SUBSCRIBE:
David Horowitz

How Egypt Shut Down The Internet

by
Posted on January 31 2011 1:10 am
David Horowitz is the editor-in-chief of NewsReal Blog and FrontPage Magazine. He is the President and CEO of the David Horowitz Freedom Center. His most recent book is Reforming Our Universities

I received this email from a knowledgeable friend:

The difference boils down to something relatively simple — Egypt, unlike China or Iran, didn’t want to control the conversation. They wanted to silence it, which is perhaps logical since clearly they had already lost control.

What they did is actually fairly interesting. They had started by blocking Facebook and Twitter, and they seem to just gone all the way to shut down access a few days later with no steps in between. They shut down access in two ways:

-At around midnight Egypt time all the BGP routes for Egypt where withdrawn from the Internet routing tables within a lapse of about 15 minutes (except for one ISP, Noor, speculation is because the stock exchange uses it as its last fallback, and it has remained connected throughout). BGP (Border Gateway Protocol) is what is used to establish a route between two machines on the Internet. IP packets generally will travel through multiple routers to get to their destination, and the BGP routes are used to both find a path and to optimize it. For example, at Ning, we publish different BGP routes for different ISPs, so if you’re on Comcast you will have to first route to one of the providers we peer with (e.g. Level3) and then your packets can be routed to us; in the case of AT&T for example, since we have a direct line to AT&T’s backbone, we can publish routes that state essentially that if you’re on AT&T’s network you can route directly through them which will be more efficient than jumping out and back in.

-They also appear to have started refusing queries to DNS servers so names couldn’t be resolved to IP addresses. It’s not clear if this was direct or an effect of the BGP routes being withdrawn

Think of BGP routes as directions in a map that let you navigate from point A to point B. These two actions together not only have the effect of wiping out the “map” to reach IP addresses to, from, and within Egypt — they also literally wiped out nearly all of Egypt’s Internet infrastructure from the map that is maintained by global Internet routing tables.  In effect, at the moment, Egypt basically doesn’t exist as far as the Internet is concerned.

What is interesting about what they did is that they took themselves out without affecting anyone else. The physical and logical routing infrastructure in Egypt is intact (this wasn’t a few people unplugging things or cutting cables, like I’ve seen mentioned in a couple of places), which is important not only because they need to be able to bring it back up eventually, but also because Egypt’s routers sit “upstream” from other countries, and a significant portion of Internet connectivity between Europe and Asia goes through Egypt (look at a map and try to trace mostly land-based fiber connections between say, Europe, and the Arabian peninsula or South Asia. Turkey could be an option but between Turkey and the rest you have Syria, Iraq, Iran, and Afghanistan, which you can’t really lay fiber through for obvious reasons. So either you route North, through Russia (taking the really long way around, since you have to avoid all the shaky countries sandwiched between Russia, China, India/Pakistan and Saudi Arabia/Egypt), or South, through Egypt.

Had they just unplugged, they would have taken out large portions of routing for North Africa and the Middle East, not just themselves, and while alternate routes could be found in many cases, some countries would have experienced either partial or total loss of connectivity until alternate routes where found.

The actual process appears to have been fairly low tech as well and somewhat rushed since it was such a blunt instrument. There’s charts out there that shows the different ISPs going dark but in blocks, first one, then a few minutes later another, then another, which suggests someone making phone calls to confirm the operation when people where already standing by (they shut down cellular and internet, but not land lines). This wasn’t someone pulling from a centralized switch.

What China does (and what US ISPs do with more “benevolent” purposes, such as Comcast’s traffic shaping for bittorrent or capturing of unresolved queries to show their own search results) is filter a large portion of their unencrypted traffic and somewhat restrict encrypted traffic. China’s “Great Firewall” in particular is a fairly complex system, involving hardware, software, people, and processes. Its aim is not to eliminate traffic but to try to shape it, specifically to try to shape the majority, and not the totality, of the information. The reason is that because of how the Internet works it is essentially impossible to truly control all traffic while maintaining any kind of connectivity. If someone can reach out to an IP address outside of your control (or if an external IP address can reach in) then you can’t really guarantee what traffic is going through there. Even if you could quickly chase down offenders using, say, encrypted connections, you’d be playing a losing game of whack-a-mole. And you’d end up shutting down large portions of your infrastructure anyway. Tunisia tried something similar to Egypt (withdrawing BGP routes) on a far smaller scale, but it obviously didn’t work well for these reasons.

Iran, during its recent events, didn’t filter as much as restricted bandwidth to make the Internet much harder to use, but not impossible, which speaks to their limited technical capability with perhaps a somewhat deeper understanding that if you remove internet access all sorts of things will start to go wrong. How would your oil get delivered? How would logistics work? What happens to credit flows, even in these economies where capital movement is fairly restricted? This is the question now with Egypt.

Even now people are using landlines to connect out to international ISPs, mostly in Europe, to get some information out. And there’s reports that SMS service seems to have been returning, so perhaps they’re pulling back, which maybe implies they know this is a losing battle. They bluffed and it didn’t work.  It is hard to see how they keep their economy from imploding if they don’t open up access again this week. Then again, who knows what the people in power are thinking and how far they are willing to go… so anything’s possible.

No comments yet

Leave a Reply

Note: You can use basic XHTML in your comments. Your email address will never be published.

Subscribe to this comment feed via RSS

Copyright 2014 NewsReal Blog

The Theme Foundry