Internet Passports

The internet is an open network through which computers can connect. Each computer has an addres, its IP address, which usued to be 4 times a number between 0 and 255 (ipv4), now it is an 128 bit address (a bit can be 1 or 0) that can look like this 2001:0db8:85a3:0000:1319:8a2e:0370:7344 (ipv6). If you look up the Google.com website your computer goes to a special server, a DNS server, asks for the address above (say 64.233.160.0 ) Then goes sends a message to this address, which is like a sound, that has to go through a maze, first room 255 doors, take door 64, second room 255 doors, take door 233, third room 255 doors, take door 160, last room, 255 doors, take door 0.

Behind door 0 is our computer. It listens to what happens at the door, it opens the door when you arrive with your message, it takes the message and depending on what it is it does something with it. The message can be send to a server, like the one from Google, and read “give me search results for bikini”. You can find out that message yourself by typing bikini in Google, you read the address bar when the results show up, it will read like this :

www.google.com/search?q=bikini&oq=bikini

So that’s the message you send through the door, the reply that Google send you is the page you are looking at. This is how the internet works, and you can basically type any computers addres, by name or by IP, and send messages to them. The internet is open that way, and the amount of messages send across it daily to all kinds of addresses, be it your mobile phone or PC or server or refrigurator is mostly unobstructed.

We don’t realize how many machines are connected to this same open internet today, even as the numbers are increasing. They are not only PCs, tablets, mobiles, but also watercookers, gates, factories, waterlocks, bridges, trafficlights.. All these machines are increasingly linked up to the same network because the parts are cheap and the protocols used are wll known. This is increasing the vulnerability of our infrastructure, factories, universities and even government to hacking. Even if you cut off computer networks from the outside world, a small real life hack (so someone breaking and entering and hooking up a Wifi hotspot or ethernet link where it shouldn’t exist) suddenly expose your hardware to extreme remote control.

The internet can let people who are on the other side of the planet control your computer

An insulin pump that is exposed on the internet, and a patient database in a hospital that is exposed by hackers, could combine in the administration of a lethal insuline dose to a patient with undesirable political affiliation.

We read about ransomware, which is software that is accepted by computers that locks up data and only makes it available again if the right password is used, which can only be bought with hard to trace bitcoing. These kinds of acts are now common, and large institutions are paying $100.000 to not be disrupted.

Once you delve into the world of hacking and what has been happening a picture emerges of tower blocks full of programmers in China, of ransomware criminals in Russia working for Putin. The black market in worms and trojan horses (software to get other software on your PC) is triving, and countries like the US operate multi year programs to hack systems of enemies (they destroyed Irans nuclear centrifuges through a software hack). It is as one of the journalists specializing in it calles it “a war nobody sees”. It is no longer a game, the internet can be weaponized.

The open internet is like an open gate

Net neutrality is a different topic from what we are talking about here. Net neutrality means that different consumers do not get different access to the same servers within a network of a country. To some providers it makes sense to reduce the bandwith of some customers, because they are low value and increase that of others, because they are high value. A bit like keeping the homeless out of a shopping mall. The problem with that is that people pay for access to the internet, and the ones that want to block access do not own the interent. So the shops in the shopping mall that want to keep out the homeless do not own the grounds outside their shop, that is public space! This is another discussion. What this post is about is international warfare through the internets.

To protect a country it may become necessary to vet the traffic coming in. To filter traffic which is energy intensive, so attacks and worms and other hacks get less chance for succes. Of cours this is already going on. Hackers and cyber criminals take over servers in the cloud or elsewhere to do their bidding, for some attacks that is essential, the MDOS attacks basically storm the door of a server until it drops out of its hinges then the protocol breaks down and the server becomes unprotected (highly suggestive, a bit like people).

It seems inevitable that more barriers will be formed when it comes to access over the internet. An internet passport will be hard to avoid. Artificial intelligence can also play a role and is now being used to recognize suspicious patterns in traffic. Those can be countered with AI systems intent to penetrate through such defences. The task of filtering traffic is hard, and even the certificate systems, used to determine if traffic is from a reliable source, have been hacked. Any security officer of critical infrastructure will want to take the local network offline, but what do you do with the traffic lights, bridges, gas pumps, water pumps etc. ?

Every connection a VPN connection?

VPN (Virtual Private Networks) have been used for a long time, and are still used, even though it proved hackable and hacked several times. VPN creates a secure interaction, where each message send and recieved between computers on the internet is checked against certificates (usually in the hands of third parties). The advantage of a VPN connection between me and my workplace for instance is that nobody can eavesdrop on the interaction, no data can be stolen as it is encrypted as it travels from door to door, and only I can establish the connection, so the reciever, my company, also knows its me and not somebody else.

Most websites create a kind of VPN when you access them now, if the site url reads HTTPS:// (the S stands for Secure) your connection to that webserver (websites are messages from webservers) is exclusive to you, all your communication is encrypted and unreadable for outsiders or intercepters. Google wants you to use HTTPS:// for your website because it also prevents hacking of such websites, for instance making you order more stuff than you want and shipping it to the hacker’s address. VPN and HTTPS are good starting points of securing the interents better, in simple terms, ALL connections will have to be secure.

Every connection will be a VPN like connection

The only drawback of that is that constantly encrypting and decrypting all traffic is energy intensive and time consuming. Even though Moore’s law is not dead (another 100x inprovement to go) it is a burden, so you rather have a system where some traffic can be free and some is restricted to secure protocols. We’re not discusisng quantum computers being able to crack all these protocols for now, or Samsungs new algorithm that seems to be as quick. It seems inevitable that whoever owns an internet connection will have to get a liscense or passport which gives him/her access to some or all of the available address space. From the moment you want ot buy stuff online you need to be secure at all time or some hacker will reach your PC at night, because you let a worm in that activates, and this hacker may install software that scans your passwords to access your money or hijacks your PC for evil purposes.

An intelligent monitoring system can quickly detect users that behave differently, ones that scan IPs for example, but it is not easy to monitor traffic because a data package is usually only what it is. when it travels through a wire you can not see it, when it is transferred you can only read part of it, data is somewhat like light, a photon travels millions of years through space, unseen only to be registered at its destination. We live in an increasingly insecure world, so it seems internet licsences and passports will have to become commonplace soon.

Leave a Reply