The Flow of the Internet6:26 with Greg Stromire
Gain an understanding of the essentials of internet traffic with an animated model.
- Open WIFI -- A wireless network that is not protected with a password. Consider all traffic exposed to everyone else connected to the network.
- WIFI Router -- A device to provide a local wireless network for connecting to the internet
- Data Center -- A facility that houses servers and routes internet activity
- Internet Service Provider (ISP) -- A company that we pay to provide access to the web (e.g. Comcast, Time Warner Cable, Verizon).
- Node -- A device that internet traffic passes through on its way to the correct destination.
When we do a Google search for movie show times, for 0:00 example, we may only consider this an exchange between ourselves and Google. 0:02 When we get an email from a friend, 0:07 we may only think of it as communication between them and ourselves. 0:09 The reality is that, many more people and devices are involved in these exchanges. 0:13 And a lot more information often fairly revealing information is transmitted. 0:17 Having a solid foundational grasp of these flows can help us all 0:22 make informed decisions. 0:26 Let's build up our scene. 0:28 Consider you're in a coffee shop in Portland, Oregon with a laptop. 0:30 For this example, 0:33 the coffee shop has an open WiFi, meaning a password is not required to use it. 0:34 There are other people in the coffee shop too, some with their own devices. 0:39 Each person is surfing the Internet, browsing Facebook, 0:44 watching Netflix, reading CNN. 0:47 So we can add a data center to represent those sites. 0:49 In reality, each of those companies would have a presence in multiple data centers 0:52 located around the world. 0:56 But for simplicity, we'll think of them as sharing a single, centralized center. 0:58 As we start to add the flows of traffic, there's probably nothing too surprising. 1:03 We can add a few more elements to get closer to how these flows work. 1:08 Let's add the WiFi routers, the devices used to transmit and 1:12 receive the Internet signal to and from our personal devices. 1:15 Let's add the Internet Service Providers or ISPs. 1:19 These are companies like Comcast, Time Warner Cable, and 1:22 Verizon that we pay to provide access to the Web. 1:25 And in truth, in order to pass all this traffic around, 1:29 there are additional nodes or relay points between these parties. 1:32 Let's consider two scenarios, and work through the flow of the Internet traffic 1:37 involved, including what's exposed and the parties that might have access. 1:40 We'll look at a Google search and receiving an email [SOUND]. 1:45 If we break down the flow of a typical Google search, 1:48 the steps would be as follows. 1:51 Open a browser to google.com, 1:53 enter the search terms into the text field, example, movie show times. 1:56 Note the green lock and the letters https in the address bar. 2:00 We'll go into detail about this later, but for 2:05 now know that this means your connection is secure. 2:07 [SOUND] The text is sent from the laptop to the coffee shop WiFi, 2:10 to the local ISP, to Google data center and processed. 2:15 And back through roughly the same path. 2:19 Note that the connecting nodes have changed. 2:22 Movie showtimes for Portland, Oregon is then shown in the browser. 2:24 The first thing to mention, is that a lot of the activity on an open Wi-Fi network, 2:29 like this coffee shop, is exposed to anyone else on the same network. 2:33 If this were a different search engine that wasn't protected with HTTPS, 2:37 then another person in the coffee shop could even see the search terms. 2:40 This may not be a big deal for a search about movie times, but 2:45 I'm sure you can imagine more personally sensitive searches. 2:49 The next point is that there are a lot of hops that the traffic takes for 2:53 a full round trip. 2:56 While most of those nodes are secure, it's worth noting that if an attacker 2:57 gained full access to one, they could expose web traffic. 3:01 The ISPs have access to that web traffic as well. 3:04 This is of course necessary for 3:07 them to forward the Google search to the correct data center. 3:08 But some laws may allow ISP's to collect and sell this information to anyone, 3:12 which can really make you think twice about the web traffic you create. 3:17 And finally, the traffic arrives at the data center for processing. 3:21 Because you used the Google engine with HTTPS, the content of your search 3:24 was encrypted for privacy from the browser all the way to Google servers. 3:29 Google then decrypts this content and has access to it too. 3:33 It will provide the showtimes as requested, but 3:37 it may also record a history of searches, and even serve advertisements for movies. 3:40 We often accept this implicitly when Google's services. 3:45 But it's worth calling out here so we know who has access to our data. 3:49 Now, let's put others in the scenario. 3:53 A friend at home with a cell phone. 3:55 They're on their home wi-fi network, protected with a password. 3:58 Now, let's consider the flow of receiving an email from a friend. 4:01 [SOUND] The friend will open their browser or email client on their phone. 4:05 [SOUND] They'll compose their message and send it. 4:08 [SOUND] The message is sent from their cellphone, to the wi-fi network, 4:11 to the ISP, a series of nodes, email data center. 4:16 Another ISP, another email data center, local ISP, 4:20 more nodes, coffee shop network, and finally, the laptop. 4:24 The final points here are that there are a lot more actors and devices in play. 4:29 Generally, this is just part of the infrastructure but the more points of 4:34 contact there are, the greater the chance for an attacker to read the email. 4:38 Also, the friend's wi-fi is protected with a password. 4:42 So a neighbor, for example, wouldn't be able to see the content of the email. 4:45 But let's say that they use an insecure email service. 4:49 Even if they are protected in their home, that email is now exposed to 4:52 all hops along the path, at least until it arrives at your email service. 4:56 Security is difficult largely for this reason. 5:01 It requires everyone involved to do the right thing at all times. 5:03 While I would suggest a different coffee shop, it's not really your fault for 5:08 trying to use the Internet. 5:11 You even used a secure search engine. 5:13 And I would encourage your friend to change email providers. 5:16 Most major ones like Gmail and Outlook are encrypted. 5:18 It's not really their fault either. 5:21 They just wanted to send an email. 5:23 And they even made sure that their home network was protected with a password. 5:25 In both scenarios, 5:29 it just took one exposed link in the chain to render the whole flow insecure. 5:30 Both of these scenarios also have some secure solutions based on 5:35 end-to-end encryption. 5:38 You could browse the Internet comfortably safe on an open wi-fi network, 5:40 using a VPN. 5:44 Your friend can encrypt that email on their device for 5:45 you to decrypt on yours with no one between able to read it. 5:48 No matter what network or email provider was used. 5:52 We'll discuss these approaches in later videos so that you and 5:56 your friends stay safe. 5:59 But these are not well known, or particularly user friendly tools. 6:01 Which brings up one of the other main reasons that security is difficult. 6:05 It's often a trade-off with convenience. 6:08 Just think of how inconvenient it is to remember strong unique passwords for 6:11 each site you use. 6:15 In the next video, we'll explore how even when the content of a message is secure, 6:16 the act of sending a message or 6:21 browsing online itself can reveal a lot without you knowing it. 6:22
You need to sign up for Treehouse in order to download course files.Sign up