Russia approved this change in October and set a deadline of August 1, 2018 to have the alternate DNS system online. The reason Russia gives for the change is that the West has the power to disrupt their Internet by changing the current DNS system. While that’s true, the US no longer controls DNS routing and handed over the operation of DNS last year to ICANN, an international coalition of many countries, including the BRICS members.
But there is a lot more to this than just fear of having DNS cut off to a given country and that excuse is mostly just a political cover story. A BRICS DNS system would give the member companies total control over the Internet routing within their country. Many countries already curtail and block some Internet usage today, with the most prominent example being the Great Firewall of China. The Chinese control web usage by monitoring and intercepting traffic at Internet hubs.
But control of DNS is a more foolproof way for a country to curtail web usage. If they block a website from the DNS system then it no longer exists within the country and there is no backdoor way to get to such web sites. Controlling the DNS gives a country complete control of what’s allowed on the web. DNS control would make it easy to block a company like Google, a topic such as politics or pornography, or even traffic from an entire other country from participating in the web within a country.
Controlling the DNS also would allow a country to maintain web sites within the country that could not be reached from outside the country. That would be a safer way for a country to keep information away from cyberhackers, or to just hide websites from foreigners.
Another benefit to controlling DNS is that it can be used to control the dark web. DNS could be used to make the dark web disappear within a country. Or it could alternatively be used to allow it, but make it open to inspection. A country controlling the DNS could also establish a new dark web specific to their country to be used by the government or anybody else they favor.
The BRICS countries say that they would only initially use an alternate DNS to use in case of some DNS emergency, like an external cyberattack. But the it’s going to be hard for regimes like China or Russia to pass up the temptation to take more control over the web and over their citizens. For example, controlling the DNS would allow for an easy way to squelch on-line dissent.
This change would be the first real splintering of the web. Until now come countries like China have blocked web sites and restricted access to some parts of the web. But taking control of DNS lets a country go further to micromanage the web within their country. And that ability is going to tempting to any repressive regime.
Once this happens there is really nothing to stop other countries or regions to also create their own DNS. And that means we no longer would have a worldwide web, but rather a series of separate webs that share selectively with each other. That would disadvantage the whole world in countless ways.
One reply on “Disintegration of the World Wide Web”
Most of what you right is pretty technically savvy, but I don’t think you’re on the right track with the above.
1) You talk about DNS being used to “route” internet traffic. That seems nutty, that’s not what DNS does. It just translates the names to addresses, which then have to be routed. All a country could do with its own DNS servers is to block name resolution for those who CHOOSE to use those servers. Anyone who used another DNS server (eg Google public servers, or a server at the remote end of a VPN, or even a local hosts file with the correct IP) would still be able to access the blocked domains
2) You say “Controlling the DNS gives a country complete control of what’s allowed on the web. DNS control would make it easy to block a company like Google, a topic such as politics or pornography, or even traffic from an entire other country from participating in the web within a country.” This seems totally off. In addition to the (many) workarounds sampled above, the DNS has nothing to do with “topics” or “traffic”, only domain names. EG, they could fail to resolve wikipedia.org, but they’d have to do it for ALL topics on wikipedia. Same for facebook, google, etc.
3) You say “Another benefit to controlling DNS is that it can be used to control the dark web. DNS could be used to make the dark web disappear within a country. Or it could alternatively be used to allow it, but make it open to inspection.” No, no, and no! Tor doesn’t use DNS to track either its directory servers (IPs are hard-coded) or entry nodes (again, by IP address, from the directory servers), and once connected to the TOR network, DNS resolution is tunnelled to the exit node.
Basically, the only thing the alternate DNS roots could do is create some confusion that would be relatively easy to circumvent–way easier than, say the Great Firewall of China, or other deep-inspection based blocking.