DNS and Infrastructure
The Phone Book That Runs the Internet (And How Fragile It Really Is)
Every time you type a web address, you are trusting a decades-old system — designed in 1983 by one person over a single weekend — to not fail, be hijacked, or lie to you.
The Idea
The Domain Name System, DNS, is the internet's directory service. It translates human-readable addresses like 'example.com' into the numerical IP addresses that machines actually use to find each other. Without it, you would need to memorise strings of numbers to visit any website. It is, in that sense, the layer of the internet most invisible to users and most critical to its functioning. What makes DNS genuinely interesting is not what it does, but how it does it — and how quietly precarious the whole thing is. The system is hierarchical. At the top sit thirteen sets of root servers, operated by a small group of organisations scattered around the world, which direct traffic to the right 'top-level domains' (.com, .org, .uk and so on). Below those sit authoritative nameservers for individual domains, and below those, resolvers — usually run by your internet provider or a company like Cloudflare — that cache recent lookups so the system does not collapse under its own weight. The sleight of hand here is that DNS was built for a cooperative, trusting network. It has almost no native security. A classic attack called DNS spoofing — or cache poisoning — exploits this by feeding false answers into a resolver's memory, silently redirecting users to fraudulent sites. DNSSEC, a suite of extensions that cryptographically signs DNS responses, was developed to fix this, but adoption has been patchy for years. The plumbing works. It just was never built to be tampered with, and the internet scaled around that assumption before anyone had time to fix it.
In the World
On October 21, 2016, millions of people found that large swathes of the internet had simply stopped working. Twitter, Spotify, Reddit, the Guardian, CNN — all unreachable for hours. The culprit was not a hack of those platforms themselves. It was an attack on a single company: Dyn, a DNS provider based in New Hampshire that happened to manage the domain resolution for a huge portion of the web's most visited sites. The attack was a distributed denial-of-service assault — an overwhelming flood of junk traffic — directed at Dyn's servers. What made it remarkable was the weapon used: a botnet made up not of compromised computers but of infected consumer devices. Baby monitors. Home routers. Internet-connected cameras. The Mirai malware had quietly enlisted hundreds of thousands of these poorly secured gadgets into an army, and on that October morning, they were pointed at a single chokepoint in internet infrastructure. The incident revealed something the tech industry had quietly understood but never been forced to confront publicly: the internet's apparent vastness rests on a surprisingly small number of centralised services. Dyn was one company. One attack on one DNS provider took down a meaningful fraction of the English-speaking web for an entire day. Since then, major platforms have diversified their DNS providers and invested in redundancy — but the event remains a clean illustration of how a system that feels distributed can behave, at moments of stress, like something terrifyingly centralised.
Why It Matters
Most people interact with the internet as though it were a utility as stable and self-explanatory as electricity — you flip the switch and it works. DNS is part of why that illusion holds. But knowing what sits underneath changes the way you read certain events. When a major platform 'goes down', the cause is rarely what you might assume. It might not be servers crashing or code failing — it could be a misconfigured DNS record, a hijacked domain, or a resolver serving stale data. In 2021, Facebook disappeared from the internet for six hours not because of an attack but because an internal configuration change accidentally withdrew all of Facebook's routing information from the global DNS system. The company's own engineers could not easily get back in to fix it. There is also a quieter implication: whoever controls DNS resolution controls what you can see. Governments have used DNS blocking for censorship. ISPs have used it to inject ads. The push toward encrypted DNS — protocols like DNS-over-HTTPS — is a direct response to this, keeping your queries private from the resolver. Understanding DNS means understanding that the internet's openness is not a physical property of the network. It is a policy choice, enforced at the level of infrastructure.
A Question to Ponder
If the internet depends on a small number of critical chokepoints — DNS providers, undersea cables, root servers — does it make sense to think of it as a decentralised network at all, or is that just a story we tell ourselves?
Get a new one of these every morning.
Start learning with Thinkable