The recent hysteria about the massive and unfortunate AWS outage in US-EAST-1 and their S2 storage issues. Has raised the discussion about the vulnerability of the Internet. First lets be clear here, the Internet is NOT services like Amazon, or Google, or Dropbox, or any one of thousands of ‘Sites’ ON the internet. The Internet did not fail during the AWS outage, Sites on the Internet were offline, as in, “not on the Internet”, or at best unavailable as a facility there on.
The internet is a web, which can be fragile, but is mostly fairly resilient to most things, including facilities being disabled, or unavailable. So when you listen to talk about ‘LOSING the INTERNET’ take it with a grain of salt. It’s probably more about loosing connectivity with someones favorite destination on the Internet, facebook, Netflix whatever and less likely about the Internet actually being down.
While working on an TCP/IP problem today, I was finally struck by the fact that we have for all intents and purposes expended the entire TCPv4 addressing space. I knew it was coming, years ago, but now while testing IP addresses, it dawned on me.
You can now pick any arbitrary set of numbers nnn.nnn.nnn.nnn and expect a response. Ping them, probe them, something will be there, or it’s being held. All gone, this is the equivalent of spitting in the middle of an ocean while swimming, you are going to hit ocean.
4,294,967,296 (232) addresses gone, 4 Billion addresses in use…..
In this age of ‘Big Data‘ the masters are the ones who hide in plain sight. If you generate billions of media bits that must be parsed by the powers that be, the devil really is in the details.
During a stint in a fraud unit I learned that the trick wasn’t to read all the monitored data, but to build patterns of ‘normal’ for everyone monitored. If the patterned changed then something had changed, and an investigator was assigned.
Another article I keep remembering is an interview with a ‘Ninja Assissan’ who was quoted as;
” I never sleep in the same bed two nights in a row (he had 5 bedrooms), and he never ate the same thing for breakfast (though he always ate what he wanted)“
Hence the pattern he would generate would always be random, and therefore a consistent repeated event would be considered abnormal and a ‘red flag’ that something wasn’t normal.
So to hide, and maintain privacy would be to either overwhelm the bit watchers, or develop such a random lifestyle as to make normal pattern matching methods useless.
anyone want to be a Ninja Assissan?