Can the Internet have borders?

12 June 2019 | Alex Henthorn-Iwane,

Cover

Alex Henthorn-Iwane,

Blog Author | VP product marketing, ThousandEyes

Cover

Control of Internet infrastructure has become an increasingly visible issue following the recent signing of the “Russian Internet Law” by the Russian government, and most recently, Iran’s country-wide firewall test.

Russia has been planning structural change to its Internet since 2012, when it implemented a number of criteria to manage the blocking of websites for browsers in the country.

This was accelerated in 2015 with software-as-a-service (SaaS) law necessitating all SaaS providers to host a copy of all data of Russian citizens locally. Few SaaS providers actually complied with this law however, and as of the present day, have not been penalised for their actions.

In 2017, the country prohibited all content-control software and websites. This applied to virtual private networks (VPNs) and anonymisers as well as any website with instructions on how to access government-blocked websites.

This latest move, implementing what has been called the “Sovereign Internet Law”, is the next step by the government to assess whether it is possible to cut off Russia’s Internet from the rest of the world.

When looking at Internet censorship within one country it’s natural to reference the Great Firewall of China, to regulate the Internet domestically.

China built The Great Firewall in 1999, creating all the necessary architecture itself. The Firewall consists of a number of different techniques to monitor and control Internet traffic in China. This level of control is unique to China, which was able to implement the Firewall due to the state’s role in a number of telecommunications companies. China’s unique position is in part due to these companies being monopolised, which helped create the content control system. Another element is that by creating and fostering the Firewall before the Internet had developed to the level of complexity and importance it currently has, China has allowed the growth that other countries have experienced to be restricted in a controlled, organic manner.

The Great Firewall is upheld by fibre-optic cables, which have access to China’s Internet at one of only ten backbone access points. Until 2015 this would have been even fewer, with only three points of access. With international traffic limited to a small number of access points and Chinese Internet service providers (ISPs) licensed and controlled by the Ministry of Industry and Information Technology, Chinese authorities have a far greater autonomy over Internet traffic than in other countries.

Russia’s Internet, on the other hand, has not developed with this level of control in place. It’s internet is part of the World Wide Web, woven in with European and global services which would prove extremely tricky to break away from.

Implementing a “disconnection”

The simplest approach would be Internet Protocol (IP) blocking - economically and efficiently the most viable option, in China this is carried out by Border Gateway Protocol (BGP) using null routing. Banned IP addresses are sent to routers, which drop all packets destined to these blocked IPs. This method allows the country to block access to specific sites or public domain names.

Other techniques employed with IP blocking include domain name system (DNS) tampering. By altering the response from the DNS server, via intentional configuration or DNS poisoning, the site can be inaccessible on both the domain and IP levels.

Routers can also interrupt DNS requests, identified by certain keywords, and insert forged DNS replies, thus preventing “unwanted” Internet traffic.

Other techniques include:

  • Monitoring: The Chinese state monitors traffic, including URLs for censored terms. This technique is not fully comprehensive however, catching just some traffic rather than acting as a blanket firewall.
  • Moderations by humans: The Chinese Internet police force is around 50,000 strong, watching online content and censoring where it deems appropriate.
  • Self-censorship: China has introduced laws meaning all Internet companies must ensure that their content complies with the strict censorship laws, imposing strict penalties if they are not upheld.

Free Internet or “splinternet”?

There are cases of countries limiting access to the Internet already. In Saudi Arabia, its DNS requires URLs to be converted into a purely numerical format, which is directed through a controlled proxy service to be denied if not appropriate.

The current state of the Internet is open, allowing traffic to flow freely across countries. Privacy and censorship is seeping in however, with GDPR and various privacy laws. For example, if a company based in the US was looking to do business in the EU, it must host all data stored within the EU to comply with GDPR. Along with data privacy, another reason for this is encouraging US companies to invest in Internet infrastructure in the EU.

Overall however, the arrival of a splintered global Internet appears to not be upon us.