Every year or two I rewrite The Shape Of Cyberspace, which aims to be an accessible exploration of the large scale structures of the internet. This is … things, they’ve been changing for a while … and now it’s accelerating.

Summarizing, IP addresses are controlled by five Regional Internet Registries, blocks of them, known as prefixes, are doled out to internet service providers, and each provider has its own unique Autonomous System Number or ASN. The ASN plays the same role that an area code does with phone numbers, the prefixes, while variable length, are akin to the three digit city/exchange code, and IP addresses are like phone numbers. There’s a name to number directory called the Domain Name System, and an obscure ( except to engineers ) reverse DNS system is used to define valid names associated with IP addresses. Scratching your head on the last one? That stuff matters for anti-spam efforts and anti-fraud with e-commerce sites.

TSOC goes on to mention “overlays”, subsets of online systems that have encrypted connections and additional software that keeps them moving as a herd. I’ve recently been introduced to three new ones, and I feel like a young man again, climbing that Cisco networking career ladder …

Attention Conservation Notice:

This will be quite technical, a thing that would have been relegated to Tool Time last year. The changing conditions in the U.S. mean that accessible explainers like this get to be front and center. That might be the last of the English in this piece …

Overlays:

What we call the internet offers unique 32 bit IPv4 or 128 bit IPv6 addresses, a well known forward name to number resolution system, and an obscure number to name validator system. That’s it. But then there are MANY overlay networks. Let’s consider a few.

There are many systems on the internet but only a few of them have the appropriate combination of MX or mail exchanger records, proper reverse DNS entries, and the email security related TXT records for DKIM, DMARC, and SPF, which permit these systems to do email server duty. This subset of systems talk to each other in steady streams of messages, and most are hubs for legions of email clients. It’s a separate special purpose overlay network. This is what it looks like for the four domains known to belong to me. Disinfodro.me was just retired, AmericanHacker.org has never been developed, and I long ago gave up on recovering the social media accounts associated with SovereignChallenge.org. My personal domain is the only one that is used.

What in the world is going on here?!?!?!?!

Over the years there have been a couple of crackpots on Twitter who got under my skin. They’d get the eval version of some forensic tool, like RiskIQ, which gave them a keyhole view into LARGE networks, and they’d spend their time “connecting” these various DNS “dots” that they found. This irritated me to the point where I got a list of the names of about 140 species of dinosaurs, dug up a bunch of funny eastern European IP addresses from Shodan.io, created randomized mappings of the names to IP addresses for each domain that was mine, and then left an automated script running doing periodic name lookups for a couple years. You don’t see any dinosaur names here; there was an earlier thing where I’d use whatever random words came into my head. The dino names are in the collections, like that group of 125 at the lower right.

This deceptive, entirely synthetic overlay was THE END of crackpot analysis of my stuff. I wrote about it more extensively in Sovereign Challenge: Theropod Stampede.

Trio Nuevo:

The last six months I’ve had three additional overlays thrust upon me.

The cellular network in western North Carolina completely collapsed after hurricane Helene. I had a conversation with some people, and a pair of Raspberry Pi 5 single board computers with Waveshare radio “hats” appeared shortly thereafter. They wanted a network that would both get used on the regular, and still be there when the world came unglued. I offered a solution at a conceptual level involving LoRaWAN and social networking software, but they wandered off late last year to deal with more pressing matters.

These private low speed radio networks are akin to the email client clouds that are connected to properly registered mail servers. If most everything is down they’ll be first to come back due to low power requirements, and then they’ll get back to talking to other nodes when they can again tunnel over the internet to each other as the cellular network returns. This is early Cold War civil defense radio net type stuff.

Despite all the education I’ve had on network technologies I was unaware of the 10.64.0.0/10 Carrier Grade NAT private network until last summer when I first encountered TailScale. This block of four million private IPs is part of the larger 10.0.0.0/8 block of sixteen million private IPs defined in RFC1918. The Internet Engineering Task Force (IETF) develops and publishes standards, which go by the curious name Request For Comments, and this is an RFC that every network technician knows.

A company called TailScale has taken this administratively defined block of private addresses, created an orchestration system for the WireGuard VPN protocol, and you can now easily build a mesh network to connect all your systems. There’s no dealing with all sorts of firewall configuration work. This is an overlay in the purest sense - you install it, turn it up, and you get a full mesh encrypted, privately addressed network running right over the top of the public internet. And from there one can perform all sorts of wonders …

I am familiar with cryptocurrency technology but it’s been seven years since the last Forbes article I ghost wrote was published, so I’m way out of date. I’ve been vaguely aware that there’s a thing called InterPlanetary File System for a while, and I knew that it had some blockchain related connections, but little more than that.

I was approached to attribute some stuff happening on the IPFS network, to which I replied that this was impossible, not wanting to waste someone else’s money. They have insisted that I go and spend time reading and thinking about this; I presume we’re writing a brief for a federal court case, but this sort of gig always comes with a really scant specification. I get turned loose with almost no information specifically to see what I discover on my own.

I’ve been reading the InterPlanetary Linked Data documentation and I am officially fascinated. This is not an instance of a network, like IPFS, it’s a specification for how to build networks that are computationally and cryptographically sound, as well as distributed and resilient.

And about that attribution … if you run enough IPFS nodes, and if you track every IP that connects to TCP/4001, and if you start building a graph of how that information relates to CIDs … are you starting to get that “hunting bad actors on Tor” vibe here? I sure am …

Cognizing Layer Cake:

When I was in early middle age I freed myself from the tyranny of LANs infested with Microsoft’s relentlessly shitty software by moving into a carrier network specialist role, pursuing the Cisco certification path. I completed something akin to a masters in the field in 2000.

I struggled with Lyme and its sequelae from 2007 through 2023. Part of that struggle was letting my Cisco certs (2009) and HAM radio license (2011) slide. After that I made a slow, painful transition from Perl to Python, and I engaged in undergraduate through post-graduate coursework in the other sorts of network analysis besides the “protocol droid” stuff I learned before the turn of the century.

Now I’m in the process of doing whatever is next, and that is likely going to be completing the Certified Information Systems Security Professional, as it’s the best short collection of letters to summarize (and monetize) what I’ve done for the last sixteen years. Finishing that will take time but it’s kinda rote; there are several of the eight security domains I know really well, and only a couple I’m going to have to cram.

What I am seeing as I read the IPLD documentation is the same class of problems that excited me first in the late 1990s, and again in the early 2010s. The fact that this stuff arrived with revenue attached is also a bit telling.

Conclusion:

I saw Titanic when it was in the theater and the world today reminds me of the scene where they’re on the bridge and they get out the ship’s architectural drawings.

“From this moment, no matter what we do, Titanic will founder.”

Most lifeboats left half full. They did not return to pick up the survivors in the water, fearing the suction of the sinking ship, or joining its descent after being swamped by more than they could carry.

This is what I see around me now; a few who immediately understood that the loss had already occurred, grimly paddling away, while the snowball fight on the deck devolves into a mad scramble to whatever lifeboats are left.

It’s an excellent time to be quietly, diligently paddling away from it all. Standing neck deep in complex software that needs to be implemented and then maintained seems like a good place to be.

So now is a fine time to work on your relationship with your guardian angel …