In recent years, our society has been uniquely conditioned in our understanding of technological and digital advancement. Whereas for past generations, leaps forward in technology seemed terrifying, alien and sometimes apocalyptic in their implications, our generation has been taught differently. Since the creation of the world wide web and its domination of daily life, technologies which for most defy comprehension, have become mundane.
The average American no longer views advancement as a danger because we have become used to the presence of high level technology in our daily lives. We witness its advancement everyday. Twenty minutes ago, I updated iTunes. Maybe yesterday, you downloaded the newest version of your web browser. The days of Y2K are over and the new is now our friend. There is no danger or downside to the newer, to the faster, to the sleeker. The newer, the better.
Right? Well, maybe not so much.
As most people in the tech sphere know (and most outside have no clue, myself one of these until recently), a couple of weeks ago we all celebrated a holiday: World IPv6 Day, heralding the (supposed) upcoming dominance of the newest version of the IP (Internet Protocol, for the non-technical such as I) address.
As most know, an IP address is simply a number which serves as a device’s ID within a computer network (read this phenomenal breakdown of the technology by Stephen Shankland for more information). For a while, most computers have been using IPv4, which identified machines using 32 bit numbers, creating a total of 4.3 billion different addresses.
However, as the internet grows at its ever increasing pace, this has proven to simply not be enough, and thus, IPv6 was born. With IPv6 computers are identified by 128 bit numbers, meaning that with this new technology, there are roughly 340 undecillion possible addresses.
Awesome, right? Again, maybe not so much.
Recently, the FBI, DEA and even the Canadian Mounted Police have suggested that the switch to IPv6 is making it more difficult to track criminals online, those who would traffic in things such as drugs or child pornography, in addition to hackers, botnets, kidnappers and terrorists.
Under IPv4, it wasn’t very difficult to find offenders online via their IP addresses. The American Registry of Internet Numbers (ARIN) would hand out the address and internet providers would log them into the public WHOIS database (essentially a library of what IP address belongs to what computer).
In this way, if the FBI caught wind of suspicious email conversations, they could simply look up whose IP addresses the messages were traveling between and pay the participants a visit.
Since IPv6 has made so many more addresses available, however, registration protocol has changed.
Rather than handing out smaller blocks of IP addresses more frequently, the ARIN is handing out massive blocks every 10 to 15 years. As a result, internet providers are getting lazier and choosing not to update WHOIS as often, meaning that the database is unable to provide law enforcement with the up-to-date information it needs to take advantage of IP addresses as a means they can identify criminals.
For companies such as Dyn, this problem is especially resonant for multiple reasons. On the most basic level, it deals with a technology that we work with and that defines our field of industry. On a deeper level, though, this problem speaks to us because it says a great deal about the way in which providers and clients can and do interact with technology.
Because, in many ways, the problem here isn’t IPv6 at all. It’s the laziness of internet providers. The technology is failing because the people who work with it choose not to put in the due diligence required to make the technology function as it should.
And this isn’t a wholly ridiculous occurrence. With technological advancement comes complacency. Complacency breeds laziness. Laziness leads to complication and obstruction.
This does not solely apply to the problems the DEA and the FBI are having.
Surely, some argue that it is not the job of the private sector to tailor its products to the needs of governmental powers, that ease of search shouldn’t be a goal to strive for, that compliance with those principles is compliance with a fundamental violation of liberty. Even if we want to make that argument, we cannot use it as an excuse for failing our fundamental duties as innovators.
The important thing to think about (however you may feel about the presence of law enforcement in matters of internet security) is that the damage that laziness and complacency does eventually inflict is far wider in its reach than just the hunt for cyber criminals. In the end, those attitudes do damage to everyone who uses digital technology, whether it’s a student or a professional or a law enforcement officer. The need for high functioning and safe digital systems is absolutely universal and apolitical.
We, the technological community, owe it to all who interact with our creations to do the grunt work so that they can use what we give them in a safe and effective way.
Honestly, if we neglect that, we’re simply not doing our jobs.
It’s important to remember that we’re responsible for maintaining what we create, tending to it, making sure that we don’t let our excitement over the innovation get in the way of our attention to the fine-tuning, the troubleshooting, the grunt work that may not have the glory of invention or the distinction of discovery.
We must be both architect and janitor, because, in stepping forward into an industry with such far reaching, universal application, to be any less, is to fail both our creation and our clientele.