A recent post by Timothy B. Lee on the Washington Post’s The Switch blog details the new breakthrough by researchers at the University of Michigan which enables scanning of the Internet— yes, every address on the entire Internet— in just 44 minutes using an ordinary server. At the Usenix security conference in Washington, the research team announced ZMap, the new tool that enables this feat. (Previously, the process took two to three months.)
For a technical explanation of how ZMap does this, we suggest that you go to Lee’s post, but what caught our eye was some of things the Michigan team was able to glean from a scan. Lee cites four of these, two of which are below:
- The
increasingly encrypted Web
More and more Web sites are using the encrypted HTTPS version of the Web’s fundamental protocol. How quickly are organizations switching? In the past, getting even a single estimate was a slow and expensive process. But ZMap not only answers the question in under an hour, but through regular scanning it can track the growing popularity of HTTPS over time. Using ZMap, the Michigan researchers found that over the last year, HTTPS use by the top 1 million Web sites has increased by about 23 percent, and the number of HTTPS overall increased by almost 20 percent.
- How
hurricanes damage the Internet
When major natural disasters strike, they can force computers offline. That provides a clever way to measure the extent of damage. From Oct. 29-31 of last year, as Hurricane Sandy was pounding the East Coast of the United States, the researchers conducted Internet-wide scans every two hours. After linking IP addresses to geographic locations, they could observe which areas saw the most severe disruptions.