Mapping the Internet: A Hacker’s Secret Internet Census

Published on Spiegel Online International, by Christian Stöcker and Judith Horchert, March 22, 2013 (Photo Gallery).

Just how big is the Internet? An anonymous hacker claims to have answered the question via effective but illegal means. The result is a fascinating reflection of online usage around the world.

Somewhere on this planet there is a hacker whose emotions are likely shifting between pride and fear. Pride, because he managed to do what no one else has managed. And fear, because it was illegal in almost every country in the world. 

This person measured the Internet — the entire public network as it appeared in 2012. To achieve this Herculean task, the hacker illegally used a tool that utilized others’ computers across the globe … //

… A Message for Law Enforcement:

  • The hacker wanted to ensure that his illegal research project did as little damage as possible. “We had no interest in interfering with default device operation so we did not change passwords and did not make any permanent changes,” he writes. “After a reboot the device was back in its original state including weak or no password with none of our binaries or data stored on the device anymore.” The botnet also uploaded a file to each device with information on the project and a contact email address “to provide feedback for security researchers, ISPs and law enforcement who may notice the project.”
  • The planted software was created to be undetectable and use as few resources as possible. “We did this in the least invasive way possible and with the maximum respect to the privacy of the regular device users,” the hacker writes.
  • The hacker also says that he removed a criminal botnet called Aidra from many of the devices that Carna took over. Carna blocked Aidra from all of the devices that it was present on – but only until the next restart.

Laying Internet Security Failures Bare: … //

… The Last Snapshot?

  • It’s important to note that these numbers do not indicate the number of computers that are online. Behind every IP address there are several, sometimes dozens or even hundreds of devices. The data also reveals nothing about the size of these intranets. Carna could only see the access computers on the public Internet.The Internet Protocol version 4 is still valid, and routes Internet traffic to some 4.3 billion addresses, of which a number are reserved for special uses. Carna’s creator estimates that some 2.3 billion IP addresses are inactive under IPv4, as they were before. The introduction of IPv4’s replacement, IPv6, has already long been underway, however. The latest IP version will increase the number of addresses so radically — encompassing some 340 sextillion (a sextillion has 36 zeros) – that similar scans will hardly be possible. That means the illegal Carna scan is probably the last snapshot of the IPv4 Internet.
  • So why did the Carna hacker do it? “I saw the chance to really work on an Internet scale, command hundreds of thousands of devices with a click of my mouse, portscan and map the whole Internet in a way nobody had done before, basically have fun with computers and the Internet in a way very few people ever will,” he writes.

(full text).

Comments are closed.