THE FORTRESS INTERNET IS DOOMED

 

A MESSAGE FROM OUR FOUNDER AND CEO -

Warfare has been dominated over the centuries by a constant battle between offensive and defensive technologies. The open battles with horse and sword gave way to siege warfare behind thick walled castles. The castle walls dominated for centuries until they fell eventually to cannons.

In World War One, the defense dominated the battlefield with a string of trenches and barbwire extending from the Alps to the Atlantic coast. The battlefield was ruled by the machine gun and artillery which could rain down upon an attacker held up by the barb wire and trenches. The result was a stalemate with opponents only a few hundred yards away from each other but unable to do anything about it. The First World War led to the ultimate defense to be built in the 1930s - the Maginot Line - a string of fortresses massed along the French border, named after the defense minister who proposed it.

In World War Two, the tank brought cannon and armor into a mobile cavalry that outflanked defenders and fortifications. The Maginot line was defeated by a force of tanks that could simply drive around the fortresses. At first, armor was used to support the infantry, as it was done in the First World War. The dispersed nature of small packets of tanks fell quickly to the next level of war. The invention of mobile armor brought concentrated forces of airpower, tanks and infantry into single massed formations, punching a hole through trench and barbwire to quickly overwhelm an opponent. The massed formation also destroyed the smaller packet of tanks and forts by sheer weight of its attacking force. This was known as "Blitzkrieg" or the lightning war.

The advent of the atomic bomb changed warfare yet again. Fixed fortifications and concentrated masses of tanks and armies were lucrative targets for a single blast from a tactical nuke. Thus, warfare adapted by dispersing forces, small units acting independently but on a coordinated plan, could come together, strike and leave before the opposition could muster a nuclear attack.

The information war has also changed over time. For information warriors there are many theories of attack and defense but they have common threads. The current level of thinking is the Cyber-Fortress. Large organizations with large staff and deep pockets can afford to set up complex and difficult to breach defenses.

Much like the Maginot Line, these organizations have put in place large barriers, heavily staffed teams and layers of defenses to thwart attackers. The concept has generated itself into business models such as Google and Yahoo.

Yet, much like the Maginot Line, these large organizations have been defeated by smaller groups with few resources and little money. The massive breach of Yahoo compromised over 500 million email accounts and was accomplished by a nation state actor but it demonstrated how easily a massive breach could be established with little effort. The breach of over 20 million employee records from the US government appears to have been performed by 1 or 2 well placed contractors linked to China.

The massive Internet giant Google has suffered a more variety of attacks usually of a smaller nature. Individually targeted breaches using spam and fake email links called phishing attacks have turned hundreds of thousands of user Gmail accounts into hacked data. The prime example here is the attack carried out against Democrat advisor John Podesta which came via a simple email and was enabled by his ill-informed IT staff.

The same theory also applies for the offense. The larger organization with a huge advantage in manpower and resources can quickly cobble up massive attacks. This type of offensive organization is exemplified by the US National Security Agency (NSA) but there are various other nation state groups in China, North Korea, Russia, Iran, France, the UK, Australia, and Israel (to name a few). These attacks have also been revealed such as the penetration of the SWIFT banking network by the NSA to monitor financial transactions in the Middle East.

Yet, as we have seen, these offensive operations can be thwarted, outed, foiled and busted by individual hackers or small groups that nimbly dance around the lumbering giants. Another disadvantage, shared by both large defensive and offensive outfits, is that the larger a group involved the more likely there is a leaker, mole, spy or just plain status seeker who will blunder into revealing the operations and its flaws. The massive amounts of code presented by the Shadow Brokers, an independent group who may have a nation state affiliation, and the huge leak of CIA exploits inside the Wikileaks Vault 7 are examples of the failure of large organizations to protect themselves. The lesser known but far more dangerous leak of the DUAL-EC backdoor placed by the NSA (allegedly) inside the communications products of Juniper is a classic example of how a single breach could lead to a disaster of global proportions.

The bigger is better theory also applies at the individual level. The current secure chat programs that dominate the market are all centrally based large organizations. The applications erected by Facebook, Apple, Telegram, and Signal are all dependent on large staff, large servers and centralized fortresses where they operate. The central theme also means it is easy to determine if someone is using these apps as members of the Trump White House, and staff inside the UK government have discovered.

There have already been several circumstances of users of the most popular and effective Signal app having been outed by simply looking for them in the available online listings. The same - almost phonebook like - feature is present in the other applications because in order to chat you need to know who to connect with.

The chat companies also makes the NSA job easy because traffic to and from the centralized services can be monitored. While the NSA may not be able to decode the chat information, they can determine where and eventually who is doing the communications. It also puts these centralized services at risk of directed attacks and insider attacks. In short, much like a massed formation of tanks is a lucrative target for a single nuke, so it a massed formation of servers with a large client base.

The same problem applies to many other systems such as video and phone services via the Internet. In fact, putting data on the Internet is less secure than writing it on the bathroom wall at a local gas station. Anyone with the resources and determination can read the data and, worse, make determinations of location, sender, time and date. Can you say that about the senseless scribbles on a service station restroom wall?

To demonstrate my point - use the TRACERT command - better known as the TRACE ROUTE. In Windows, start a command prompt and enter "TRACERT www.twitter.com". This will show you the number of services and computers your single request has to go through just to reach a website - in this case Twitter.

C:\Users\me\tracert www.twitter.com

Tracing route to twitter.com [104.244.42.65]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 999.99.999.99 - example only
2 1 ms <1 ms <1 ms 999.99.999.98 - example only
3 625 ms 1300 ms 786 ms 999.99.999.97 - example only
4 580 ms 649 ms 569 ms 999.99.999.96 - example only
5 570 ms 557 ms 561 ms 999.99.999.95 - example only
6 593 ms 568 ms 739 ms 999.99.999.94 - example only
7 610 ms 1283 ms 1301 ms 104.244.42.65

Trace complete.

Note the TRACE ROUTE command also tells you the time it took to make each hop. With a global map of IP addresses and service locations (easily found on the Internet) you can even determine nearly the precise location of where the request came from and went to. Surprised? Don't be. Global communications and computer networks are currently dominated by the Internet - making it a giant tunnel through which money, lives and data flows. The input and output from this focal point is monitored, tolled, jammed and scammed.

Yet, don't expect this to last forever. The last decade has seen a giant concentration of applications trying to funnel users into a boxed Internet where all their data and software is stored in the centralized giant services. The best example is Cloud based software which is provided by subscription. While currently lucrative it also jams up every so often when someone or something bottles up the Internet. Such services have been breached - with security being a secondary issue to money making products and some have failed, taking user data with them.

If you store something on the cloud you are putting it on someone elses computer.

When a link in the service chain goes down the pressure is upped on other resources and whole areas of nations go offline. If the Cloud is not available - for any reason - then the production comes grinding to a halt.

The Internet is also not a nice place filled with candy and toys - but instead inhabited by ransomware, attack viruses and bricks aimed at any passerby. If you want to see the results - look at the $250 million loss declared this quarter by Maersk shipping lines - all due to a single virus attack - PETYA.

Thus, the standalone individual user model is beginning to look good again. You buy it once, not every week, and it works whether the Internet is up or not. Standalone chat apps that do not rely on the Internet also have that nasty little feature of not being funneled through central services to be examined. The standalone SMS chat only uses a phone number for a contact - which can be an expensive cell phone linked to a user or a cheap throw away purchased today. The data is mixed in with billions of other SMS messages and if the message is encrypted - it is also secure.

Standalone email applications can use a variety of services to perform the task. If one is down or has issues - one click of a button and the email is sent by another service. Standalone services also save you emails locally, so you don't need to save them online to view and later become lucrative targets for hackers (30,000 Podesta emails in one Gmail account).

While many are still banking on the central service to dominate the 21 Century, the writing is already on the gas station wall, the NextNet is already replacing the MagiNet. It is dispersed, decentralized, resilient, nimble and survivable - everything the Maginot Line wasn't.

CHARLES R. SMITH

CEO FOUNDER OF SOFTWAR INC.

NUNYA STANDALONE SMS ENCRYPTED TEXT MESSAGES

 

Contact Us: