The internet is at war.
Your probably getting a sense you can't believe your senses anymore. Zero Trust.
You don't know who or what to trust. Can you trust this article? I have nothing to sell you.
At a certain point your brain has to trust the signals.
When our brain can't or doesn't we can stumble on stairs, words won't make sense and we believe things that are not true. We think this funny and embarrassing when this happens on camera on national TV.
A computer is no different than a human in this regard. Garbage in garbage out.
All developers have dependencies, the computer, the operating system and the programming language etc. The entire internet as we know it also has one very important one, DNS.
Domain Name Service, DNS was developed nearly half a century ago with the purpose of making it easy for people like you and I to find other computers on the internet without having to remember a list of numbers. It is the tooling that translates the .coms/.orgs etc in the address to the network address of the computer at the other end.
When these DNS resolvers and protocols were developed the community was small, mostly a small group of people writing code (with very poor tools I might add!) because they loved tech and want solve shared problems. In a small community trust is pretty easy. Many of these computers were owned and operated by big business and governments to run critical infrastructure. Groups which at the time could be trusted to tell the truth.
Well time has moved on. Humans have done a lot since then. The internet grew up. We now have companies and apps with more users and revenue than some countries. DNS has been along for the ride. But like anything that just works, we forget about it. Time to move on to the sexier and more profitable projects.
In our excitement to digitally transform our lives we never stopped to go back. To think about that old DNS system, give it some much needed encryption, validation and authentication. A DNS record is a plain text record. For the most part the computers have to trust the network to give the right address to request. Your computer goes to where the network says to.
A plain text record has implications for two major concerns on the internet, security and privacy.
The privacy concern is that every DNS record serves as a quick way to track where your going on the internet. Not the content of your requests, but the metadata. You can examine the record to: know what stores you visited, it wont tell you what you bought.
This data is incredibly valuable and helps generate many of the lists for most popular sites on the internet.
The second concern is much more critical. The security. It's implications are so severe it can even lead to war..
Any computer can claim to be any other computer it wants on the internet. The network does it's best to send the packets along to the intended destination. At the time this was a feature rather than a bug, it enabled reliable delivery of packets even when the computers experienced intermittent interruptions. Hello dialup!
Well this feature combined with some stolen keys can lead to propaganda, extortion and espionage on a massive scale. How? We take for granted that the internet using HTTPS is secure. We see that little lock in our webpage or we push the buy button.
Apps? Well apps can be even worse, you don't get to see the magic under the hood. We just swipe, like and post. We assume that all the software from here to their is keeping us safe and secure. This is true, as long as someone else doesn't have the encryption cert/keys..
Plot twist. If you take the keys, you can pretend to be the company!
领英推荐
You can replace the app or webpage, collect what you want from users for whatever reason you want. Show them whatever you want and if so inclined you could have users interact with fake people (chat bots) pretending to be whomever you want. You can use these people to gather information or compromising information you can use for control. A level of manipulation even Joseph Goebbels could not imagine.
You could start wars and point fingers. You could steal elections. You could get the public to side against a victim and fight with one another. Gaslighting on a planet wide scale.
Well here we are. Someone stole the keys to big tech and is taking us for a ride..
Put your phones down, talk to your neighbors, Touch grass.
Do you really think two nuclear powers want a nuclear war?
We solved this in the cold war. Even the computer could figure out that war is “A strange game. The only winning move is not to play.”
When it comes down to it we all aren't so different after all. If I can join a video call in my underwear and flipflops. We can livestream peace talks.
We are being sold a lie. Cui bono?
Let's build software together we can give to our children. Reach out, let's make this happen.
Richard Stallmann was right, you can't have freedom or a free country without free software.
Lets solve "We the People" problems. Hack(athon) the planet?
Web 3.0 and a truly open identity. "given enough eyeballs, all bugs are shallow"