
Google’s Public DNS intercepted in Turkey - ssclafani
http://googleonlinesecurity.blogspot.com/2014/03/googles-public-dns-intercepted-in-turkey.html
======
colmmacc
If anyone is in Turkey and can configure their system to use Google Public DNS
IPs / OpenDNS IPs as their resolvers, I'd be interested to learn what you see
on: [http://whatsmyresolver.stdlib.net/](http://whatsmyresolver.stdlib.net/)

It's clear that addresses such as 8.8.8.8 are being intercepted. But it's
unclear if the interceptor is passing on the uninteresting queries to the
"real" Google Public DNS / OpenDNS, or if they are acting as standalone
resolvers. The above website records what IP address the resolver uses to
communicate with authoritative DNS servers.

~~~
erhanerdogan
195.175.255.82

~~~
colmmacc
Thanks! that looks like they are running standalone resolvers:

    
    
        inetnum:        195.174.0.0 - 195.175.255.255
        netname:        TR-TELEKOM-960902
        descr:          Turk Telekomunikasyon Anonim Sirketi
    

in that case, each ISP is probably running their own standalone servers.

~~~
erhanerdogan
Nope, this is not an ISP. Turk Telekom is stated-owned broadband internet
(infrastructure) company. All of the ISPs are having the same peering. I
checked your link through TTNet. We also have Superonline and Smile as main
ISPs.

~~~
ardacinar
Turk Telekom is not state-owned, not for the last 8 years or so.

~~~
morsch
Details courtesy of Wikipedia: Privatized in 2005. "55% of the shares of Turk
Telekom belongs to Oger Telekomünikasyon A.Ş. and 30% of the shares belongs to
Undersecretariat of Treasure of Turkey. The remaining 15% of shares has been
offered to the public." Oger Telekom is apparently 100% privately owned by the
Hariri family.

So, still 30% state owned. As one point of reference, the German government
still holds 15% directly plus 17% indirectly of Deutsche Telekom. France and
Orange (nee France Telecom) are similar.

------
stanleydrew
This is bad if true, but there aren't any technical details concerning the
nature of the attack or how they discovered it.

Is it possible to claim that you are 8.8.8.8 from within Turkey using some
sort of BGP wizardry?

~~~
EthanHeilman
They are using an BGP hijack attack:
[https://twitter.com/TelecomixTurkey/statuses/449924292914839...](https://twitter.com/TelecomixTurkey/statuses/449924292914839554)

~~~
EthanHeilman
Looks like this is actually being done through IGP:
[http://www.bortzmeyer.org/dns-routing-hijack-
turkey.html](http://www.bortzmeyer.org/dns-routing-hijack-turkey.html)

------
nubbee
Only thing they've achieved is starting a unwinnable game of public DNS whack-
a-mole.

~~~
api_or_ipa
considering that 8.8.8.8 was widely graffiti'd across Turkey, it stands to
reason that informing people about alternative dnss might be a labourious
task.

------
bertil
I’m curious about how all this seams reactive and not creative… Isn’t the
reason for this an audio recording of officials suggesting to make-up a _casus
belli_? Sounds easy enough to share as an e-mail attachement, is it? Or USB
memory dongle, or in pirate radios…

I don’t mean to downplay the overall technical side, it’s… well quite exactly
it is on of Jon Zittrain’s nightmare happening live, so that’s wonderful in an
incredibly scary and nerdy way, but… My question is: Why isn’t the cat out of
the bag a thousand times, yet?

~~~
corkill
The turkish people already know the government is corrupt so the cat is out of
the bag in that sense (they didn't need these recordings to know that).

But twitter etc allow much easier spreading of information and organising
protests than do email, memory sticks etc

------
jlgaddis
Let me confess upfront to being ignorant when it comes to demographics and
statistics about Turkey... but it looks like TT is a pretty big player WRT
Internet in Turkey.

As of a few moments ago, I see ~5,363 prefixes in BGP originating from TT or
one of their downstream peers, of which there appear to be ~307 (my numbers
are approximate and almost certainly not exact, due to the way I came up with
them). That's a whole lotta people that are affected by this.

------
whatevsbro
It's fucked up in a morbidly fascinating way how everyone here is just going
through the technical details of how this particular variety of oppression
works, instead of seeing the oppression itself.

What's going on is that _a government 's subjects_ are saying things it
doesn't want them to say, and the government has decided to "prevent" it by
force. You're right in that it's a bit of a losing game.. up to the point
where the oppression gets so severe that the population stops resisting out of
fear.

The root problem here, again, is that people believe they should have rulers.
They should not, and Turkey is helpfully providing yet another example of why.

~~~
EthanHeilman
I'm not sure it is a losing game. It depends on the goals the government
wishes to achieve.

Certainly this filtering has made access more difficult for segments of the
population, it has sent a message that the government is willing to employ
outright censorship. If I worked at a newspaper or ran a social network inside
Turkish boarders I would be very worried.

Governments use censorship because they believe it will allow them to achieve
their goals, often they are right. Consider: "If Erdogan's party manages to
sustain its early lead as the ballot count continues, it would suggest such
troubles have been largely shrugged off by many of Turkey's over 50 million
eligible voters." [http://news.yahoo.com/turkeys-embattled-pm-faces-key-test-
lo...](http://news.yahoo.com/turkeys-embattled-pm-faces-key-test-local-
elections-025354614.html)

