Re: Points of Failure (was Re: National infrastructure asset) (fwd)
George William Herbert leaked to the press:
Part of the insidiousness of all this is that currently there is insufficient information available to a telco line end user to properly plan for that sort of loss. Right now, it is nigh-on impossible to get, verify, and keep on a permanent basis truly widely separated leased lines / bandwidth from point A to point B. Because of the increasing cooperation, shared facilities, etc. in the telco and fiber arenas, with many providers you're really getting someone else's service for part of the connection. Recall the train tunnel fire from not that long ago, now seemingly trivial, but at the time a huge disaster...
That is fixable. Not easily. Not once {ie it takes ongoing effort to counter entropy} but it could be done... by the industry, IFF demanded by its customers.
On top of that, none of these facilities are sufficiently hardened. What takes a backhoe operator ten minutes by accident would be no more than an hours work by hand of a sufficiently educated attacker. None of these telco buildings are hardened in the traditional anti-terrorist sense of the word. There are still co-loc facilities in buildings shared with offices of unrelated companies, etc., there are still co-loc facilities in buildings with windows into server rooms, etc. I could go on but will stop now. The situation is hopeless in many areas.
Fixing THAT is a far far harder issue. We did tackle it once. It's called variously "Continuity Of Government" or "ATT Underground" or "L4".. During our last Cold War, ATT spend a few zillion rate-payer dollars building hardened underground facilities for the #5 Transcontinental Coaxial Cable. The #5 was buried deep {~48"} from coast to coast. The underground facilities were solid; some rated for 10psi shock waves. (The crapper is hung on springs...) Air filters; generators; airlocks. There was also hardened microwave; check out the "dish in the hillside" at Mt. Weather. Most have been sold off, but not all. (DSN is based in one, as is GEP.) We gave up when things like MIRVS made it obvious that the undergrounds could be direct targets. Plus, I strongly doubt any facility other than Cheyenne Mountain or Site R would survive a 767 hit.
Longer term, we all need to think about multi-level hardening of facilities and connectivity to avoid "cheap kills" due to accident or malicious attack. This gets into traditional datacenter design issues and beyond, into building hardening (the new standards for Federal buildings, for example, or even better the new standards for US Embassies...).
Note the biggest safety measure for both the above is also the hardest to get & keep.... stand-off distance. It's especially hard to maintain same when you have an active airport's flight path going overhead. And the biggest impediment is the oldest one; they co$t. LOTS. Who is going to pay? -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
participants (1)
-
David Lesher