[102727] in North American Network Operators' Group
Rep : YouTube IP Hijacking
daemon@ATHENA.MIT.EDU (Jean-Michel Planche)
Mon Feb 25 10:57:18 2008
From: Jean-Michel Planche <jmp@witbe.net>
To: nanog@merit.edu
Date: Mon, 25 Feb 2008 16:28:04 +0100
Errors-To: owner-nanog@merit.edu
--Apple-Mail-37-160301376
Content-Type: text/plain;
charset=WINDOWS-1252;
format=flowed;
delsp=yes
Content-Transfer-Encoding: quoted-printable
>If someone comes up with the anti-mistake routing protocol ...
We could try to invent more idiot proof protocols, but the more =20
control (and centralization), the more it will be "a kind of =20
Internet". Not sure the founding principles and factors that made the =20=
Internet successful would resist anymore.
Anyhow, you can think all you want about security, such as Apple with =20=
its concept of his locking iPhone, but you can=92t anticipate the =20
unexpected, like the =91jailbreaker=92 success ... and peoples acting on =
=20
their routers with their feet and not with their brain and their hands.
It's the nature of Internet technology: something could always fail =20
and the ability to prepare for the unexpected is one of the reason why =20=
it works and is so scalable. It's also why "best effort" / "real =20
knowledge" / education are better approaches than searching for yet =20
another killer secure protocol. But maybe I'm a dreamer :-))
Anyhow, I=92m not saying that nothing can be done. I can see at least =20=
two possibilities:
1/ What measures can be taken to prevent such things from =20=
happening and great discussion about it on the list.
2/ How can we take a more proactive approach and be =20
informed of such incidents as soon as they occur and not after the =20
first customer complaint
On first issue,a lot to do ... If =91best effort=92 is something that =20=
always exist in the today business world, I think we=92ll arrive at an =20=
equilibrium without waiting for geni.net (certainly good) answers.
On second issue, there are plenty of possibilities and it's not =20
difficult now to be informed to the minute when "big destination / AS" =20=
seems to be in trouble.
FYI, just see:
a very interesting TCP traceroute yesterday, during the =20
"mistake" on Youtube (seen from our system / AS15436 on US East =20
coast, Europe (Paris and London)
=
http://www.flickr.com/photos/jmplanche/2291442426/
=
http://www.flickr.com/photos/jmplanche/2290636351/=20
: routing changed
=
http://www.flickr.com/photos/jmplanche/2290636277/=20
: Youtube.com unreachable
=
http://www.flickr.com/photos/jmplanche/2290636131/=20
: very interesting, there is an abnormally high response time, just =20=
before severe breakdown. Is Pakistan trying to announce more and more =20=
Youtube address and less and less Youtube servers available to answer ?
=
http://www.flickr.com/photos/jmplanche/2291429544/=20
: not the same "overload" just before crash as seen from FR and UK : =
http://www.flickr.com/photos/jmplanche/2291429414/
-----------------------------
Jean-Michel Planche =
blog: http://www.jmp.net
Chairman and co-founder Witbe web : =
http://www.witbe.net
Follow me =
http://www.twitter.com/jmplanche
-------------------------------------------
2.0 Monitoring : relevant End to End monitoring for critical app. and =20=
carrier class services=
--Apple-Mail-37-160301376
Content-Type: text/html;
charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
<html><body style=3D"word-wrap: break-word; -webkit-nbsp-mode: space; =
-webkit-line-break: after-white-space; "><div>><span =
class=3D"Apple-style-span" style=3D"font-family: 'Times New Roman'; =
font-size: 16px; "><span class=3D"apple-style-span"><font size=3D"1" =
color=3D"black" face=3D"Helvetica"><span lang=3D"EN-GB" =
style=3D"font-size: 8pt; font-family: Helvetica; color: black; "><span =
style=3D"orphans: 2; widows: 2; -webkit-border-horizontal-spacing: 0px; =
-webkit-border-vertical-spacing: 0px; =
-webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: =
auto; -webkit-text-stroke-width: 0px; word-spacing: 0px; ">If someone =
comes up with the anti-mistake routing protocol =
...</span></span></font></span></span></div><div><div><div>We could try =
to invent more idiot proof protocols, but the more control (and =
centralization), the more it will be "a kind of Internet". Not sure the =
founding principles and factors that made the Internet successful would =
resist anymore.</div><div>Anyhow, you can think all you want about =
security, such as Apple with its concept of his locking iPhone, but you =
can=92t anticipate the unexpected, like the =91jailbreaker=92 success =
... and peoples acting on their routers with their feet and not with =
their brain and their hands.</div><div>It's the nature of Internet =
technology: something could always fail and the ability to prepare =
for the unexpected is one of the reason why it works and is so scalable. =
It's also why "best effort" / "real knowledge" / education are better =
approaches than searching for yet another killer secure protocol. But =
maybe I'm a dreamer =
:-))</div><div> </div><div> </div><div>Anyhow, I=92m not =
saying that nothing can be done. I can see at least two =
possibilities:</div><div> &=
nbsp; 1/ What measures can be taken to prevent such things =
from happening and great discussion about it on the =
list.</div><div> &nbs=
p; 2/ How can we take a more proactive approach and be informed of =
such incidents as soon as they occur and not after the first customer =
complaint</div><div> </div><div>On first issue,a lot to do ... If =
=91best effort=92 is something that always exist in the today business =
world, I think we=92ll arrive at an equilibrium without waiting for =
geni.net (certainly good) answers.</div><div> </div><div>On second =
issue, there are plenty of possibilities and it's not difficult now to =
be informed to the minute when "big destination / AS" seems to be in =
trouble. </div><div> </div><div>FYI, just =
see: </di=
v><div> =
a very interesting TCP traceroute yesterday, during the "mistake" on =
Youtube (seen from our system / AS15436 on US East coast, Europe =
(Paris and =
London)</div><div> &n=
bsp; &nbs=
p; <a =
href=3D"http://www.flickr.com/photos/jmplanche/2291442426/">http://www.fli=
ckr.com/photos/jmplanche/2291442426/</a></div><div>  =
; &=
nbsp; <a =
href=3D"http://www.flickr.com/photos/jmplanche/2290636351/">http://www.fli=
ckr.com/photos/jmplanche/2290636351/</a> : routing =
changed</div><div> &n=
bsp; &nbs=
p; <a =
href=3D"http://www.flickr.com/photos/jmplanche/2290636277/">http://www.fli=
ckr.com/photos/jmplanche/2290636277/</a> : Youtube.com =
unreachable</div><div> =
<a =
href=3D"http://www.flickr.com/photos/jmplanche/2290636131/">http://www.fli=
ckr.com/photos/jmplanche/2290636131/</a> : very interesting, there =
is an abnormally high response time, just before severe breakdown. =
Is Pakistan trying to announce more and more Youtube address and less =
and less Youtube servers available to answer =
?</div><div> &n=
bsp; &nbs=
p; <a =
href=3D"http://www.flickr.com/photos/jmplanche/2291429544/">http://www.fli=
ckr.com/photos/jmplanche/2291429544/</a> : not the same "overload" =
just before crash as seen from FR and UK : <a =
href=3D"http://www.flickr.com/photos/jmplanche/2291429414/">http://www.fli=
ckr.com/photos/jmplanche/2291429414/</a></div><div> </div><div> =
</div><div =
apple-content-edited=3D"true"><div><div><br><br>--------------------------=
---<br>Jean-Michel Planche<span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span><span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span><span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span><span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span><span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span><span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span><span class=3D"Apple-tab-span" =
style=3D"white-space: pre; "> </span>blog: <a =
href=3D"http://www.jmp.net/">http://www.jmp.net</a><br>Chairman and =
co-founder Witbe<span class=3D"Apple-tab-span" style=3D"white-space: =
pre; "> </span><span class=3D"Apple-tab-span" style=3D"white-space: pre; =
"> </span><span class=3D"Apple-tab-span" style=3D"white-space: pre; =
"> </span><span class=3D"Apple-tab-span" style=3D"white-space: pre; =
"> </span>web : <a =
href=3D"http://www.witbe.net/">http://www.witbe.net</a><br>Follow =
me<span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><span class=3D"Apple-tab-span" style=3D"white-space: pre; "> =
</span><a =
href=3D"http://www.twitter.com/jmplanche">http://www.twitter.com/jmplanche=
</a><br>-------------------------------------------<br>2.0 Monitoring : =
relevant End to End monitoring for critical app. and carrier class =
services</div></div></div></div></div></body></html>=
--Apple-Mail-37-160301376--
