Search Here

Tuesday, February 26, 2008

A Pakistani order to its ISPs to block Google's YouTube wound up breaking trust and hijacking YouTube's ISP address, sending global access to YouTube into a "black hole." Pakistan's attempt at censoring YouTube exposed weaknesses in the Internet architecture based on ISP trust.
In a bizarre turn of events, Pakistan's attempts to block its citizens from accessing Google-owned YouTube wound up sending the video-sharing site into a "black hole" and exposing some fundamental weaknesses of the Internet architecture.
It's not clear what YouTube video spurred the Pakistani action. Leading contenders include a film by Dutch anti-Islamic politician Geert Wilders and the incendiary political cartoons featuring the prophet Muhammad published by Dutch newspapers in 2005. The newspapers recently republished the cartoons in solidarity with the cartoonist, whose life was threatened in a plot discovered by Dutch authorities.
Whatever the reason, the Pakistan Telecommunications Authority issued an order to Pakistani ISPs to block YouTube. The nation's largest ISP, Pakistan Telecommunications Corp. Ltd. (PTCL) took steps to send all requests from Pakistan for YouTube into a "black hole." But, apparently inadvertently, the ISP hijacked YouTube's IP addresses, effectively shutting down the site for users around the world for several hours.
Google Still Investigating
"Traffic to YouTube was routed according to erroneous Internet protocols, and many users around the world could not access our site," Google announced after working around the problem. "We have determined that the source of these events was a network in Pakistan. We are investigating and working with others in the Internet community to prevent this from happening again."
BBC reporter Darren Waters, who did some of the early reporting on the story, wrote in a blog, "There will definitely be some fallout from this. It would seem that all it takes to hijack a Web site globally is for a telecoms firm to instruct its ISPs that they now run a domain, and for one of those ISPs to announce that globally. So that other ISPs follow suit in a piggyback chain of confusion."
What happened exactly? The answer has to do with some fairly low-level details in how data moves across the Internet and the "enormous responsibility large ISPs have in routing packets," said Andrew Storms, director of
security operations for nCircle Network Security, in an e-mail.
Trust Agreements Violated
"When ISPs talk to each other, they use BGP (Border Gateway Protocol) to agree how traffic on the Internet should flow to be the most efficient. Part of that agreement is like showing your cards in a game of Go Fish," he said. "Comcast trusts that AT&T is telling the truth and trying to do the right thing, and vice versa."

0 comments: