Stories
Slash Boxes
Comments

SoylentNews is people

BGP Hack Steals Google (at Least for an Hour or so)

posted by martyb on Tuesday November 13 2018, @04:49AM   Printer-friendly
from the which-way-did-he-go? dept.

Mainframe Bloke writes:

The Register reports a hack, speculated to be intentional instead of the usual finger fumble, whereby all of Google's traffic was routed for just over an hour to servers in Russia and China.

The Register story: https://www.theregister.co.uk/2018/11/13/google_russia_routing/.

It quotes this update from Google: https://status.cloud.google.com/incident/cloud-networking/18018#18018002

Excerpt from the update:

The issue with Google Cloud IP addresses being erroneously advertised by internet service providers other than Google has been resolved for all affected users as of 14:35 US/Pacific. Throughout the duration of this issue Google services were operating as expected and we believe the root cause of the issue was external to Google. We will conduct an internal investigation of this issue and make appropriate improvements to our systems to help prevent or minimize future recurrence.

As BGP is "broken by design", i.e. assumes trust where there is no longer any, what is perhaps surprising is that it took so long to happen. Does not augur well.

So much for "the internet always routes around damage". Maybe "always" takes time to happen...

Exercise for the reader: is it possible to circumvent this effectively, and if so, how? Has my paranoia-meter misfired, and there's really nothing to worry about?

Original Submission

 
This discussion has been archived. No new comments can be posted.
BGP Hack Steals Google (at Least for an Hour or so) | Log In/Create an Account | Top | 19 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Wednesday November 14 2018, @12:16PM (1 child)

    by Anonymous Coward on Wednesday November 14 2018, @12:16PM (#761704)

    According this article [reuters.com]. This was caused by a network equipment upgrade misconfiguration in Niggeria. Which I don't believe for one second.

  • (Score: 0) by Anonymous Coward on Wednesday November 14 2018, @02:15PM

    by Anonymous Coward on Wednesday November 14 2018, @02:15PM (#761733)

    This is entirely possible. If the Nigerians send a more specific prefix, and there is disagreement between carriers about the minimum size of advertised blocks, then you have a situation where the smaller block gets passed around to a few small localities on the Internet. Note that this has to do with the number of AS's traversed not the number of routers or geographical distance traversed.

    Journalists, politicians and the MIC: "Aaaaaah Russia, China! Commie bastards, drop nukes on those motherfuckers!"

    Engineer: "Fuck. I knew when I dropped an Oreo crumb in my keyboard it was going to cause trouble sometime down the road."

    Security Blowhards: "Something needs to be done about this, there needs to be more consulting and expensive useless software contracts!"

    There are physics problems that dictate why the algo's work the way they do. If there is a better way, there is a lot of money in finding it, yet it hasn't been found. Not that this can be expected to keep people from exploiting public paranoia. In IT we don't often call out the digital version of flat earthers. That is because they outnumber us and are predisposed to violence.

    SSDD