The Sky Might Be Falling
Not too long ago, I read a product review of crosscut shredders in a popular financial magazine. Under the guise of promoting personal security to prevent identity theft, a reviewer put a handful of shredders through a set of tests. One of the tests was to see how long it took to re-assemble a shredded document. I am not sure if the author did not reveal the methods used or I simply missed them, so I cannot say whether or not the time to re-assemble was based on only a single sheet in the bin of shredded paper or a mix or many sheets. I was a little surprised to see that several of the shredders required only twenty minutes to reassemble a shredded document. I have heard rumors that US government contractors have built systems to reassemble shredded documents, but I did not expect a product review to include reassembly time.
We spend a lot of time talking about the ubiquity of computers and technology. Explaining to people that it’s extremely difficult to obtain a finished product that didn’t involve a computer during the manufacturing, shipping or sales process. So it’s with some surprise that the uproar surrounding critical infrastructure hasn’t focused more on our digital communications infrastructure. I need to preface the rest of this entry by admitting to have spent very little time watching any of the C-SPAN channels, and to never having worked for an ISP. That said, I question how much thought was put into securing our long-haul fiber infrastructure.
The critical infrastructure of any nation is of paramount importance; this is obvious. Perhaps if I lived on either US coast, I would have the same sort of stake in seaport management as I have in router port management. Because I’m lucky enough to work with a number of individuals with deep experience into the development of the Internet, I’m occasionally involved in discussions where I learn things I have been completely unaware of. America’s long haul fiber inter-connects were inadvertently the topic of discussion over lunch recently. According to this recent conversation, I was extremely surprised to learn that we’re relying on two primary long-haul fiber paths.
Harkening back to the days of the railroad expansion, large rail companies have legal right-of-way over the land where track has been laid. Not surprisingly, right-of-way is extremely difficult to come by in the modern era. In order to develop cross-country fiber connectivity, ISPs entered into agreements with the holders of legal right-of-way – the rail companies – to bury the cross-country fiber. Someone had already gone to the trouble of cutting paths from the East to the West, so the ISPs followed these paths while laying fiber.
Even if you have never flattened a penny by placing it on the railroad tracks, you probably know someone that has. While it’s illegal to be on railroad tracks anywhere other than a crossing, innumerable people have done it. Therefore, with all the attention to the location of freight coming into the U.S. at seaports and airports, it is curious that I have not heard anyone bring up to our lawmakers this potentially large critical infrastructure threat. It is understood that ISPs consider this information extremely critical, and it is understandable that they are not keen on the location of buried fiber being revealed. Still, without a functioning computer network, the utility of ports is effectively nil. Ultimately, this calls into question the issue of whether or not its easier to infiltrate a port operator, air freight carrier, both of which must deal with a security presence, or whether a terrorist might find it simpler to attack our rail routes, instead.