I just saw this piece from Gizmodo (via BBC) entitled: "7 People Have Been Entrusted With the Keys to the Internet" and they go on to describe some fuzzy post apocalyptic Internet catastrophe where presumably the Internet is dead. This is when, (according to the article):
A minimum of five of the seven keyholders -- one each from Britain, the U.S., Burkina Faso, Trinidad and Tobago, Canada, China, and the Czech Republic -- would have to converge at a U.S. base with their keys to restart the system and connect everything once again.
Now I, as Judy Consumer, am shocked that something so important like the Internet needs keys to restart it (it sounds so 20th century). Then, I worry about what would happen if they can't find the minimum quorum (heck if the Internet's dead -- who knows who else is too). But mostly I am confused about how the Internet (a.k.a. lots and lots of interconnected networks with billions of computers) can be "brought down" at all -- much less how 7 "keys" (actually they are smart cards which contain crypto keys) can restart the whole enchilada.
This article really just stopped me in my tracks (I suspect that was the point -- but read on). I re-read the article and most of the comments share my bafflement. While I feel better to know I am not the only one shocked, worried and confused by this piece, I am also starting to get angry since it appears this piece was written solely for its shock value lacking any practical explanation of the reality of the situation.
Now when I get into a hissy about a technology subject, I have my technology "go to team"; ex-colleagues from great technology companies like Bell Labs, AT&T, Lucent, CA or Comodo, who explain the ins and outs of many of the technologies out there. In this case, my technology "go to" person was Igor Seletskiy, CEO of Cloud Linux, a close colleague who has a long history of creating the systems and security infrastructure for web hosts -- the backbone upon which the Internet rests.
"Can this be true?" I ask him rather agitated. His reply; "Yes, it is true, but not in the way you think." He explained rather gently (to allay my worries) that the "doomsday scenario" mentioned in the article is, in reality, neither doomsday nor even all that impactful to most people. Yes -- it would impact the Internet but for most people it would not be the doomsday scenario so dramatically pitched in the article's headline. In the worst case scenario (which again he hastened to add is not all THAT bad) some rogue organization would hack into or otherwise disrupt the DNS servers -- these are the servers that translate your user friendly web address (e.g. www.mycoolsite.com) into an IP address that the "Internet" can understand (e.g. 126.96.36.199). He emphatically emphasized (again knowing my proclivity to worrying) that bringing down DNS servers was really really hard. And even more, he continued, the issue of DNS servers going "down" is not a new concept in the industry. In fact, the DNSSEC (Domain Name System Security Extensions) is a protocol tasked with preventing many of the spoofing issues that can plague the Domain Name System (DNS) as used on Internet Protocol (IP) networks.
Net, net for Igor, even if the worst would happen, this would largely be a "non event" for Judy Consumer. In fact, he was courteous enough to provide a video that would explain how the whole keys thing would work, (but I caution you -- this video is rated TG-13 - Technology Guidance required - ideally from someone about 13 years old - http://www.cdns.net/key-signing.html)
Thank goodness, I have people like Igor who can help me understand technology as it swirls around because I can now cross off that particular, "OMG the Internet can go down," worry from my worry list. And now, so can all you Judy Consumers out there too. Thank you Igor :)
P.S. -- Hi all you "Judy Consumers" out there. If you see a technology story that baffles or puzzles you - send it to me. Perhaps with my "Go to" team, we can help sort through the nonsense from the news you need to know. Let's have "zero tolerance" for silly tech stories that are meant to provoke for the sake of generating clicks. We can stop the madness. So go ahead, email me at; firstname.lastname@example.org or DM me @twitter.com/judyshapiro.