back to article Russia threatens to set up its 'own internet' with China, India and pals – let's take a closer look

Russia is intending to set up its "own internet" according to a number of Russian news sources citing a document signed by President Vladimir Putin earlier this month. At a meeting at the end of the October, the Russian Security Council ordered its telecoms ministry to look at a "system of backup DNS root name servers, …

  1. Milton

    Kremlin, lying? Colour me astonished ...

    As the article gradually makes clear, the Kremlin's propaganda about this is fundamentally untrue: it has nothing to do with the USA blocking Russian sites. It has everything to do with Putin wanting to censor what his citizens can see and do on the net, because he has envious eye upon China's brutally repressive control of its citizens' online activity. Fact and opinion are information which, if freely shared, have always been the single greatest threat to authoritarians and dictators.

    When you boil it down, Putin's desire to control his "own" internet is a simple outgrowth of the lessons of the past and the current demonstration of China's successful crushing of its own people's freedom.

    And it is fundamentally driven by the same motives that cause Donald Trump to constantly denounce any media that criticises him as "fake": when you are a despotic liar, nothing frightens you more than truth.

    1. Anonymous Coward
      Anonymous Coward

      Re: Kremlin, lying? Colour me astonished ...

      What would like to bet that Trump will want to set up an equivalent system to the BRICS? He will want to be able to save Americans access. In other words, have tighter control and better able to censor the plebs usage.

      1. TheVogon

        Re: Kremlin, lying? Colour me astonished ...

        "What would like to bet that Trump will want to set up an equivalent system to the BRICS?"

        He will be in prison or at least impeached before he get round to that. He makes Reagan look smart:

        https://www.youtube.com/watch?v=cb71YBLCqYU

      2. tom dial Silver badge

        Re: Kremlin, lying? Colour me astonished ...

        Not Trump, I think, but his opponents in the Resist "community," especially those who believe he stole the election by collaborating with the Russian efforts that swung all the alt-right votes away from Hillary Clinton (not to mention the authors of the Constitution some two and a quarter centuries back with their diabolical electoral college).

    2. Jonathan Schwatrz
      Facepalm

      Re: Milton Re: Kremlin, lying? Colour me astonished ...

      You were doing fine until your Trump Derangement Syndrome kicked in. Trump loves the open Internet, it allows him to do an end-run round the "mainstream media" with such tools as Twitter, and allows his "deplorables" to rally and rapidly exchange information/propaganda, so he has absolutely no desire to break it.

      My own view is that this is Putin's attempt to control what Russians can see on the Internet - make their PDNS (Putin's DNS) only list Putin-approved sites, make use of PDNS mandatory for Russians and use of foreign DNS illegal, then pick up your political opponents by watching for DNS requests to foreign DNS servers.

      1. Florida1920

        Re: Milton Kremlin, lying? Colour me astonished ...

        @Jonathan Schwartz

        You were doing fine until your Trump Derangement Syndrome kicked in.
        Say what?

        "With all of the Fake News coming out of NBC and the Networks, at what point is it appropriate to challenge their License? Bad for country!"

        https://twitter.com/realDonaldTrump/status/918112884630093825

        "The FAKE NEWS media (failing @nytimes, @NBCNews, @ABC, @CBS, @CNN) is not my enemy, it is the enemy of the American People!"

        https://twitter.com/realDonaldTrump/status/832708293516632065

        To Trump and his minions, the truth is what they say it is. Sarah Sanders on the re-tweeted anti-Muslim videos: “I think the president feels that bringing up important issues of our time like extreme violence and terrorism are important to do. That’s what he was doing in that process, and I think he’s going to continue to do that in a number of venues, whether it’s through speeches, whether it’s through Twitter or other social media platforms.”

        Trump would absolutely seek totally to control all information concerning his regime if he could get away with it.

        1. Jonathan Schwatrz
          FAIL

          Re: Florida1920 Re: Milton Kremlin, lying? Colour me astonished ...

          Your whataboutism has nothing to do with possible censorship of the DNS, but simply highlights another valid point from Trump - should "news" outlets that don't report news unless it fits with a biased opinion still be allowed to call themselves news? And that includes pro-Right Fox as much as the pro-Left media outlets listed by Trump. In my view, all the US's major news outlets are equally bad at reporting real news due to bias. Just because Trump raised the point (or, more likely, because the majority of "news" outlets fit with your anti-Trump viewpoint) doesn't make the point on bias any less valid, especially when the "news" outlets also pretend to be impartial. So, all you did was highlight your TDS even more.

          "....anti-Muslim videos...." And here you willingly fall into the shoot-the-messenger trap. Was that a burning issue for you because you don't believe that gays are persecuted in Islamic countries - often violently - or simply because you just wanted to attack Trump? Did you spit equal venom at CNN when they reported on how the LGBT community in Egypt lives in fear? I bet you didn't, but then I bet you also weren't even aware of the persecution of homosexuality in Egypt because you hadn't been led by the nose to shriek about it in the same way you have been with Trump.

      2. comb_ridge

        Re: Milton Kremlin, lying? Colour me astonished ...

        It has already taken place for some organizations in Russia. Their website and media content have been banned for some time.

    3. OhDearHimAgain

      Re: Kremlin, lying? Colour me astonished ...

      Its about all control - if you control the ROOT zone you control all DNS, which means pretty much everything.

      e.g. he could remove the NS records for the Verisign COM zone and install his own - running his own COM registry operator (PutinNet) - then people would have to buy all COM domain names twice - once from Verisign and once from PutinNet.

      Given there are 145M names in COM & NET and they bring in ~$8 a year each - wouldn't you want a slice of the action, if you could?

      I wrote a document about this in 2009 - https://names.of.london/press/root_hints_file.pdf

  2. Anonymous Coward
    Anonymous Coward

    not gonna happen

    All of which is a long way of saying: the US kicking a nation like Russia off the internet? Never gonna happen.

    Perhaps not. Or perhaps Russians have a longer memory, and a darker-shaded view of the world, and still remeber that disconnecting them from another vital international network - SWIFT - was seriously discussed not so long ago.

    In this mad new world anything is possible, as long as it crazy enough.

    1. I ain't Spartacus Gold badge

      Re: not gonna happen

      Copied root servers won't save them if they're physically cut off from the internet. That would require all the countries around them to physically interrupt the cable and satellite connections from Russia. Which isn't going to happen because they're next to relatively friendly countries who wouldn't do it. And why would you want to stop the Russian people from accessing outside information - given that cutting Russia physically off the internet still wouldn't stop GRU and FSB people from accessing it via outside connections to spread disinformation.

      Cutting Russia off from SWIFT is much easier, and reqires fewer countries to agree. But was still considered a step too far.

      Anyway the US and the UK control such a large percentage of the global financial markets between them, that they don't need international agreement to flex those muscles. You can simply make a bank choose between the relatively small profits from dealing with Russia or being alllowed to operate in New York and/or London. The year after sanctions were introduced over the invasion of Ukraine / annexation of Crimea, not a single Russian company was able to roll over their international debts in foreign markets. This meant they had to borrow hard currency from the Russian Central Bank reserves. I think it cost them about $150 billion in a year, failing to prop up the currency and rescuing their large companies.

      So far the UK government doesn't seem to have tried this kind of thing independently of the US and EU, so we don't know how effective it could be (presumably less than the US but still somewhat). The US Treasury Department seems to have started looking into targetted financial sanctions about 15 years ago - maybe after the failure to maintain sanctions on Iraq via the UN? Worked reasonably well with Iran and has at least inconvenienced Putin over Ukraine, if it's had no other effects.

    2. thames

      Re: not gonna happen

      The BRICS countries created their own alternative to SWIFT a few years ago. That has made them immune to US influence over international payments systems when dealing amongst themselves or with other participating countries.

      I suspect if the US were to want to shut down the "ru" domain, they would go after the higher level DNS servers via financial "sanctions". Running a DNS server at the scale we are talking about takes money. Target the money and it doesn't matter what the engineering staff happen to think, they can try running a DNS system in the dark with no electricity and no Internet connectivity if they wish.

      Really, if anything at all is surprising, it's that this wasn't done years ago.

    3. bombastic bob Silver badge
      Devil

      Re: not gonna happen

      I doubt it will happen but for a different reason: cat videos.

      Let's call it "Matryoshka-net" - heh

      https://en.wikipedia.org/wiki/Matryoshka_doll

      (because, photo at top of article)

  3. ExampleOne

    What happens if the situation were to develop such that the US really doesn't care who knows it's removed the .ru records? If the situation deteriorates to the point that Russia no long has access to the US servers?

    Yes, in theory it should be possible for everyone to route around such a problem, but it would be negligent for any government to allow control of an infrastructure element as important as the Internet to rest in a location that would be obviously subject to pressure from a potential hostile power.

    I'm not saying such a scenario is likely, but in the event of a major conflict involving the US, why would anyone else want to be depending on US infrastructure? Russia doesn't even need to be a direct party to any such conflict, the chaos it would be likely to cause would be a good reason to wish to lessen your dependence on the system run by an independent body that just happens to be head-quartered in the US.

  4. Voland's right hand Silver badge

    They are obliged by law to do that

    Somebody on the reg desk does not read old el reg articles. We had (if memory serves me right) 3 articles lamenting about possible censorship use of the minor clauses in their Internet legislation. I cannot be arsed to look them up, it should have been whoever wrote it doing that.

    During the discussion and reading (by those of us которые могут читать закон в оригинале) a few interesting details came to light. Namely:

    1. Russia has introduced an official regulatory regime on all Internet things deemed to be critical infrastructure (*).

    2. Failing to secure critical infrastructure which by law includes THE ZONE FOR RU AND ALL SERVING NAME SERVERS, peering points, authentication and authorization databases in telecoms providers, etc is a criminal offense with company directors being personally responsible if they run the infra in question.

    3. All operators of such must have appropriate resiliency and disaster recovery plan.

    So frankly, this was coming. Not doing so would have been a jail term for all people dealing with .RU.

    It was written into their law code months ago (if not even last year). Anyone who did not see it reads too much Pravdauidad, watches too much RTNN and does not actually look at the sources. While it is excusable for us, mere commentards, for el reg to blindly repeat the party line instead of looking at the source is IMHO unexcusable. Bring us back Lewis, biased as he was he did his research.

    (*) By the way, the legislation was written by someone who knew what is an autonomous system and how DNS operates. It was a pleasure to read and I wish we had that instead of HMG and MI5/6 having "interesting" requirements to the LiNX CTO job and doing sh*t via the backdoor. And do not even get me started on Dido Harding and where she would be if we had a proper regulatory regime on this.

    1. Mage Silver badge
      Pirate

      Re: ITU

      Really Icann and related stuff should not be under the USA, no matter about this Russian idea. They should be under the ITU, set up in the Victorian era to ensure smooth running of international telegraphs, then posts and phones. Later radio spectrum allocation was added. After WWII it was taken of by UN.

      TLD and Internet management needs to be by International convention and consensus, no matter how corrupt and poor that can be. It can't remain under the duopoly of US politics and US corporations.

      1. James 51

        Re: ITU

        Where CIS and China could threaten the freedom of not just their own people but everyone by buying or bullying other countries in the ITU. Yeah, that's an excellent idea </sarcasim>

      2. Doctor Syntax Silver badge

        Re: ITU

        "They should be under the ITU"

        Or the wider internet community as a whole. They could take the steps outlined in the article as a possible response to a Trump meltdown. The time to have done that was when, as the article recounts, they failed to get adequate controls over ICANN.

    2. Anonymous Coward
      Anonymous Coward

      Kieren's credentials

      Kieren has written and researched articles about ICANN, internet infrastructure and internet governance for more than 15 years. He worked for ICANN for three years - and later founded an events company that ran a couple of successful events on internet governance. Feel free to disagree with him, but Kieren knows what he is talking about. As for the three articles that you agree with and think we published and which may have been written by someone else who, if it wasn't Kieren, is not an expert on ICANN, internet infrastructure or internet governance....

      1. Anonymous Coward
        Anonymous Coward

        Re: Kieren's credentials

        I don't think anyone would question Kieren's expertise about the Internet. I certainly don't.

        But some of his offhand comments about Russia and Mr Putin suggest that he is not quite as knowledgeable about present-day geopolitics. Russia is already threatened by thermonuclear missiles belonging to the USA (and other nations, including the UK) and literally surrounded by military and naval bases, all capable of launching devastating strikes into Russia at little or no notice. The "ABM" sites in Poland and Romania are capable of launching cruise missiles with thermonuclear warheads instead of the defensive missiles with which they are supposedly loaded - and even the Poles and Romanians would never know.

        The Pentagon has recently been in the news after it advertised for Russian DNA and tissue samples - just for general medical research, you understand. Only a paranoid would wonder if the Pentagon - the US government's organ of war - might conceivably have some hostile motive.

        Many Western experts have urged the Russian government to stop being so dangerously trusting and, in particular, not to believe any assurances from the USA or NATO. That is very good advice. The Russians, the Chinese, and the rest of the independent world must take all possible steps to remove all reliance on any resources under US government control - because they WILL be used as weapons.

        1. John Savard

          Re: Kieren's credentials

          I am quite baffled by this post. Surely everyone knows of mainland China's human-rights record, and its brutal repression of Tibet and Uighuristan. And of Russia's aggression, first against Georgia, and then against the Ukraine for having the effrontery to overthrow a tyrant who was a buddy of Putin. And surely everyone knows too about the fact that the United States has free elections and a free press, that work very well in dealing with that country's imperfections, making it a democracy.

          What the Russian government should do is hand the United States its unconditional surrender. That would be the quickest step to world peace they could take.

          1. James 51

            Re: Kieren's credentials

            They don't need to surrender, just stop viewing the world as a zero sum game and that by attacking and bringing others low they raise themselves up.

          2. Voland's right hand Silver badge

            Re: Kieren's credentials

            too about the fact that the United States has free elections and a free press,

            Faux news... free press... Or Time. Once the Cox brothers have finalized their Christmas shopping spree...

            You forgot the sarcasm tags mate. As I read your post, as someone who has lived in BOTH USA and Russia (and has no intention in living in the future in either - they are much more alike than you may think...), you need to share what you are smoking. While smoking cool stuff is not a crime, not sharing it is.

            As far as the difference between USA and Russia - I suggest you look up Paragraph 23 of the Russian constitution and quote me the USA equivalent (if you had too much of what you are smoking you will probably end up quoting the FISA section of the Patriot Act).

            1. Anonymous Coward
              Anonymous Coward

              Re: Kieren's credentials

              ... as someone who has lived in BOTH USA and Russia (and has no intention in living in the future in either - they are much more alike than you may think...) ...

              Seconded on both points.

              1. Anonymous Coward
                Anonymous Coward

                Re: Kieren's credentials

                "they are much more alike than you may think"

                Both have terrible teeth?

            2. Anonymous Coward
              Mushroom

              Re: Kieren's credentials

              > Faux news... free press... Or Time. Once the Cox brothers have finalized their Christmas shopping spree...

              Is this what the Internet Research Agency told you to write? Really guys, you need to work on your propaganda bullshit (агитпроп). It's gotten very lame lately.

              How come the frequency of your posts increases geometrically every single time there's a negative article - or comment - about Russia? Inquiring minds want to know.

              Also: I have no idea what the Cox Brothers have to do with Russia.

            3. This post has been deleted by its author

          3. Anonymous Coward
            Anonymous Coward

            Re: Kieren's credentials

            "What the Russian government should do is hand the United States its unconditional surrender."

            That's almost what happened in the Yeltsin era. The result? Rape of assets, plummeting male life expectancy. And ultimately Putin.

            "That would be the quickest step to world peace they could take."

            Deserta faciunt pacem appellant.

            1. Voland's right hand Silver badge

              Re: Kieren's credentials

              "What the Russian government should do is hand the United States its unconditional surrender."

              I so far deliberately left this one out of the equation, but feck it, I will bite.

              We all (the ones who live in the so called "rest of the world") understand that this is the only expectation USA has from all of us. We all understand that this is the only language of negotiation USA knows. We all know that this is the actual content of any treaty USA signs (the most recent example being the Iran nuclear program agreement and Trumps' "they did not stick to the spirit of it, but to the letter. Sticking to letter, bad. That is not what we meant. Bwaaaa, Bwaaaa, Bwaaa, our toys are out of the pram").

              As someone who understand Russians, let me tell you - there will be only one answer to the idea of "unconditional surrender" from them. It will be: "Пшел на хуй" (no, will not translate that). This is if you do not push them too far.

              If you push them too far you will get "Прощание славянки" (Farewell of the Slavic Woman) on the tannoy and trust me, if you value your life, you do not want to be anywhere near. They do not give a damn about what their losses are once they get into that modus operandi. Napoleon, Hitler and quite a few other people with delusions of grandeur learned that one the hard way.

              1. Anonymous Coward
                Anonymous Coward

                Re: Kieren's credentials

                "(no, will not translate that)"

                I defer to your much greater knowledge of the complex and beautiful Russian language, but isn't <<Пошёл на хуй>> a little more correct?

                Also, in such circumstances and given the teachings of the Russian Orthodox Church and the profound Russian feeling for domestic life, wouldn't a common response be to advise the requester to love his mother very much? Russian and the US are two nations united in their desire to see other people loving their mothers.

                1. Anonymous Coward
                  Anonymous Coward

                  Re: Kieren's credentials

                  I defer to your much greater knowledge of the complex and beautiful Russian language, but isn't <<Пошёл на хуй>> a little more correct?

                  In modern Russian, your version is grammatically correct. As far as my fading knowledge of the Great and Mighty [*] goes, Behemoth's version follows the 19-th century rules. In modern Russian it sounds a bit archaic, and carries an extra degree of contempt towards the addressee. As a profanity, it would be an appropriate response to a suggestion so stupid that it does not even merit getting properly angry about.

                  If this this were a Russian drama class, I'd say full marks to mister B. for getting both the form and the substance exactly right.

                  [*] "Великий и Могучий" - if you ever took a proper Russian class, you know where this is coming from ;-)

                2. Voland's right hand Silver badge

                  Re: Kieren's credentials

                  a common response be to advise the requester to love his mother very much?

                  That would be Bulgarian. In Russian, a motherly love reference does not include an "Implied Facepalm" (TM), while in Bulgarian it does. In most other Slavic languages it is usually rather anatomical.

                  So if you want to convey the disdain for that nice American idea of "unconditional surrender" as a synonym of "we will negotiate a treaty with you", you will have to do it differently in each language. The general idea will always be an "Implied Faceplam" full of disdain.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: Kieren's credentials

                    "In Russian, a motherly love reference does not include an "Implied Facepalm" (TM), while in Bulgarian it does."

                    Thank you. Come for the IT angles, gain a useful insight into international profanity. (I am being factual by the way.) My pre-Revolutionary dictionary is no help on older forms of verbs of motion, unfortunately.

              2. Jonathan Schwatrz
                Facepalm

                Re: Voland's right hand Re: Kieren's credentials

                ".....They do not give a damn about what their losses....." You mean the current inhabitants of the Kremlin have zero qualms about letting the peasants be massacred as long as the inhabitants of the Kremlin are safe. Not much changed there from the days of Stalin then.

          4. wayward4now
            Linux

            Re: Kieren's credentials

            "What the Russian government should do is hand the United States its unconditional surrender. That would be the quickest step to world peace they could take."

            First we need to add Mexico's provinces to our states. Mexico is too dangerous a trainwreck to ignore. Next, any country we have to send support efforts to, should accept the US flag.

            Then, with regard to Russian fears, it's about time to completely redefine Internet Protocol. What we have is broken and leaking beyond the point of audience participation.

        2. James 51
          FAIL

          Re: Kieren's credentials

          I might have more sympathy for Putin if it wasn't for the wars of aggression he has launched against Georgia and Ukraine. If it wasn't for the cyber attacks against Estonia. The meddling in US elections to weaken democracy and trust in institutions. As it is, the world has plenty of reason to worry when they see Putin making a power grab in internation instutions because when he needs a distraction and make the Russian people cling to him no matter how low he has brough their standard of living, he attacks a target of oppertunity. As for the Chinese, I don't have enough time to list how they use and abuse the internet. That Chinese intelligence or law enforcement officals broke their own laws by kidnapping people from Hong Kong, tortured them, forced them to sign documents before releasing them shows how much they can be trusted.

      2. Voland's right hand Silver badge

        Re: Kieren's credentials

        Kieren has written and researched articles about ICANN, internet infrastructure and internet governance for more than 15 years.

        Well, he clearly did not research this one.

        What is happening is a direct and natural consequence of their laws on critical infrastructure. It was BOUND to happen. The question is not if, but when. They are obliged to prepare a disaster recovery plan and "separation under attack" plan regardless of who would be running root servers, registries and registrars. ICANN or no ICANN. US involvement or no involvement. This is what the law says.

        Go and read it. We discussed it extensively here multiple times.

        By the way - we should plagiarize these parts of it verbatim. It is well written and whoever consulted on the tecnical content of the relevant sections knew about DNS and how the internet works at a level which can be matched by a double digit number of people in the UK today. The person who did that job also had a very clear idea of attack and DOS mitigation methods used at that level (that probably narrows that number down even further).

    3. phuzz Silver badge

      Re: They are obliged by law to do that

      I think most people would agree that there's good reasons for spreading the thirteen root servers around the world. Ideally to such an extent that even if (for example) the US and Russia both decided to fiddle with them, there'd still be enough independent copies out there.

      And that's ignoring all of the non-political problems that come with clustering services too closely together geographically.

      1. Alan Brown Silver badge

        Re: They are obliged by law to do that

        "the thirteen root servers"

        Have you ever looked at the A records for "The thirteen root servers" ?

        There are a LOT more than 13

    4. This post has been deleted by its author

  5. T. F. M. Reader

    Gedankenexperiment

    The article is correct in its analysis, but I'd like to offer couple of additional thoughts (that may or may not be right):

    1. A mirror (i.e., the current system described in the article) is not a backup. The point of a backup may be in not syncing blindly. I can imagine a system under Russia/BRIC control that mirrors everything but those countries' TLDs and "augments" the zone file used, thus making sure that the .ru, .cn, etc. parts are under control for the users that use nameservers that sync with such a root server. The "augmentation" ("restore from backup") may be performed after a comparison.

    2. The "live experiment" that Russia ostensibly did could, in principle, be conducted under complete Russian control. E.g., make sure that some (Russian, regional) subtree of nameservers pull updates not from the global root servers but from a controlled experimental system such as outlined in item 1 above. Then one could screw up the .ru part of the controlled zone file in various ways and study the consequences. The world "zone experts" interviewed by El Reg would be none the wiser, and if something went wrong the observable effects would be some disruption of service to some Russian users at worst, barring leaks from thoroughly vetter Russian personnel involved or covert James Bond activity.

    The recent Putin's decree may be about moving from experimental setup of #2 to production system of #1.

    Any possibility to mess with the Russians' (Chinese, etc.) internet user experience would be completely coincidental. Of course.

    1. Yet Another Anonymous coward Silver badge

      Re: Gedankenexperiment

      The real chaos could occur when they start offering the service to other countries.

      The US isn't going to hand over .ru to somebody else, but it might hand over .yemen or .qatar to say Saudi Arabia. They did this with Iraq's TLD and US politicians have been calling for the govt to take over Libya and Syria

      So the Russians offer alternate DNS for .ly which conflicts with the other .ly and your ISP has two choices for which cute-millenium-name .ly social web app to send you to. Both with official https certs

    2. Anonymous Coward
      Anonymous Coward

      Live experiment is easy

      If you have the capability to run a few VMs you could do the experiment yourself right now.

      All DNS servers have a cache file they start up with that tells them where the 13 root servers are. So you set up an experimental DNS server that has changed those IPs to point somewhere else, i.e. some VMs you've set up as root name servers that use a modified copy of the root zone file. Then you point clients at your experimental DNS server and they see the world via the modified root zone file. If it is missing .ru, then no .ru names will be resolved by your experimental DNS server but it will perform recursion for anything else. If there was a .porn TLD where all porn was kept, it would be easy for countries that want to make a porn-free environment to use a root zone file that excludes the .porn TLD.

      1. tom dial Silver badge

        Re: Live experiment is easy

        "It would be easy for countries that want to make a porn-free environment to use a root zone file that excludes the .porn TLD.

        Until someone set up an alternate root server, shared with the cognoscenti, that adds .porn back in?

  6. Alan J. Wylie
    1. thegroucho
      Pint

      Re: Obligatory xkcd

      Pint, for you Sir, obviously!

  7. Anonymous Coward
    Joke

    Russia threatens to set up its 'own internet'...

    With blackjack and hookers no doubt...

    1. monty75

      Re: Russia threatens to set up its 'own internet'...

      Dammit. You beat me to it.

    2. chivo243 Silver badge

      Re: Russia threatens to set up its 'own internet'...

      @malle-herbert

      Forget the blackjack!

      1. thegroucho
        Holmes

        Re: Russia threatens to set up its 'own internet'...

        Don't forget the BlackJack!

        Russia is the place where the house ALWAYS wins.

        And in case you happen to have the audacity to win, things happen to you.

        You get arrested, sham trials and the likes.

        Count yourself lucky if you don't get polonium.

        1. Anonymous Coward
          Anonymous Coward

          Re: Russia threatens to set up its 'own internet'...

          Are you joking or not?

          If so, fine. Ha ha.

          If not, how do you know these things?

          1. B*stardTintedGlasses

            Re: Russia threatens to set up its 'own internet'...

            It's a reference to this:

            https://knowyourmeme.com/memes/im-going-to-build-my-own-theme-park-with-blackjack-and-hookers

            Bender from Futurama.

          2. Solmyr ibn Wali Barad

            Re: Russia threatens to set up its 'own internet'...

            "how do you know these things?"

            Heh, that's definitely not something you can read on the RT website. It's the darker side of life in Russia. With a hint of Odessa humour in it.

      2. imanidiot Silver badge

        Re: Russia threatens to set up its 'own internet'...

        @Chivo243

        You know what: Forget the internet AND the blackjack. Mêhh, screw the whole thing...

    3. B*stardTintedGlasses

      Re: Russia threatens to set up its 'own internet'...

      I came here to either make or find this comment. ..

      I was not disappointed!

    4. bombastic bob Silver badge
      Unhappy

      Re: Russia threatens to set up its 'own internet'...

      "With blackjack and hookers no doubt..."

      no, they're the 'new moralists'. They can't allow pr0n, gambling, naughty jokes, fun, etc. on THEIR internet.

      The "blackjack and hookers" will only be available if you have "special access" credentials... (i.e. THEM, but in a way that the general public won't find out about)

  8. DeeCee

    dont forget that it is great way for putins kleptocratic regime to make a lot of money for "right", aka. close to putin, people

  9. This post has been deleted by its author

  10. Anonymous Coward
    Anonymous Coward

    The headline got my hopes up

    Russia, China, Brazil and a few other east Asian countries I can think of walling themselves off from the rest of the world's internet would save my servers from having to deal with about 80% of the tens of thousands of malicious probes each is subjected to daily.

    1. Anonymous Coward
      Anonymous Coward

      Re: The headline got my hopes up

      None of which come from the USA.

    2. bombastic bob Silver badge
      Devil

      Re: The headline got my hopes up

      "would save my servers from having to deal with about 80% of the tens of thousands of malicious probes each is subjected to daily."

      Well, you could set up 'fail2ban'. that'd cut down on a LOT of it. that way you only get like 5 failed sshd login attempts (then it auto-bans the IP address for half an hour or whatever) instead of hundreds over a period of hours. And it generates complaint reports that you can forward on to ISPs if you want. I do it sometimes, depending on how irritating the robo-crackers are. [they have to EARN a complaint because I'm lazy, but not so lazy that I can't give "special attention" to our "special friends", heh heh heh "Warner Brothers" style]

      1. Anonymous Coward
        Anonymous Coward

        Re: The headline got my hopes up

        Well, you could set up 'fail2ban'. that'd cut down on a LOT of it. that way you only get like 5 failed sshd login attempts (then it auto-bans the IP address for half an hour or whatever) instead of hundreds over a period of hours.

        I do, but the sheer number of IP addresses they use (I assume from cloud hosts) still results in many thousands of login attempts per day before the 5-strikes-and-you're-out blocks kick in.

        1. Alan Brown Silver badge

          Re: The headline got my hopes up

          "5-strikes-and-you're-out"

          Take a look at the names they use. If they don't exist in your password file there's no harm whatsoever in making it one strike if they're attempted. (likewise, root, oper, sysman, toor, postmaster, etc)

    3. defiler

      Re: The headline got my hopes up

      This is what I thought too. If Russia and China had their own internet then they could fuck off away from my home server. You'd think they'd have better things to do.

      Fail2ban helped a lot, but I ended up just firewalling whole countries at a time.

  11. GreggS

    But

    How will they hijack all the Western powers elections if they cut themselves off from the global internet?

  12. rmason

    They're only going to be bothered about what comes in, less so with what traffic leaves.

    Don't worry, they won't want to disrupt their hacking industry.

    1. Alan Brown Silver badge

      "They're only going to be bothered about what comes in, less so with what traffic leaves."

      They are to a point. One of the advantages of controlling the DNS is that you can make all those pesky VPN sites go away.

  13. x 7

    Surely, as ever Putin has the truths reversed......

    this is all about maintaining access to the internet for Russia and her pals in the event that cyberattacks (or real attacks) on the west make access to the western root servers unreliable or impossble. And who is most likely to implement such attacks?

    This is all about Russia siding with the third world and laying the infrastructure for the next world war. If the submarine cables to the west are cut, something else needs to be available to provide DNS routing for Russia and the rest.

    This isn't about the west denying access to Russia. Its all about Russia isolating the west from the rest of the world

  14. Anonymous Coward
    Anonymous Coward

    okay bye

    if this keeps compromised computers from the brics from hitting my equipment, then let them go... don't let the door hit you in the ass on the way out...

  15. Anonymous Coward
    Anonymous Coward

    The collapse of the USSR.....

    Was a really interesting and important event in the 20th century, right up there with the 2 WW's and the Russian Revolution. I often wonder if some kind of Marshall like plan would have paid dividends in the long term, and prevented the stance that Putin has to the West. I know the Marshall Plan has some detractors (american imperialism) but IMHO, it was immensely positive. There's something I just kinda like about trying to make friends with former enemies, rather than taking a shit on them. For the recipients of the plan, on the whole, I think it worked. I'm a little bit geeky about Cold War history, and I'd like to be young again and studying it.

    1. Mike Shepherd
      Meh

      Re: The collapse of the USSR.....

      "...some kind of Marshall like plan..."

      Wasn't that ножки Буша? I think ex-president Nixon made the same point.

      1. x 7

        Re: The collapse of the USSR.....

        https://ru.wikipedia.org/wiki/Ножки_Буша

        1. Flakk
          Joke

          Re: The collapse of the USSR.....

          https://ru.wikipedia.org

          I get them mixed up. Is that the one where everything's the fault of "western imperialism", rather than "your Mom"?

        2. bombastic bob Silver badge
          Happy

          Re: The collapse of the USSR.....

          https://ru.wikipedia.org/wiki/Ножки_Буша

          I ran that through google translate - "Bush's Legs"

          (translated quote from the page)

          The name "Bush's legs" appeared in 1990, when a trade agreement was signed between Mikhail Gorbachev and George Bush Sr. on the delivery of frozen chicken legs to the USSR. Since in 1990 the Soviet counters were practically empty , "Bush's legs" were very popular.

          in case nobody else bothered to check. Brilliant reference!

          1. Anonymous Coward
            Anonymous Coward

            Re: The collapse of the USSR.....

            The name "Bush's legs" appeared ...

            The full name at the time was "Волосатые ножки Буша" ("Bush's hairy legs"): This "humanitarian aid" was of the lowest imaginable quality, and wasn't even fully plucked. It was probably originally destined for fish meal, where it would not have have mattered - not for human consumption.

            And yes, I had a few at the time. Not because I was particularly hungry (as bad and chaotic the situation was at the time, nobody was actually starving - unlike five years later, when Yeltsin's machinations have really picked up the steam), but as an American curiosity. They were just as awful as your cheapest supermarket chicken legs are, close to their expiration date. Perhaps a little bit more so.

  16. 404

    Wait what?

    A DNS change can take up to 72 hours to percolate down to every DNS server, depends on the individual server's TTL config.

    Or has that changed since yesterday?

    1. Blitheringeejit
      Boffin

      Re: Wait what?

      "depends on the individual *zone record*'s TTL config".

      FTFY - at least in terms of RFCs. Whether actual caching nameservers take a blind bit of notice of DNS record TTLs is another matter.

      1. 404

        Re: Wait what?

        Meh, you don't create zone records manually, you set up a domain setup script template that targets a DNS server to create zone records, webserver to create folders/set permissions, email server for same. My original statement applies.

    2. James R Grinter

      Re: Wait what?

      Rubbish. It should take a maximum of whatever the TTL was on the record you are changing, and that only if someone looked it up for the first time just before you changed it (unlucky!) and only for those querying that nameserver.

      There is no “percolation” in DNS.

  17. Prst. V.Jeltz Silver badge

    sounds like a credible threat to me .

    Cant say I blame them.

    will the new internet have blackjack? and hookers?

  18. Aodhhan

    DO IT!!

    Then we can shut these countries out of the original WWW, and watch crime on the Internet go down, as well as cripple their economy more.

    I'm sure this will go over well with large businesses in these countries.

    1. jabba the nut
      Mushroom

      Re: DO IT!!

      This is why when I read this article I could not restrain myself from bursting out in fits of laughter, normally the register has some good articles but this one I am sorry to say is one of the worse, emerging economies such as India and china who are heavily invested in the west, cutting themselves off from rest of the web which in turn will isolate themselves from potential lucrative markets, because Putin says so lol give me break.

      lets not forget these economies are growing due to trade restrictions being lifted by the west that allowed china and the others to take advantage of global trade, the www is now the backbone of global trade like it or not, honestly your trying to tell us that these countries now effectively want to put those blocks back in place by themselves and neuter their own growth.

      1. Anonymous Coward
        Anonymous Coward

        Re: Re: DO IT!!

        Did you actually read the article?

  19. Andy 97

    Internetski

    Will this also pose a problem for those who use TOR?

  20. spold Silver badge

    Meh - all ISPs will be required to use the local DNS service and undesirable IP addresses will resolve to the "You are attempting to access illegal content - remain calm - we know where you are and we are coming to get you" service - Chinese will love it as well, will make ISP compliance with the 2016 Cybersecurity Law that much easier.

  21. Anonymous Coward
    Anonymous Coward

    Wait a second if they wall themselves off who are they going to blame for any hacking?

    1. 404

      Iran or white supremisistsistists. Choose wisely...

  22. Triumphantape

    What if...

    You wanted to isolate the people in your country from the rest of the World?

  23. scrubber
    Big Brother

    "paint the US and Europe as controlling bogeymen"?

    Not a whole lot of paint required, as Snowden and others have pointed out.

  24. N2
    Thumb Up

    Thats fine by me

    So long as they keep all their shite to themselves.

  25. JennyZ

    Bring back Minitel...

  26. Anonymous Coward
    Anonymous Coward

    Is any of this payback for the way

    Stuxnet went out of control crashing PC's?

  27. Rathkennamike

    Great, let them FO, maybe that will stop all those beautiful (?) Russian girls lusting after my body !!

  28. Anonymous Coward
    Anonymous Coward

    Under the principle of "do unto others before they do unto you," this sets the BRICS to be protected when takeing the root servers that cover the rest of the Interent. Given the capabilities already demonstrated by Russia and China, this isn't at all far fetched here. Harder than back in the '90's, and I was looking at what would be required technically, due to increased capability (system speed) and improved resilience of BIND, but not impossible. Offense usually trumps defense most of the time especially when defense has to be perfect while offensive only has to be successful once or a few times.

    "As the stars went out, one by one" comes to mind here.

  29. John 104

    it may take a day for everyone on the internet to reach it (in reality most internet users will do so within an hour or so).

    Only if they don't understand DNS TTLs. Setting a lower TTL prior to a migration will mitigate this...

  30. Claptrap314 Silver badge

    There is a difference between the technical & political aspects of this. Mirroring systems in general have a fragility that serious businesses cannot afford, and from the technical side, this is nothing more than a move to a more robust system.

    It all boils down to who you trust to control the information that you MUST have to operate. I don't care if it is DNS files, SSL certs, os ISOs, ruby gems, python eggs, or shopping lists. There are a lot of ways that the master records can be compromised, and if you cannot afford to have your mirror return bad data, then you have to buffer changes in such a way that you at least have the ability to roll back problematic changes more or less instantly.

    It makes no more sense to me that a national government unconditionally trust the root zone files than having its currency printed offshore.

    Technically, this is a big, fat 0.

    Politically, it is another matter. Putin & co have been quite aggressive about their efforts to control information flow to their people. Being an ISP there must be quite interesting--they have certainly come to the attention of important people. How you feel that compares to the West is your business. Externally, this is very much about soft power--Putin attempting to increase his influence at the expense of the West. Hardly news. But not to be ignored, either.

    As for the ITU--guys if you think the country governments are corrupt & dominated by big business, you REALLY ought to look at how messed up the UN & partners are. A lot of these countries don't view graft as a problem at all.

  31. JohnG

    Devil's advocate

    If the situation were reversed and all the root servers were in Russia and China, how long would US and EU governments take to decide to take matters into their own hands? I suspect they would reach such a decision in minutes.

    Given the somewhat toxic state of relations between USA/EU/NATO and Russia/China, almost anything seems possible now. The idea that, if the US government/military decided to interfere with the running of root servers, brave Internet warriors would then continue to run free root servers in the face of US authorities is just silly.

  32. David Roberts

    Critical infrastructure

    Communications have always been vital to the military.

    At one one time it was more traditional communications netwroks. Telex style terminals in COMCENS with the fall back of sending morse over the bare wires if all the smart stuff had been wiped out by EMP. As far as I know everything is more sophisticated now but also more vulnerable.

    The power network was a biggie; take down the National Grid and we would be starving in a week as all the chilled and frozen food went bad.

    These days we seem to be almost totally reliant on the Internet for "just in time" logistics and all aspects of business and banking. This makes any (at least First World) country enormously vulnerable to network disruption. Imagine the chaos if you could not buy goods electronically and anyway nobody knew where they were.

    The tactical and strategic advantages are obvious. Why take enormous civilian damage from a nuclear exchange, or massive long term drain on resources of a conventional war when you can just cripple your opponent by taking down their logistics? Victory without a shot fired? Very enticing. So every sovereign nation should be taking all possible steps to secure vital infrastructure. Having vital parts managed by a likely enemy is not a good position. Having a fall back plan is vital, as is testing it.

    TL;DR - why wouldn't Russia do this? Crazy not to!

    1. Alan Brown Silver badge

      Re: Critical infrastructure

      " if all the smart stuff had been wiped out by EMP."

      The bigger risk is that the POWER GRID can be wiped out by EMP.

      Or a large enough solar flare. Both put a DC bias on the lines and cook the transformers.

      The really big distribution transformers take a couple of years each to make and are usually backlogged by a decade.

      It's possible to mitigate this issue with endpoint redesigns but you need to double up on the transformers and there are a few thousand of them involved. There are a number of papers about this but the most commonly advocated defense step is to temporarily disconnect the lines, not to rewire them to make the system immune to such stuff. That's fine for a solar flare where you have hours/days of warnings. Somewhat harder for EMP.

  33. Anonymous Coward
    Trollface

    For Britain

    Before Brexit, Britain must also have our own DNS servers instead of trusting EU ones reeling of garlic

    1. DocJames
      Megaphone

      Re: For Britain

      If you're worried about Brexit and the EU, I think you mean reeking.

      Reeling is entirely different, as it's related to with Scottish independence.

      Icon: cos there's no bagpipe icon

  34. Doctor_Wibble
    Big Brother

    Who controls the view you have of the internet?

    Is it the people who control the DNS you use? Is it the antivirus/malware scanners that list dodgy URLs? What about your 'safe browsing' option - who determines what that or its subcategories actually mean? Who is entrusted with that list once those determinations are made?

    OK so that's a very browser-centric set of remarks but everything we do on the net is based on chains of trust. and we shouldn't just give our preferred data sources a free pass just because they are the proverbial local server for local people.

    One man's compliance with regulations is another man's dodgy underhand dealing with an evil repressive regime...

  35. Anonymous Coward
    Anonymous Coward

    Maybe DNS needs to have a block chain. Why not? We use it for everything else these days.

  36. Quotes

    Noteworthy IP Address

    8.8.8.8 is used by Google for DNS... they are unlikely to change the purpose of this address

    But what if it was used for a web site, say 5.5.5.5 and that became the brand?

  37. Alan Brown Silver badge

    Someone missed an important point

    Those "alternate roots" are proposed as only accessible by BRICS countries.

    It's a hop skip and jump to legislating that residents of these countries are only _allowed_ to use those alternate roots and to enforce that by forcing ISPs to divert port 53 and 5353 traffic to "approved" nameservers.

    1. Anonymous Coward
      Anonymous Coward

      Re: Someone missed an important point

      There are actually a few alternative DNS systems in operation, have a google. I'd be surprised if you could really force people to use a particular server in practice but if they did someone would just create an entirely new DNS system. You could probably even make an http packaged one if you needed to get through proxies.

      1. Alan Brown Silver badge

        Re: Someone missed an important point

        "There are actually a few alternative DNS systems in operation"

        I know, and many have come and gone. If you're using deep packet inspection, then you can detect DNS traffic on nonstandard ports and block it.

  38. TheDudeski
    FAIL

    Hurry up and blockchain DNS

    'tards

  39. Fihart

    Let them have their own internet.

    Sadly, wouldn't get them and their scams and hacks off 'our' internet.

  40. AbeChen

    A Way to Achieve the Same Goal Without Fights

    We ventured into studying the IPv4 address depletion challenge a few years ago leading to a surprise solution that we nicknamed it EzIP (phonetic for Easy IPv4). A proposal has been submitted to IETF:

    https://tools.ietf.org/html/draft-chen-ati-adaptive-ipv4-address-space-03

    Among several useful benefits, the most direct consequence is that EzIP enables the establishment of regional sub-Internets, each capable of serving up to 256M (Millon) IoTs, covering the largest city (Tokyo Metro) or 75% of countries from just one IPv4 public address. This can realize the CIR (Country-based Internet Registry) model from ITU a few years ago, even without establishing a CIR organization.

    If a government is not interested, private enterprises can make use of this facility to provide "local Internet" services. Either way, this will be a parallel facility to the existing "global Internet" model, so that citizens will have the flexibility to choose.

    Thoughts and comments will be much appreciated.

    Abe (2018-09-16 17:30)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like