In the final podcast for 2025, APNIC Chief Scientist Geoff Huston discusses the problem of independent measurement in an Internet that is increasingly ‘going dark’.
Communications has always included a risk of snooping, and a matching component of work to enhance privacy. From the simple ciphers of antiquity to the long history of concealing and uncovering messages, societies have repeatedly tried to prevent and detect interference with their mail. Later came the use of telegraph codes, the cutting of telegraph lines during wartime to force messages onto radio where they could be intercepted, and eventually the development of modern encryption built on public–private key pairs. Throughout it all, private communication has been shaped by a continual cycle of attack and response.
Aside from matters of state security, the banking and finance sector relies on a certain level of privacy and, in many cases, is now legally required to protect it so that credit card information can be used safely online. Many other contexts also assume a degree of privacy and use technology to maintain it. At a fundamental level, individuals using the Internet are entitled to expect a reasonable standard of privacy wherever the law allows it.
The publication of RFC 7258, ‘Pervasive Monitoring Is an Attack’ in 2014, formalized the view that third-party intrusion into communications between two endpoints should be treated as an attack, and that technical measures should be used to prevent it wherever possible. Protocol designers and Internet engineers took up that challenge.
This position led, over time, to a significant rise in the use of privacy-enhancing features across Internet protocols. One visible example is the web’s shift from http:// URLs to https://, where content is protected by the Transport Layer Security (TLS) protocol. HTTPS now overwhelmingly dominates web traffic globally.
However, significant parts of Internet communication still ‘leak’ information to third parties. Between an individual and a web service lies their provider, multiple intermediate networks, and often a content distribution platform hosting a local copy of the site. Each of these actors has some opportunity to observe or infer what is being accessed and by whom. The DNS typically exposes the name and address of the destination across many types of protocols, not just the web, and it reveals this information to whatever intermediary systems handle the lookup along the way.
In response, new services have emerged that split DNS resolution into separate, disconnected parts; one that reveals what is being queried, and another that knows who is making the query. Intermediaries may see one piece of information, but not both. A system might see that a question is being asked, but it cannot tell who asked it; or it might know the identity of the requester, but not the name they are trying to resolve.
Combined with newer network protocols such as QUIC, which impose a strong end-to-end encryption model and even hide inter-packet size and timing information (another source of leakage that can be used to infer the type of traffic), it has become increasingly difficult for independent researchers to observe what is happening on the network. In many respects, the network is going dark.
In this episode of PING, Geoff examines the nature of privacy across the Internet and explains how APNIC Labs works around these challenges through its measurement system.
PING will return in January 2026 with another season of episodes. Until then, enjoy this final recording of 2025, and see you online in the new year.
Subscribe and share your story
You can stream and subscribe to PING via the following channels:
If you’re interested in sharing your insights or research, please get in touch — we’re always looking for great stories from the community. Please let us know what you think of the podcast and the APNIC Blog so we can keep improving.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.