China's Great Firewall Infects Other Countries 178
angry tapir writes "A networking error has caused computers in Chile and the US to come under the control of the Great Firewall of China, redirecting Facebook, Twitter, and YouTube users to Chinese servers. Security experts are not sure exactly how this happened, but it appears that at least one ISP recently began fetching high-level DNS information, from what's known as a root DNS server, based in China. That server, operated out of China by Swedish service provider Netnod, returned DNS information intended for Chinese users, effectively spreading China's network censorship overseas."
Nice headline (Score:5, Informative)
Re:Uh Huh (Score:5, Informative)
Can't say that I'm surprised that it did happen.
Especially now when Google has decided to pull out. And China does have an urge to control any information that they don't like. Which would be the majority of the internet.
And still this has nothing to do with the Chinese government. It's the ISP's fault that erroneously configured their servers to use the Chinese root DNS server.
Re:I am not a fan of the USA gov't (Score:1, Informative)
I greatly prefer it to enslaving our children in unsustainable debt to make the a handful of industrialists even richer.
Re:Uh Huh (Score:4, Informative)
Well in fairness it has a little bit to do with China. That whole censorship thing.
Re:I am not a fan of the USA gov't (Score:3, Informative)
It's funny, because the Reagan years spent more than compared to the GDP than Clinton or GWB but you I happen to like those kind of "facts". In the Clinton years spending v GDP went down quite a bit. The only time our debt has gone down since that giant "debt clock" thing was built was under Clinton.
hacker attack (Score:3, Informative)
Come on, are we really being that stupid? Of course it was a hacker attack. The chances of an IP address "accidentally" being pointed to a Chinese one is remote.
These Chinese hackers (and hackers in general) are getting more and more dangerous. If they hack the DNS servers, we're talking about a massive ability to steal passwords, since https is based on domain name and not IP address. If the DNS is configured to give incorrect DNS information, then we really could get hosed here.
Re:Misleading (Score:4, Informative)
Re:Now... (Score:2, Informative)
Re:hacker attack (Score:0, Informative)
si si senjor legalize it
Re:hacker attack (Score:3, Informative)
It's not so much a matter of things being "pointed" anywhere, more a side-effect of anycasting the root DNS servers [wikipedia.org] so that if your current routing happens to put root servers in China as closer than any others, you'll get your results returned from them.
Of course, one could argue that countries shouldn't be allowed to mess with root DNS servers that they host and have them return invalid addresses for valid domains, but that's besides the point here.
Re:Net views censorship as damage (Score:5, Informative)
I was following along with this on the dns-operations mailing list. This pertained to i-root in Asia, and various i-root node operators said "this is not our box". It was a rogue root server (whether installed by the Chinese government or an ISP guided by the government's hand) (as far as netnod/i-root is concerned) announcing the anycast block used by i-root. In doing so they basically advertised themselves as a root node for i-root and it doesn't seem like this was Netnod-affiliated at all. The summary (I didn't re-read the article to see if that said the same) implies that netnod was running this intentionally and serving up Chinese-censored results for affected sites. All this would take is a person with the ability to have their upstreams accept BGP announcements for the anycast block for i-root and run the server. Then any requests to i-root that are topologically "close" will start using this node.
Before anyone continually says that an ISP must have intentionally configured their servers to use this root, they should read up on IP anycasting and read the thread on the dns-operations mailing list instead of these 2nd/3rd/4th-hand summaries that are beginning to skew the facts.
https://lists.dns-oarc.net/pipermail/dns-operations/2010-March/005260.html
Re:Net views censorship as damage (Score:1, Informative)
Somehow you and I don't appear to have been reading the same mailing list.
Re-read the e-mails from Kurtis@Netnod and the local operator more carefully...