YouTube Outage: Too Much Trust in Internet Protocols
Spammers routinely spoof email header information to cover their tracks and email systems accept the data as correct. Domain name services can be corrupted when an attacker pushes bogus domain name to IP address mappings with DNS poisoning attacks. And now we see the Border Gateway Protocol (BGP) can be used in a denial of service attack. The YouTube outage that started in Pakistan accidentally spread well beyond that country because of the BGP protocol, by itself, trusts routing data it gets from others.
Pakistan Telecommunication Authority had ISPs in the country block YouTube because the service allegedly hosted an anti-Islamic video by Geert Wilders, an anti-Islamist from the Netherlands. The changes to BGP data were accidentally shared with an ISP in Hong Kong and it spread from there. David Ulevitch, of OpenDNS, who worked on the problem, told Network World:
"I was trying to watch cats falling off roofs... and I couldn't get to YouTube," he said. Ulevitch, who runs an Internet infrastructure company called OpenDNS, was soon able to connect with engineers at Google, who also experienced similar problems, he said. "They were like, 'Holy crap, we can't get to YouTube either.'"
The problem could have been avoided had the ISP in Hong Kong verified the BGP, but it didn't. Trusting data as it comes in is a lot less work than verifying it. Cybercrime is too much of a problem to leave gapping holes in Internet security like this.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
