Can our Dear Leaders actually put a “kill switch” on the Internet?
No doubt, they’d love to. No doubt, if uber-authoritarian Joe Lieberman has his way, they’ll set up a plan to do exactly that. But is it possible? Or is this just more wishful thinking from powermad damnfools who believe the Internet is “a series of tubes”?
Denny Hansen, my editor at S.W.A.T. magazine, has asked me to write an article on that subject.
I have opinions. But they’re of the “everybody has one” variety. I have a little bit of knowledge. But I know this blog is read by people who have better opinions and more knowledge on technical matters than I. So mind if I pick your brains? I’ll gladly give credit in print (if you want it) to knowledgeable readers who offer solid info. Or opinions based on solid info.
I know the standard freedomista response is, “Ha ha, they can’t do it! The Internet is built to route around damage.” True, to a certain extent. But if the plan is to order ISPs, search engines, and other corporate site owners to shut down or shut off certain functions “in an emergency,” that’s a donkey of a different species. And what about URLs? Isn’t the ‘Net’s centralized naming system vulnerable to political tyranny and underhandedness? Sites have been kicked offline before simply by having their domain names abruptly de-registered, right? Couldn’t a government just do it, or order it done, en masse?
So, geek-genius readers, what would the effect on the ‘Net really be if the .gov decided it wanted to rule the ‘Net — “for the children” or “to fight the thread of global cyber terrorism” or to “halt domestic terrorists”? Would key sites simply move (or clone themselves) offshore to avoid being subject to political orders? Would too many of the Big Boys like Google yield to pressure? Is the whole idea of a “kill switch” simply bogus? Or would a kill switch be at least partly effective? Or would the fedgov, if it so wished, really shut down or cripple major functions?
If so, how would commerce be affected? How would you talk with your friends in China or Iran if a president ordered ISPs to stop accepting traffic to and from such places? And how would non-geeks function? I mean, I know you smart guys have a million ways to “route around” government damage; in that way, the old claim is true and glory hallelujah. But what about Jo and Joe average? Could their Divine Political Rulers really pull the “kill switch” on them?
Tell me. Tell the world. Tell the comments section, if you’re willing. Links to great sources appreciated. If you have serious expertise but you’d rather tell me your thoughts privately, just say so in the comments and I’ll contact you via email.
Many thanks!
I think they can “try” to shut down the internet. But the ever nefarious mind of man will find a way to make “alternate” communications happen.
Consider the situation as it exists in Bejing. Try as the government might, people keep putting up “mirror sites.” Of course this presupposes the internet continues to exist – but I think that is now “necessary” to the maintenance of our technological lifestyle.
I work for the Power Utilities. I was surprised to find that along with automation of hydroelectric power plants in the mid-90s, the company was also installing new state of the art communications systems to support and direct these automated systems. And you guessed it – they’re Internet based. Somewhere out there in cyberland, someone with the correct address can communicate with a head-gate in East Overshoe, ME and open or close the gate at his will.
And this is not to rule out “hacking” into these same systems. With computer driven search engines, it must be possible to ping all possible local addresses, and given enough time, take charge of that head gate remotely. Encryption helps but locks only keep the honest people out.
But the existence of these kinds of systems and crossover to our day to day world keep the Internet a “general” system. AND one the government can’t afford shut down wholesale and do without.
Well, they can be foolish enough to try. But they might as well try to shut down central grid electricity. The uprising would be fatal to our political if not social system.
They still rule with the consent of the governed. Without our assent, they have nothing. (and the basis for Ayn Rand’s landmark “Atlas Shrugged” which surprisingly, she didn’t bring to it’s full gravity or import – the book would have been truly a tome if she had!)
Joe
You are very correct about the Domain Name Service (DNS) [which translates the familiar URL names (www.backwoodshome.com) into IP addresses (67.220.221.97)] being vulnerable to government interference. Most of us, I presume, point to either our ISPs or a well known DNS server. Eliminate those and 99% (WAG) couldn’t figure out how to communicate. Sure rogue servers could pop up, but how would we learn about them? And as they become wide-spread they could individually be shut down.
http://www.isp-planet.com/research/rankings/usa.html claims that the top 5 ISPs have almost 1/2 market share. If they were convinced to shutdown wouldn’t the internet effectively be killed?
A shutdown of the top level DNS servers can be worked around by using caching and some clever programs. It wouldn’t be perfect but it would provide address lookups to places you visit regularly. It could also become the skeleton for a new DNS system if necessary.
While it is true the Internet is designed to route around trouble, it is also organized in a hierarchy both logically and physically. Here is a very simplified picture:
http://www.theshulers.com/whitepapers/internet_whitepaper/images/ruswp_diag5.gif
Once upon a time there were hundreds of “backbone” providers at the network layer. However, the increasing demand for bandwidth has whittled that down considerably so, while it may not be possible to “shut down” the Internet, it is possible to segment the backbone into dozens (hundreds?) of separate internets and from there sever each tier from the level above. It is true that modern routing protocols will try to work around the outages but these are rule based algorithms which makes them predictable. That predictability makes it possible to anticipate the system’s reaction and head ’em off at the pass — so to speak.
So my answer is a qualified “yes, it is possible.” However, considering how important the Internet is to modern life it would be a colossally stupid (or desperate) measure.
For one thing, note that they’re talking of shutting down “portions of the Internet.” Needless to say, the Internet goes way beyond the U.S., so the U.S. could try to control only parts of its cyberspace.
Second, go read the bill (I dare you 🙂 http://thomas.loc.gov/cgi-bin/bdquery/z?d111:s.03480: I’ve just browsed, very quickly, the “National Cyber Emergencies” section and I think they’re more concerned with protecting parts of the Internet that could be exposed from a “national security” perspective, e.g., leaks, than shutting it down in any significant manner.
Furthermore, shutting down large portions of the U.S. Internet, even if technically feasible, would be an economic catastrophe since so much commercial traffic depends on it.
They can certainly make a mess; that’s what government does. But several things would happen if any criminal, free-lance or uniformed, tried to kill the internet.
1) The would-be dictator would quickly learn that a lot of stuff that is important to HIM is disrupted. They would start patching around those areas, giving limited permission as required to keep up whatever criminal functions they want to keep working.
2) The internet would begin evolving at a furious rate. We see this in China where the Great Firewall causes an enormous flux of new websites to pop up and shut down. Other mechanisms would quickly evolve to work around the damage.
3) Quite a few million people would find their jobs disrupted. You think 75,000 oil rig workers in the Gulf can make a stink? What until 75 million people are sent home with no pay because their company can’t function and the banks can process paychecks. Blowback on steroids.
Thanks, guys. Excellent info so far.
But may I ask more about the possibility that the fedgov would want to cut off traffic or access in some limited, targeted way? I think that’s much more likely than any wholesale attempt to “kill the Internet.” What if, for instance, they tried to decree a halt to all incoming our outgoing traffic to some Enemy du Jour? Or tried to shut down all sites containing “hate speech”?
Joe in FL, appreciate the link to the legislation, which (sigh) I promise to read. From what I know so far, I think you’re right that the stated aim of the legislation is “protecting parts of the Internet that could be exposed from a “national security” perspective, e.g., leaks, than shutting it down in any significant manner.” But say, for instance, that they tried to shut down Wikileaks’ collateralmurder.com and every site that contained a copy of the videos or critical commentary about the videos.
Or what if they tried to “protect” every banking site in the country from attack — real or otherwise — using their centralized authority?
Or what if they ordered all search engines to “temporarily” quit responding to certain search terms? Or “temporarily” not include certain sites (e.g. Al Jazeera or LewRockwell.com or Wikileaks) in their search results?
What would be the result of even such a “limited” use of their power?
Please keep in mind that I am just guessing here.
I don’t think Government could “protect” every banking site in the country from attack — real or otherwise. The banks would have to rout every single internet transaction through servers controlled by government. Plus they would have to somehow cut every other tie to the web. That means no Blackberries, I-Phones, telephones etc. for the employees that can access anything outside without going through the Government servers. Not to mention placing all the employees under surveillance to prevent outside access. End result, the bad guys win because the banking system would be hobbled. The other option would be to have the banking system shut down all their servers to prevent the attack. End result, the bad guys win. Whatever way was taken to protect the banking system the banking system would be hobbled at the very least.
If they ordered all search engines to “temporarily” quit responding to certain search terms or “temporarily” not include certain sites (e.g. Al Jazeera or LewRockwell.com or Wikileaks) in their search results wouldn’t work since there are other search engines that are located outside the country. Not to mention the stored data on various servers that is out of the Governments control located around the world.
From what I know of the internet, I think that to shut down/control the internet would be like trying to kill a body one cell at a time. But in the case of the internet the cells are able to regenerate themselves many times faster than they are put down.
To understand this movement, it might be prudent to study modern Socialism with a quotation by a pioneer leader in the union labor movement of American, Samuel Gompers, on the subject of Socialism: He had this to say.
“I want to tell you socialists that I have studied your philosophy; read your works upon economics, studied your standard works, both in English and German…I have heard your orators and watched the work of your movement the world over; I have kept watch upon your doctrine for 30 years; have been closely associated with many of you, and know how you think and what you propose. I know too what you have up your sleeve – and I want to say that I am entirely at variance with your philosophy…Economically you are unsound; socially, you are wrong, and industrially, you are an impossibility.”
Contrast this with the statement of Norman Thomas, six time candidate for U.S. President on the Socialist Party ticket, who said:
“The American people will never knowingly adopt Socialism, but under the name of Liberalism, they will adopt every fragment of the Socialist program, until America will one day be a Socialist nation – without knowing how it happened.”
Which of these two men had the correct vision for our United States? Only time will tell. But, Norman Thomas’ statement should provide the incentive for knowing more about the nature of today’s modern Liberal movement in America!
Yep, it’s possible, and it would not be that trivial to route around. Speaking as someone that’s studied computer networking, if I wanted to kill the internet, I wouldn’t bother with ISPs, etc. I’d get the companies running the backbone to shut it all down first, THEN, if I had to, I’d shut down the ISPs, to get subnets. But honestly, if the backbones shut down, all you’d have left, at most, is the cable company’s subnets. As far as alternative routing methods, it *might* be possible, if everyone that wanted on the net were to do it, to build another one using shortwaves, and packet radio. But it’d be slower than the infancy, back in the 80s/90s. On the question of how to communicate with other people, say in Iran or China, cellphones, or 19th century tech, I guess
I’m getting you your blog a bit late so I will try and not repeat many of the earlier comments. I think the comments about China are very good because it gives a good example of what one country can do to control the internet. They can go a little ways, but never have complete control.
One point I did not see, is the fact that when DARPA invented the internet (sorry Al Gore) it was intended to be a war time communication network. If you take parts of the network out, it still functions just fine. From what I know about technology, they could never get a “kill switch” to shut down the internet. Maybe if it were a series of tubes….
Anyway, what they could do is go at the access providers and really easily cut off the nation’s ability to get on the internet. I get my internet service through Comcast. They have over 16 million internet subscribers. It is possible to cut them all with a few mouse clicks.
I have one odd personal story from being responsible for a Business Intelligence system a few years back. I had many servers setup in a cluster so if one machine died others took on the work load. I could write for days about all the contingency plans I had to write, test and administer. We had our main data facility in VA and a backup site in TX that I had to be able to get up and running in 24 hours. One day about 1pm the system died….just died. This is at the largest bank in the US and not just my system…NEARLY EVERY SYSTEM in the entire organization was gone. After lots of frantic calls, and diagnostics providing nothing the best we could guess was a nuclear bomb took out a large city in VA. Then it gets interesting. Two hours later everything comes back and works great. Everyone was very quiet about the situation and nobody would talk about what happened. The only answer was “its fixed now”. It took me a day of calling everyone I could to get to the bottom of it. That day the data center was having its fire inspection. A Fire Marshall was walking through the site and saw a switch on the wall. Not sure what it was, this guy pulled the switch. Nobody seemed to notice, and when everything in a data center stopped working they were too busy to figure it was something so stupid and so simple. If you asked me before this day of the largest bank in the country could be taken down with one switch I would have said “no way, never”. I have actually witnessed it and I am still amazed that it happened.
Anyway, back the the original question. As many of these providers keep buying out the competition and just getting bigger you find more people getting onto the internet through a smaller number of providers. If the FedGov can push its way into basically every telecommunication provider and do wiretaps, as they did after 9/11, they could assert the same authority on internet providers. I do believe they could shut down access for most of the US if they wanted to. A few well placed “switches” could go a long way to keeping people off the net.
There are already websites that are illegal, the government hasn’t found any effective way of shutting them down (think child porn sites and the like). Passing a new resolution won’t change their technological handicaps.
The ISPs are a vulnerability, especially for non-technogeeks. The government might be able to cut off certain areas just by cutting the data cables leading to them.
A technomoron here:
Why couldn’t key nodes, along with the blogging software sites used by the majority of folks (blogger, wordpress, etc.), simply be “asked politely” by the G to install filtering software a la the type used on certain public access points to “protect the children”?
I think that a ban based on the presence of one or more entries in a cloud of verboten keywords/key phrases such as “freedom”, “resistance”, “protest”, “guns”, “weapons”, “Claire Wolfe time”, “feed the hogs”, etc. would certainly be enough to curdle my milk.
Of course, there is the whole unintended consequences thing….oh, sorry, that phrase would be verboten also.
🙂
They presumably could shut down sites like collateralmurder.com individually, but their content could be easily rehosted on collateralmurder.is (Iceland) or many other sites.
I’m not sure what kind of “protection” the government could afford to banks. Financial institution sites already use SSL (what you see as https) and require logins by username and some use even more sophisticated authentication (e.g., a card with random number combinations that has to be used to respond to a random challenge before access is allowed).
As to ordering google.com, yahoo.com, etc., to filter certain content, I think that would have limited effect. People can easily switch to off-U.S. search engines. Yandex, in Russia, is the fourth most frequent “spider” that visits my site (and Baidu from China also comes often). While the yandex.ru homepage may look intimidating in Cyrillic, once you type a search term many/most of the results are in English: http://yandex.ru/yandsearch?text=claire+wolfe&lr=84 , And if such orders were given to U.S. search engines and their overseas affiliates, it would incentivize search engine development outside the U.S., to satisfy the demand.
Real quick, but somewhat late, observation to make:
Relatively recent advances in the Bit Torrent file transfer protocol have all but done away with some of the torrent trackers. This same technology could possibly be used to make it easier to get around any so-called “kill switch” that YoMama wishes he could implement.
If we look to the so-called “pirates”, they have advanced internet protocols to the point where their solutions could probably be effectively used to circumvent government interference… they’ve been working on similar problems for years.
I really want to give you a serious answer to this one, but all I can think of are witty retorts about what would happen when all the 4channers and the like are horribly pissed off and then forced to go play outside. 😉
Late to the party, but:
Freenet.
TOR.
Amnesia.
Thank you, all! I turned in the article today. Although it took a slightly different tack than I originally meant to take (more about what the feds intend than what is or isn’t possible), I used several bits from your comments and credited you all by your nyms. Hope that’s okay. If not, there’s still time to ask Denny (editor) to credit you differently.
G.W.F. — Too funny about somebody hitting that switch — and wouldn’t you just know it would be a “safety inspector” who’d do it?
Can’t stop the signal, Joe, and parabarbarian … good links. I used ’em all. Some in the article and some just for my own background.
> Can they really put a “kill switch” on the Internet?
What do you think a Windows virus is? It is a program, present in many of your bedrooms, that, for now, satisfies itself with maintaining its territorial dominance and sending phishing mail to steal any credit card number idiots will tell it. Tomorrow, maybe Windows reports your web browsing history for the duration of the emergency. I’m not claiming that all Windows botnets today are controlled by the KGB through cutouts. Crime isn’t that organized. But let’s imagine if one botnet with 100K victims in the DC area is bought by the KGB, and run for a year to see what interesting stuff it fishes up. Then suppose that around election time, all the PCs that routinely browse the opponent party web sites get slow and flaky.
> And what about URLs? Isn’t the ‘Net’s centralized naming system vulnerable to political tyranny and underhandedness? Sites have been kicked offline before simply by having their domain names abruptly de-registered, right? Couldn’t a government just do it, or order it done, en masse?
Single sites, sure, but not in bulk, why would they want to dismantle their spying apparatus? Much more useful to extort keys from encryption certificate companies that the browsers recognize, then sit in the middle of “secure” web site connections.
> So, geek-genius readers, what would the effect on the ‘Net really be if the .gov decided it wanted to rule the ‘Net
It already rules the net. More accurately, we can talk about the maximum price of illegal transaction it doesn’t bother to prosecute, and the trend for this price over time. Not paying sales tax on ebay garage sale stuff is currently probably safe. Griping about politics is probably safe, as long as no one organizes any anti-politics strategies which actually work, like truly anonymous forums which post announcements like “meet at midnight with pitchforks and torches to storm the castle”.
> Would key sites simply move (or clone themselves) offshore to avoid being subject to political orders?
Key sites like what? When a company goes public and issues stock, it promises to be a generic money-profit-making machine. Being a social justice reformer and giving up profits to move offshore and act weird gets you stockholder lawsuits. That’s a non-starter. It’s much more profitable to join the establishment, at least in the short term.
> Would too many of the Big Boys like Google yield to pressure?
AT&T has already been the subject of legislation to exempt it from liability for previously yielding to pressure. The big wires-in-the-ground companies are defense department assets, and were taken over by national command in the mists of time. Google made news playing footsie with the NSA to discover where cracking attacks were coming from. I doubt you’ll hear any more updates about the NSA@Google because it is all no doubt classified.
> And how would non-geeks function?
Non-geeks? You mean anyone who isn’t willing to read one of the Austrian economics primer books? They would meekly get on the boxcars, just like the German pacifist statist gun-fearing liberals did the last time.
> About DoubleClick, Inc.
DoubleClick is a premier provider of digital marketing technology and services. The world’s top marketers, publishers and agencies utilize DoubleClick’s expertise in ad serving, rich media, video, mobile, search and affiliate marketing to help them make the most of the digital medium. From its position at the nerve center of digital marketing, DoubleClick provides superior insights and insider knowledge to its customers. Learn more at http://www.doubleclick.com.
Companies like doubleclick.com (now owned by google) exist to record correlations between the web sites you visit and the activities you perform there. Imagine that you regularly surf to amazon, a sex toy retail site, a circus photography site, facebook, and a porn site. Imagine that all are signed up with doubleclick. Imagine that you buy a sex toy, check one person’s facebook profile for updates twenty times a day, and spend thirty minutes on the porn and circus sites. Doubleclick fetches its own cookie when you visit each site, and connects the dots. Now facebook knows who you’re doing the dirty with in a clown suit — or who you’d really like to, which is nearly as good. This is knowledge for which doubleclick probably charges a lot, unless you are LEO, for whom the Patriot act says companies must give access upon the claim of a genuine investigation. J. Edgar Hoover going on a fishing expedition for the president’s political enemies is a genuine investigation.
Meanwhile, most users use Windows and stay logged into all their online services at once, which maximizes the effectiveness of doubleclick-type approaches. Given this nearly mind-reading level of access, why do you think anybody at central services would want to turn it off? They don’t want to drive you back to buying porn and sex toys over the retail counter for cash, and meeting hookups face to face in a bar.
If you want to have even a modicum of Internet privacy: Delete Windows, switch to Linux. Encrypted root partition demanding a password at startup to protect against physical seizure. Cookies off, java off, javascript off, flash and flash cookies off. Images off to save on bandwidth on forums. Too many images are pictures of text, use text for text. “One if by land, two if by sea” doesn’t need an illustrated initial drop capital to accidentally contain your username “cwolfe” in the image comments from the drawing program. Comment on blogs using secure web pages over TOR to hide your IP address. Use an anonymizing web proxy to strip your “cwolfe” username from what the browser sends. Switch to blog hosts which are small enough they aren’t public companies, which are trivially mainstream LEO/lawsuit-vulnerable. Break the correlation connections between sites in your browser. Maybe you have a desktop with ten gigabytes of memory, run ten browsers under ten different usernames. Make the amazon-doubleclick browser unable to share cookies or information of any kind with the mental-militia-doubleclick browser. Do ALL of that stuff, and maybe you can blog “the king is a fink” without it being traceable back to you.
Good advice, anonymous — even for those of us who aren’t stalking facebook users to have sex while wearing clown suits.
And for those who don’t want to completely cripple their online experience … don’t turn cookies off completely, but allow them only selectively (through Firefox preferences) and delete them upon exiting the browser. Get NoScript to control JavaScript — and when setting your NoScript options never say yes to DoubleClick or its myriad clones. Use Better Privacy to allow, disallow, and delete flash cookies. All for Firefox, of course. And receive email only in text, not html.