Personally, I thought the Ars Technica article was a little nicer in summing up the situation, but I can understand why you changed it. Thanks for keeping the site clean!
... meanwhile, US physical internet infrastructure dominance redirects world traffic.
I've often wondered why China and Russia don't collaborate to build a hyper-fast redundant fiber network across from Asia to Europe, and cut the US out of the middle. Surely the long term commercial and geopolitical gains would outweigh the initial investment? I suppose from China's side they're happy mostly disconnected ... and from Russia's, there's no other neighbouring states with cash, perhaps with the exception of Japan and Korea. Anyone know if they do direct links? I know coming out of China they're often faster than the US, but bouncing out through Russia to Europe is an avenue unexplored versus the de-facto US west coast routing.
> I suppose from China's side they're happy mostly disconnected
And so is Russia, it seems. There have been rumors in the Russian news that the government is seriously entertaining the project of isolating the Russian segment of the Internet from the rest of the world.
Links are built for economic reasons. There are plenty of good biz reasons to direct traffic from China to Europe and the USA, not much to direct traffic through Siberia and Russia's Far East. Want to send a packet from Harbin to Vladivostok (which is quite nearby), you are probably going to go through SF or at least Japan.
People forget China and Russia were outright hostile in the 70s (one of the reasons China opened up to the US), and Russia is still probably considered a bigger adversary than far away USA.
More importantly global traffic is 24/7, but people sleep. The US has strong links to Europe and Asia AND there asleep though most of Asia's work day. So, even if the Asia - India - Europe or Asia - Russia - Europe links where just as strong they would also be in use during most of Asia's work day.
Don't forget Routers care more about congestion than how far they need to send a packet.
It is hard to comprehend the vastness of Siberia. Russia is more than 2x as big as continental US. Large parts of it cannot be reached by car unless it is during certain times of the year.
Laying a fiber optic cable across all that mess and then all the way to Beijing is going to be quite expensive. They are going to be very pressing economic incentives to do it.
Politics across the world have taken a drastically unfavorable turn towards the internet. Pick any number of actions, I guess.
For Russia in particular, they've started aggressively pursuing a policy of insuring all data on Russian citizens is stored within the country. So much so that they're banning any product that uses iCloud as of the start of 2015. Not to mention their draconian filtering policies.
In Australia, not only have ISPs spun the NBN into a product that pays them to not upgrade their infrastructure, the new anti-piracy surveillance laws that were introduced are to be subsidized with an internet tax like the one Hungarians protested about.
In the United States, well, NSA and net neutrality. 'nuff said.
In Spain, a law just passed that allows a member of Spain's newspaper association to charge sites to link to them. While this isn't an explicit threat towards killing the internet, the precedent it sets is quite ominous.
Not to mention the many, many countries that've imposed filtering in the name of anti-piracy. As the internet becomes more popular, it's come under an increasing level of attack and stands to become significantly less of attractive for the purposes of it's users.
Thing is, the network layer of the internet was never intended to be secure. Routing data through unknown hosts controlled by untrusted public organizations, private enterprises and foreign countries, when it makes sense on the technical/business level, is what internet routing protocols are designed to do. Sure, here we are talking about BGP using a less-than-ideal route, but the same effect (traffic going from Russia into China then back into Russia) could very well happen from the intended behavior of the protocols. The network layer is explicitly assumed/designed to be unreliable, insecure and hard to centrally control (for TCP/IP, this is not true of some cell-based/virtual-circuit networking layers). This is why security should be built at the end points (namely encryption and authentication) and not assumed from the network layer.
p.s. A very simple way to make Russian internet more secure against foreign powers would be to have a highly competent government-operated certificate authority which would issue EV TLS certificates for free to Russian businesses and individuals. Then pass two laws, one requiring web browsers sold or distributed in Russia to only allow that certificate authority for .ru domains, and a second one requiring web sites to get those certificates (either for all websites or only those considered 'sensitive'). This doesn't solve the issue of foreign-owned and foreign-located cloud services, and is honestly a worse solution than working at an international level to create a better standard for authentication and data protection than host certificates and certificate authorities. But, from the point of view of a single country's government with (let's face it, reasonable) paranoia about foreign spying on their internal internet communications, this would be about the best 'counter-measure' that I can see being realistically applied.
Routing data through unknown hosts controlled by untrusted public organizations, private enterprises and foreign countries, when it makes sense on the technical/business level, is what internet routing protocols are designed to
do.
That's basically what Tor does, and its users are perfectly fine - expecting that - their traffic goes through many other hosts before it reaches its destination. The reason this isn't a problem is largely due to...
This is why security should be built at the end points (namely encryption and authentication) and not assumed from the network layer.
16 comments
[ 6.5 ms ] story [ 59.7 ms ] threadI've often wondered why China and Russia don't collaborate to build a hyper-fast redundant fiber network across from Asia to Europe, and cut the US out of the middle. Surely the long term commercial and geopolitical gains would outweigh the initial investment? I suppose from China's side they're happy mostly disconnected ... and from Russia's, there's no other neighbouring states with cash, perhaps with the exception of Japan and Korea. Anyone know if they do direct links? I know coming out of China they're often faster than the US, but bouncing out through Russia to Europe is an avenue unexplored versus the de-facto US west coast routing.
And so is Russia, it seems. There have been rumors in the Russian news that the government is seriously entertaining the project of isolating the Russian segment of the Internet from the rest of the world.
People forget China and Russia were outright hostile in the 70s (one of the reasons China opened up to the US), and Russia is still probably considered a bigger adversary than far away USA.
Don't forget Routers care more about congestion than how far they need to send a packet.
Laying a fiber optic cable across all that mess and then all the way to Beijing is going to be quite expensive. They are going to be very pressing economic incentives to do it.
Lay it on the side of the trans-Siberian railroad.
For Russia in particular, they've started aggressively pursuing a policy of insuring all data on Russian citizens is stored within the country. So much so that they're banning any product that uses iCloud as of the start of 2015. Not to mention their draconian filtering policies.
In Australia, not only have ISPs spun the NBN into a product that pays them to not upgrade their infrastructure, the new anti-piracy surveillance laws that were introduced are to be subsidized with an internet tax like the one Hungarians protested about.
In the United States, well, NSA and net neutrality. 'nuff said.
In Spain, a law just passed that allows a member of Spain's newspaper association to charge sites to link to them. While this isn't an explicit threat towards killing the internet, the precedent it sets is quite ominous.
Not to mention the many, many countries that've imposed filtering in the name of anti-piracy. As the internet becomes more popular, it's come under an increasing level of attack and stands to become significantly less of attractive for the purposes of it's users.
p.s. A very simple way to make Russian internet more secure against foreign powers would be to have a highly competent government-operated certificate authority which would issue EV TLS certificates for free to Russian businesses and individuals. Then pass two laws, one requiring web browsers sold or distributed in Russia to only allow that certificate authority for .ru domains, and a second one requiring web sites to get those certificates (either for all websites or only those considered 'sensitive'). This doesn't solve the issue of foreign-owned and foreign-located cloud services, and is honestly a worse solution than working at an international level to create a better standard for authentication and data protection than host certificates and certificate authorities. But, from the point of view of a single country's government with (let's face it, reasonable) paranoia about foreign spying on their internal internet communications, this would be about the best 'counter-measure' that I can see being realistically applied.
That's basically what Tor does, and its users are perfectly fine - expecting that - their traffic goes through many other hosts before it reaches its destination. The reason this isn't a problem is largely due to...
This is why security should be built at the end points (namely encryption and authentication) and not assumed from the network layer.