The Computer Corner
By Charles Miller
Crossed wires? The pizza example will explain
One look at my email inbox plus a couple of conversations that took place in the Jardín tells me my attempts to explain DNS and DNSSEC in an earlier column left a lot to be desired. Several Atención readers indicated to me they saw no reason to be concerned about what is now going on in the US Congress because they could not understand how any of what was going on up there could have any effect on them here in Mexico.
The truth is there are a lot of reasons to be concerned about the actions of the current administration in Washington because of the possible consequences affecting every internet user on earth. For this reason I am going to make another attempt to describe what is happening and how it might affect all of us online.
Domain Name System (DNS) is a database system that translates a domain name such as gmail.com into its numeric IP address 188.8.131.52. Without this the internet does not work, period. The proposed Domain Name System Security Extensions (DNSSEC) is an improved and more tamper-resistant DNS system that would be completely scuttled by several legislative proposals before the US Congress.
If you think this does not matter to you, then please try to understand this analogy: Pretend there are two competing pizza parlors in town and one decides to tamper with the telephone circuits so that when you call in an order to Jiffy Pizza you actually end up talking to Soggy Pizza. When your doorbell rings and you open the door to see the delivery driver from Soggy Pizza rather than Jiffy Pizza you might ask, “What happened to my Jiffy Pizza order?” The Soggy Pizza guy might answer, “Gee whiz, I guess the phone company crossed the wires again.” Then he adds “Ain’t no use your trying to call Jiffy Pizza again because you can’t get through to them, so why don’t you just buy this Soggy Pizza instead?”
This example takes on a more sinister aspect if you dial the phone number for your investment broker and unbeknownst to you your call gets routed to some crooks pretending to be your broker. Or all the calls you try to make from your home phone to any doctor’s office get routed instead to voicemail at your HMO. It would not take much of these shenanigans before a lot of people would have to give up altogether on using the telephone as a method to communicate.
This exemplifies the threat to the internet poised by the actions of the current administration in Washington, DC, US Immigration and Customs Enforcement has already tried to block access to foreign web sites trafficking in pirated goods, thus temporarily censoring access to these web sites to every user of the internet worldwide. That attempt at censorship does not last long because those web sites can un-censor themselves by using an alternate DNS. The more censorship the US government attempts to implement, the more alternate DNS servers will be brought on line to circumvent that censorship, and this situation is tailor-made for criminals. When the U.S. government censors the master DNS, alternative DNS servers to un-censor the blocking are soon advertised, but will they be trustworthy?
Criminal enterprises are guaranteed to take advantage of this confusion. When it is no longer possible to know you are connecting to the intended web site then it will no longer be possible to safely transact any business at all online. Officials in Washington D.C. need to be made to understand that tampering with the internet’s Domain Name System undermines the foundation of the internet resulting in lasting and far-reaching repercussions worldwide.
Charles Miller is a freelance computer consultant, a frequent visitor to San Miguel since 1981 and now practically a full-time resident. He may be contacted at 044-415-101-8528 or email FAQ8 (at) SMAguru.com.