惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Engineering at Meta
Engineering at Meta
人人都是产品经理
人人都是产品经理
大猫的无限游戏
大猫的无限游戏
博客园 - 三生石上(FineUI控件)
量子位
腾讯CDC
The Cloudflare Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
云风的 BLOG
云风的 BLOG
Vercel News
Vercel News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
L
LangChain Blog
aimingoo的专栏
aimingoo的专栏
The Hacker News
The Hacker News
T
The Exploit Database - CXSecurity.com
B
Blog
S
SegmentFault 最新的问题
P
Privacy & Cybersecurity Law Blog
T
Threatpost
博客园 - 聂微东
T
Tailwind CSS Blog
The Last Watchdog
The Last Watchdog
C
Check Point Blog
N
Netflix TechBlog - Medium
D
DataBreaches.Net
爱范儿
爱范儿
IT之家
IT之家
S
Secure Thoughts
M
MIT News - Artificial intelligence
NISL@THU
NISL@THU
C
Cisco Blogs
TaoSecurity Blog
TaoSecurity Blog
有赞技术团队
有赞技术团队
A
Arctic Wolf
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
P
Proofpoint News Feed
Spread Privacy
Spread Privacy
Schneier on Security
Schneier on Security
Simon Willison's Weblog
Simon Willison's Weblog
G
GRAHAM CLULEY
雷峰网
雷峰网
Project Zero
Project Zero
博客园 - Franky
H
Heimdal Security Blog
A
About on SuperTechFans
Security Latest
Security Latest
Webroot Blog
Webroot Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Hugging Face - Blog
Hugging Face - Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More

ashishb.net

A day in Luxembourg - the richest country in the world I was asked to install malware during a fake interview Book summary: Breakneck - China's quest to engineer the future by Dan Wang Book summary: How to Teach Your Baby to Read Book Summary: The Discontented Little Baby Book by Pamela Douglas Introducing Amazing Sandbox - run third-party tools and AI agents securely on your machine Why software outsourcing gets a bad reputation? Book summary: The Natural Baby Sleep Solution by Polly Moore A day in Antwerp, Belgium Journey of online influencers Two days in Brussels, Belgium Shortcuts - when we love them and when we don't A visit to Rakhigarhi Three days in overhyped Paris Empty Japan, crowded Tokyo The real lock-in in GitHub is not the code, but the stars 11-day Norwegian Breakaway East Caribbean cruise Sanskrit and Sri Lankan Air Force Use REST with Open API The Achilles heel of American capitalism Costa Rica in 4 days At a juice stall in Sri Lanka A short stay at Warsaw, Poland Best practices for using Python & uv inside Docker Two days in Vilnius, Lithuania How IntelliJ IDEs waste disk space Pregnancy Why there aren't many digital nomads from India Two days in Riga, Latvia To keep your machine secure, run third-party tools inside Docker Family Ties in Your DNA: Some relatives are closer than others Doctors per capita Two days in Tallinn, Estonia Ship tools as standalone static binaries Made in America Two days in Helsinki, Finland Maintaining an Android app is a lot of work The land of good deals Two days in Oslo, Norway FastAPI vs Flask performance comparison Google Search is losing to Perplexity Two days in Dublin, Ireland Continuous integration ≠ Continuous delivery World's simplest project success heuristic London in 5 days It is hard to recommend Python in production Inflation, IRS, Credit cards, and Vendors Temu and the Chinese approach Things to do in Miami Florida Revenue vs Cost Axis Language learning as an adult The unanchored babies of the green card limbo Price variance in the United States A day in Louisville, Kentucky A surprisingly positive experience with Air India Unhospitable Airports Android: Don't use stale views USA = Union of Sales and Advertisement A day in Nashville, Tennessee Minimize Javascript in your codebase A day in Birmingham, Alabama In defense of ad-supported products Real vs artificial world The science behind Punjabi singers Hiking Mt. Fuji The Indian startup bubble is insane Repairing database on the fly for millions of users Book Summary: One up on Wall Street by Peter Lynch It is hard to recommend Google Cloud At the Prague airport Kyoto in three days Migrating from WordPress to Hugo Book summary: Sick Societies by Robert B. Edgerton Statistical outcomes require statistical games Illegal immigrants to Europe via Cairo Tokyo in three days Mobs are Status Games Writing Script matters as much as the spoken language Sri Lanka in 5 days LLMs: great for business but bad business Book Summary: Safe Haven by Mark Spitznagel Mac shortcut for typing Avagraha symbol On a bus with an asylum seeker Nicaragua in 5 days When to commit Generated code to version control Why I always buy a local SIM in a foreign country Use Makefile for Android Four days in Guadalajara, Mexico Android Navigation: Up vs Back Hotels vs Airbnb vs Hostels Currency issues in Argentina Abstractions should be deep not wide Some data on podcasting Always support compressed response in an API service A day in El Calafate - Patagonia, Argentina Hermetic docker images with Hugging Face machine learning models American Elections The sound of "ch" API services should always have usage Limits Hiking in El Chaltén - trekking capital of Argentina
Towards a broken future of Internet
Ashish Bhatia · 2011-12-25 · via ashishb.net

Internet, which initially started as a DARPA experiment is [still] under the indirect control of USA government through ICANN despite several objections from Europe as well as IBSA. This worked when most users were from the western world with the notable exception of China and few minor quirks. But in the past few decades, not only the governments around the world are putting more controls but also the internet users (as well as enterprises) are fighting back against US control. In this blog post, I will describe the main threats to the existence of (current form of) Internet.

First, let’s see a few incidents from the past -

Targeted Cyberattacks

Incident 1: Operation Shady RAT, 70 organizations across 14 nations (from the USA to India) fell to targeted intrusions (probably) by a state actor, the operation started in 2006 and continued till 2011.

Incident 2: Operation Ghostnet, primarily targeted Tibetan government in exile (in India) but computers at embassies and foreign ministries of many other governments were compromised as well.

Incident 3: Stuxnet was designed to target a particular configuration of centrifuges at Natanz who operational capacity dropped by 30 percent in 2010. The aim was to (at least) slow down Iran’s uranium enrichment. Given the sophistication of Stuxnet (which exploited four zero-day vulnerabilities), it is believed to be the work of a state actor. A year later, a similar malware duqu has emerged.

Incident 4: Byzantine Hades has targeted 760 companies with the alleged aim of industrial espionage.

Cenensorship

Incident 1: SOPA and PIPA are designed for pro-active blacklisting of domain names which are alleged to be serving infringing copyright content, thus, if domain registered by European national (with no link to the US at all) can be removed from DNS registry just on the basis of one legal notice, of course, European parliament is not happy about it. Laws like this threatens the existence of the Internet as we see it today.

Incident 2: An English national, who is running a travel agency in Spain, had his websites taken down by his American registrar after receiving a notice from the American government that his sites were helping Americans evade travel restrictions to Cuba.

Incident 3: Owner of popular music hosting domain had his site seized for over a year (even though seizure legally are restricted to 60 days) for intellectual property infringement till US government ultimately realized that music was being released on the site by the actual copyright holders.

Incident 4: Indian Parliament considers a new Information Technology Act was calling for a ban on the uploading of blasphemous and controversial content.

Incident 5: Fearing civilian uprising and with the aim of creating a halal network, Iran is working towards creating a national network disconnected from the Internet. The efforts look credible since they are working on in-house hardware (network gears) as well as software (search engine).

Surveillance

More and more governments are opting for digital surveillance sometimes by framing laws, sometimes in a more blatant illegal fashion.

Incident: Multiple attempts were made in Iran for getting fake certificates for major websites (primarily to do man-in-the-middle attack on dissidents), first on 15th March 2011, an Iranian patriot compromised a Registration Authority of Comodo, which is a root Certificate Authority(CA) to issue fake certificates for major sites (which were revoked quickly), two months later, Dutch CA DigiNotar was breached and fake certificates were issued which were used for ~ 2 months before revocation.

Several companies in the USA have engaged in selling technology to oppressive regimes in Syria, Myanmar, China, etc. for cyber surveillance of citizens. But let’s not forget, the Internet was not primarily designed with national boundaries in mind, therefore, it’s not uncommon for these countries to spy on traffic of neighboring countries flowing through them (un)intentionally, as it happened in case of Pakistan’s block of YouTube which went much beyond its national boundaries or when a big chunk of international traffic went through China due to misconfiguration at the end of China Telecom.

Fearing the dangers of spying, USA government does not want its data to be located in data centers outside the USA, the same law has been enacted by Europe and we should expect other governments to follow soon (if they ever purchase cloud storage).

Privacy

Privacy on the internet was not a major issue till user-generated content (or more specifically social networks) became mainstream. Controlled primarily from the United States, they fumbled several times in Europe. Following are a few notable incidents -

Incident 1: A group of students uploads a video showing bullying of a mentally challenged boy on videos sharing site, the Italian court convicts three executives of the company for privacy violations.

Incident 2: A social networking company launches face recognition (with opt-out settings) and is fined by the German government for not making it opt-in.

Incident 3: US courts order a microblogging company to supply account data of a Parliamentarian of Iceland, of course, Iceland is not happy about this.

Incident 4: A search engine company is ordered by French courts to remove defamatory contents about an individual (the contents were generated based on the court cases going against him), of course, the cases are still available online.

And the European Union is working on tougher data protection laws for the companies to access its internal market.

Protectionism

As initially mentioned, the Internet today is virtually divided into two halves - China and the rest of the world (RoW). One can see that this not only enables censorship but encourages protectionism. While RoW has one dominant search engine( google), one dominant social network( Facebook), one dominant micro-blogging site( Twitter) and one dominant video-sharing platform( YouTube), most of these are either banned in China or have a very small market share. Baidu is the search engine, Renren is the social network, Youku being video-uploading and Weibo being micro-blogging site. While protectionist policies usually don’t work in the long run, they do give immediate short-term gains and necessary protection to local companies. And this might encourage EU or Arab-world to follow this route.

While The current tussle is primarily between the USA and Europe (and in some cases USA and China), going by demographic trends and rate of Internet adoption, it is easy to see that in the near future, we are going to have two more major players namely Middle East (with technical know-how supplied by Iran) and India. The clash among these five major players over above issues will certainly threaten the existence of the unified Internet as we see today and lest the above issues are resolved, we are going to end up with a form of the Internet much different from what we currently have.