Internet regulating and standardization main bodies are: ISOC, IAB, IESG, IRTF, IETF, IANA, ICANN, ARIN, RIPE NCC, APNIC, W3C, NSF, GIIC, CAIDA, USIIA, NANOG, IEEE, WebStandards.
OK, so that was it, folks, see you next week!
Just kidding of course, but what an impressive list, isn’t it?
And it’s only partial because internet governance is actually exerted by a mix of private, state-national and international entities.
A strange mix to match its complexity; after all we’re talking about controlling an invention whose primary goal by design was to keep on working even if parts of it are, for some reason, shut down (on 9/11, a major switching center in south Manhattan was distroyed so locally the services were disrupted but they got restored just 15 minutes later when the center “healed” as the built-in protocols routed users and information around the outage).
In our previous article we’ve made a short description of the Domain Name System (DNS) and told you that each device connected to a TCP/IP network has an IP address assigned for identification and that internet websites have, besides the IP address(es), a worded or mnemonic name (we exemplified with www.BigDiscounts.com) for easier understanding of its nature and for not having to care about its underlying technical identification details.
In other words, you can read this article because when you’ve requested this page the DNS translated the worded name into the IP address of the server where our website is stored and because your request also contained your own IP address so the server knew where to send back the page as requested.
Your IP address (fixed or temporary) was assigned to you by your Internet Service Provider (ISP), you being part of its network while the ISP itself is being interconnected with other networks.
But just having IP addresses is not enough, information packets need to be routed back and forth, that is pointed to the correct physical destination then the reply packets need to get back to the sender of the request.
Routing works just like you would expect from everyday life: “Hi, I’m Abraham Delacey, do you know where I can find Giuseppe Casey?”
“Sure“, the answer might be, or either “No, but go ask Thomas O’Maley there, he knows everyone’s location in the neighbourhood“.
Networks (the ones named “Autonomous Systems“- AS) communicate with each other by using a special routing protocol named Border Gateway Protocol (BGP) each network being assigned by IANA an identification number called Autonomous System Number (ASN) and each network holds a portfolio of IP addresses having same routing prefix.
If you’re curious, you can click here to see your IP address and the ASN of your ISP (AS).
IP blocks of addresses are generally assigned based on regional (geographic) criteria so maybe from now on you will be less shocked when seeing some websites displaying your exact location (country and city).
To summarize, if you’re connected to the internet you certainly have an IP address which belongs to an AS (your ISP) which announces it via BGP to all other BGP-based routers in the world.
Routers are meant to provide the best available path to the desired destination so for example, if you are in Taiwan watching a YouTube video, you’ve probably got it from a Google cache server located in Taipei while someone else accessing the same video from France would probably get it from Google servers in Paris.
These are mere (and not necessarily real) exemplifications just to illustrate the distributed and redundant nature of the internet, i.e. there are many possible paths to and from a given internet resource and the resource itself might exist in multiple copies stored on multiple machines located at multiple geographically distinct regions.
Which explains (among other explanations) why controlling the internet can be quite tough but -paradoxically- quite easy at the same time.
So how is the internet being governed ?
Well, there are multiple and separated levels of control (local, national and international) and controlling bodies can be private, state-owned or international non-profit organizations.
The bottom-most level example is you forgot to pay the subscription to your ISP in due time; the ISP will interrupt the connection between you and itself and therefore the connection between you and the internet world.
It is the most peaceful example too, because on another level imagine your country’s government decides for some reason to interrupt the internet access on its territory.
They can easily do that by notifying all ISPs in the country to stop announcing the IP adresses and ASNs to the BGP worldwide community.
No IP address – no internet, so there!
And yes, they can do that because ISPs, although in most cases private entities, have to obey the laws of the country where they are operating as the right to operate is usually granted by the state via licenses.
So a simple threat with license withdrawal will be enough to make any ISP surrender and follow the notification.
This is what happened some 2 years ago in Egypt and exactly 1 year ago in Syria too.
The measures, of course, apply only for the population as it turns out that governments themselves cannot run without internet so even if war errupts they keep running some (obviously strictly controlled) networks instead of complete, hardware-based disconnecting.
But what if your government wants “only” to block your access to certain (foreign) websites?
They have enough options, have no worries about that!
To begin with, they can intercept all outgoing and incoming traffic and filter out (by analyzing the URLs and packets) the unwanted parts; this approach was used by Iran in 2009 but the world champion is “The Great Firewall of China“, a massive survelliance and censorship project run by the Chinese Government (you can check here whether your website is being censored in China or not).
But there are more fancy methods too, through which not only do they block the access to a website but they can also shut down the website itself as well.
As explained above, Autonomous Systems (like ISPs) announce all BGP routers about the IP addresses to which they can provide access.
But what happens if “for some reason“, an AS, say the Pakistani Telecom (ASN-x) announces the entire BGP worldwide community it can provide access to a set of IP adresses which in reality belongs to say, YouTube (ASN-y)?
In that case there will be 2 different ASNs advertising a same set of IP adresses of course, but if ASN-x Pakistan Telecom announced its provider a more specific route than the real one by just changing a termination (22.214.171.124/24 instead of YouTube’s 126.96.36.199/22) and this announcement leaked from the direct provider of ASN-x propagating in the entire world, then traffic starts flowing towards the false adresses instead of the rightful ones.
It happened in February 2008 and caused YouTube a global outage for about 2 hours, despite their impressively prompt countermeasures starting just minutes after the hijack started.
After this… let’s call it “incident“, Pakistan continued banning YouTube on its territory, nowadays a challenge to remove the ban being trialed…in Pakistani Courts of course.
All in all, when it comes to state powers over the national part of the internet any state can do pretty much whatever they want, with or without justification for their rightful or abusive acts.
Each country has its own laws regarding the internet and control is enforced via national bodies which, by collaborating or not with other national or international entities, allow full control over the nation-wide internet.
Here in France, our Company (all our products GdPicture.NET SDK, PaperScan and ORPALIS PDF Reducer included) is strictly supervised by a very serious controlling French body too.
The body was created some 32 years ago, is about 1.8 meters high, weighs around 70 kgs and is named LOIC .
See you next week for the second part of this article, folks!