42 comments

[ 5.2 ms ] story [ 51.0 ms ] thread
Its become clear that the axiom “The Net Interprets Censorship As Damage and Routes Around It” as no longer true. It hasnt been since before 2010 anecdotely but the data Schneier presents here is undeniable
It hasn't been true since 9/11 when the US name servers were "shut down" and traffic was dropped ftom level3 nodes.
Ahh I just wanted to host my website in Afghanistan.

(there are actual web hosting companies in Kabul, and it seems its not illegal to send money there)

One more reason to resist the fragile lifestyle that requires constant internet access. Even if you don't live in a totalitarian country where shutting down the net would be easy and probable.

Some time ago someone posted in Twitter a letter of Theodore Kaczynski giving life advice, one point being not to use internet for more than one hour a day. Too bad I couldn't find it anymore.

why is this flagged? (maybe Theo? I don’t know this person).

Its absolutely a good argument against fragile IoT devices that have no local/offline mode and the ever increasing lurch of internet requirements for our daily life.

I’m not sure my phone does much of anything without an internet connection. Yet it is my primary banking and authentication method (via BankID).

EDIT: Theodore Kaczynski is the unabomber… well, thats an odd name to drop and maybe not an ideal candidate for life advice.

Ted has some interesting ideas but I personally would not accept any life advice from him
Living without the Internet is still doable. Just a little bit harder.

You gonna lose some time and money (buying bus tickets physically and not buying cheap junk over the internet, BUT you're gonna gain like literally 6h per day :)

Been there, done that. Its net positive experience. Just like going back to 1999.

I also think that you should be able to do stuff without requiring internet access, and also should be able to do stuff without requiring electrical power, etc. You should not be overly reliance on technology. They can be useful (in many ways), but should not be mandatory to rely on, and furthermore should avoid damaging the natural environments for such technology, and also avoid damaging the possibility of working without them.
The post is mainly just a CTA against further internet centralization and government control of core infrastructure, which is fine. We need more of these, and we need more examples of their harms for folks to draw on. HN often gets distilled down to a singular cause - EU's Chat Control, Elon's shutdown of Starlink over Ukraine, a regional outage of a public cloud provider - but generalized topics like these aren't really discussed all too often I find, or are often flagged for a variety of reasons and shutdown.

As technologists of multiple stripes and disciplines - programmers, developers, engineers, architects, designers, product managers, etcetera - we need to collaborate more on the direction of our industry as a whole, rather than just specific niches we find appealing. From my specific perspective in IT, the increasing centralization across every vendor category (three major x86 server manufacturers, two CPU vendors, two GPU makers, three global-scale public clouds, ISP mono- and duopolies, a handful of commercial operating systems, a near-monopoly EUVL supplier - the list goes on) is a dire threat to not just the open internet, but open technology in general.

We need to be better advocates for and champions of the technological future we envision, rather than just blindly celebrate startups and tech fads all the time. Mr. Schneier is merely the latest and largest canary in the proverbial coal mine.

It’s hard to be a better advocate without diving into the politics of why we’re in the situation we are, which also doesn’t address the amount of political power you and I have relative to the interests that want said technological consolidation to exist.

And given that the tech community trends towards political philosophies like libertarianism, which is inherently anti-organization and anti-collectivist, I’m not sure how you begin to scratch the surface of what a real solution looks like.

Do unions work against corporate mergers? I’d imagine they do as they tend to work against corporate interests in general but I’m not that well versed in this sort of history.
(comment deleted)
>> Elon's shutdown of Starlink over Ukraine

"In February 2022, two days after Russia's full-scale invasion, Ukraine requested that the American aerospace company SpaceX activate their Starlink satellite internet service in the country, to replace internet and communication networks degraded or destroyed during the war.[2][3][4] Starlink has since been used by Ukrainian civilians, government and military.[3][5] The satellite service has been employed for humanitarian purposes as well as defense and counterattacks on Russian positions.[6]"

"In 2022, Elon Musk denied a Ukrainian request to extend Starlink's coverage up to Russian-occupied Crimea during a counterattack on a Crimean port, from which Russia had been launching attacks against Ukrainian civilians; doing so would have violated US sanctions on Russia.[18] This event was widely reported in 2023, erroneously characterizing it as Musk "turning off" Starlink coverage in Crimea.[19][20]"

https://en.wikipedia.org/wiki/Starlink_in_the_Russian-Ukrain...

> From my specific perspective in IT, the increasing centralization across every vendor category (three major x86 server manufacturers, two CPU vendors, two GPU makers, three global-scale public clouds, ISP mono- and duopolies, a handful of commercial operating systems, a near-monopoly EUVL supplier - the list goes on) is a dire threat to not just the open internet, but open technology in general.

Part of the reason why we have seen this absurd centralization is complexity. It used to be possible for third parties to tape out an x86-compatible CPU and in fact there were multiple vendors doing this - but it's impossible these days, mostly from a financial viewpoint (you'll probably need a few billion dollars in R&D plus the licensing cost), but also from a technological viewpoint - you'd need to have feature parity with Intel/AMD x86 CPUs and some material improvement actually enticing people to buy your new CPU.

In the end the "free market" will always lead to such concentration effects and, most importantly, to de facto standards because the dominant actor(s) will always be the cross-section of "offers the most features, is used everywhere else, is affordable".

The fix requires governmental intervention (be it anti-trust legislation, mandatory sharing of resources/access for dominant entities or whatever), but sadly we can't even do regime changes to get rid of kleptocrats like the Taliban any more...

> From my specific perspective in IT, the increasing centralization across every vendor category (three major x86 server manufacturers, two CPU vendors, two GPU makers, three global-scale public clouds, ISP mono- and duopolies, a handful of commercial operating systems, a near-monopoly EUVL supplier - the list goes on) is a dire threat to not just the open internet, but open technology in general.

> We need to be better advocates for and champions of the technological future we envision, rather than just blindly celebrate startups and tech fads all the time.

There are already groups for these things (W3C, ICANN, IEEE, etc.), so how I interpret what you’re saying is that we need to abandon large corporations and go with... what exactly?

I’m not going rally behind a government administration that seeks dictatorial power over everything. That’s much worse than power spread over FAANG.

I'll admit that my early morning eyes saw "CYA". Which I'll admit had me scratching my head...
We should require adherence to US regulatory policy at a minimum for any country that wants to connect to the US internet, and any attempt to circumvent, restrict, or infringe on that will result in a hard disconnect with that state for some period, like a weeklong blackout after each instance of overreach.

Imagine the political revolutions if the petty tyrants take away the circuses.

I wrote a really long post and pardon me for that if so may be and so I decided to have the tldr on the top of my comment rather than the bottom. I sometimes write long to give people an prospect into my thinking process so I am not sure but just read the TLDR too perhaps and if someone finds long posts enjoyful then buckle up!

TLDR: There are movements like clippy and projects like scaleway and so so many others with forums like lowendtalks etc. to give value on the fact that there are alternatives with open source softwares so we need people who have the knowledge to spark that knowledge in a way understandable by the normal people and that is okay because normal people cant be expected to be all techie like us for the same reason I or you cant be expected to know all about ping pong.

https://www.scaleway.com/en/news/scaleway-launches-its-risc-...

> Featuring the T-HEAD TH1520 SoC, 16GB RAM and 128GB storage at a price of €15.99 per month, Elastic Metal RV1 is accessible to all budgets

Scaleway :- a non three global-scale public clouds offering riscv from a custom manufacturer from a list might be something of your interest then :)

Sir, I understand that the world is getting centralized since that is the fact but I have started to frequent more on https://vpspricetracker.com/ , https://serverdeals.cc/ , https://serververify.com/ , https://lowendtalk.com/ etc. (sorry for sending more links but I have a whole list of awesome stuff on a yopad/etherpad instance)

Most of these websites come from Lowendtalk culture and most/some of these cloud providers were themselves users (I talked to one owner of a vps provider) / power users

Let me try to be clear as to what I am saying here: The issue is convenience. Choosing these three global scale public scales, so if something falls down, its convenient/easy to put the blame on AWS for falling down. Nobody would get fired for picking AWS whereas something can definitely be said if they were other providers aside from these three

Now you can read my other comments where people say that there are not enough offerings and yes there are and please read those comments in sake of not repeating contents.

So basically the issues are incentives/convenience and other issues which can be fixed

If you really want you can colocate on datacenters.

This may not be the comment you might want and even now after saying this, the fact still stands that AWS contains a huge traffic and half the internet basically goes down when US-East-1 falls

But what does CTA mean? CTA in my opinion means giving business to other than these few restricted companies. To be honest, there really isn't a reason for having on them in my opinion both in terms of pricing and many other things.

I long have this opinion that your wallet decides the CTA. Who you fund etc. can be the easiest way to generate momentum and CTA. If you are referring to something like a political agitation/movement, these sound nice (and maybe we should have it) but they suffer from plethora of issues.

There are two ways of going through, either convincing the masses to have political voting and then create laws which try to protect their consumers only for nothing to quite happen on that front (germany has some of the highest protection laws but I am not sure how that prevents the fact that even now AWS exists and the triopoly of cloud for most websites)

These companies have malicious compliance and they h...

Replying to myself probably breaks some sort of rule somewhere (ye olde double-posting), but I think it's warranted here given the volume of responses this comment of mine has received.

I deliberately left out specific guidance because I wanted exactly the kind of responses we've seen here: a healthy mixture of takes from different backgrounds and perspectives, as well as the opportunity for fatalists to out themselves with the well-tread "just how it is"/"nothing we can do" schtick these sorts of posts tend to encourage. The discussion was the point, and I love seeing the back-and-forth folks have engaged with here over a very broad opinion of mine.

What I'll leave everyone here with is something that's kept me afloat during my own dark times, far, far darker times than we see now:

Just because everything works that way today, doesn't mean it'll work that way tomorrow. None of today was inevitable yesterday, and none of tomorrow is written in stone today. One individual can't fix the world, but enough of us together, focused on a glut of smaller changes, targeting specific problems, acting in concert despite being individuals? That is what drives meaningful change. That is what defines tomorrow.

Don't fret that you can't overturn colossal problems alone. Stop worrying that things have grown too complicated to fix easily. Focus instead on building a community, a movement, an orchestra of change towards causes you believe in. Build more things and share them with others. Do things specifically because you find value in them, even - and especially - if "free markets" or VCs don't. The more you build that you can share, the wider the audience you can reach with your passions, the easier it is to change things for the better.

Immiseration, complexity, monopoly, centralization: they're choices, not inevitabilities.

I thought this would be advocating "chaos monkey" style intentional shutdown to test institutions for resiliency in an outage situation. Might not be a bad idea. Maybe once every four years on leap day or something.
If anything, this just highlights the need for Starlink-style connectivity and off-grid power.

Of course, once jamming enters the picture, even that lifeline disappears.

Worship of the eternal steady-state. Whoever speaks against any intervention to preserve it is a heretic, and must be excommunicated.

Whether it’s ML training, pentesting, or old-fashioned engineering, we have to throw the occasional curve-ball at our systems in order to improve them. Surprise internet shutdowns are good, even if the ostensible reasons for them are dumb. Maybe people will host more information offline, and become less dependent on cloud services…

Which reminds me that I've let my connection to this group lapse for... about a decade: https://air-stream.org/

Covering Adelaide, South Australia. Such communities should exist in most cities.

> In the US, for example, shutdowns would be hard to enforce.

Is that really? US government has tanks, bombers, missiles and tactical nukes while "a well regulated Militia" have petty rifles and motolovs.

It's very easy for US government to cause state-wide power blackout, effectively shutdown Internet.

The quote has nothing to do with a well regulated militia. It's about whether the technical ability for internet shutdowns has been built or not.

>A country’s ability to shut down the internet depends a lot on its infrastructure. In the US, for example, shutdowns would be hard to enforce. As we saw when discussions about a potential TikTok ban ramped up two years ago, the complex and multifaceted nature of our internet makes it very difficult to achieve. However, as we’ve seen with total nationwide shutdowns around the world, the ripple effects in all aspects of life are immense. (Remember the effects of just a small outage—CrowdStrike in 2024—which crippled 8.5 million computers and cancelled 2,200 flights in the US alone?)

>The more centralized the internet infrastructure, the easier it is to implement a shutdown. If a country has just one cellphone provider, or only two fiber optic cables connecting the nation to the rest of the world, shutting them down is easy.

Nukes and tanks weren't built for internet shutdowns, and it's a ridiculous idea that if the US government decided to do an internet shutdown that they would decide to use a nuke for that.

This is concerning in the comments:

> I suspect most can guess where this mess will end up, and it’s not good.

What I read from this is going to sound conspiratorial, but I think it’s a valid “read between the lines” of an insider. I think they’re saying that they’re alarmed that Silicon Valley is supporting the current U.S. administration assuming he’s doing what’s best for their welfare, while it’s clear based on the activities of Iran and others that are practicing working without internet that they are planning on losing internet, which could either be because Iran, Russia, China, or the U.S. itself may plan to sever or disable internet connections (while unsure what would be isolated or disabled) as an act of war or extreme and dangerously naive nationalism.

I just recently learned of Meshtastic (https://en.wikipedia.org/wiki/Meshtastic) and MeshCore (https://meshcore.nz/), which provide a platform for private and group messaging over P2P LoRa. They don't depend on internet, rely on the community to provide routing nodes, and thus harder to block for governments. It's gaining steam in Europe and can already be used for messaging across wide distances. It's slow though, so forget streaming videos or images. It can only carry messages. But that's often enough to coordinate or spread news.
The recently released One Battle After Another reinforces the impotence of legal rights against a corrupt government entity. In the situations Schneier envisions, corruption will almost certainly be at play.
The normalization of internet shutdowns as a "riot control" tool is deeply concerning, especially given how technically unsophisticated most implementations are. In many cases, governments aren't doing surgical BGP manipulation - they're literally ordering ISPs to turn off infrastructure or block DNS at the national level. This is the equivalent of cutting power to an entire city to stop a protest in one neighborhood.

What's particularly insidious is the asymmetry: governments can coordinate offline through military/police radio while citizens lose all communication infrastructure. The $1.5B average economic impact cited in the article is conservative - it doesn't account for destroyed business relationships, lost international contracts, or long-term reputation damage from being seen as "internet shutdown country."

The technical countermeasures are evolving but limited. Mesh networks like Briar or Bridgefy work peer-to-peer over Bluetooth but have tiny range. Satellite internet (Starlink) requires hardware that's easy to detect/confiscate. eSIM switching only works if neighboring countries' towers reach across borders. The hardest problem is the "last mile" - even if you can get data out via satellite/mesh, how do you distribute it locally when cellular is down?

We need international frameworks treating internet access as critical infrastructure with humanitarian protections, similar to water/electricity during conflicts. The ITU could mandate technical transparency - requiring governments to publicly log shutdown orders with specific geographic/temporal scope rather than blanket national blackouts. That wouldn't prevent shutdowns but would create accountability records.

It's strange to read so many countries listed in an article about deliberate internet shutdowns, and even India called out as the world's shutdown capitol, and not one mention of China. Internet shutdowns during important political events, or even just national holidays, are common practice in China, have been for decades, and this is widely known. How is it not China that wins the great prize here?
I’m against internet shutdowns, but I cringe at the phrase “international community.” Who does that even include?
I am going to be the odd one out here and say that internet should be cut off during protests and other unrests. It might even slow down colour revolutions and give the state some breathing space to manage public sentiment.