

ASK: Seriousness of Recent China's Internet Hijacking - eande

Yesterdays Newshour coverage on the 18 minutes mass diversion of internet traffic was a surprising information to me. 
After the report I kept wondering how serious the problem really is or just another media panic hype.
 Any thoughts?<p>http://www.pbs.org/newshour/rundown/2010/11/china-internet-hijack-experts-take-questions.html
======
MPSimmons
Seriousness? Well, I suppose that depends on the intent...

It's pretty well known that any BGP node can redirect blocks at will, if
they're trusted by their neighbors (or enough of them, anyway).

If it was an intentional "proof of concept" attack, then I'd guess it worked
pretty well. It's not too hard to invent what Bruce Schneier would call a
"movie plot" scenario where the Chinese government redirects all the traffic
that they want to themselves, with the average internet denizen completely
unaware (because all of the major browsers trust the Chinese government's CA,
which means that they can produce signed, trusted certs for any website that
they want), basically committing an internet-sized man-in-the-middle attack.

Of course, there are some practical issues to get around, plus doing that
would probably (hopefully?) be considered an act of war...and that's ignoring
the ramifications to China's current economic model, which (while I'm not an
econ guy) tells me that they don't want to screw up by enticing a global
embargo of cheap plastic crap.

So basically, what's the intent? If it's malicious, it's serious. If it's not
malicious, then it's really no different than any of the other few times this
sort of thing has happened.

