Internet Kill Switch

Last month, Sen. Joe Lieberman, I-Conn., introduced a bill (text here) that might—we’re not really sure—give the president the authority to shut down all or portions of the Internet in the event of an emergency. It’s not a new idea. Sens. Jay Rockefeller, D-W.Va., and Olympia Snowe, R-Maine, proposed the same thing last year, and some argue that the president can already do something like this. If this or a similar bill ever passes, the details will change considerably and repeatedly. So let’s talk about the idea of an Internet kill switch in general.

It’s a bad one.

Security is always a trade-off: costs versus benefits. So the first question to ask is: What are the benefits? There is only one possible use of this sort of capability, and that is in the face of a warfare-caliber enemy attack. It’s the primary reason lawmakers are considering giving the president a kill switch. They know that shutting off the Internet, or even isolating the U.S. from the rest of the world, would cause damage, but they envision a scenario where not doing so would cause even more.

That reasoning is based on several flawed assumptions.

The first flawed assumption is that cyberspace has traditional borders, and we could somehow isolate ourselves from the rest of the world using an electronic Maginot Line. We can’t.

Yes, we can cut off almost all international connectivity, but there are lots of ways to get out onto the Internet: satellite phones, obscure ISPs in Canada and Mexico, long-distance phone calls to Asia.

The Internet is the largest communications system mankind has ever created, and it works because it is distributed. There is no central authority. No nation is in charge. Plugging all the holes isn’t possible.

Even if the president ordered all U.S. Internet companies to block, say, all packets coming from China, or restrict non-military communications, or just shut down access in the greater New York area, it wouldn’t work. You can’t figure out what packets do just by looking at them; if you could, defending against worms and viruses would be much easier.

And packets that come with return addresses are easy to spoof. Remember the cyberattack July 4, 2009, that probably came from North Korea, but might have come from England, or maybe Florida? On the Internet, disguising traffic is easy. And foreign cyberattackers could always have dial-up accounts via U.S. phone numbers and make long-distance calls to do their misdeeds.

The second flawed assumption is that we can predict the effects of such a shutdown. The Internet is the most complex machine mankind has ever built, and shutting down portions of it would have all sorts of unforeseen ancillary effects.

Would ATMs work? What about the stock exchanges? Which emergency services would fail? Would trucks and trains be able to route their cargo? Would airlines be able to route their passengers? How much of the military’s logistical system would fail?

That’s to say nothing of the variety of corporations that rely on the Internet to function, let alone the millions of Americans who would need to use it to communicate with their loved ones in a time of crisis.

Even worse, these effects would spill over internationally. The Internet is international in complex and surprising ways, and it would be impossible to ensure that the effects of a shutdown stayed domestic and didn’t cause similar disasters in countries we’re friendly with.

The third flawed assumption is that we could build this capability securely. We can’t.

Once we engineered a selective shutdown switch into the Internet, and implemented a way to do what Internet engineers have spent decades making sure never happens, we would have created an enormous security vulnerability. We would make the job of any would-be terrorist intent on bringing down the Internet much easier.

Computer and network security is hard, and every Internet system we’ve ever created has security vulnerabilities. It would be folly to think this one wouldn’t as well. And given how unlikely the risk is, any actual shutdown would be far more likely to be a result of an unfortunate error or a malicious hacker than of a presidential order.

But the main problem with an Internet kill switch is that it’s too coarse a hammer.

Yes, the bad guys use the Internet to communicate, and they can use it to attack us. But the good guys use it, too, and the good guys far outnumber the bad guys.

Shutting the Internet down, either the whole thing or just a part of it, even in the face of a foreign military attack would do far more damage than it could possibly prevent. And it would hurt others whom we don’t want to hurt.

For years we’ve been bombarded with scare stories about terrorists wanting to shut the Internet down. They’re mostly fairy tales, but they’re scary precisely because the Internet is so critical to so many things.

Why would we want to terrorize our own population by doing exactly what we don’t want anyone else to do? And a national emergency is precisely the worst time to do it.

Just implementing the capability would be very expensive; I would rather see that money going toward securing our nation’s critical infrastructure from attack.

Defending his proposal, Sen. Lieberman pointed out that China has this capability. It’s debatable whether or not it actually does, but it’s actively pursuing the capability because the country cares less about its citizens.

Here in the U.S., it is both wrong and dangerous to give the president the power and ability to commit Internet suicide and terrorize Americans in this way.

This essay was originally published on AOL.com News.

Tags: China, cost-benefit analysis, cyberterrorism, cyberwar, denial of service, hacking, Internet, ISPs, overreactions, terrorism

Posted on July 12, 2010 at 7:07 AM • 88 Comments

Comments

casey • July 12, 2010 7:39 AM

It seems shocking that the U.S government would get the power to shut down the Internet, until I remembered that they already have nuclear weapons.

Mike B • July 12, 2010 7:40 AM

It’s funny that Liberman would consider that the ability for China to implement some sort of wide ranging security crackdown as an argument in favor of us doing it here. Sounds like a case of rectal-cranial inversion to me.

Malcontent • July 12, 2010 7:42 AM

We’d probably be safer if we could just cut off congress from accessing the rest of the world.

Stefan • July 12, 2010 7:45 AM

And skynet realized it had to act…

Clive Robinson • July 12, 2010 7:51 AM

@ Bruce,

You forgot to mention that the obvious way around a “kill switch” is a “dead mans switch”.

Anybody who thinks that cutting of the Internet or other communications system is a safety measure is deluded.

All I have to do is place my malware etc in such a way that it detects the kill switch in operation and delivers it’s payload…

And anybody who thinks they can reliably stop such malware detecting the kill switch has no notion of what would be involved.

AppSec • July 12, 2010 8:01 AM

And then of course there’s this whole global labor thing which is going on..

Jeff Medcalf • July 12, 2010 8:02 AM

This strikes me as akin to the idea of very high gas taxes as a response to “peak oil”. The rationale is that if we don’t act, the resource will be depleted or made useless, and the way to act is to set conditions that would prevail as if the resource had already been depleted or made useless. Not that bright, actually.

Jan Doggen • July 12, 2010 8:16 AM

There’s another reason why this is a bad idea: in case of a war of the size that would ‘justify’ this, we need sane people all over the world to connect and try to stop this.

HJohn • July 12, 2010 8:24 AM

On similar note, I read this in PC World this morning…

NSA’s Perfect Citizen Program: What You Need to Know Here are key facts about the U.S. National Security Agency’s plan to monitor and protect key elements of the nation’s infrastructure.
http://www.pcworld.com/businesscenter/article/200824/nsas_perfect_citizen_program_what_you_need_to_know.html?tk=nl_bdx_t_crawl

Brandioch Conner • July 12, 2010 8:43 AM

The biggest problem is that the people recommending this couldn’t configure a router if their lives depended upon it.

An easier “kill switch” would be to maintain a contact list for the companies controlling the backbone. In case of emergency, the President would contact those people and they’d have their people handle the technology.

But it is all magic to the people who don’t understand it.

Anyway, this sounds like a perfect example for your “attack trees” concept. Under what scenarios would the different responses be useful in reducing or eliminating the blogorists’ capability to execute those scenarios?

And are there easier ways that would ALSO result in a reduction of vandalism, spamming and crime today?

Droopy Dog • July 12, 2010 8:44 AM

O is for ostrich, with head in the sand.

Chaim Krause • July 12, 2010 8:53 AM

The Internet has a better chance to shut down Sen. Joe Lieberman, that he does of shutting down the Internet. Maybe we should prove that.

EYIKES • July 12, 2010 8:58 AM

If the internet is shut down, millions of zombie geeks will stare at the diminishing white dot in the center of thier screen and realise that thier world has come to an end but when the come blinking into the light and discover the rest of us they will fall back on the social skills they learned in world of warcraft. Shooting everything that moves in the wind.

André • July 12, 2010 9:02 AM

Hey, China also seems to be able to kill their own people just for telling their opinions aloud, so why not …? uhm.

Meanwhile, I would like to know how something like that might work. But then, I still have a nearly unused dial-up-modem lying around somewhere. Just in case …

D'oh • July 12, 2010 9:09 AM

“obscure ISPs in Canada”

Gee, thanks Bruce. On balance, we’re much happier up here when the US is not glancing in our direction – every time you boys look this way, it costs us either money, sovereignty, or both. Nothing brings that old saying “Security is expensive and inconvenient” than living next door to you lot.

Shelley • July 12, 2010 9:17 AM

“The Internet is the largest communications system mankind has ever created, and it works because it is distributed. There is no central authority. No nation is in charge. Plugging all the holes isn’t possible.”

Isn’t that why we built ARPANET?
A system of communication that couldn’t be shut down.
Sheesh even when we get it right we complain.

Alex k • July 12, 2010 9:25 AM

Nice one!
I think this is an interesting topic. Especially from a technical point of view. If we know that the internet has been build with one of the main drivers for it to be functional, even though parts where “broken”, why now want to “shut down a part of it?

This of course, aside from the fact that you might be doing more damage than good to the people you try to protect.

Good article, I really think this topic does not get enough attention, especially overseas in Europe. Thank you!

Trichinosis USA • July 12, 2010 9:54 AM

The (D)ARPANET reference is key. We’ve gone from the healthy, experienced mentality of “communications are crucial during wartime/disaster” to the exact opposite. There’s only one reason to shut down communications during a disaster or wartime – to HIDE activity. Cops don’t cut phone lines. Cops don’t disable alarms. Burglars do.

It’s time the citizenry of the United States started asking what it’s GOVERNMENT has to hide, rather than the other way around.

DayOwl • July 12, 2010 9:57 AM

The “kill switch” idea seems like the technological equivalent of disarming the populace. Tyranny in the name of “for your own good.” Far more useful against the populace than for it.

Scott Jay • July 12, 2010 10:02 AM

@casey “It seems shocking that the U.S government would get the power to shut down the Internet, until I remembered that they already have nuclear weapons.”

Funny you should mention that. The internet was originally designed as a command and control system for nuclear weapon facilities. As a distributed system, it was designed to route around missing sections of the network due to nuclear attack. Well, maybe it isn’t all that funny. Point being, at its core the internet is designed to evade attempts to shut it down. At this stage, a kill switch is nonsense.

I can’t be the only one getting an Orwell buzz off this type of thinking, right? The Leader has the power to shut off the primary flow of information and communication when The Leader decides there is an “emergency”. Really?

NobodySpecial • July 12, 2010 10:03 AM

Leaving aside the cynical idea that this is a way of giving say the MPIA/RIAA more power (elected officials doing deals with major contributors – shurely not?)

The big boost is probably going to be for cable laying in SE Asia. A lot of traffic between China/ Australia/ Japan/ misc_asian_tiger_economies routes through the USA.
If the US has the power to shut down data between China and it’s customers then some people in China with power and or money are going to do something about it.

DayOwl • July 12, 2010 10:10 AM

Here’s the site the endgadget article refers to:

http://tpmdc.talkingpointsmemo.com/2010/06/joe-lieberman-and-the-myth-of-the-internet-kill-switch.php

Worth reading.

Josh O. • July 12, 2010 10:21 AM

Obviously I agree that an internet kill switch is a stoopid idea. However, your article brings up another interesting point. The consequences of shutting down the internet could be dire due to our deeply integrated reliance on it for commerce, etc. Is that an acceptable risk. We think the internet can’t be shut down on purpose, but I wouldn’t rule out an accidental failure of it. Perhaps we should be working to remove this interdependence on the internet, so that a “kill switch” becomes a moot point.

Jarkko Hietaniemi • July 12, 2010 10:21 AM

The proposals can be summarized succinctly: they have no idea what they are talking about.

BobW • July 12, 2010 10:34 AM

And they call themselves the “reality based community”.

Brian • July 12, 2010 10:39 AM

The attackers wouldn’t really be attacking “the whole internet”, or “a whole country”,so this idea is so bunk that it hurts. When I first saw this, all I could think was “facepalm”. It would, however, stop one type of attack: the DDoS. To put it another way, you would use a DoS to stop a DoS. Yea, thats just so stupid that it hurts.

George • July 12, 2010 10:46 AM

It seems the U.S. government prefers to ignore the fact that security is a tradeoff, and also to ignore any notions of cost-benefit analysis. The only thing that matters is the appearance of “doing something” that makes politicians look “tough on security.” The blunter (and costlier) the instrument, the better. The TSA is probably the most notorious example of this phenomenon, but there surely are others.

BF Skinner • July 12, 2010 10:51 AM

@Bruce
Not in complete agreement with you here though I don’t like Lieberman’s bill.

A consistent thread in the legislation is it’s applicability to “critical” infrastructure. But how to define it? My take is that they want to give the president the authority to order some critical infrastructures (which are private entities) to leave the party.

once he has that authority the multi and transnationals will have to develop contingency plans.

Isn’t one of our basic principals protect to our most precious assets more stringent controls?

We’re not talking about Netflix or Facebook but gas distribution lines (natural and refined products), sewage systems and and power generation (think coal fired plants, nukes and dams).

Is the internet itself “critical”? Infrastructure.

Some seem to conflate “the internet” with “critical infrastructure”. Which begs the question is the internet “critical”. No one I’ve heard has yet made that claim outside of World of Warcraft players. (Chaney would have)

Isolating these critical functions from the carrier in the face of an attack is reasonable. It’s what we did during the Morris worm attack. But that begs the other question which someone here said clearly “What’s your critical infrastructure doing on the internet in the first place?” First power of Ohio comes to mind. One of the many workstations infected by Saphire they never did explain just why a nuclear power plant safety workstation was connected to the internet.

The government has done it in smaller measure when the Court ordered Dept of Interior to remove itself from the internet. TIC is following this strategy – reduce exposure.

But if we isolated ourselves say through kinetic kill of the onshore points for the oceanaic cables is that an act of war? Most Far East and Middle East traffic routes through the US. The loss of that traffic would be a significant loss of intell (as you and Marcus debated a couple months back)

unforeseen ancillary effects
Add
the transnational nature of telecoms could leave large parts of industy in breach of contract and liable through other nations courts.
People not paid
Help desks less helpful than before (just try to get an Oracle tech to remote to your desktop when you’re in New York under blackout and he’s in Egypt.)
international companies being IT unmanageable (since most are offshoring this function)

My personal belief is that critical systems shouldn’t be routing through the internet to begin with. However since they are…During the cold war there was a proposal to join the US and Soviet power grids. The idea being that neither side would want to nuke it’s own electricity supply.

david cornwell • July 12, 2010 10:52 AM

What communications systems would be intact if the US Gov was able to shut down the entire worldwide internet during a war? Presumably Military only communications systems would be intact that did not rely in the internet.

John • July 12, 2010 10:52 AM

Variations on a well worn theme. When it becomes clear that it is impossible to find a small needle in a very large haystack you create a plan to burn the haystack.

RH • July 12, 2010 10:56 AM

I think that, in a situation bad enough where killing the internet is fesable, the president already has the power. An oval office address would be sufficient to sway ISP owners to turn things off. Especially true if bombs are falling on the cities!

And in response to “cops don’t cut communications,” they do. If a group of criminals are negotiating to outmaneuver the police, they will disrupt any communications they have the legal power to disrupt. Anything else is just wasting lives.

Cops don’t cut the alarm because the alarm isn’t hurting them. Turn the situation around (hostage situation using the alarm system to monitor police movement), and I bet the rules change.

Tom • July 12, 2010 11:00 AM

This seems like the politicians trying to control something they don’t understand and not listening to the Engineers saying not to do it. Rather like the Space Shuttle explosion launched when it was too cold.

Ward S. Denker • July 12, 2010 11:02 AM

I’m glad to see you covering this topic, Bruce. I mentioned it in a thread a few days back and got the impression that I was disbelieved that something this idiotic could be working its way through Congress.

Mayfield’s Paradox alone should be enough to kill this idea. It’s impossible, without infinite funding, to keep everyone out of an information system. It only takes one person who is seeking fame to figure out how it works, break in, and shut down everything on their own. We’d have less to fear from terrorists than we would from black hat hackers out to make a name for themselves with the biggest computer hacking headline ever imagined:

“Hacker Breaks Into President’s Kill Switch and Shuts Down Entire Internet.”

Loki • July 12, 2010 11:23 AM

11 July 2010

Conficker, Cyber Emergency, and the Internet Kill Switch

by Kai Tischen

http://cryptome.org/0001/conficker-kill.htm

”
” Conficker’s obfuscated code, stealthy peer-to-peer mechanisms, evasion of network filtering, and sophisticated updates are exemplary in the world of worms. If Conficker has any equal in its combination of technical inscrutability, pervasiveness, bulletproof networking, and steady innovation, it’s another application called Skype. Like Conficker, Skype obscures its operation from debuggers and disassemblers, can’t be effectively blocked on the network layer, stumps experts with its formidable peer-to-peer system, and is backed by a team dedicated to preserving these advantages. Skype works this way to gain specific commercial advantages. Conficker works similarly. But why does Conficker even exist?

The public doesn’t yet know why such cutting-edge work has been poured into developing and spreading the Conficker worm. But one worrisome possibility is that Conficker’s army of zombie PC’s could present the “Internet emergency” that authorities (the U.S. government in particular) have long warned about — a sustained attack of such scale and resilience that the network is brought to its knees. The sleeping giant Conficker may be designed specifically to launch just that conflict.

It’s inevitable: Conficker (or something like it) will eventually stoke a cyber-war that can only be addressed by actions with serious side-effects for the Internet. Unapprehendable malfeasants will be blamed, perhaps painted as those bent on destroying our freedoms. But ultimately our own government authorities, raptured by Conficker’s perfect storm, will be the ones to bury Internet liberty. And so long as the core cyber-addictions of our age are allowed to persist online, there will be no backlash, no uprising. Simply stated, Conficker exists to facilitate the authoritarian suppression of personal autonomy in the same of security, a perfect cyber-mirroring of the “anti-terror” policymaking of the last decade.

THE CREATORS OF CONFICKER WILL SOON BE REVEALED. They are the authoritarian idealogues who will benefit from the convoluted process of Conficker’s destruction. “

Food for thought.

sidelobe • July 12, 2010 11:27 AM

How would you test the kill switch?

Rick Auricchio • July 12, 2010 11:35 AM

Maybe they should propose a kill-switch for aircraft, because terrorists could hijack them.

Just makes all aircraft crash immediately.

Matt • July 12, 2010 11:41 AM

I encourage people to actually read the bill. It’s depressing how the perception of the bill has become divorced from the reality of its text. The bill is here:

http://www.govtrack.us/congress/billtext.xpd?bill=s111-3480

First: there is no “kill switch”. It’s a complete fabrication. Of course the idea is a ridiculous one, but it’s nowhere in the bill, whatever Joe Lieberman might think.

What the bill basically does is allow the President to declare a “national cyber emergency” (S. 249), which requires affected infrastructure-related networks implement a set of security procedures. This a step in the right direction, and it’s not a kill switch.

The problem is, under present law it is unclear who is responsible for monitoring or maintaining the security of our infrastructure–NSA? FBI? DHS? The military?–and this bill takes some good first steps. It also repeatedly refers to privacy laws, and sets up the position of Privacy Officer who is a watchdog to make sure the Director stays on the right side of that line. Also a good thing.

Even though a coordinated cyberattack would be difficult to defend, the consequences would be serious, and I think it’s the responsibility of the federal government to at least try to plan for such an attack. That’s what this bill does.

BF Skinner • July 12, 2010 12:14 PM

@Alex K ‘why now want to “shut down a part of it?’

What you can’t turn off you don’t control.
What you don’t control is controlled by others.

@Matt
Precisely.

jgreco • July 12, 2010 12:27 PM

@D’oh at July 12, 2010 9:09 AM

Presumably communication to non-obscure ISPs in Canada/Mexico would be blocked. I don’t think Bruce was saying that all non-US ISPs are obscure.

Skippern • July 12, 2010 12:39 PM

Re: Chinese Kill-Switch on internet:

A) It is just another step in censuring media
B) Chinese industry, government, and population doesn’t depend on internet services the way most western countries do
C) China is not a central part of the internet, merely a peripheral sector. Most European countries, together with US, Japan and some other are communication nerve centers, shutting down internet services here affect unforseen large areas, while shutting down all of internet in China affects ONLY China.
D) To have full effect than this would also include normal telephone services and scrambling of satellite signals, in other words interrupting ALL communication.

Disgruntled • July 12, 2010 1:06 PM

Hey Dis-functional Government, do something you actually have a mandate to do…….SEAL THE BORDERS!!!!!! Just a thought!

Mark • July 12, 2010 1:11 PM

What’s more important than shutting down the Internet is surviving without it. What if a solar flare fries all of our electronics one day? Do we have a plan to deal with that? Or is it the BP plan for an offshore oil leak: the that’ll-never-happen plan?

kashmarek • July 12, 2010 1:11 PM

I think we are missing the point here. The purpose is NOT to shut down the internet, but to influence or intimidate people that use the internet.

This is supposed to make you be a “nicer” user of the internet, and stay out of the way of the “not so nice” users (ie, big business, government; kill switches don’t apply to big business & government, which will have an exclusion list and the kill switch is likely only to apply to entities or individuals at the behest of big business or government).

jrr • July 12, 2010 1:25 PM

A lot of our employees are remote and rely on the internet to “get to work.” All of our branches of our company, dozens of them all over the US and a hundred or so more all over the world, rely on the internet to connect them together. We don’t have any leased copper or fiber anymore, it’s all carried on the internet. We’d be pretty much out of business right now without the internet.

mcb • July 12, 2010 1:26 PM

@ sidelobe

“How would you test the kill switch?”

“How” ought to be self-explanatory, though I’m imaging a national command authority “football” handcuffed to some vice-admiral from smurf command traveling one limousine back from the POTUS, wickedly complex yet deceptively reliable permissive action links, smurf command shut-down officers in natty uniforms validating the shut-down order in the quiet safety of the “kill switch” pod buried somewhere under the North Dakota prairie, and then an anticlimactic simulataneous turn of the dual-key system shut-down…and the internet gaming/porn/gambling takes a time out.

As for “when” I recommend smurf command pull the plug on the first day of every three day federal holiday weekend. That will give them an extra day to bring everything back up, just in case. Might be fun to spend a long weekend in 1989 every now and again.

Point • July 12, 2010 2:58 PM

I think you miss the point of the kill switch – it’s not isolating the US from the rest of the world, it’s shutting it down – completely – inside our borders. Verizon, AT&T, Comcast, etc all would terminate the actual US-based links. No transmissions at all.

So is it doable? Yes, there aren’t that many telco’s who own the pipes. Is it a good idea?

Hell no.

Dom De Vitto • July 12, 2010 3:26 PM

Getting the reasons in before the idiots do:

We can’t sit by while others prepare for global cyberwar!

We can’t let our children be prey for foreign pedophiles!

What about foreigners wanting to eat our kittens!

Think of the children!

We need to be one step ahead of the cyberterrorists!

PS. I’m available for speeches and presentations if anyone’s selling magic sticks which are sold as countermeasures 🙂

ygjb • July 12, 2010 5:32 PM

@skippern
C) China is not a central part of the internet, merely a peripheral sector. Most European countries, together with US, Japan and some other are communication nerve centers, shutting down internet services here affect unforseen large areas, while shutting down all of internet in China affects ONLY China.

Clearly you are not aware that China is the new India for outsourcing business operations. All the low-cost labour, without the developing workers rights issues.

scared • July 12, 2010 6:14 PM

I’ve seen pictures and Liebermans schematics for the kill switch.
Basically a big knife-switch on the wall in the Oval Office. All internet traffic is routed through the switch. When you open it, no data goes through. Not exactly rocket science…. what else do you need explained?

George • July 12, 2010 6:28 PM

@John: “Variations on a well worn theme. When it becomes clear that it is impossible to find a small needle in a very large haystack you create a plan to burn the haystack.”

That’s because the “Homeland Security” bureaucrats are so myopic and arrogant that they can’t even think about more measured approaches. Such as using a magnet to find the needle.

Better to destroy the haystack and shock and awe whoever put the needle in it. So what if the farmer loses his barn, crops, and home when the “security” flamethrower burns them along with the haystack? The farmer is expendable, and the scale of the destruction may leave all the farmers in the neighborhood with greater respect for authority!

Dale- • July 12, 2010 6:59 PM

It would be funny, if not so sad…

So, for example, we’re worried about terrorists communicating via the internet, or foreign enemies trying to control our systems. To thwart their efforts and “win” the battle, we’ll shut the systems down ourselves, dismantling our economy in the process. Hmm. Brilliant. OBL wants to do soemthing nasty to us, so we’ll shut down Macy’s on-line shopping catelogue.

Yep, sounds like government to me.

Clive Robinson • July 12, 2010 10:17 PM

Let us assume just for now that it is only protecting the “critical infrastructure” that this bill is aimed at. And further by critical infrastructure we apply the old cold war idea of “command and control” communications for “utlities” and “authorities and agencies”.

This begs the question what has changed since the cold war to make such a bill required?

The simple answer is the “free market mentality” of short term “share holder value”.

In the drive for “share holder value” a very short term mentality has developed in the minds of those in charge of the “critical infrestructure”. Inwards investment on maintaining robust and fault tolerant systems has all but stoped and existing systems are being used well beyond their original design capacity.

Further the drive for “share holder value” has resulted in the driving down of staffing costs. This means that the number of staff to do any particular function has been reduced. Part of this is by using communications to agrigate the command and control of the service to fewer and fewer staff in control centers more and more remote from the actual service control points.

Then to further cut costs staff have been put into various forms of “on call” where they effectivly sit at home waiting “to be paged” when the system develops problems. However the cost of the dedicated communications was high so as the cheap always on internet came along the “on call” communications was put onto that…

Those of us who suggested that it was a bad idea in terms of security or reliability and thus long term share holder value where at best regarded as “party poopers” and usually marginalised, ignored or fired.

The result is we have critical infrastructure services controled by systems running modified versions of MS Windows NT 4 conneccted to the Internet protected by at best “after thought security”. Oh and due to the modifications these NT4 systems have never been service patched or secured in any way.

Does this sound like a recipe for disaster?

Well I don’t know about you but it does to me, the question is who picks up the tab when it all goes wrong?

And for the “neigh sayers” go have a look at the critical infrastructure currently pumping out millions of gallons of crude oil that is getting washed up on the US coast.

What is required is not a “kill switch” but high availability high resiliance secure command and control systems, to services that are not “maxed out” to the point of becoming compleatly unresilient and significantly prone to cascade failures.

The problem is as seen with the gulf of Mexico recognising what is critical infrastructure and ensuring that the required systems are in place.

Oh and then the questions of oversight and who pays and how…

Joe Bogner • July 12, 2010 10:39 PM

NO! The internet kill switch idea is to impede the dissemination of inconvenient information. Big money has pwnd all media channels, but the internet continues to allow unauthorised, uncensored information to flourish. That is what the neo-cons are fearful of. If you don’t believe this, then think about how BP with the help of the coast guard and navy have shut out all observers in the gulf.

Gabriel • July 12, 2010 11:02 PM

Alright! Scorched Internet, the 21st century upgrade of a desperate strategy of a nation unprepared for invasion. Wow, how did we get to be the Russia of the 21st century?

Is Wendell Hicken still around? He can write the new game for this. Endless wasting of time at school and work. I recommend the MIRV, which in this version will stand for “Multiple Internets Reentry Virus”, it will make thousands of PC’s and routers burst into flames.

Tom T. • July 12, 2010 11:25 PM

Scary that China is now Lieberman’s role model. You like it so much, Joe, you go live there.

The real motive, or the one for which it would actually be used, is the same as China’s — to silence dissent. “1984” is here, but 26 years later than Orwell envisioned it.

@ Scott Jay: No, you’re not. This makes at least two of us. … cf. my post @ “Serial Killer = Terrorist”.

Charlie Hall • July 12, 2010 11:35 PM

Matt is correct. The bill is actually designed to keep the internet in operation, not to kill it. Time to retract this post.

Here is the relevant text:

`SEC. 249. NATIONAL CYBER EMERGENCIES.

  `(a) Declaration-

        `(1) IN GENERAL- The President may issue a declaration of a national cyber emergency to covered critical infrastructure. Any declaration under this section shall specify the covered critical infrastructure subject to the national cyber emergency.

        `(2) NOTIFICATION- Upon issuing a declaration under paragraph (1), the President shall, consistent with the protection of intelligence sources and methods, notify the owners and operators of the specified covered critical infrastructure of the nature of the national cyber emergency.

        `(3) AUTHORITIES- If the President issues a declaration under paragraph (1), the Director shall--

              `(A) immediately direct the owners and operators of covered critical infrastructure subject to the declaration under paragraph (1) to implement response plans required under section 248(b)(2)(C);

              `(B) develop and coordinate emergency measures or actions necessary to preserve the reliable operation, and mitigate or remediate the consequences of the potential disruption, of covered critical infrastructure;

              `(C) ensure that emergency measures or actions directed under this section represent the least disruptive means feasible to the operations of the covered critical infrastructure;

              `(D) subject to subsection (f), direct actions by other Federal agencies to respond to the national cyber emergency;

              `(E) coordinate with officials of State and local governments, international partners of the United States, and private owners and operators of covered critical infrastructure specified in the declaration to respond to the national cyber emergency;

              `(F) initiate a process under section 248 to address the cyber vulnerability that may be exploited by the national cyber emergency; and

              `(G) provide voluntary technical assistance, if requested, under section 242(f)(1)(S).

Trevor Stone • July 13, 2010 1:07 AM

Wow. That’s like a button to shut down all banking in case a country we’re at war with uses flaws in the financial system to attack us.

Clive Robinson • July 13, 2010 3:56 AM

@ HJohn,

With regards to the NSA “Perfect Citizen” program.

@ Jacob raised it a few days ago just after the wsj article, and I had a quick looksee to see what other info was about.

In short we know the project name, and a price, we also know who the prime contractor is (Raytheon). It has been suggested that an employee of the prime contractor is unsettled enough by the project to release some info.

We also know that the NSA released conflicting press statments after the article.

One asspect of this is “sensors”, it is claimed it is an R&D project and does not have “sensors” as a deliverable. Which might be true but… the prime contractor specializes in the design of sensors…

At the moment there is way way to little info out there to make a meaningfull comment.

Oh and after the “tempest in a teacup” response to the article one thing is definatly known. What ever the project is or is not about, it’s name “Perfect Citizen” was a very bad choice…

Perhaps Bruce could have a “worst secret project name” contest, I submitt “Not even in your worst nightmares” 😉

BF Skinner • July 13, 2010 6:33 AM

@Clive “worst secret project name

I submit – “Maybe they only had one rocket”

anon • July 13, 2010 6:50 AM

@matt, charlie

If we didn’t parrot hysterical rumors from other blogs that are easily debunked by reading the actual source material, what would the Internet be for?

Outlander • July 13, 2010 7:20 AM

To understand the bill, you might better ask the “cui bono” question. What kind of benefit would the us government get if they could “shut down the internet”? The answer is very simple: you, the people of the u.s., would not be able to communicate while they could maintain their communications. The american people are the target of this attack, not some “terrorists” or “security threat”.

HJohn • July 13, 2010 8:02 AM

@Clive: At the moment there is way way to little info out there to make a meaningfull comment…. What ever the project is or is not about, it’s name “Perfect Citizen” was a very bad choice.

I missed where it was raised before, but it’s tough to keep up with all the comments. I haven’t judged it yet, since, as you correctly stated, we don’t know enough about it yet to have meaningful dialogue. “Perfect Citizen” is definitely a horrible name choice.

alreadyonthelist • July 13, 2010 10:27 AM

@HJohn thanks for the link.
Maybe I’ll change my name to Imperfect Citizen.

Just wondering which Dept would do this switch thing? NCS?
Is this sort of in line with what NCS is already doing with WPS/GETS etc in terms of managing national security/observations/and actual emergencies?
http://gets.ncs.gov/docs.html

No One • July 13, 2010 10:41 AM

Sounds like cutting off the face to spite the nose.

(Yes, I know that’s reversed — it makes more sense like this.)

DCFusor • July 13, 2010 12:03 PM

As several others have pointed out above in various ways, all of these (inet off, NSA’s perfect citizen, patriot act, suppression of media around BP, other incidents) — are not the actions of a government taking care of its own people. If those were needed, where’s the credible threats they have stopped? No, I don’t consider some kids planning to shoot up an army base credible — or some guy blowing his goodies off in a plane (which they didn’t catch anyway) and so on. All pure baloney.

They are the actions of a government afraid of its own people because it knows it is doing a terrible job, and that we know it too — many of us. They want to keep that from becoming “all of us”.

I have never in 57 years seen so many people so angry about the government and the power grabs for central authority we’ve been seeing the last decade or so. Since they are listening, they have to know it too. Were I them, I’d be running pretty scared. And fear is what makes people most dangerous.

Guess it seems simpler for them to just repress and to fix the blame, rather than fix their problems.
We all know how that ends eventually.

Wactching the Demise of the Americans • July 13, 2010 12:55 PM

I have been watching everything that media has blacked out on the oil spill to the Iraq war, via the internet. When i heard this i couldn’t stay silent anymore. Joe Lieberman is Jewish, they run the Federal Reserve and everyday people are finding more and more stuff on how they are running your country into the brink of financial collapse. You see if Lieberman and the rest of the “Jewish” leaders in office are discovered by the people they will be exposed even though we see them destroying everything. They are trying to take the internet because we know and “The Truth Will Set Us Free”, this is another way the “Jewish” people try to control us, the “GOYIM”. We are cattle to them just batteries to fuel their pockets. If they get this ability we are all done for. Americans, Canadians, Mexicans, everything i stand for tells me there is more reasoning behind this. “HIDDEN AGENDA”

Jarda • July 13, 2010 1:01 PM

“it would be impossible to ensure that the effects of a shutdown stayed domestic and didn’t cause similar disasters in countries we’re friendly with. ”

Like if the USA cares….

BTW, what about shutting down the root DNS servers? Aren’t they located in USA (or most of them)? That would cause already a great havoc.

MoJo • July 13, 2010 1:35 PM

Turing off the internet is a bit like seeing ICBMs headed your way and deciding that the best defence is to nuke yourself first.

Matt • July 13, 2010 2:12 PM

The Internet kill switch reminds me of a Family Guy episode where ‘future’ Peter cuts off his right arm to prevent ‘past’ Peter from cutting off the fingers of his right hand. The reactionary measure is worse than the threat and ineffective in preventing the threat from happening.

Jaen Saul • July 13, 2010 6:38 PM

re: Jarda

Root servers use a technology called “anycast”, meaning the same IP is routed to different geographical locations, so killing the US servers theoretically leaves the system working. I have no info about VeriSign anycast deployments, so .com/net/etc. domains might still be disabled.

BF Skinner • July 14, 2010 7:46 AM

@Wactching the Demise of the Americans / Outlander / Joe Bogner
Conspiricist trolling noise. Feeble speculation dressed up in rant, based on supposition and fear.

The thing that has been touched on only briefly in discussion here is that –according to Senators Lieberman and Collins; the Prez already has this authority unchecked. That means the Prez could issue a kill order today and Congress wouldn’t be able to do anything about it until they got a bill through.

When two branches of the Federal government agree on a legal theory that leaves only the courts to say “foul”. Remember the detainees. Bush and congress agreed he should be able to disappear anyone. It to the court to tell him (them) he was behaving criminally.

Should the president issue the kill order it would require someone to oppose it in court.

Perhaps the senators intention here is to defend cyberspace against the Executive branch.

If the wingnuts hyperventilating hypothesis had any tangential connection to reality and Obama was controlling the signal for the purposes of subjugating the world to ‘an offshore cartel of criminal bankers’; We wouldn’t be talking about it on this blog right? The order would already have been given.

You could better spend your energy ensuring net neutrality. In the list of things that threaten us – Unchecked Corporate power ranks above Checked and balanced Gov’t power. (and no the markets aren’t enough. They are neither free or allowed to be by companies who have monopoly and combinational power.)

Perhaps our elected leadership is (on the whole) more prudent then the screaming heads would like us to give them credit for. Recall that people scream to push reason to the side. This is a survival method so emotion and unthinking hardwired circuits can motivate.

People who are screaming (and fast talking) of the end of the world, at all decibles, from all points, from on high are the ones attempting manipulation.

DCFusor • July 14, 2010 9:36 AM

@BF Skinner — Amen, pure and simple.

I think perhaps the basic concerns here are that we let the thing get out of “our” hands. “Back in the day” we had comm systems (ham radio?), BBS and so on that didn’t really depend on much that was centralized and out of our hands — we assumed even the phone system would never stop working because “who would ever contemplate that dumb idea — and a station wagon full of tapes still has a ton of bandwidth”.

Out of our own hands — un-diversified, and thus easily shut off — a single point of failure kind of idea, here. Scary now that we realize how valuable the internet is to us all. Anybody into security or reliability should understand why anything that amounts to a single point of failure is a bad idea.

We sacrificed control to some nice, “friendly” corporations because it made things easier, and perhaps a little cheaper. Certainly more scalable, and as someone I don’t otherwise like once said “quantity has a quality all its own”. In the case of connecting almost everyone to almost everyone else, I’d have to say that statement was never truer, as the effects of that have shown with all the new idea transmission and collaborations (I am an inventor and scientist) that have resulted in my own endeavors that simply would never have happened otherwise. I now make my living using the internet as a tool, which enables me to live in a place that wouldn’t have been tenable otherwise, or surely not as easy.

We took the bait willingly, and now don’t like some of the consequences of handing the control to others; we didn’t want the responsibility (and liability, costs etc) that goes with authority — the same old game, again. We let our greed for an easy simple (and probably undeserved) lifestyle trap us yet again.

“You take the blame for any failure, while I retain all the power to make it succeed or not, and of course any credit if it does” is a game long played out in just about every place I’ve ever been a wage slave — including inside the intelligence community, perhaps especially there.

Lucky I got wise and started running my own businesses after I realized that and quite a number of other things, as in management by crisis rather than by true leadership.

To folks like me, any statement that smells like “Trust me, I know what’s best for you” is an epic fail. Even with just me involved, which “me” are you talking about? I’ve had a long life, and been many things from child to tech, engineer, to musician, to homeless bum, to race car driver, to CEO, to market trader, to fusion scientist — which “me” is it that you know what’s best for, again? I have a real problem with that idea. Better in most cases to let things work themselves out.

This is why super centralized power (or anything) is intrinsically bad. In a dense city, you need rules about swinging your arms, because you might hit someone in the face. Where I live (the serious boonies), if you can even see me, or what I’m doing, you’re trespassing — so the rules are and should continue to be different for the two places.

One should be able to choose — if you want the rules of a city, live in one and get the benefits that accrue from that (if any), if not, live someplace else where fewer restrictions are required, and different benefits result. It is and should remain a choice.

Personally, I’d prefer to be governed by those with a bit more respect for the Constitution (read for the spirit of the ideas, not to find ways to weasel out of the letter of the law), but maybe that’s just me?

John • July 14, 2010 10:01 AM

@George: “That’s because the “Homeland Security” bureaucrats are so myopic and arrogant that they can’t even think about more measured approaches. Such as using a magnet to find the needle.”

Indeed.

Reality has truly been suspended and replaced by a fiction and fantasy crafted so as to sell something. I’m not ignorant to the fact that government, and it’s bewildering bureaucracy, has always been akin to a used car salesman. When large segments of the voting population are willing to buy a Pinto it’s hard to see the upside of selling anything better.

Peaking out from the comfortable place that is sarcasm and parody for a moment:

I can only imagine how terrifying it must be to a technically capable employee asked to build just such a magnet. The requirements being that some needles are to be not only unmolested (the super great, special sauce ones) but entirely undetected by this magnet. Of course any “information” that would be helpful is purposely withheld because, well, umm, hmm, your just a highly skilled employee and not to be trusted with the formula for the special sauce.

That said, and for the sake of argument (and the return to sarcasm), assume such a magnet was created, it’s not hard to imagine the frustration of it’s skilled creators when they see some other guys (looks like republican, smells like republican, feels like republican, tastes like republican, …) arrive on the scene with a gas can and a lighter.

Len Inkster • July 14, 2010 10:58 AM

@Matt, @Charlie

Whilst at first glance it might seem that the Bill actually enforces more resilient Internet, you need to read the clauses a little closer.

Take the section you quoted.

`SEC. 249. NATIONAL CYBER EMERGENCIES.

`(1) IN GENERAL- The President may issue a declaration of a national cyber emergency to covered critical infrastructure. Any declaration under this section shall specify the covered critical infrastructure subject to the national cyber emergency.

Note the term “Critical Infrstructure”?

`(2) NOTIFICATION- Upon issuing a declaration under paragraph (1), the President shall, consistent with the protection of intelligence sources and methods, notify the owners and operators of the specified covered critical infrastructure of the nature of the national cyber emergency.

Note the term “Specified Covered Critical Infrstructure”?

`(3) AUTHORITIES- If the President issues a declaration under paragraph (1), the Director shall–

`(B) develop and coordinate emergency measures or actions necessary to preserve the reliable operation, and mitigate or remediate the consequences of the potential disruption, of covered critical infrastructure;

Note the terms “mitigate or remediate” and “Covered Critical Infrstructure”?

`(C) ensure that emergency measures or actions directed under this section represent the least disruptive means feasible to the operations of the covered critical infrastructure;

Note the terms “Lest disruption” and “Covered Critical Infrstructure”?

Call me paranoid but these terms all add-up to one thing, possibility of an attempt to create a kill-switch whilst allowing the “CNI” to continue. Anyone heard of Internet2? What would be the problem of shutting down the Internet and moving all CNI systems (at the flick of a switch) to Internet2?

And for all my fellow security egomaniacs out there that think they can get around a kill-switch. Just imagine, with the joint computing power of the NSA, CIA, FBI and US Military what they could do in a DDOS attack on the Internet. It wouldn’t “Kill” the internet per se, but it would make it impossible to use. Same thing in my mind.

John • July 14, 2010 12:38 PM

An omnibus approach to this sort of legislation which leads, inevitably, to some “authority” having the the power to define the scope of it’s own “authority” at a future time and in a manor of it’s own choosing is of course lunacy. Come on now! Critical Infrastructure? Your stuff? My stuff? Green Cheese? All the same as far as the text of the bill is concerned.

Kill switch (loud exhale…)? Yes, No, Maybe, Wild guess… Much more likely some ever changing set of “things”. For profit “things” sold to hapless legislators. What is assured is that this will lead to more arbitrary nonsense along the lines of laptop seizures at the airport.

Serious discussion of the undefined, while entertaining, is ultimately a waste. Comment or analysis beyond the obvious danger of unrestrained authority and corporate sponsored corruption will have to wait for the “fallout”.

On the other hand, could this be a gold plated, diamond encrusted opportunity to wonder over to xtranormal dot com and have a little fun with parody? Hehehe…

William Calley • July 14, 2010 6:36 PM

Ah, a new generation of “We have to destroy the village in order to save it.” Agent Orange did NOT, it would appear, cause sterility.

Matt • July 14, 2010 7:17 PM

@Len,

“Call me paranoid but these terms all add up to one thing”

OK, I’ll call you paranoid.

Merely restating “covered critical infrastructure” doesn’t actually add up to anything. If you want to write a law to protect “critical infrastructure” you need to, you know, use the term.

Clive Robinson • July 15, 2010 4:45 AM

The idea of a “Kill Switch” can be implemented in many ways from a deliberate choice through to unintended consequencies.

For instance access to source code is a much debated issue for security but it tends to be “closed” -v- “open” argument. What rarely gets talked about is “asymmetric disclosure” and it’s very real implications to not just individual computer security but the computer security of nations.

Asymmetric disclosure is where a normaly closed source organisation discloses (usually for comercial reasons) the source code to various foreign governmental organisations. Frequently these organisations and/or their sponsoring nation have already shown questionable and disquieting behaviour not just to it’s own people or people of other nations but importantly those of the home nation of the closed source company. Oh and the very very clear intent to extend their sphere of control as far as they can at almost any cost.

In many cases the closed source company doing asymetric disclosure is the dominant company in the market sector, (with the official reason for the disclosure to reduce or eliminate piracy in the foreign nation…). Thus any error in the major companies source code represents a major issue to ALL users of that software and many others beside.

Now the asymmetry is actually a case of “the haves” -v- “the have nots” when it comes to security. If you know of a vulnerability then you have three options,

1, Disclose it.
2, Keep it to yourself.
3, Exploit it.

Disclosure in all it’s forms is in general the least harmfull action to take, as invariably the vulnerability will be fixed in fairly short order these days, thus overall minimising the “exposure window”.

Keeping it to yourself is actualy either an act of stupidity or one of malice as you can always find a way to disclose a given vulnerabilit anonymously.

The ability to find the vulnerability tends to preclude stupidity which effectivly just leaves malice as the reason to not disclose.

This malice ranges from an ‘ace up the sleeve’ / ‘just in case’ mentality through to ‘global domination’ plans/fantasies (Often the only difference is a lack of force mulitipliers and experiance on the part of the person with malice not the actual plan they come up with).

Which brings us around to exploitation.

With information systems as has been ably demonstrated with bot nets and their ilk force multipliers can be quite easily found and deployed by just one or two individuals working alone. The current failure to capitalize on the likes of botnets and other malware by their progenitors is usually due to the lack of experiance.

Now ask yourself what “capitalisation” means in the broader sense. Put simply it is the ability to “profit” by the asset (knowledge) you have that others don’t (even though it may be infront of their nose as with viewing source code).

Profit does not of necessity mean “monetarisation” of your asset, for a political or national player it could simply be for the control of “access” to information by an opponent.

Now as we know “access” is a spectrum from no access to full access with “control” being orthagonal to this spectrum again ranging from no control to full control giving a plane of oportunity. After reflection you will realise there is another plane orthagonal to both of the others and this is “possession” which again ranges from none to full.

However when it comes to intangable information unlike tangable physical objects there is a very interesting difference. With tangable assets it is usualy fairly easy to control access and thus possession and importantly the ability of reestablishing full control if possession is regained after it is lost.

With intangables it is extramly difficult to control access whilst maintaining usability thus possession is allways at best uncertain. Worse once possetion is lost it is currently not possible to regain it.

Normaly we only consider this interms of maintaining or getting access to secrets, and one assumption is that once it’s out it stays out.

But this is not of necessity true in a world moving from immutable to fully mutable storage as the norm (think how many web articals, films, music tracks, photos you have in mutable format such as HD’s and backup tapes).

Again we think about protecting as controling access to others but invariably very little about access to ourselves.

We know from root kits that systems can easily be made to lie to us about what is on our systems and we also know it is very very difficult even for experts to say for certain what is and is not on a hard drive or other device simply because we see it through the use of technology that is often not under our control (we only assume it is).

Now we know that there are working for state actors people with various abilities that in agrigate provides a very extensive body of knowledge about making and bring to fruition plans no matter how fantastical they appear to others.

Thus it could be argued that disclosing “closed source” to state level agencies of other nations with very probable and often proven hostile intent to the home nation is questionable at best.

And at the very least it leaves ALL users of the software who cannot see the source at a considerable disadvantage to the agencies of hostile nations who do have access.

Now people will argue that you don’t need access to the source code as you can use probablistic test tools like “fuzzers”.

But they don’t go on to say how much more usefull having the source code is when using a fuzzer.

Basicaly the fuzzer may find a fault (then again not) when it does you would normaly spend considerable time “black box” testing the fault to charecterise it. With the source code you can quickly see if the fault is at the source code level or lower. If it is at source code level you can quickly find other examples in the code which a fuzzer alone will not do, likewise with libary code.

And as we know programers are creatures of habbit and under preasure to perform, which usually means a very high level of code reuse, which almost guarantees that one fault will be replicated many many times.

Thus being in possession of the source code will always give you an advantage when it comes to finding security faults. The advantage of the “many eyes” of open source is that security related faults almost invariably become public knowledge very quickly and thus get fixed much more quickly than closed source code.

However this time difference is of great advantage when asymetric access to source code happens. Those with access can find more faults in much shorter time periods than those without. Also they know that they will have covert access to them for considerably longer than those without access. Thus the have considerably more time to deploy any malware they chose which is an extrodinary advantage.

When this occurs in major software it provides advantages to those with the knowledge and experiance to exploit them covertly that are almost unimaganable to others not in that position. For a real world example think about the allied advantage in cryptography during WWII over tha axis powers systems (Enigma / Purple) and the considerable benifits it brought (atleast a two year shortening in the war in Europe).

Now the case for the advantages to covert access to information are atleast known to a certain extent (as I’ve detailed above) but what about the opposit?

What about being able to deny access on a global basis?

We currently assume it’s not possible but is that true?

We know that certain nations (China Iran Saudi etc) have “national firewalls” but these have been found lacking. We also know of atleast one nation (China) who are trying to put their firewall on every users machine as what is effectivly an access hypervisor over and above a users wishes.

And we also know that Microsoft have put in place the base technology within their own products (Office etc) to provide global control of access to copies of single documents or documents from a single organisation etc (it is rumourd that MS will hö.

So we have the software with a built in kill switch already deployed and more than one nation with clear objectives to control access to information originating from themselves or others given access to the inner most functioning of the kill switch and significant advantages in finding exploitable faults in software that will give them access and thus abbility to put kill switch exploiting code in place…

Oh and root kits to prevent the detection of their exploiting code.

mcb • July 15, 2010 12:18 PM

@ Wactching the Demise of the Americans

Somebody needs to refill his prescriptions.

hylas • July 15, 2010 2:20 PM

In response to:

The Threat of Cyberwar Has Been Grossly Exaggerated

Internet Kill Switch

Bruce – Your Ivory Tower is showing.

~hylas

ABV • July 15, 2010 8:04 PM

I think that this becomes interesting when combined with the adoption of cloud computing in non-USA countries – particularly for services being performed in the cloud like email. Whilst not core to the operation of critical infrastructure itself, it is core for the functioning of tbe business and people that operate that critical infrastructure. It can also be core to the functioning of agencies that form part of a country’s emergency response to things like terrorist attacks and natural disasters – critical civic infrastructure

A possible scenario: an NGO or government agency decides that the cost of running mail exchange infrastrucutre for all their distributed sites is prohibative in comparison to subscribing to software as a service via a US hosted provider. The attack occurs and the communications are down. The agency or NGO now has no email system. This would become particularly problematic should the agency or NGO be part of country in question’s emergency response plan. Most organisations would be operationally comprised without email services.

This could, of course be an argument for not adopting public cloud computing.

J • July 20, 2010 11:09 AM

Wanted to let you know that the German Police Union BDK is proposing the exact same idea: A Kill Switch for the German internet. They call it the “reset button for the internet”.

Klaus Jansen, the head of this union, refers to the USA and the bill Bruce was commenting on. And since the Americans consider it, we need it too…:

http://www.neue-oz.de/preexport_startseite/20100717_Kriminalbeamte_Netzsicherheit.html

Mr. Jansen is quoted saying (rough translations, English is not my first language):

“The internet is the world’s biggest crime scene. We finally need the equivalent of traffic regulations for the internet. Otherwise, the country’s capacity to act is in jeopardy.”

“An attack on the digital infrastructure of our country can be as devastating as an atomic attack. This is why we need a ‘reset button for the internet’, so that the chancellor can take Germany off the internet in the case of emergency. This is the only quick defense against an ongoing attack.”

Oh, and they also want to ban anonymous internet usage.

The sad thing is that this is not a fringe group, but a powerful lobbying group within German interior politics.

Jason • August 14, 2010 12:14 AM

we would not be shutting down the internet, we would be shutting out americans from the internet, so the bad guys can do what they do without us knowing bout it. To the gov’t im sure they think this is a good idea, and they would do it int eh name of security too.
Well i see we didnt like when iran was blocking internet, but whne we do it in america, it will be ok in the gov’ts eyes.
Dont want america learnign the truth that we might be getting destroyed by an enemy.
Use linux to make viruses a thing if the past. windows enabled viruses and worms and should be outlawed.

Richard Nelson • August 23, 2010 10:15 AM

“any actual shutdown would be far more likely to be a result of an unfortunate error or a malicious hacker than of a presidential order.”

I wonder if there’s a general principle here? In the old days when I was involved in computer centre ops, we had one of those “true” UPSs, which fed the centre off a bank of batteries while the Diesel MG sets spun up. Of course, the system caused more outages (at a bank!) than grid failures.

Jen • September 17, 2010 11:25 PM

I’d be more impressed with arguments posted here if the arguers could spell and use appropriate grammar and punctuation.

Agree with Bruce, the kill switch idea arises from ignorance about the nature of the internet.

Even if it could be accomplished, it would undoubtedly be hacked as soon as possible simply to prove that the hammer is too big for the job.

The economic damage would be so far-reaching that even a planned test, envisioned perhaps like a Tuesday morning air raid siren at 10am, would create sufficient outcry to bring down any politician using it.

The effect on the banking industry alone would guarantee that this bill will die in committee. Banks make their money on transactions that take place in seconds and split seconds. I don’t see that industry, for one, placing the power of such interference in anyone’s hands.

gumshoe • October 1, 2010 5:48 PM

It is ridiculous that people think that it is possible to shut down the internet. It called a web because it consists of millions of servers around the world. Turning off the web would be like my light switch in my room shutting off the worlds power. There is no central control station for the internet and if there was, who are we to control the world’s communication. Obviously, the powers to be, for now, don’t have a clue what the internet is and how it works.

Thanks for letting me vent…Gumshoe

hal • January 28, 2011 9:10 PM

Egypt has now effectively done what many here claim is impossible. They have shut down the internet in their country. In the US it may not be possible to shut down the internet completely, but if the major backbone providers were instructed by the government to shut down, they would do so. There are only a few of them, and they are all big corporations who will not byte the hand that grants them privilege.

Just how much traffic do you imagine could be handled by “satellite phones, obscure ISPs in Canada and Mexico, long-distance phone calls to Asia”?

If you imagine that a government wouldn’t take such an extreme measure to protect itself from its own people, please explain what just happened in Egypt.

If you imagine that the US government wouldn’t do it because of the damage it would cause, ask yourself whether that would make any difference at all to a ruling oligarchy that suddenly finds itself on the verge of an economic collapse and in danger of losing power.

Slow • February 1, 2011 8:56 PM

Shutting down the Internet is opossible but it would have to be in conjunction with shutting down phone systems to be effective. Shutting down the Internet would primarily affect the corporate sector.

Internet Kill Switch

Comments

Leave a comment Cancel reply