Invert Metcalfe for Security

If you work in telecommunications, then you are familiar with Metcalfe’s Law, which states that the value of a network is proportional to the square of the number of connected users. This law has been used to justify the presumed axiom that bigger is always better in networking. A former FCC chairman cited Metcalfe’s Law as providing a useful foundation for understanding the workings of the Internet.

If you teach computer science (like I do), then Metcalfe’s Law is part of a lecture – a reliable one, in fact, because it combines several elements of flashy, modern instruction: A math formula, societal implications, and great PowerPoint visuals. Any students taking a Networking 101 course this coming semester will be trained to answer in their blue books that bigger networks are better.

Sadly, this is nonsense, of course – as anyone connecting a virus-infested PC to public WiFi will readily admit. Security engineers know that value comes not from potentialinteractions, but rather from desired interactions between users – hence the use of virtual private networks. With VPNs, we pay money to service providers to build more value onto a large network by creating smaller virtual ones.

Let’s illustrate the concept using filled glasses: If every node is viewed as a glass filled to the brim with value, then according to Metcalfe’s Law, network operators should always want more nodes. This does not account for the possibility that some node might be fake, or infected, or spreading of fake news. It instead suggests that value always grows with size - which leads, by the way, to some weird upper boundary conditions.

The Law also does not differentiate between amounts of value in the filled glasses, nor does it bother to acknowledge that network users will almost never directly enjoy the value in most glasses. Instead, it presumes that potential value is unleashed by new and possible network interactions. That person in Elbonia who just connected to the Internet might be your next customer on eBay – or so the Law teaches.

But we in the security field know that every glass is not filled to the brim with value. Our grouchy view is that every glass is filled with risk – albeit with some grains of value lurking along the bottom. Our view is that if the underlying value is sufficiently necessary, then we will grudgingly agree to accommodate an increase to our network, but always with the recognition that we've just tossed more crap in the soup.

Our preference instead is to view network additions as risk additions, because it is axiomatic in computing today that every computer on the planet is infected with something-or-other. So, every time a new node is added, it’s like squeezing that one extra person onto a crowded elevator. To push the analog along one more unpleasant step, it’s as if that new squeezed-in rider has bad hygiene. Ugh.

Now, just as Metcalfe’s Law does not differentiate between levels of nodal value, we will not differentiate between levels of nodal security, as in the difference between adding an infected PC or a protective firewall to a network. When we make this assumption, a cool new proposition emerges – one that I believe should be included in that Networking 101 class you are paying crazy tuition for. It goes like this:

Proposition: The security-adjusted value of a network is inversely proportional to the number of users on that network. According to this proposition, smaller networks might be better than larger ones, and doesn’t that seem a much better paradigm for budding network designers to absorb while their brains are being wired? The next step is to work examples and boundary conditions to see if this is a Law.

Give this some thought, and let me know what you think.