He can click on a bank in Manhattan and see who has communication lines running into it and where. He can zoom in on Baltimore and find the choke point for trucking warehouses. He can drill into a cable trench between Kansas and Colorado and determine how to create the most havoc with a hedge clipper. Using mathematical formulas, he probes for critical links, trying to answer the question: “If I were Osama bin Laden, where would I want to attack?”
Does this not seem particularly scary to anyone else? Can we say this guy’s going to be a government cronie sooner than he can say slap-happy? Imagne the possibilities with that program, I shudder to think what could happen if a terrorist techie got his hands on it.
The links themselves should be (often aren’t) redundant in the true sense. There is an actual second fibre bundle waiting to take over the traffic on the active bundle. Often though, they tend to be placed side by side due to the economic cost of getting right of ways and digging the damn trench, laying the fibre.
The problem that I see is the identification of major hubs where optical traffic gets groomed, multiplexed, routed and/or switched. Taking out hub would likely cause massive dumping of traffic onto protection channels (assuming those are setup). The time required to repair the destruction would be considerable as you need to rebuild, commission and connect the equipment lost. That assumes the Telco has the information up-to-date and available. All in all, nasty.
I’m far more scared of the Bush administration than I am of some faceless terrorist interrupting my web surfing or causing some phone calls to be dropped. Honestly, I think it’s far more likely that the public release of information like this is likely to expose irresponsible corner-cutting by the megacorps who control the fiber than it is to bring on some terrorist attack.
That means you haven’t thought this through. Everything goes over fibre. Phone calls, 911, medical imaging, credit card transactions, credit transfers, the NASDAQ, corporate WANs, etc.
Of course it will expose telcos and corporations attempts to reduce costs by reducing redundancy. The main concern use to be localized screw-ups like a backhoe, now their costs cuttings are exposing them to massive service interruptions due to larger more directed attacks.
True. Typical reflex reaction by any organization though. Yeah, anyone could do this but the amount of time would require a fanatic (or grad student). Unfortunately we seem to have those by the scores.
The answer of course is to decentralize the optical backbone and assign priorities to traffic so that single failures, even multiple site failures, results in lower priority stuff getting the boot while the rest gets routed around the failure. That will take time and money to build up.
You’re right about the vulnerability of the locations where the fibers come together and data’s kicking around from one fiber to the next in its journey.
Our corporate WAN has four “supernodes” that are interconnected with fat and fast OC-768 fiber so each node is connected to all the others for instant fail-over, rather than a simple star or ring. This guards against one or two fiber breaks, but if a node is targeted, there’s trouble. The other three nodes will be able to route traffic, but anything connected to the targeted node would be out - whether it’s mainframes, servers or metropolitan area networks.
There are backups in the form of “dark” leased fiber on commercial carriers such as MCI, Global Crossing and AT&T, but these aren’t instant fail-over options. Whether someone has to swap cables somewhere or make a phone call to activate something, I don’t know, but the capacity is there.
All of this has cost us about a billion dollars - hopefully nobody will accuse us of cutting corners.
For what it’s worth, these “supernodes” are rather boring things. Two equipment racks at each location with a handful of orange fiber cables coming off of them is pretty much it. No NASA-esque full-wall video displays, no maps with criss-crossing lines. Just a small locked room.
Its the hubs with multiple OC192 (10-20G) bandwidth nodes dropping off the smaller stuff onto the 2.5G and smaller nodes that then do some cross connecting and then route it back out to the other coast that worry me. There are new super cross connects like CoreDirecotr and HDX that collapse all that down to a single box, which makes for a smaller locked structure but the exposure of single hub failure exists. Which is why the powers that be have reflexively freaked.
The thing is, this was all publically accessible information. Anyone who’s smart could do much the same thing - and the businessmen who wanted to take his laptop to prevent him from leaving with his info are merely reacting after the fact, totally oblivious to the understanding that it’s nothing unique to this one guy. Sure, he’s got the whole thing on a map, but someone determined could figure it out for an important city or two without too much difficulty, I’d think.
Well that’s what I’ve said.
One of the issues is that some mid west cities have hubs that act as massive cross connects linking the west coast to the east. By striking there you can reach all eth way out to NY, LA, Chicago, Dallas etc. without ever going there. The problem is that now that it is available as a whole what do you do? Do you freak out as these companies and the government are doing, or do you not worry about it? I’d say another 3-5 years of typical telco buying will ix the problem. They are moving away from SONET rings and matched nodes to a more flexible mesh configuration but they aren’t there yet.
The guy should be thrown into Guantanamo Bay immediately for failing to register himself as a potential terrorist.
I mean this sort of publically available information shouldn’t allowed to get out. If this sort of anti-democratic activity goes unchecked, next thing we know some clever so-and-so will publish everyones phone number and address in a book, or worse still - on a CD with a searchable database.
A few years back NPR did a story on the first Westeners to get access to the old KGB files. When it came to the period of Joe McCarthy’s, it turned out that the Soviets did indeed almost eliminate their spying activities in the U.S. Not because of the anti-communist efforts, however, but because it was more effective to just read American newspapers.
I would imagine that Old Joe would have said similar things about newspapers that the administration is saying about this guy’s map.
I love it! On one hand, you’ve got the people who want to turn the US into a communist state.
And on the other hand, you’ve got a guy doing his PhD about public information, pointing out what any sensible company, government agency, or terrorist group has already researched and made multiple copies of.
I don’t wish to frighten anyone, but it has come to my attention that people have been compiling information on all sorts of potential terrorist targets and making it available to the general public! Targets like dams, bridges, police stations, government offices, and – I shudder to think – even public schools.
I sure hope someone does something about those horribly irresponsible Rand McNally people.
It’s funny, my new job is with network management with a major telco. And in our training, I found the weakness of exhisting trunks frightening. For instance, the ENTIRE state of Vermont (where I am) runs on (if memory serves) TWO trunks. And I think one of those runs to Boston, too.
But there is a MAJOR trend in larger corporations of working diversity/redundancy into their circuitry. Even in the few months I’ve worked here, I’m seeing customers getting more and more insistant on having that redundancy. Which is all well and good, because it requires new builds, and new circuitry installed, and that means more business for the telcos, which took quite a hit a few years back.
In short: fear of terrorism is good for business.
As for what this guy did: he pointed out a weakness. He didn’t bomb anything, hopefully his work will make GETTING this information harder for people who are not just attempting their dissertation; ie: the baddies. And I think it’s pretty damn clever, as far as dissertations go. Dangerous, yes. But that’s because the system allows that danger.
Well really it’s no more dangerous than pointing out central power stations. The thing is most telco sites are on the 5th floor of some building on in a windowless box of a building in the burbs. They’re not obvious, so no one thought to look.
What I dont get is the professor who called it tedious and unimportant. i think it’s fascinating. This was already public info, true, but this guy compiled it in such a way as to be useful. Being able to quickly and easily see how the communication network is interconnected should be useful in many constructive ways.
Back when I worked in the NOC at AOL I remember having a conversation about an easy way to take down the internet.
AOL and a big provider (I want to say UUNET but I think it was someone else) were on the same block. If you blew up that block you would put a SERIOUS hurt on the internet as most fiber links ran through that block.
I also remember a water main break that took down most of NY state for a couple of hours and a fiber cut in Florida that took out the panhandle. During both those events phones were routed over old copper which worked fine for phones but hosed up data transfer due to line noise.
In all this talk of terrorism and vulnerability, the most important question has been overlooked: How is he going to get his Ph.D. if his dissertation has been classified?