YouTube Censorship Sheds Light on Internet Trust
If you happened to be searching for a video at YouTube.com Sunday afternoon, there's a good chance your browser told you it was unable to locate the entire Web site. Turns out, much of the world was blocked from getting to YouTube for part of the weekend due to a censorship order passed by the government of Pakistan, which was apparently upset that YouTube refused to remove digital images many consider blasphemous to Islam.
According to wire reports, Pakistan ordered all in-country Internet service providers (ISPs) to block access to YouTube.com, complaining that the site contained controversial sketches of the Prophet Mohammed which were republished by Danish newspapers earlier this month. The people running the country's ISPs obliged, but evidently someone at Pakistan Telecom - the primary upstream provider for most of the ISPs in Pakistan - forgot to flip the switch that prevented those blocking instructions from propagating out to the rest of the Internet.
To understand how a decision by bureaucrats in Islamabad could prevent the rest of the world from accessing arguably one of the Web's most popular destinations, it may first help to accept the basic notion that when the Internet was designed decades ago, everyone on the network pretty much knew and trusted one another. While the close-knit family of individuals responsible for keeping the Internet humming along has since grown into a larger community, it is still a fairly small community based largely on trust and everyone playing nice with one another.
So, what happened? From everything I've read and heard, the YouTube situation appears to have been due to an innocent -- if inept -- mix-up, which allowed Pakistan's ISPs to effectively announce to the world that its Internet addresses were the authoritative home of YouTube.com, and for about an hour or so, most of the rest of the world's ISPs incorporated those updated directions as gospel.
(ISPs manage Internet traffic coming in and out of their networks using expensive hardware devices called routers. Most ISPs have a set of routers that manage the traffic within their network, and a separate set of routers designed to hand off traffic to and from the larger Internet.)
In a country where the government more or less can tell resident ISPs what to do, blocking citizens from visiting certain sites is simple: The ISPs simply tell their customers that if they're looking for a censored site, they either receive an empty page or are redirected to wherever the ISP or government deems as an appropriate substitute destination.
But, if those same ISPs allow their internal blocking instructions to propagate out to their externally-facing routers - the ones that communicate with the wider Internet - such actions can have far-reaching implications, as we saw with YouTube on Sunday.
This kind of implicit trust has caused similar troubles on a number of prior occasions. While it's usually the result of an oversight, this trust can be abused: In 2003, Los Angeles County found that a large swath of its Internet space was suddenly redirecting visitors to porn sites. Investigators later learned a relatively small California ISP had simply declared itself the authoritative destination for a huge chunk of LA's Internet addresses in order to drive traffic to adult sites hosted on his network.
Another notable example occurred during a nearly 12-hour period in 2004 when Turkish Telecom leaked some routing announcements that caused service disruptions for AT&T, the Army Research Lab, General Electric and Level 3, among others.
Mix-ups like this are mostly innocent and happen on a fairly regular basis, albeit usually not with such far-reaching impact. There is, however, not a lot to stop a malicious, trusted actor from using this tactic to intercept traffic and impersonate trusted Web sites in order to steal information.
The U.S. government thought it a problem worthy enough of more scrutiny that it spent a few million dollars between 2004 and 2006 funding a research endeavor called the Secure Protocols for Routing Infrastructure project. Due to budget cutbacks at the Department of Homeland Security, however, the program is being discontinued.
Some experts on Internet infrastructure discussion lists such as the North American Network Operators Group (NANOG) are crying foul, saying this was an deliberate act of defiance or assertiveness by the nascent Pakistani government. But most seem to agree this was little more than a screw-up. Still, a nation state or other adversary could stir up diplomatic trouble by toying with this sort of trust built into the Internet. What would our government make of it, say, if all of a sudden all traffic destined for .gov domains wound up in China or North Korea?
Marc Sachs, director of the SANS Internet Storm Center - a Bethesda, Md., based group that tracks hacking trends - said for now the checks and balances in the system today are that the same trust that allows network providers to abuse the system can be revoked. In this latest case with Youtube, network operators affected by the bogus update simply discarded the errant directions from Pakistan and in all likelihood told their own routers to ignore any further updates from Pakistan, at least for the time being, Sachs said.
"Someone at a large network could probably get away with a stunt like that for up to 30 minutes or an hour before [those in charge of] the rest of the Internet would just start shunning them," Sachs said. "As soon as you have someone in the system acting in a rogue manner - intentionally or not - they tend to lose the trust of the rest of the community pretty quickly."
But will this latest incident be enough to rekindle interest in Washington for more R&D on ways to improve the security and reliability of the Internet's routing system? Probably not, Sachs said.
"I would presume that (on Monday) when the bureaucrats come back to work and sharpen their pencils that more than one person inside the federal government will show concern about this," Sachs said. "Just as sure, something else will happen a couple of days later and we'll end up shifting our attention to that instead."
Posted by: KH | February 25, 2008 11:37 AM | Report abuse
Posted by: Suresh Ramasubramanian | February 25, 2008 11:49 AM | Report abuse
Posted by: anthonty | February 25, 2008 1:05 PM | Report abuse
Posted by: Steve | February 25, 2008 1:24 PM | Report abuse
Posted by: Josh | February 25, 2008 2:03 PM | Report abuse
Posted by: TTP | February 25, 2008 2:08 PM | Report abuse
Posted by: Josh | February 25, 2008 2:11 PM | Report abuse
Posted by: Josh | February 25, 2008 2:12 PM | Report abuse
Posted by: nanog | February 25, 2008 2:51 PM | Report abuse
Posted by: CA | February 25, 2008 3:35 PM | Report abuse
Posted by: Bk | February 25, 2008 4:30 PM | Report abuse
Posted by: Jay Levitt | February 25, 2008 4:59 PM | Report abuse
Posted by: Duh | February 25, 2008 7:18 PM | Report abuse
Posted by: I'm confused | February 25, 2008 8:48 PM | Report abuse
Posted by: controversy! | February 26, 2008 3:25 AM | Report abuse
Posted by: controversy! | February 26, 2008 3:29 AM | Report abuse
Posted by: Anonymous | February 26, 2008 8:32 AM | Report abuse
Posted by: fake1 | February 26, 2008 8:31 PM | Report abuse
Posted by: Controversy! | February 27, 2008 1:33 AM | Report abuse
Posted by: Controversy! | February 27, 2008 1:39 AM | Report abuse
Posted by: Controveresy! | February 27, 2008 1:42 AM | Report abuse
Posted by: Controversy! | February 27, 2008 1:59 AM | Report abuse
Posted by: controversy! | February 27, 2008 2:05 AM | Report abuse
Posted by: Rick | February 27, 2008 8:24 AM | Report abuse
Posted by: Scott | February 27, 2008 4:54 PM | Report abuse
Posted by: Carlos Idelone | February 29, 2008 4:38 PM | Report abuse
Posted by: Solo Owl | March 1, 2008 12:16 PM | Report abuse
Posted by: Solo Owl | March 1, 2008 12:37 PM | Report abuse
Posted by: Without prescription pharmacy | March 26, 2008 8:35 PM | Report abuse
Posted by: connecticut lasik eye surgery | April 22, 2008 3:12 PM | Report abuse
Posted by: connecticut lasik eye surgery | April 22, 2008 3:13 PM | Report abuse
Posted by: ping pong table table tennis | May 3, 2008 2:25 PM | Report abuse
The comments to this entry are closed.