Executive Corner

Is There Really An Internet “Kill Switch”?

Everybody is talking about the Internet being shut down in Egypt, both in terms of how it was done and what the event really meant — and, quite frankly, I’ve been surprised and disappointed with the level of misinformation out there about this issue. I have nothing political to say, other than perhaps to just generally reiterate my belief that censorship of the Internet is a bad thing. What I want to do today is look at what happened in Egypt and use it as an opportunity to talk a little bit about whether such a thing could happen to the Internet as a whole.

So: How does the Internet work, and can it actually be “shut down”?

The wonder of the Internet is how decentralized it is. There is no primary authority with the power to “govern” the Internet (except perhaps for ICANN — but more on that later). So, if somebody wanted to “turn it off,” there would literally be no place — in the real or virtual world — where they could go to do that. The Internet is, quite literally, everywhere.

Imagine the series of tubes that connect your house to its water supply. Now imagine if your water supply was interconnected in countless smart and fault-redundant ways to all the water supplies in the world, so that water could easily reach even the furthest destinations. That interconnected system is a rough imagining of what the Internet looks like.

As the Internet becomes ever-more entangled in our daily lives, it doesn’t seem farfetched to worry about whether what happened in Egypt could happen here — or everywhere. But it is farfetched. Here’s why:

There are numerous theories about how the Internet was “shut down” in Egypt. While we may never know the truth of the matter, my personal belief is that the government basically found a way to disrupt the very few, very “narrow” connectivity pipes that lead into the country.

Arbor Networks put out a report that showed what they saw when Egypt’s Internet went dark. Great details about that here. If their numbers are accurate, the whole country was pushing just north of 2.5 Gbps at peak, which is a pretty surprisingly low amount of traffic for such a large nation. I can’t tell you whether those numbers are accurate or not, but there are plenty of single sites that push more traffic than that, which means that as a country we’re looking at an overall small Internet footprint. That idea, if accurate, seems to support the theory that there wouldn’t be an abundance of broadband redundancy in Egypt and that this is what was exploited to take down the Internet in Egypt.

But even if that was what happened in Egypt, it quite literally couldn’t happen to the Internet as a whole. There is a tremendous amount of fiber redundancy in America and in many other parts of the industrialized world. If we go back to my “water pipeline” analogy, you can see why it would be so difficult to shut off the Internet as a whole.

Imagine trying to shut off the world’s water supply: there are pipes going everywhere, and they are controlled by all sorts of different groups. Trying to control and close down all of that would be an untenable mess. You would certainly be able to shut down some people and keep them thirsty for awhile, but overall the lack of centralization will serve to keep the system as a whole alive even if parts get shut down.

Now let me address the one central authority that most people fear when they talk about a broad-based Internet shutdown, and why I think that it isn’t something to worry about either. I am, of course, speaking about the Internet Corporation for Assigned Names and Numbers, or ICANN. The Department of Commerce has legal authority over ICANN, and if the U.S. Government ever tried to do what Egypt’s government supposedly did, they would try to do it through ICANN. That would have to be how they would go about implementing an Internet “kill switch” – especially if they wanted to try to directly control things both nationally and internationally.

But here’s the thing: it would really only work once, and even then, not for long. Yes, it’s true: the United States government controls the Internet’s Root zone file. But the whole idea of centralized authority requires communal (in this case, global) buy-in, and — given the pervasiveness of the Internet in the daily lives of the world’s citizenry — it is almost a certainty that the global Internet community would immediately pursue alternatives to ICANN if the US government abused its trust by pushing a “kill switch.” There are already Internet Engineering Task Force RFC memoranda out there detailing Root zone alternatives. It wouldn’t take long to get the Internet brought back online with even less centralized authority than it has now.

Bottom line? The idea of an Internet “kill switch” is highly implausible, and the idea of using one would be wildly impractical. It’s crazy talk. While Egypt may be a template of what can happen to a tightly controlled country with relatively fragile Internet infrastructure, it isn’t really a template for how the Internet could be shut down in America, or around the world.

Photo by Marcin Wichary

Find out more about ServInt solutions

Starting at $25

  1. Gail I found the articles you provided interesting. I read them and I still agree with the quote from John Kneuer. As an Internet professional who is heavily versed in the infrastructures that make up the Internet I'm simply saying that there's no plug to pull. MAJOR parts of the Internet can go down, and the Internet won't die. And for everything that can be controlled and exploited to take down the Internet, there are alternatives to bypass that on a long enough timeline. The Internet is a Hydra. That doesn't mean that the Hydra can't be hurt but it is nigh impossible to kill.
    Christian Dawson /
  2. James, see I wasn't going for the point I think you think I was going for. Yeah, if any country's government ordered companies to shut down most would comply out of necessity... and yet the Internet itself would still survive. The Internet isn't dependent on a single country, a single provider or a single source, and NOBODY has control over it in total. That doesn't mean specific providers, even a lot of them, couldn't be affected by an attempt at shutdown, but ultimately it's impossible to shut down the whole thing so all you'd end up doing is destroying companies, sites and lives in a failed effort to affect your overall goal.
    Christian Dawson /
  3. Highly implausible would be an understatement. If the US government said to US ISPs you must do what we say or else the ISPs would have no choice but to follow orders. We have already seen the us government flex it's muscle during the wikileaks loic attacks where ISPs like verizon null routed traffic to irc servers. We seen amazon dump wikileaks for an exemption on it's tax debt. So for you guys to say on your blog it's implausible is a joke. When the government comes to servints datacenter(s) what method are you going to implement them to stop them from physically removing you? And let's also not forget that everyone knows that ISPs that service more than 100 customers are already and have been for years required to have netkill switches installed that pretty much give the government control of your network(s).
  4. While we may believe that the Internet has many redundant paths, I have personally seen problems with a major trunk can impact access at ISPs dependent upon that trunk in spite of their being others. There really are bills being considered in Congress as Ron explained in this post asking can the U.S. President Shut Down the Internet for four months? Have you read any of the coverage that says that the U.S. President already has the power to shut down the Internet or seen this CNet post showing a graph of Egyptian Internet traffic and deails on the proposed Internet Kill Switch bills. There is also an EFF lawsuit based on a whistle-blower who has evidence that all Internet traffic is being routed through a specific point at AT&T? IMHO, the Internet could be taken down right now. I have been online when multiple types of unrelated Internet accesses became unavailable at the same time as though that was being tested. It would not be that difficult to shut down the major ISPs and/or the major trunks and if there is one point at AT&T where all traffic is captured then there is already one point where it can be turned off.
  5. Good idea, but I'd say even that doesn't take into account what a vast ecosystem the Internet is made up of. The Internet isn't just one type of hardware, and isn't just one type of software. The poison pill that takes down the Windows boxes won't take down the Mac ones or the Linux ones or the UNIX ones. The poison pill that affects the Cisco routers won't do so to the Juniper ones. The one that affects certain aspects of the switching infrastructure, or certain types of traffic distribution or DNS management, won't affect other aspects. Alternatives either exist or could quickly be created for anything to keep the Internet as a whole, even if individual user experience may suffer until individual problems are rectified. To draw another analogy, let's assume you wanted to remove language from the world. If you created a poison pill that would remove our ability to speak English, most of the world could still speak in their native language, and the English speakers could, for the most part, go ahead and learn (insert your favorite language here). The Internet ecosystem, like the people of the world, communicate in vastly different ways that cannot be affected by a single broad-based action. Though it's possible for people intent on taking down the Internet to win plenty of battles, they would never win the war.
    Christian Dawson /
  6. good comments. you talk about a kill switch like it has to be hardware, like a valve you'd close. couldn't there be soft switches. to stick to the water distribution analogy: if you poison the pipeline, you don't need to shut down a valve to render the distribution network much less usable.
  • Hosting Advice
  • Computer World
  • Ars Technica

  • The New York Times
  • The Seattle Times
  • Bloomberg
  • The Hill

To engage with the ServInt Sales Team use the following chat icon. Normal sales hours are Monday-Friday 9am-5pm EST but feel free to leave a message and we will follow up as soon as possible.

Sales Chat

To engage with the ServInt Support Team you must be logged into our Customer Portal for identity verification and have a ticket opened about your request or there will only be limited support offered.

Support Chat