 sj |
||
|
||
BS: Malware At Work - Officially
| JohnInKansas | 26 Feb 08 - 12:42 AM | |
| Richard Bridge | 26 Feb 08 - 03:39 AM | |
| JohnInKansas | 26 Feb 08 - 04:02 AM | |
| Mr Red | 26 Feb 08 - 01:53 PM | |
| Richard Bridge | 26 Feb 08 - 05:51 PM | |
| Rapparee | 26 Feb 08 - 06:05 PM | |
|
|
|
||||||||||||||||||||
|
BS: Malware At Work - Officially
|
Share Thread
|
|||||||||||||||||||
|
Subject: BS: Malware At Work - Officially From: JohnInKansas Date: 26 Feb 08 - 12:42 AM Pakistan causes worldwide YouTube outage 'Identity theft' results in disruption, highlights one of Web's vulnerabilities By Peter Svensson The Associated Press updated 3:24 p.m. CT, Mon., Feb. 25, 2008 NEW YORK - Most of the world's Internet users lost access to YouTube for several hours Sunday after an attempt by Pakistan's government to block access domestically affected other countries. The outage highlighted yet another of the Internet's vulnerabilities, coming less than a month after broken fiber-optic cables in the Mediterranean took Egypt off line and caused communications problems from the Middle East to India. An Internet expert likened the cause of the outage to "identity theft" by a Pakistani telecommunications company, which accidentally started advertising itself as the fastest route to YouTube. But instead of serving up videos of skateboarding dogs, it sent the traffic into oblivion. On Friday, the Pakistan Telecommunication Authority ordered 70 Internet service providers to block access to YouTube.com, because of anti-Islamic movies on the video-sharing site, which is owned by Google Inc. The authority did not specify what the offensive material was, but a PTA official said the ban concerned a trailer for an upcoming film by Dutch lawmaker Geert Wilders, who has said he plans to release a movie portraying Islam as fascist and prone to inciting violence against women and homosexuals. The block was intended to cover only Pakistan, but extended to about two-thirds of the global Internet population, starting at 1:47 p.m. ET Sunday, according to Renesys Corp., a Manchester, N.H., firm that keeps track of the pathways of the Internet for telecommunications companies and other clients. The greatest effect was in Asia, were the outage lasted for up to two hours, Renesys said. YouTube confirmed the outage on Monday, saying it was caused by a network in Pakistan. "We are investigating and working with others in the Internet community to prevent this from happening again," YouTube said in an e-mailed statement. A YouTube spokeswoman did not immediately respond to an e-mailed question on whether the clips that offended Pakistan's government had been removed. Several clips with interviews of Wilders were still up on the site Monday afternoon. Two apparent errors allowed the outage to propagate beyond Pakistan, according to Todd Underwood, vice president and general manager of Internet community services at Renesys. Pakistan Telecom established a route that directed requests for YouTube videos from local Internet subscribers to a "black hole," where the data was discarded, according to Renesys. Pakistan Telecom's mistake was that it then published that route to its international data carrier, PCCW Ltd. of Hong Kong, Underwood said. The second mistake was that PCCW accepted that route, Underwood said. It started directing requests from its customers for YouTube data to Pakistan. And since PCCW is one of the world's 20 largest data carriers, its routing table was passed along to other large carriers without any attempt at verification. "Once a pretty big network gets an error like that, it propagates to most or all of the Internet very quickly," Underwood said. As he put it, Pakistan Telecom was impersonating YouTube to much of the world. [a little more at the link, but that's the gist of it.] John |
|
Subject: RE: BS: Malware At Work - Officially From: Richard Bridge Date: 26 Feb 08 - 03:39 AM Bearing in mind that the genesis of the internet was a supposedly resilient network resistant to nuclear attack, that is pretty alarming... |
|
Subject: RE: BS: Malware At Work - Officially From: JohnInKansas Date: 26 Feb 08 - 04:02 AM I think the "analysts" were appropriately alarmed. The problem is getting the politicians to understand enough to be frightened. [Or maybe we should be more frightened if the politicians to get too much understanding?] Another, perhaps interesting: FCC ready to curb ISP traffic management Hearing on practice held in wake of complaints against Comcast John |
|
Subject: RE: BS: Malware At Work - Officially From: Mr Red Date: 26 Feb 08 - 01:53 PM The Darpa/Arpa net was envisaged to have many connections and be resilient by virtue of redundancy. The internet has been taken over by commerce and the immense redundancy has been seen as over-capacity. The two facets are the same. It is just that commerce can't cope with redundancy so everything is piped into a few backbones. The come-on is speed. The truth is that the internet is not massively redundant any more. If you want to slow things down you just flood the system. Be it water down the valley, cars on the highway or big meals day in day out. The London Ambulance response network suffered a similar fate on a busy day. Tandem computers quoted 11 million GBP for a system that was eventually bought for 2 million. Tandem (clue is in the name) are experts in fail-safe systems. Fail-safe can be bought with redundancy, more cheaply and with less risk than cleverness. But it still costs. |
|
Subject: RE: BS: Malware At Work - Officially From: Richard Bridge Date: 26 Feb 08 - 05:51 PM JiK - there is worse done by the biggest UK ISP, Btinternet. It runs a system called "cleanfeed" that uses a government approved list of banned sites. If a user tries to access one it displays "404 not found" and bars access. The really scary thing is that it presents stats to the government every month of how many attempts to access barred sites have been blocked. To my mind this necessarily implies that it knows who you are. Of course they say it is just to bar access to child pornography. Do you trust a government that controls communications and knows who you are? |
|
Subject: RE: BS: Malware At Work - Officially From: Rapparee Date: 26 Feb 08 - 06:05 PM ARPAnet was not built to withstand nuclear attack. It was built solely so that computer capacity could be shared among users at a distance -- why let a million dollar machine in California sit idle when users in New York could use it? Redundancy was required, just as it is now. This info from Vince Cerf, who should know if anyone does. |
