Internet Kill Switch

Gonzo · Sep 5, 2011

I'm posting here to reply to Guardian's response to my comment about the use of an Internet Kill Switch to shut down aspects of the Internet on the Jake Sully, Anonymous and "WhatIsThePlan" - PsyOps? thread at:

http://cassiopaea.org/forum/index.php?topic=24816.msg290683#msg290683

I didn't want to take away from the focus of that thread so I thought I'd start a new thread, both to reply to Guardian and possibly stimuate discussion.

Mods feel free to move or merge with a related thread (I couldn't find a good fit).

We have discussed in a few threads what we might do if we ever lose the Internet or access to this forum. I think it's a real possibility and it seems the US and other nations are looking for reasons to limit the Internet through the use of a kill switch under the guise of protecting national security against cyber warfare.

Is a kill switch viable and, if so, are there possible workarounds?

Guardian said:
Gonzo said:

Theoretically, the kill switch, developed by Israelis, I believe, could use advanced hybrid filtering. So, instead of strictly filtering/blocking certain domains through DNS or IPs, it would look for content, author, consumer, etc., as well. Once the filter is set for a specific profile, it wouldn't matter if a server switched IPs, as the filter would still catch the other aspects of the stream that meet the criteria and kill it before it completes its route.

Such a system would require a learning ability, otherwise it would need constant human configuration and modification.

Click to expand...

Has your friend noticed how well "spam filters" work? Then what about entire nations that refuse to filter and floating proxy servers?

Hi Guardian,

I appreciate what you're saying about the ineffctiveness of spam filters, and their uneven application.

However, I don't think the developers of spam filters have the same level of motivation, let alone computing power as the national security establishment. I think it's apples and oranges to compare spam filters with the Internet kill switch concept.

Spam filters are either installed client side or server-side and neither would be able to afford the hardware, software and human resources required to implement kill switch technology, nor would they have access to every trunk on the continent to use such technology.

Regarding your comment about entire nations refusing to filter, they would be the exception and would find themslves isolated to running a national (as opposed to a global) Internet for any data other than what the PTB in the US and EU decide could flow. Their "undesirable" data just wouldn't make its way outside of their country.

Floating proxy servers would be pointless, since they are IP based and the kill switch would be killing individual packets that suit criteria broader than just an originating IP.

Telecommunications carriers have been consolidated into a handful of mega corporations (it's no coincidence these corporations also consolidated network and print news media).

These corporations are already managing data traffic, where certain types of data (e.g. e-commerce transactions) can take precedence over other data (e.g. streaming video), to ensure critical data is not impacted by lower priority data flows. There have been several news stories regarding Internet governance and bandwidth throttling/traffic shaping over the last few years that explain this practice.

Take this method of data filtering and management, which currently works quite well, and add to it content, IP and DNS filtering, throw in some complex self-learning algorithms like some major search engines use (Google, for example), and you have all major carriers capable of limiting Internet traffic to certain types of data and content, critical to the functioning of the economy and national governance while blocking all other forms of Internet traffic.

The only thing missing from the equation is coordination that allows a central body to control all of the telecom carriers.

The regulatory environment is already forcing ISP and carriers to provide government access to all data flows with a warrant (or without one if national security, state of emergency, war measures, etc., is invoked).

Really, the regulatory framework is almost completed in the US (Lieberman's proposed Protecting Cyberspace Act comes to mind). The Western world is, after all, at war, so executive power is immense and excuses aren't hard to come by.

Such technology could put an end to this era's greatest tool for social empowerment.

On the other hand, the Internet is also a great tool for misinformation and control for the PTB.

Gonzo

Guardian · Sep 5, 2011

I understand what you're both saying, but what I see you describing is how the Internet could be broken down into many different nets, at GREAT expense. Remember all the home grown BBS's? What are they going to do, shut down all the phone lines too? If they block ALL data (a nightmare for banking and retail) over the phones, what about the Satellites?

A complete shutdown of all the commercial back-bones (IF possible without decades of court challenges) would give immediate rise to nurmerious underground networks that would defeat the purpose of cutting big business' throat.

Egypt did what you propose for FIVE DAYS, and big business blew a gasket, while the activists still managed to get reports out to the rest of the Internet.

I'm guessing (unless you actually have some data?) about 10-15 percent of the population either knows how, or would quickly learn how, to navigate without DNS ...and would we really miss the other 80-85% for a few months while corporate America goes belly-up? ;)

Guardian · Sep 5, 2011

Gonzo said:
However, I don't think the developers of spam filters have the same level of motivation,

I think they all have the same motivation ...money.

I think it's apples and oranges to compare spam filters with the Internet kill switch concept.

Oh absolutely, two entirely different things. I wasn't trying to compare the two?

doublea1535 · Sep 5, 2011

My reply in the other thread:

ignis.intimus said:
Laura said:

Would it be possible for them to shut down the entire internet for everybody except military or government people?

Click to expand...

Yes. One way this could be done is through a legal mechanism that would allow them to enter large POPs (points of presence) where the backbones of the Internet converge and literally shut them down. I am pretty sure they already have these legal mechanisms, although I haven't been keeping up on the law. To actually shut down these POPs is actually ridiculously easy. In the states at least, data centers have to have an EPO switch (emergency power off) button located somewhere on-site. It's normally very big and very red and is only a plastic door away from being pushed (in some cases, it's totally exposed). This button exists in case of an electrical accident, pushing it is supposed to disable all power on the data center floor, where all the Internet routers are working. If they do this just in a few places in CA and NY they would almost completely severe the US from the rest of the world via the Internet. Repeat this process across a handful more sites, and anyone not using satellite Internet would not reach non US-sites. Other countries are surely more controlled and maybe one or two sites would need to be shut down to disconnect that country from the rest of the world. On this note, they already flexed this muscle some in Dallas, Texas I think it was about 1 year ago. The FBI powered down an entire data center down because the company was under investigation, effectively shutting down lots of businesses that relied upon their servers being up.

Taking control of the root DNS servers would also do a lot of damage, especially if coupled with packet filtering at all of our national Internet borders. The PTB's already have deep claws into the telco's and service providers, and just blocking port 53 on UDP and TCP would be relatively easy to do and sufficient to stop most people from being able to use international DNS servers. 99% of people won't be able to browse the Internet with DNS down. The feds just need to demand the network engineers at L3 and such hand over the core passwords, then the fed neteng's will lock them out and implement their filtering.

In my opinion, to swiftly and effectively shut the Internet down would require taking physical possession of Internet sites where transit providers such as Level3 and ATT reside. I am thinking some massive and massively intentional virus that "sweeps the nation" and jeopardizes our "national security". The feds will say they are reacting swiftly to the threat as they swoop in via mass raids on the relatively small number of large POPs across the country.

Military and goverment would be unaffected, as they have their own separate networks that they use. I would guess these are separate fiber optic strands (although perhaps in shared bundles with civilian fibers) but that run to dedicated facilities powered separately. These would run between all major military bases and installations, and certainly underground bunkers. Things like SIPRNet: http://en.wikipedia.org/wiki/SIPRNet

Guardian · Sep 5, 2011

Look who posted instructions when Egypt blocked the Internet. The blockade lasted five days, and the resistance to it was created in one.

http://pastebin.com/9jJUku77
20 Ways to Circumvent the Egyptians Governments Internet Block

By: @AnonymousRx

IF they tried REALLY hard, and spent BILLIONS, I think the US Government would have as much success in blocking the Internet as they have stopping the import, sale, and use of illegal drugs in the US. Prohibition NEVER works in a country the size of the US, if people want something, they're gonna get it...because there's always going to be someone to sell it to them.

Mark · Sep 5, 2011

There are only so many ways to restrict Internet access, including filtering at all levels right down to the packets, disconnecting circuits, disrupting traffic routes, manipulating DNS, implementing some bizarre form of 'Internet licensing' and related access controls and restrictions, and so on.

My guess is that the PTB would use any and all means necessary to acheive their ends.

Guardian · Sep 5, 2011

m said:
There are only so many ways to restrict Internet access, including filtering at all levels right down to the packets, disconnecting circuits, disrupting traffic routes, manipulating DNS, implementing some bizarre form of 'Internet licensing' and related access controls and restrictions, and so on.

Well, then there's always Fidonet, and like my bell bottom jeans, phone phreak'in might come back into style ;)

Guardian · Sep 5, 2011

ignis.intimus said:
This button exists in case of an electrical accident, pushing it is supposed to disable all power on the data center floor, where all the Internet routers are working. If they do this just in a few places in CA and NY they would almost completely severe the US from the rest of the world via the Internet.

You're describing a POSSIBLE way average US Citizens could be blocked from the Internet... NOT the takeover/destruction of the worldwide Internet.

The rest of the world could get along just fine without us ya know. ;)

Gonzo · Sep 5, 2011

Guardian said:
I understand what you're both saying, but what I see you describing is how the Internet could be broken down into many different nets, at GREAT expense. Remember all the home grown BBS's? What are they going to do, shut down all the phone lines too? If they block ALL data (a nightmare for banking and retail) over the phones, what about the Satellites?

I'm guessing (unless you actually have some data?) about 10-15 percent of the population either knows how, or would quickly learn how, to navigate without DNS ...and would we really miss the other 80-85%? ;)

I think you missing part of what I'm saying and I apologize of I'm not being clear. People surfing without DNS means by using IP. If backbones get filtered by examining every packet of data regardless of the IP and blocks anything that doesn't comply with the criteria, it doesn't matter if you have the IP - you won't be able to see the data.

I think several people who have a lot to contribute on the Cass forum might have a low computer/Internet literacy. I have no idea the number, but using yours, if only 10-15% could participate out of 3,506 members, that would only be 350-526 members. That would be a huge blow to the forum.

You'd be surprised how many intelligent and otherwise knowledgeable people in the general population (not that forumites are representative of the gen pop, but as an example) type URLs into Google instead of the address bar, and then click the link in the search results, thinking that's how you surf. My log files are full of referrers from google that typed in our URL as a search term.

I'm not saying they would break the net up into smaller nets. Rather, they could reduce the Internet, at least the Internet that Americans (for example) would see, to only the content they want Americans to see, and limit the activities of their citizens to only the things they are allowed to do. Since Google caved to the Chinese, the US could end up with a Google that only indexes the content that Homeland Security allows it to. Kind of like a Compuserv that doesn't allow you to see the real Internet, just a filtered version of it. Maybe you could see some wholesome Christian websites but searches for Gurjieff or Castenada would come up dry, except for links to essays on how such esoteric concepts are the devil's work. ;)

Yes, I remember the BBS days. Dialup uses the phone lines that are owned by the very people who would be filtering and blocking. All phone lines are monitored by now, I imagine and most telephone lines now run through networks. So, using a BB would use the network that's being filtered, just like the Internet. You might be able to share data within a small area near you, if the switches haven't been upgraded to digital, but you wouldn't be able to communicate with anyone else whose phone lines are on the network. You won't have anything near the size of the Internet. Beside, most systems being sold nowadays don't even have modems anymore.

Satellite communications might work for the few that have the ability to communicate bidirectionally. Downloading from satellites is one thing but transmitting is another. One would need specialized hardware. Often, satellite Internet is a combination of POTS (telephone) or radio for upload and satellite for download.

They wouldn't block all data on the phone lines. Rather, they would treat it identically to Internet data, allowing commerce and other "desirable" data to flow smoothly.

The only thing left that they couldn't necessarily filter (to my knowledge, which is certainly limited) that could still have international coverage, would be HAM radio. When I ran an ISP more than a decade ago, we were looking at Internet over amateur radio. I'm sure it exists now, but would still be limited in the sense that not many people would have the hardware and an entire Internet would have to get created over the air waves. They could use jamming technology though, where only certain frequencies could communicate and all the others are blocked.

The way I see it, they already have the ability to block specific types of data on each network and, if the government wanted to, each network could be forced to do so. So, the government could shut the Internet down completely (except for mil and certain government networks) or they could filter the Internet. The latter seems to make the most sense unless the had to move swiftly to stop a major attack on critical infrastructure that they weren't prepared for, in which case they would probably cut power to the International trunk (if the problems were from the outside, otherwise they'd shit down the Internet totally) until they could adequately configure their filters.

One thing to consider is that it is possible that some of the filtering might be done by a remote security contractor working out of another country, like Israel. So, the software and hardware would get installed on all national carrier networks and the command can configuration would come from a service provider. This would require communication along an international trunk. However, I wouldn't be surprised if the military already has a separate international trunk that operates outside of the main stream networks, so severing the International lines wouldn't be so dramatic for the PTB.

There's a lot the US PTB would enjoy from disconnecting its citizenry from the rest of the world as long as they could still carry on business as usual. Having their people isolated, in the dark, has worked well for totalitarian regimes in the past, especially theocracies.

Gonzo

Mark · Sep 5, 2011

Guardian said:
Well, then there's always Fidonet, and like my bell bottom jeans, phone phreak'in might come back into style ;)

A packet is a packet, and a modem carrier can be demodulated of course - so filtering can happen on any line or any airwave signal, and when push comes to shove it will be. We'll be relegated to the old tried and tested SneakerNet ( sometimes known as the Heel Toe Express )

Gonzo · Sep 5, 2011

Guardian said:
Look who posted instructions when Egypt blocked the Internet. The blockade lasted five days, and the resistance to it was created in one.

http://pastebin.com/9jJUku77
20 Ways to Circumvent the Egyptians Governments Internet Block

By: @AnonymousRx

Click to expand...

IF they tried REALLY hard, and spent BILLIONS, I think the US Government would have as much success in blocking the Internet as they have stopping the import, sale, and use of illegal drugs in the US. Prohibition NEVER works in a country the size of the US, if people want something, they're gonna get it...because there's always going to be someone to sell it to them.

You think the US actually wanted to stop the import of drugs? They needed customers to sell their drugs to.

While there were workarounds to the lame efforts of the Egyptian government to block Internet and Social networking, things would be different in the US.

For example, there certainly could be ways to make long distance calls to ISP in countries that still have open Internet, and the gov would never know until you post, since they have spies everywhere, but the costs could become extreme. As well, that would require using the phone, which is monitored and runs through the network that's being monitored.

Many of the things mentioned by anon re: Egypt just wouldn't work, aside from HAM.

The US actually contributes a lot to the functioning of the Internet. For example, it runs the DNS top root servers for the world. This is something that members of the international community have been trying to change for years but the US Department of Commerce has refused. Although root servers are distributed throughout the world, ICAAN's DNS operations holds the authoritative records on those servers. So, the US could make things very difficult for other countries if they didn't behave accordingly. ni fact, it could be said that if they don't help the US protect itself again a false flag cyber attack, that country could be viewed as supporting terrorism.

Of course, this all depends on how severe governments want to curb their citizens. They may start slowly, first blocking content that discusses how to make explosives, hacking, phreaking, etc. It all depends on what they want to accomplish.

Gonzo

D69 · Sep 5, 2011

I'm guessing (unless you actually have some data?) about 10-15 percent of the population either knows how, or would quickly learn how, to navigate without DNS

That is super optimistic , I would say its 1-3 %.

BTW. Filtering based on Googles geolocation is alredy here all the time for quite a while. Try it by yourself , install completely brand new system (whichever you want) before you connect it to network, restrict everything I mean cookies and stuff like that. Then go to google.com and you will be instantly redirected to a google server under you county domain extentions. For example if you live in France , you will be redirected to google.fr.
I assume it won't be so obvious if you live in US or , which is important, if you use Google Chrome ;)

ocean59 · Sep 5, 2011

Guardian said:
Well, then there's always Fidonet, and like my bell bottom jeans, phone phreak'in might come back into style ;)

Yup, Fidonet was exactly what I was thinking too. I know there were other slow e-mail and file delivery systems back then in the BBS days too, but can't remember what they were called anymore.

I seriously doubt TPTB is filtering non-internet dial up modem carrier signals in real time. The internet is so huge, and the percentage of dial-up users that are using their connection in a way other than direct PPP/SLIP must be infintesimal to zero at this point. I think BBSes wold make a comeback with a serious quickness, and I don't see how that could be filtered or restricted. Perhaps a new (encrypted?) dial-up protocol would be needed, I don't know.

As it were, international e-mails used to take a day or two to arrive via those methods, and no internet was involved. At the end of the day, a local BBS would place a phone call to a regional BBS, and transmit any data (transmit outgoing messages, receive incoming messages, etc.). That regional BBS would continue transmitting to the next station, and each hop would be hours apart in some cases (hence the days transmission time). Aside from long distance bills (covered by network fees in most cases I believe) this still seems like a viable way to insure backup communications.

I still miss those days sometimes, interacting with dozens of local communities via BBSes. Does that paperclip payphone trick still work anymore? :D

Guardian · Sep 5, 2011

Gonzo said:
You think the US actually wanted to stop the import of drugs?

No, do you think the US actually wants to stop "terrorism?"

Guardian · Sep 5, 2011

Jason (ocean59) said:
I still miss those days sometimes, interacting with dozens of local communities via BBSes. Does that paperclip payphone trick still work anymore? :D

I bet it would, IF you could find a payphone. Sometimes I miss the old BBS's too, although I don't miss using a cassette recorder as a hard drive :lol:

This is a VERY interesting discussion, and one I want to jump into because I think the PTB are creating unrealistic fears when they threaten to take down a system the entire US economy has become EXTREMELY dependent upon...but I've got a LOT I have to do over the next couple of days. If yawl don't mind, I'll get back to this thread at a later date? I don't want anyone to think I'm ignoring your well thought out responses...but I got to finish the other stuff first.

In the mean time, I think it would be a WONDERFUL idea if someone started an instructional thread on how to reach the Cass Forum if the DNS is blocked?

Everyone could save a copy...just in cae?

Internet Kill Switch

Gonzo

The Living Force

Guardian

The Cosmic Force

Guardian

The Cosmic Force

doublea1535

Jedi Council Member

Guardian

The Cosmic Force

Mark

Administrator

Guardian

The Cosmic Force

Guardian

The Cosmic Force

Gonzo

The Living Force

Mark

Administrator

Gonzo

The Living Force

D69

Dagobah Resident

ocean59

Dagobah Resident

Guardian

The Cosmic Force

Guardian

The Cosmic Force