Wednesday, March 15, 2006
11 Ways to Destroy (?) the Internet
Note/Disclaimer: This article is intended to be both educational and facetious and does not advocate, under any circumstances, doing any of these things. Many of these things are illegal under most nations' laws. Performing just about any action described in this article could get you, at best, jail time, at worst, a treason charge from your national government. Plus, you'd pretty much piss off every geek in the world, and you don't want to be on the receiving end of an angry geek.
The Internet is the biggest military faux pas of all time. Intended to be a simple communication network between the government and research institutions, it has exploded into epic and nearly uncontrolled proportions. Almost everybody within a moderate distance of a good-sized American village currently has access to the Internet. Populated by rugged and sometimes lawless geeks, it is often the Wild West of the electronic world.
What is the Internet? Quite literally it is a connection between networks, like interstate highways are a connection between states. The owners of these networks, from small businesses to home users to large corporations, depend on a delicate infrastructure for the services the Internet provides to them. Our entire economy and most of our government has come to depend on the presense of the global Internet as it exists today. (It's likely, though, that the US military and the governments of most countries have their own Internets that they could still use if the public Internet was destroyed.)
So could the Internet be destroyed? Well, that depends on what we mean by destroyed. The geniuses working for DARPA in the 1970s specifically designed the primary data protocol of the Internet (creatively, Internet Protocol, or IP) so that the system will still function if a large chunk of the network is disabled or destroyed (say, by a nuclear blast). Data intended for somebody on the other side of the blast crater will find another way to get there. While there might be some brief service interruption as the system reconfigures itself, it will eventually do so.
So we'll have to redefine "destroyed". Let's define it as temporarily denying a large number of private citizens access to a large number of Internet services. Perhaps a better term would be "disabled". We can also assume that the Internet is destroyed/disabled if nobody is using it. The answer is now yes, the Internet can be destroyed. Here's how:
Method 1: Take out the root nameservers
What you'll need: 13 large bombs or maybe some Rods from God
Effectiveness: Brief
How it works:
Method 2: Make your own root nameservers (or modify the existing ones)
What you'll need: A lot of fairly talented hackers and a pretty fast connection
Effectiveness: Brief
How it works:
Method 3: Disable an Internet Exchange Point (IXP)
What you'll need: Very large scissors (or the same stuff from Method 1)
Effectiveness: Medium
How it works:
Method 4: Packet flood
What you'll need: About a million computers on high-speed connections
Effectiveness: High
How it works:
Method 5: Clip all the service lines
What you'll need: Wire cutters, a hard hat, patience
Effectiveness: Very high
How it works:
Method 6: Discover and exploit a new network-based buffer overflow bug
What you'll need: Patience, practice, a computer
Effectiveness: High (but brief)
How it works:
Method 7: Government seizure
What you'll need: A substantial military and a powerful despot
Effectiveness: Total
How it works:
What you'll need: A service that is current highly used and free (email)
Effectiveness: High
How it works:
Method 9: Decrease the signal to noise ratio
What you'll need: Approximately 100 gigabytes of gibberish, or people capable of writing it
Effectiveness: Well underway
How it works:
Method 10: Solve some difficult math problems
What you'll need: More intelligence (or luck) than any mathematician in the past 60 years
Effectiveness: Brief
How it works:
Method 11: Refuse to cooperate with IANA's policies on IP addressing
What you'll need: Selfish nationalism, spunk
Effectiveness: Very high
How it works:
So, um, try to avoid doing any of these things. We don't need another dot-com bust. If you can think of any other ways, post them as comments!
(I have no idea what's up with blogger's fonts. Try to ignore them.)
The Internet is the biggest military faux pas of all time. Intended to be a simple communication network between the government and research institutions, it has exploded into epic and nearly uncontrolled proportions. Almost everybody within a moderate distance of a good-sized American village currently has access to the Internet. Populated by rugged and sometimes lawless geeks, it is often the Wild West of the electronic world.
What is the Internet? Quite literally it is a connection between networks, like interstate highways are a connection between states. The owners of these networks, from small businesses to home users to large corporations, depend on a delicate infrastructure for the services the Internet provides to them. Our entire economy and most of our government has come to depend on the presense of the global Internet as it exists today. (It's likely, though, that the US military and the governments of most countries have their own Internets that they could still use if the public Internet was destroyed.)
So could the Internet be destroyed? Well, that depends on what we mean by destroyed. The geniuses working for DARPA in the 1970s specifically designed the primary data protocol of the Internet (creatively, Internet Protocol, or IP) so that the system will still function if a large chunk of the network is disabled or destroyed (say, by a nuclear blast). Data intended for somebody on the other side of the blast crater will find another way to get there. While there might be some brief service interruption as the system reconfigures itself, it will eventually do so.
So we'll have to redefine "destroyed". Let's define it as temporarily denying a large number of private citizens access to a large number of Internet services. Perhaps a better term would be "disabled". We can also assume that the Internet is destroyed/disabled if nobody is using it. The answer is now yes, the Internet can be destroyed. Here's how:
Method 1: Take out the root nameservers
What you'll need: 13 large bombs or maybe some Rods from God
Effectiveness: Brief
How it works:
Every computer on the Internet has a numeric address, like 13.57.81.12. The only way to communicate with another computer is to know its address. Unfortunately, these are very difficult for humans to remember. A global system called DNS (Domain Name Service/System) translates between common names like www.google.com to these addresses, for communication purposes.What would happen:
Let's say you want to drive to a particular location in San Fransisco, California but you don't have a specific street address, only that it's called Joe's Coffee House. First, you probably want to be in the appropriate country. Once you're there, you can ask somebody who knows where to find California. Next, you can go to California and ask somebody where to find San Fransisco. Finally, you can go to San Fransisco and ask somebody where to find Joe's Coffee House. That person probably will be able to provide you with an address so that you can go there.
DNS works in a similar fashion. If your destination is windowsupdate.microsoft.com (which it should be on a fairly regular basis), you first need to make sure you're in the .com "country". If you've been there before, you probably don't need directions to get there, but you might if you haven't. These countries are called top-level domains. Next, you ask somebody there how you can find the domain called microsoft.com. Next, you go there and ask how you can find the "subdomain" called windowsupdate. The result of this process, like when you searched for Joe's, is the address of the computer you're looking for, so that you can communicate with it. This is called resolving an address.
The entities which are responsible for directing you to the appropriate "country" (top-level domains - com, org, net, etc) are called root nameservers. They can direct you to the subordinate nameserver that knows about .com addresses or the server that knows about .net addresses, etc. Without them, since things on the Internet sometimes change, the entire system would fail.
Now here's the kicker: There are only thirteen root servers in the entire world, labelled A through M. Nine of these are physical machines in a single location (the rest are distributed). Eight of these are in the United States. Each is heavily protected by concrete bunkers, heavy security, shielded lines, etc. So you're going to have a make a pretty big bang. It will probably take five or six root nameservers going down to affect the Internet heavily. (This almost happened a few years ago.)
For a while, everything will be okay for many people. The top-level DNS records are cached by providers all over the world, so destroying them won't interrupt all service immediately. There may be intermittent failures in less-used domains. Smaller providers may invalidate their caches before larger ones, so users outside of cities will be unable to resolve domain names. After a while, certain domains with changing addresses will become unavailable. Before that, though, somebody will build a new set of root servers. It will still take a while to get everything back up to speed (how do you get that information to service providers?) so your evil plan will still be a limited success!
Method 2: Make your own root nameservers (or modify the existing ones)
What you'll need: A lot of fairly talented hackers and a pretty fast connection
Effectiveness: Brief
How it works:
Nobody says that you have to use root servers A through M (well, okay, Microsoft says so). You can easily use your own root servers and your own top-level domains (i.am.awesome) if somebody is willing to trust your system for information. You'll need to set up a system that knows all about the existing top-level domains, and directs people asking about them to phony addresses. Alternatively, you could hack the existing root servers and change their tables to point to your phony addresses. Since these tables may be stored in hardware, this could prove difficult.What would happen:
Next, you'll have to hack every major service provider and either erase or invalidate their DNS cache. While you're in there, if you made your own root nameserver, you'll have to change their settings to point at those instead of the ICANN ones.
Unlike the previous method, this will cause a massive service interruption as nobody is able to access any domains. Unfortunately, unless you're more clever than the system's designers (unlikely), this includes the companies whose records you just destroyed, and they'll get to fixing those fairly quickly.
Method 3: Disable an Internet Exchange Point (IXP)
What you'll need: Very large scissors (or the same stuff from Method 1)
Effectiveness: Medium
How it works:
Backbone networks provide service to large businesses in a whole geographical region. They are physical networks that consist of direct physical (wires) or satellite links between networked devices. Your Internet Service Provider either is a customer of or owns one of these networks.What would happen:
An IXP is the location at which two or more backbone networks join together to form the global Internet. Each participating backbone provider plugs into devices called ethernet switches which direct incredible amounts of traffic (gigabytes per second) from one network to another. There are fifteen such locations in North America, with members such as AT&T, NASA, and British Telecom.
So to destroy the Internet, basically, we'd have to unplug those networks from that switch. The best way to do this would be to destroy the device itself, but cutting each individual wire would delay things for a while while somebody spliced a new tip. Eliminating one such IXP would remove service to a great number of people. I recommend the London Internet Exchange, which serves over half of named computers on the Internet.
Backbone networks will be unable to communicate directly. Although many will still be able to route communications through other networks, Internet access will slow down beyond the frustration level for most users. Data going from Pittsburgh to France, for instance, might be routed first through Japan and New Zealand, depending on which IXP(s) you destroyed. If you picked your target(s) well, many networks may be unable to communicate at all.
There might also be a temporary outage (described in the introduction) as every router in the world adjusts to the new network topology.
Method 4: Packet flood
What you'll need: About a million computers on high-speed connections
Effectiveness: High
How it works:
Networks can only transport a limited amount of data in a fixed time. If your network can handle 1000 megabits per second, attempts to send any more than 1000 megabits are going to have to wait until the next second. Your home Internet connection is likely capable of some much smaller value, in kilobits per second.What would happen:
Furthermore, recipients of network data are required by the most common protocols to respond to the sender with an acknowledgement (ACK) signal when they receive the data. This effectively doubles the number of computers that you can use to send signals.
So, if a large number of computers send random information to a large number of random recipients, the networks of those individuals would be quickly rendered ineffective. If those large numbers of computers are on very distinct networks in distinct areas of the world, Internet providers will be unable to block the flood of useless information.
This is called a packet flood (or SYN flood) denial of service (DOS) attack and actually happens on a smaller scale on a fairly regular basis. The older variant of DOS attack used a single high-speed computer bombarding one or more slower computers. Modern variants recruit networks of "zombie computers" using malicious programs (e.g. viruses) unwittingly installed on users' computers. These attacks are often used to block access to useful services like Microsoft's Windows Update. The 2003 Blaster computer worm was designed to do just this on a specific date.
A third, and very dangerous, variant uses bogus "return addresses" and the ACK signals from innocent computers to bombard a target. In this variant, there is no need to infect the zombie computers - any server will do. When such an attack was successfully carried out in 2002, it generated almost 8 gigabits per second of Internet traffic.
In our case, since we're randomly choosing targets, it will affect every network in the world at the same time. If our attack also installs an Internet worm (Method #5), we could continually grow our army of noise until the useless data overwhelms the Internet and forces the people who run it to pull the plug(s).
Method 5: Clip all the service lines
What you'll need: Wire cutters, a hard hat, patience
Effectiveness: Very high
How it works:
Very simply - everybody is connected to the Internet by one or more wires, most of which are hanging in the air. Simply cutting those wires will eliminate the Internet connection to all those served by them. Simply look at the areas affected by power and service loss following a single storm to deduce the effectiveness of this method.What would happen:
You will, however, need a lot of patience and some sort of invisibility suit. That's a lot of wires. If you're lucky, though, you'll take out everybody's cable TV and telephone service in the process. Try to avoid the electric lines.
It sometimes takes providers days to restore electric and phone service following a heavy ice storm or thunderstorm. These only eliminate a small fraction of the wires. If you cut all of them, it will take exactly as long as it took to put the wires up in the first place, as they'll all need to be replaced.
Result: Severe long-term Internet outages, particularly if you hit companies providing Internet services for a lot of businesses. Massive financial chaos. If the process takes long enough, companies will abandon their Internet ways of doing things and likely be reluctant to try it again.
Method 6: Discover and exploit a new network-based buffer overflow bug
What you'll need: Patience, practice, a computer
Effectiveness: High (but brief)
How it works:
Computer programs often store received or input data in sections of their memory called buffers, which are usually of a fixed size (say, 1024 bytes). Sometimes, and more often than they should, careless programmers accidentally allow a program to read input longer than some buffer in which it will eventually be stored. Let's say, for instance, that our programmer accidentally allows users (or another program) to provide 1024 bytes of input but, through some error, that data ends up in a 1000 byte buffer. Something has to happen to those extra 24 bytes, and that something is usually that they're written as though the buffer is actually 1024 bytes long. (Alternatively, the program might crash. This is actually the cause of many program crashes.)What would happen:
This means that any data that was stored right next to the buffer in memory has been replaced by the last 24 bytes of the input. Now, if input is almost never longer than 1000 bytes, the programmer might not find this problem during testing. (This is how many such problems escape notice.) A malicious hacker, however, might be able to use those extra 24 bytes to put dangerous programming code into places where it shouldn't necessarily be going.
Most recent Windows worms work this way: A security group finds a flaw in Windows. If this flaw is a buffer overflow, some hacker easily writes a program that exploits it. The hacker can then do anything he wants to any computer with the flaw, including using it to spread the worm to more computers. These infected computers are then used, for instance, to cause damage to networks by executing distributed denial of service attacks (see Method #5).
If a worm infected enough computers worldwide with malicious software that continuously bombarded random addresses with data, the Internet would, as with several of the other moethds, slow to a crawl. This would be the global Internet, though, and not a single subset of it. Businesses might disable their network connections or restrict access to networked computers in order to prevent their data from being corrupted. This has happened several times in the past few years, each time producing billions of dollars of damage.
A single coordinated attack, appearing in several countries at once, would be devastating, driving users to disconnect their computers for the safety of their information.
Method 7: Government seizure
What you'll need: A substantial military and a powerful despot
Effectiveness: Total
How it works:
Simply order all of your country's telecommunications providers to disconnect their networks from other networks except those used by the government.What would happen:
At worst, the government could simply unplug every network from its backbone. At not much better, they could simply restrict content within your own country and simply pull those plugs leading to other countries.Method 8: Charge money for ridiculous things
What you'll need: A service that is current highly used and free (email)
Effectiveness: High
How it works:
Like you, criminals can also obtain access to the Internet for free. These criminals are sending spam emails by the millions, flooding servers with unnecessary data, and driving users away from certain email providers. They are also writing viruses and worms that disable personal computers and networks. They are posting pornographic images, leading to legal battles regarding the protection of children.What would happen:
Major corporations have proposed many methods for eliminating or reducing the number of criminals who are able to use the Internet for malicious purposes. Most of these solutions involve some sort of payment for using a service. For instance, imagine if your company had to spend 1.5 cents per email it sent. That doesn't seem like much, but many companies send thousands of emails per day. This is over half a million dollars for a service that the company already uses for free.
Other companies have proposed a "priority routing" service, in which clients whose emails is preferred (for whatever reason) gets priority in reaching its destination over data from Joe College from his dorm room. This means that users using such a high-priority service could send emails in a few seconds while users of a low-priority service might be better off sending their emails via the postal service.
Since most people mainly use the Internet to communicate, charging money for things that are already free might drive users away from popular Internet services like America Online. When 22 million people leave the Internet, it leaves a big hole.
Home users who could not afford the new services would probably disable their Internet connections. The phone, after all, is largely free and faster than waiting six hours for an email to arrive. Email would be used in extraordinary circumstances where time was not an issue. Small business users who send thousands of emails per day would be charged exhorbitant prices per email and probably return to using fax machines and the postal service, like they did ten years ago. If prices are not exhorbitant, they will not stop spammers. In the end, the only people using the Internet would be the people who used it to begin with: the government, big businesses, and geeks (who have other ways to do things).
Method 9: Decrease the signal to noise ratio
What you'll need: Approximately 100 gigabytes of gibberish, or people capable of writing it
Effectiveness: Well underway
How it works:
The whole purpose of the Internet is to communicate information. If that information is useless, full of propaganda, or downright incorrect, there is no real reason to continue using the system. The producer of a satirical Usenet newsgroup (predecessor to the modern web message board) called alt.destroy.the.internet noted that a network overrun with useless data is no different than a network that is missing. A quick look at the remains of that newsgroup (now operated, like all others, by Google) shows that the author was not far off in his predictions. Every post during the past two years is an advertisement for $PENI$ PILL$*& or some other product.What would happen:
Spam isn't the only way in which useless information is filling the Internet. The BBC recently reported that a declassified document recently released by the US Department of Justice speaks of foreign psychological warfare reaching United States citizens. With the global Internet, psyops data and propaganda - intentionally false information - released in other countries often finds its way back to Americans, who repeat it as though true.
Finally, the biggest problem with the Internet is that anybody can release information on the Internet. Publishers of false or questionable data often go out of their way to make their data look official. Furthermore, the Internet's anonymity provides crackpots, quacks, ideologues, bigots, and other fine examples of human society a place to extoll their views. The Internet's availability makes strange practices and beliefs seem commonplace. After all, if almost 400 people on the Internet have witnessed the same paranormal phenomenon as me or practice the same sexual fetish, we must be normal!
Despite the best efforts of publishers and honest people, information obtained via the Internet would be rendered untrustworthy at best. Most professionals also will not accept arbitrary websites as sources without corroborating data from a trusted non-Internet source. In other words, as a source of information, the Internet is no more useful than a card catalog.
Furthermore, any attempts to automatically filter the useless data will either fail to filter useless data or filter a lot of useful data in the process. This has been a problem for services which try to disable minors' access to adult websites. Even Google, the hero of automatic data analysis, has trouble distinguishing between news articles and adult websites in their SafeSearch feature.
An internet filled with useless data is the same as an internet that is not present.
Method 10: Solve some difficult math problems
What you'll need: More intelligence (or luck) than any mathematician in the past 60 years
Effectiveness: Brief
How it works:
Most data passed over the Internet is passed "in the clear". If that data is intercepted, anybody can read it as though they were the recipient. It's like opening somebody else's mail and reading a letter written to them. Financial data, and data passed between businesses, is often encrypted, or mangled in some way that makes it unreadable except to the recipient. It's like writing a letter to somebody in a secret code, like Enigma. Anybody who opens the letter will find a useless garble of seemingly random letters (if you use strong encryption), but the recipient, who has a machine that can decode the letters, can read the original message.What would happen:
There are various methods, or algorithms, of encrypting data. Most of them depend on a particular mathematical problem being "hard", meaning that they take a lot of time for a computer to solve. The best encryption algorithms depend on problems that would require longer than 15 billion years to solve with present computers. As computers get faster, problems that were previously considered hard become easy (requiring 1 year instead of 15 billion), and we change encryption algorithms. However, new technology that could speed up computers to the same degree as has occured since 1970 is unlikely to emerge in the near future.
These problems range from simple (factoring very large numbers) to convoluted (discrete logarithms). Speed, in terms of algorithms, is measured by complexity, or how many times we have to look at each piece of data to solve the problem. Solving one of these problems means discovering or inventing a fast algorithm for solving the problem, rather than the complex algorithms that exist today.
All security on the Internet would briefly become non-existent. Financial institutions and even your email provider would be in chaos. Every web browser in the world would instantly become obsolete. Solving just one or two problems would greatly startle the financial world while every business in the world raced to update its software.
Of course, the Internet would never be the same. Internet worms propagate quickly in many cases because people are slow to update their computers. Most are stopped not because people update but because providers filter information known to be sent by a worm. The problem of encryption, though, is not one that any Internet provider can solve. Every single computer, running every single operating system, in the world would need to be updated at the same time to use different encryption algorithms. (Of course, this update operation is often also protected by encryption, further compounding the problem!)
Method 11: Refuse to cooperate with IANA's policies on IP addressing
What you'll need: Selfish nationalism, spunk
Effectiveness: Very high
How it works:
IP addresses must be unique. That is, given an IP address, we should be able to identify a specific device attached to the Internet. With the current system of addressing, approximately 4 billion devices can use IP addresses at the same time. With a newer system - IPv6 - that is not very widespread, approximately 50 million billion billion addresses could be assigned for each person alive today. Nevertheless, each of these must be unique for a given device.What would happen:
At the present time, IP addresses are assigned by IANA - the Internet Assigned Numbers Authority - a subset of the ICANN group, which performs this role under contract with the US Department of Commerce. This group is a United States not-for-profit corporation, and it is in a provider's best interests to cooperate with it. Other networks are not likely to cooperate with a group that refuses, because the threat of duplicate IP addresses on incooperative systems could hinder their ability to route data to the intended recipient.
But you can refuse! In fact, some countries that are political or financial enemies of the United States are pushing the United Nations to seize control of this authority. Other countries are backing them out of simple nationalism - why should the United States have all the power on the Internet? Some countries will likely go ahead with the plan regardless of the United States' objections.
If any of these countries use IP ranges that are already assigned to devices in the United States, then those networks cannot be attached to the global Internet. This does not mean they won't work; network devices will still route the data appropriately within that nework. In the end, if nobody intervenes and makes a global body for assigning IP addresses, the world will no longer have a single global Internet. Instead, the biggest interconnection in the history of mankind will be fractured into several Internets, each responsible for a particular area, with its own alternative to IANA and ICANN. Nobody on one Internet would have access to materials on another Internet without severe limitations.
So, um, try to avoid doing any of these things. We don't need another dot-com bust. If you can think of any other ways, post them as comments!
(I have no idea what's up with blogger's fonts. Try to ignore them.)
# posted by Dev @ 2:39 PM 
