yes indeed. I've been tunneling all my outbound traffic over a localhost SSH SOCKS proxy for years precisely because I don't want anybody else on the LAN (wireless or otherwise) to be able to sniff that traffic. my ISP sniffing, well, I'm stuck with that for non-HTTPS traffic - but I can prevent the rest. To wit: http://cleverhacks.tumblr.com/post/443759182/ssh-its-whats-for-dinner-or-socks-proxy-port and if you can't get out on anything but tcp/443, see also: http://cleverhacks.tumblr.com/post/816507010/ssh-over-ssl-tunneling

THIS. the very concept of an "Internet killswitch" is nonsense on the face of it. Think about it: what, exactly, will the President shut off? MAE-EAST? Google datacenters? Sprint core routers? Facebook webservers? All of Comcast's residential netblocks? Undersea fiber between San Francisco and Australia? The most fundamental aspect of the Internet is its decentralization, designed specifically to PREVENT any single entity from shutting down the network. The entire discussion consists of uninformed blathering from morons and those who hope to make a truckload of money selling them nonsense solutions.

sure - there's no point in passing redundant legislation when warrantless wiretaps are already a well-established precedent.

Verizon does it (new FiOS customer; love my FiOS, but run my own DNS for this reason primarily (and because I want split-horizon). If they start intercepting port 53 outbound, we're all SOL until DNSSEC becomes ubiquitous.

*sigh* IMDB fail; try this Equilibrium instead.

Excuse me citizen - I believe you've missed your Interval; please report to the nearest Ministry office for assessment.

so the Law of Armed Conflict applies - great. Who are you retaliating against? The IP that attacked you? o rly? I submit that the US Armed Forces cannot even reliably identify the ultimate source of a network attack, much less the identity, motivation or affiliation of an attacker (all of which are necessary in order to provide justification for a measured physical response).

It's going to take another couple of generations before we end up with people commanding the armed forces who grew up on the Internet and have at least some basic clue that you can't just prepend "cyber-" to all your standard tactics and rules of engagement and think you're prepared.

2/10

obvious troll is obvious.

"shut down the tubes" meaning what, exactly? a router? all routers? core or edge or both? BGP sessions? exchange points? private or public?

what I'm driving at here is that the fundamental nature of the Internet, its very definition, is a number of independent networks agreeing to exchange traffic in a decentralized manner. Even shutting down a single large provider (e.g. MCI/UUNet/Verizon/AS701) is an nonsensical statement - what specifically are you shutting down? There are thousands of routers, peering connections, internal interconnects, hand-offs to smaller providers who in turn interconnect and hand off to still smaller providers ... the architecture very much resembles a fractal for the larger providers.

Now multiply that complexity by a dozen and you've covered probably 90% of the carriers in the US ... but wait, some of these aren't US based carriers! We have quite a few carriers with circuits or presence in the US where the organization is legally located elsewhere. What do you do then?

Telling AT&T to shut down (assuming you can even define that; let's say you mean disconnect from every other provider they peer with, and shutting down their tens of thousands of client connections) would cause damage, but would do little more than isolate AT&T from the rest of the world.

This legislation is an incredibly bad idea for a number of reasons, but the risk it poses to the availability of the Internet as a whole is not one of them.