Does Russia disconnect from the Internet?
One of the biggest bullshit I've read these days is the news that Russia has passed a law that the press describes as "Russia disconnects from the Internet". In reality, things are NOT like that. And if anything, it's the opposite. Let's see why.
If tomorrow a serious minister called a series of network experts and asked them "what are the weak points of the Internet that could be used against our country? And how can we mitigate the damage, or prevent the attack? "Would probably have the same answer that Putin had.
The first problem is BGP. Explaining it is "otherwise simple", but I try.
Perhaps you've never wondered how the data coming out of your computer can find the destination server, on the other side of the world, and especially how they can understand how to get there.
When you drive, you have a navigator. The navigator contains the map and is able to calculate a route. But in IP packages you can't put a browser: after all, if you even put it, which map would you insert? Someone should give you an updated map.
So imagine that no, the navigator is not in your car. But when you come out of your block there is a kind of column, which your car interrogates, and this little column tells it "go to Trissino? The first on the right". Then you pass another neighborhood, your car meets a small column (there are in all the roads that lead outside and inside the neighborhood) and asks again: "For Trissino?" And the column "the first one on the left". And so on.
The Internet is organized around this way, only that instead of "neighborhood" you have to write "Autonomous System". Inside the neighborhood the route is made by "columns" (which are called routers) that are configured locally by who (usually a TLC company) manages that Autonomous System. To exit, however, there are "special" routers that have a global Internet map. But they don't have a map of every IP address, which would be too expensive to manage. They have a map of the Autonomous Systems and of the networks (sets of addresses) they contain.
Why is BGP a problem? Imagine that there is a restaurateur who wants to have many truck drivers to pass in front of his restaurant, around lunchtime. Or a gas station that wants more traffic on its way. It would be convenient if they could convince the columns to be "the shortest route between A and B", isn't it?
Now, imagine that in Beijing there is a restaurant, "Da Wung, Spring Rolls & Secret Service". Who can suddenly announce that his restaurant in BEIJING is the shortest route between Milan and Genoa. What happens is that all the vehicles that from Milan want to go to Genoa suddenly make a "short" detour through Beijing, and pass in front of the Chinese secret service restaurant.
BGP is so "gullible", as a protocol, that it practically believes anyone who announces anything. But not only that: even when there were authorities responsible for addressing and cleaning up ads (which is not, if not very bland: the authorities below deal with distributing IPs, but BGP is in the hands of others), they are almost all concentrated in the hands of countries that … are not Russia. The most powerful is the IANA, the IP address allocation body, which was then "regionalized", and we then have APNIC, ARIN, RIPE NCC, LACNIC, and AFRINIC.
Now, as you can see, Russia depends on the RIPE ( https://www.ripe.net/ ), an institution located in Amsterdam. Moral of the story: if Russia wants IP addresses to be assigned to its users, (I mean IP addresses that are passed in the rest of the world) then it must ask them to RIPE, which then writes the routes so that your package goes, which I know, from Trissino to Moscow.
Good.
What happens if relations between Russia and West Europe become really tense? Well, first of all the RIPE could take away from the ads every Russian route reassigning the IPs to someone else. Or it could "ask" the RIS to change their BGP tables. Here is a list.
But the RIPE gave the peering to the RRC13 in 2005,
And how he put it on could take it off in the event of conflicts. And take back the IPs, signaling an outage of the current routes.
Or, by assigning IPs to someone else, it could lead to spreading BGP messages that actually "steal" traffic:
These are extreme examples, but in the end, it is absolutely true that Russia does not control anything like a regional IP Registry, just as China does not control APNIC, which is based in Australia.
It is as if we were saying that a guy in the Netherlands can stop all Italian cars, or turn off the power to the country, or make motorways inaccessible, or block aqueducts. Now, the Dutch like us a lot, but … if we fight tomorrow?
Here, this is the meaning of Putin's first provision: to make sure that the maps of the Russian AS are completely released from RIPE: they will continue to receive updates and apply them, but, as a (wise) Russian proverb says, “to trust , but also check ".
In reality, Russia is not "disconnecting" from the Internet: it is gearing up because a decision taken in Amsterdam cannot devastate the internal network.
It is clear that RIPE NCC could still "isolate" Russia by exploiting peering with the rest of the world, but after the application of Putin's rules this provision would not damage the traffic between Moscow and St. Petersburg. They would still be cut off, but the domestic economy could continue.
Another thing that will not be able to happen anymore is that someone "convince" Russian routers that the shortest route between Moscow and St. Petersburg is Ramstein, or Pomezia. The rule implemented by the Russians is that when there is a domestic route, it is automatically the chosen one, and the only one possible. Furthermore, they ordered Russian providers to equip themselves so that there is ALWAYS a possible domestic route. In this way, when a Russian speaks with another Russian, he knows that traffic passes through Russia.
On the contrary, right now you don't know exactly which way IP packets go. If you are in northern Italy you probably believe that all the traffic between you and this blog (which is physically located in Germany) takes place in Europe. But it is not so: if the "Chinese Restaurant by Wung, Spring Rolls & Secret Service" has spread the rumor that Beijing is the shortest route between Italy and Germany, it could happen that you are reading the blog by going for Beijing.
As you can see, Putin's move to take control of the BGP is ABSOLUTELY sensible, competent, and that is what all competent ministers in Europe would feel responding to, if only they deigned to know what the Internet is and how useful it is.
Putin has done nothing special: ANY head of state who asks a committee of experts what the worst thing a foreign body could do to devastate the home network is to hear "the BGP protocol is the problem".
But let's move on. Now our head of state has secured BGP, and asks his experts: " After BPG, there is some part of the Internet infrastructure that is crucial, it is also partially under the control of foreign entities, and could be used for disable the Russian network? "
The expert committee would SAFE to answer: of course. After Cicciolina's preferred protocol (BGP), it would certainly be the DNS system.
These are the famous Doman Name Servers, which are organized in hierarchies composed of domains, and if you notice, you can buy a .it domain also from an American provider. But what happens if Italy quarrels with the USA and the USA blocking your provider's dns? Eh, it happens that your Italian site disappears.
But there is worse: the name servers follow a hierarchy, that is when one tries to understand where a domain is, if it is not in cache or is not served locally, one asks other DNS, up to terminate the run at the ROOT DNS.
Now, it is clear that if I were Putin I would be under it: these gentlemen can decide, tomorrow, that ".ru" does not exist. And if this happens, when the caches expire no ".ru" would be more reachable, except those allocated directly to the DNS of the telephone company for which you have a subscription.
Apart from the names involved in the list, I don't know if you notice but this list is "vaguely western". The most "neutral" is netnod, in Sweden. Cogent is located in Washington, Verisign in Reston, Virginia, and the WIDE Consortium is located in Tokyo.
Now, if you were Chinese, Indian or Russian, would you accept this situation? Would you accept that crucial infrastructures in your country are managed entirely by Western countries, if not by MILITARY entities of the most likely opponent?
It is clear that this situation is not tolerable for any country, I repeat no one, who aspires to have a geostrategic policy independent of the West.
It is useless to deceive oneself. Any prime minister of any non-Western power will sooner or later find a "DNS file" and a "BGP file" on the desk.
Because it can't be otherwise.
Any decent technician will have recommended A MILLION TIMES to the governments of China, Russia, Turkey, India, Brazil, Pakistan, and all those who do not want to find themselves in the blackout in the event of a conflict, to REMOVE the Americans from controlling the DNS, and remove BGP control from foreign bodies.
Why everyone, I repeat all, I repeat, all the Western mass media do not explain that Putin's move is the same as the Chinese did (but do you think they allow themselves to check the DNS – even from a Tokyo firm?), Which they did Indians and probably dozens of other countries.
Partly (very partly) they did it also in Germany:
https://www.e-mail-made-in-germany.de/
But nobody shouted "Germany wants to disconnect from the Internet".
The problem is that Putin announced this, and in order not to respond to the public that using the internet WE ARE USING AN AMERICAN INFRASTRUCTURE, they try to put everything on the level of "censorship". Putin wants to censor the internet. Aha.
While who (= the USA) holds an iron control, instead, what does he want to do?
Putin simply asked his experts how to protect the Russian infrastructure from the worst. And the experts responded by mentioning the two dangers that EVERY technician would have mentioned: BGP and DNS.
The defenseless sheep that want to enter the fullness of this century without asking too many questions, if anything, we are Europeans.
It is clear that the US does not like this move. And it is clear that you would not like it even if you did it at EU level. And therefore they will always find a way to sell it as "censorship".
Just as it is clear that in the press throughout Europe nobody wants to raise the problem of Internet "governance": better to discuss unlikely "social identity card", which diverts attention from the real problem.
Putin did it, and at that point the accusation was already ready (and taken for granted): censorship. And you will believe us as boccaloni.
Until you go on google to look for something you remember very well. But you can't find it. And you realize that if it's not on google it doesn't exist, and what you remember remains without evidence: you can't prove that you've witnessed such an event because Google doesn't index it on the first page.
And then you will ask "is this not censorship?"
Here, in that case, try searching on Yandex.