Could We Ever See An Internet “Kill Switch”?

This past week I was interviewed on the evening news about Egypt’s decision to cut itself off from the Internet, and whether we might ever see something similar in the United States, in light of recent proposed legislation on a “kill switch” for the Internet.  I decided to elaborate on my thoughts from this interview.

Internet censorship is more pervasive than most people realize; it takes place in nearly 60 countries.  Last week, however, we witnessed an unprecedented event, whereby Egypt shut down Internet connectivity entirely.  In Egypt, all Internet traffic passes through only five Internet service providers (ISPs), so a government can shut off Internet traffic by controlling just a few Internet service providers.  An Internet “kill switch” is really a metaphor: these five Egyptian ISPs went offline one-by-one over the course of a few hours, with the large national incumbent ISP, Telecom Egypt, leading the way, and three other ISPs following their lead over about 15 minutes.  Four days later, a fifth ISP, which hosts many of the Egyptian financial institutions, was shut down.  Each of these ISPs has what is known as a “border router”, a device that forwards all traffic between its users inside Egypt and the rest of the world.  In the same way that network operators in this country can install filters to stop traffic from certain unwanted locations (e.g., from spammers), the Egyptian operators likely installed a filter to drop all Internet traffic between Egypt and the rest of the world.

This action raises many questions.  In light of recently proposed “kill switch” legislation (see page 76), many people wonder whether something similar could happen here in the United States. This outcome is unlikely.  First, the United States has more ISPs and connection points to the rest of the world.  Cutting us off would require control over many more Internet service providers and points of entry. Even if the government could order all ISPs to cut ties with the rest of the world, we would not feel the same impact: Because many of the sites and services that citizens want to access (such as Facebook and Twitter) actually host their services within our borders, cutting off the United States from the rest of the world might have a larger impact on the rest of the world than it would on us.

Another question is whether Internet access is a human right as much as water, electricity, and food, and, if we think it is, how we might guarantee that citizens have free and open access to information in the face of repressive or authoritarian governments.  There has been much work on circumventing censorship, but governments eventually block them.  A complementary strategy might be to somehow entangle the traffic of ordinary users with traffic associated with critical infrastructure and activities.  The OECD released an estimate that Egypt lost as much as $90 million as a result of the Internet shutdown.  Egypt only shut down the ISP hosting the Egyptian stock exchange for one day instead of five.    The more everyone’s Internet traffic is intertwined with the traffic that is critical to a country’s revenue and operations, the more difficult it is for a government to cut off Internet access to its citizens without crippling its own operations.

Finally, while having no Internet access whatsoever seems dire, it is worth asking whether there might be worse scenarios.  While a complete shutdown of the Internet is certainly inconvenient and costly, a more competent government or organization might use the Internet to persuade and control its citizens, perhaps by sending propaganda or misinformation through services like Twitter and Facebook.  We did see small-scale instances of this, where Egypt forced a large cellular provider, Vodafone, to spread propaganda through text messages.  A far more disturbing scenario may occur when a government harnesses the Internet to spread misinformation or influence public opinion.  Unlike a complete shutdown, such manipulation is more subtle: since it doesn’t disrupt information exchange, the average user may not even notice it.  In fact, it is likely that this practice may already be occurring, perhaps even here at home.

About Nick Feamster
Nick Feamster is an associate professor in the College of Computing at Georgia Tech. He received his Ph.D. in Computer science from MIT in 2005, and his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively. His research focuses on many aspects of computer networking and networked systems, including the design, measurement, and analysis of network routing protocols, network operations and security, and anonymous communication systems. In December 2008, he received the Presidential Early Career Award for Scientists and Engineers (PECASE) for his contributions to cybersecurity, notably spam filtering. His honors include the Technology Review 35 "Top Young Innovators Under 35" award, a Sloan Research Fellowship, the NSF CAREER award, the IBM Faculty Fellowship, and award papers at SIGCOMM 2006 (network-level behavior of spammers), the NSDI 2005 conference (fault detection in router configuration), Usenix Security 2002 (circumventing web censorship using Infranet), and Usenix Security 2001 (web cookie analysis).

5 Responses to Could We Ever See An Internet “Kill Switch”?

  1. Sunil Garg says:

    Even if the government could order all ISPs to cut ties with the rest of the world, we would not feel the same impact: Because many of the sites and services that citizens want to access (such as Facebook and Twitter) actually host their services within our borders, cutting off the United States from the rest of the world might have a larger impact on the rest of the world than it would on us.

    I agree that a widespread internet shutdown in the US would be more difficult than it was in Egypt simply because we have quite a few more ISPs here. However, if the US government decided to strong-arm ISPs, its first move probably wouldn’t be to ask for the revocation of international BGP routes.

    For example, turning off Comcast’s (or AT&T’s, Verizon’s, Time Warner’s, etc.) DNS servers would significantly impact the American public, as those companies account for ~50 million broadband subscriptions in total. And at the point the government has convinced four corporations to turn off DNS, it might as well ask them to disconnect the copper entirely.

    That’s not an entire shutdown, but one could see how we might get close.

    • Great observation. I think you’re right that strong-arming ISPs to shut down their DNS servers would likely cripple a significant number of users and is probably a more plausible scenario in the US than withdrawing all BGP routes. But, users have other alternatives for resolving DNS names: there are also many open resolvers (and, if the government tried shutting down the ISPs’ default resolvers, I bet more open resolvers would pop up).

      There’s one other distinction worth noting: withdrawing BGP routes affects traffic from outsiders, as well as insiders. For example, with a shutdown of Comcast’s DNS servers, users from other countries could still reach services hosted in the US. As far as my reading of the Internet “kill switch” in the US, it seems as though the motivation is to protect critical infrastructure from unwanted traffic. Shutting down DNS servers of the broadband providers probably wouldn’t protect our infrastructure from outsiders, since domain names would still resolve for the attackers, and IP prefixes would still be routable.

  2. Pingback: Tweets that mention Could We Ever See An Internet “Kill Switch”? « Connection Management -- Topsy.com

  3. Nick,

    I hope that you will re-visit this topic soon!

    Re: how we might guarantee that citizens have free and open access to information in the face of repressive or authoritarian governments.

    There are many repressed countries using technologies such as VPNs, TOR and the Cocoon Firefox plug-in, but some at the risk of imprisonment or worse. A few months back (May) a Tunisian Hactivist took over one of my Gmail accounts, and a few domains. The hack was not meant to be malicious, my accounts were held until I agreed to tweet about the Tunisian revolution.

    Tunisian unrest was still alive in May – though not as severe as earlier this year.We need more people in the world today to come back and address these type of questions – :)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 38 other followers

%d bloggers like this: