Saturday, February 26, 2011

The Internet Kill Switch

Recently in response to the activism in Egypt, President Mubarak "shut down" the Internet. While there is some question as to how effective this was, to the extent that it worked at all, it was because there were only two Internet service providers and they were creatures of the decades old "emergency" government.

Currently, prompted by fearful but impotent bureaucrats, the US Congress is considering giving a similar authority to the President of the United States. Needless to say, there is organized opposition to any such expansion of government authority.

In response to the opposition, a colleague wrote as follows:

Editor's Note (Schultz): Opponents of giving the U.S. President the
right to shut down the Internet are like those who oppose a mayor of a city being flooded by broken water mains being given the right to shut off the water. As useful as it is, the Internet is also capable of being used as a destructive weapon, and at least to some degree it has already been used in this way numerous times. Someone must have the authority to make decisions concerning its continued operation in case it is used outright as a weapon.*


The overt premise here is that the Internet "can be used as a weapon." While I concede that any infrastructure, indeed any artifact, can be misused, it is absurd on its face to compare such misuse to weapons like bombs and shells. The implicit assumption is that shutting it down is an effective defense. My mother called such a defense "cutting off one's nose to spite one's face."

Moreover, the analogy does not hold. One does not need the mayor to shut off the water. The water department will do it; they need no additional authority to do so. What is perhaps more important, they can be relied upon to do so in the least disruptive way. They can be relied upon to preserve as much of the capacity as possible.

Think about SQLSlammer. First it did not respect national boundaries. Second, before the governments of the world were even aware there was a problem, the network operators recognized, identified, and filtered the disruptive traffic. They did not seek permission but their judgment was so good and their action so measured that no one has ever even questioned them, much less faulted them, for this preemptive, not to say precipitous, action.

I am unable to envision any attack against, or via, the Internet where killing it is not worse than the attack. Indeed, the closest thing that we have seen to an Internet attack was the denial of service attack against Estonia. While one can imagine a politician using a kill switch in such a situation, it would be a solution at least as bad as the problem.

Most of the use of the Internet in warfare will be for intelligence gathering. Most of this will use open sources; attacks against hidden sources will be covert and low-intensity but in no case sufficient justification for shutting down the Internet. Adversaries may wish to deny one another its use in time of crisis but killing it simply plays into this.

However, what we have been taught to fear is the use of the Internet to mis-operate the controls of other infrastructure. The Congress has heard testimony that this risk is overstated but in any case, the proper defense is local to those controls, not a global shut-down.

I am unable to envision any case where the POTUS is better equipped to make decisions about the operation of the Internet than those who operate it day to day. Can you envision any case in which such a decision would not be political?

Indeed, to the extent that one believes in "Cyber War," one might ask whether a political decision by one country to "kill" the Internet might not be seen as an act of war by it's neighbors. We certainly saw the political decision by the President of Egypt to shut down the Internet as an act of oppression, not to say war, against his citizens. Indeed, it is far easier to envision such a capability being used offensively against one's own citizens than defensively against any adversary.

The Internet is designed to resist any and all attempts to shut it down. It should, can, and does survive multiple simultaneous component failures. Moreover, it is a poor respecter of national boundaries. Where would you propose to place such a control?

On the other hand, it is quite easy, particularly in light of recent events, to envision such authority being used to manipulate, intimidate, or control for political reasons. Like the USA Patriot Act, this kind of authority simply begs for misuse and abuse. For my comfort, both T and VZ are already far too willing, not to say anxious, to cooperate with the political authorities.

Before you support this proposal further, I suggest that you go to YouTube and reprise Michael Chertoff's demonstration of government crisis decision making. Instead of listening to them whine about their lack of authority, watch the process. Then ask yourself what the network operators are doing while this process is going on.

Government is the tool one uses when one wants to kill hundreds of thousands of people. It is really terrible at, for example, surgery, or other measured responses. There is a reason that we divide and limit it's powers.

Be careful what you ask for; you might get it.


* Quoted with implied permission form SANS Newsbites.