Tuesday, February 26, 2008

How Pakistan knocked YouTube offline (and how to make sure it never happens again)

This graph that network-monitoring firm Keynote Systems provided to us shows the worldwide availability of YouTube.com dropping dramatically from 100 percent to 0 percent for over an hour. It didn't recover completely until two hours had elapsed.

A high-profile incident this weekend in which Pakistan's state-owned telecommunications company managed to cut YouTube off the global Web highlights a long-standing security weakness in the way the Internet is managed.

After receiving a censorship order from the telecommunications ministry directing that YouTube.com be blocked, Pakistan Telecom went even further. By accident or design, the company broadcast instructions worldwide claiming to be the legitimate destination for anyone trying to reach YouTube's range of Internet addresses.

The security weakness lies in why those false instructions, which took YouTube offline for two hours on Sunday, were believed by routers around the globe. That's because Hong Kong-based PCCW, which provides the Internet link to Pakistan Telecom, did not stop the misleading broadcast--which is what most large providers in the United States and Europe do.


This is not a new problem. A network provider
in Turkey once pretended to be the entire Internet, snarling traffic and
making many Web sites unreachable. Con Edison accidentally hijacked
the Internet addresses for Panix customers including Martha Stuart Living Omnimedia
and the New York Daily News. Problems with errant broadcasts go
back as far as 1997.


It's also not an infrequent problem. An automatically-updated list of suspicious broadcasts created by Josh Karlin of the University of New Mexico shows apparent mischief--in the form of dubious claims to be the true destination for certain Internet addresses--taking place on an hourly basis.

So why hasn't anyone done something about it? False broadcasts can amount to a denial-of-service attack and, if done with malicious intent, can send unsuspecting users to a fake bank, merchant, or credit card site.

To understand why this is both a serious Internet vulnerability and also difficult to fix requires delving into the technical details a little.

No comments: