When the Internet Nearly Fractured, and How It Could Happen Again

What Kashpureff did was launch something of a rogue registry, calling it AlterNIC. Kashpureff stayed away from registering websites on the big three "cabal"-run top-level domains: .com, .org and .net. Instead, for a small fee, anyone in the world could register a website on Kashpureff's alternative top-level domains, or TLD, like .alt., .biz., .news and .xxx. The new domains would be listed in Kashpureff's directory, and those of his allies on the Internet. It was a bid, he says, to boost the freedom of choice available to Internet users. "More names," he says when we talk, "just sounded like a good idea." And when you think about it: why should domain name registration be controlled by some random for-profit company appointed to do the holy work of maintaining one of the Internet's most basic functions?

In the summer of 1997, Kashpureff decided to ratchet things up. He opted to go a step beyond simply registering sites on alternative top-level domains, and hijacked traffic intended for InterNIC.net. He pointed the domain to his own site, where he lodged a note of protest over how the domain name space was being controlled, and then offered visitors the option of continuing on to Network Solution's site. This was, you'll recall, at about the same moment that the federal government was attempting to make the case to the business community, to the world, that this Internet thing was no digital Wild West. Did that give you pause?, I ask Kashpureff.

"Yeah, I thought twice about hitting that button," he says. "It was 4 o'clock in the morning on a Saturday, and I had probably been smoking all night long. Can you imagine it? I'm sitting in the middle of nowhere Washington [State] on a T1 line to the Internet, and I'm hitting that damn button?"

It might have been, in practice, the simple mashing of a button, but it had the effect of triggering a major moment in the evolution of both the Internet and Eugene Kashpureff. Kashpureff sat, he recalls now, and watched as the hit came in from the Virginia computer of the CEO of Network Solutions, who expected to turn up his own site and instead found AlterNIC's. Eventually, the Feds brought wire fraud charges against Kashpureff, holding that he diverted traffic from InterNIC to AlterNIC twice, once between July 10 and 14, and again between July 21 and 24.

Kashpureff had been spending time in Canada, and on Halloween of 1997, the Mounties came knocking. I asked Kashpureff why he thinks the might of law enforcement in both Canada and the U.S. came crashing down on him. "He was some yahoo," he says of himself, "who had the keys to the Holy Grail." That is, this random guy had the ability to manipulate the structure of the Internet's domain name system.

Network Solutions claimed hundreds of thousands of dollars in lost registration fees. Kashpureff spent months in Canadian prison fighting extradition. The March 1998 press release from the U.S. Attorney's Office announcing Kashpureff's eventual guilty plea noted almost gleefully that they'd punished the "self-described 'webslinger.'" Kashpureff apologized. He never, he says now, intended for his escapades to be turned into, well, a federal case. "Back then, everything was supposed to be a model. We were supposed to be having fun," he says with a wry laugh. "And people want to come arrest me for that?

Indeed they did. And more. AlterNIC earned Kashpureff some fans and many enemies. During the AlterNIC years, Paul Vixie ran the Berkeley Internet Domain Name software, a.k.a. Bind, the digital infrastructure that powered much of the DNS system. It was a weakness in BIND, it seems, that Kashpureff exploited to take over the InterNIC domain name. For decades, Vixie has been a major figure in the Internet numbering and naming world. AlterNIC drove Vixie mad in the '90s, and still does. As Kashpureff faced prosecution, a note went out on the mailing list of the North American Network Operators, asking for contributions for his legal defense fund. Vixie's response: "How much do I have to pay to keep him in jail forever?"

Vixie contends that it wasn't just Kashpureff's hijacking of the InterNIC domain that was offensive. It was the indulging in propagation of alternative domains outside the consensus of the Internet community itself. Splintering DNS forks the Internet so that Internet users might never know where to go to get domains, or what they might get. If they connected to some DNS directories, they might enter Coke.com and get Pepsi. Chaos could ensue. All for what Vixie sees as not a noble question to uphold the free spirit of the Internet but instead a self-serving marketing stunt intended to promote Kashpureff's own business. Some things, writes Vixie, should just work, and DNS is one of them. The domain name system can't be subject to "the law of the jungle or the survival of the richest," he wrote to me. Because an Internet with a fractured domain name system doesn't much resemble the global Internet anymore.

* * *

There are two funny things in this preview of our more contentious Internet age.

The first: the Eugene Kashpureff of today seems to agree, in large part, with the Paul Vixie of yesterday and today, at least as far as the necessity for stability and security on the Internet goes. Kashpureff says that the attacks of September 11, 2001, helped to trigger something of a change of heart. He now works widely in the Internet engineering field, often to build up secure online spaces. "People have no clue what debt we owe people like Paul Vixie," says Kashpureff. "Nowadays, I make sure that no one gets away with what I did ever again."

The second: the DNS threats of today don't seem to be coming as much from the Eugene Kashpureffs of the world--solo hackers and coders--as they seem to be coming from world governments, particularly the United States government.

Presented by

Nancy Scola is a writer based in New York. She has written for New York, Salon, and Seed, and is a frequent contributor to The American Prospect.

Join the Discussion

After you comment, click Post. If you’re not already logged in you will be asked to log in or register with Disqus.

Please note that The Atlantic's account system is separate from our commenting system. To log in or register with The Atlantic, use the Sign In button at the top of every page.

blog comments powered by Disqus