Home | Blog | Software | Reviews and Features | Forum | Help | Donate | About us
topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • September 04, 2015, 11:38:37 AM
  • Proudly celebrating 10 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Obama Can Shut Down Internet For 4 Months Under New Emergency Powers  (Read 13828 times)

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 8,858
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Donate to Member
Of all the things i worry about in terms of government overstepping it's bounds, worrying about them shutting down the internet or part of it is not even on my radar.  Any reasonably sized entity/company/group can take down almost any small website at will with a distributed denial of service attack, etc.. and persecuted/underground groups will always be able to pop up somewhere else.
Taking down individual websites is one thing - killswitching the backbone is something entirely different. Taking down all US-based websites, IP telephony, and whatnot? And possibly majorly FUBARing the global routing? Ugh!
- carpe noctem

higherstate

  • Participant
  • Joined in 2010
  • *
  • Posts: 27
    • View Profile
    • Drive Backup Software
    • Donate to Member
I am sure someone has written a white paper about it somewhere (although they are probably in jail on anti-terror charges if they did) but isn't the Internet by it's very nature impossible to shutdown?

I am sure that there are many important hubs etc but wouldn't they just be replaced/mirrored pretty quickly & in the meantime everything would just be slower?
My Antivirus Firewall Software blog & advice.

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,563
    • View Profile
    • App's Apps
    • Donate to Member
I have to quote my dad here, because it's funny....

If he ever shut down the Internet, half of America would die from going cold turkey! (Imagine streets strewn with Twitter corpses who couldn't repress a twit!)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 12,787
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
I am sure someone has written a white paper about it somewhere (although they are probably in jail on anti-terror charges if they did) but isn't the Internet by it's very nature impossible to shutdown?

I am sure that there are many important hubs etc but wouldn't they just be replaced/mirrored pretty quickly & in the meantime everything would just be slower?


No. The entire Internet can grind to a halt, completely. This has been an issue in the past, though I am not 100% certain about things now.

Basically, the US controls the 13 root DNS servers that control ALL domain name resolution for all domain names. http://www.root-servers.org/ Turning them off would effectively shut down the internet completely. (TTL would expire, and all records would be obsolete.)

Ironically, I'm having problems connecting to some sites at the moment, and can't look up more information for you. Perhaps someone else here can post a bit about it? Maybe some more current information?

Here's some fun: http://data.iana.org/TLD/tlds-alpha-by-domain.txt

There are some CRAZY TLDs there like:

XN--0ZWM56D
XN--11B5BS3A9AJ6G
XN--80AKHBYKNJ4F
XN--9T4B11YI5A
XN--DEBA0AD
XN--G6W251D
XN--HGBK6AJ7F53BBA
XN--HLCJ6AYA9ESC7A
XN--JXALPDLP
XN--KGBECHTV
XN--MGBAAM7A8H
XN--MGBERP4A5D4AR
XN--P1AI
XN--WGBH1C
XN--ZCKZAH


WTF? Dunno what that's about...

[EDIT]
http://www.iana.org/domains/root/db/xn--11b5bs3a9aj6g.html
They are test TLDs.
Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker
« Last Edit: July 04, 2010, 12:00:48 PM by Renegade »

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
... isn't the Internet by it's very nature impossible to shutdown?

I am sure that there are many important hubs etc but wouldn't they just be replaced/mirrored pretty quickly & in the meantime everything would just be slower?


It's designed to be very difficult to shut down, but that's a far cry from being  impossible to shut down.

Redundancy and mirroring minimizes the risk. But in any system, there is only so much "systemic damage" that can be absorbed before a catastrophic failure occurs.

And exactly who would you be doing your 'failover' to?

All of the redundant and backup systems are under the direct control of the same people who would be shutting down the main routers and DNS servers.

Killing individual network elements could cause a ripple in the pond. Killing large numbers of them would impact network speed and reliability. But killing all of them simultaneously would effectively kill the entire network.

Not to say that whatever was left over couldn't patch around it and get something up. But that would take time, money, and a huge amount of international cooperation. Getting all the ducks back in a row would be further complicated by the fact that this type of international cooperation usually requires formal treaties, which would further delay the process.

So while I'd hesitate to say the US could shut down the entire internet for an indefinite period, it could still cause a major snafu for several months at the very least.

Scary thought!  :tellme:

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,563
    • View Profile
    • App's Apps
    • Donate to Member
You do know there are alternative DNS roots...not just the 13 you guys have been talking about.


They are not all under US control. (Unifiedroot is Dutch)

If you think it's possible that the US government would shut down the ICANN/IANA roots, it might be smart to get the info you need to make a quick switch to one of the ones on this list and keep it in a safe place.

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 12,787
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
You do know there are alternative DNS roots...not just the 13 you guys have been talking about.


They are not all under US control. (Unifiedroot is Dutch)

If you think it's possible that the US government would shut down the ICANN/IANA roots, it might be smart to get the info you need to make a quick switch to one of the ones on this list and keep it in a safe place.

Well... Yes and no...

While you might be able to actually connect to http://reg.for.free/ (click to find out), can anyone else? Does anyone here own a ".geek" or a ".free" domain? *Would* you ever use one? (That's actually a different question, but it illustrates how much alternate DNS roots are trusted. See here for a good FAQ on OpenNIC and .com, etc.) You don't see .geek or .anarchy or other TLDs like those in use.

Basically, alternate DNS systems need to have ubiquitous usage in the same way that Microsoft Office documents are ubiquitous. i.e. If everyone else is using X, then you need to as well, and no matter if something else is better, if nobody can access it, then it's useless.

How many people can actually set which DNS servers they connect to? That's 99.999% done by people's ISPs, who all in most likelihood use the 13 root servers.

So while a few people that use alternate DNS networks may be able to connect, the rest of the world would effectively go dark.

The other thing is that with all TLDs being administered as they are, alternate DNS services rely on the 13 root servers to get their DNS records anyways. So any future DNS is hosed, and any DNS changes are hosed. DNS records that did not change would still continue to work. If anything shut down the 13 roots, then these services would pretty much become drown in traffic overnight as word spread and people switched over to use them. That might actually be a good thing!

It would be nice if things were different, but I just don't see the powers that be wanting to relinquish control. (Does anyone have any info there? A number of years ago this was a hot issue. I do not know if there were any changes made.)

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,563
    • View Profile
    • App's Apps
    • Donate to Member
wait, wait, wait...

Nobody said to register a quirky domain name with them. (that would be really stupid)

I was suggesting in case of the kind of temporary emergency that is being suggested in this thread, if the standard 13 root servers were shut down, use the alternative ones to CONNECT. They have a copy of every record the standard ones have and they will help you reach all the .com, .net, .org, .edu, etc. until the standard root servers come back online. (ok, it's not perfect, but it's better than nothing at all, don't you think?)

And it doesn't cost you anything to use them this way. They are free to the public.

How many people can actually set which DNS servers they connect to? That's 99.999% done by people's ISPs, who all in most likelihood use the 13 root servers.

I can. I changed it in my router about 2 years ago when I got sick of being redirected to my ISP's crappy search page. Instead of changing every pc in the house, changing it in the router took care of it all in one shot.

Some of the alternative root sites have software to help the windows users do it. Download, click, and you are done. I am sure Linux users can figure out how to do it manually, and Mac users that can't figure it out... well they can just live without the internet for awhile or go buy a Windows box.  :P


40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
^ Its not so much a case of 'the powers' being reluctant to relinquish control of the root DNS servers as it is simply easier and more cost effective for everybody else to continue using them. And the reason they do is because, up until now, there hasn't really been much reason not to.  

This is potentially bad in that the US controls them and can shut them down.

But it's also good because it provides practical limitations on what the US can do with them. Alternatives don't exist because there hasn't been any critical need to build them. But let the US start arbitrarily throwing its weight around and you can be sure that the EU (and everybody else) will soon develop alternatives. The technology is relatively simple - so all that would really be needed is the money and political will to build it.

And once alternative networks do get built, the US will no longer have the de facto control it now has - so I doubt the US government will ever be anxious to push the issue - or hit the switch.  

In a way, this legislation was a dumb political move. The president would never have trouble hitting the killswitch if there were a genuine need. The telcos and ISPs have always been cooperative during real national emergencies.

But one thing this legislation could do is provide Europe and elsewhere with an incentive to start putting contingency plans and systems into place.

Nobody likes to have a sword hanging over their heads. Maybe by granting the president this 'new' power, the US will force the rest of the world to start taking their first steps towards a new Internet. One where the US no longer has the power and influence that it currently holds.

        
« Last Edit: July 04, 2010, 09:39:28 PM by 40hz »

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 12,787
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
wait, wait, wait...

Nobody said to register a quirky domain name with them. (that would be really stupid)

I was suggesting in case of the kind of temporary emergency that is being suggested in this thread, if the standard 13 root servers were shut down, use the alternative ones to CONNECT. They have a copy of every record the standard ones have and they will help you reach all the .com, .net, .org, .edu, etc. until the standard root servers come back online. (ok, it's not perfect, but it's better than nothing at all, don't you think?)




Agreed 100%. :) I actually wish that they were more into the mainstream. The funky domains were to point out that they are not quite at the front line yet -- in the case of a crisis, they will be though.



How many people can actually set which DNS servers they connect to? That's 99.999% done by people's ISPs, who all in most likelihood use the 13 root servers.

I can. I changed it in my router about 2 years ago when I got sick of being redirected to my ISP's crappy search page. Instead of changing every pc in the house, changing it in the router took care of it all in one shot.

Some of the alternative root sites have software to help the windows users do it. Download, click, and you are done. I am sure Linux users can figure out how to do it manually, and Mac users that can't figure it out... well they can just live without the internet for awhile or go buy a Windows box.  :P

Hahhahaha~!

Well, we all know that if it does go down, it must be Windows fault and that the Macs are down is just the infinite wisdom of Steve telling people to go out and enjoy the sunshine. :P :)

But that is a neat trick -- doing it at the router level. (I HATE ISP search pages... If I put in a bad domain, I likely want it that way and am not interested in their take on the subject. :P )

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,563
    • View Profile
    • App's Apps
    • Donate to Member
I was talking to Stephen earlier tonight and we came up with a great idea to make tons of money if the US govt were ever stupid enough to cut off the root servers.

We'd set up out own makeshift internet cafes. He would use his 11 PC's and I would just make it "bring your own laptop", and sell access by the hour to the inept, unprepared, and completely addicted in our neighborhoods that have no idea how to configure their computers or routers to use one of the alternative roots.  ;)

JavaJones

  • Review 2.0 Designer
  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 2,650
    • View Profile
    • Read more about this member.
    • Donate to Member
What would likely happen is the ISPs themselves would change the name servers they point to. That would only be sensible for them to best serve their customers.

- Oshyan

40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
Remember however that it's not just the DNS servers. It's the backbone routers as well.

If you have no packet routes, it doesn't much matter what you're pointing to. :(

Stoic Joker

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 5,883
    • View Profile
    • www.StoicJoker.com
    • Donate to Member
wait, wait, wait...

Nobody said to register a quirky domain name with them. (that would be really stupid)

I was suggesting in case of the kind of temporary emergency that is being suggested in this thread, if the standard 13 root servers were shut down, use the alternative ones to CONNECT. They have a copy of every record the standard ones have and they will help you reach all the .com, .net, .org, .edu, etc. until the standard root servers come back online. (ok, it's not perfect, but it's better than nothing at all, don't you think?)

That's not really a safe assumption. DNS is hierarchical, the SOA (Start Of Authority) roots are only going to have full zone data for the TLD's they are authoritative for. While they may have Stub Zones for other TLDs these (stub) zones only contain (NS) records for the SOA for that zone. If the TLD SOA from that NS record is offline ... Your request goes poof!

Remember however that it's not just the DNS servers. It's the backbone routers as well.

If you have no packet routes, it doesn't much matter what you're pointing to. :(
Quite true.

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,169
    • View Profile
    • Read more about this member.
    • Donate to Member
What puzzles me more is what the rationale behind that idea is?

The only things I can imagine are what Bruce Schneier would call "movie plot threats" - things that cant work but can grab the imagination of the unitiated, such as a general penetration of US systems by ennemi viruses and software agents that requires a cleanup and reboot of everything...

Real scenarios? not so much - i mean if you have to shut down infrastructure the government, business, emergency agencies, health agencies and hospitals etc. rely on, the other guys have kind of already won ;)
« Last Edit: July 07, 2010, 01:56:06 AM by iphigenie »

iphigenie

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,169
    • View Profile
    • Read more about this member.
    • Donate to Member
ok here's a bit more smart analysis about it

http://www.huffingto...-the-i_b_626754.html

Quote
A breakdown of what the PCNAA actually includes does not necessarily reveal a brand new power given to the President to "shut it all down" when it comes to the Internet and a cybersecurity threat. What it does reveal is another bureaucratic mess. The bill establishes, amongst other provisions, a White House Office for Cyberspace Policy and a National Center for Cybersecurity and Communications. Analogies have been made to the same type of authority and response mechanisms that are currently associated with FEMA. FEMA and its record with current disaster response is the exact reason why people are afraid of forming an agency or body to deal with a cyber attack: it will be constructed upon bureaucratic models that have failed to operate effectively in the past.

found via http://www.opencongr...111-s3480/news_blogs
« Last Edit: July 07, 2010, 02:07:25 AM by iphigenie »

daddydave

  • Supporting Member
  • Joined in 2008
  • **
  • Posts: 822
    • View Profile
    • Donate to Member
Junior Staffer:
ok here's a bit more smart analysis about it

http://www.huffingto...-the-i_b_626754.html

I appreciate this, but I think it's still a go for my movie 'based on a true story"*:


Obama: We're under cyberattack! I need you to press the red button that  goes to the internet kill switch.
Junior Staffer:: Wow, so isn't that like a Denial of Service attack itself?
Obama: Shut up and press the red button.
Junior Staffer: Ok, Ok, calm down. What's the launch password?
Obama: N-O-I-P-4-Y-O-U
Junior Staffer: Thanks. OK, here goes the mother of all cyberattacks, I mean our counter-mother-cyberattack-whatever. Oh crap!
Obama: Not sure I like the sound of that.
Junior Staffer: I think I accidentally nuked Russia.


* based loosely, that is.
If bad things happen to other people, it's karma. If bad things happen to me, it's kismat!

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 7,050
    • View Profile
    • Just for mouser.
    • Donate to Member
If the network is under attack, how are they even going to be able to send the signal to shut down the network? Do they have the backbone in the White House (or NORAD, etc.)?


40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
^The shutdown signal wouldn't necessarily need to be sent via the network itself - and very likely wouldn't. If the network is compromised seriously enough to warrant its being shut down they're not going to rely on that same network to do so.

I'd suspect the most likely scenario would be some sort of arrangement whereby a prearranged coded communication would be sent out (via phone, radio announcement, etc.) and designated individuals would 'pull the plug' locally.

The best computer hack in the world is still no match for a human being with one finger resting on the on/off button.

 ;D


« Last Edit: July 11, 2010, 02:10:44 PM by 40hz »

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 7,050
    • View Profile
    • Just for mouser.
    • Donate to Member
I'd suspect the most likely scenario would be some sort of arrangement whereby a prearranged coded communication would be sent out (via phone, radio announcement, etc.) and designated individuals would 'pull the plug' locally.

Suddenly DaddyDave's screenplay doesn't seem so far fetched. Fail-safe, anyone?


40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
^Actually, it's more like they'd use the Emergency Broadcast System that you hear them test at weird times on TV and radio.

That's what the EBS was created for. They'd just announce the president was shutting the net down and include a code word at the end to let the telcos and ISPs know it's not just a drill. It works the same for broadcasters. They receive the EBS tone and an authorization code. If the codeword sent matches the codeword for the day they know it's a real emergency and suspend broadcasting and wait for further instructions from the government.

Fun. I grew up living with this stuff as a kid.   

 

Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 7,050
    • View Profile
    • Just for mouser.
    • Donate to Member
Oh man, I haven't heard them test the EBS in ages! (Of course, I haven't been a regular TV viewer in ages, either.)


40hz

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 11,530
    • View Profile
    • Donate to Member
^If you're a Cablevision subscriber you can also hear it there.  8)


Deozaan

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 7,050
    • View Profile
    • Just for mouser.
    • Donate to Member
What I meant by "regular TV viewer" was frequency (regular basis, or lack thereof) as opposed to method (over the air/antenna TV stations).

I hardly ever watch TV, though when I do, it's usually something that was recorded on the DVR at my parents' house. So I guess both interpretations apply after all.

« Last Edit: July 13, 2010, 02:39:00 PM by Deozaan »

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 6,764
    • View Profile
    • Donate to Member
Quote
If you call a tail a leg, how many legs has a dog? Five? No, calling a tail a leg don't make it a leg.   - Abraham Lincoln

The quote is kind of right, but it was not said by Lincoln.
(and if he had said it, I imagine he would have used the proper doesn't...)

Quote from: Edward Josiah Stears
Edward Josiah Stears' Notes on Uncle Tom's Cabin (1853) p. 46:

'"Father," said one of the rising generation to his paternal progenitor, "if I should call this cow's tail a leg, how many legs would she have?" "Why five, to be sure." "Why, no, father; would calling it a leg make it one?"

http://msgboard.snop...ic;f=32;t=000450;p=0

http://www.amazon.co...79119016&sr=1-10
http://www.amazon.co...79119016&sr=1-11

tom2010-07-14_170428-858.png


http://www.amazon.co...11#reader_0548215448
« Last Edit: July 14, 2010, 10:11:58 AM by Curt »