Pakistan's Accidental YouTube Re-Routing Exposes Trust Flaw in Net

Submitted by MacRonin on February 25, 2008 - 4:14pm

Pakistan's Accidental YouTube Re-Routing Exposes Trust Flaw in Net - Via Threat Level:

A Pakistan ISP that was ordered to censor YouTube accidentally managed to take down the video site around the world for several hours Sunday.

The Pakistani government ordered ISPs to censor YouTube to prevent Pakistanis from seeing a trailer to an anti-Islamic film by Dutch politician Geert Wilders. YouTube has since removed the clip for violating its terms of service, but a screenshot of the film, available via Google, shows a crude drawing of a pig defecating with the word Allah underneath it.

Pakistan Telecom complied by changing the BGP entry for YouTube -- essentially updating its local internet address book for where YouTube's section of the internet is. The idea was to direct its internet users to a page that said YouTube was blocked.

Unfortunately, the ISP announced the new route to upstream providers. The upstream providers didn't verify the new route but accepted it and then passed it along, cascading the bad address around the net, until most everyone using the net on Sunday would have been directed to the Pakistani's network block. The blunder not only took down YouTube, but also choked the Pakistani ISP, which was quickly deluged with millions of requests for talking cat videos.

So why did the upstream providers accept the information? 

YouTube has a large block of IP addresses it owns -- in essence, its BGP entry tells people to go to Madison Square Garden. Once your packets get there, they are then told which entrance to the Garden is least crowded. 

But the Pakistani announcement said that YouTube was located at 123 Censorship Row, Suite 305, Lahore, Pakistan -- which looks to be far more specific and thus more useful information than "Madison Square Garden."  And since the internet's architecture still relies on trust, most networks -- especially big ones -- trust each other's info without testing it.

This isn't the first time such things have happened (ConEd did the same thing to Martha Stewart, among others, in 2006), and likely won't be the last.

Will this outage prompt network operators change their ways and adopt long-standing proposals to verify changes to the BGP system?

THREAT LEVEL is doubtful. On Christmas Eve 2004, a Turkish ISP basically announced it was the destination for every site on the internet. And yet the architecture didn't change.

Here's what Todd Underwood, a VP at the internet monitoring firm Renesys, had to say about the Turkish outage a year later.

The Internet works. But those who work close to the middle of it may marvel on an ongoing basis that it works at all, much less as well as it does. In this way, the Internet models much of the rest of industrial society: it teeters as close as it can to the precipice, veering away from collapse only when it truly needs to, and only when enough of us look over the edge and decide we don't really want to fall. Here's to another year of not quite falling.

See Also:

Photo: ZeHawk

See also Brian Krebs, Renesys

(Read Original Article - Via Threat Level.)

Bookmark/Search this post with: