Firstly, thanks to Donal and Wade who originally some time back linked me to the video discussed in this post.

David Rice, who I chatted with recently has posted some interesting thoughts on an Internet based 9/11 type attack on his Geekonomics site. (Video included in the link). David looks at the potential scenarios but importantly addresses the implications to the rights of the citizen by way of introduction of any Internet version of the US Patriot Act.

Worse case scenario, and not debating likelihoods of it happening or even being possible (for now in terms of this post), if it were to happen, what are the flow-on implications to other countries either directly or indirectly by way of the “global” Internet links to the USA?

We see US regulation/reactions to events affecting business around the world already (SOX as just one example of many). What happens if the US does enact an Internet Patriot Act? Would something like this in a quick knee-jerk reaction affect and change the Internet as we know it today? I think it’s something that needs to be considered and researched outside of just implications to the US and its citizens.

Or am I just way off base here and assuming too much in the way of US influence on the Internet as a whole?



  1. D2 says:

    ARP, DNS and… and…. BGP!

    http://asert.arbornetworks.com/2008/08/internet-routing-insecurities-re-revealed/

    “With any luck, the RPKI and SIDR efforts will take hold, as the Regional Internet Registry (RIR) development efforts are well under way and much needed. And unquestionably, until some formally verifiable source for who owns what address space exists on the Internet, verifying who is authorized to assert Internet routing reachability or provide transit services for that address space is going to be challenging at best. I applaud DHS efforts in seeding work in this area, and am thrilled several of the RIRs seem to working on RPKI infrastructure development. Now, it’s time for the ISPs to step up and be ready to employ this infrastructure for routing filtering. For that matter, use it for source address verification as well, and snuff most of those IP source address spoofing attacks while you’re at it (e.g., Kaminsky’s DNS cache poisoning stuff).

    There’s no shortage of NANOG and other related papers and talks on these topics over the past 20 years, and I see nothing particularly new revealed in this talk – well, at least nothing new for the folks that were paying attention. The one clever bit that I did see from their work is how they used AS prepending not to selectively break connectivity to a given target AS, but instead, to preserve the native forwarding path inter-domain. There are many ways you could do this, but AS prepending didn’t come to mind when I was thinking about it, and I’ve not seen that method employed in practice (although perhaps because the other techniques are arguably simpler to implement).”

  2. D3.0 says:

    Schneier and the public => Movie-Plot Threat Contest
    http://www.schneier.com/blog/archives/2006/04/movie_plot_thre.html establishes scenarios via crowdsourcing for free.

    Movie Producers prime the public(including stereotypes): Die Hard 4.0 http://en.wikipedia.org/wiki/Live_Free_or_Die_Hard

    Execute i9/11 plan. Unfortunately distributed nature of the net causes US of A to isolate itself from the rest of the world. Corporates take over. Snow Crash begins http://en.wikipedia.org/wiki/Snow_Crash . The Golden Age begins elsewhere on the planet and beyond http://en.wikipedia.org/wiki/The_Golden_Age_(John_C._Wright_novel) and we live a lot longer than Amuricans as we re-model our DNA starting with the http://en.wikipedia.org/wiki/Methuselah_Mouse_Prize

    But first we must address BGP!

  3. @D2, agreed that theories about attacks like this and implications and reactions to them have been discussed and debated for a while now. But, as you discuss and put forward also, their focus has been predominantly of a technical and infrastructure nature as opposed to business and overall society impact (including global economy impacts).

    We can sit here and think “she’ll be right mate”…nothing like that would ever happen but we should know better by now. Technically anything is possible as we know and the motives and incentives behind it (ie; whether anyone would actually contemplate something of this nature) would be naive to discount. Gees, the World Trade Centers were brought down….and we wonder if anyone would bother attacking some cabling and a few devices attached to it. (You know what I mean).

    Whether something like an Internet Patriot Act definately exists, I don’t know. Some good sources seem to think it does so I would guess something like it does exist. (Assuming Cyber-Storm I and II and other such exercises and proof of concepts are acknowledged as demonstrating that control over Internet as we know it today and it’s security is near impossible….but that’s another story).

    So, the “improbable?” event takes places…old men who control things react (and they’re generally not going to be more rational thinking Information Technology thought- leaders, academia, Internet minds I would say)…what confidence do we have that the response is not going to be extremely based upon physical world precedent?…. bunker/lock down, insular in terms of country (who cares about the rest of the world, our concern is the US only), find a target whether the real enemy or not (it doesn’t matter as long as it looks like we are responding), re-assess and then plan for how advantage can be gained from this.

    (D2, I believe you experienced first hand during your recent trip to the US some “interesting” things).

    In the meantime, what happens to the global economy arising from decisions made in the US that could radically alter, impact and/or cripple global Internet communications and business? Had the country in question been Australia, even China….almost anyone bar the US, we probably would not be focusing as much on it, but realities are that what the US does, does impact the rest of the world. We’re still feeling it post 9/11!

    How much worse could it be? The thought scares me. Hopefully lessons from the past have been learned but I would be naive to think they have.

    I wouldn’t consider myself a conspiracy theorist. :-)

  4. Wade M says:

    D3 Said “But first we must address BGP!”

    Is this before or after DNS? :P I’d guess before, but it can’t be too much before DNS ;) I did see you mention DNS as well, just making sure you don’t forget about it ;)

    Draz, Great article. It’s really good to see all of this coming together. Great to see you getting into Lessig, and also super seeing David getting in on this.

    I guess we are seen as conspiracy theorists, but this is real. The connections are all there to be made, clear as day. Most people are too busy watching TV to work this out.

    Peace,
    –Wade

  5. D2 says:

    One possible solution the muppets in the higher US of A echelons are thinking of (excuse the pun!) is an af.mil botnet… muhuhuhuhhahahahahahah! Burst the pipes baby!

    http://taosecurity.blogspot.com/2008/05/mutually-assured-ddos.html

    “The world has abandoned a fortress mentality in the real world, and we need to move beyond it in cyberspace. America needs a network that can project power by building an af.mil robot network (botnet) that can direct such massive amounts of traffic to target computers that they can no longer communicate and become no more useful to our adversaries than hunks of metal and plastic. America needs the ability to carpet bomb in cyberspace to create the deterrent we lack…”

  6. HMA says:

    @Wade, D2, D3.0 etc and obviously DD, no progress is ever made without upsetting the ‘establishment’. In our industry, the obvious is clear but as DD said, you can be made to look like a crazy conspiracy dude.

    The unknown here is what an “i-patriot act” would actually mean to all. The Patriot Act (who invented that term?) was a shock to the world and everyone has felt the impact….

    I remember my uncle saying “US now controls the oil….we get cheap petrol!”…..He now says, “Saddam…good man….Bush….dangerous!…

  7. D2 says:

    I swear to Buddha, Allah, Jesus and the Holy triplets I send shit out in to the ether or there is emergence occuring via non-separability. See my earlier comments about bypassing/isolating the US of A.

    (Note datetime D3.0 Says:
    August 27th, 2008 at 10:31 pm )

    Now go here! http://www.nytimes.com/2008/08/30/business/30pipes.html

    Honestly I had seen nothing about this in the past months/years, twas just a thought!

  8. @D2,

    Neither had I. Coincidental timing and also I attest to the fact that you’ve been talking about this for a while. I admit, I believe this is a good thing but at the same time, it doesn’t overly answer anything I have put forward here from a business perspective where the implications of something being put into place exist above the technology layer (but are related to it if that makes sense).

    DD

  9. D2 says:

    I have been side stepping the economic/business related argument for fear of having to quantify cost/value/loss/risk.

    human/machine processing nodes and organisations are nothing without the ability to interconnect and transfer information/value thus the fabric/interconnections whether physical or logical are primarily still governed by tech e.g. the highest value lowest common denominator…

    Countries will fall, economies will crash, people will die! Muhuhuhuhahahah: scarcity applied to information or any resource, once abstracted, it’s value is predicated on trust and ability to excercise options at an agreed value threshold/tolerance. Lose trust in the fabric *and* endpoints whether society, systems, nodes, peoples or governments.. game over. Insert more credits or face civil war. Gross over-simplification I know.

    I actually would support Australia having a plan like China to be able to shut its data borders uni or bidirectionally. I also believe as with Central Banks, we need a body that can tweak, prod, influence the market with “carrot credits” and “data sticks”. At the most fundamental level it’s about transmission of information, goods or capabilities for any business and associated perceived value. What is your value judgement predicated on?

  10. @D2, Last question at me? That’s as big a question almost as I put forward!? It’s hard to answer that without knowing what the US position/actions would be….that is the big unknown and what we are speculating about. To guess/predict potential scenarios and add comment would keep me doing nothing but writing here for weeks and even then, you’re assuming I would know something and have a “value judgement”?! Thanks for the vote of confidence D2.

    DD

  11. D2 says:

    Last question just left hanging in the ether, no one in particular… can apply to any transaction!

    [heavy gruff voice] Me mate FRED did a bit o’this in the 90’s, modelling n’stuff http://all.net/journal/ntb/simulate/simulate.html

    Taxonomies, game theory and Monte Carlo simulations! I reckon some thinktanks have run simulations, cmon’ its got to be easier than predicting the weather with the same equipment :)

  12. [...] Wed 19-11-2008 Printable Mandalas & Buddha Art Collection Saved by hvogt on Wed 19-11-2008 Implications to other countries if a 9/11 type attack happened on … Saved by vrilleuse on Mon 10-11-2008 DALAI LAMA Saved by ramcleod on Wed 05-11-2008 Buddha [...]