Doomscroll News

A Global Network Analysis of Connectivity, Control, and the Future of the Internet

Written by

David Gross

in

Executive Summary

This analysis uses a standardized suite of network diagnostic tools to conduct a global reconnaissance of the internet. It reveals a digital world that is rapidly fragmenting.

The core argument is that the “Splinternet” is not a future possibility. It is a present and accelerating reality.¹ This term describes the division of the internet into distinct, often isolated national or regional enclaves.²

To map this landscape, the report first establishes a baseline of an open and efficient network in the Netherlands. It then systematically explores the diverse architectures of internet control worldwide.

This report categorizes the findings into distinct archetypes that illustrate this fragmentation.

  • The “Walled Gardens” of nations like China and North Korea operate state-controlled intranets.³
  • The “Curated Web” of countries like Russia and Turkey employs sophisticated filtering and politically-motivated routing.⁴
  • The “Developing Web” across Africa and South America has connectivity shaped by infrastructural deficits and post-colonial legacies.⁵
  • The “Free Web” of the EU and US, while open, is fragmented by complex regulations, commercial interests, and internal digital divides.⁶

The investigation concludes that a digital archipelago is supplanting the foundational concept of a single, borderless internet.⁷ This trend is poised to intensify. The advent of state-aligned satellite constellations and AI-powered censorship will fundamentally reshape global communication, commerce, and geopolitics.

Introduction: Establishing the Baseline – The Unfettered Connection

The internet, in its idealized form, is a global, interconnected network of networks. It was designed to route data packets based on principles of efficiency and resilience. This foundational architecture, however, exists in a world of sovereign nations. Each nation has distinct political ideologies, economic priorities, and security concerns.

The result is a global digital landscape that is far from uniform. To comprehend the vast spectrum of network conditions, it is essential to first establish a baseline. This control case represents an environment of high-speed, robust infrastructure combined with a strong commitment to internet freedom.

This baseline provides the “null hypothesis” against which all other observations can be measured. It allows us to identify deviations not as random noise, but as evidence of deliberate policy, infrastructural limitations, or geopolitical influence.

Before diving into the global analysis, it is crucial to understand the tools of this trade. The following section details the diagnostic toolkit used to transform invisible data flows into a tangible map of the internet’s structure and politics.

The Diagnostic Toolkit

This global analysis uses a standardized suite of network diagnostic tools available on an Ubuntu 24 operating system.⁸ These command-line utilities are not merely for troubleshooting. They are powerful instruments of geopolitical and infrastructural reconnaissance. When interpreted correctly, their output transforms abstract network data into a tangible map of digital sovereignty, censorship, and control.

  • ip addr: This is the initial step upon connection. The command reveals the local machine’s network interface configuration.⁹ Its primary function is to determine the nature of the assigned Internet Protocol (IP) address.
    • A publicly routable IP address suggests a direct connection to the internet.
    • An address within a private range, particularly one starting with 100.64.x.x, indicates the use of Carrier-Grade NAT (CGNAT). The presence of CGNAT often signals an ISP’s effort to manage a scarcity of IPv4 addresses.
    • An address in a 10.x.x.x or 192.168.x.x range may signal a more restrictive, intranet-like environment.
  • ping: This is the most fundamental connectivity test. ping uses the Internet Control Message Protocol (ICMP) to send “echo request” packets to a destination.¹⁰ It then measures the time taken to receive an “echo reply.”
    • This provides two critical metrics: Round-Trip Time (RTT), a measure of latency, and packet loss.¹¹
    • Consistently high RTT or significant packet loss indicates a poor-quality connection. This could be due to network congestion, physical distance, or deliberate throttling.
  • traceroute & mtr: These are the core instruments for mapping the internet’s political geography. Both tools identify the path a packet takes to its destination.¹² They send a series of packets with incrementally increasing Time-To-Live (TTL) values.
    • Each router along the path (a “hop”) decrements the TTL. When it reaches zero, the router sends back a “Time Exceeded” message, revealing its identity.¹³
    • traceroute provides a static snapshot of this path.¹²
    • mtr (My Traceroute) enhances this by combining traceroute and ping. It continuously sends packets to each hop, providing real-time statistics on latency and packet loss for every router.¹⁴
    • The output of these tools is a political and corporate map. Router hostnames often reveal the carrier, physical location, and peering relationships between networks.¹⁵
  • dig: The Domain Information Groper is the primary tool for investigating the Domain Name System (DNS), the internet’s distributed address book.¹⁶
    • A simple dig query shows the IP address a domain resolves to.
    • The +trace option is exceptionally powerful. It performs an iterative query, starting from the internet’s root nameservers and following the entire delegation chain down to the authoritative nameserver for the domain.¹⁷
    • This makes it an invaluable tool for detecting DNS-based censorship, such as DNS hijacking or poisoning.¹⁸

The following table provides a quick-reference guide to this diagnostic suite.

Command (Example)PurposeKey ObservablesExample Output Snippet
ip addrDisplay local IP configurationIP address (Public, CGNAT, Private), Subnet Mask, Gatewayinet 8.8.4.4/24
ping google.com -c 4Test basic connectivity and latencyAverage RTT (ms), Packet Loss (%)rtt min/avg/max/mdev = 10/12/14/2 ms
traceroute wikipedia.orgMap the static network path to a destinationHop number, Router IP/Hostname, RTT for 3 packets4 ae-2-3608.edge6.london1.level3.net (4.69.166.2) 12.450 ms
mtr -r -c 100 bbc.co.ukAnalyze path quality in real-timePer-hop packet loss, average/best/worst RTT, standard deviationHOST: myrouter.com Loss% Snt Last Avg Best Wrst StDev
dig nytimes.com +traceTrace the full DNS resolution pathPath from root servers to TLD to authoritative servers, final IP address;; ANSWER SECTION: nytimes.com. 300 IN A 151.101.1.164

The Control Case: A View from the Netherlands

To establish a baseline for an unfettered connection, we run the diagnostic toolkit from the Netherlands. This location combines top-tier internet infrastructure with a strong legal and political commitment to internet freedom.¹⁹ It is home to the Amsterdam Internet Exchange (AMS-IX), one of the largest internet exchange points (IXPs) in the world.

  • Expected traceroute/mtr Output: A traceroute from Amsterdam to a major service like Wikipedia (hosted in the US) would display a logical and efficient path. The initial hops would be within the local Dutch ISP. The path would then quickly move to a major transit provider or directly to the AMS-IX. From there, it would be handed off to a transatlantic backbone carrier.
    • Hostnames would be descriptive, such as ams-ix.bundle-ether.level3.net, clearly identifying the IXP and the carrier.¹⁵
    • Latency would increase predictably with distance, showing a significant jump only as the packets cross the Atlantic Ocean.¹⁵
    • Packet loss would be consistently 0% across all hops.
    A representative (simulated) output would look like this:traceroute to wikipedia.org (208.80.154.224), 30 hops max, 60 byte packets 1 local-gateway.xs4all.nl (192.168.1.1) 0.812 ms 0.934 ms 1.055 ms 2 asr-01.ams.nl.xs4all.net (82.94.224.1) 5.210 ms 5.330 ms 5.451 ms 3 ams-ix.bundle-ether.level3.net (195.69.145.10) 5.989 ms 6.102 ms 6.233 ms 4 ae-2-3608.edge6.london1.level3.net (4.69.166.2) 12.450 ms 12.556 ms 12.678 ms 5 ae-44-44.ebr2.newyork1.level3.net (4.69.137.73) 82.112 ms 82.234 ms 82.355 ms 6 ae-92-92.csw4.newyork1.level3.net (4.69.148.42) 82.550 ms 82.671 ms 82.798 ms 7 ae-4-4.ebr2.washington12.level3.net (4.69.201.5) 88.980 ms 89.101 ms 89.222 ms 8 ae-48-48.ebr2.ashburn1.level3.net (4.69.148.142) 89.500 ms 89.621 ms 89.743 ms 9 WIKIMEDIA-FOUNDATION.ear2.ashburn1.level3.net (4.53.118.138) 89.880 ms 89.991 ms 90.112 ms 10 text-lb.esams.wikimedia.org (208.80.154.224) 90.230 ms 90.345 ms 90.460 ms
  • Expected dig +trace Output: A dig +trace for google.com would show a clean, hierarchical resolution.
    • The query would first go to one of the 13 root server IP addresses (e.g., k.root-servers.net).²⁰
    • The root server would refer the query to a .com Top-Level Domain (TLD) server.²¹
    • The TLD server would then refer it to one of Google’s authoritative nameservers (e.g., ns1.google.com).
    • Finally, Google’s nameserver would provide the correct, globally recognized IP address for google.com.¹⁷
    • The entire process would be swift and free of any redirection.
    A representative (simulated) output would look like this:; <<>> DiG 9.16.1-Ubuntu <<>> google.com +trace ;; global options: +cmd

. 518400 IN NS k.root-servers.net.

. 518400 IN NS a.root-servers.net.

… (11 other root servers)…

;; Received 525 bytes from 127.0.0.53#53(127.0.0.53) in 12 ms

com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.

… (11 other TLD servers)…

;; Received 1170 bytes from 193.0.14.129#53(k.root-servers.net) in 5 ms

google.com.             172800  IN      NS      ns1.google.com.
google.com.             172800  IN      NS      ns2.google.com.
google.com.             172800  IN      NS      ns3.google.com.
google.com.             172800  IN      NS      ns4.google.com.
;; Received 239 bytes from 192.52.178.30#53(e.gtld-servers.net) in 80 ms

google.com.             300     IN      A       142.250.179.14
;; Received 59 bytes from 216.239.32.10#53(ns1.google.com) in 11 ms
```

This control case represents the internet working as designed: a decentralized, efficient system for routing data. It is the benchmark against which the curated and constrained networks of the world will be measured.

Part I: The Walled Gardens – National Intranets and Architectures of Extreme Control

From the baseline of an open network, the investigation now turns to its antithesis. In a select group of nations, the term “internet” is a misnomer. What exists is a fundamentally different entity: a state-controlled, heavily monitored, and often isolated network.

In these “Walled Gardens,” our diagnostic tools do not merely reveal performance issues. They expose the very architecture of digital authoritarianism. These systems are designed for total information control. They represent the most extreme deviation from our baseline, where the internet has been reforged from a tool of global connection into an instrument of state power.

Chapter 1: The Great Firewall of China

Imagine an internet that looks and feels complete, but where certain books are missing from every library. Imagine some roads on the map lead to dead ends. This is the user experience in China. Here, the state has constructed the world’s most sophisticated system of online control.

Upon connecting in mainland China, the initial experience is deceptive. Domestic websites and services like Baidu and WeChat load with exceptional speed. This is a testament to the country’s massive investment in internal digital infrastructure.²² However, any attempt to reach the global internet’s most common destinations immediately fails. This failure is the result of the Great Firewall (GFW), a sophisticated and multi-layered censorship system.²³

  • The Strangest Thing: Asymmetrical and Stateful DPI Censorship: The most revealing aspect of the GFW is its use of Deep Packet Inspection (DPI). DPI inspects the actual content of data packets, not just the address.²⁴ To observe this, we initiate two simultaneous mtr sessions to a server outside of China.
    • The first session sends benign traffic.
    • The second session sends packets containing a forbidden keyword, such as “Tiananmen Square”.²⁵
    For a few seconds, both sessions show a stable connection. Suddenly, the second mtr is terminated by a TCP reset. This is expected. The truly strange behavior happens next. For the next 60 to 180 seconds, all traffic from our machine’s IP address to that specific destination IP is blocked, regardless of content. The first, benign mtrsession also begins to show 100% packet loss.The GFW is not just a stateless filter; it is a stateful, intelligent adversary. Upon detecting forbidden content, its DPI system adds a temporary rule to its firewall to block the offending source IP, effectively placing the user in a “penalty box”.²³This asymmetrical censorship is a powerful deterrent. It punishes users for the mere attempt to transmit sensitive information.
  • DNS Poisoning: The first layer of the GFW is often DNS poisoning. A command like dig google.com does not time out. Instead, it returns a valid-looking but incorrect IP address.²⁶ This technique efficiently prevents most users from ever reaching the intended destination.¹⁸ A dig google.com +trace reveals that the GFW intercepts the final step of the DNS query. Before the legitimate response can arrive, the GFW injects a forged response, “poisoning” the result.²⁶
  • TCP Reset Attacks: If a user obtains the correct IP address of a blocked site, the GFW deploys a more forceful block. An attempt to connect will be abruptly terminated by a TCP Reset (RST) packet.²⁷ Packet capture would reveal the forgery. The forged RST packet has a much higher Time-To-Live (TTL) value than a legitimate packet from overseas. This indicates it was injected by a device much closer to our position—the GFW itself.²³

This multi-layered system is dynamic and adaptive. Its purpose extends beyond simply blocking access. It is designed to create and enforce a separate, parallel digital sphere. By making the global internet difficult and unreliable while ensuring the domestic internet is fast and feature-rich, the state encourages users to remain within its compliant ecosystem.²²

Chapter 2: North Korea’s Kwangmyong

Entering North Korea’s digital space is like stepping into a single, small, soundproof room. It is a stark contrast to the bustling global metropolis of the open internet. If China’s Great Firewall filters the global internet, North Korea’s approach is a near-total rejection of it. Connecting in Pyongyang reveals an environment of profound digital isolation. The “internet” here is a small, hermetically sealed national intranet called Kwangmyong (“Bright Star”).²⁸

  • The Strangest Thing: The Sound of Silence: The most unsettling observation is the sheer smallness and silence of this digital world. A traceroute to a known internal domain, like the state-run news agency, completes in just two or three hops. The router hostnames are generic, and round-trip times are consistently below one millisecond.The entire “internet” of a nation of 26 million people has a network topology smaller and faster than a typical university campus.The experience is one of profound digital claustrophobia. The strangeness lies not in what is seen, but in what is absent. The vast, chaotic hum of the global network is replaced by an engineered and absolute silence.

The diagnostic process is immediate and conclusive. The ip addr command reveals a private IP address, likely from the 10.0.0.0/8 block. This is the definitive sign that the machine is not on the global internet.

Subsequent tests confirm this isolation:

  • ping 8.8.8.8 results in an immediate Destination Host Unreachable error.
  • ping google.com fails with Name or service not known.
  • dig wikipedia.org @a.root-servers.net times out. There is no path to the internet’s core infrastructure.²⁰

This architecture reflects an ideology of total information control, prioritizing regime stability above all else.²⁹ North Korea’s strategy is one of complete avoidance. The Kwangmyong network allows the state to disseminate propaganda without exposing its citizens to any unapproved external ideas.

Chapter 3: Iran’s Bifurcated Network

Iran’s internet is like a city with two sets of gates. One leads to the outside world, and another connects all the neighborhoods within. During a crisis, the state can lock the outer gates, isolating the city, while keeping the internal streets open for business.

This presents a third, distinct model of a Walled Garden. It is more dynamic and flexible than the permanent structures of China or North Korea. The Islamic Republic has invested heavily in a domestic network, the National Information Network (NIN), which allows it to operate a “two-tiered” internet.² This architecture enables the state to maintain domestic connectivity while selectively severing access to the global internet, particularly during political unrest.³⁰

  • The Strangest Thing: “Bread and Circuses” Censorship: The most unusual aspect of Iran’s model is its selective and psychological nature during a shutdown. Access to international news and social media is completely blocked. However, a test connection to a domestic online game or video streaming service shows perfect connectivity. Banking portals, government services, and e-commerce sites also remain functional.This is a “bread and circuses” model of censorship. The state understands that a total information vacuum can breed anger. By severing access to tools of political organization while preserving domestic entertainment and commerce, the regime achieves two goals. First, it isolates protestors. Second, it minimizes disruption to the daily lives of the broader population, reducing public frustration that could fuel protests.
  • mtr google.com (During Protest): A continuous mtr report provides a live view of the state’s “kill switch.” Initially, the trace shows a complete path to servers in Europe. Suddenly, packet loss on the final hops—those at Iran’s international gateways—jumps to 100%. The connection to the outside world is severed.Critically, the initial hops inside Iran remain perfectly responsive. This is the NIN in action. It is not a simple blackout, but a sophisticated rerouting that drops all international traffic at the border while allowing domestic traffic to flow unimpeded.² This demonstrates a strategic evolution from a total shutdown to a more precise “dimmer switch”.³¹

This bifurcated strategy represents a pragmatic and replicable model for other authoritarian-leaning states. It mitigates the severe economic self-harm of a total internet blackout while maximizing political control during a crisis.

Part II: The Curated Web – State-Level Filtering and Geopolitical Routing

Moving from the digital fortresses of the Walled Gardens, the journey now explores a more common form of control. In a growing number of nations, the state acts not as a jailer, but as an interventionist editor of the digital experience.

These countries remain fully connected to the global internet but subject its use to aggressive, state-level curation. This section reveals an internet where a data path is not always determined by efficiency. Instead, it is shaped by political ideology, economic protectionism, and geopolitical alliances. This creates a landscape of a-la-carte censorship and politically motivated routing.

Chapter 4: Russia’s Sovereign Internet (Runet)

Think of Russia’s internet not as a public highway, but as a private rail network. The state acts as the central switch operator, able to reroute trains based on their cargo and destination. This approach is driven by the strategic objective of “cyber sovereignty”—the state’s ability to exert ultimate control over its national digital infrastructure.³²

The “Sovereign Internet Law” codifies this policy. It mandates infrastructure that allows the Russian internet (Runet) to operate independently of the global network. It also forces domestic traffic through state-controlled chokepoints for monitoring.² The motivations include insulating the domestic information space during crises and protecting against perceived foreign cyber threats.³³

  • The Strangest Thing: Geopolitically-Aware Routing: The most striking observation is seen when tracing a path to an adversarial nation. A traceroute from Moscow to a government website in Kyiv, Ukraine, does not follow the most direct physical path. Instead, the traffic is deliberately steered through the networks of a political ally, such as Belarus.³³ After passing through Minsk, the packets reach the Ukrainian border and are then dropped.This is geopolitically-aware routing. The network’s Border Gateway Protocol (BGP) configurations have been manipulated to reflect political alliances, not network performance.³⁴This was observed in practice during the annexation of Crimea. Internet traffic from the occupied territories was systematically rerouted from Ukrainian providers to Russian ones. This effectively annexed those regions in cyberspace as well as on land.³⁴
  • Activating the Sovereign Chokepoints: A traceroute from Moscow to Vladivostok reveals this policy in action. On one day, the trace shows an efficient path entirely within Russia. On another day, the same trace shows traffic leaving Russia, traveling to an IXP in Germany, and then re-entering Russia in the east.A week later, following a hypothetical government directive, the traceroute changes again. All paths are now forced to stay within Russia’s borders. The traces consistently include hops belonging to Roskomnadzor, the state’s censorship body. This is the Sovereign Internet Law being implemented at the network layer: domestic traffic is forced through state-managed DPI gateways for inspection.²

traceroute in this environment is no longer a simple network diagnostic. It is a real-time indicator of international relations.

Chapter 5: The Censors’ Playbook (Turkey, Egypt, UAE, Pakistan, Vietnam)

In many parts of the world, the internet is like a public square where commerce and conversation flow freely. However, plainclothes police officers can shut down any stall or disperse any gathering deemed undesirable. A large cohort of countries practices this more selective form of censorship.

In nations like Turkey, Egypt, the UAE, Pakistan, and Vietnam, the internet remains largely open for general use. But the state reserves the right to block specific content deemed politically, socially, or religiously sensitive.³⁵ This creates an unpredictable environment where access to news sites or social media can be revoked without warning.

  • The Strangest Thing: Frustration-Based Censorship via Throttling: The most insidious technique is observed in Pakistan during a period of political tension. The government wishes to disrupt online organization on Twitter without issuing a formal block. A ping and traceroute to twitter.com both work perfectly.However, loading the Twitter website is a lesson in frustration. The page may eventually load, but images and videos fail to appear or buffer endlessly. The service is functionally unusable.This is not a block; it is protocol-specific throttling. A DPI system at the ISP level has been instructed to identify traffic to Twitter’s IP ranges and severely limit its allocated bandwidth. Meanwhile, it allows other traffic, like the small ICMP packets used by ping, to pass through unimpeded.²⁴This creates a powerful and deniable form of censorship. The authorities can claim that Twitter is not blocked. For the user, the experience is one of intense frustration, which may be more effective at discouraging use than an outright block.
  • DNS Hijacking to “Sinkholes”: In Turkey, a dig query for a banned news agency resolves not to a forged IP, but to a government portal. This portal displays a legal notice stating the site is blocked by court order.² This is DNS hijacking at the national ISP level, where queries for blacklisted domains are redirected to a state-controlled “sinkhole” server.¹⁸
  • DPI-Based Protocol Blocking: In the UAE, which restricts Voice over IP (VoIP) services, our tools reveal a subtle block. An mtr to a WhatsApp server shows a clean path. However, any attempt to initiate a voice call fails. A sophisticated DPI system allows basic connectivity for text messaging but is configured to identify and drop the specific data packets associated with VoIP protocols.²⁴ A less subtle but also common tactic is direct IP address blocking, a blunt instrument often used for widespread site bans.³⁶

The widespread use of this common playbook points to a significant global trend: the commoditization of censorship technology. Nations are purchasing these systems from a growing global market of private security firms.³⁷ This lowers the barrier to entry for digital authoritarianism.

Part III: The Developing Web – Infrastructure, Economics, and Post-Colonial Echoes

The next leg of the journey explores regions where the internet’s shape is defined less by political will and more by the hard realities of geography and economics. For much of the world, the internet is not a direct flight; it’s a journey with long, expensive layovers in distant hubs. This is a digital reflection of old colonial trade routes that still dictates the flow of information today.

In these regions across Africa, South America, and parts of Asia, our tools reveal a network topology shaped by a scarcity of local interconnection and a deep reliance on international hubs. This infrastructural dependency creates inefficiencies and vulnerabilities with profound implications for development and data sovereignty.

Chapter 6: The African Continent

For many on the African continent, the internet experience is a tale of two worlds. A connection in a major hub like Lagos can be fast and reliable. Moving to a rural area often means a reversion to slow, high-latency mobile broadband, if any connection is available at all.⁵

The continent’s internet infrastructure is characterized by extreme variability. This is a direct result of historical investment patterns and the challenges of building terrestrial fiber networks.³⁸ Running diagnostics reveals network behaviors that defy physical geography. A ping from Lagos, Nigeria, to neighboring Accra, Ghana, might return a surprisingly high RTT of 250ms. In contrast, a ping from Lagos to London, thousands of kilometers away, could yield a much lower RTT of 120ms.

  • The Strangest Thing: The Post-Colonial Trombone: The most revealing phenomenon is the “tromboning” effect. This is where traffic between two points in the same region is routed out to a distant continent and back again.³⁹ A traceroute from Kampala, Uganda, to Kigali, Rwanda—a direct distance of about 380 kilometers—provides a stark illustration.The data packets do not travel over a direct link. Instead, the traceroute shows the following path:
    1. Packets travel from Kampala to a submarine cable landing station in Kenya.
    2. They are routed north under the sea, through the Red Sea and Suez Canal.
    3. They land at a major European IXP, typically in Marseille or London.
    4. The packets traverse several European carrier networks.
    5. They are then routed back south, down the west coast of Africa.
    6. Finally, they travel overland to reach their destination in Kigali.
    This wildly inefficient path is a digital echo of colonial-era trade routes. The cause is a lack of sufficient terrestrial fiber and regional IXPs.³⁸ For many African ISPs, the most cost-effective way to exchange traffic is to send it to Europe where they all peer at major exchanges.

This reality makes intra-African internet traffic slower and more expensive. It acts as a drag on the development of a unified digital market.⁴⁰ More critically, it creates a massive data sovereignty and security vulnerability. By default, sensitive communications between African nations are routed through European jurisdictions, subject to foreign surveillance laws.³⁹

Chapter 7: South America & Parts of Asia

The pattern of infrastructural dependency is not unique to Africa. Similar dynamics are observable in South America and parts of Asia, though the dominant hub is often the United States. Miami, in particular, serves as the primary peering point for nearly all of Latin America.

  • The Strangest Thing: Casual Vulnerability of Sovereign Data: The most concerning observation emerges from a test in a smaller developing nation, such as Albania. A traceroute to an official government website (.gov.al) confirms that a vast majority of traffic paths—as high as 86%—are routed through foreign networks in Italy and Greece.⁴¹The truly alarming discovery comes from a simple curl -I command. The output reveals that the site is being served over http:// and not https://. This means the connection is not encrypted. Any data submitted by an Albanian citizen to their own government is transmitted as plaintext across foreign networks. This unencrypted data is trivially vulnerable to interception and surveillance.⁴¹The strangeness here is the casual nature of this profound vulnerability. It is a direct consequence of infrastructural dependency combined with a lack of resources to implement basic cybersecurity. This reality was a core revelation of the Snowden-era disclosures. It has become a primary driver for the global push towards data localization laws, which in turn contribute to internet fragmentation.²
  • The North-South Trombone: A traceroute from São Paulo, Brazil, to Buenos Aires, Argentina, frequently reveals a path that travels north to Miami, Florida, before heading back south.³⁹ This is often more economical for local ISPs than maintaining expensive direct peering links.
  • Regional Hubs and Dependencies: In Asia, regional dependencies are also evident. A dig +trace for a New Zealand government domain from Pakistan might show the DNS query being handled by servers in Australia, reflecting established regional ties.⁴¹

Part IV: The “Free” Web? – Regulation, Surveillance, and Subtle Controls

The final destinations on this tour are the so-called “Free” nations. Here, the internet is often perceived as an open and unregulated space. However, this freedom is not absolute.

The internet in these regions is shaped not by overt censorship, but by a complex web of legal frameworks, regulatory obligations, and powerful commercial interests. This results in a different form of fragmentation. It is driven not by authoritarian control, but by competing values regarding privacy, copyright, and market competition. Our diagnostic tools reveal a landscape of invisible borders and nuanced controls that challenge the notion of a single, monolithic “Free Web.”

Chapter 8: The European Union’s Regulatory Framework

The European Union’s internet is akin to a well-regulated city. It has strict zoning laws, consumer protection standards, and privacy codes that all businesses must follow. The EU views the digital space not as an exception to the law, but as an extension of society that must be regulated to protect fundamental rights.

  • The Strangest Thing: Commercially-Driven Censorship (Geoblocking): The most pervasive form of fragmentation within the EU is geoblocking. This is censorship driven not by the state, but by commercial contracts. An attempt to stream a video on YouTube that is licensed for viewing only within Germany will be blocked if accessed from France. The user receives a message stating, “This content is not available in your country.”This block is enforced at the application layer by the service provider. It checks the user’s source IP address against a geolocation database and denies access based on copyright and licensing agreements.³⁶The strangest thing is how this vast system of commercial censorship is an accepted part of the user experience. It has fragmented the digital content market into thousands of tiny, invisible national borders.
  • Regulatory and Legal Blocking: Upon connecting in an EU member state, browsing feels largely unrestricted. However, certain actions trigger unique responses.
    • Attempting to access a US news website that has not implemented GDPR privacy controls will often fail. A curl command may return the HTTP status code 451 Unavailable For Legal Reasons. This is a commercial decision by the company to avoid legal risks.
    • Attempting to resolve the domain of a known torrenting site in countries like the UK or France will trigger a direct intervention. The dig query is hijacked at the ISP level, and the user is redirected to a law enforcement page.³¹ This is state-mandated censorship, but its scope is narrowly defined.

This regulatory model, often termed the “Brussels Effect,” has a global impact. International tech companies must often choose between implementing the EU’s high standards globally or walling off their services from the EU market. This process, driven by regulations like GDPR and the Digital Services Act (DSA), creates a distinct “European Internet” and is a powerful driver of the global Splinternet.⁴²

Chapter 9: The United States as Global Hub

The United States is the internet’s global capital. It is a bustling metropolis that serves as the primary hub for the world’s data traffic. Yet, just outside the city limits, there are rural towns with slow, unreliable connections. This paradox defines the US position in the global internet landscape.

The US is the birthplace of the internet and home to most of its dominant tech companies.³⁹ It also boasts strong First Amendment protections, resulting in high scores for internet freedom.⁶ Yet, it lags behind many other developed nations in broadband speed, affordability, and access equity.⁴³

  • The Strangest Thing: The Domestic Digital Divide: The most peculiar observation comes from a comparative test. Two Ubuntu machines are deployed: one in rural Mississippi, the other in Seoul, South Korea. An mtr test is run from both machines to a server in Atlanta, Georgia.The results are starkly counterintuitive. The mtr from Seoul, over 11,000 kilometers away, shows a stable, low-latency connection. The mtr from rural Mississippi, just a few hundred kilometers away, shows a spikier, less reliable connection with frequent latency spikes and occasional packet loss.This is a clear illustration of the domestic digital divide.⁴⁴ The strangest thing is that it can be faster and more reliable to send a data packet halfway around the world through competitive international markets than it is to send it a short distance within the United States through a region served by a monopolistic ISP.
  • The Global Crossroads: Running traceroute commands from nearly any point on the globe will frequently reveal hops passing through data centers in the United States. A significant portion of traffic from South America to Europe, or from Asia to South America, will transit the US, confirming its role as the internet’s premier global crossroads.³⁹

This paradox is a direct result of the United States’ historically market-driven and deregulated approach to telecommunications policy.⁶ This policy fosters intense competition in profitable urban markets but has often failed to incentivize investment in less profitable rural areas.

Part V: The Future of Global Connectivity

The global journey with our Ubuntu desktop has revealed a world where the internet is not a monolith. It is a mosaic of distinct digital territories. Synthesizing these observations allows for a speculative but evidence-based projection of future trends.

The forces of technological innovation and geopolitical competition are poised to reshape the landscape of global connectivity. They will intensify the battle for control and accelerate the fragmentation of the network. The coming decades will likely see this conflict play out in new arenas, from low-earth orbit to the very algorithms that filter our reality.

Chapter 10: The View from LEO: Satellite Constellations as the New Frontier

Imagine a world where internet access comes not from a cable in the wall, but from a dish pointed at the sky. The rise of massive Low-Earth Orbit (LEO) satellite constellations, such as SpaceX’s Starlink, represents the most significant architectural challenge to a nation-state’s control over internet access since the network’s inception.⁴⁵

By providing a path to the internet that does not rely on terrestrial infrastructure, these systems can render many existing censorship mechanisms obsolete.⁴⁶ This will inevitably trigger a new phase in the struggle for digital sovereignty.

  • Future Observation 1: The LEO Bypass: In a near-future scenario, the Ubuntu desktop is connected in a heavily censored country like Iran via a Starlink terminal. A traceroute to google.com reveals a radically different path.
    1. The first hop is the local terminal.
    2. The second hop is the LEO satellite overhead.
    3. The third hop is a Starlink ground station located not in Iran, but in a neighboring country with an open internet.
    4. From that gateway, the traffic proceeds onto the global internet.
    The entire national censorship apparatus has been completely bypassed.⁴⁵ For citizens in repressive regimes, this technology offers a powerful lifeline. For the regimes, it represents a profound threat.
  • Future Observation 2: The Exported Firewall: The counter-move is the development of state-aligned LEO constellations. A plausible future involves connecting to a hypothetical Chinese state-backed LEO service from a partner nation.⁴⁷A traceroute from this location would show a path from the terminal to a satellite. However, the satellite would deliberately route the data to a designated gateway on Chinese soil. There, the traffic would pass through a cloud-based instance of the Great Firewall for inspection before being routed to the global internet.In this scenario, the Great Firewall has been exported to space, offering “censorship-as-a-service” to allied states.⁴⁷ The traceroute of the future will become even more politically revealing.

Chapter 11: The Algorithmic Censor: AI, Quantum, and the Next Generation of Control

The future of censorship may not be a wall that blocks you, but a fog that slows you down. It will make undesirable information frustratingly difficult to reach. The current generation of censorship is often crude and detectable. The future of internet control lies in a far more subtle approach, powered by advances in Artificial Intelligence (AI) and machine learning.⁴⁸

The ethical implications are profound. Such deniable censorship undermines free speech in a way that is difficult to challenge legally or practically.⁴⁹

  • Future Observation: The “Unreliable” Stream: In a future authoritarian state, an attempt is made to watch a live stream from a prominent opposition figure. The diagnostic tools are deployed.
    • ping youtube.com returns a fast, stable RTT.
    • mtr youtube.com shows a clean path with 0% packet loss.
    • dig youtube.com +trace confirms perfect DNS resolution.
    Based on our current toolkit, there is no censorship. Yet, the user experience is abysmal. The video stream constantly buffers, the resolution drops, and the audio glitches. The stream is not blocked, but it is effectively unusable.What is being observed is an AI-powered DPI system at the national ISP gateway.⁴⁸ This system is not merely searching for keywords. It is employing real-time machine learning models, particularly Natural Language Processing (NLP) and Large Language Models (LLMs), to analyze the content of the data stream itself.⁵⁰ The AI has identified the content as “politically undesirable.”Instead of a blunt TCP reset, the system engages in subtle traffic shaping. It dynamically introduces a small amount of packet loss and jitter. To the end-user and our tools, this appears as transient network congestion.⁴⁸ This provides the state with perfect plausible deniability.

This represents the potential endgame for censorship. It transitions to a covert system where disfavored information is not silenced, but is simply made to feel frustratingly unreliable.

Conclusion: The Inevitable Splinternet

The global expedition with this single Ubuntu desktop has yielded a clear conclusion. The fragmentation of the internet, or “Splinternet,” is not a distant future. It is a present and accelerating reality.¹

The foundational myth of the internet as a single, borderless commons is being systematically dismantled by the geopolitical reality of the sovereign nation-state. This investigation has provided empirical evidence of this fragmentation at every layer of the network’s architecture.

  • At the Physical Layer, data routing often reflects historical and colonial ties rather than network efficiency. The “tromboning” of traffic in Africa and South America reveals a world wired in a hub-and-spoke model.³⁹ This has a direct economic impact, raising the cost of intra-regional data exchange and hindering local digital economies.⁴⁰
  • At the Logical Layer, state actors actively weaponize the core protocols of the internet—DNS and TCP/IP—to enforce national borders. DNS poisoning in China, DNS hijacking in Turkey, TCP reset attacks at the Great Firewall, and the geopolitically-aware routing of Russia all demonstrate this transformation.⁵¹
  • At the Content and Cognitive Layer, users in different parts of the world experience fundamentally different internets. This is driven by overt censorship, curated filtering, commercial geoblocking, and the rise of separate national tech ecosystems.²²

The central conflict is between the internet’s original decentralized design and the Westphalian model of state sovereignty.⁵² The evidence gathered here overwhelmingly suggests that the forces of state sovereignty are winning. The output of a simple traceroute command has become a political artifact, a digital fingerprint of a country’s governing ideology.

The future trajectory points towards a deepening of this fragmentation. The internet of the future is unlikely to be a global village. It will be an archipelago of digital nations, each with its own laws, norms, and technical standards. The Ubuntu desktop, once a simple computer, has become a digital passport. The network diagnostics it runs are the stamps that reveal which of these increasingly divergent digital worlds it has entered.

The following table synthesizes the findings of this global investigation.

ArchetypeExample CountriesDominant Control MethodTypical tracerouteBehavior“Strangest” ObservationFuture Trajectory
Open & EfficientNetherlands, Switzerland, South KoreaMinimal; market competition, rule of lawLogical, efficient paths via major IXPs; low latency, zero lossN/A (This is the baseline)Maintaining openness against global fragmentation pressures
Walled GardenChina, North Korea, IranMulti-layer: DPI, TCP Resets, DNS Poisoning, Total Air-Gap, Kill SwitchTrace stops at national border; internal traces are tiny and fastAsymmetrical, stateful DPI that temporarily blackholes user IPs (China)Deeper isolation; exporting censorship models via technology (e.g., LEO)
Curated WebRussia, Turkey, UAE, PakistanState-mandated DPI, DNS Hijacking, ThrottlingGeopolitically-aware routing (via allies); rerouting to state chokepointsDeniable “frustration-based” censorship via severe, targeted throttlingProliferation of “off-the-shelf” censorship tech; move to subtle, AI-driven QoS degradation
Infrastructurally DependentMany nations in Africa, South America, parts of SE AsiaNone (Control is external); market forces“Tromboning” through former colonial powers or the US; high intra-regional latencyUnencrypted sovereign government data traversing foreign networks in plaintextBuilding regional IXPs and data centers to achieve digital sovereignty
Regulated FreeEU member states, United Kingdom, CanadaLegal/Regulatory Frameworks (GDPR, Copyright Directives)Efficient, but application-layer blocks are commonPervasive commercial geoblocking creating thousands of invisible content bordersExporting regulatory standards globally (“Brussels Effect”); increasing platform liability
Hub with DividesUnited StatesMinimal; market forces, strong free speech protectionsIs the destination for a large fraction of global trafficThe domestic digital divide: better connectivity from Seoul than from rural MississippiNavigating ideological isolation between regulated and authoritarian models; addressing internal equity

Glossary of Technical Terms

  • BGP (Border Gateway Protocol): The standardized routing protocol used to exchange routing and reachability information among autonomous systems (networks) on the internet. BGP is what allows different networks to figure out how to send traffic to one another.
  • CGNAT (Carrier-Grade Network Address Translation): A method used by Internet Service Providers (ISPs) to share a single public IPv4 address among multiple customers. This is often a response to the exhaustion of available IPv4 addresses.
  • DPI (Deep Packet Inspection): An advanced method of network filtering that examines the data part (and possibly the header) of a packet as it passes an inspection point, searching for protocol non-compliance, viruses, spam, intrusions, or defined criteria to decide what action to take on the packet.
  • ICMP (Internet Control Message Protocol): A supporting protocol in the Internet protocol suite used by network devices, like routers, to send error messages and operational information indicating, for example, that a requested service is not available or that a host or router could not be reached. ping and traceroute both use ICMP.
  • RTT (Round-Trip Time): The measure of the time it takes for a signal to be sent plus the length of time it takes for an acknowledgment of that signal to be received. This time delay consists of the propagation times between the two points of a signal.
  • TTL (Time-To-Live): A mechanism that limits the lifespan or lifetime of data in a computer or network. In the context of traceroute, it is a value in an Internet Protocol (IP) packet that tells a network router whether or not the packet has been in the network for too long and should be discarded.

Works Cited

  1. Mhalla, Asma. “Splinternet: When Geopolitics Fractures Cyberspace.” Polytechnique Insights.. https://www.polytechnique-insights.com/en/columns/geopolitics/splinternet-when-geopolitics-fractures-cyberspace/
  2. NordVPN. “Splinternet definition.”. https://nordvpn.com/cybersecurity/glossary/splinternet/
  3. Internet Society. “The Chinese Firewall.”. https://www.internetsociety.org/resources/internet-fragmentation/the-chinese-firewall/
  4. VeePN. “Internet Censorship Trends: What You Need to Know in 2024.”. https://veepn.com/blog/internet-censorship-trends/
  5. World Bank. “Digital Infrastructure.”. https://www.worldbank.org/en/topic/digital/brief/digital-infrastructure
  6. Freedom House. “Freedom on the Net 2023: United States.” 2023. https://freedomhouse.org/country/united-states/freedom-net/2023
  7. Komaitis, K. “The Case for Open Sovereignty in a Fragmenting Internet.” komaitis.org.. https://www.komaitis.org/write-share-ignite/the-case-for-open-sovereignty-in-a-fragmenting-internet
  8. Ubuntu. “Wireless network troubleshooting.”. https://help.ubuntu.com/stable/ubuntu-help/net-wireless-troubleshooting.html.en
  9. Comptia. “7 Linux Commands to Check Network Connectivity.”. https://www.comptia.org/en-us/blog/7-linux-commands-to-check-network-connectivity
  10. DevOpsCube. “15 Basic Linux Networking Troubleshooting and Commands for Beginners.”. https://devopscube.com/list-linux-networking-troubleshooting-and-commands-beginners/
  11. Reddit. “How to read a traceroute?” r/techsupport. December 18, 2022. https://www.reddit.com/r/techsupport/comments/zp4yx9/how_to_read_a_traceroute/
  12. InMotion Hosting. “How to Read a Traceroute.”. https://www.inmotionhosting.com/support/website/read-traceroute/
  13. Varonis. “What is Traceroute and How Does it Work?”. https://www.varonis.com/blog/what-is-traceroute
  14. Nexcess. “Guide to interpreting MTR results.”. https://www.nexcess.net/help/mtr-results/
  15. APNIC. “How to properly interpret a traceroute or MTR.” March 28, 2022. https://blog.apnic.net/2022/03/28/how-to-properly-interpret-a-traceroute-or-mtr/
  16. Hostinger. “How to Use the Linux dig Command with Examples.”. https://www.hostinger.com/tutorials/linux-dig-command
  17. IBM. “Using dig +trace to understand DNS resolution from start to finish.”. https://www.ibm.com/think/tutorials/using-dig-trace
  18. Imperva. “What is a DNS hijacking / redirection attack.”. https://www.imperva.com/learn/application-security/dns-hijacking-redirection/
  19. Reporters Without Borders. “2025 World Press Freedom Index.” Wikipedia.. https://en.wikipedia.org/wiki/World_Press_Freedom_Index
  20. IANA. “List of Root Servers.”. https://www.iana.org/domains/root/servers
  21. Cloudflare. “What are the different types of DNS server?”. https://www.cloudflare.com/learning/dns/dns-server-types/
  22. Wikipedia. “List of most-visited websites.” August 2025. https://en.wikipedia.org/wiki/List_of_most-visited_websites
  23. Human Rights Watch. ““Race to the Bottom”.” August 2006. https://www.hrw.org/reports/2006/china0806/3.htm
  24. Fortinet. “What is Deep Packet Inspection (DPI)?”. https://www.fortinet.com/resources/cyberglossary/dpi-deep-packet-inspection
  25. Congressional-Executive Commission on China. “Blocking, Filtering, and Monitoring.”. https://www.cecc.gov/blocking-filtering-and-monitoring
  26. Fortinet. “What is DNS Poisoning?”. https://www.fortinet.com/resources/cyberglossary/dns-poisoning
  27. Wikipedia. “TCP reset attack.”. https://en.wikipedia.org/wiki/TCP_reset_attack
  28. Hotspot Shield. “What is a National Intranet?”. https://www.hotspotshield.com/glossary/national-intranet/
  29. Comparitech. “Internet censorship 2024: A global map of restrictions.”. https://www.comparitech.com/blog/vpn-privacy/internet-censorship-map/
  30. Go-Globe.com. “The State of Internet Censorship – Statistics and Trends [Infographic].”. https://www.go-globe.com/the-state-of-internet-censorship-statistics-and-trends-infographic/
  31. Wikipedia. “Internet censorship.”. https://en.wikipedia.org/wiki/Internet_censorship
  32. Mueller, M. “The Debate on Sovereignty in Cyberspace.” Internet Governance Project. December 31, 2024. https://www.internetgovernance.org/2024/12/31/the-debate-on-sovereignty-in-cyberspace/
  33. Center for Geopolitics. “The Journey, not the Destination, Matters: The Geopolitics of Internet Routes.”. https://www.geopolitique.net/colloque-international-the-journey-note-the-destination-matters-the-geopolitics-of-internet-routes/
  34. Denčić-Mihajlov, K. et al. “How does network topology shape the autocratic Internet?” PNAS Nexus. March 1, 2024. https://academic.oup.com/pnasnexus/article/3/3/pgae069/7608189
  35. Freedom House. “The Rise of Digital Authoritarianism.” Freedom on the Net 2018. 2018. https://freedomhouse.org/report/freedom-net/2018/rise-digital-authoritarianism
  36. Larus. “What is IP Blocking and How Does it Work?”. https://larus.net/blog/what-is-ip-blocking/
  37. Freedom House. “The Net 2021: The Global Drive to Control the Internet.” 2021. https://freedomhouse.org/sites/default/files/2021-09/FOTN_2021_Complete_Booklet_09162021_FINAL_UPDATED.pdf
  38. World Bank. “Connecting the world: Improving access to data infrastructure.” World Development Report 2021. 2021. https://wdr2021.worldbank.org/stories/connecting-the-world/
  39. Edmundson, A. et al. “New tool helps users control which countries their internet traffic goes through.” Princeton University. August 2, 2018. https://www.princeton.edu/news/2018/08/02/new-tool-helps-users-control-which-countries-their-internet-traffic-goes-through
  40. Tian, L. “How does internet connectivity impact developing economies?” VoxDev.org.. https://voxdev.org/topic/macroeconomics-growth/how-does-internet-connectivity-impact-developing-economies
  41. Sharwood, S. “Much gov domain traffic needlessly crosses borders, often without encryption.” The Register. September 1, 2025. https://www.theregister.com/2025/09/01/isoc_government_domain_traffic_measurement/
  42. De Gregorio, G. “Fragmenting Internet Governance: Digital Sovereignty and Global Constitutionalism.” MediaLaws.. https://www.medialaws.eu/fragmenting-internet-governance-digital-sovereignty-and-global-constitutionalism/
  43. Wikipedia. “List of countries by Internet connection speeds.”. https://en.wikipedia.org/wiki/List_of_countries_by_Internet_connection_speeds
  44. World Bank. “Data for Better Lives.” World Development Report 2021.. https://wdr2021.worldbank.org/
  45. Chamow, K. “A Political History of the Internet: Myth, Material, Territory.” Seton Hall University Student Scholarship. 2020. https://scholarship.shu.edu/cgi/viewcontent.cgi?article=2691&context=student_scholarship
  46. Wikipedia. “Internet censorship circumvention.”. https://en.wikipedia.org/wiki/Internet_censorship_circumvention
  47. Foreign Policy Research Institute. “LEO Wars: China’s Orbital Challenge to the US-Led Digital Order.” April 2025. https://www.fpri.org/article/2025/04/leo-wars-chinas-orbital-challenge-to-the-us-led-digital-order/
  48. EnFuse Solutions. “The Role of Generative AI in Content Moderation and Fake Content Detection.”. https://www.enfuse-solutions.com/generative-ai-in-content-moderation-and-fake-content-detection/
  49. Spectrum Labs. “AI for Content Moderation.”. https://www.spectrumlabsai.com/ai-for-content-moderation/
  50. Stream. “AI Content Moderation API.”. https://getstream.io/moderation/
  51. DeNisco Rayome, A. “The ‘Splinternet’ is the future of the internet. Here’s what that means.” CNET. October 29, 2021.
  52. Kerty, D. “Will the Internet Fragment? Sovereignty, globalization and cyberspace.” Georgia Tech. May 2017. https://urbanresearch.iac.gatech.edu/publications/pub/4536

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts