Sunday, May 9, 2010

Internet Flaws Could Bring Down Service in 30 Minutes

In 1998, a hacker told Congress that he could bring down the Internet in 30 minutes by exploiting a certain flaw that sometimes caused online outages by misdirecting data. In 2003, the administration of President George W. Bush concluded that fixing this flaw was in the nation's "vital interest."

Fast forward to 2010, and very little has happened to improve the situation. The flaw still causes outages every year. Although most of the outages are innocent and fixed quickly, the problem still could be exploited by a hacker to spy on data traffic or take down websites. Meanwhile, our reliance on the Internet has only increased. The next outage, accidental or malicious, could disrupt businesses, the government or anyone who needs the Internet to run normally.

The outages are caused by the somewhat haphazard way that traffic is passed between companies that carry Internet data. The outages are called "hijackings," even though most of them are not caused by criminals bent on destruction. Instead the outages are a problem borne out of the open nature of the Internet, a quality that also has stimulated the Net's dazzling growth.

"It's ugly when you look under the cover," says Earl Zmijewski, a general manager at Renesys Corp., which tracks the performance of data routes. "It amazes me every day when I get into work and find it's working."

When you send an e-mail, view a Web page or do anything else online, the information you read and transmit is handed from one carrier of Internet data to another, sometimes in a long chain. When you log into Facebook, your data might be handed from your Internet service provider to a company such as Level 3 Communications Inc., which operates a global network of fiber-optic lines that carry Internet data across long distances. It, in turn, might pass the data to a carrier that's connected to Facebook's servers.

The crux of the problem is that each carrier along the way figures out how to route the data based only on what the surrounding carriers in the chain say, rather than by looking at the whole path. It's as if a driver had to get from Philadelphia to Pittsburgh without a map, navigating solely by traffic signs he encountered along the way — but the signs weren't put up by a central authority. If a sign pointed in the wrong direction, that driver would get lost.

(Read more at:

No comments: