People who could really break the internet

Andrew Conway on Cloudmark Security Blog (via The Browser):


Credit: The Oatmeal

The first place you might consider attacking would be the DNS root name servers. These control the very top level of DNS, and without them no server on the Internet would have a name. There are a limited number of them, and they are controlled by a committee, the DNS Root Server System Advisory Committee otherwise known as the Secret Masters of the Internet. However, the servers themselves are run on heavily protected highly redundant hardware, and are geographically distributed. They also run different software, so a single vulnerability could not be used to take down all the root servers. They are such an obvious place to attack that they are too well defended to be a good target.

The Internet can route around damage. That is a strength when dealing with minor damage or attacks but a problem when a major component is damaged. The network traffic that gets rerouted causes bottlenecks and slowdowns elsewhere in the network. Once you hit the dreaded Reload Threshold, when web pages are loading slowly enough that people start hitting the reload button and sending multiple requests for the same page, then large sections of the net would grind to a halt. This happened on July 18th, 2001 when a train accident in a tunnel in Baltimore severed an Internet backbone cable. That afternoon users all over the US had problems accessing web sites in other parts of the US, apparently randomly. A simple brute force DDoS attack against one or two key points in the Internet would be enough to make the rest unusable. Personally I would probably go after MAE-West in San Jose, partly because almost all the traffic to and from Silicon Valley goes through there but mostly because it has a cool name.

Read the full piece here.