If Someone Is Testing Ways To Take Down The Internet, Perhaps It's Time To Build A Stronger Internet
from the let's-get-it-done dept
There’s been a lot of buzz over respected computer security expert Bruce Schneier recently talking about how someone, or some organization, or (most likely) some state actor, is running a series of tests that appear to be probing for ways to take down the entire internet. Basically, a bunch of critical infrastructure providers have noticed some interesting attacks on their systems that look like they’re probing to determine defenses.
Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.
The attacks are also configured in such a way as to see what the company’s total defenses are. There are many different ways to launch a DDoS attacks. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they’ve got to defend themselves. They can’t hold anything back. They’re forced to demonstrate their defense capabilities for the attacker.
This article is getting a collective “oh, shit, that’s bad” kind of reaction from many online — and that’s about right. But, shouldn’t it also be something of a call to action to build a better system? In many ways, it’s still incredible that the internet actually works. There are still elements that feel held together by duct tape and handshake agreements. And while it’s been surprisingly resilient, that doesn’t mean that it needs to remain that way.
Schneier notes that there’s “nothing, really” that can be done about these tests — and that’s true in the short term. But it seems, to me, like it should be setting off alarm bells for people to rethink how the internet is built — and to make things even more distributed and less subject to attacks on “critical infrastructure.” People talk about how the internet was originally supposed to be designed to withstand a nuclear attack and keep working. But, the reality has always been that there are a few choke points. Seems like now would be a good time to start fixing things so that the choke points are no longer so critical.
Filed Under: attack, bruce schneier, cybersecurity, internet, vulnerabilities
Comments on “If Someone Is Testing Ways To Take Down The Internet, Perhaps It's Time To Build A Stronger Internet”
I wouldn’t put it past the NSA. They want to make sure they have more control then those commie bastards!
They want to make sure they have more control then those commie bastards!
Which Commie bastards would that be. The Soviet Bloc was finished 25 years ago – and the Chinese stopped most actual communist policies even longer ago than that – turning itself into a big version of Singapore.
Are Cuba and North Korea a serious threat?
Re: Re: NSA?
North Korea isn’t communist anymore. Their 2009 constitution dropped references to communism.
Given the magical powers attributed to its hereditary rulers, it might be described as a theocracy.
Re: Re: NSA?
The USG has always been at war with Easta- I mean communis- I mean terrorism.
So, nerd harder is a thing.
I would think something like P2P would be a way to distribute some things. However, the MAFFIA’s would have a conniption that would make global nuclear war seem like a mild summer shower.
Re: Distribution option
Without IPv6 (to get enough addresses), and fixed IP addresses for fixed connections, peer to peer requires some centrally managed address resolution protocol, and that can be attacked.
Re: Re: Distribution option
And here’s your solution. We’ve been migrating to IPv6 for 20 years. Most of IPv4 address space is now exhausted.
For Internet-facing traffic, it’s time to move from IPv4 to IPv6, and leave IPv4 for the LAN. What I mean here is that the Internet backbones have to fully drop IPv4, such that beyond BGP, everything’s IPv6. If you want to continue using IPv4 over the Internet (many devices have no choice), you stick a tunnel in front and expose an IPv6 interface.
This alone will clear up many of the current issues with Internet choke points. The other issues are physical, and the only real way to route around them is to build out the infrastructure. Not having to route IPv4 packets however would enable the built out infrastructure to scale much better, and reduce saturation potential at the switches.
Re: Re: Re: Distribution option
The other advantage, from a security viewpoint, is that their are enough IPV6 addresses to allocate every person, and company an at least IPV4 sized address block. That make scanning the IPv6 Internet for connected devices much harder.
Re: Re: Re: Distribution option
The problem (in a nutshell) for IPv6 is the same as why IPv4 not only saturated, but why the world is eat-up (and I mean SATURATED) with subnets now, and that is SECURITY PROBLEMS!
With IPv4, you don’t have enough nodes…I mean, you saturated in the single-digit billions, just not enough ‘phone numbers’ for all those phones (that we thought we’d never use). Add in cast-off numbers (Little Jimmy was playing games online, until he posted his IP online, now when he turns his computer on, it gets hacked instantly), as a result we (the ‘parents’) made the cable company give us a new IP. Irresponsibility led to DHCP from provider (wasn’t always like this), which led to eventual subnetting and port controls (you can’t run a website from home, when your IP is 192.168.x.x from your provider).
Now, in one breath, you’re going to give ‘ole granny’ a real IPv6 number, that’s live on a ‘bigger world backbone’, never explain to her what this means for her in terms of world ‘exposure’, and expect this to ‘end up ok?’.
This sounds more like a plan from the NSA to see EVERYONE’s home data, more than it is to build a ‘better, stronger internet’, but then again, I’ll bet you really liked the idea of ‘cloud computing’ a few years ago, too.
> …it’s still incredible that the internet actually works. There are still elements that feel held together by duct tape and handshake agreements.
That’s not necessarily a bad thing.
Demand a stronger internet and governments will build it based solely on input from corporations and intelligence agencies. You’ll get a internet designed by the RIAA, MPAA and NSA. With a Great Firewall of China baked in for EVERYONE.
You’ll be replacing a potentially unreliable internet with one unreliable by design.
Re: Demand a stronger (I)nternet
“and governments will build it based solely on input from corporations and intelligence agencies. You’ll get a internet designed by the RIAA, MPAA and NSA.”
So basically Comcast.
Roger, this is EXACTLY how Windoze became the ultimate ‘malware-impersonating-an-OS by design’ software, ever! Sheep input, Pro-design, Government-oversight with a touch of Orwellian-fulfillment, for flavor.
As distributed as you make things, it’s always going to be a thousand times easier to just distribute the attack a little more.
Of course i can’t wait for the feds to identify who is doing this and charge them accordingly. It would be stunning to see some laws and and power applied to something that is actually harmful and wrong on the internet.
“Of course i can’t wait for the feds to identify who is doing this and charge them accordingly.”
That makes two really big assumptions. 1) That the feds don’t already know who is doing it and 2) that is isn’t the feds themselves doing it.
I would say that NSA is pretty high on the list of possible suspects. The others on the list like China and Russia… Well, we are not very likely to call them on it. Even if we do call them on it, it is not like we really have the power to stop them.
Re: Re: Re:
I think the only possible ‘real’ culprit is one of 3-nations’ clandestine services. No other could pull this off, and it is highly unlikely it is any but our own, to be able to do configured DDoS attacks regularly.
This is where the average ‘sheep’ says, ‘but why in the world would our government do such a terrible thing?’
Easy – because if they can determine exactly what it takes to bring down the internet (just like they already know and have ability to bring down the nation power grid), then they not only know what it would take for an enemy to take it down, but what they must be prepared to do if THEY have to take it down. Why do they need this knowledge? Well, they’ve already idealized the ‘People’ as the ‘biggest enemy’, planned for ‘continuity of government’, and so much more. Why not plan to cut your vocal cords, so you can’t cry out, can’t plot against them or share intelligence?
Tactically, it’s quite an obvious choice. What were you thinking?
Re: Re: Re: Re:
It’s not a question of whether or not our government would do something “terrible”, it’s a question of whether it would do something that would significantly hobble its own operations. Do you think the NSA becomes more capable of maintaining its surveillance network if it takes the Internet down?
Our government doesn’t want to stop you from getting on Facebook. Just the opposite. The Internet is the most valuable spying tool that the governments of the world have, and populations’ willing participation is exactly the thing that helps them to spy on those populations.
I don’t disagree with your premise that the US government may be responsible for these probes. I just disagree with your assessment of its purpose in doing so.
LoL. Call the world police and arrest a government agency in country x!
Good luck, have fun. 🙂
Re: Re: Re:
Call the world police
Oh it’s easy. Just blow up “The Nexus” in Oslo, Norway. Apparently this is a central hub through which all internet traffic in the world flows.
I’ll get my coat.
I have been thinking for the last several years that the internet is due for a major change. The mass spying going on around the world made me think that. Then also seeing how countries love turning off the internet to try and deal with revolts only makes that feeling stronger.
People need a communication platform that is out of the reach of governments.
In other words sneakernet, as demonstrated by the Cubans
Re: Re: Re:
It’s called ‘peer-to-peer’ networking, and you’ll be hacked in 2-minutes and crashed in 3.
See, the problem with ‘non-government peer-to-peer’ is that the slime of society don’t value a network, are challenged by crashing it, have no intent to build a network, want to infect any network they stumble on, and consider it their personal life goal to crush any who would dare lock them out of administrative rights.
Not only is your government working against you, but you have slime amongst you that says ‘when it falls, it will never return’.
Re: Re: Re: Re:
Sneaker net is a peer to peer network, but without relying on a medium controlled by other to carry your data, and given the capacity of micro SD cards, (much safer than thumb drives as they cannot pretend to be keyboards etc.), an have a high bandwidth, but with a high latency.UUCP, and FidoNet provide code for handling bulk data transfers over intermittent connections. Such techniques for communication require the skills of letter writing, which leads to a more considered conversation.
Re: Re: Re: Re:
Aside from your misunderstanding of what a sneakernet is (it’s a network where transmission is handled by people physically transporting physical media — sneakers as in walking shoes, geddit?), we’ve seen some examples of pretty robust peer-to-peer networks. Tor has its flaws, but it’s proven to be remarkably resilient and safe. Freenet’s been around for ages too.
It’s not that there aren’t bad people doing bad things on these networks; of course there are. And it’s not that they’re invulnerable, either; a lot of infrastructure is concentarted in a few hands, and if a single large provider leaves the network (either voluntarily or by being forced), that can have a significant impact on everybody who uses them. But the former is a problem on the plain ol’ client-server Internet that most everybody uses, and the latter is a matter of scale that would become less of an issue as more devices joined the network.
Fine! I’ll go make my own internet with blackjack and hookers!
…or you know, use the one that already has that.
i noticed this about a year ago and started keeping a map of some of the just seemingly odd attacks that were showing up in all the weirdest places. it just started smelling like intelligence gathering – large scale intel gathering. i just found it interesting and possibly a great foundation for a book…yet again pre-empted by the insanity of real life.
Yeah, DDoS attacks all the time here, too, but different. Won’t go into it other than to say, strange in the method used. They got lucky once, even was able to wipe my most-outer firewall router of all the ‘block list’ (incoming), real pain.
The biggest problem I ever have with local network integrity is the time wasted checking tracking cookie sites constantly rolling IPs! Swear to god, if you made them illegal, you’d recover 10-percent of the IPv4 IP numbers currently used!
Don't presume that the goal is disruption
It might be, but that’s just one of many possibilities. Another much more likely one — likely because we’ve already seen it many times — is extortion, i.e., “pay up or we overwhelm your perimeter routers”.
Yes, there are people who might do this out of ideology or politics, but there are many people who would do it for profit. Like the man said, Follow the money.
TL;DR – the Internet would need to be redesigned from scratch in a way that wouldn’t work with today’s applications, web pages, etc. Governments are against encryption and authentication (by others) so this will likely never see the light of day outside of research labs.
Now the part for people with attention spans:
The Internet wasn’t designed for its evolution. The original founding fathers of the Internet include Jon Postel (RIP) who famously created “The Robustness Principle” which states “Be liberal in what you accept, and conservative in what you send” (RFC-1122).
The Internet was designed to do something that hadn’t been done before — get interoperability. Prior to TCP/IP (and IMPs nee routers) IBM devices talked SAN. DEC devices talked DECnet. On a lower layer there were token-ring networks, coaxial-Ethernet networks, none of which could communicate effectively with each other.
Jon’s philosophy encouraged and enabled interoperability — the original goal. As a result in “being liberal in what you accept” there were no firewall considerations, very little protocol checking (the IP packet checksum, for example, only provides a rudimentary check that the IP header has not been changed in transit… but now of course a MITM attack does exactly that). There was no crypto consideration so no hashing or signing of packets, port connect request, transmission control protocol streams, etc.
Now we are in a new era. It started somewhere in 1993 when the “commercial Internet” became a thing. The ubiquitous “coasters” sent by AOL, Netcom, and others (originally 3.5″ floppies and then later CDs) allowed anyone with a MODEM to connect at incredible speeds of 9600 baud to 52Kbps (yes, baud and bps are different).
The evolutionary phases continued: everyone could get email; web 2.0; e-commerce; social media. With that came companies eager to connect the millions of worldwide businesses to the net, and also the hundreds of millions of worldwide users.
As with any society, once something is open to all that means even that bad guys have access. That had evolutionary phases too. Spam. DoS. DDoS. Malware. Then a combination of those (spam to get you to download malware and malware that put your computer in a botnet to do a DDoS). Now we have the latest which is ransomware, and this “attack vector intrusion tests.”
The Internet, as designed, doesn’t have the mechanisms to protect against any of this, nor can retrofitting it be done simply. The move to IPv6 (a VERY VERY incremental change) has taken over a decade and is still at less than 25% adoption.
Protecting against DDoS attack vectors requires that intermediary devices block LEGITIMATE-APPEARING-TRAFFIC. That goes against the grain of all the ISPs contracts with their customers. It also requires validation of IP addresses (to prevent spoofing) and elimination of non stream-oriented (UDP) protocols. These changes will not happen on the current Internet and they will not happen in an interoperable (“be liberal in what you accept”) way with current TCP/IP.
SO philosophically, yes, we need a new communication infrastructure with signing, encryption, and elimination of Windows (malware/DDoS vector). Governments the world over do not want any of this to occur.
I hate to be a conspiracy theorist / realist. But governments have no desire to protect the internet. When people are connected they have power. When you remove the connection then the government has the power. The only true secure communication is 2 Dixie cups and a really long string.
Re: Dixie cups
I don’t agree with your premise that governments would be more powerful if they had no Internet access.
What makes a government powerful is when the leaders have Internet access and the citizens don’t. That’s not what we’re talking about here; we’re talking about a situation where nobody has Internet access. That would throw governments into just as much disarray as the general public.
There's work going on for this
There are definitely people working on this, from the HIP working group in the IETF to the SCION folks (largely from ETH Zurich).
The latter, in particular, has some VERY interesting ideas, which would lead to comprehensive encryption from end-to-end, with endpoint privacy via onion routing, minimal overhead, and guarantees of traffic between two hosts in the same “ISD” (likely approx. one per nation) never leaving that ISD, solving both the “rerouted via Pakistan” and “insane regime breaks Youtube for everyone” issues.
Build a stronger Internet? Jeepers, how has nobody else thought of that before?
Given the complexity of this problem, I’m not expecting you to come up with an extensive, protocol-level list of improvements that developers should implement. But “hey, we should make this thing better” is (a) obvious and (b) useless. At least throw out a few high-level suggestions for what you’re talking about.
It’s not an easy problem, and a lot of the biggest and most advanced companies have been chipping away at it in any way they can for years and years. As others have noted, the rollout of IPv6 has been a long time coming. Google’s been working on web improvements in everything from transferring more data in fewer requests to automatically minifying and gzipping everything at the Apache level. While these are primarily intended as usability improvements, anything that reduces bandwidth consumption makes a DDoS harder.
There’s also MS dipping its toe into P2P distribution — specifically, Windows Update doesn’t just use a client-server model anymore; by default, updates are shared among users. This, naturally, makes it a lot less likely that MS’s servers will go down under heavy demand (as has happened before — I believe when the Windows 7 preview was released).
These are all slow, incremental improvements. Because when you’re trying to preserve compatibility with an existing system based on a decades-old protocol stack and used by billions of devices, slow, incremental improvements are all you’re going to get. (And those are just the technical constaints; other posters have already noted some of the political ones.)
Actually, they’re just looking for the “backdoors” that Director Comey wants. Of course, this is the same guy that says duct tape protects him from webcam hackers.
So does the EFF.
It’s also, y’know, obvious. If your camera is covered, nobody can see out of it.
It doesn’t protect against other forms of attack — audio and keystroke logging, MITM attacks on your communications, van parked across the street reading the radiation coming off your monitor, etc. — but it’s an absolute defense against anybody seeing you through your laptop camera. I don’t really see how that’s arguable.
Re: Re: Actually....
A piece of folded black colored beer can gives an almost invisible slide cover for the camera on my laptop and is springy enough to grip over the edge of the bezel and stay put.
Why hasn't this been done before?
I’ve been following the developments on rebuilding the Internet, and let’s see if I can summarise why we aren’t there.
Most commenters on this topic are pointing out the threat of political pressure on a redesigned Internet, but there are other issues at play.
The biggest problem (whether it’s for IPv6, mesh networking, or a peer-to-peer Web built on a DHT), is that before end-users see value in running the protocol it must already be popular. As such it’s actually not that hard to build a stronger alternative to the Internet, the issue is navigating the catch22 in order to get it used.
Furthermore there’s an issue that any purely peer-to-peer identifier (AKA a “pubkeyhash”) is inherently unreadable and harder to communicate to friends then a phone number, but an open-minded UI designer should be able to help solve this problem.
In short, we have been onto this task of building a stronger, better Internet but to some extent or other we can only do so incrementally. This is due to not only political pressure, but also marketing.
Re: Why hasn't this been done before?
Right, and it’s not just end users; it’s the local plumber who just has a website up with his business address and phone number; it’s publicly-traded companies whose shareholders don’t see the benefits in switching to a new system that their customers don’t use; it’s understaffed IT departments that simply don’t have the time to work on infrastructure changes like that because they’re too busy dealing with regular day-to-day issues.
Yeah, that’s not such a hard problem; we’ve already got a protocol that translates a human-readable address into an IP address. And my E-Mail address used to be SJMD68B.
And just plain lock-in. When you’ve got billions of people using a thing, it’s not easy to get all of them to transition over to a different thing.
Re: Re: Why hasn't this been done before?
Re: Re: Why hasn't this been done before?
It’s not like the issues I mentioned don’t have solutions, just that those solutions can slow down development or hold up adoption.
As for the issue of identifiers I’ve seen a couple of solutions, and introducing a semi-centralized translation service is certainly one of them. But given the mindset behind these projects I find QR codes are a more common one.
Still lock-in (thank you Thad, forgot to mention it) is a big issue I haven’t seen be addressed well, and as for the political angle we just need to review the new protocols and code for security flaws.
Re: Why hasn't this been done before?
Unless, of course, the end user can’t not use the new protocols because the major infra-structure players have ditched the previous ones and are accepting the more secure. There could be a window where both the new and the old internet would work simultaneously as a transition effort (if possible) or at least where it would be widely communicated that things would change and then just flip off the switch. Sure, shit will happen but it’s better than keep the frankenstein barely alive and ailing at every slight probe.
Sometimes you just need to take a one time hit that will cause major disruptions but will avoid worse problems in the future if nothing is done. Or if you duct-tape pseudo-solutions.
Apart from the possiblity that these “tests” of the strengths and weaknesses of the Net are the work of the “Cyber ISIS crowd”, there’s also the possibility that the NSA, Homeland Security and DARPA are behind these “probes”!
Please!… no emails!
It's nothing to do with TCP/IP, or p2p, or any other SOFTWARE protocols
I haven’t read through all the comments, but certainly most of the ones at the top seem to be blaming IPv4, or talking about p2p, ditributed computing or whatnot.
None of those are relevant. They are all software protocols that lie atop the physical, cabling/satellite, infrastructure. And as I understand it, we are talking about the network infrastructure, the CABLES, where they go, where they concentrate, and so on here.
Have a look at the submarine cable map. Most of the worlds data goes through a few key landing points. And a landing point is a big datacentre/routing point for massive amounts of data. And beyond that, the main trans-continental (land-based backbones) concentrate through a few key distribution points.
You ‘break’ half a dozen core physical cable concetration points, you can break an awful lot of the internet. And I’m not talking physical breakage. All the distribution within those conecntrations of cable termination points is done with gateway routers, core routers, and so on. It is these devices we are talking about breaking. These devices that control all the data flow can be hacked, DDoSed, lobotomised.
Sure, some of it will be worked around, but those key choke points between them provide the lions share of the available bandwidth, well in excess of 60% of the internet bandwidth throughout their regions. Most secondary backbones that bypass those core datacentres are, relatively speaking, low-bandwidth, like satellite, or links to small regional areas etc. So, break half a dozen key regional concentration points, and suddenly the internet in trying to route around the break, trying to jam 100Gb/s (or more) through links that are only 1 or 2 Gb/s. And with the atrocious way that core routers, border gateways cache too much, flow-control will be broken beyond recognition. Suddenly all these 100GB/s+ are choking, breaking the remaining backbones. It’s like a traffic jam, there’s so much traffic it all sits there going nowhere. And “poof”, there goes the internets across very large regions, national if not continental-scale telecommunications failures.
And it doesn’t matter whether you are using IPv6, IPv4, P2P like torrenting, cloud datacentres, TCP/IP, ATM, IPX, (although IPoA will still work fine unless as long as you don’t need to interface with any telco’s!) it’s all irrelevant. All the infrastructure that carries that data will be inaccessable.
Internet traffic should be encrypted by default. Internet’s infrastructure should always be decentralized.
Unfortunately the public nature of the forum prevents a proper discussion of this.
There are seeds out there, of the technologies that will make the next generation Internet. There are working prototypes, and small networks running these systems.
But… (A big but)
There are a lot of politicians (read as: white collar pimps) that also read TD. So as much as I’d like to talk about the stuff that is REALLY going on right now, this isn’t the forum to do it.
It would be irresponsible. (Pretty much like inviting NAMBLA to an elementary school.) These technologies need a chance to grow up so they can defend themselves. And that is really the bigger challenge.
Making a technological system that is monolithic, which reinforces both open communications, AND privacy while running on hardware that is controlled by malicious actors isn’t just a technical challenge. It is also a political one.
What I can say, is that a great deal of effort is being made to deal with the descending spiral into fascism. But making a system free (as in freedom, not beer) is actually a much bigger technical problem than it might appear.
Jefferson wrote what _should_ be. Now the challenge is to see if there is actually a mathematical means for actually achieving what he articulated.
I believe there is. And I’ve seen some stuff that goes a long way in that direction. But I’ll be fucked if I’m going to help some shitbag minion of Oligarchy find it before it is ready for market.
Re: Unfortunately the public nature of the forum prevents a proper discussion of this.
As it was alleged of Lucifer!:… if Lucifer had known that the death of Jesus would have meant Lucifer’s defeat, HE WOULD NOT HAVE KILLED THE SON OF GLORY (and thus, we would have no opportunity for salvation!)!
In other words… and get this!… the W-O-R-S-T T-H-I-N-G Lucifer C-O-U-L-D E-V-E-R H-A-V-E D-O-N-E in his tactical battle plans and WAR against God, would be to have L-E-F-T C-H-R-I-S-T A-L-O-N-E!
Talk about the M-I-N-D-L-E-S-S F-U-T-I-L-I-T-Y of mere aggressive acts!
Indeed!… sometimes it’s best to keep the cards close to the vest! But!… on other occassions!… it’s best to leave just enough rope!
Please!… no emails!
If state actors took out the net, which wouldn’t surprise anyone at this point, it would have an unforeseen awesome consequence: giving today’s apathetic social media (ab)users a motive to rise up and fight for something they believe in. People complain about generation y’s lack of interest in real life activism, what better antidote for that than to take away their unreal lives online?
Bring it on.