Leonard Kleinrock & Vint Cerf on the Invention of the Web

CHRISTIANE AMANPOUR: Last month marked the 50th anniversary of this creation with the celebration on the UCLA Campus where it all began. Professor Leonard Kleinrock and his former student, Vint Cerf, now the vice president of Google, are known as the founding fathers of the Internet after they pioneered the technology that underpins it. Correspondent Miles O’Brien asked them to reflect on those early days and what they might do over knowing everything that we all now know.

MILES O’BRIEN: Fifty years ago, on this campus, not far from here, you were in the midst of something very significant. Just lay out what happened for people.

LEONARD KLEINROCK, DISTINGUISHED PROFESSOR, UCLA COMPUTER SCIENCE DEPARTMENT: So the idea of this network were to allow people in one computer to log on to a machine far away and use that machine as if they were a local user. So we created the network to allow them to connect. And on October 29th, 1969, we had two computers connected to this network. So we could test that process. Sit at one, log on to the other. So all we wanted to do was to log in. Now, we’re getting ready to do this but now wait a minute, this is a new technology. How we do know it’s working? So the two programmers at both ends of the network, they had a telephone connection just to make sure it’s going to work. To log in, you type L-O-G and that machine at the other end is smart enough to type the (inaudible). Took Charlie, type the L. Said get the L? Got the L. Type the O, get the O, got the O. Type the G, got the G, crash. It broken down. So the first message ever on the Internet was Lo. As in lo and behold.

O’BRIEN: So you don’t get any credit for thinking of that but it was pretty good —

KLEINROCK: Yes. It was accidental. We weren’t smart like Armstrong, giant leap for mankind. Those guys understood your world, the press, the media. We just — we didn’t even have a camera available.

O’BRIEN: There were three people in the room. That was it. No cameras. No nothing.

KLEINROCK: Down at our end, the programmer. Down at the other end, the programmer. I walked in while this was going on. We’re not a big deal.

O’BRIEN: The minute e-mail came by there, it changed very quickly.

VINT CERF, VICE PRESIDENT & CHIEF INTERNET EVANGELIST, GOOGLE: It showed up in ’71. And Ray had been –a lot of us had been using a timesharing system. You’ll be able to leave messages for people on the same timesharing system. Ray figured it out. Well, he said, you can send a file to another machine for a person on the other machine. And the question was, how did you say we’re going send this message and who to deliver it to? And so he said, oh, well, I need some characters to separate the user part from the host where the message is supposed to go. And he looked around on the keyboard and discovered the only character that wasn’t already used by all the other operating system was the @ sign so it was perfect, user@host and that’s how e-mail got structured and it is that way today.

KLEINROCK: Once it came on, though, within a few months, it took off a 75 percent of the network traffic. And we said oh my God, this is about people communicating and not about computers communicating. Instantly, the killer app was connecting people.

O’BRIEN: And you guys didn’t necessarily see that, did you?

KLEINROCK: No. I had a vision four months before the first message articulated everything and missed that totally.

O’BRIEN: We just came off of a long summer of Apollo 50 remembrances. Your event, of course at the time, in relative of security, and yet you could make a pretty strong argument that as it affects our daily lives, your event was much more significant.

KLEINROCK: Long-term effects, for sure. It took years, decades before it had the impact. But has a long-term life in front of it.

CERF: Well, that’s because we didn’t understand — I mean, sending a person to the moon is a very clear objective. There’s no question about the drama out of all that. The Internet today is not something that we had in our minds 50 years ago. And so it’s the inverse of what happened with the Apollo program. We started with a small capability and kept adding to it and experimenting and exploring. Until it burst on the scene in the form of the worldwide web.

O’BRIEN: What did you guys have in your mind in those early days?

CERF: Well, we imagined it would be used simple things like file transfer, like simple communication. But really in this testing —

KLEINROCK: Remote access. As I said, machine to machine, person to machine.

CERF: Remember, Harvard was funding research and so they had a dozen universities that were pursuing computer science and artificial intelligence. What they wanted was for rapid progress. So they said we want all of you to share your results, your software, your computing capabilities to advance to saving the earth as quickly as you could. So everybody was funded. So we didn’t hide anything from each other. We shared as much as we could. We were encouraged to do that.

O’BRIEN: Did you see it as a business though? I mean you’re putting MCI Mail on —

CERF: Yes.

O’BRIEN: — at that the time? RPNet then still or Internet?

CERF: No, Internet. Literally, we turned the Internet on in January 1983 and I started the MCI Mail program and MCI in December of ’82.

O’BRIEN: So you were at MCI. You were the first to bring a commercial enterprise to the Internet.

CERF: I didn’t —

O’BRIEN: You started this whole thing.

CERF: Well, wait, no, no, no. Don’t give me too much credit. First of all, the MCI Mail system got built in 1983 and launched. I left in 1986 to join Bob Kahn, my partner in the designing of the TCPI protocols. And while I was working with him, I got the idea that we should allow the commercial world to use the government-sponsored backbones to show to them that there was a business to be had. So I got permission then, that would have been 1988, to connect the MCI Mail system to the National Science Foundation backbone which is part of the growing Internet. That next year, in 1989, three commercial Internet services fire up. Two years later, Tim Berners-Lee releases the World Wide Web. And two years after that, the Mosaic Browser shows up, and everybody awakens to an Internet that looks like a magazine.

O’BRIEN: Given what we know about how the Internet has evolved, which you certainly could not have predicted 50 years ago. If it started today, clean sheet, to build the Internet as it is today, what would it look like?

KLEINROCK: I put at least two things early on. Strong user authentication so you can prove it’s you through the network. Strong file authentications so what you send me is what you claim you sent me. It’s not been altered. And had we done that in those early days, turn it off. And slowly let it turn on as the bad things begin to happen. That would have helped. Wouldn’t have solved the problem but it certainly would have been an underlying — it would have been built in, instead of trying to do a patch after the fact.

CERF: So I have to — I’m compelled to point out something. Each of you and your viewers have probably used the Internet one way or another today to do something useful. I have to point out despite whatever reforms you might want to argue about, this thing has had one enormous impact. And it’s useful, useful and used every single day at enormous scale. The problems of security are solvable. The problems of abuse and behaviors, that’s not a technical problem. That is the hardest one to solve.

O’BRIEN: That’s human nature. That is above your pay grade, even in the computer science lab, isn’t it? Well, here is a quick hypothetical. If you had constrained it more at the beginning, and if it was harder and there was more encryption and IDs and password challenges, would it have been a flop?

CERF: Keep in mind that the deployment scenario did not harm the general public. It involved the collection of people who basically trusted each other. We’re a bunch of nerds. Nobody wanted to wreck the net. We wanted to make it work. So for a very long time during this evolution, trust was built into the system. And, frankly, trust is still built into the system. Possibly needing additional reinforcement now, technical reinforcement and that’s happening. Technical mechanisms are being put into the net to defend against a variety of distrustful actions by some people.

O’BRIEN: You seem pretty optimistic. Are you as optimistic as that?

KLEINROCK: Not as optimistic. But remember, in those early days, the way we were funded, the way we supported our graduate students, it was a kind of philosophy we had which I’m going to articulate in one phrase, to delegate authority to trusted parties. And there were plenty of trusted parties. The government funded us that way. We funded our graduate students that way. But it was based on trust. And that trust now — once we got to the consumer world and general public, you don’t know who is out there. We assumed that initially we knew everybody on the Internet. They’re well-behaved. Once we got out there, we couldn’t control that and there were bad actors.

CERF: So there are three ways to deal with this problem. The first one is to build technical means to inhibit abusive behavior and sometimes people do that. HTPS, cryptography is one mechanism for doing that. Strong authentication is another. The second thing you can do is deploy what I’ll call post-hoc enforcement. We tell people, if we catch you doing this, there will be consequences. That’s what law enforcement is all about. The third thing you can do is to tell people don’t do that, it’s wrong. And that sounds wimpy until you realize that it’s like gravity. Gravity is the weakest force in the universe but if we have a big mass, it holds people on the earth and it holds the earth and orbit around the sun. In the social sense, if a large number of people adopt a set of norms for their society, that has a lot of social force to put people’s behavior into some sort of control.

O’BRIEN: Where we are right now, the landscape is not pretty. What happened along the way? Is it just simple as too much money, too much profit, and there are perverse incentives in the opposite direction?

CERF: No, I think it’s the fundamental problem that writing software is hard. Particularly, hard to write software that has no bugs. And in spite of the fact, we have 80 years of experience of writing software and programmers still make mistakes. So what we need, frankly, are better tools to discover the mistakes that we make before we release the software. Discover and implement ways of fixing the software after it’s been released, making sure that the updates come from the right places and they haven’t been altered on their way. If we don’t put in those types of constraints and we will live with increasingly, say, vulnerable equipment and that has to change.

O’BRIEN: So we built this essential case of infrastructure. We rely on it in so many ways. It makes our lives better in so many ways. But we build without any guardrails. There’s not a lot of rules out there. And given what the Internet has become, it concerns about privacy and how our lives are commoditized and sold for advertising dollars, is it time to start putting some guardrails out? Is it time to start regulating the Internet in some fashion given the size and power of these companies?

CERF: So, first of all, I don’t agree with your characterization that there are no guardrails. That’s just wrong. First of all, the Internet, as an enterprise, has a lot of different pieces to it. The protocols themselves are a form of guardrail because they constrain the behavior of the systems. So I would argue that there are pieces of control that are in there. I’m not disagreeing that there may be the need of additional regulation. That is not the point. The point is it hasn’t been — it’s not the wild west out there even though you might think it is.

KLEINROCK: So we have to get more constituencies engaged. For example, the users themselves are not participating in protecting themselves, not in with good password. But demanding things of the website’s service. When is the last time Facebook asked you for your privacy policy? They haven’t. They give you their privacy policy in a 20 or 30-page legal document you can’t interpret. And they say take it or leave it. It should be and is possible where you can articulate what you want in terms of can I have your contact data base, tracking your keystrokes, looking at your e-mail, et cetera. You identify what policy are you willing to have applied to you? And they should present in an easy-to-understand way what they’re doing, what they’re asking. And then you can try a match. And if it doesn’t match, you can try to negotiate and to either come to an agreement or walk away. But right now, you can’t even do that. That’s a good idea. So notice, we have our own terms of receiving service. And not only that, it’s a customized service. It’s to you. And I made the point that the website will say we can’t give a customized policy to everybody. Baloney, they’re already serving you ads customized to you. They’re spending that time.

CERF: So let me point out that you should go look at the Google privacy dashboard. Because we summarized all the information that we’re using for ads and we let you modulate what that privacy policy is and how it works across all of our products.

KLEINROCK: That makes you feel for Google but so many sites hide it —

CERF: I’m not — I just want to point out that this is not an impossible problem to solve.

O’BRIEN: But can we rely on the companies to do this unilaterally, though? I mean hats off to Google for doing that. But elsewhere, we don’t see this.

CERF: Well, the incentives for doing that will come. Either companies will get regulated or they’ll try to solve the problem before they get regulated.

O’BRIEN: Are they too big?

KLEINROCK: In some ways, yes. For one thing, it does prevent the new companies bubbling up. It’s an issue and it does prevent new innovation and breakthrough technologies. On the other hand, there are some winner take all systems here. It’s kind of natural systems. Search is an example. You go to a search engine that can crawl the most websites. Well, how do you deal with that as a giant company? Google tells us.

CERF: So I think the real answer is that there’s plenty of room for innovation. The scaling up is the side effect of the economy, the scale, and data center construction for one thing. These are the data centers, the more efficient they could be. So that’s one of the reasons you see such large companies. But there are multiple search engines out there. And there are multiple services out there and people are inventing new applications all the time.

O’BRIEN: So when you think about how it was formed, a government project funded by the Pentagon, purely in an academic environment, no money motivation. And how it evolved into what it is today, there’s a fair amount of irony there. Just a few comments on that evolution and that is at all possible.

KLEINROCK: Well, the big picture is we had this wonderful system which are altruistic, scientifically driven, and suddenly it became a place where you could buy detergent. And that’s been a disappointment. We could have predicted that have we thought about it. But it is where we are now. And the question is how do we deal with this dark side that we’re facing? Now, certainly it delivers lots of good. But it is a dark side that is emerging and it’s getting serious with the nation states, organized crime, and the extremist. And it’s no longer a juvenile behaving badly. It’s some serious players trying to do damage for a variety of reasons.

O’BRIEN: Want to add to that?

CERF: So first of all, I’m much more optimistic than Len is. And here’s why. First of all, a lot of the problems that are showing up are not technical problems. The problems have to do with human behavior and the way you deal with those is not necessarily technical. People need to be thinking a lot more about what they’re seeing and hearing. Not just on the Internet but in every other medium. Critical thinking is important. People are not doing enough of it. We need to help them with that. But I also feel I have to point out, as I think about the products and services that come out of Google. Think about the machine translation capability, think about the voice understanding capability, think about self-driving cars. I just took a drive in one of them the other day. Think about Google Maps. Think about all those applications and think about the amount of scientific data that is being exchanged all the time. Simulations and calculations that are being done, racing ahead. I see the Internet as, still, an extremely positive element in our society.

O’BRIEN: That’s the Internet we want. That’s not the Internet China wants.

KLEINROCK: That’s right.

O’BRIEN: So as we move forward, do we end up with two versions of the Internet? Does the controlled Internet win over what you just described? Where will it go?

KLEINROCK: I’m concerned not just two Internets but multiple nations putting boundaries around, you know, dozens. If that happens, it’s a serious blow to what we call the open exchanging Internet. You can’t get a certain information. You can’t reach certain people. And that would be a very serious blow. And how we recover from that might be very difficult. So it would take international groups to get together and agree and we know how hard that is.

CERF: Yes. I’m still of the belief that we can build and maintain a common system that works for everybody. But it is absolutely true that some of the governments, especially authoritarian ones, want to control what people have access to because they want them to not know about what is going on, either inside the country or outside the country. That’s a real problem. Some people call it the splinter net. And if that actually happens, if we end up with sovereignty inhibiting our ability to communicate freely, we will lose a lot of the benefits that we’ve seen and are possible with the Internet today.

O’BRIEN: Thank you very much for your time. And happy anniversary. Congratulations.

KLEINROCK: Thank you very much.