Comments on: How Pakistan knocked YouTube offline (and how to make sure it never happens again)
YouTube becoming unreachable isn't the first time that Internet addresses were hijacked. But if it spurs interest in better security, it may be the last.
Most Popular
15 sites that went kaput in 2009
Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.
Top 10 news stories of the decade
Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.
About News Blog
Recent posts on technology, trends, and more.
Add this feed to your online news reader
&srcUrl=http://news.cnet.com/8601-10784_3-9878655-0.html?communityId%3D2066%26targetCommunityId%3D2066%26blogId%3D7){kind=small}
There isn't enough research on stories now-a-days in the online journalist scene.
Its good to see some refreshing journalism again.
I've been reading Declan McCullagh over the years and he is without doubt one of, if not the best journalist who works with Cnet News.
When you see Declan McCullagh at the top of news articles on Cnet News, you know you're going to get a quality indepth read on whats going on.
His stories are particularly good on government issues and wiretapping.
Well done Cnet for original refreshing journalism, which lacks in the American-media scene all too often.
Usually I need to goto British news sites to get real news and real facts, but this proves me wrong that America's media outside of the NY Times can produce quality news.
There are issues so alarming, underlying this, and significant assumptions that are not being questioned.
I'll bet that no one in Pakistan thought this would happen, I'll bet they thought that no one outside of Pakistan would notice this at all.
There is a much easier way to cut of access, than this, the method chosen appears to be one of a very suspicous nature. A method that enables the local Pakistan NOC to find out who (in Pakistan) was connecting to YouTube, not just block it.
Your best bet for real news is still media sources outside the US, because ours is quite well owned and controlled....
"We've already seen domain name blocking in Finland and Web page blocking in the United States, both supposedly enlightened Western democracies.)"
just report the news, if I want snark I'll go to Huffington post or moveon.org
I don't think script kids can do a whole with this at the moment.
They would need to wait for the real hackers to release some kind of technique for them to use.
However, cyber terrorism is a possibility.
If a script kid gets a job at a NOC or SOC then there is real potential for damage to be caused.
Proper vetting of course is needed to stop the cyber terrorists getting jobs which work with technology and telecoms, where there is critical infrastructure at the hands of staff members.
Even human error can be a cyber terrorism, even if the error was unintentional.
It seems this was a "blue on blue" cyber attack...
Remember, your computers don't need to be connected to the internet for them to be exploited with zero-day code or a malicious user.
If a staff member can do badness by mistake or intentionally, to the end-user it doesn't matter how it happened, the result is still the same as a full scale malicious attack.
I'm sure Youtube don't care if it was a mistake, an outage is an outage and has the same affect as a malicious attack.
The hackers aren't going to go into the NOC /SOC centers, they are gonna pay the script kids to do it.
There is a pecking order that is maintained... when hackers want to target computers not connected to the internet, they will send in human resources to work at key jobs. Those human resources are the script kids, directed by the big hackers. The big hackers won't risk jail.
Remember folks, if you have computers in critical ifnrastructure buildings, they need to be patched from zero-day that appears on the security mailing lists, even if those computers will never be connected to the internet, because even with really good employee vetting and physical security checks into the building, there is always a chance the cyber terrorists will get in and get access to these not-connected-to-the-internet computers.
Yeah, that's how serious that threat actually was.
And now they seem sure every script kiddie with a cable modem will find a magical way to redirect all of the Web's traffic.
How did that saying go? "Fool me once, shame on...uh, won't get fooled again"?
- CNET is not a monolithic entity. We employ hundreds of writers and editors, each with his or her own view. There's no party line. (A few weeks ago, my colleague Michael Kanellos and I debated capitalism here on these pages.) So because one person was excited about pharming doesn't mean much.
- It was a quote. Did you actually read the full article?
Well. This is Internet's largest weakness. And I'm sure that countries in the future, in an event of a war will try to sabotage Internet for the country it is in war with and we will end of with several different Internets that cant connect. I'm sure this will be debated heavily over the coming weeks by media and security experts and be an example that maybe it's time to try to do something about this weakness.
My question is - can an individual do anything ? What if your ISP decides to hijack the IP address of one or other website ? Can an individual in Pakistan circumvent what Pakistan Telecom did ?
I know all hackers will now concentrate on how to replicate what Pakistan Telecom did, but I hope some IT wizard would come up with a way for individuals to fight back, and not having to rely on irresponsible businesses such as PCCW.
The below indicates that YouTube's 208.65.153.253 IP address is in or near San Jose, which makes sense.
eriador-cnet-cnwk:~ declan$ traceroute 208.65.153.253
traceroute to 208.65.153.253 (208.65.153.253), 64 hops max, 40 byte packets
[snip]
5 ggr6.n54ny.ip.att.net (12.122.86.101) 94.928 ms 93.830 ms 93.987 ms
6 64.212.107.97 (64.212.107.97) 93.317 ms 95.230 ms 98.577 ms
7 youtube-llc.po1.401.ar2.sjc2.gblx.net (64.212.108.162) 171.381 ms 184.317 ms 170.837 ms
8 youtube.com.hk (208.65.153.253) 170.291 ms 170.851 ms 171.321 ms
This would let you get around DNS spoofing by hackers or governments.
I am running on a negative amount of sleep, so I don't know if this is a good idea. Please comment.
I have a great deal of respect for a master counter fitter who can hand draw a $100 bill that will pass inspection. I have no respect for a 12 year old kid who has a color copier.
Not all criminals are created equal.
http://youtube.com/watch?v=5S3OA3nJRBQ
http://youtube.com/watch?v=HIHDqZLTK5Y
multiple "Danish Cartoon Parody" and "Geert" or "Forbidden Trailer" searchable.
http://thepiratebay.org/tor/4047508
http://thepiratebay.org/tor/4047509
We'll see how filterable a specific migratory stream / http url is... It takes a VERY large packet filter device to pull that scale of censorship off on multihoned isps.
Mirror FLV stream backup http://wikileaks.bluenorway.org etc
http://BlueNorway.Org
bluenorway@gmail.com
;)
the United Nations. This type of thing would become rampant.
2. BGP filters are common on smaller ASN's peering sessions, but on customers who are viewed as bigger due mainly to the number of prefixes and/or company size there is an assumption of clue fullness and implicit trust as you say and thus filters are often omitted. This is true with the big American users as well. PCCW buys service from Global Crossing as an example and nobody is complaining that Global crossing didn't filter PCCW, but since PCCW transits about 15,000 routes, this would be a bit odd (15,000 routes of the total 245,000 or so that make up the internet).
Is its proximity to gov intelligence installations a coincidence?
Is not this same mechanism able to snoop upon packets, by routing through 'forged routes', without interupting service?
Why would anyone do this to block a website when all that is needed is for the Pakistan telco to remove the route, and DNS entry of YouTube from its local NOC? (this is the safe easy way.)
Do we even know for sure that the supposed material being censored was what was claimed....cartoons just don't seem to justify such a drastic action?
There is little argument that taking over hosting of those addresses was done just to cut off local access, its a strong indicator that it was done to find exactly who (IP and MAC addresses) was attempting access to YouTube at that time.
Perhaps to trace/prevent uploading of?????
This again is a very strong argument for physical addressing and routing using GPS Signals, which cannot be forged, nor duplicated. (without fake GPS Satelites anyway).
Indiviuals cannot do much to affect the inetent, but when network engineers are ordered to do stupid stuff by the goverment, what can you do. Anybody with an authorized AS number and a BGP router can affect the stablility of the Interent.
Who is upset with them?
I learned a lot from it and the links referenced useful sites. To echo another poster, it should be an article, not just a blog post.
- Pakistan Telecom
- by TheGreatOn March 13, 2008 1:16 PM PDT
- Pakistan Telecom is 26% privately owned by Etisalat which also controls the company, so although you would be accurate to say it is a state-owned company I don't think it paints an accurate picture.
- Like this Reply to this comment
-
(32 Comments)