30 PAGES OF PROJECTS INSIDE
HARDWARE HACKS
GEEK RADIO
Build your own ECG
The ham radio PC
Use a PC to monitor your heart
How to pluck data from the airwaves
FREE SUPERDISC!
30
XP AND VISTA MAKEOVER TOOLS
■ 50 ESSENTIAL UTILITIES ■ 2HRS OF SILVERLIGHT 2 VIDEO TRAINING
Issue 279
www.pcplus.co.uk
Windows
The touchscreen media centre
It’s chic, it’s desirable – but is it pointless?
High-def projector for less
Make a faster, leaner and better-looking OS
Awesome quality for under £500
PLUS
Build your own Linux distro!
IN DEPTH
The Internet: Dead in 10 days?
The terrifying truth about the web’s health
Full analysis:
Windows 7 Beta
March 2009 £5.99
Build your own
RATED!
Is the Internet dying?
56
279 March 2009
Is the Internet dying?
The
Internet:
Dead in 10 days? Is the world wide web on its last legs? Karl Hodge examines the facts and finds out whether the Internet has years, months or just days left to live
A
lways-on broadband and mobile web connectivity make it seem like the Internet is there for us 24 hours a day. But that’s not always the case. We all come across the occasional dropped connection and experience the evening rush when everything slows down for a couple of hours. Then there’s the odd site that you can’t access because everyone else is trying to get to it at the same time as you. If truth be told, the Internet can be a bit shaky at times. That’s because the multimedia content providers of today are struggling with technology that was invented in the 1960s; technology that’s now creaking and cracking under the strain. In this article, we look at the threats that face the Internet – and why a collapse might be underway by the time you read this…
N
Covered in detail Killing me softly n Spam p57 n Malware p58 n Hack attacks p58 n Threats to Internet neutrality p59 n Multimedia overload p60 n Telecoms structure p61 n The final countdown p61
Technology focus n Electricity p58 n The limits of IPv4 p61
Spam
amed after the infamous Monty Python sketch, spam (or junk) email is threatening to bury us under a mountain of adverts for Viagra, get-rich-quick schemes and porn sites. It’s estimated that unsolicited advertising now accounts for 80 to 90 per cent of all email traffic – an estimated 100 billion messages every day. And it’s growing. In 2006, for example, six trillion emails were sent worldwide, 75 per cent of which were junk. But you don’t really need a survey to tell you that. All you need to do is look in your own junk mail folder. We checked ours and found that, on average, we were receiving 20 spam messages an hour, most of them automatically filtered and never seen. The bandwidth and storage space occupied by these messages has to be paid for, and it’s users that end up reaching into their pockets. In 2007, Ferris Research (www.ferris.com) reported estimated costs of $100billion worldwide, with the USA paying for $35billion of it. That cost estimate also includes the time it takes employees to deal with junk mail. Every second spent deleting it is time on the clock. Potentially more disruptive, though, is the time spent fishing out legitimate emails from junk mail folders. So how long could it be before the system grinds to a halt under a deluge of unsolicited mail? Any time now, is the pessimist’s answer. A month, perhaps even a week. 3 279 March 2009 57
Is the Internet dying?
Focus On Electricity Will the web be a victim of the energy crisis? Even if the Internet’s archaic structure manages to withstand assaults from malware, hackers and the multimedia revolution, there’s another essential element that we might run out of, according to one report: electricity. Interviewed in Australian journal Science Centric, Dr Kerry Hinton of the University of Melbourne claims that “it’s clear that the exponential growth of the Internet is unsustainable”. His viewpoint is based on the observation that as applications become more media-intensive, more bandwidth and processing power will also be needed. Internet use currently accounts for 0.5 per cent
of Australia’s energy consumption. Hinton says that this will double by 2020. In times when energy is at a premium and oil reserves are peaking, Internet energy consumption is going in the wrong direction. “To support new high-bandwidth services, the capacity of the Internet will need to be significantly increased,” says Hinton. “If Internet capacity is increased, the energy consumption and consequently the carbon footprint of the Internet will also increase. This will place a major burden on the nation’s power infrastructure as well as significantly contribute to greenhouse gas production.” n
3 In October this year, Virgin Media suffered from a
5 iPlayer is a runaway success, serving 3.5 million programmes a week. But who will pay for the bandwidth?
spam attack that cut off email access to about half of its 200,000 customers for four days. That’s one of the country’s largest ISPs brought to its knees by spam. Researchers have consistently claimed over the last decade that the spam apocalypse is about two years away, though for now we’re all still online checking Facebook and playing World of Warcraft. Email is the Internet’s foundation application. Built as a communication system designed to route around damage in the event of nuclear war, continued vigilance is making sure that the amount of spam making it to our inboxes is a fraction of that actually sent. Still, there’s a tremendous amount hitting the relays. How can we counter that? The ultimate solution to the spam problem isn’t virtual – it’s legal. Though blacklisting programs such as Yahoo!’s SpamGuard (www.antispam.yahoo.com/ spamguard) and Microsoft’s SmartScreen (www.tinyurl.com/7lb3eo) help us combat spam at a personal level, US and EU legislation has made unsolicited email marketing a crime, giving courts the power to force spammers to stop sending emails. Already we’re seeing those laws used to take down some big hitters. Facebook recently won an $873million court case against a Canadian spammer who targeted its users; and the overall volume of spam on the web fell by 75 per cent in November 2008 following the shutdown of McColo, a Californian ISP that provided relay services to the spam world’s biggest villains.
1 Research by website Sam Knows (www.samknows.com/ broadband) revealed that BT reduces bandwidth to peer-to peer ports. ‘Traffic shaping’ is an open secret in the industry.
While the spammers inevitably found new service providers, targeting their infrastructure hits them where it really hurts – in the wallet.
T
Malware
he legal block on McColo had a secondary effect – UK security software makers SophosLabs (www.sophoslabs.com) reported a drastic drop in malware-infected attachments too. Unfortunately, that was a temporary blip. Malware, trojans and self-replicating viruses are the second most visible threat to the Internet, infecting and corrupting the operation of millions of client computers every day. Security firm Symantec recently reported that of the 1.1 million malware, virus and trojan threats in circulation, 64 per cent were new in 2007. This suggests that malware producers are creating new strains of malicious code faster than security software specialists can swat them. If malware production continues at this rate, with threats doubling year on year, how long will it be before it makes the Internet impossible to use? The effects of malicious code can vary widely, from an infected web browser that recursively opens new windows to programs that collect personal details. Some viruses overwrite key Windows files, corrupting the system. Though it’s usually individuals who suffer, coordinated virus attacks frequently make the news. Three London hospitals were plunged into computer chaos in November 2008 following a network-wide infection of the Mytob worm, a virus that lowers security settings on targeted machines. The outbreak took three days to contain. Of course, the default defence is to make sure that you have antivirus and anti-malware software installed on your system. Windows Defender should recognise most spyware, while AVG Free (http://free.avg.com) will protect you from email attachments and trojans. Beware of tools that advertise spyware protection in website pop-ups, though. The notorious MS Antivirus (also known by several other names) is actually malware and may disable legitimate applications.
S
Hack attacks
pam and malware sometimes work together, with malware applications enabling spammers to hijack vulnerable PCs and use them as mail relays. It’s not just web servers that are vulnerable to hacker intrusion, either – an unprotected PC is easy prey as long as it’s connected to the Internet.
58
279 March 2009
Is the Internet dying?
Hacking is a consistent and perennial threat, and the most prevalent type of ‘hack’ is the Denial of Service (DoS) attack. Making network intrusion and defaced web pages seem like benign pranks, DoS attacks seek to bring the web’s servers to their knees by flooding the available bandwidth with data. There’s a history of increasingly bold assaults too. Popular news site Digg (www.digg.com) went dark for half a day due to a DoS attack. More controversially, a range of key Georgian websites – including those of the Georgian President and the National Bank – were taken offline by Russian DoS attacks before the invasion in August 2008. In this case, there’s little in the way of good news. Though the majority of hack attacks are attributed to ‘script kiddies’ (neophyte programmers armed with downloaded code), there are signs of more sophisticated advances. In a security survey conducted by Arbor Networks, 23 per cent of network operators questioned said that DNS poisoning – the practice of redirecting traffic to another domain – is their most significant concern. A similar number cited client hijacking – which results in ‘zombie PCs’ – as a big headache. Hackers and crackers are part of a community, sharing exploits and taking part in games of oneupmanship. As fast as patches for operating systems, browsers and servers can be created, new exploits can be found. Controlling the problem is a matter of putting out brush fires, but all it would take is one coordinated, conclusive attack on a set of significant servers for the whole forest to go up in flames.
Threats to Internet neutrality
W
hile outside forces pose a significant threat to the survival of the Internet, the real enemy may be hiding within. Conceived in a different age for a different purpose, the technical and commercial infrastructure of the Internet is ill-suited to the multimedia-driven, commercially competitive entity that it has become. The system is in real danger of collapsing under the weight of its own success. It’s becoming difficult to remember that the Internet’s earliest users placed a premium on etiquette, rules and real, honest-to-goodness principles. One of those foundation stones was that ‘information wants to be free’. To protect this principal, ISPs need to treat data neutrally and refrain from restricting what can and can’t be downloaded. This concept has been given the name ‘network neutrality’. Since the Internet’s commercialisation, its main arteries have come under the ownership of profitmaking organisations, and in the US at least they are beginning to ask for a bigger slice of the pie. Some US ISPs have mooted provisional models that would see them carrying only the data that they want to carry,
charging customers by the megabyte and excluding certain data types from certain tariffs. In this scenario, an ISP might provide access to a ‘walled garden’ of premium content to higher-paying users, while those on the lowest tariffs would be unable to do anything more taxing on the network than check their email and browse text documents. And it’s not just types of content that may be blocked; content from specific providers could also be filtered. One possibility is the creation of a market where content providers end up paying ISPs to carry their data. This might not spell the end of the Internet, but it would certainly mean the end of the free ride. And it’s happening right now. Why are these developments in America important to us? The US may not support the whole Internet, but it does account for the lion’s share of its infrastructure. The legal situation is complex, with US telecoms providers lobbying the US government for more control over the traffic they carry. However, there are some positive signs that this may not happen. President Barack Obama is a strong supporter of network neutrality, and the FCC (Federal Communications Commission) – which is tasked with overseeing cable and DSL providers – has a ‘network freedom’ policy in place. Recently, the organisation targeted US service provider Comcast and warned it to stop blocking BitTorrent traffic on its system. In the UK, the situation is different, and there’s no such protective legislation in place. ‘Traffic shaping’, as it’s known, is a standard practice for many ISPs, though some are more honest about it than others. Plusnet (www.plus.net), for example, sets out exactly what types of traffic its different broadband packages 3
1 In 2007, two of the Internet’s 13 root DNS servers were victims of a DoS attack. A previous attack disabled nine of the servers for an hour.
Fact file BBC iPlayer is the latest service to join the cloud, the burgeoning throng of Internet-served apps. The corporation announced an Adobe AIR-powered version of the popular media player in late December 2008.
Conceived in a different age for a different purpose, the infrastructure of the Internet is ill-suited to the entity that it has become 279 March 2009 59
Is the Internet dying?
3 allow you to access, and at what times of day. We don’t
currently have ISPs who charge content providers on a sliding scale for data carriage, though, and providers who have been discovered restricting access have been quickly taken to task. In early December, Orange broadband users found themselves unable to access BitTorrent site www.thepiratebay.org for a period of about a week. Orange blamed the incident on one of their ‘network partners’ who, it said, “rerouted a small section of Internet traffic. As has always been the case, it is Orange UK’s policy to not block customer access to websites”. European legislation on network neutrality may yet give the UK a set of legislative guidelines to follow. A proposed regulatory framework, which all EU countries would be obliged to sign up to, has network neutrality at its core.
Fact file The European Union has extensive plans in place to implement IPv6 – the new IP address system – across public bodies and government institutions by 2010, but there’s no central body to control the whole transition. Read the full proposal document at www. tinyurl.com/99ecpb.
B
Multimedia overload
itTorrent traffic is, of course, a contentious issue. Some statistics suggest that it now accounts for around a third of all Internet traffic, with research companies claiming that it takes up between 20 per cent (from research by Arbor Networks) and 37 per cent (from Ellacoya Networks) of the total. The British Phonographic Industry (BPI) has proposed that ISPs enforce a ‘three strikes’ policy, where users would be blacklisted from using Internet services if found illegally downloading copyrighted material, the majority of which is available via BitTorrent and similar peer-to-peer (P2P) protocols. There are some serious problems with this concept, not least the fact that it’s very difficult to prove exactly who has been downloading; proof that a specific PC was used is not proof that its owner was using it.
1 US President Barack Obama is a supporter of the net neutrality principle.
1 YouTube’s new high-definition services will increase the traffic load on the Internet’s creaky infrastructure.
The huge amount of BitTorrent traffic on the web is one ironic disadvantage of the network neutrality lobby: in attempting to protect freedom of data on the Internet, it may actually be adding pressure to an infrastructure that’s already bursting at the seams. P2P has been jamming up precious bandwidth since the now-legitimate Napster opened in 1999, but the real Internet-killer could be digital video. Customers are finally seeing TV on demand, movie downloads and instant access to streaming video, but a meltdown could be mere months away. The last 12 months have been a watershed for online video, with YouTube trialling high-definition streams, BBC iPlayer leaving beta and iTunes offering movie rentals. The same research which suggested that 37 per cent of Internet traffic is now peer-to-peer also shows that 36 per cent of all web traffic – which accounts for 45 per cent of network activity – is dedicated to streaming video. After the broadband price war of two years ago, ISPs are finding it increasingly difficult to fulfil their promises of inexpensive, unmetered access. In April 2008, the BBC and Tiscali took part in an unseemly spat after the UK communications regulator Ofcom revealed that ISPs would need to find £830million to pay for the extra demand that services such as iPlayer are putting on the UK network. iPlayer alone has served over 237 million downloads since its inception. Simon Gunter, Strategy Chief at Tiscali, suggested that consumers who wanted to access the iPlayer may end up having to pay extra. The BBC’s Head of Future Media and Technology, Ashley Highfield, countered that argument with the idea that a ‘blacklist’ of the ISPs that were charging extra for iPlayer access would help customers make a more informed choice over which company to use for broadband access. Meanwhile, the BBC ploughs on with ambitious plans to make the iPlayer HD-capable, and even share the basic system with its rivals at ITV and Channel 4. On the surface, this sounds great for consumers, but both the ISPs and the BBC seem reluctant to pay for
A targeted DoS attack, a widespread malware infection or even a mechanical malfunction could blackout web access 60
279 March 2009
Is the Internet dying?
Focus On The limits of IPv4 The world could have run out of IP addresses by the end of 2010 Every time your computer connects to the Internet, it’s assigned a unique numeric address: an IP (Internet protocol) number. The current protocol, which has been in place since 1979, is called IPv4. It’s a 32-bit address sequence comprised of four numbers, each ranging from 0 to 255, and it gives 4,294,967,296 possible combinations. That sounds like a lot, but when you consider that every client and server connected to the Internet has either a fixed or dynamically assigned address, that allocation is soon used up. The original TCP/IP protocol was never meant to be applied to an everexpanding global network, and so now we’re running out of addresses. Several major sources, including the American Registry for Internet Numbers (ARIN), predict that we’ll
run out of IPv4 numbers by the end of 2010 – less than two years away. Solving the problem will require a change of protocol, and the replacement is all ready to go. IPv6 is a 128-bit addressing protocol, with enough capacity for every person alive to have several billion unique addresses. Windows Vista, Mac OS X and Linux all support IPv6, as do most contemporary server operating systems. The Internet Assigned Numbers Authority (IANA) – the body responsible for maintaining the IP system – has already enabled IPv6 on six of the Internet’s 13 DNS root servers (the machines that act as the Internet’s addressing database). The EU has its own IPv6 Task Force, which is encouraging ISPs, government bodies and public institutions to switch
the extra bandwidth that would be required to bring this about. And lurking under all of these problems is the small matter of the country’s inadequate telecommunications infrastructure.
Telecoms infrastructure
F
or citizens in Korea, Japan and Taiwan, fibre to the home (FTTH) is a reality, generating speeds of 100Mbps in both directions. Britain and Europe are lagging sadly behind. Most of our telecoms infrastructure is built on a copper wire network, which is inadequate for next-generation data services like video on-demand (VoD). Though BT is installing ‘fibre to the kerb’ in new-build areas, they have no plans for a full system overhaul. The best news is that by 2012, the telecoms giant plans to spend £1.5billion on upgrading the network with FTTC – ‘fibre to the cabinet’. On the Internet, though, three years is a long time. The onus is on private enterprise to fill the gap, and Virgin Media is the only company with the infrastructure to step up to the plate. Holding the UK monopoly on cable Internet provision, it launched a new 50Mbps cable broadband product in the last two weeks of 2008. Priced at £51 a month, it’s a premium service that’s out of reach of most ordinary consumers. Meanwhile, the promise of adopting 24Mbps ADSL2+
1 See the other side of the net neutrality argument at www. handsoff.org, the homepage of the ‘net freedom’ lobby.
1 The IPv6 Task Force (www.ipv6tf.org) is fighting to make institutions aware of the need for transition to the newer protocol.
by 2010 (see www.ipv6tf.org). Ultimately, however, the Internet is without a centre. No one can flick a switch and change the entire net to IPv6 overnight. It’s up to hosting companies, ISPs and the telecoms industry to perform the task – and to do it now. If they don’t, the Internet will simply grind to an undignified halt. n
as the UK standard has come to nothing so far, which may leave Britain in the embarrassing position of having some of the world’s most innovative content, but a network that’s unable to support it.
The final countdown
D
oes the Internet really have just 10 days to live? Although that claim sounds sensationalist, in reality any of the threats that we’ve outlined could have brought the network to its knees before we even went to print. A targeted Denial of Service attack on key Internet services, a widespread malware infection or even a mechanical malfunction – any of these could blackout web access if the right target goes down. As a case in point, shortly before Christmas 2008 three cables running beneath the Indian Ocean were accidentally damaged. The result was that all of Egypt and parts of India suffered an Internet blackout for two days, with services returning very slowly as data was manually rerouted. Just days later, as Israeli ground troops hit Gaza in January 2009, news sites in Jerusalem reported that a spate of DoS attacks were taking them offline. Was it a concerted effort from Palestinian hackers or the effects of ordinary users overloading a network that’s already under strain? We don’t know, but these examples suggest that our 10-day estimate could be on the conservative side. n
1 Sites made popular by news aggregators such as Digg can find themselves swamped and taken down.
Karl Hodge is a technology journalist and Internet veteran. He created his first homepage when there were just 200 web servers in the world. Now there are closer to 200 million. feedback@pcplus.co.uk 279 March 2009 61