tag:theconversation.com,2011:/nz/topics/domain-name-system-dns-31935/articlesDomain Name System (DNS) – The Conversation2023-04-12T00:38:49Ztag:theconversation.com,2011:article/2033982023-04-12T00:38:49Z2023-04-12T00:38:49ZBanning TikTok could weaken personal cybersecurity<figure><img src="https://images.theconversation.com/files/520368/original/file-20230411-22-e2sc88.jpg?ixlib=rb-1.1.0&rect=0%2C7%2C5000%2C3315&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Banning TikTok could unintentionally pose a cybersecurity risk.</span> <span class="attribution"><a class="source" href="https://www.gettyimages.com/detail/news-photo/in-this-photo-illustration-a-crossed-out-tiktok-logo-is-news-photo/1249797505">SOPA Images/LightRocket via Getty Images</a></span></figcaption></figure><p>TikTok is not be the first app to be scrutinized over the <a href="https://www.theverge.com/2020/3/6/21168079/grindr-sold-chinese-owner-us-cfius-security-concerns-kunlun-lgbtq">potential exposure of U.S. user data</a>, but it is the first widely used app that the U.S. government has proposed banning over privacy and security concerns. </p>
<p>So far, the discussion has focused on <a href="https://theconversation.com/should-the-us-ban-tiktok-can-it-a-cybersecurity-expert-explains-the-risks-the-app-poses-and-the-challenges-to-blocking-it-202300">whether TikTok should be banned</a>. There has been little discussion of whether TikTok could be banned, and there has been almost no discussion of the effects on cybersecurity that a TikTok ban could cause, including encouraging users to sidestep built-in security mechanisms to bypass a ban and access the app.</p>
<p>As a <a href="https://www.rit.edu/directory/rboics-rob-olson">cybersecurity researcher</a>, I see potential risks if the U.S. attempts to ban TikTok. The type of risk depends on the type of ban.</p>
<h2>Blocking TikTok in the network</h2>
<p>Blocking access to TikTok by filtering traffic destined for addresses believed to be owned by TikTok is possible but would be difficult to accomplish. Server addresses can be changed and a TikTok ban could devolve into a game of cat and mouse. </p>
<p>Additionally, this sort of block could be bypassed using virtual private networks (VPNs), which encrypt data flowing between servers and devices. VPNs can be used to shield traffic between servers in other countries and devices in the U.S. VPNs were once widely recommended for people <a href="https://www.tomsguide.com/news/why-you-need-to-use-a-vpn-on-public-wi-fi">using public Wi-Fi</a>, and people are already using VPNs to <a href="https://www.pcmag.com/how-to/how-to-unblock-netflix-with-a-vpn">access blocked streaming services</a>. While security experts <a href="https://consumer.ftc.gov/articles/are-public-wi-fi-networks-safe-what-you-need-know">no longer recommend VPNs for public Wi-Fi</a>, many people have used them and so are familiar with a tool that would help them bypass a TikTok ban.</p>
<p><a href="https://www.sans.org/white-papers/33523/">DNS sinkholes</a> are another technique that could be used in TikTok bans. DNS, the Domain Name System, is a network protocol that behaves like the internet’s phone book. Computers need to know the IP address of a server in order to communicate with it. DNS allows a computer to look up that address using a name convenient for humans to remember, such as www.google.com.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/FsGUi5pXpLk?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">How the Domain Name System works.</span></figcaption>
</figure>
<p>DNS sinkholes stop that lookup. DNS sinkholes don’t directly block access to a server. Rather, they stop other computers from being able to look up the server’s address. It’s fair to think of a DNS sinkhole as removing someone’s name from a phone book.</p>
<p>DNS sinkholes are often used to <a href="https://techcrunch.com/2019/07/08/the-wannacry-sinkhole/">stop malware</a> and <a href="https://docs.pi-hole.net/">advertisements</a>. They could be used in a TikTok ban. However, DNS sinkholes only work if lookups are confined to DNS servers that are configured to be sinkholes. A ban using DNS sinkholes would likely cover most DNS servers that people’s computers use by default. </p>
<p>However, you can relatively <a href="https://developers.google.com/speed/public-dns/docs/using">easily change</a> DNS settings on your computer to circumvent a ban based on DNS sinkholes. There are many <a href="https://public-dns.info/">public DNS servers</a> that people could use instead of their current DNS servers, which are commonly maintained by internet service providers. Blocking TikTok with DNS sinkholes would require significant international cooperation to make it difficult for people to find DNS servers that could access TikTok.</p>
<p>People circumventing a ban by looking for an alternate DNS server would be at risk. Unless a DNS server uses an <a href="https://blog.apnic.net/2017/06/28/isnt-everyone-using-dnssec/">uncommon extension</a> named <a href="https://www.internetsociety.org/deploy360/dnssec/basics/?gclid=Cj0KCQjw27mhBhC9ARIsAIFsETE_8KhAuriFx6aNrjIeySjCnbPuuOGZt0-u8IZBhAJcZ7usGnHVZjMaArX8EALw_wcB">DNSSEC</a>, you can’t verify the integrity of a DNS response. A malicious DNS server could reply to a lookup with an IP address of a server that’s under criminal control. This opens the door for a number of different kinds of attacks that could put your data at risk. </p>
<h2>Banning TikTok from your phone</h2>
<p>Another way TikTok could be banned is by blocking the TikTok mobile app. This would not affect U.S. users’ ability to access the TikTok website, but it could change how and how often people access TikTok. Blocking the app could address the concern that TikTok could be used without the user’s knowledge to access other systems on a network that a mobile device is connected to. This has been the motivation for some <a href="https://www.pnj.com/story/news/education/2023/04/05/florida-tiktok-ban-uwf-joins-fsu-uf-in-banning-tiktok-on-campus/70086188007/">local TikTok bans</a>.</p>
<p><a href="https://www.reuters.com/technology/democratic-senator-urges-apple-google-kick-tiktok-out-app-stores-2023-02-02/">Removing TikTok from app stores</a> is unlikely to succeed by itself. Both Android and <a href="https://www.techtarget.com/searchmobilecomputing/opinion/Did-you-know-how-easy-it-is-to-sideload-iOS-apps-to-your-iPhone">iOS devices</a> have the ability to install apps from alternative sources, a technique known as <a href="https://www.lifewire.com/sideloading-4158932">sideloading</a>. While this added step may discourage some people, sideloading tutorials are widely available online, and there is <a href="https://www.fortnite.com/mobile/android">already popular software</a> that must be sideloaded to be used on a phone.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/ibw0l5o3hmY?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">How to sideload Android apps.</span></figcaption>
</figure>
<p>Mobile devices assume that mobile apps are coming from a trusted source. Both Google and <a href="https://developer.apple.com/app-store/review/guidelines/">Apple</a> audit mobile apps prior to the app being available for download. While these reviews <a href="https://www.darkreading.com/attacks-breaches/malicious-apps-millions-downloads-apple-google-app-stores">aren’t perfect</a>, they help ensure apps don’t contain vulnerabilities or malware. When app stores aren’t involved, security responsibilities change. Sideloading <a href="https://www.apple.com/privacy/docs/Building_a_Trusted_Ecosystem_for_Millions_of_Apps_A_Threat_Analysis_of_Sideloading.pdf">makes users responsible for verifying an app’s legitimacy</a>, and criminals could trick users into <a href="https://www.zdnet.com/article/this-android-trojan-malware-is-using-fake-apps-to-infect-smartphones-steal-bank-details/">installing malicious apps from third-party sources</a>.</p>
<p>But what about the millions of people who already have TikTok installed on their phones? Enforcing a TikTok app ban would likely require that it be removed from mobile devices. Apple has long had the ability to <a href="https://www.macworld.com/article/191897/iphone_killswitch.html">remove software from iPhones</a>, and Google could remove apps using <a href="https://developers.google.com/android/play-protect">Google Play Protect</a>. These tools are important security controls that, at least on Android devices, can remove malware even if it was sideloaded. Enforcing a ban using security controls could motivate users to disable these controls, which would weaken the security of their devices. </p>
<p>Users might even be motivated to “<a href="https://www.lifewire.com/what-is-jailbreaking-an-iphone-577591">jailbreak</a>” their iOS devices or “<a href="https://www.pcmag.com/encyclopedia/term/android-rooting">root</a>” their Android devices to prevent Apple or Google from removing the TikTok app, which would further weaken security. Jailbreaking an iOS device allows users to bypass security restrictions in the operating system. Rooting an Android device means gaining the highest level security access, which allows users to make changes to the operating system. Jailbreaking and rooting are prohibited by Apple and Google. Both actions void the user’s warranty and undermine the security controls that limit criminals’ access to mobile devices.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/Bjq4WYs4Emw?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Why you should not ‘root’ your phone.</span></figcaption>
</figure>
<h2>Security tradeoffs</h2>
<p>I find it unlikely that a TikTok ban would be technologically enforceable. Even China <a href="https://thehill.com/policy/technology/3920214-how-could-a-tiktok-ban-be-enforced/">struggles with content filtering</a>. These difficulties may be why proposed <a href="https://www.congress.gov/bill/118th-congress/senate-bill/686/text">legislation</a> includes significant punishments for bypassing the ban.</p>
<p>Even if the punishments are not <a href="https://www.newsweek.com/does-tiktok-ban-allow-20-year-prison-sentence-1790932">aimed at the average TikTok user</a>, this proposed legislation – aimed at improving cybersecurity – could motivate users to engage in riskier digital behavior.</p><img src="https://counter.theconversation.com/content/203398/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Robert Olson does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>Legislation meant to improve cybersecurity could be difficult to implement and might create incentives for riskier digital behavior.Robert Olson, Senior Lecturer of Computing Security, Rochester Institute of TechnologyLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1820202022-06-30T12:31:49Z2022-06-30T12:31:49ZKremlin tightens control over Russians’ online lives – threatening domestic freedoms and the global internet<figure><img src="https://images.theconversation.com/files/470666/original/file-20220623-52151-pttnpq.jpg?ixlib=rb-1.1.0&rect=0%2C0%2C3543%2C2360&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Russia has pioneered the concept of digital sovereignty and used it to severely restrict Russians' access to the internet.</span> <span class="attribution"><a class="source" href="https://www.gettyimages.com/detail/news-photo/binary-code-with-the-word-runet-displayed-on-a-laptop-news-photo/1239050451">NurPhoto via Getty Images</a></span></figcaption></figure><p>Since the start of Russia’s war on Ukraine in late February 2022, Russian internet users have experienced what has been dubbed the descent of a “<a href="https://www.vice.com/en/article/5dg4kb/russias-digital-iron-curtain-is-starting-to-take-shape">digital iron curtain</a>.”</p>
<p>Russian authorities blocked access to all major opposition news sites, as well as Facebook, Instagram and Twitter. Under the <a href="https://theconversation.com/pranks-and-propaganda-russian-laws-against-fake-news-target-ukrainians-and-the-opposition-not-pro-putin-pranksters-179795">new draconian laws purporting to combat fake news</a> about the Russian-Ukrainian war, internet users have faced administrative and criminal charges for allegedly spreading online disinformation about Russia’s actions in Ukraine. Most Western technology companies, from Airbnb to Apple, <a href="https://www.cnet.com/news/politics/what-companies-have-left-russia-see-the-list-across-tech-entertainment-and-financial-institutions/">have stopped or limited their Russian operations</a> as part of the broader <a href="https://som.yale.edu/story/2022/almost-1000-companies-have-curtailed-operations-russia-some-remain">corporate exodus from the country</a>.</p>
<p>Many Russians <a href="https://www.reuters.com/article/ukraine-crisis-russia-vpn-idCAKCN2LB1UD">downloaded virtual private network software</a> to try to access blocked sites and services in the first weeks of the war. By late April, 23% of Russian internet users <a href="https://www.levada.ru/en/2022/04/22/internet-social-networks-and-vpn/">reported using VPNs with varying regularity</a>. The state media watchdog, Roskomnadzor, <a href="https://interfax.com/newsroom/top-stories/79803/">has been blocking VPNs</a> to prevent people from bypassing government censorship and <a href="https://torrentfreak.com/new-vpn-crackdown-underway-in-russia-government-confirms-220603/">stepped up its efforts</a> in June 2022.</p>
<p>Although the speed and scale of the wartime internet crackdown are unprecedented, its <a href="https://globalvoices.org/2022/04/15/how-russia-makes-laws-to-support-networked-authoritarianism/">legal</a>, <a href="https://firstmonday.org/ojs/index.php/fm/article/view/11693/10124">technical</a> and <a href="https://doi.org/10.1080/23738871.2018.1546884">rhetorical</a> foundations were put in place during the preceding decade <a href="https://dgap.org/en/research/publications/russias-quest-digital-sovereignty">under the banner of digital sovereignty</a>.</p>
<p><a href="https://globalmedia.mit.edu/2020/08/05/the-diverse-meanings-of-digital-sovereignty/">Digital sovereignty for nations</a> is the exercise of state power within national borders over digital processes like the flow of online data and content, surveillance and privacy, and the production of digital technologies. Under authoritarian regimes like today’s Russia, digital sovereignty often serves as <a href="https://restofworld.org/2022/blackouts/">a veil for stymieing domestic dissent</a>. </p>
<h2>Digital sovereignty pioneer</h2>
<p>Russia has advocated upholding <a href="https://doi.org/10.14763/2020.3.1492">state sovereignty over information and telecommunications</a> since the early 1990s. In the aftermath of the Cold War, a weakened Russia could no longer compete with the U.S. economically, technologically or militarily. Instead, Russian leaders sought to curtail the emergent U.S. global dominance and hold on to Russia’s great power status.</p>
<p>They did so by promoting the preeminence of state sovereignty as a foundational principle of international order. In the 2000s, seeking to project its great power resurgence, <a href="https://doi.org/10.1177%2F1367549417751151">Moscow joined forces with Beijing</a> to spearhead the global movement for internet sovereignty.</p>
<p>Despite its decades-long advocacy of digital sovereignty on the world stage, the Kremlin didn’t begin enforcing state power over its domestic cyberspace until the early 2010s. From late 2011 to mid-2012, Russia saw <a href="https://www.opendemocracy.net/en/odr/dissecting-russia-s-winter-of-protest-five-years-on/">the largest series of anti-government rallies in its post-Soviet history</a> to protest Vladimir Putin’s third presidential run and <a href="https://www.theguardian.com/world/2012/mar/04/putin-alleged-voter-fraud-russian-election">fraudulent parliamentary elections</a>. As in the anti-authoritarian uprisings in the Middle East known as the Arab Spring, the internet served as a <a href="https://ijoc.org/index.php/ijoc/article/viewFile/4883/1791">critical instrument</a> in organizing and coordinating the Russian protests.</p>
<p>Following Putin’s return to the presidency in March 2012, the Kremlin <a href="https://dx.doi.org/10.2139/ssrn.2527603">turned its attention to controlling Russian cyberspace</a>. The so-called Blacklist Law established a framework for blocking websites under the guise of fighting child pornography, suicide, extremism and other widely acknowledged societal ills. </p>
<p>However, the law has been <a href="https://www.aei.org/wp-content/uploads/2015/01/Internet-freedom-in-Putins-Russia.pdf?x91208">regularly used to ban sites of opposition activists and media</a>. The law widely known as the Blogger’s Law then subjected all websites and social media accounts with over 3,000 daily users to traditional media regulations by requiring them to register with the state.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="An iPhone screen shows a Telegram account in Russian" src="https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=400&fit=crop&dpr=1 600w, https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=400&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=400&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=503&fit=crop&dpr=1 754w, https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=503&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/470678/original/file-20220623-52373-veejfi.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=503&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">OVD-Info, a Russian organization that tracks political arrests and provides legal aid to detainees, said that government regulators had blocked its website.</span>
<span class="attribution"><a class="source" href="https://newsroom.ap.org/detail/RussiaCrackdown/e7325a322105464f96b8cccd3ceff88b/photo">AP Photo/Alexander Zemlianichenko</a></span>
</figcaption>
</figure>
<p>The next pivotal moment in Moscow’s embrace of <a href="https://www.cigionline.org/articles/authoritarianism-has-been-reinvented-for-the-digital-age/">authoritarian digital sovereignty</a> came after Russia’s invasion of eastern Ukraine in the Spring of 2014. Over the following five years, as Russia’s relations with the West worsened, the Russian government undertook a barrage of initiatives meant to tighten its control over the country’s increasingly networked public.</p>
<p>The data localization law, for example, required foreign technology companies to keep Russian citizens’ <a href="https://www.dw.com/en/russia-tightens-internet-controls-makes-it-easier-to-spy-on-citizens-critics-say/a-18690498">data on servers located within the country</a> and thus easily accessible to the authorities. Under the pretext of fighting terrorism, another law required telecom and internet companies to <a href="https://www.hrw.org/news/2016/07/12/russia-big-brother-law-harms-security-rights">retain users’ communications for six months</a> and their metadata for three years and hand them over to authorities upon request without a court order. </p>
<p>The Kremlin has used these and other legal innovations to open criminal cases against thousands of internet users and jail hundreds for “liking” and sharing <a href="https://www.newsweek.com/2018/10/19/how-social-media-post-russia-can-land-you-jail-1157822.html">social media content critical of the government</a>.</p>
<h2>The Sovereign Internet Law</h2>
<p>In April 2019, Russian authorities took their aspirations for digital sovereignty to another level with the so-called Sovereign Internet Law. The law opened the door for <a href="https://dgap.org/en/research/publications/deciphering-russias-sovereign-internet-law">abuse of individual users and isolation of the internet community</a> as a whole.</p>
<p>The law requires all internet service providers to install state-mandated devices “for counteracting threats to stability, security, and the functional integrity of the internet” within Russian borders. The Russian government has interpreted threats broadly, including social media content. </p>
<p>For example, the authorities have <a href="https://www.reuters.com/world/europe/russia-says-twitter-mobile-slowdown-remain-until-all-banned-content-is-removed-2021-11-29/">repeatedly used this law to throttle the performance of Twitter</a> on mobile devices when Twitter has failed to comply with government requests to remove “illegal” content.</p>
<p>Further, the law establishes protocols for rerouting all internet traffic through Russian territory and for a single command center to manage that traffic. Ironically, the Moscow-based center that now controls traffic and fights foreign circumvention tools, such as the <a href="https://www.cnet.com/tech/services-and-software/tor-browser-faq-what-is-it-and-how-does-it-protect-your-privacy/">Tor browser</a>, <a href="https://www.washingtonpost.com/opinions/2021/12/21/how-western-tech-companies-are-helping-russia-censor-internet/">requires Chinese and U.S. hardware and software</a> to function in the absence of their Russian equivalents. </p>
<p>Lastly, the law promises to establish a Russian national Domain Name System. DNS is the global internet’s core database that translates between web names such as theconversation.com and their internet addresses, in this case 151.101.2.133. DNS is operated by a California-based nonprofit, the <a href="https://www.icann.org/">Internet Corporation for Assigned Names and Numbers</a>. </p>
<p>At the time of the law’s passing, <a href="https://www.youtube.com/watch?v=1ym0Xhvb09I">Putin justified the national DNS</a> by arguing that it would allow the Russian internet segment to function even if ICANN disconnected Russia from the global internet in an act of hostility. In practice, when, days into Russia’s invasion in February 2022, Ukrainian authorities asked ICANN to disconnect Russia from the DNS, <a href="https://www.cnn.com/2022/03/03/tech/ukraine-russia-internet-icann/index.html">ICANN declined the request</a>. ICANN officials said they wanted to avoid setting the precedent of disconnecting entire countries for political reasons.</p>
<figure>
<iframe width="440" height="260" src="https://www.youtube.com/embed/APKNrc6XZ6U?wmode=transparent&start=0" frameborder="0" allowfullscreen=""></iframe>
<figcaption><span class="caption">Ukrainian activists are attempting to pierce the digital Iron Curtain to get news of the war from sources outside of Russia to the Russian people.</span></figcaption>
</figure>
<h2>Splitting the global internet</h2>
<p>The Russian-Ukrainian war has <a href="https://www.technologyreview.com/2022/03/17/1047352/russia-splinternet-risk/">undermined the integrity of the global internet</a>, both by Russia’s actions and the actions of technology companies in the West. In an unprecedented move, social media platforms have <a href="https://www.cnet.com/news/politics/facebook-youtube-to-restrict-some-russian-state-controlled-media-across-europe/">blocked access to Russian state media</a>.</p>
<p>The internet is a global network of networks. Interoperability among these networks is the internet’s foundational principle. The ideal of a single internet, of course, has always run up against the reality of the world’s cultural and linguistic diversity: Unsurprisingly, most users don’t clamor for content from faraway lands in unintelligible languages. Yet, <a href="https://www.technologyreview.com/2022/03/17/1047352/russia-splinternet-risk/">politically motivated restrictions threaten to fragment the internet</a> into increasingly disjointed networks.</p>
<p>Though it may not be fought over on the battlefield, global interconnectivity has become one of the values at stake in the Russian-Ukrainian war. And as Russia has solidified its control over sections of eastern Ukraine, it has <a href="https://www.wired.com/story/ukraine-russia-internet-takeover/">moved the digital Iron Curtain to those frontiers</a>.</p><img src="https://counter.theconversation.com/content/182020/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Stanislav Budnitsky does not work for, consult, own shares in or receive funding from any company or organization that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>For more than a decade, the Russian government has been putting teeth into its doctrine of ‘digital sovereignty’ by steadily increasing censorship of content and control over internet access.Stanislav Budnitsky, Postdoctoral Fellow in Global and International Studies, Indiana UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1259522019-10-28T18:16:47Z2019-10-28T18:16:47Z‘Digital sovereignty’: can Russia cut off its Internet from the rest of the world?<figure><img src="https://images.theconversation.com/files/298906/original/file-20191028-113987-q82tb7.jpg?ixlib=rb-1.1.0&rect=0%2C15%2C1500%2C990&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">What digital border controls should be used in Russia?</span> <span class="attribution"><a class="source" href="https://upload.wikimedia.org/wikipedia/commons/e/ea/RIAN_archive_1052479_Work_of_border_guards_on_Russian-Lithuanian_border_in_Ribachy_village%2C_Kaliningrad_region.jpg">Wikimedia</a></span></figcaption></figure><p>The Internet infrastructure is based on the principle of the internationalisation of equipment and data and information flows. Elements of the Internet with a geographic location in national territories need physical and information resources hosted in other territories to be able to function. However, in this globalised context, Russia has been working since 2012 to gradually increase national controls on information flows and infrastructure, in an atmosphere of growing political mistrust toward protest movements within the country and its international partners abroad. Several laws have already been passed in this regard, such as the one in force since 2016 requiring companies processing data from Russian citizens to store them on national territory, or the one regulating the use of virtual private networks (VPNs), proxies and anonymisation tools in force since 2017.</p>
<p>In February 2019, a bill titled “On the isolation of the Russian segment of the Internet” was adopted at first reading in the State Duma (334 votes for and 47 against) on the initiative of Senators Klichas and Bokova and Deputy Lugovoi. The accompanying memo of intent states that the text is a response to the “aggressive nature of the United States National Cybersecurity Strategy” adopted in September 2018. The project focuses on two main areas: the <a href="https://blogrecherche.wp.imt.fr/2019/03/21/Internet-mondial-danger/">Domain Name System</a> (DNS) and traffic routing, the mechanism that selects paths in the Internet network for data to be sent from a sender to one or more recipients.</p>
<h2>Russia wants to free itself from foreign constraints</h2>
<p>The recommendations notably include two key measures. The first is the creation by Russia of its own version of the DNS in order to be able to operate if links to servers located abroad are broken, since none of the twelve entities currently responsible for the DNS root servers are located on Russian territory. The second is for Internet Service Providers (ISPs) to demonstrate that they are able to direct information flows exclusively to government-controlled routing points, which should filter traffic so that only data exchanged between Russians reaches its destination.</p>
<p>This legislation is the cornerstone of the Russian government’s efforts to promote their <a href="https://policyreview.info/articles/analysis/russias-dictatorship-law-approach-Internet-policy">“digital sovereignty”</a>. According to Russian legislators, the goal is to develop a way of isolating the Russian Internet on demand, making it possible to respond to the actions of foreign powers with self-sufficiency and to guarantee continued functioning. On the other hand, this type of configuration would also facilitate the possibility of blocking all or part of communications.</p>
<p>The Russian state is obviously not the only one aiming for better control of the network. Iran has been trying to do the same thing for years, as has China with the famous Great Firewall of China. Many states are seeking to reinforce their authority over “their” Internet, to the point of <a href="https://www.accessnow.org/keepiton/">partially or totally cutting off the network</a> (measures known as “shutdowns” or “kill switches”) in some cases. This was the case in Egypt during the 2011 revolution as well as more recently in Congo during the elections. It is also regularly the case in some parts of India.</p>
<p>In connection with these legislative projects, a <a href="https://www.uawire.org/kremlin-russia-technically-prepared-to-disconnect-from-world-wide-web">recent initiative</a>, published on February 12 by the Russian news agency Tass, has attracted particular attention. Under the impetus of the Russian State, a group uniting the main public and private telecommunications operators (led by Natalya Kasperskaya, co-founder of the well-known security company Kaspersky), has decided to conduct a test in order to temporarily cut off the Russian Internet from the rest of the globalised network and in particular the World Wide Web. This will in principle happen before April 1, the deadline for amendments to the draft law, requiring Russian Internet providers to be able to guarantee their ability to operate autonomously from the rest of the network.</p>
<h2>Technical, economic and political implications</h2>
<p>However, beyond the symbolic significance of empowerment through the disconnection of such a major country, there are many technical, economic, social and political reasons why such attempts should not be made, for the sake of the Internet on both an international and national scale.</p>
<p>From a technical point of view, even if Russia tries to prepare as much as possible for this disconnection, there will inevitably be unanticipated effects if it seeks to separate itself from the rest of the global network, due to the degree of interdependence of the latter across national borders and at all protocol levels. It should be noted that, unlike China which has designed its network with a very specific project of centralised internal governance, Russia has more than 3,000 ISPs and a complex branched-out infrastructure with multiple physical and economic connections with foreign countries. In this context, it is very difficult for ISPs and other Internet operators to know exactly how and to what extent they depend on other infrastructure components (traffic exchange points, content distribution networks, data centres etc.) located beyond their borders. This could lead to serious problems, not only for Russia itself but also for the rest of the world.</p>
<p>In particular, the test could pose difficulties for other countries that route traffic through Russia and its infrastructure, something which is difficult to define. The effects of the test will certainly be sufficiently studied and anticipated to prevent the occurrence of a real disaster like a long-term compromise of the functioning of major infrastructures such as transport. More likely consequences are the malfunctioning or slowdown of websites frequently used by the average user. Most of these websites operate from multiple servers located across the globe. <a href="https://www.wired.com/story/russia-Internet-disconnect-what-happens/"><em>Wired</em></a> magazine gives the example of a news site that depends on “an Amazon Web Services cloud server, Google tracking software and a Facebook plug-in for leaving comments”, all three operating outside Russia.</p>
<p>Economically speaking, due to the complex infrastructure of the Russian Internet and its strong connections with the rest of the world, such a test would be difficult and costly to implement. In February 2019 the Accounts Chamber of Russia <a href="https://www.telegraph.co.uk/news/2019/02/11/russia-planning-test-disconnect-Internet-world-wide-web/">opposed this legislation</a> on the grounds that it would lead to an increase in public expenditure to help operators implement technology and to hire additional staff at Roskomnadzor, the communications monitoring agency, which will open a centre for the supervision and administration of the communication network. The Russian Ministry of Finance is also concerned about the costs associated with this project. Implementing the law could be costly for companies and encourage corruption.</p>
<h2>“Sovereignty” or censorship?</h2>
<p>Lastly, from the point of view of political freedoms, the new initiative is provoking the mobilisation of citizen movements. “Sovereignty” carries even greater risks of censorship. The system would be supervised and coordinated by the state communications monitoring agency, Roskomnadzor, which already centralises the blocking of thousands of websites, including major information websites. The implementation of this project would broaden the possibilities for traffic inspection and censorship in Russia, says the Roskomsvoboda association. As mentioned above, it could facilitate the possibility of shutting down the Internet or controlling some of its applications, such as Telegram (which the Russian government tried to block unsuccessfully in spring 2018). A similar attempt at a cut or “Internet blackout” was made in the Republic of Ingushetia as part of a mass mobilisation in October 2018, when the government succeeded in cutting off traffic almost completely. A demonstration “against the isolation of the Runet” united 15,000 people in Moscow on March 10, 2019 at the initiative of multiple online freedom movements and parties, reflecting concerns expressed in society.</p>
<p>Is it possible to break away from the global Internet today, and what are the consequences? It is difficult to anticipate all the implications of such major changes on the global architecture of the Internet. During the discussion on the draft law in the State Duma, Deputy Oleg Nilov, from the Fair Russia party, described the initiative as a “digital Brexit” from which ordinary users in Russia will be the first to suffer. As has been seen (and <a href="https://www.palgrave.com/fr/book/9781137533265">studied</a>) on several occasions in the recent past, information and communication network infrastructures have become decisive levers in the exercise of power, on which governments intend to exert their full weight. But, as elsewhere, the Russian digital space is increasingly complex, and the results of ongoing isolationist experiments are more unpredictable than ever.</p><img src="https://counter.theconversation.com/content/125952/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Françoise Daucé, Ksenia Ermoshina, Benjamin Loveluck and Francesca Musiani received funding from the National Research Agency (ANR), an innovative, integrative and adaptive companies programme (DS08) 2017, as part of the ResisTIC project (Les résistants du net. Criticism and evasion of digital coercion in Russia, ANR-17-CE26-0020).</span></em></p><p class="fine-print"><em><span>Benjamin Loveluck, Françoise Daucé et Ksenia Ermoshina ne travaillent pas, ne conseillent pas, ne possèdent pas de parts, ne reçoivent pas de fonds d'une organisation qui pourrait tirer profit de cet article, et n'ont déclaré aucune autre affiliation que leur poste universitaire.</span></em></p>The Russian government would like to free itself from the global Internet. This push for “digital sovereignty” has raised technical scepticism and political concerns.Francesca Musiani, Chargée de recherche CNRS, Directrice adjointe du Centre Internet et Société (CIS), chercheuse associée, Mines Paris - PSLBenjamin Loveluck, Maître de conférences, Télécom Paris – Institut Mines-TélécomFrançoise Daucé, Directrice d'études, École des Hautes Études en Sciences Sociales (EHESS)Ksenia Ermoshina, Docteure en socio-économie de l’innovation, Centre national de la recherche scientifique (CNRS)Licensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1244012019-10-07T16:52:39Z2019-10-07T16:52:39ZDomain name fraud: is the global Internet in danger?<figure><img src="https://images.theconversation.com/files/294661/original/file-20190929-185369-1crtw9o.jpg?ixlib=rb-1.1.0&rect=0%2C1407%2C4000%2C2754&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">A spider's web is secure, and ours?</span> <span class="attribution"><a class="source" href="https://unsplash.com/photos/h7dl6upIOOs">Robert Anasch/Unsplash</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span></figcaption></figure><p>In late February 2019, the Internet Corporation for Assigned Names and Numbers (<a href="https://www.icann.org/">ICANN</a>), the organization that manages the IP addresses and domain names used on the web, issued a warning on the risks of systemic Internet attacks. Here is what you need to know about what is at stake.</p>
<h2>What is the DNS?</h2>
<p>The Domain Name Service (DNS) links a domain name (for example, the domain <a href="https://ameli.fr/">ameli.fr</a> for French health insurance) to an IP (Internet Protocol) address, in this case “31.15.27.86”). This is now an essential service, since it makes it easy to memorize the identifiers of digital services without having their addresses. Yet, like many former types of protocol, it was designed to be robust, but not secure.</p>
<p><div data-react-class="Tweet" data-react-props="{"tweetId":"1105049615898951681"}"></div></p>
<p>DNS defines the areas within which an authority will be free to create domain names and communicate them externally. The benefit of this mechanism is that the association between the IP address and the domain name is closely managed. The disadvantage is that several inquiries are sometimes required to resolve a name, in other words, associate it with an address.</p>
<p>Many organizations that offer Internet services have one or several domain names, which are registered with the suppliers of this registration service. These service providers are themselves registered, directly or indirectly with <a href="https://www.icann.org/fr">ICANN</a>, an American organization in charge of organizing the Internet. In France, the reference organization is the <a href="https://www.afnic.fr/en/">AFNIC</a>, which manages the “.fr” domain.</p>
<p>We often refer to a fully qualified domain name, or FQDN. In reality, the Internet is divided into top-level domains (TLD). The initial American domains made it possible to divide domains by type of organization (commercial, university, government, etc.). Then national domains like “.fr” quickly appeared. More recently, ICANN authorized the registration of a wide variety of top-level domains. The information related to these top-level domains is saved within a group of 13 servers distributed around the globe to ensure reliability and speed in the responses.</p>
<p>The DNS protocol establishes communication between the user’s machine and a domain name server (DNS). This communication allows this name server to be queried to resolve a domain name, in other words, obtain the IP address associated with a domain name. The communication also allows other information to be obtained, such as finding a domain name associated with an address or finding the messaging server associated with a domain name in order to send an electronic message. For example, when we load a page in our browser, the browser performs a DNS resolution to find the correct address.</p>
<p>Due to the distributed nature of the database, often the first server contacted does not know the association between the domain name and the address. It will then contact other servers to obtain a response, through an iterative or recursive process, until it has queried one of the 13 root servers. These servers form the root level of the DNS system.</p>
<p>To prevent a proliferation of queries, each DNS server locally stores the responses received that associate a domain name and address for a few seconds. This cache makes it possible to respond more quickly if the same request is made within a brief interval.</p>
<h2>Vulnerable protocol</h2>
<p>DNS is a general-purpose protocol, especially within company networks. It can therefore allow an attacker to bypass their protection mechanisms to communicate with compromised machines. This could, for example, allow the attacker to control the networks of robots (botnets). The defence response relies on the more specific filtering of communications, for example requiring the systematic use of a DNS relay controlled by the victim organization. The analysis of the domain names contained in the DNS queries, which are associated with black or white lists, is used to identify and block abnormal queries.</p>
<figure class="align-right ">
<img alt="" src="https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=441&fit=crop&dpr=1 600w, https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=441&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=441&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=554&fit=crop&dpr=1 754w, https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=554&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/263166/original/file-20190311-86696-136fzmg.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=554&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption">Failure.</span>
<span class="attribution"><span class="source">Abdallahh/Flickr</span>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<p>The DNS protocol also makes denial of service attacks possible. In fact, anyone can issue a DNS query to a service by taking over an IP address. The DNS server will respond naturally to the false address. The address is in fact the victim of the attack, because it has received unwanted traffic. The DNS protocol also makes it possible to carry out amplification attacks, which means the volume of traffic sent from the DNS server to the victim is much greater than the traffic sent from the attacker to the DNS server. It therefore becomes easier to saturate the victim’s network link.</p>
<p>The DNS service itself can also become the victim of a denial of service attack, as was the case for <a href="https://en.wikipedia.org/wiki/2016_Dyn_cyberattack">DynDNS in 2016</a>. This triggered cascading failures, since certain services rely on the availability of DNS in order to function.</p>
<p>Protection against denial of service attacks can take several forms. The most commonly used today is the filtering of network traffic to eliminate excess traffic. <a href="https://en.wikipedia.org/wiki/Anycast">Anycast</a> is also a growing solution for replicating the attacked services if needed.</p>
<h2>Cache poisoning</h2>
<p>A third vulnerability that was widely used in the past is to attack the link between the domain name and IP address. This allows an attacker to steal a server’s address and to attract the traffic itself. It can therefore “clone” a legitimate service and obtain the misled users’ sensitive information: Usernames, passwords, credit card information etc. This process is relatively difficult to detect.</p>
<p>As mentioned, the DNS servers have the capacity to store the responses to the queries they have issued for a few minutes and to use this information to respond to the subsequent queries directly. The so-called <a href="https://en.wikipedia.org/wiki/DNS_spoofing">cache poisoning</a> attack allows an attacker to falsify the association within the cache of a legitimate server. For example, an attacker can flood the intermediate DNS server with queries and the server will accept the first response corresponding to its request.</p>
<p>The consequences only last a little while, the queries made to the compromised server are diverted to an address controlled by the attacker. Since the initial protocol does not include any means for verifying the domain-address association, the customers cannot protect themselves against the attack.</p>
<p>This often results in Internet fragments, with customers communicating with the compromised DNS server being diverted to a malicious site, while customers communicating with other DNS servers are sent to the original site. For the original site, this attack is virtually impossible to detect, except for a decrease in traffic flows. This decrease in traffic can have significant financial consequences for the compromised system.</p>
<h2>Security certificates</h2>
<p>The purpose of the secure DNS (Domain Name System Security Extensions, DNSSEC) is to prevent this type of attack by allowing the user or intermediate server to verify the association between the domain name and the address. It is based on the use of certificates, such as those used to verify the validity of a website (the little padlock that appears in a browser web bar). In theory, a verification of the certificate is all that is needed to detect an attack.</p>
<p><div data-react-class="Tweet" data-react-props="{"tweetId":"1102695500774559746"}"></div></p>
<p>However, this protection is not perfect. The verification process for the “domain-IP address” associations remains incomplete. This is partly because a number of registers have not implemented the necessary infrastructure. Although the standard itself was published nearly fifteen years ago, we are still waiting for the deployment of the necessary technology and structures. The emergence of services like <a href="https://en.wikipedia.org/wiki/Let%27s_Encrypt">Let’s Encrypt</a> has helped to spread the use of certificates, which are necessary for secure navigation and DNS protection. However, the use of these technologies by registers and service providers remains uneven; some countries are more advanced than others.</p>
<p>Although residual vulnerabilities do exist (such as direct attacks on registers to obtain domains and valid certificates), DNSSEC offers a solution for the type of attacks recently denounced by <a href="https://www.icann.org/">ICANN</a>. These attacks rely on DNS fraud. To be more precise, they rely on the falsification of DNS records in the register databases, which means either these registers are compromised, or they are permeable to the injection of false information. This modification of a register’s database can be accompanied by the injection of a certificate, if the attacker has planned this. This makes it possible to circumvent DNSSEC, in the worst-case scenario.</p>
<p>This modification of DNS data implies a fluctuation in the domain-IP address association data. This fluctuation can be observed and possibly trigger alerts. It is therefore difficult for an attacker to remain completely unnoticed. But since these fluctuations can occur on a regular basis, for example when a customer changes their provider, the supervisor must remain extremely vigilant in order to make the right diagnosis.</p>
<h2>Institutions targeted</h2>
<p>In the case of the attacks denounced by ICANN, there were two significant characteristics. First of all, they were active for a period of several months, which implies that the strategic attacker was determined and well-equipped. Secondly, they effectively targeted institutional sites, which indicates that the attacker had a strong motivation. It is therefore important to take a close look at these attacks and understand the mechanisms the attackers implemented in order to rectify the vulnerabilities, probably by reinforcing good practices.</p>
<p>ICANN’s promotion of the DNSSEC protocol raises questions. It clearly must become more widespread. However, there is no guarantee that these attacks would have been blocked by DNSSEC, nor even that they would have been more difficult to implement. Additional analysis will be required to update the status of the security threat for the protocol and the DNS database.</p>
<hr>
<p><em>This article was translated from the <a href="https://blogrecherche.wp.imt.fr/en/2019/07/09/domain-name-fraud-internet-danger/">original French</a> by Institut Mines-Télécom.</em></p><img src="https://counter.theconversation.com/content/124401/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Hervé Debar has received funding from the European Commission under the Horizon 2020 programme (H2020), the National Research Agency (ANR), the Directorate General for Enterprise (DGE) under the FUI and PIA programmes, the Essonne General Council (ASTRE programme), the Mines-Télécom Foundation and the Carnot TSN Institute. He represents the Institut Mines-Télécom on the "Digital Confidence and Security" steering committee of the System@tic pole and at the European CyberSecurity Organization (ECSO).</span></em></p>The announcement of a systemic attack on the Internet in February 2019 raises the question of the structure and protection of one of the major protocols of the web: the domain name service (DNS).Hervé Debar, Directeur de la Recherche et des Formations Doctorales à Télécom SudParis, Télécom SudParis – Institut Mines-TélécomLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/1017362019-03-11T18:49:45Z2019-03-11T18:49:45ZThe internet is now an arena for conflict, and we’re all caught up in it<figure><img src="https://images.theconversation.com/files/261397/original/file-20190228-106356-avefdx.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">There is a vast infrastructure of digital tools that can be used to strategically manipulate behaviour for tactical gain.</span> <span class="attribution"><a class="source" href="https://www.shutterstock.com/download/confirm/434522146?size=huge_jpg">Shutterstock</a></span></figcaption></figure><p><em>This article is part of our occasional long read series <a href="https://theconversation.com/au/topics/zoom-out-51632">Zoom Out</a>, where authors explore key ideas in science and technology in the broader context of society and humanity.</em></p>
<hr>
<p>Most people think the internet operates as a kind of global public square. In reality, it’s become a divided arena where conflict between nation states plays out. </p>
<p>Nation states run covert operations on the same platforms we use to post cat videos and exchange gossip. And if we’re not aware of it, we could be unwittingly used as pawns for the wrong side.</p>
<p>How did we get here? It’s complicated, but let’s walk through some of the main elements. </p>
<h2>The age of entanglement</h2>
<p>On the one hand, we have an information landscape dominated by Western culture and huge multi-national internet platforms run by private companies, such as Google and Facebook. On the other, there are authoritarian regimes such as China, Iran, Turkey and Russia exercising tight control over the internet traffic flowing in and out of their countries. </p>
<p>We are seeing more cyber intrusions into <a href="https://theconversation.com/a-state-actor-has-targeted-australian-political-parties-but-that-shouldnt-surprise-us-111997">nation state networks</a>, such as the recent hack of the Australian parliamentary network. At the same time, <a href="https://www.politics.ox.ac.uk/news/lucas-kello-gives-evidence-to-house-of-lords-committee.html">information</a> and influence operations conducted by countries such as Russia and China are flowing through social media into our increasingly shared digital societies.</p>
<p>The result is a <a href="https://mitpress.mit.edu/books/stack">global</a> ecosystem <a href="https://nsc.crawford.anu.edu.au/news-events/podcasts/video/10698/towards-political-ecology-cyberspace-3-3">perpetually</a> close to the threshold of war.</p>
<p>Because nations use the internet both to assert power and to conduct trade, there are incentives for authoritarian powers to keep their internet traffic open. You can’t maintain rigid digital borders and assert cyberpower influence at the same time, so nations have to “<a href="https://www.belfercenter.org/sites/default/files/legacy/files/IS3903_pp007-047.pdf">cooperate to compete</a>”. </p>
<p>This is becoming known as “entanglement” – and it affects us all.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/a-state-actor-has-targeted-australian-political-parties-but-that-shouldnt-surprise-us-111997">A state actor has targeted Australian political parties – but that shouldn't surprise us</a>
</strong>
</em>
</p>
<hr>
<h2>Data flows in one direction</h2>
<p>Authoritarian societies such as China, Russia and Iran aim to create their own separate digital ecosystems where the government can control internet traffic that flows in and out of the country. </p>
<p>The Chinese Communist Party is well known for maintaining a supposedly secure Chinese internet via what is known in the West as the “<a href="https://cs.stanford.edu/people/eroberts/cs181/projects/2010-11/FreedomOfInformationChina/the-great-firewall-of-china-background/index.html">Great Firewall</a>”. This is a system that can block international internet traffic from entering China according to the whim of the government. </p>
<p>For the majority of the <a href="https://techcrunch.com/2018/08/21/china-reaches-800-million-internet-users/">802 million people online</a> in China, many of the apps we use to produce and share information are not accessible. Google, YouTube, Facebook, Twitter are blocked. Instead, people in China use apps created by Chinese technology companies, such as Tencent, Alibaba and Baidu. </p>
<p>Traffic within this ecosystem is monitored and censored in the most sophisticated and comprehensive surveillance state in the world. In 2018, for example, Peppa Pig was <a href="https://www.sbs.com.au/news/how-peppa-pig-became-a-gangster-figure-in-china">banned</a> and the People’s Daily referred to her as a “<a href="https://web.archive.org/web/20180502092019/http://media.people.com.cn/BIG5/n1/2018/0426/c40606-29950870.html">gangster</a>” after she became iconic of rebelliousness in Chinese youth culture.</p>
<h2>Complete blocking of data is impossible</h2>
<p>A key objective of this firewall is to to shield Chinese society and politics from external influence, while enabling internal surveillance of the Chinese population.</p>
<p>But the firewall is not technologically independent of the West – its development has been reliant upon US corporations to supply the software, hardware innovation and training to ensure the system functions. And since the internet is an arena where nations compete for economic advantage, it’s not in the interest of either side to destroy cyberspace entirely. </p>
<p>As cyber security expert Greg Austin <a href="https://www.springer.com/la/book/9783319684352">has observed</a>, the foundations of China’s cyber defences remain weak. There are technical ways to <a href="https://link.springer.com/chapter/10.1007%2F11957454_2">get around the firewall</a>, and Chinese internet users exploit <a href="https://theconversation.com/from-metoo-to-ricebunny-how-social-media-users-are-campaigning-in-china-90860">Mandarin homophones and emoji</a> to evade internal censors.</p>
<p>Chinese economic and financial entanglement with the West means complete blocking of data is impossible. Consistent incentives to openness remain. China and the United States are therefore engaged in what Canadian scholar of digital media and global affairs Jon R Lindsay <a href="https://www.belfercenter.org/sites/default/files/legacy/files/IS3903_pp007-047.pdf">describes</a> as: </p>
<blockquote>
<p>chronic and ambiguous intelligence-counter intelligence contests across their networks, even as the internet facilitates productive exchange between them.</p>
</blockquote>
<p>That is, a tension exists because they are covertly working against each other on exactly the same digital platforms necessary to promote their individual and mutual interests in areas such as trade, manufacturing, communications and regulation. </p>
<p>Since Russia is less dependent upon the information technology services of the United States and is therefore less entangled than China, it is <a href="https://www.unsw.adfa.edu.au/unsw-canberra-cyber/news/australian-cyber-ideas-moscow">more able</a> to engage in bilateral negotiation and aggression.</p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/how-digital-media-blur-the-border-between-australia-and-china-101735">How digital media blur the border between Australia and China</a>
</strong>
</em>
</p>
<hr>
<h2>Different styles of influence</h2>
<p>If the internet has become a contest between nation states, one way of winning is to appear to comply with the letter of the law, while abusing its spirit. </p>
<p>In the West, a network of private corporations, including Twitter, Google and Facebook, facilitate an internet system where information and commerce flow freely. Since the West remains open, while powers such as Russia and China exercise control over internet traffic, this creates an imbalance that can be exploited.</p>
<p>Influence operations conducted by China and Russia in countries such as Australia exist within this larger context. And they are being carried out in the digital arena on a <a href="https://blog.google/technology/safety-security/update-state-sponsored-activity/">scale</a> never before experienced. In the words of the latest <a href="https://www.dni.gov/files/ODNI/documents/2019-ATA-SFR---SSCI.pdf">US Intelligence Community Worldwide Threat Assessment</a>:</p>
<blockquote>
<p>Our adversaries and strategic competitors […] are now becoming more adept at using social media to alter how we think, behave and decide.</p>
</blockquote>
<p>The internet is a vast infrastructure of tools that can be used to strategically manipulate behaviour for specific tactical gain, and each nation has its own style of influence. </p>
<p>I have previously written about attempts by <a href="https://theconversation.com/how-digital-media-blur-the-border-between-australia-and-china-101735">China</a> and <a href="https://theconversation.com/russian-trolls-targeted-australian-voters-on-twitter-via-auspol-and-mh17-101386">Russia</a> to influence Australian politics via social media, showing how each nation state utilises different tactics.</p>
<p>China takes a subtle approach, reflecting a long term strategy. It seeks to connect with the Chinese diaspora in a <a href="https://securityaffairs.co/wordpress/57781/apt/operation-cloud-hopper-apt10.html">target country</a>, and shape opinion in a manner favourable to the Chinese Communist Party. This is often as much as about <a href="https://theconversation.com/why-china-will-be-watching-how-we-commemorate-anzac-day-75856">ensuring some things aren’t said</a> as it is about shaping what is.</p>
<p><a href="https://theconversation.com/russian-trolls-targeted-australian-voters-on-twitter-via-auspol-and-mh17-101386">Russia</a>, on the other hand, has used more obvious tactics to infiltrate and disrupt Australian political discourse on social media, <a href="https://theconversation.com/weve-been-hacked-so-will-the-data-be-weaponised-to-influence-election-2019-heres-what-to-look-for-112130">exploiting</a> Islamophobia – and the divide between left and right – to undermine social cohesion. This reflects Russia’s primary aim to destabilise the civic culture of the target population.</p>
<p>But there are some similarities between the two approaches, reflecting a growing cooperation between them. As the <a href="https://www.dni.gov/files/ODNI/documents/2019-ATA-SFR---SSCI.pdf">US Intelligence Community</a> points out:</p>
<blockquote>
<p>China and Russia are more aligned than at any point since the mid-1950s.</p>
</blockquote>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/weve-been-hacked-so-will-the-data-be-weaponised-to-influence-election-2019-heres-what-to-look-for-112130">We've been hacked – so will the data be weaponised to influence election 2019? Here’s what to look for</a>
</strong>
</em>
</p>
<hr>
<h2>A strategic alliance between Russia and China</h2>
<p>The strategic <a href="https://toinformistoinfluence.com/2017/07/24/forget-sun-tzu-the-art-of-modern-war-can-be-found-in-a-chinese-strategy-book-from-1999/">origins of these shared approaches</a> go back to the early internet itself. The Russian idea of <a href="https://www.nato.int/DOCU/review/2015/Also-in-2015/hybrid-modern-future-warfare-russia-ukraine/EN/index.htm">hybrid warfare</a> – also known as the <a href="https://foreignpolicy.com/2018/03/05/im-sorry-for-creating-the-gerasimov-doctrine/">Gerasimov Doctrine</a> – uses information campaigns to undermine a society as part of a wider strategy. </p>
<p>But this concept first originated in the Chinese People’s Liberation Army (PLA). In 1999, Chinese PLA colonels penned a strategy titled <a href="https://www.oodaloop.com/documents/unrestricted.pdf">Unrestricted Warfare</a>, which outlined how to use media, government, pretty much everything, in the target country not as a tool, but as a weapon. </p>
<p>It recommended not just cyber attacks, but also fake news campaigns – and was the basis for information campaigns that became famous during the 2016 US presidential election.</p>
<p>In June 2016, Russia and China <a href="http://www.russia.org.cn/en/russia_china/president-vladimir-putin-and-chairman-of-the-people-s-republic-of-china-xi-jinping-held-talks-in-beijing-june-25-2016/">signed</a> a joint declaration on the internet, affirming their shared objectives. In December 2016, Russian President Vladimir Putin signed off on a new <a href="http://www.mid.ru/en/foreign_policy/official_documents/-/asset_publisher/CptICkB6BZ29/content/id/2563163">Doctrine of Information Security</a>, which establishes how Russia will <a href="https://www.cyberdb.co/russia-and-china-are-making-their-information-security-case/">defend</a> its own population against influence operations. </p>
<p><a href="https://www.lexology.com/library/detail.aspx?g=d23109be-661d-4e90-a92c-32b7330e3a49">Observers</a> noted the striking similarity between the Russian document and Chinese internet <a href="https://www.chinalawtranslate.com/cybersecuritylaw/?lang=en">law</a>. </p>
<p>Russia and China also <a href="https://www.chathamhouse.org/expert/comment/cyberattack-revelations-appear-undercut-russia-un">share a view</a> of the global management of the internet, pursued via the United Nations:</p>
<blockquote>
<p>[…] more regulations to clarify how international law applies to cyberspace, with the aim of exercising more sovereignty – and state control – over the internet.</p>
</blockquote>
<p>The recent “sovereign internet” <a href="http://sozd.duma.gov.ru/bill/608767-7">bill</a> introduced to the Russian Parliament <a href="https://www.rferl.org/a/russian-bill-on-autonomous-operation-of-internet-advances-in-duma/29765882.html">proposes</a> a Domain Name System (DNS) independent of the wider internet infrastructure. </p>
<p>If the internet is now a site of proxy war, such <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2466222">so-called</a> “<a href="https://www.rferl.org/a/q-a-hurdles-ahead-as-russia-surges-on-with-sovereign-internet-plan/29766229.html">balkanization</a>” challenges the dominance of the United States. </p>
<p>Nations are competing for <a href="https://smallwarsjournal.com/jrnl/art/harnessing-david-and-goliath-orthodoxy-asymmetry-and-competition">influence, leverage and advantage</a> to secure their own interests. Russia and China don’t want to risk an all out war, and so competition is pursued at a level just below armed conflict. </p>
<p>Technology, especially the internet, has brought this competition to us all. </p>
<hr>
<p>
<em>
<strong>
Read more:
<a href="https://theconversation.com/russian-trolls-targeted-australian-voters-on-twitter-via-auspol-and-mh17-101386">Russian trolls targeted Australian voters on Twitter via #auspol and #MH17</a>
</strong>
</em>
</p>
<hr>
<h2>We’re entering turbulent waters</h2>
<p>Despite its best efforts, China’s leaders remain concerned that the digital border between it and the rest of the world is too porous. </p>
<p>In June 2009, Google was blocked in China. In 2011, Fang Binxing, one of the main designers of the <a href="https://www.bloomberg.com/quicktake/great-firewall-of-china">Great Firewall</a> expressed concern Google <a href="https://books.google.com.au/books?id=dEGdCwAAQBAJ&pg=PA113&lpg=PA113&dq=Fang+Binxing+2011+riverbed+benjamin+bratton&source=bl&ots=61Gnc-6vW-&sig=ITVdygMm5ZmxuelLYB6w9oa6Cos&hl=en&sa=X&ved=2ahUKEwib66X9mPvcAhXHU7wKHRHrDiUQ6AEwAHoECAcQAQ#v=onepage&q=Fang%20Binxing%202011%20riverbed%20benjamin%20bratton&f=false">was still potentially accessible in China</a>, saying:</p>
<blockquote>
<p>It’s like the relationship between riverbed and water. Water has no nationality, but riverbeds are sovereign territories, we cannot allow polluted water from other nation states to enter our country.</p>
</blockquote>
<p>The water metaphor was deliberate. Water flows and maritime domains define sovereign borders. And water flows are a good analogy for data flows. The internet has pitched democratic politics into the fluid dynamics of <a href="http://politicalturbulence.org/">turbulence</a>, where algorithms shape <a href="https://motherboard.vice.com/en_us/article/xwjden/targeted-advertising-is-ruining-the-internet-and-breaking-the-world">attention</a>, tiny clicks <a href="https://www.cambridge.org/core/journals/political-science-research-and-methods/article/quota-sampling-using-facebook-advertisements/0E120F161C9E114C6044EBB7792B5E70">measure participation</a>, and personal data is <a href="https://www.chinoiresie.info/the-global-age-of-algorithm-social-credit-and-the-financialisation-of-governance-in-china/">valuable</a> and apt to be <a href="https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3224952">manipulated</a>.</p>
<p>While other nations grapple with the best mix of containment, control and openness, ensuring Australia’s <a href="http://www.abc.net.au/radionational/programs/breakfast/china-in-focus/10181900">democracy remains robust</a> is the best defence. We need to keep an eye on the nature of the political discussion online, which requires a coordinated approach between the government and private sector, defence and security agencies, and an educated public.</p>
<p>The strategies of information warfare we hear so much about these days were conceived in the 1990s – an era when “surfing the web” seemed as refreshing as a dip at your favourite beach. Our immersion in the subsequent waves of the web seem more threatening, but perhaps we can draw upon our cultural traditions to influence Australian security. </p>
<p>As the rip currents of global internet influence operations grow more prevalent, making web surfing more dangerous, Australia would be wise to mark out a safe place to swim between the flags. Successful protection from influence will need many eyes watching from the beach.</p><img src="https://counter.theconversation.com/content/101736/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Tom Sear does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>Nation states are covertly working against each other on the very same digital platforms they use to collaborate in areas such as trade and manufacturing.Tom Sear, Industry Fellow, UNSW Canberra Cyber, Australian Defence Force Academy, UNSW SydneyLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/675642016-10-24T15:08:38Z2016-10-24T15:08:38ZBy attacking DNS, hackers can bring down many websites for the price of one<figure><img src="https://images.theconversation.com/files/142915/original/image-20161024-28405-1srmbji.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">Kjetil Kolbjornsrud/shutterstock.com</span></span></figcaption></figure><p>When hugely popular websites and services such as Netflix, Spotify, Twitter, PayPal and Amazon Web Services are taken offline, it affects millions or even billions of internet users. The <a href="https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/">cyberattack</a> that brought down these and other sites in the US and Europe focused on a particular component of the internet’s architecture that is known to be vulnerable: <a href="http://www.theregister.co.uk/2016/10/21/dyn_dns_ddos_explained/">DNS</a>.</p>
<p>To understand how such attacks are possible today you have to remember that the internet was designed decades ago, when there were very few computers in the world – and even fewer connected to a network. As a <a href="http://www.darpa.mil/about-us/timeline/arpanet">research project funded by the US military</a> in the 1960s, the original internet was designed to be a network that could survive a nuclear attack. It was distributed, didn’t rely on a central hub, and messages could still be routed through the network even if large parts of it had been damaged or destroyed.</p>
<p>But while this design made the internet resilient to attacks from outside the network, its design placed a great deal of trust in those using it – all its users were to be US military or associated staff, after all. Consequently the internet was never designed to withstand attacks from inside the network, yet today it is used across the world – including by, for example, both the US military and its adversaries.</p>
<p>The incidents that are becoming common today revolve around DNS – the <a href="http://computer.howstuffworks.com/dns.htm">Domain Name System</a> – a sort of internet address book. DNS records contain the unique IP network address of the web server that is the physical location of a website, and the human-friendly URL or domain name which points to it. This is because it’s a tough ask for users to remember an IP address such as 192.168.15.23, and much easier to remember something like theconversation.com. It is DNS that stores these records and converts a URL into its corresponding network address.</p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=450&fit=crop&dpr=1 600w, https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=450&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=450&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=566&fit=crop&dpr=1 754w, https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=566&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/142908/original/image-20161024-28420-1565iiy.gif?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=566&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">How a denial of service attack works.</span>
<span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File:Denial-of-service_attack.gif">VicktoR</a></span>
</figcaption>
</figure>
<p>DNS management can be tricky, particularly for very popular web sites, so companies are frequently employed to do this: one popular company is <a href="http://dyn.com/">Dyn</a>, and it was this company that found itself on the end of a massive distributed denial of service attack recently, in which the target is bombarded by a huge number of requests at the same time. The idea is to overwhelm the service to prevent legitimate traffic getting through. It’s rather like every person in the country calling directory enquiries at once – it would become unusable. As DNS companies like Dyn typically provide services for thousands of websites, an attack that puts them offline can have a very wide impact.</p>
<p>Of course, the internet’s original designers never considered that systems with access to the network would go rogue and act against it, nor in such enormous numbers. But today that is exactly what’s happening: almost anyone in the world can connect to the internet and start sending messages, be they harmless or malicious.</p>
<h2>More devices, more problems</h2>
<p>In recent year things have got a lot worse, because huge numbers of devices are now being connected to the internet that could be used for these sorts of attacks. These are not computers or smartphones – they are devices such as internet-connected <a href="https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/">security cameras</a> (as was used in Dyn’s case), but also <a href="http://www.independent.co.uk/life-style/gadgets-and-tech/news/baby-monitors-hacked-parents-warned-to-be-vigilant-after-voices-heard-coming-from-speakers-a6843346.html">baby monitors</a>, and even <a href="http://www.theregister.co.uk/2015/10/19/bods_brew_ikettle_20_hack_plot_vulnerable_london_pots/">kettles</a>. Essentially, each of these devices contains a small, internet-connected computer which, if insufficiently secured from being tampered with, could be hacked and remotely controlled. These so-called Internet of Things devices can then become the footsoldiers in the hacker’s “botnet”: a network of thousands or hundreds of thousands, even millions of devices that have been compromised in this way and can be used to flood the hacker’s target with messages as part of a denial of service attack.</p>
<p>Unfortunately many of these systems are poorly secured, with default usernames and passwords that their owners don’t get around to changing – for hackers to take control is as easy as pushing an open door. There is also software available online that helps to manage these botnets and “weaponise” them – in this case, software called Mirai – and anyone with the skills can find it and use it. As it is, commentators such as Bruce Schneier have suggested that this sort of activity currently appears to be <a href="https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html">state sponsored</a>, with national governments’ trialling their cyberwarfare capabilities – a deeply troubling development.</p>
<p>Denial of service attacks on websites and companies that offer infrastructure services such as Dyn will only increase. The arrival of more and more Internet of Things devices designed to be connected to the internet will hugely increase the potential recruits available to attackers from which to build a botnet. It’s very difficult and costly to fend off huge denial of service attacks, and software like Mirai gets better and better at defeating countermeasures deployed against it. </p>
<p>What is required is to redesign how DNS functions in the internet’s architecture, to work around what has become a few vulnerable points of failure in what was designed to be a highly distributed, de-centralised network. And legislators need to persuade manufacturers, and users, to take the security of their devices seriously in order to prevent malicious forces turning devices against them.</p><img src="https://counter.theconversation.com/content/67564/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Rob Miles is affiliated with Microsoft as a Microsoft Most Valuable Professional (MVP).</span></em></p>The internet’s architecture is under attack again as a huge denial of service attack takes out major sites in US and Europe.Rob Miles, Lecturer in Computer Science, University of HullLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/664932016-10-07T02:22:33Z2016-10-07T02:22:33ZHacked by your fridge: the Internet of Things could spark a new wave of cyber attacks<figure><img src="https://images.theconversation.com/files/140818/original/image-20161007-32691-1n94wtc.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">There will soon be billions of connected smart devices, and they could be turned against us.</span> <span class="attribution"><span class="source">Shutterstock</span></span></figcaption></figure><p>The past few weeks have seen a remarkable and somewhat alarming development in cyber security. It comes in the wake of a distributed denial of service (DDoS) attack that has forced a rethink of how we can deal with attacks of this nature in the future. </p>
<p>The attack was aimed at the <a href="https://krebsonsecurity.com/">Krebs on Security</a> website, a well established source of valuable information on cyber crime. </p>
<p>What was remarkable about this particular attack was the sheer volume of traffic involved. According to the author himself, the attack reached around <a href="https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/">620 gigabits per second</a>, which is nearly twice the amount seen in the previous record-breaking DDoS attack. </p>
<p>To put things in perspective, this is like the website being hit by one and a half Blu-ray discs’ worth of data every second. The average DDoS in 2014 involved traffic of around <a href="http://www.scmagazine.com/report-shows-42-percent-of-attacks-leveraged-more-than-1-gbps-of-attack-traffic/article/399206/">7.5Gb/s</a>, and yet only two years later the volume has increased by a factor of 10-15. </p>
<p>The sustained attack eventually forced the website’s DDoS protection provider, Akamai cloud services, which had been providing security for the site free of charge, to admit that it could not handle that sort of attack pro bono, and thus the Krebs on Security site had to move.</p>
<p>However, since the Krebs attack, there has been a claim made of yet another attack that involved more than <a href="http://thehackernews.com/2016/09/ddos-attack-iot.html">1 terabit per second</a> of traffic. </p>
<p>The claim is currently being investigated, and if it is confirmed, it highlights the challenge that organisations face in dealing with massive DDoS attacks. </p>
<p>Apart from the record volume of data involved, the Krebs attack also set an unfortunate precedent by forcing a high-profile security website offline for several days. The attack was successful and has demonstrated the vast potential of this type of weaponised DDoS attack. </p>
<h2>Internet of threats</h2>
<p>This DDoS was also remarkable in terms of how it was executed. Most DDoS attacks use a tried-and-true method called amplification or reflection. This involves using a number of computers on the internet – often in the form of a “<a href="https://theconversation.com/zombie-computers-cyber-security-phishing-what-you-need-to-know-1671">botnet</a>” of compromised computers – to exploit quirks in the internet’s domain name server (DNS) system to turn a small amount of data into a torrent directed at the target website or server.</p>
<p>However, in the Krebs attack, we saw something new: it wasn’t executed by conventional computers, but rather by Internet of Things (<a href="https://theconversation.com/au/topics/internet-of-things-1724">IoT</a>) devices – including innocuous things like digital video recorders and security cameras. </p>
<p>This is an important and worrying development for two reasons. First, the devices themselves are not designed with security as a key focus; convenience and cost are the main considerations. </p>
<p>It is true that many of the IoT devices lack the computational and memory resources that are common in devices such as mobile phones, which reduces their capability from a hacker’s point of view. However, IoT devices are still susceptible to malware, and an enterprising criminal group can build a vast botnet given the time and relatively low investment. </p>
<p>Second, even though their capabilities are lower than a regular computer, they are still more than capable of executing a DDoS attack if employed in sufficient numbers. And those numbers are growing daily. It is expected that more than 50 billion IoT devices will be plugged into the internet by 2020.</p>
<p>Unless the security measures and settings improve significantly in the next four years, there will be literally billions of devices that could be compromised and used for malicious purposes. As Joseph Stalin is reputed to have said: quantity has a quality all of its own.</p>
<p>These IoT DDoS attacks can be mitigated to some extent, but if the attack is well organised then the best we can aim for is damage mitigation. The nature of DDoS attacks makes them very difficult to handle, especially if the instigator is competent. </p>
<p>Presently, we are not ready to handle large scale attacks of this nature. Most organisations, including major financial institutions, would be at least partially crippled by a sustained attack similar to the Krebs one. </p>
<p>The reason for the lack of readiness is simple: the cost involved is, in most cases, beyond the financial capabilities of most organisations. </p>
<p>However, one thing that is more affordable, and thus can be done to increase the readiness, is planning for such attacks. Rather than hoping that nothing significant will happen, it is best to plan for such attacks so that when they occur (and they will), everyone will know what they should be doing to mitigate the damage.</p><img src="https://counter.theconversation.com/content/66493/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Mihai Lazarescu does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>A recent massive distributed denial-of-service attack by compromised Internet of Things devices highlights a growing cyber security threat.Mihai Lazarescu, Associate Professor and head of the Department of Computing, Curtin UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/661272016-10-05T04:55:09Z2016-10-05T04:55:09ZHappy 30th anniversary to .au domains – what comes next?<figure><img src="https://images.theconversation.com/files/140425/original/image-20161005-15886-xajvld.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Web addresses from Shutterstock.</span> <span class="attribution"><span class="source">shutterstock</span></span></figcaption></figure><p>This year marks the 30th anniversary of Australian domain names – websites ending in .au. As of June this year, <a href="https://www.ausregistry.com.au/wp-content/uploads/2016/07/BTD_Issue_8.pdf">more than three million such domains have been registered</a>. This is a lot for a country of only 24 million people, but especially notable when you think there were only a few hundred thousand domain names as recently as 2002. </p>
<p>This explosion in registrations is the result of the constant evolution of our system – changes that have not only opened domains up to more and more people, but will set us up for the fourth decade of Australian websites. </p>
<h2>It began with one man</h2>
<p>The story of .au, Australia’s Top Level Domain (TLD), really began in March 1986. It was then that University of Melbourne network administrator, Kevin Robert Elz – known to most as Robert Elz – was given authority to administer Australian domain name registration. Elz set the rules for the system and held this authority from 1986 through the 1990s.</p>
<p>There were a couple of different phases during Elz’s tenure. The first ten years were marked by slow growth and informal management. But from 1996 there was a boom in demand as the internet rapidly became a central part of our lives and businesses jumped on board. </p>
<p>1996 was the beginning of the commercial domain name industry in Australia. The boom in demand for Australian domain names led Elz to delegate responsibility for Australian second-level domains (2LDs). In her <a href="http://www.routledge.com/books/details/9780415668132/">book on the domain name registration system</a>, academic and lawyer Jenny Ng writes:</p>
<blockquote>
<p>In October 1996 Elz granted a five-year licence to administer com.au to his employer, the University of Melbourne through Melbourne IT Ltd.</p>
</blockquote>
<p>After this, registering a domain was no longer free.</p>
<h2>A formal system</h2>
<p>As commercial players moved in, more formal management of the Australian domain name system (DNS) was established. In 1997 the Australian Domain Name Administration (ADNA) was created, and in April 1999 its role was transferred to the .au Domain Administration (<a href="https://www.auda.org.au/">auDA</a>). </p>
<p>In December 2000 the Australian Government <a href="https://www.auda.org.au/about-auda">formally endorsed</a> auDA as the appropriate body to hold the delegation of authority for .au. In 2002, new policies and a new registry, operated by AusRegistry, came into operation. With this, the contemporary Australian domain name system (DNS) came into being.</p>
<p>Reliable data are not available for the early years, but when the first registry was launched in 2002, there were <a href="https://www.ausregistry.com.au/wp-content/uploads/2016/07/BTD_Issue_8.pdf">282,632 domains</a>, which grew to 500,000 domain names in 2005, and 710,428 on 30 June 2006. We surpassed a million domains registered by 2007 and three million in 2016; about 87% of these are .com.au. </p>
<p>This growth was facilitated by relaxation of the previous rules as a result of successive policy review panels.</p>
<h2>Evolution of Australian policy</h2>
<p>Domain name policies during the first 10-15 years reflected the beliefs and assumptions of the Internet’s pioneers. One guiding principle was that no one should be able to gain an undeserved advantage over other participants. So it was only possible for a registrant to register one domain name, and it was not possible to register a generic term (such as a common noun) or a place name. The principle of “first come, first served” was enshrined; there was no hierarchy of entitlement to a particular name.</p>
<p>Since the first formal policy was developed and implemented in 2002, most of these restrictions have been abolished, and the Australian DNS has followed the path of evolution in other countries, albeit more slowly.</p>
<p>Some fundamental principles remain: first come, first served; the requirement that the registrant for an Australian domain name must be Australian; provisions to reduce abusive practices; and a requirement for a link between the registrant and the name registered. As a result, the Australian DNS is <a href="https://www.ausregistry.com.au/wp-content/uploads/2016/07/BTD_Issue_8.pdf">regarded</a> as relatively well-administered, trusted and stable. But we aren’t done yet.</p>
<h2>Direct registration: the next step</h2>
<p>In August 2015 I <a href="https://theconversation.com/a-change-in-australias-web-rules-would-open-up-the-au-space-46203">wrote</a> about the work of the 2015 Name Panel established by auDA to review domain name policy and propose changes to the board of .auDA. Policy change proposals are adopted by a consensus of each panel, and the panels must be broadly representative of the industry and domain name users.</p>
<p>The panel made one major recommendation: in addition to registering second-level domains (like .com.au, .edu.au, and .net.au), Australians should also be able to register directly (such as example.au). Both the UK and New Zealand have already made this change.</p>
<p>The <a href="https://www.auda.org.au/assets/pdf/2015npp-final-report.pdf">final report</a> of the Panel was presented to the auDA Board in December 2015. The <a href="https://www.auda.org.au/policies/panels-and-committees/2015-names-policy-panel/">Names Policy 2015 website</a> includes the text of all non-confidential submissions, panel minutes, and other panel documents; there was also a minority report by four of the 23 panel members.</p>
<p>The auDA Board considered and <a href="https://www.auda.org.au/about-auda/our-org/board-meetings/2016/15-february-2016-board-meeting-minutes/">accepted</a> the final report in February 2016 and in <a href="https://www.auda.org.au/about-auda/our-org/board-meetings/2016/18-april-2016-board-meeting-minutes/">April</a> agreed to <a href="https://www.auda.org.au/news/auda-to-introduce-direct-registrations-in-au/">implement</a> the recommendation. Australians will soon be able to register domains directly.</p>
<p>Against this backdrop, auDA will soon consider the best way to manage one of its largest policy changes. This is the move from the strict hierarchy of names which has prevailed for thirty years using a TLD and 2LDs, to a dual system which permits both direct and second-level registrations. The changes will set a direction for the fourth decade of .au.</p><img src="https://counter.theconversation.com/content/66127/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Derek Whitehead is a member of auDA and has previously chaired auDA policy panels. </span></em></p>This year marks the 30th birthday of .au domains. We’ve come a long way but there’s big change ahead.Derek Whitehead, Adjunct professor, Swinburne University of TechnologyLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/655022016-09-20T11:25:10Z2016-09-20T11:25:10ZDoes the UK need or even want a ‘Great British Firewall’?<figure><img src="https://images.theconversation.com/files/138099/original/image-20160916-17008-19mncnn.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Is a Great British Firewall what UK plc perhaps needs? Or is it asking for trouble?</span> <span class="attribution"><span class="source">Andrea Danti/shutterstock.com</span></span></figcaption></figure><p>You’ve probably heard of the Great Firewall of China, the virtual fortification that allows the Chinese government to monitor and restrict internet traffic to and from the world’s most populous nation. Well, the cyber-security chief of the UK Government Communication Headquarters (GCHQ) has <a href="http://www.itpro.co.uk/security/27236/national-cyber-security-centre-to-fight-hackers-with-dns-filtering">suggested early plans</a> for what sounds rather like a “Great British Firewall”. Privacy groups immediately sounded the alarm that it might pose a risk to freedom of speech, and offer the potential for Britain’s secret services to get up to no good. So what exactly is GCHQ proposing and should we be worried?</p>
<p>Firewalls are standard tools for computer defence. They are essentially filters which can control what traffic enters and leaves a network. You are probably protected by a firewall right now, at your workplace or at home, that runs either on your computer’s operating system or on the hardware that provides your connection to the internet. </p>
<p>A firewall can be configured to reject certain types of traffic deemed undesirable or potentially harmful. This might be a connection request from an untrustworthy source, such as a web address known to harbour hackers or spammers, for example. Or it could block a file that looks like it might contain a computer virus or other malware. While deflecting this sort of undesirable traffic the firewall allows standard traffic such as web browsing and email to pass through.</p>
<p>Who decides what gets in and what doesn’t? This is normally the job of whoever manages the network, be that an IT professional working at a company, or you (or your ISP) at home. The policy this manager applies determines what is accepted and what is rejected, so anyone relying on the firewall to be effective needs to trust that this policy is acting in their best interest.</p>
<p>What GCHQ seems to be proposing is a large-scale, nationwide firewall behind which any UK organisation could sit. The intention appears to be that organisations that are central to Britain’s national security would be required to operate behind this firewall, while other organisations big and small could opt-in.</p>
<p>There are too few details at the moment, but this seems like a classic case of who watches the watchman?. If GCHQ is to be the guard that chooses what is deemed “good” or “bad”, then the debate about the merits of a Great British Firewall is really a debate about whether there is trust in GCHQ.</p>
<h2>Wearing two hats</h2>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=752&fit=crop&dpr=1 600w, https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=752&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=752&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=945&fit=crop&dpr=1 754w, https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=945&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/138101/original/image-20160916-17018-24rtq.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=945&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Who’s listening?</span>
<span class="attribution"><span class="source">Stephen Clarke/shutterstock.com</span></span>
</figcaption>
</figure>
<p>GCHQ has two roles that don’t always sit particularly comfortably together. Most fundamentally it leads Britain’s <a href="https://www.gchq.gov.uk/features/story-signals-intelligence-1914-2014">signals intelligence</a>, which means essentially that GCHQ eavesdrops on communications for the UK government and the armed forces. Few would argue with the value of spying on enemies during wartime. What has proved much more controversial is GCHQ’s capabilities and activities revealed by former National Security Agency contractor Edward Snowden, including the <a href="https://theconversation.com/two-years-on-from-snowden-uk-gets-green-light-to-continue-accessing-bulk-data-43138">bulk collection of communication data</a> relating to everyone’s online activities. GCHQ has been accused of conducting mass surveillance, and there is no doubt that these revelations have damaged the reputation of it and the security services among some in the UK and worldwide.</p>
<p>However, GCHQ’s other important role is as a source of cyber-security expertise. It helped develop the <a href="https://www.gov.uk/government/publications/the-uk-cyber-security-strategy-2011-2016-annual-report">National Cyber Security Strategy</a> and has been working hard to implement it alongside the UK government, industry and academia. In October 2016, the <a href="https://www.gov.uk/government/news/new-national-cyber-security-centre-set-to-bring-uk-expertise-together">National Cyber Security Centre will open</a> and will oversee many of these activities. GCHQ employs many cyber-security specialists and is supporting the training of even more. Put simply, there is a lot of cyber-security expertise in GCHQ.</p>
<p>So if there is to be a Great British Firewall, GCHQ seems like the logical organisation to provide it. Private companies will be given the opportunity to choose whether to trust GCHQ as their firewall guard. So long as they are genuinely free to make this decision for themselves, and their customers are aware of this relationship, then this might well be workable. Achieving security in cyberspace inevitably requires placing faith in some organisations – why not trust one that knows a great deal about cyber-security?</p>
<p>Of course there is a precedent: the use of the Great Firewall of China by the Chinese government to censor internet content is infamous. Through constant tight monitoring of internet traffic the government blocks access to websites, filters or blocks searches for keywords, and monitors the population’s interactions in cyberspace. There is no doubt that the Great Firewall of China stifles freedom of speech and is used in an authoritarian, anti-democratic fashion. Other nations are also known to interfere with the global Domain Name System (DNS) that links domain names (such as theconversation.com) to the actual internet addresses used by the web servers for those sites. Filtering out DNS requests for certain domains and dropping them essentially prevents those domains from being accessed – certainly not in the spirit of the global open internet that many desire.</p>
<p>Is GCHQ proposing something equivalent? I suspect not, as the UK has a very different view of human rights and internet governance than in China. But there is a fine line between having the power to censor the internet, and choosing to implement that power. Returning to GCHQ’s two functions, while I suspect the security function of GCHQ has good intentions, the intelligence function of GCHQ does not have an unblemished record in this area. Something to think about before choosing to hide behind the Great British Firewall.</p><img src="https://counter.theconversation.com/content/65502/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Keith Martin receives funding from the EPSRC and the European Commission.</span></em></p>Having a nationwide firewall means trusting the same people who spy on communications.Keith Martin, Professor, Information Security Group, Royal Holloway University of LondonLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/460332015-08-14T05:35:12Z2015-08-14T05:35:12ZBreaking the US government’s hold on the internet won’t be easy<figure><img src="https://images.theconversation.com/files/91819/original/image-20150813-21428-1ucpjzq.jpg?ixlib=rb-1.1.0&rect=0%2C1766%2C5000%2C2589&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">
</span> <span class="attribution"><span class="source">America by shutterstock.com</span></span></figcaption></figure><p>The internet today is far bigger and more inextricably linked to our daily lives than its creators in the 1970s and 1980s could have imagined. So perhaps it is not surprising that some of the structures put in place decades ago may have failed to keep pace with its rapid evolution.</p>
<p>Chief of these is perhaps the nonprofit organisation ICANN, the Internet Corporation for Assigned Names and Numbers. ICANN is responsible for the key roles of assigning the unique internet protocol (IP) addresses that locate individual websites on the net, and managing the domain name system (DNS), which translates the human-readable web addresses we type (such as www.theconversation.com) into IP addresses (such as 192.68.0.1). Its policy decisions have an <a href="https://theconversation.com/the-london-meeting-that-could-shape-the-future-of-the-internet-28278">important impact</a> on the internet’s evolution, for example the recent <a href="https://theconversation.com/domain-name-expansion-signals-political-shift-of-the-internet-22865">expansion of top level domain names</a>. </p>
<p>However, since ICANN was established in 1998 its <a href="https://www.icann.org/resources/unthemed-pages/icann-mou-1998-11-25-en">contractual links with the US Department of Commerce</a> have led to criticism of a perceived US and Anglo-centric bias. Controversies such as the original rejection of the <a href="http://www.internetgovernance.org/2011/03/19/why-icanns-approval-of-the-xxx-domain-is-an-important-precedent/">.xxx domain name for pornography</a> led to criticism that the US had <a href="http://www2.warwick.ac.uk/fac/soc/law/elj/jilt/2003_1/komaitis">too much sway</a> over ICANN’s decisions, and calls for ICANN to disassociate itself from the US, or be replaced with a truly independent, global agency, increased.</p>
<h2>ICANN’T remain so US-centric</h2>
<p>The ICANN-US government relationship has been steadily renegotiated, first in a 2009 <a href="https://www.icann.org/resources/pages/affirmation-of-commitments-2009-09-30-en">Affirmation of Commitments</a> that released ICANN from direct government control but allowed continued influence over <a href="http://www.law.nyu.edu/sites/default/files/ECM_PRO_067688.pdf">certain activities</a> such as the key function of issuing IP addresses. </p>
<figure class="align-right zoomable">
<a href="https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=237&fit=clip" srcset="https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=399&fit=crop&dpr=1 600w, https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=399&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=399&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=501&fit=crop&dpr=1 754w, https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=501&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/91586/original/image-20150812-18071-ut3y02.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=501&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">ICANN president Fadi Chehadé giving a speech in Toronto.</span>
<span class="attribution"><a class="source" href="https://commons.wikimedia.org/wiki/File:Fadi-chehade-toronto.jpg">ICANN</a>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<p>This accelerated after Edward Snowden <a href="http://www.bbc.co.uk/news/world-us-canada-23768248">revealed the extent of global US surveillance</a>, which led to a group of core internet organisations releasing the <a href="https://www.icann.org/news/announcement-2013-10-07-en">Montevideo Statement on the Future of Internet Cooperation</a> in 2013, calling for the speedy de-Americanisation of ICANN’s functions and the creation of a more global, equitable basis for internet governance. That ICANN’s own president and chief executive <a href="https://www.icann.org/profiles/fadi-chehade">Fadi Chehadé</a> was among the signatories is thought to have spurred the US government on to pass the bipartisan Domain Openness Through Continued Oversight Matters (<a href="https://www.congress.gov/bill/114th-congress/house-bill/805/all-info">DOTCOM</a>) Act in June 2015. </p>
<p>Congress now has a short window in which to approve the transition plans and temporarily extend the current agreement, if needed, past the expiry date of September 30. </p>
<h2>Breaking up is hard to do</h2>
<p>What next? ICANN is to transfer its functions to a multistakeholder organisation – a power-sharing agreement between governments, civil society, the private sector and other interested parties. This is a worthy approach but a firm guiding hand is needed to ensure the whole enterprise does not become a talking shop unable to make any decisions.</p>
<p>An <a href="https://www.icann.org/stewardship/coordination-group">ICANN Transition Coordination Group</a> has been set up to manage the transition, and a <a href="https://www.ianacg.org/icg-files/documents/IANA-stewardship-transition-proposal-EN.pdf">199-page</a> final transition proposal is <a href="https://www.ianacg.org/calls-for-input/combined-proposal-public-comment-period/">open for public comment</a> until September 8.</p>
<p>However, the true complexity of this process has become apparent. Due to the overwhelming number of interested parties <a href="http://www.zdnet.com/article/icann-stewardship-transfer-looms-amid-doubts-over-deadline/">wanting a role in proceedings</a>, it is unlikely any agreement will be reached by the deadline.</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=388&fit=crop&dpr=1 600w, https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=388&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=388&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=488&fit=crop&dpr=1 754w, https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=488&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/91802/original/image-20150813-21393-1bgrjci.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=488&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Alphabetsoup: who runs the internet?</span>
<span class="attribution"><span class="source">Lynnalipinski/ICANN</span>, <a class="license" href="http://creativecommons.org/licenses/by/4.0/">CC BY</a></span>
</figcaption>
</figure>
<h2>Uncharted waters</h2>
<p>Under the proposals, ICANN’s IP address-assigning functions would be contracted out to a separate entity, overseen by staff drawn from domain name registries, with powers to make changes. There will also be a IANA review process that, as a last resort, could recommend that the contract be terminated. Anyone with a reasonable claim to be involved can be, and this way oversight is shared by a range of groups in a process that should provide balance. </p>
<p>Crucially, there is no direct role for any government or intergovernmental body, with the only route of influence through the <a href="https://gacweb.icann.org/display/gacweb/Governmental+Advisory+Committee">Governmental Advisory Committee</a>, which has around 140 governments as members and 30 intergovernmental organisations as observers and advises the ICANN Board on wider policy issues. Like ICANN, this committee has also drawn criticism for <a href="http://www.internetgovernance.org/2011/02/24/gac-backs-off-tld-censorship-a-bit-but-not-enough">being a mouthpiece of western governments</a>. However, any pressure applied by governments will come up against the slow-moving behemoth that is ICANN’s internal procedures, which require consensus from many advisory and technical committees.</p>
<p>Another body expected to assert its influence is the International Telecommunication Union, the UN’s information technology and telecoms agency. While it is a specialist organisation composed of many commercial and non-governmental expert groups, like the UN it is a member state organisation. In the past the union has been put forward as a body that could fulfil ICANN’s governance functions, moving away from perceived western-centrism. But as a body comprised of national government members, greater involvement could lead to a more “top-down” form of internet control subject to the whims of international relations between members and their national and commercial interests.</p>
<p>ICANN has many flaws, but its lengthy, measured deliberations have guided the internet in its evolution to its current state as an open, interoperable, worldwide network. The alternatives could be so much more damaging to the essential need for the internet to remain open and transparently governed. The proposals put forward would maintain elements of this; whether ICANN’s restructure will be resistant to political pressure remains to be seen.</p><img src="https://counter.theconversation.com/content/46033/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Catherine Easton does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>If there’s to be one committee to rule them all, it needs to be handled right.Catherine Easton, Senior Lecturer, Law School, Lancaster UniversityLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/323732014-10-02T04:30:27Z2014-10-02T04:30:27ZUnlocking the geoblock: Australians embrace VPNs<figure><img src="https://images.theconversation.com/files/60491/original/hkvz4d3x-1412141961.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Australians have circumvented geo-blocking restrictions to subscribe to Netflix.</span> <span class="attribution"><a class="source" href="http://www.shutterstock.com/gallery-695464p1.html?cr=00&pl=edit-00">Denys Prykhodov</a> / <a href="http://www.shutterstock.com/editorial?cr=00&pl=edit-00">Shutterstock.com</a>">Denys Prykhodov/Shutterstock.com</a></span></figcaption></figure><p>In recent months there have been many reports of Australians covertly signing up for the US streaming service Netflix, using fake postcodes and software workarounds to fool its geo-blocking system.</p>
<p>One industry-commissioned <a href="http://www.theaustralian.com.au/media/broadcast/more-netflix-pirates-on-board/story-fna045gd-1226842998214">study</a> estimates that up to 200,000 Australians have subscribed to the service in this way.</p>
<p>Geoblocking circumvention is by all accounts a common practice in Australian households – and an industry is emerging to meet the demand for borderless streaming.</p>
<p>Hundreds of start-up companies now offer unblocking and identity-masking services, such as <a href="http://www.hidemyass.com/">Hide My Ass</a> using a virtual private network (<a href="http://www.pcmag.com/encyclopedia/term/53942/virtual-private-network">VPN</a>), <a href="http://www.getflix.com.au/">Get Flix</a> using <a href="http://www.pcmag.com/encyclopedia/term/41620/dns">DNS</a> proxies and easy-to-use browser plugins <a href="http://www.hola.org/">such as Hola</a>. Detailed how-to guides can be found on popular <a href="http://www.gizmodo.com.au/2013/11/how-to-stream-netflix-and-hulu-in-australia-and-other-stuff-geoblockers-dont-want-known/">tech websites</a> and in the <a href="http://www.smh.com.au/digital-life/computers/blog/gadgets-on-the-go/unlock-hulu-and-bbc-iplayer-in-a-click-with-hola-20130124-2d8zu.html">mainstream media</a>.</p>
<p>For a monthly fee of A$5-A$10, a VPN will mask your identity online by routing your traffic through its servers (whose IP address is in another country), and thwart geoblocking. Consequently, VPNs are popular with a diverse range of users: privacy advocates, political dissidents, filesharers, tourists, and – now – Netflix users.</p>
<h2>How common is VPN use in Australia?</h2>
<p>Through the <a href="http://www.worldinternetproject.net/#news">World Internet Project</a> (WIP), we have been looking into this question. The World Internet Project is a bi-annual telephone survey conducted across 35 countries. The Australian arm of the survey is based at Swinburne University, and every two years we phone 1,000 people to ask about various aspects of their internet use.</p>
<p>The last survey included questions about household VPN and web proxy use. The results were rather surprising. Twenty per cent of respondents indicated they use either a VPN or a web proxy, or both, to access the internet and download files at home.</p>
<p>As these figures suggest, there is clearly a high degree of familiarity with privacy software among the Australian population. One in five people know how to use these tools.</p>
<p>This doesn’t mean that all these people are accessing offshore streaming sites, of course. VPNs have legitimate business uses with many companies and government agencies running VPNs so that their staff can work securely off-site. Many privacy-conscious people also use VPNs to keep their communications secure. But we can assume some kind of connection between this 20% figure and people’s streaming habits.</p>
<p>Let’s put this finding side by side with the figure of <a href="http://www.lifehacker.com.au/2014/07/how-many-people-use-netflix-in-australia/">200,000 unauthorised Australian Netflix subscribers</a> that was recently mooted. In the context of our study, that figure seems very plausible – in fact, we would suggest it is probably on the low side.</p>
<h2>An open-ended technology</h2>
<p>Tracking the VPN’s evolution from an IT networking tool to a domestic entertainment accessory tells us something about how the character of digital technologies can shift as a result of their everyday uses.</p>
<p>Until recently, VPNs were used mostly for business purposes and by tech-savvy geeks. They had little appeal to non-specialists.</p>
<p>Today, VPNs are arguably a household technology rather than an obscure networking technology. The past few years have seen VPN providers enthusiastically market their services to domestic consumers.</p>
<p>Some VPNs specifically target the filesharing community, as we can see below:</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=269&fit=crop&dpr=1 600w, https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=269&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=269&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=338&fit=crop&dpr=1 754w, https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=338&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/60478/original/7b9vc739-1412138827.png?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=338&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">How VPN operator BTGuard markets its services to consumers.</span>
<span class="attribution"><span class="source">btguard.com</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>Others promote their services on the basis of privacy protection, playing on our fears about cybercrime and government surveillance:</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=315&fit=crop&dpr=1 600w, https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=315&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=315&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=396&fit=crop&dpr=1 754w, https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=396&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/60480/original/j2vxyp3x-1412140109.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=396&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">Privacy as a mainstream consumer concern.</span>
<span class="attribution"><span class="source">privateinternetaccess.com</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>Others explicitly promote themselves as geoblocking circumvention tools:</p>
<figure class="align-center zoomable">
<a href="https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=1000&fit=clip"><img alt="" src="https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=226&fit=crop&dpr=1 600w, https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=226&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=226&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=284&fit=crop&dpr=1 754w, https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=284&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/60481/original/pd7dybxj-1412140109.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=284&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px"></a>
<figcaption>
<span class="caption">VPNs as unblockers.</span>
<span class="attribution"><span class="source">torguard.com</span>, <span class="license">Author provided</span></span>
</figcaption>
</figure>
<p>It is also worth considering how people are using VPNs in other parts of the world. These practices often have little in common with how Australians use them.</p>
<p>In many nations, VPNs are being used to evade government censorship. Teenagers in Turkey <a href="http://www.bbc.com/news/technology-26714214">use VPNs</a> to access Twitter and YouTube when they are blocked by the government (a common occurrence). Iranians <a href="http://www.idgconnect.com/abstract/3425/tunneling-iran-firewall-socialise-protest">use VPNs</a> to socialise on Facebook. Chinese netizens <a href="https://news.vice.com/article/china-s-laissez-faire-internet-censoring">use them</a> to evade the prying eyes of the state.</p>
<p>Diasporic communities in Australia and elsewhere also use VPNs to access streaming media from home.</p>
<p>Seen from this perspective, Australians’ streaming habits are connected to a complex array of location-masking practices across the world – used variously by price-sensitive consumers, early adopters, filesharers, privacy advocates, tourists, overseas workers and political dissidents. At the centre of all this is the humble VPN.</p>
<p>In coming years, it will be interesting to see how the VPN’s social meaning and uses change further as people find as-yet unimagined applications for privacy software.</p><img src="https://counter.theconversation.com/content/32373/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>This research has been partly funded by an Australian Research Council Discovery grant.</span></em></p><p class="fine-print"><em><span>Scott Ewing does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>In recent months there have been many reports of Australians covertly signing up for the US streaming service Netflix, using fake postcodes and software workarounds to fool its geo-blocking system. One…Ramon Lobato, Research fellow, Swinburne Institute for Social Research, Swinburne University of TechnologyScott Ewing, Senior Research Fellow - The Swinburne Institute for Social Research, Swinburne University of TechnologyLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/242972014-03-12T15:07:05Z2014-03-12T15:07:05ZWorld wide web is going strong after 25 years, but the internet isn’t holding up<figure><img src="https://images.theconversation.com/files/43729/original/vbwwhp78-1394632065.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">After 25 years, it's getting a bit dusty in there.</span> <span class="attribution"><a class="source" href="http://www.flickr.com/photos/arrqh/4146423866/sizes/o/">Arrqh</a>, <a class="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA</a></span></figcaption></figure><p>Most people would agree with the principle that good foundations are essential to any structure that is intended to last. But what if when you started building, you didn’t envisage how large, complex or essential your structure would become? As we celebrate 25 years of the world wide web, the extraordinarily accurate science of hindsight brings to light just such a situation.</p>
<p>We have all become dependent on a network that was never intended to be as large or secure as it is now required to be. The big question is, do we go back and start again or do we simply accept history and ensure that our structure somehow compensates for its weaknesses?</p>
<h2>Shaky foundations</h2>
<p>To decide, we have to distinguish between two quite distinct entities: the internet, and the world wide web, which sits on top of it. It is the internet, in the form of its underlying network protocol known as IPv4, that provides the weak link being broken by some of the latest high profile cyber attacks.</p>
<p>When the first few computer networks were connected, it was to share resources. Spreading the load between machines meant that those with spare capacity could help out those that needed more.</p>
<p>By the time Tim Berners-Lee and his colleagues at CERN came to think about networking, academics around the world were already using precursors of the internet to share data, from JANET, which still thrives today, to the stranger, more esoteric applications running on the internet such as the long forgotten <a href="http://www.techterms.com/definition/gopher">GOPHER</a>.</p>
<p>The brilliance of what Berners-Lee did was to come up with an extensible mark-up language known as Hypertext Mark-up Language, or HTML. This allowed us all to write pages that could be universally accessed. Crucially, HTML was made freely available so people started writing browsers that would enable you to read HTML based web pages.</p>
<p>And that, with the benefit of hindsight, was where the problem inherent in the internet was compounded. Neither IPv4 nor HTML were built with security in mind. The entire purpose of the web was to allow academics and other researchers to freely share their work. Indeed, the more people that accessed it and read your work the happier you would be.</p>
<p>It never entered anyone’s head that we might wish to restrict access or that we might one day pay for things online or use it to communicate our most intimate thoughts. The web was a victim of its own success. HTML unlocked the potential of connecting people, and since humans just love to share and chat, we all got hooked.</p>
<p>By the mid-1990s, businesses finally found the web and that’s when the floodgates opened. It was when money became involved that people really began to realise that security was an issue. Secure HTML emerged alongside other secure extensions to the original protocols which made it possible for us to interact over a public network in a secure manner.</p>
<h2>Enter the baddies</h2>
<p>For a while, these extra layers of security added on top of the web seemed to work well but the shaky foundations on which they were built soon began to cause problems. </p>
<p>As more and more commerce went on over the web, the criminally minded, who should never be underestimated for their ingenuity, began to look at how they could subvert the system. And as criminals always do, they went straight for the weakest link. In this case, that was the basic technology underpinning the web.</p>
<p>They began to impersonate users sometimes using IP “spoofing” to trick others into giving up information, and to mount distributed denial of service (DDOS) attacks. Initially these DDOS attacks were simplistic. Hacktivists would harness an army of supporters to all send simultaneous requests for the same web page at the same time. The site would be unable to cope with the number of requests and would become unavailable to valid users.</p>
<p>But then criminals, who had always had an eye on those ageing underlying technologies, realised that because IPv4 allowed you to spoof your address, you could ask a question but have the answer sent to someone else. Worse still, they realised that the domain name server (DNS) – the essential component that enables web addresses to be converted to internet addresses, meaning data can actually be routed around networks – could be used to amplify the data being directed at a victim.</p>
<p>Since using DNS in DDOS attacks, the internet’s other older protocols have been co-opted to mount similar DDOS attacks employing ever greater volumes of data, and increasingly by people with criminal intent rather than hacktivists. All of this is possible because of the technological foundations upon which the Web is built.</p>
<h2>The next 25 years</h2>
<p>There are those who suggest we should effectively start again but this is probably not practical. The web doesn’t run on some ethereal cloud but on real physical networks which have taken considerable investment to produce.</p>
<p>Others suggest that IPv4 should be abandoned and we should move onto the IPv6 – the most recent version of the internet protocol, which has the potential to be more secure because it has the potential to prevent spoofing of IP addresses and to guarantee the sender is who they cliam to be. IPv6 has added advantages such as the fact that IPv4 long since exhausted its addresses whereas IPv6 has no such limitation – yet another indication of how people drastically underestimated how much would eventually be attached to the web and would thus require an address. Despite this, network providers seem in no hurry to replace IPv4 as the de facto standard. </p>
<p>It’s not all doom and gloom though. The days of the web are not necessarily numbered. It has a way of evolving, almost organically, as threats emerge. We have solutions to many of the problems that threaten our safety online, particularly those that relate to spoofing IP addresses, and miusing tyhe older protocols, and will probably continue to produce more.</p>
<p>The irony is that in such a hyper-connected world we struggle to get the word out about these solutions. People can access the information they need to stay safe online but are not doing so. It is almost as if there is so much communication that important messages are being lost in what is perceived as background noise.</p><img src="https://counter.theconversation.com/content/24297/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Alan Woodward does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>Most people would agree with the principle that good foundations are essential to any structure that is intended to last. But what if when you started building, you didn’t envisage how large, complex or…Alan Woodward, Visiting Professor , University of SurreyLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/111872012-12-06T03:27:09Z2012-12-06T03:27:09ZWho controls the internet? The debate is live and clicking<figure><img src="https://images.theconversation.com/files/18387/original/5gccfbkq-1354758135.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">Nations from around the world are currently meeting in Dubai to discuss the future of the internet.</span> <span class="attribution"><span class="source">Ali Haider/EPA</span></span></figcaption></figure><p>And so the battle for the future of the internet rages on. The focus this time is not on <a href="http://www.salon.com/2012/12/02/julian_assange_the_web_can_create_revolutions_or_jail_revolutionaries/">WikiLeaks</a>, cybercrime treaties, or privacy controls, but the <a href="http://www.itu.int/en/Pages/default.aspx">International Telecommunications Union (ITU)</a>.</p>
<p>The ITU is currently meeting in Dubai under the banner of the <a href="http://www.itu.int/en/wcit-12/Pages/default.aspx">World Conference on International Telecommunication (WCIT-12)</a>. The agenda is to consider changes to the <a href="http://www.itu.int/en/wcit-12/Pages/itrs.aspx">International Telecommunication Regulations (ITR)</a> – a treaty signed by 178 countries in 1988 to establish principles for the operation of international telecommunications.</p>
<p>Much has been made of the ITU meeting in recent weeks, with more than a few media outlets suggesting WCIT-12 represents a concerted attempt, by the ITU, to <a href="http://www.wired.com/opinion/2012/11/you-cant-make-decisions-about-the-open-internet-behind-closed-doors/">seize control of the internet</a>, thereby jeopardising <a href="http://www.google.com/intl/en/takeaction/whats-at-stake/">freedom of speech and information</a>.</p>
<p>But is that actually what’s going on? Is the ITU really trying to impose greater controls over the internet?</p>
<p>To answer these questions, we first need to understand what the ITU is and what it does.</p>
<h2>Prehistoric regulator</h2>
<p>In internet terms, the ITU and the ITR are not only old, but prehistoric. The ITU was formed in 1865 and is responsible for the international co-ordination of telegraph, radio and telephone systems.</p>
<p>The ITR was negotiated in Melbourne in 1988 to bring the regulation of telecommunications into the then-modern era. Of course, this was pre-internet – user-friendly web browsers made the world wide web searchable and accessible in 1993 and the net was <a href="http://en.wikipedia.org/wiki/History_of_the_Internet">opened to general commercial traffic in 1995</a>.</p>
<p>Almost as old as the internet itself are the contests for control over key elements of internet governance.</p>
<p>Europe and the BRIC countries (Brazil, Russia, India and China) have long resented the de facto control the US exercises over the internet. This influence comes through the US’s dominance over key internet bodies such as the:</p>
<ul>
<li><p><a href="http://www.icann.org/">Internet Corporation for Assigned Names and Numbers (ICANN)</a> – the body that allocates domain names (such as “www.google.com”) and controls the approval of new domains</p></li>
<li><p><a href="http://www.iana.org/">Internet Assigned Numbers Authority (IANA)</a> – the body that allocates <a href="https://theconversation.com/the-end-of-the-internet-ipv4-versus-ipv6-145">IP addresses</a> and manages the data maintained in root servers at the heart of the <a href="http://www.howstuffworks.com/dns.htm">Domain Name System (DNS)</a>, enabling us to find one another on the internet.</p></li>
</ul>
<p>ICANN is a non-profit incorporated under the laws of California. This was a compromise reached in 1998 when the US-centric nature of domain name allocation became the focus of a <a href="http://books.google.com.au/books/about/Networks_Complexity_and_Internet_Regulat.html?id=WFd1PgAACAAJ">dispute between Europe and the US</a>.</p>
<p>The ITU, as a member of the <a href="http://www.undg.org/">UN Development Group</a>, is regarded by many countries as a more neutral candidate for a regulator of aspects of the internet.</p>
<h2>The battle continues</h2>
<p>With the proposed revision of the ITR at WCIT-12 battle lines appear to have been drawn again. Interestingly, the US has this time mobilised private actors such as Google to <a href="http://www.google.com/intl/en/takeaction/whats-at-stake/">come out swinging</a> against any purported grabs for power by the ITU.</p>
<p>Vint Cerf, one of the engineers who undertook vital early work on the internet – and who is now vice president and an internet evangelist at Google – has made a number of <a href="http://news.dot-nxt.com/2012/05/31/vint-cerf-testimony-wcit-hearing.">startling allegations</a> regarding the agenda of the WCIT.</p>
<p>These include claims that any moves by the ITU to increase its powers and become involved in internet governance will destroy the internet as we know it.</p>
<p>The internet evolved as an open-ended collaborative platform, despite the fact much of the initial work was undertaken using US Department of Defense funding.</p>
<p>Internet communication was consciously designed to operate in a de-centralised mode, as distinct from the traditional hub-and-spoke model of telephony. This decentralised model of the internet meant if any part of the network was down, the traffic could be re-routed via an alternative pathway.</p>
<p>A decentralised model, of course, means there is an absence of a centralised control or choke point, making the internet difficult – although <a href="http://www.businessweek.com/articles/2012-10-26/the-great-internet-firewall-of-china">not impossible</a> – to control from a central point.</p>
<p>The beauty of this design means that the network is essentially dumb – the intelligence and applications are built on at the end point.</p>
<p>This has created the innovative and openness of the internet and distinguishes it from proprietary and closed networks where the intelligence is hosted and <a href="http://nrs.harvard.edu/urn-3:HUL.InstRepos:9385626">controlled in the centre of the network</a>.</p>
<figure class="align-center ">
<img alt="" src="https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&fit=clip" srcset="https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=600&h=600&fit=crop&dpr=1 600w, https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=600&h=600&fit=crop&dpr=2 1200w, https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=600&h=600&fit=crop&dpr=3 1800w, https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=754&h=754&fit=crop&dpr=1 754w, https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=30&auto=format&w=754&h=754&fit=crop&dpr=2 1508w, https://images.theconversation.com/files/18386/original/k7nwkbsd-1354756508.jpg?ixlib=rb-1.1.0&q=15&auto=format&w=754&h=754&fit=crop&dpr=3 2262w" sizes="(min-width: 1466px) 754px, (max-width: 599px) 100vw, (min-width: 600px) 600px, 237px">
<figcaption>
<span class="caption"></span>
<span class="attribution"><span class="source">Post-Software/Flickr</span></span>
</figcaption>
</figure>
<h2>Charging for the internet?</h2>
<p>So, assuming users implement the relevant protocols (such as <a href="http://www.w3schools.com/tcpip/default.asp">TCP/IP</a>) and have the relevant connections, they can be part of the internet. You don’t have to apply to join and you don’t have to pay; you just have to adopt the right standards.</p>
<p>But this lack of payment-to-use is a radically different business model from traditional telephony regulated by the ITU. Under that model, telecommunications are highly regulated, right down to the <a href="http://www.itu.int/rec/T-REC-Q/en">charging mechanisms</a> for international exchange.</p>
<p>Developing countries (a legitimate concern of the ITU) have expressed some desire for a right to <a href="http://news.cnet.com/8301-1009_3-57449375-83/u.n-could-tax-u.s.-based-web-sites-leaked-docs-show/">charge to carry commercial internet content</a>.</p>
<p>Developing countries argue they can ill afford to build the necessary internet infrastructure, which will then be used by wealthy (largely US-based) content providers, such as Facebook and YouTube, to disseminate their content.</p>
<p>In this way, it is likely that WCIT-12 will look at potential charging models. And this would explain Google and the US’s concern that the ITU wants to charge you (the user) for the internet. More accurately the ITU would be charging the likes of Google who would then need to consider how those costs may be passed on. </p>
<h2>Power-grab?</h2>
<p>So what does all this mean for WCIT-12? Is it a power-grab by Vladimir Putin as <a href="http://www.guardian.co.uk/technology/2012/nov/25/vladimir-putin-plot-internet-freedom">some have claimed</a>?</p>
<p>Certainly the ITU <em>does</em> want to extend the scope of the ITR to expressly include the internet. Up until now the internet has been classified (and regulated) as an information service rather than a telecommunications service. This has allowed greater flexibility for governments regarding regulation and pricing.</p>
<p>And certainly, a <a href="http://files.wcitleaks.org/public/S12-WCIT12-C-0027!R1!MSW-E.pdf">leaked version</a> of Russia’s submission to WCIT-12 shows the nation would like to exercise greater control over the internet:</p>
<blockquote>
<p>31B 3A.2 Member States shall have equal rights to manage the internet, including in regard to the allotment, assignment and reclamation of internet numbering, naming, addressing and identification resources and to support for the operation and development of basic internet infrastructure.</p>
</blockquote>
<p>So what does this really mean?</p>
<p>Well, domestic governments already have significant power to regulate the internet within their own territories, but the above submission would make this ability more explicit and perhaps more “acceptable”.</p>
<p>This may be seen as an attempt by Russia and others to stake a claim to an equal right to manage the internet. But as a practical matter, internet control remains strongly in the hands of private US-based interests, such as Google and Facebook. (Just consider the amount of information these services collect about our personal lives and search histories).</p>
<h2>Limiting freedom</h2>
<p>As some commentators have <a href="http://www.technollama.co.uk/is-the-un-trying-to-take-over-the-internet-part-ii">already pointed out</a>, there is nothing new or surprising in countries expressing a desire for a more equal say in internet governance. But it is disturbing to those who thought the issue dead and buried with the <a href="http://en.wikipedia.org/wiki/ICANN#Democratic_input">restructuring of ICANN in 2005</a>.</p>
<p>In the opening days of the WCIT-12 (which runs until next Friday) we’ve already seen that a proposal by the US and Canada to limit the scope of the ITR to telecommunications has <a href="http://www.theage.com.au/technology/technology-news/uss-early-bid-to-protect-web-fails-20121205-2auii.html">been rejected</a>.</p>
<p>But this doesn’t mean the Russian proposals and others like it to expand the powers of the ITU will automatically make it through.</p>
<p>As ITU Secretary-General Hamadoun Touré <a href="http://www.theage.com.au/technology/technology-news/uss-early-bid-to-protect-web-fails-20121205-2auii.html">reminds us</a>, all decisions will be reached by consensus before being voted upon (and implemented) by member countries.</p>
<p>And finally, it’s important to remember that threats to freedom of speech online are as likely to come from the private sector as they are from governments. This is something that’s not reflected in the <a href="http://en.wikipedia.org/wiki/First_Amendment_to_the_United_States_Constitution">First Amendment guarantee of freedom of speech</a> and an issue many commentators would do well to realise.</p>
<p>It might well be that internet freedoms are under attack, but not from the ITU.</p><img src="https://counter.theconversation.com/content/11187/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Melissa de Zwart does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>And so the battle for the future of the internet rages on. The focus this time is not on WikiLeaks, cybercrime treaties, or privacy controls, but the International Telecommunications Union (ITU). The ITU…Melissa de Zwart, Associate Professor, Law School, University of AdelaideLicensed as Creative Commons – attribution, no derivatives.tag:theconversation.com,2011:article/44342011-11-24T19:17:25Z2011-11-24T19:17:25ZSOPA bill could wreck the internet<figure><img src="https://images.theconversation.com/files/5830/original/3507450176_5584dd611e_o.jpg?ixlib=rb-1.1.0&q=45&auto=format&w=496&fit=clip" /><figcaption><span class="caption">The "scorched-earth" tactics espoused by SOPA are raising serious concerns.</span> <span class="attribution"><span class="source">Abode of Chaos</span></span></figcaption></figure><p>A pair of bills currently making their way through US legislature has set off alarm bells among internet technologists and users worldwide. The aim of <a href="http://en.wikipedia.org/wiki/Protect_IP_Act">PROTECT-IP</a>, in the Senate, and <a href="http://en.wikipedia.org/wiki/Stop_Online_Piracy_Act">SOPA</a> (Stop Online Piracy Act), in the US House of Representatives, is to prevent the infringment of copyrights on US intellectual property such as movies, music and books by websites located outside US jurisdiction. </p>
<p>It was <a href="http://theconversation.com/stop-online-piracy-act-draws-battle-lines-for-control-of-the-internet-4366">argued recently</a> on The Conversation that SOPA would pave the way for greater regulation of the internet, and that this was inevitable.</p>
<p>But the broad aims and language of these bills have caused concerns that their passage will cause severe damage to the technical foundation of the internet and destroy it as a medium for the free flow of information. To understand why this may happen, it’s essential to know how websites are located on the internet.</p>
<p>All websites are described by a series of numbers called an <a href="http://computer.howstuffworks.com/internet/basics/question549.htm">IP address</a>. Unlike Dustin Hoffman’s <a href="http://www.moviecatcher.net/images/rainman-and-et-copy-copy.jpg">character</a> in Rainman, most humans are more comfortable with names than numbers. Each website is described by a human-readable name, such as http://www.google.com, called its <a href="http://computer.howstuffworks.com/internet/basics/internet-infrastructure7.htm">URL</a> (Uniform Resource Locator). </p>
<p>When a user asks a web browser, such as Internet Explorer or Firefox, to fetch a particular website, the first step involves finding out the IP address for the URL of the website. The browser does this by asking a <a href="http://computer.howstuffworks.com/dns.htm">DNS</a> (Domain Name Service) server, similar to how someone would call up the directory service to enquire the phone number of another person or an organisation. By default, this DNS server is provided by the user’s ISP (Internet Service Provider). </p>
<h2>SOPA</h2>
<p>SOPA – if passed – would give U.S. government lawyers the power to obtain a court injunction to block internet users in America from accessing a website shown to be dealing in intellectual property theft. </p>
<p>The ISPs will have to remove the domain name from DNS server and redirect it to a web page that explains why the website is being blocked. This will be akin to replacing the phone number in the directory service with a recorded message explaining why the business can’t be reached. </p>
<p>In response to such measures, it’s obvious users seeking pirated content will look for alternate DNS servers of dubious provenance. But the same DNS server that resolves the IP address of the infringing website would also be responsible for locating the IP address of the user’s bank, thus compromising security of internet banking sessions. </p>
<p>Indeed, the provisions of SOPA interfere with the <a href="http://www.dnssec.net/">DNSSEC</a> (DNS Security Extensions) mechanisms that aim to make the DNS system <a href="http://www.brookings.edu/papers/2011/1115_cybersecurity_friedman.aspx">more secure</a> for users. DNSSEC is being slowly rolled out across the internet and is championed by a number of organisations, including the US government. </p>
<p>Also, the main DNS servers for website URLs ending in .com, .net and .edu, among others, are located in the U.S. Any change made in these servers will quickly flow on to the rest of the globe as well. This could lead to a break in the loose trust model that underpins much of the internet and has <a href="http://domainincite.com/%0Adocs/PROTECT-IP-Technical-Whitepaper-Final.pdf">caused fears that</a> SOPA could lead to the internet being balkanised into regional networks. </p>
<p>The court injunction would also force other intermediaries to stop dealing with the website. This means search engines would have to stop the website from appearing in their results, ad companies would have to stop paying the website for displaying their ads, and payment processors such as Mastercard, Visa and Paypal would have to stop dealing with the website. The last technique was used to <a href="http://www.msnbc.msn.com/id/43614907/ns/business-world_business/t/wikileaks-says-its-suing-visa-mastercard/">devastating effect</a> to choke the life out of WikiLeaks.</p>
<p>SOPA also allows intellectual property holders to launch legal actions against ad networks and search engines to force them to cut off access to a particular website that they deemed to be infringing. This means that any site dealing with user-generated content, such as YouTube, may be proactively blocked by intermediaries so as to head off potential liabilities. </p>
<h2>Worldwide issue</h2>
<p>These mechanisms will affect the internet substantially as the intermediaries involved are U.S. companies and provide some of the crucial functions for the operation of internet-based businesses. But overseas websites caught in such an action will have little to no recourse to fight these charges since the legal proceedings will be carried out in US courts. </p>
<p>The potential for SOPA to destabilise the key infrastructure of the internet has worried many people from governments and organisations across the globe. The European Parliament recently adopted a <a href="http://www.pcworld.com/businesscenter/article/244247/european_parliament_joins_criticism_of_sopa.html">strong resolution</a> criticising SOPA. </p>
<p>A group of around 60 human rights organisations have also <a href="https://www.eff.org/document/letter-human-rights-community-opposing-sopa">expressed their concern</a> with the provisions of the bill, noting that: “SOPA sends an unequivocal message to other nations that it is acceptable to censor speech on the global internet”. </p>
<p>It is undeniable that infringment of intellectual property is a major concern and that there’s a need for stronger mechanisms to protect the rights of the copyright holders. But the scorched-earth tactics espoused in SOPA can have far-reaching consequences that could affect the functioning of the internet as a medium of free speech and commerce. </p>
<p>Paradoxically, that could lead to the end of the very medium that copyright holders have employed to advertise their wares around the globe.</p><img src="https://counter.theconversation.com/content/4434/count.gif" alt="The Conversation" width="1" height="1" />
<p class="fine-print"><em><span>Srikumar Venugopal does not work for, consult, own shares in or receive funding from any company or organisation that would benefit from this article, and has disclosed no relevant affiliations beyond their academic appointment.</span></em></p>A pair of bills currently making their way through US legislature has set off alarm bells among internet technologists and users worldwide. The aim of PROTECT-IP, in the Senate, and SOPA (Stop Online Piracy…Srikumar Venugopal, PhD; Lecturer in Computer Science and Engineering, UNSW SydneyLicensed as Creative Commons – attribution, no derivatives.