• United States



by Keir Thomas

The Internet as we know it is under attack

Feb 07, 20116 mins
Data and Information SecurityInternetMalware

The Internet was never supposed to be as big or successful as is it today. This has been hammered home by two recent events that show the Net is creaking at the seams. Such weaknesses mean the Net as we know it is open to attack from all sides.

The Internet was never supposed to be as big or successful as is it today. This has been hammered home by two recent events that show the Net is creaking at the seams. Such weaknesses mean the Net as we know it is open to attack from all sides.

The first issue is that we’ve run out of Internet addresses. They’ve all gone–all four billion of them.

At a jolly ceremony last week at the Internet Corporation for Assigned Names and Numbers (ICANN) headquarters in Miami, the last remaining Internet Protocol v4 (IPv4) addresses were handed out to the Regional Internet Registries. The registries will now pass them onto organizations worldwide.

This isn’t as desperate as it might sound. The situation is similar to one of manufacturers, wholesalers, and stores. Manufacturing of IPv4 addresses has now ended. Wholesalers hold enough stock to supply stores for around a year. So out on the streets there’s no need to panic–yet.

Right now we should all be switching to Internet Protocol v6, where addresses are more than plentiful. Created way back in 1996, IPv6 allows for such a huge number of addresses that it’s difficult to write them down. In total there are 340,282,366,920,938,000,000,000,000,000,000,000,000 (or 340 undecillion).

However, IPv6 just hasn’t gotten its act together. Despite so many addresses, only the tiniest fraction is in use right now. Why? Because switching from IPv4 to IPv6 is far from seamless. It’s a little like having to swap out the engine in your car to use a different gas station.

Businesses and homes will have to upgrade the firmware in their routers, at the very least, and might need new hardware. It’s the same elsewhere on the Internet; all the interconnecting yet invisible devices will need to be upgraded or replaced.

How much do you think has been done so far? If you cynically answered “almost none,” you’d be right. To be fair, upgrading crucial Internet hardware presents significant challenges, and that’s perhaps the biggest issue. To continue the metaphor, techies have to swap out the engine in the car when it’s driving along the highway at 70 miles per hour. We can’t simply turn off the Internet for a few hours to make the change.

Operating systems such as Windows and Mac OS X have been IPv6-ready for years but because nobody’s actually using it, it’s not clear how well they’ll work. Put simply, nobody knows how well IPv6 will work when scaled up to planetary level, as it’s hoped will happen within just a year or two.

However, there’s another solution to the shortage of addresses that Comcast is currently trialing. Other Internet service providers (ISPs) might follow, and it’s something we should watch closely because our very Internet freedom is threatened by it.

Carrier Grade Network Address Translation (NAT) allows an ISPs to share one Internet address among many users. An entire neighborhood could share a single address, for example.

Low-level Internet users who do little more than browse the Web or check e-mail won’t know any difference after being switched to Carrier Grade NAT. However, anybody who uses virtual private networking (VPN), who videoconferences site-to-site, or who uses file-sharing software will hit a brick wall. Such technologies simply can’t operate if Carrier Grade NAT is in use, because they rely on users having full IP addresses.

None of the ISPs want Carrier Grade NAT, or so they say, but the last entry in the above list might give them pause for thought: File sharing. Carrier Grade NAT lets ISPs switch off file sharing under the banner of making a necessary technological fix.

Suddenly, ISPs would no longer be a part of the controversial file sharing debate. They wouldn’t have to waste money and time responding to requests from copyright holders to identify file sharers. There’d be no more government pressure.

Sure, business users who want to videoconference or VPN into their workplace will complain at not having “proper” Internet connections, but they can always upgrade to a more expensive “business” package, whereby they get their own IP address. And we know how much ISPs love arbitrary price tiers.

Alongside IP address exhaustion, another warning sign of the times is the proposed expansion of general top-level domains (gTLDs). Top level domains are the endings of Web addresses, such as .com and .org, as well as country-level domains, such as .uk for the United Kingdom, and .de for Germany.

At the moment everybody in the world either has (or wants) a .com address, even though this rarely makes much sense. I’ve registered my name as a .com (, for example, even though I’m a human being and not a commercial entity. It’d be much better if there were a .author or .journalist domain for people like me. In fact, there should be top level domains (TLDs) for every profession, type of business, product, and so on.

The whole world relying on grabbing .com addresses is insane, and an anachronism from when the number of Internet-connected computers didn’t reach triple digits. There are other TLDs, of course, such as .net, but .com has a stranglehold over the public’s imagination.

However, this is set to change. The Internet Corporation for Assigned Names and Numbers (ICANN) has finally finished debating a massive expansion of the TLD space, begin in 2008, and will soon be inviting applications for new TLDs. Within a few years we could soon see .music domains, for example. Just about anything is possible.

However, the government isn’t entirely happy about this. Actually, it’s concerned about offending other governments, as a leaked memo from the Governmental Advisory Committee (GAC) has revealed. It wants governments to be able to veto new TLDs on grounds of taste or decency or, in fact, whatever reasons they dream up at the time.

The problem is this: What one person in one country finds offensive, somebody in another country might consider healthy. Possibly the most controversial new TLD proposal is .gay, for example, which would represent the interests of the homosexual community. Broadly speaking .gay would be acceptable in the United States and Europe, but could go down badly in countries where homosexuality is outlawed, such as Iran or Saudi Arabia.

On the other hand, if TLDs like .gay came into force, there’s a strong chance countries that take offense would simply ban them, and thereby break the Internet’s democratic approach. The Internet could become fragmented, with access to domains governed entirely by the sensibilities of the party in power in a country at any given particular time.

It’s at times of change that organizations and systems are at their weakest, and it certainly feels as if the Internet is both weakened and under attack at the moment. The Internet we use in just a few years’ time might look and operate radically differently compared to what we use today.

Keir Thomas has been writing about computing since the last century, and more recently has written several best-selling books. You can learn more about him at and his Twitter feed is @keirthomas.