Burning Down The House

RomyGeneral News

02 August 2022

Burning Down The House

We currently live in a world that is evaporating under the human-made climate emergency and countless other shifts we find ourselves in at the moment. The Internet of today will certainly neither be sustainable nor resilient in the future we appear to be heading towards.

human climate change wildfires

We currently live in a world that is evaporating under the human-made climate emergency and countless other shifts we find ourselves in at the moment. The Internet of today will certainly neither be sustainable nor resilient in the future we appear to be heading towards.

This article is adapted from an original written by Tobias Fiebig, Max-Planck-Institut für Informatik, and Doris Aschenbrenner, Aalen University, who wrote down these thoughts in the form of ’13 propositions’, which are based on their research contributions published in the past, public discourse, and are rooted in system administration lore and their own experience as system administrators. They are intentionally bold, and the authors make no personal claim to originality and completeness.

Thirteen Propositions on an Internet for a “Burning World”

Proposition 1:     Operating systems requires operators to execute care towards their system, their users and the infrastructure as a whole.

This is not so much about operating systems running on computers but more about the process of running and maintaining a system. If we want the Internet to be sustainable in our burning future, we have to reorient ourselves to actually doing the care-work necessary for keeping infrastructures running and addressing users’ needs. If we do that, digital infrastructure might give us an edge in surviving the future to come. If we don’t start caring soon, it may very well become a liability (if it is not already) further dragging us down.

Proposition 2:    The centralisation of the Internet has been promoted by a lack of care.

The early Internet used to be a rather collaborative network, and that showed in the protocols developed for it. For example, initial visions of SMTP — the protocol underlying email—assumed open relays being the default, and DNS — as a UDP-based protocol — neglected the issue of spoofing.

Over time, the Internet has become more hostile — more of a ‘for one’s own benefit’ focused place, where such features turned from useful to dangerous. Especially the abuse of DNS and similar protocols from the same era has given rise to large-scale Denial-of-Service (DoS) attacks.

DoS attacks are enabled by careless system administration, ranging from operators who leave, for example, DNS-based packet amplifiers readily connected to the Internet and allow spoofing addresses on their network, to vendors that roll out carelessly thrown together IoT devices, shipped with default credentials. It has become common to provide services and run infrastructure without taking responsibility and caring for its impact on others. If one does not fall victim to such a large-scale DoS attack, one has to hide behind the larger network of a major centralised cloud provider. And so we are all paying the price for carelessness in the form of centralisation, with all its implications.

Proposition 3:    There is a tension between privacy and security pitting decentralisation vs. centralisation.

This point confounds several aspects of centralisation and cloudification. One part is that a major component of centralisation and migrating to centralised cloud infrastructures is the reduction of capital expenses in terms of institutionalised knowledge and operational expenses in terms of knowledge workers. Having a full team working on security makes a lot more sense at scale. The other part is that security is simply ‘easier’ for centralised environments like clouds.

This ultimately creates a choice between the devil and the deep blue sea. Either you allow a selected hypergiant to (technically be able to) read your emails, and their walled garden and ability to scale operations will keep your mail and you secure. Or you host your own system, and it may be less able to deliver your mail to others, or find it leaked due to a configuration mistake.

Proposition 4:    Centralisation and profit are inherently incompatible with care for infrastructures.

In our globalised economy, the idea is that people, especially corporations, naturally seek to maximize their profits and gains. For the purposes of this proposition, it is irrelevant whether this is a good or a bad thing.

Unfortunately, centralisation and profit are incompatible with care. Centralising infrastructure also means centralising control which means centralising power which in turn means that, all of a sudden, entities gain the ability to make decisions simply for their own benefit, disregarding the needs of others. This, quite obviously, can become ‘suboptimal’ if we are talking about infrastructure others depend on.

In a profit-oriented world, it can become fiscally untenable to maintain sufficient care for a service/infrastructure and its users. To conserve their bottom line, corporations will discontinue services that users rely on, or apply support mechanics that cannot provide the care some users may need, or neglect maintenance of existing systems. Or, more bluntly put: To scale a system you sometimes have to make things the same that inherently are not. For a profit-driven corporation, this is a rational decision, but it will mean a significant loss for users, no matter how mundane (your fancy home automation no longer working), unusual (you found love with a digital entity) or obviously essential (visual implants becoming obsolete) a service is.

When Centralisation Disappears

Centralisation is the continuous aggregation of infrastructure and content around a small number of hypergiants — Amazon, Meta, Apple, Microsoft, and Google — with their large infrastructure-, platform- and software-as-a-service offerings.

As unimaginable as it may have been decades ago that one day Myspace would no longer be there, or, as hypothetical as it may have sounded on Wall Street in 2006 that Lehman Brothers might be gone in a matter of days, the idea of Amazon, Google, Microsoft, Apple, or Meta (and for that matter, a set of several more hyper and micro-giants like Digital Ocean or Hetzner) simply disappearing can’t be discounted.

Proposition 5:    We have to be prepared for hypergiants’ failing.

Small ripples can cause a hypergiant to ultimately tumble, and our burning world is sending out the first signals. Infrastructure supported by the exploitation of labour in a globalized world will not sustain itself forever.

Still, hypergiants and all those fancy tech companies that make up their heavily paying customer base have a thing for exploiting labour.

One of the big innovations that Uber, DoorDash, Amazon and others have found is a way around that concept of worker rights. You can be insanely more profitable if you don’t have to bother with the costs of generations of societal development and social security. Nevertheless, this will not work forever.

Workers realise that those mechanisms put in place — organising, unionising, strikes, and labour fights — are there because they are useful, and are beginning to prove successful.

The question of why hypergiants fail and there are several possibilities and examples, and whether it is ultimately good for the Internet, is not essential. The important question is how we handle them disappearing, possibly suddenly, when the majority of websites contain fonts hosted by Google, for example; or run entirely on Amazon Elastic Compute Cloud (EC2).

If a hypergiant fails all of a sudden, we will have a lot of legacies and broken infrastructure. And, historically, legacy infrastructure is not something we are particularly good at dealing with.

Proposition 6:    Communities caring for local and distributed infrastructure are the future in a world falling apart.

Our world is changing and not necessarily for the better. This is a world where billions are displaced by heat and floods, and where the global north learns that climate change will ravage us all, no matter where we live. A world where there is no global supply chain to collapse anymore, and most long-range fibres just go … dark.

The question here is, of course, how dire our future will be. In a ravaged and war-torn future with limited space for things to be peaceful enough for technology to function, “… we would still have *some* power available ….

That world is pretty much aligned with a rather ‘solar punk‘ future, one where there is some power available, but it’s not as abundant as now.

Naturally, despite having burned down, our world would remain littered with (dysfunctional) computers and network technology. That world would most likely be one where local communities commandeer these sets of technology and start to (re)build (potentially interconnected) networks (of networks). However, the focus would always be providing primary and useful services for local communities. Having local access to a knowledge database will be more important than, say, global communication.

With supply chains gone, keeping systems and networks running will also become difficult in terms of getting spare parts and replacements. This world will be about engineers finding ways for the benefit of their local community (again).

The task of ‘making it run, even though the cloud controller is gone’ will be an essential occupation in the potential future. Local communities will (must) find ways to use technology and provide working services to survive.

Proposition 7:    The slow adoption of IPv6 hinders a re-decentralization of the Internet.

The IPv4 address space is, for all practical matters, exhausted and unjustly distributed. With the Internet still being very much IPv4-centric — at least when it comes to the path outside of hypergiants — communities running their services still need IPv4 addresses to provide services.

If we want to redistribute the Internet, without further disadvantaging traditionally disadvantaged regions, rolling out more IPv6 (only) is the only path forward.

Proposition 8:    In a burning world, functionality is more important than security, but remains trumped by safety.

Faced with a world burnt to its foundations — with an Internet fallen apart and hypergiants failed — the paradigms of what is important would shift dramatically. In such a scenario, the utility and functionality of systems would superimpose their security even more robustly than in the current world.

Security may end up being resolved by a social contract, along the lines of ‘you won’t break your power supply’. Therefore, in such a world, threat modelling would see a significant shift away from security threats from the larger Internet, and become a question of safety, akin to the question of ‘What (physical) harm can be done (by outsiders) if it is not secure?’ Ultimately, the physical safety (and survival) of local communities will have the highest importance.

Sustainability Means Simplicity

We really have a tendency to build complex systems. There are countless discussions about the explosion in the complexity of protocols, for example, the DNS Camel is certainly one of the most iconic illustrations of this issue.

Sometimes, this complexity comes in the form of AI systems. Sometimes it throws resources at concepts looking for solutions. Sometimes it’s the issue of bloat on the web. Other times, we wonder where all the RAM went. Then there’s the environmental issues associated with the footprint of large models, proof-of-work-based blockchain technology, and the piles of IoT waste. The examples are endless.

In the end, this all boils down to the joint responsibility that we have, as computer science people and ultimately those building these systems.

Proposition 9:    Systems that are too complex to be understood by a single person cannot be sustainable.

In a world burning down, it will be important to keep systems running. Systems may end up being isolated and small scale. They may depend on individual operators. They may depend on knowledge of how they are operated being easily transferable to another person.

To be sustainable in a burning world, systems will have to be run (and understood) by small teams and communities; and while automation is a necessity in an ever-growing and centralising Internet, its complexity might become a curse in an Internet that is supposed to survive in a burning world.

Proposition 10: Systems should enable a better tomorrow and not burn the world even further.

With the wide availability of automation and support infrastructure — which, of course, has the good intention of enabling many people to build — the hunger for system resources steadily increases. Currently, we tend to create a growing ball of systems supporting other systems — abstracting something simple to be more complex. This, in turn, becomes embedded in how we build and design systems, adding layers and using more resources for the same functionality. This overall development has probably been brought to the extreme by Bitcoin and its proof-of-work siblings, churning through energy on a nation-state scale, while having no purpose except profit.

As such, it should be an engineer’s responsibility to ensure that the systems they build contribute to a beneficial purpose and do not harm society or the environment by needless and redundant processing. The system’s purpose should be tangible and reasonable in relation to the resource consumption of the system and serve the benefit of all instead of the profits of a few.

Proposition 11: There are no technical solutions for social and societal problems.

A common theme in communities of engineers is that periodically, several tech-savvy people start to implement a complex digital system to solve a real-world social issue, usually in a way that also includes a touchscreen and/or a Raspberry Pi. Ultimately, that approach will suffer from limited adoption and the same issues as before, so a social solution will have to be found instead. If the community is very unlucky, the technical solution will also introduce new social problems. The insufficient solution inevitably stays in place, usually until the next generation of local nerds experiences this issue and repeats. In a nutshell: digitising a bad process won’t result in a better process but in a digitised bad process.

The same ‘solving social problems with technical solutions’ reasoning are also applied to problems faced at the much larger scale of the Internet and society as a whole, inevitably with the same result.

Sanctions and Sovereignty

For some weird reason, humans have an uncanny tendency to react to crises not with the appropriate unification and ‘surviving together’ response, but with an ‘us’ versus ‘them’ mentality.

With the ‘neuland’ of the Internet having been around for a couple of decades now, traditional leadership and governance people discovered this vast new area for themselves and their ideas. Humans being humans, when confronted with something new, people will try to pattern match it to what they already know. The known terms for international politics are ‘borders’ and ‘sovereignty’, so this pattern matching gave us the new buzz-term ‘digital sovereignty’.

This pressing issue in the policy arena is usually understood as ‘ensuring that a state can exert policy on the (IT) systems used by its constituents, while ensuring that only their own policy is applied to them’.

The classic example of attempts to realise this with policy is most likely the ongoing discussion of the Trans-Atlantic Data Privacy Framework, that after various iterations replaced the EU-US Privacy Shield and Safe Harbor agreements. A similar, more technical, approach is Schengen Routing, which is an attempt to make sure packets from European users do not leave Europe.

What all these approaches have in common is that they dream of a cosy little Internet within the boundaries of individual nation states or sets of such. Europeans are usually quick to judge economies installing cryptographic backdoors and running national firewalls for censorship. Under the guise of either digital sovereignty or the pretence of protecting groups of vulnerable people they are also equally quick to flock to policies yielding the same results.

At this point, we do not want to pass judgement on these approaches, no matter where they take place.

Proposition 12: Internet sanctions: What once has been thought can never be taken back. The Internet will be falling apart.

The quote relates to a physicist’s perspective on the probability of keeping humans own dangerous inventions — ultimately an analogy for nuclear fission — from the world. However, it is also relevant in terms of the Internet as technology and proposals with good intentions are developed.

A concrete example: In the wake of the war waged by Russia against Ukraine, members of the Internet community and several politicians called for a multistakeholder approach to ‘Internet sanctions.’ The authors of that open letter called for a multistakeholder mechanism that populates databases, which willing Internet participants can use to participate in sanctions against specific netblocks and domains, ideally by using existing infrastructure for blocklisting IP routes.

It has now been successfully demonstrated that state blocking of resources is possible. Therefore, we claim that this approach will be used again by policy makers. It will also put Internet sanctions on the diplomatic agenda, leading to a fragmentation of the Internet: ‘Well, if you block A, we will block B.’ ‘Well, if you block B, we will just disconnect all of you.’ And then they do.

Proposition 13: Digital sovereignty is being used wrongly.

Given the state of our world we also have to consider a much more fundamental meaning of sovereignty that is usually missed: the ability to (re)build and maintain one’s infrastructure independent of another party. And this is something that continues to get harder and harder.

In a burning world, it may be essential to have the ‘know how’ to keep systems running, widely spread, and locally available. And yes, this includes questions like open and publicly available, ideally, open-source software and documentation. Otherwise, computers may become rather expensive bricks – or worse!

Also, the policy aspect may even be secondary. In the end, it’s about running systems, providing services, and caring for users. Everywhere. As long as we can rebuild.


These ’13 Propositions for a Burning World’ are intended to ask people to start thinking about a resilient and sustainable Internet that should be run with care for its users and the infrastructure itself.

The propositions might be overly bold, lack concrete solutions, and paint a disturbingly dire picture. However, given the state of the world, the authors claim that humans are past the point of raising awareness and hiding behind ‘that would never happen.’ We can no longer risk staying complacent in the hopes for a better future. We have to talk about these issues now and find tangible solutions. The future will be bleak if we do not make it better, and whether the world goes down in flames or not, preparation is better than reaction.

Asked for an answer to the questions they raise, the authors first gut reaction roughly translates to Computers were a mistake. Learn to ride a horse and grow your own food’. But that cannot be the answer, and engineers, whether they work on applications, systems, networks, routing or anything else in the digital sphere, have a responsibility to build a better world for everyone and to keep trying to make the world better, even if it looks bleak.

This material is based upon work partially supported by CyberSecurity4Europe. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of their host institutions or those of the European Commission