For some weird reason, humans have an uncanny tendency to react to crises not with the appropriate unification and ‘surviving together’ response, but with an ‘us’ versus ‘them’ mentality.
With the ‘neuland‘ of the Internet having been around for a couple of decades now, traditional leadership and governance people discovered this vast new area for themselves and their ideas. Humans being humans, when confronted with something new, people will try to pattern match it to what they already know. The known terms for international politics are ‘borders’ and ‘sovereignty’, so this pattern matching gave us the new buzz-term ‘digital sovereignty’.
This pressing issue in the policy arena is usually understood as ‘ensuring that a state can exert policy on the (IT) systems used by its constituents, while ensuring that only their own policy is applied to them’.
The classic example of attempts to realize this with policy is most likely the ongoing discussion of the ‘Safe Harbor’ agreement, or whatever the name of the current incarnation is. A similar, more technical, approach is Schengen Routing, which is an attempt to make sure packets from European users do not leave Europe.
What all these approaches have in common is that they dream of a cosy little Internet within the boundaries of individual nation states, or sets of such. Europeans are usually quick to judge economies installing cryptographic backdoors and running national firewalls for censorship. Under the guise of either digital sovereignty or the pretence of protecting groups of vulnerable people they are also equally quick to flock to policies yielding the same results.
At this point, we do not want to pass judgement on these approaches, no matter where they take place. What we would like to point out, though, is that these processes align with our final two propositions:
“Internet sanctions: What once has been thought can never be taken back. The Internet will fall apart.”
This proposition starts with a quote from Friedrich Dürrenmatt’s ‘Die Physiker’ and ties tightly with Proposition 10. The quote relates to a physicist’s perspective on the probability of keeping one’s own dangerous inventions — ultimately an analogy for nuclear fission — from the world. However, it is also relevant in terms of the Internet as technology and proposals with good intentions are developed.
A concrete example: In the wake of the war waged by Russia against Ukraine, members of the Internet community and several politicians called for a multistakeholder approach to ‘Internet sanctions‘. In short, the authors of that open letter called for a multistakeholder mechanism that populates databases, which willing Internet participants can use to participate in sanctions against specific netblocks and domains, ideally by using existing infrastructure for blocklisting IP routes. However, this means that due to the tiered nature of the Internet, the optionality of this approach is severely limited for network participants relying on upstream providers, as long as enough Tier 1/Tier 2 network operators participate.
For example, by observing the reachability of 22.214.171.124 (Sputnik News) from RIPE Atlas probes after sanctions were applied, we can see that the address is unreachable from Europe, but also from the AFRINIC region, which regularly transits through Europe. Yet, other regions such as the United States and Australia, show a significantly higher reachability.
Furthermore, and this is the far more crucial point, this case demonstrates that it is possible to sanction specific IP addresses and networks. In the past, approaches against say piratebay.org or wikileaks.org were mostly circumventable DNS based blocking attempts, with the organized chiming of the Internet community that blocking individual sites is not really possible unless a system like a national firewall is implemented.
It has now been successfully demonstrated that state blocking of resources is possible. Therefore, we claim that this approach will be used again by policy makers. It will also put Internet sanctions on the diplomatic agenda, leading to a fragmentation of the Internet: ‘Well, if you block A, we will block B.’ ‘Well, if you block B, we will just disconnect all of you.’ And then they do.
“Digital sovereignty is being used wrong.”
Of course, we would all like to live in a world that is not falling apart and where defending the united, open, and global Internet from attempts to segment and nationalize it is the most pressing issue.
However, as much as the happy engineers in us that grew up on and with the Internet just want to see packets flow, given the state of our world we also have to consider a much more fundamental meaning of sovereignty that is usually missed: The ability to (re)build and maintain one’s infrastructure independent of another party. And this is something that continues to get harder and harder.
Computers don’t live forever. Capacitors age, up to the point where they can no longer power on a system (shout out to everyone who had a surprise power loss in a datacentre with a lot of legacy systems). Hard disks eventually die. SSDs have an explicit best-before, usually written in stone, erm… firmware, denominated in write cycles.
We all like to tell stories of those Department of Defense contractors that keep buying old DEC Alpha equipment on online marketplaces for horrendous prices. But the truth is that a major part of our digital infrastructure hinges on a steady supply of spare and replacement parts, which cannot be easily produced in a world burned to the ground.
That nice solar energy farm over there? What happens if the mainboard in the controllers dies? You may be able to repair it by salvaging things scattered in the world around us but ultimately there may be a point where we have to replace systems altogether (or, say, just their hard drive).
And then, the hardware problem extends to the software. Where can we get the right control software, system documentation, or firmware, and how do we make it run on a computer it was never intended to run on while the vendor who initially built it lays in the ashes of our burning world?
One might argue that this is not an issue in a globalized world, and our world will stay… fine. However, as we learned earlier this year, all it takes is a stuck ship and a global pandemic to give us a preview into such a future world. When that happened, all of a sudden, we could see how the world can be when it takes months or years for new and replacement systems to arrive. This will only get worse with more and more parts of our world burning down all around us.
Therefore, in a burning world, it may be essential to have the ‘know how’ to keep systems running, widely spread, and locally available. And yes, this includes questions like open(!) and publicly available(!), ideally, open source software and documentation. Otherwise, computers may become rather expensive (and to be honest, actually worse) bricks.
Also, going back to the sum of the earlier propositions, the policy aspect may even be secondary. In the end, it’s about running systems, providing services, and caring for users. Everywhere. As long as we can rebuild.
We’ve shared these ’13 Propositions for a Burning World’ to ask people to start thinking about a resilient and sustainable Internet that should be run with care for its users and the infrastructure itself.
They might be overly bold, lack concrete solutions, and paint a disturbingly dire picture of the world, but we hope you are not too depressed after reading them. However, given the state of the world, we claim that we are past the point of raising awareness and hiding behind ‘that would never happen.’ We can no longer risk staying complacent in the hopes for a better future. We have to talk about these issues now and find tangible solutions. The future will be bleak if we do not make it better, and whether the world goes down in flames or not, preparation is better than reaction.
Our first gut reaction, roughly, translates to ‘Computers were a mistake. Learn to ride a horse and grow your own food’. But that cannot be the answer, not for the billions of people going with us into the future. After all, we are system, network, routing, and many more, engineers.
Calling yourself an engineer comes with the responsibilities to:
- Build a better world for everyone.
- Keep trying to make the world better, even if it looks bleak.
So, to fulfil the ultimate cliché of people who grew up on the Internet, let us close with a Star Trek quote:
“It may be the warriors who get the glory, but it’s the engineers who build societies.”B’Elanna Torres
Adapted from the original posts which appeared on Doing stupid things (with packets and OpenBSD).
Tobias Fiebig is a Postdoctoral Researcher at Max Planck Institute for Informatics.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.