Questions on an Internet kill switch


  • Is such a switch possible? 

Possible, though not easy. The Internet was designed to be robust and has done a pretty good job. To really stop access for a majority of people would really require going after DNS servers or switches en masse.

  • What would it take to put it in place? 

Rather than have every switch and router wired to shut down on receiving a signal from a big red button on POTUS’ desk  it’d probably be easier to do by just ordering major carriers to shut things down. Assuming that they’ll comply with such an order in a time of crisis that would do. I.e. you don’t engineer a disable mechanism into the whole Internet you just tell enough of the critical carriers to shut things down when required. That can be better than trying to engineer a disable mechanism into the infrastructure. The problem with building in a disable mechanism  is that if someone figures how to hack into it you’ve just handed them a way to shut everything down. Talk about a tempting target.

  • Is it a good idea technically? Or more to the point, will it do any good? 

It seems like a solidly bad idea. First, (as above) building a disable function in is adding another poorly understood vulnerability. Second, it’s pretty likely that there’ll be undesired consequences of shutting things down. None of us have an exhaustive picture of stuff that will stop working if we shut things down. For all we know there are babies in ventilators controlled by machines that poll the Internet for something or other. Now it’s a really, really bad idea that babies in ventilators have any such dependency but you don’t know what stops working until you hit the switch.  Third, shutting down communications channels has a mixed history.  It seems to be a tool more used by those who are also happy shutting down TV, newspapers etc.


About cormac

Very, very occasional thoughts on security from Cormac Herley
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s