A Lodge of Freemasons global network: can a single organization off the Internet
The expected disruptions of the Internet 11 October could affect up to 750 million people.
Corporation on management of domain names and IP addresses (ICANN) has warned about possible problems with access to the Internet 750 million after October 11. This figure consists of “a small percentage” (according to organization) Internet users who have to face the consequences of updating the cryptographic keys used to protect the system of Internet domain names (DNS). What is ICANN (International Corporation for Assigned Names and Numbers), why their meetings resemble a mixture of religious meetings and of baseball, and why Russia and China are against this state of Affairs?
During the download an error has occurred.The rituals of the ICANN
Twice a year in the suburbs of Los Angeles, a few miles from the international airport, 20 people at the expense of halogen lamps are expected in a room with no Windows started. Perhaps the situation would be difficult to distinguish from the office, if not unprecedented security measures through which these twenty had to go through before to get here: on guard Internet security, biometric scanners, iris scanners and fingerprints.
The reason the audience are here resembles the plot of a James bond — seven of the participants are the keepers of a unique key from the Global Internet. Together, their keys create a master key, which in turn controls one of the Central security measures in the network core.News“off the Internet”: dispelling the myths
Keywardens will meet four times a year, twice on the East coast of the US and twice in the West, starting in 2010. Keepers brings together many years of experience in the field of Internet security and various international institutions, they were chosen for geographical reasons — no country can have too many key holders. They go to the ceremony on their own or through their employers.
Keepers of the keys control the domain name system (DNS), the underlying operation of the Internet. This is an Internet version of the phone book — it translates the web addresses that you type letters into a series of numbers called IP addresses. If it were not for DNS, you would have to visit the website to dial a long sequence of numbers for each site. For example, to get to RUVDS, you will need to enter the “18.104.22.168” instead ruvds.com.
The master key is part of the global measures to ensure the security of the whole domain name system secure and the Internet: every time when the keepers meet, they verify that each entry in their address books is genuine. This prevents a proliferation of fake web addresses which could lead people to malicious sites, used to hack computers or steal personal data, including payment card data.
Ceremonies on the East and West coasts there are seven holders of the keys, and another seven people around the world have the authority to restore the system if something goes wrong. Each of the 14 holders of primary keys has a traditional metal key for the room safe, which in turn contains a smartcard, which in turn activates a machine that creates a new master key. The “belayer” seven is a smart card that contains a code snippet required to create a replacement machine key generator.
Once a year, these shadow guardians sent to ICANN a selfie with a paper on the current date and their key to confirm your status.
“Ritual” involves the generation of a new master key, its subsequent activation using the smart card, signing key, downloading to USB flash drives for servers of different domains (ru, com, net, etc.). During the procedure, you also read out an arbitrary sequence of words generated by the keys for their verification, and the signature of each key is accompanied by applause.
The struggle for independence
The issue of transfer of control over the administration of Internet address space to an independent Agency was one of the campaign issues in the United States. The idea is not approved political heavyweights: US presidential Advisor for national policy Stephen Miller and Senator Ted Cruz.
The last argument was a possible control over the Internet from Russia and China, while the democratic candidate Hillary Clinton supported the decision of the previous administration about the independent control of the Internet.
In October 2016, ICANN also announced the expiration of the contract with the Ministry of Commerce and the National Directorate of information and communication (NTIA), which was a welcome event for Russia — the “suspension” of the us authorities from “Internet governance”, because Russia and China for many years insisted on transferring control over Internet to international organizations. Support for DNS root server and register top-level domains, however, continued to engage the us company (Verisign), administration of Internet address space remained for ICANN, but the obligation to coordinate with the US authorities she was no more.
The newsNetwork will collapse? The global Internet can be erratic
However, the United States, losing control over the unique identifiers for the Internet, through a contractual relationship, and still keep it largely through its jurisdiction over the technical structures that support the system (the majority of command and control servers are in the USA). Therefore, a formal transfer of control did not dispel fears of Moscow. In November 2017, the security Council instructed the Ministry of communications and Ministry of foreign Affairs to establish the BRICS countries own DNS root server system. In other words, created the basis for alternative Internet.
The idea of an alternative network is not the first partnership of Russia with the BRICS countries in cyberspace. For example, a group of countries has endorsed the code of conduct of States in cyberspace at the UN General Assembly.
He calls not to attack the critical infrastructure of countries (nuclear power plants, energy companies, banks, transport management or water supply), do not use “bookmarks” harmful software and to stop groundlessly accuse each other of cyber attacks.
This provides for the pooling of efforts in the fight against hackers engaged in acts of sabotage from the territory of signatory States. One of the key theses of the code guarantees equal participation of States in international Internet governance.
Blocking countries from inside and outside
The reason of discontent of Russia and China in the absence of regulatory mechanisms and the right of veto in matters of Internet governance. Thus can be one-way blocked as separate resources, and the country as a whole. The regulation on cross-border access to stored computer data and even allows different security services without formal notice to conduct operations in the computer networks of third countries, representing a clear threat to the sovereignty of these countries.
NewsAmerican satellites were in the hands of Chinese hackers
In the course of working on their own root DNS services is inevitable Russia cooperates with China, which is known for creating the Great Chinese firewall. There is also the concept of the great Guns of the Fan Binsina. Together, these two systems theoretically give States complete control over its segment of the Internet, including the protection from attacks from the outside, an equal right to the use of Internet resources and the control over the root DNS servers in their domain area. The proposed Fan Binsina the concept involves the establishment of direct exchange of data between countries to bypass the DNS root servers in the United States.
In practice, the idea did not find understanding in the expert community and even the China as too costly and unnecessary. China is ready to support the resolution of Russia in the UN, but the idea of creating an alternative Internet considers too cumbersome and not effective in relation to existing. The position of China is to create the necessary tools (a Great firewall and a Great gun), to effectively combat cybercrime on the current system.
Disable Internet in one of the countries on the team from USA is unrealistic because of the architecture of DNS servers. In addition to ten of the root servers in the US, where historically originated Internet, the DNS system includes a server in the Netherlands, Sweden and Japan, as well as hundreds of mirror (duplicate) servers, including ten in Russia: in Moscow, St. Petersburg and Yekaterinburg.NewsVirtual domination: how Chinese hackers conquer the world through smart phones
If the US for any reason will remove the zone files from their EN root DNS servers, the Internet will continue to work with other root and mirror servers. Cost would be the increase of access time to sites in a few milliseconds. But the opposite effect is asymmetric for the US and for the global Internet, the loss of confidence which would entail the creation of a number of local root DNS servers.
In other words, the current situation delicate balance of the global Internet is built on trust, though it is sometimes necessary to maintain a strange theatrical ceremonies “guardians” of ICANN. American cryptologist and cybersecurity expert Bruce Schneier, who worked on the leaks of Edward Snowden admits that not all steps are essential: “need that Much, but some of the measures required exclusively for the show. This process is both technical and political, and it complicates things”. And the other member of ICANN’s Lynn Lipinski and does recognize the similarity of their ceremonies to replace the keys with the “combination of Church and a baseball game.” In any case, the security of the global Internet is in good hands and expect any problems with the replaced cryptographic keys are certainly not worth it.