(and Making it Was Very Illegal)By Adam Clark Estes
Why would you need a map of the Internet? The Internet is not like the Grand Canyon. It is not a destination in a voyage that requires so many right turns and so many left turns. The Internet, as the name suggests and many of you already know, is nothing but the sum of decentralized connections between various interconnected computers that are speaking roughly the same language. To map out those connections and visualize the place where I spend so much of my time may not have any clear use, but it intrigues the pants off me.
An anonymous researcher with a lot of time on his hands apparently shares the sentiment. In a newly published research paper, this unnamed data junkie explains how he used some stupid simple hacking techniques to build a 420,000-node botnet that helped him draw the most detailed map of the Internet known to man. Not only does it show where people are logging in, it also shows changes in traffic patterns over time with an impressive amount of precision. This is all possible, of course, because the researcher hacked into nearly half a million computers so that he could ping each one, charting the resulting paths in order to make such a complex and detailed map. Along those lines, the project has as much to do with hacking as it does with mapping.
The resultant map isn't perfect, but it is beautiful. Based on the parameter's of the researcher's study, the map is already on its way to becoming obsolete, since it shows only devices with IPv4 addresses. (The latest standard is IPv6, but IPv4 is still pretty common.) The map is further limited to Linux-based computers with a certain amount of processing power. And finally, because of the parameters of the hack, it shows some amount of bias towards naive users who don't put passwords on their computers.
But on a general, half-a-million-computer level, this is what the Internet looks like in all of its gorgeous motion:
This map shows the average Internet usage of the observed nodes over a 24-hour period. Look closely to see the traffic move with the daylight. (See higher-res here)Hacking into 420,000 computers is highly illegal. If said researcher were caught in the United States, he likely be slapped with one violation of the Computer Fraud and Abuse Act for every computer breached and face something like 50 consecutive life sentences for the sum total. (I'm being sightly facetious here but only slightly.)
However, these were not sophisticated attacks. The researcher explains in his paper that his so-called "Carna Botnet" (named after the Roman goddess of physical health) targeted only essentially unprotected computers — that is, devices that required only an "admin" log-in and a blank password field or no log-in at all — that he set his code to run as lowest possible priority in the infected device to avoid interference, and also left a note behind explaining to the computers' owners that he'd used their computers for this research. He even left them an email address in case they had any questions about the project.
Dramatization of a 420,000-node-large map-making adventure.He's a very curious one, too. Essentially, the researcher explains, he did the giant hack slash map for fun, to see if it could be done. "I did not want to ask myself for the rest of my life how much fun it could have been or if the infrastructure I imagined in my head would have worked as expected,"reads his report. "I saw the chance to really work on an Internet scale, command hundred thousands of devices with a click of my mouse, portscan and map the whole Internet in a way nobody had done before, basically have fun with computers and the Internet in a way very few people ever will."
This is what a static map of the botnet itself looks like with concentrations of its 420,000 nodes represented by different colors:
Notice how the computers that the researcher hacked become especially concentrated on China's east coast and virtually non-existent in AfricaThe research also serves as another much-needed warning about Internet security. "A lot of devices and services we have seen during our research should never be connected to the public Internet at all. As a rule of thumb, if you believe that 'nobody would connect that to the Internet, really nobody', there are at least 1000 people who did," says the report. "Whenever you think 'that shouldn't be on the Internet but will probably be found a few times' it's there a few hundred thousand times. Like half a million printers, or a Million Webcams, or devices that have root as a root password."
It's entirely unclear if anybody will actually pursue this anonymous hacker for violating however many laws he violated. But data scientists are excited about the results regardless. "This is a great study which underlines the fact that once again exploitable weak links are abundant and ripe for compromise, even on embedded or industrial systems," cyber security professional Mark Bower told The Register. Mark Schloesser, security researcher at Rapid7, told the paper, "The actual research itself is noteworthy in that it is the most comprehensive Internet-wide scan." Schloesser added, "I'd like to see more projects of this kind, conducted legally, and sharing information about the real state of play on the internet.
Because at the end of the day, there's a fair amount of debate over what the real state of play on the Internet looks like. Some say it's a map of connections, others say it's a Tootsie Roll Popmade up of layer upon layer of activity. In an essay for The Baffler that we also published on Motherboard, Christine Smallwood described these various metaphors. She half-joked that the Internet is like a hot tub because it's "shared with friends and strangers, whose warm water swirls around you, lulling you into complacency while silently transmitting disease." How scary but true.
No matter how you like to picture the Internet or what you think it looks like, though, it's pretty safe to say that these visualizations will only become more complex. With cheap smartphones taking off in Africa and $20 tablets popping up in India, the world is becoming more connected by the minute. So in a few years' time that confetti-colored map of the world above will look less like chart of privilege and more like an acid trip of progress.