Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Tuesday November 13 2018, @04:49AM   Printer-friendly
from the which-way-did-he-go? dept.

The Register reports a hack, speculated to be intentional instead of the usual finger fumble, whereby all of Google's traffic was routed for just over an hour to servers in Russia and China.

The Register story: https://www.theregister.co.uk/2018/11/13/google_russia_routing/.

It quotes this update from Google: https://status.cloud.google.com/incident/cloud-networking/18018#18018002

Excerpt from the update:

The issue with Google Cloud IP addresses being erroneously advertised by internet service providers other than Google has been resolved for all affected users as of 14:35 US/Pacific. Throughout the duration of this issue Google services were operating as expected and we believe the root cause of the issue was external to Google. We will conduct an internal investigation of this issue and make appropriate improvements to our systems to help prevent or minimize future recurrence.

As BGP is "broken by design", i.e. assumes trust where there is no longer any, what is perhaps surprising is that it took so long to happen. Does not augur well.

So much for "the internet always routes around damage". Maybe "always" takes time to happen...

Exercise for the reader: is it possible to circumvent this effectively, and if so, how? Has my paranoia-meter misfired, and there's really nothing to worry about?


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by ledow on Tuesday November 13 2018, @08:15AM (1 child)

    by ledow (5567) on Tuesday November 13 2018, @08:15AM (#761189) Homepage

    Yes, but for a user, there is literally nothing they can do. They are entirely bound by every hop along their route doing this, doing it properly, and never making a mistake or working against them.

    Which is a stupid scenario for something so important and so based on random trust.

    BGP.
    SMTP.

    Two huge, unsolved problems that really need to go away forever because they are destroying all semblance of privacy or security for users.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 0) by Anonymous Coward on Wednesday November 14 2018, @03:38AM

    by Anonymous Coward on Wednesday November 14 2018, @03:38AM (#761582)

    I suppose the best mitigation is using HTTPS Everywhere and HSTS and hoping the website is on one list or the other. With DNSSEC in place and other restrictions like DANE or CAA or key pinning, your attacker would have to jump through much more hoops, some of which might trip automated monitoring, in order to succeed with their attack.