Friday, April 13, 2012

Threats to the Net

With the recent debates about proposed anti-piracy regulation, multiplying instances of hacking and viruses, and concerns about various government disruptions of parts of the Internet, this seems to be a good time to consider just how stable and survivable the Internet is, and what are the major potential threats lurking in the shadows.
  Mary Jander, writing for Internet Evolution blog, provides a good start, outlining five major threats -
  1. Snarled software - a lot of the code behind the programs supporting the Internet are open, collaborative, and heavily revised and rewritten over time.  Much is a mass of undocumented revisions and additions, developed by people more concerned with openness, redundancy, and survivability than security.  While many feel that this is a strength, others worry that the amalgam of contributions might slow down operations, and might hide exploitable weaknesses.
  2. Outdated addressing -  As with other addressable systems experiencing explosive growth, an system for creating and assigning unique addresses originally thought to be more than sufficient, the Internet is running out of valid IP addresses.  This problem was anticipated years ago, and ICANN (the more or less official body overseeing the Internet) has developed solutions by expanding from IP4 to IP6 address system (basically adding digits to the address string).  This should work for a while, but it's possible that at some not-so-distant point in the future, more digits will need to be added.  In the meantime, there is the issue of how do you switch (or how do you update the millions of bits of programs and codes that deal with those addresses.
      If that wasn't bad enough, ICANN has also opened up the choices for the related alphabetical domain names - including authorizing the use of non-ASCII character sets and languages.  How will legacy keyboards and programs cope with the expanded naming and address options?
  3. Weakness at the Core - Individuals access the Internet almost exclusively through ISPs.  And while they've so far been pretty well-behaved, there's been increasing use of data caps and intentional slowdowns as ISPs have attempted to deal with increased demand and data flows.  ISPs are also under increasing pressures from states to monitor data flows, to restrict access and transmission of certain types of data, and to reveal their customers' private information to authorities.
  4. Hackers and Criminals - From individuals to loose collectives like Anonymous, to state-sponsored information warfare, the threat is real and continuing.  To date, the redundancy and survivability designed into the Internet, and fear of the real consequences of widespread collapse, has generally limited long-term damage.  But researchers know that the Internet is vulnerable, even as they work to make it less so.
  5. The Threat from Space - A spate of recent major solar flares has reminded people of the possible consequences that a major electromagnetic pulse can do to any electronic device or telecommunication network.  One EMP from a massive solar flare created worldwide disruptions in the telegraph system in 1859; with the most basic and limited electronic network.  Some experts fear a similar event today would cause trillions of dollars of damage to sensitive electronics.  While you can harden electronics to be less susceptible to EMP damage, the cost of that approach (and particularly the need to apply it to millions of pieces of electronics) means that we'll just have to take our chances on this one.
 The threats are real, if not dire at this point.  And, as Jander points out, knowing about them has led to continuing efforts to find solutions, or at least ways of limiting the damage resulting from these threats.  Still, as she points out,
"none of the structural revisions to the Internet can fix its fundamental lack of effective governance. Absent collaboration and support for global consistency, the World Wide Web could devolve into a dreadful 'Outernet,' where privacy is nonexistent and service providers hold users in thrall."
  Vigilance from the Internet community, particularly with regard to policies and approaches that could further damage core Internet structures, wouldn't hurt either.

Source - Ticking Time Bombs: The Internet's Weakest Links,  Internet Evolution


  1. These ae very good points, but I think that the Internet is safe for the future. There have been problems in the past, and there have been solutions. I think that there are some smart individuals that will solve these problems, my only hope is that the government does not get involved and mess things up.

  2. I agree with Jander here about the priority list, if you will, of threats pertinent to the internet today. Before, it was the individual hackers and criminals that could pick off transactions, personal numbers, websites and even business code that was to be classified information. Now more than ever, and as technology continues to evolve at never-before-seen paces, the most dramatic effect could be the lack of security because of "survivability" of these undocumented revisions. Hopefully this "viginlance" from the Internet community is used in cleaning up revised code and software rather than further damage Internet structures, as Jander points out.