I remember there being another thread on it, but couldn't find it with search.
http://news.yahoo.com/internet-caret...233906056.html
BLUF: Giving up control of ICANN is quite possibly the stupidest thing that this administration has done on the cyber warfare front.
So let's talk about what this move actually means.
Who is ICANN? (
https://www.icann.org/) ICANN is a government sponsored corporation that was set up to administer the internet when it was released for public use. They are responsible for, among other things, top level domain names (.net, .com, .org, .biz, .to, .be, etc.).
They also control the top level registrar for domains (professionalsoldiers.com, google.com youtube.com etc.) via Internic (
http://www.internic.net). If you use another service for domain names like GoDaddy, they are simply reselling the names from Internic (effectively). Internic also controls the servers called "Root DNS Servers" that are the final authority on where to send traffic that is trying to find a server. There are 13 of them..
http://www.iana.org/domains/root/servers If those servers drop, there is no other central location to turn human readable names (domain names) into computer readable names (IP Addresses). It works a lot like the chain of command. Every time a server says "I don't know" when asked where to go for internet traffic, it gets escalated up to the next level until eventually it reaches the Root servers. The root servers are the final authority on looking up an IP Address from a human readable domain name.
ICANN are also the ones that control IP addresses via Internet Assigned Numbers Authority (IANA
http://www.iana.org/) Effectively they are the ones to allocate IP addresses to everyone.
So to make this short and sweet, they control everything related to the routing of traffic on the internet. They are the Department of Transportation for the net.
So we've got control of this and it has been working well for the last 35 years. Now we are going to give control over to a central committee composed of us and other nations. It should be mentioned that, while Al Gore did not invent the internet
, it WAS the US Government in the form of DARPA that funded researchers from MIT who actually did create it. We paid for it, maintain it and graciously allow the rest of the world to participate. Now we are just going to give it up to a committee, probably within the UN, to run. What happens if there is a major falling out between the US and the other permanent members? They now will have the ability to "shut off" our internet access.
But, but, but we have our own DNS servers. Well, let me tell you about those. They receive published routes from the Root DNS servers. If the root servers decide to stop publishing say.... us.army.mil and instead redirect it to 8.8.8.8 (Google) where are we? Think about the chaos. Now the good news is that the DNS at the Army's main hubs can short circuit that for anyone inside the network. The problem comes when someone who isn't inside the network tries to get there. No VPN, No AKO, No Webmail unless you are on an Army computer. See the problem? Yes, if you clicked the link to see the root servers, the DoD and the Army maintain 2 of the thirteen. What happens if ICANN decides those aren't actually going to be root servers any more and publishes a new list of root servers?
You'll also notice that currently all 13 are in the US. There are cyber attacks that are performed by attacking DNS servers. (
http://www.networkworld.com/article/...ing-works.html) What happens when one, or most, of the root servers are passed out like candy to other countries? What happens if someone decides that every country should have their own root server? Now you have places like the 'stans and the middle east all with the responsibility of protecting their root DNS server so it can't poison the others. Does that sound like a good way to go?
Now, how about another recent development. Does anyone remember that the intelligence community decided to use Amazon's cloud service to aggregate intelligence? (
http://www.defenseone.com/technology...ligence/88555/) How do we coordinate intelligence efforts if we no longer know how to get to Amazon.com?
Yes, there are things that can be done to mitigate these problems. The bottom line is that this cost saving measure is going to cost BILLIONS to ensure that we still have networks to work on.
Quote:
"The United States will not allow the global Internet to be co-opted by any person, entity or nation seeking to substitute their parochial world view for the collective wisdom of this community."
|
So what will we do about it? We haven't been able to stop a terrorist organization (ISIS), how do we think we are going to influence
anyone to release control of the internet once they have it.
Again, this is probably the stupidest technology move by the administration yet.