of probe data. We also proposed making some changes to the current situation.
There has been some lively discussion about our proposal to make the probe and measurement data public for new and existing users starting at a future date.
Most comments did not support this proposal. Some people are in favour of keeping the situation as it is (i.e. making it possible to opt out of making your measurements public), while others proposed an alternative solution of delaying the publication of measurement data for a day (or a week).
We'd like to hear more opinions, either for or against any of these proposals, including your motivation or the use case you have in mind.
Please take part in the discussion on the mailing list.
We will consider your input and come up with an updated proposal in February.
Regards,
Vesna Measurements Community Building RIPE NCC
On 17-dec.-13 12:23, Vesna Manojlovic wrote:
Dear colleagues,
Sharing information about Internet performance is at the heart of collaborative efforts such as RIPE Atlas.
Most of the RIPE Atlas probes and RIPE Atlas measurements are already public, and we'd now like to suggest opening up the publication of RIPE Atlas data further. We also want to clarify exactly what is and isn't public in the current system. We describe this in more detail in this RIPE Labs article, where we also ask for community feedback about our suggested plan to move forward: https://labs.ripe.net/Members/becha/proposing-making-ripe-atlas-data-more-pu...
Our proposed plan is to make all *new* measurements and technical information about the *new* probes public from an agreed upon date in the future. We propose implementing this change in mid-April.
All probes and measurements that were not marked "public" by April 2014 would remain non-"public". For a detailed description of what this means, please see the RIPE Labs article (above).
Although we believe that having public measurement data contributes to the goal of RIPE Atlas, the RIPE NCC greatly values our users' privacy. We want to ensure you that we will continue to protect our probe hosts' personal information.
We look forward to your feedback and comments on the MAT Working Group Mailing List.
Regards,
Vesna Manojlovic Senior Community Builder Measurements Community Building RIPE NCC
On Thu, Jan 09, 2014 at 04:22:48PM +0100, Vesna Manojlovic <BECHA@ripe.net> wrote a message of 71 lines which said:
There has been some lively discussion about our proposal to make the probe and measurement data public for new and existing users starting at a future date.
I personally support the proposal (to make measurements public by default). I believe that the Atlas network is built for the public good and probe hosters would probably feel better if all the measurements performed were public. If some people want to do private measurements, they should use private systems. I understand the issue raised by Gilles Massen and Peter Koch (knowing that Acme corporation pings something.acme.com means there is a problem which may be an useful info for Acme's competitors) but I don't believe that intelligence agencies and private eyes will actually poll the Atlas database to see if there are interesting measurements going on, they have certainly better things to do. I have nothing against variants such as "only Atlas sponsors may request private measurements" [disclaimer: my employer is a sponsor] or "private measurements will become automatically public after N days" but, since one goal of the new proposal is to simplify the code, I wonder if they are worth the extra complexity. PS: is there a way to query the list of measurements with criteria such as "find me all the measurements involving something.acme.com and made in december 2013?" I don't think so. Such a search engine would be very useful for long-term analysis. On the other hand, it would increase the fears of spying.
participants (12)
-
Bajpai, Vaibhav -
Brian Trammell -
Dario Ciccarone -
dave -
Gert Doering -
Gilles Massen -
Lars-Johan Liman -
Peter Koch -
Pierre Blanchet -
Randy Bush -
Stephane Bortzmeyer -
Vesna Manojlovic