Slashdot Mirror

angry tapir writes "A change in Internet traffic patterns over the past week suggests that Cuba may have turned on a fiber-optic submarine cable that links it to the global Internet via Venezuela. Routing analyst firm Renesys noticed that the Spanish telecommunications company Telefónica began routing Internet traffic to Cuba's state telecommunications company, Empresa de Telecomunicaciones de Cuba S.A. (ETECSA). The Internet traffic is flowing with significantly lower latencies than before, indicating the connection is not solely using the three satellite providers that Cuba has relied on in the past for connectivity."

Nerval's Lobster writes "A massive outage knocked Syria's Internet offline Nov. 29 — with the exception of five servers implicated in serving malware earlier this year. But the next day, those five servers went dark as well. Internet analytics firm Renesys suggested late Nov. 29 that those five servers were likely offshore. 'Now, there are a few Syrian networks that are still connected to the Internet, still reachable by traceroutes, and indeed still hosting Syrian content,' the company wrote in a blog post. 'These are five networks that use Syrian-registered IP space, but the originator of the routes is actually Tata Communications. These are potentially offshore, rather than domestic, and perhaps not subject to whatever killswitch was thrown today within Syria.' By the morning of Nov. 30, those five servers went offline. 'The last 5 networks belonging to Syria, a set of smaller netblocks previously advertised by Tata Communications, have been torn down and are no longer routed,' Renesys wrote." CloudFlare has a blog post confirming that the Syrian government was responsible for flipping the switch, contrary to their claims. Meanwhile, Anonymous has started targeting the Syrian government's remaining websites and helping to get communications channels flowing out of Syria. Google is reminding people of its Speak2Tweet service, which lets people post to Twitter through voicemail over still-functioning phone lines.

hypnosec writes "Amidst the ongoing civil war, Syria has gone off the Internet as of a few hours ago, with all the 84 IP block within the country unreachable from the outside. Renesys, a research firm keeping tabs on the health of the Internet, reported at about 5:25 ET that Syria's Internet connectivity has been shut down. The internet traffic from outside to Syrian IP addresses is going undelivered, and anything coming from within the country is not reaching the Internet. Akamai has tweeted that its traffic data supports what Renesys has observed." Reader trickstyhobbit adds a report from Slate that the connection "appear[s] to have been knocked off line by heavy fighting earlier this morning. They are also reporting that the shutdown may have been intentional to aid in a government operation."

CWmike writes "In what appears to be the latest bid by a government to throttle access to news and information amid growing civil unrest, the Syrian government Friday shut down all Internet services. Internet monitoring firm Renesys reported that starting around 7 a.m. EDT today, close to two-thirds of all Syrian networks were suddenly unreachable from the global Internet. In just 30 minutes, routes to 40 of 59 Syrian networks were withdrawn from the global routing table, Reneys' chief technology officer James Cowie said in a blog post. The shutdown has affected all of SyriaTel's 3G mobile data networks as well as several of the country's ISPs, such as Sawa, INET and Runnet. Also down are the Damascus city government page and the customs web site. The only networks that appear to be somewhat reachable are a handful of government-owned networks such as one belonging to Syria's Oil Ministry, Cowie noted. 'We don't know yet how the outage was coordinated, or what specific regions or cities may be affected more than others,' Cowie wrote. 'If Egypt and Libya are any guide, one might conclude that events on the street in Syria are reaching a tipping point.'"

davidwr writes "Japanese internet outages mostly healed themselves within hours. While some cables remain out, most computers that lost connectivity have it again. From James Cowie's blog: 'The engineers who built Japan's Internet created a dense web of domestic and international connectivity that is among the richest and most diverse on earth, as befits a critical gateway for global connectivity in and out of East Asia. At this point, it looks like their work may have allowed the Internet to do what it does best: route around catastrophic damage and keep the packets flowing, despite terrible chaos and uncertainty.' Let's hear it for redundancy and good planning." Reader Spy Handler points out another article about how redundancy and good planning are preventing disaster at Japan's troubled nuclear reactors, despite media-fueled speculation and panic to the contrary.

CWmike writes "Egypt is now off the grid. Four days after the Egyptian government ordered Internet service providers to disconnect from the Internet, the country's last working Internet company has abruptly vanished from cyberspace. Noor Group, a small service provider that hosted Internet connections for the country's stock exchange and other businesses, became completely unreachable at around 10:46 p.m. Cairo time (Eastern European Time), according to Earl Zmijewski, general manager with Internet monitoring company Renesys. 'It looks like they're completely lights-out now,' he told IDG News' Robert McMillan. Thought to handle only about 8 percent of the country's Internet connections, Noor had served as a critical lifeline to Egypt since the government had ordered service cut early Friday morning. Nobody is sure how Noor was able to keep operating, even as larger ISPs such as Vodafone and Telecom Egypt voluntarily cut their Egyptian networks off from the rest of the world." To help with this, engineers from Google, Twitter and SayNow have rolled out a "speak-to-tweet" service, which lets people dial in to an international phone number, leave a voice mail, and have the audio file made available online via an automated Twitter update.

Trailrunner7 writes "China has long used the Internet's Domain Name Service to censor Web sites and information that the ruling Communist Party deems threatening. But now security experts warn that the government's censorship is in danger of spilling over China's borders, suppressing the ability of those living outside of China to find information online. An estimated 57% of all networks on Earth passed DNS requests through a Chinese DNS rootserver at some point in 2010, according to data from security firm Renesys. Tampering by the Communist Party there poses a danger to Internet security and freedom. In fact, DNS tampering may be a bigger threat than techniques like BGP (Border Gateway Protocol) hijacking, which is believed to be responsible for an unexpected shift in Internet routing in April that has recently been the subject of mainstream media reports in the US. There is already evidence that China's efforts to tamper with DNS have bled outside the country's borders. The same report to Congress from the US-China Economic and Security Review Commission that called attention to the BGP hijacking incident from April, 2010 also mentions a March, 2010 incident in which Internet users in the US and Chile attempted to connect to social networking websites banned by the Chinese government. However, their DNS requests were handled by a Beijing-based Domain Name Server, which responded with incorrect DNS information that directed the surfers to incorrect servers, the report says."

Barlaam writes "Renesys describes new evidence that the Iranian national telecommunications provider, DCI, is selling (uncensored?) Internet connectivity to customers in neighboring Iraq and Afghanistan. 'The Internet connectivity outreach that we now see in the global routing tables seems like continuing evidence of Iran's long-term strategy: aggressively pursuing bilateral infrastructure and investment projects with its neighbors, in ways that will increase Iran's regional influence after the Americans have moved on.'"

We've had a few readers send in updates on the chaotic post-election situation in Iran. Twitter is providing better coverage than CNN at the moment. There are both tech and humanitarian angles to the story, as the two samples below illustrate. First, Hugh Pickens writes with a report from The Times (UK) that "the Iranian government is mounting a campaign to disrupt independent media organizations and Web sites that air doubts about the validity of the re-election of Mahmoud Ahmadinejad as the nation's president. Reports from Tehran say that social networking sites such as Facebook and Twitter were taken down after Mr Ahmadinejad claimed victory. SMS text messaging, a preferred medium of communication for young Iranians, has also been disabled. 'The blocking of access to foreign news media has been stepped up, according to Reporters Without Borders. 'The Internet is now very slow, like the mobile phone network. YouTube and Facebook are hard to access and pro-reform sites... are completely inaccessible.'" And reader momen abdullah sends in one of the more disturbing Ask Slashdots you are likely to see. "People, we need your urgent help in Iran. We are under attack by the government. They stole the election. And now are arresting everybody. They also filtered every sensitive Web page. But our problem is that they also block the SMS network and are scrambling satellite TVs. Please, can you help us to set up some sort of network using our home wireless access points? Can anybody show us a link on how to install small TV/radio stations? Any suggestion for setting up a network? Please tell us what to do or we are going to die in the a nuclear war between Iran and US." Update: 06/14 18:32 GMT by KD : Jim Cowie contributes a blog post from Renesys taking a closer look at the state of Iranian Internet transit, as seen in the aggregated global routing tables, and concluding that the story may not be as clear-cut as has been reported.

We've had a few readers send in updates on the chaotic post-election situation in Iran. Twitter is providing better coverage than CNN at the moment. There are both tech and humanitarian angles to the story, as the two samples below illustrate. First, Hugh Pickens writes with a report from The Times (UK) that "the Iranian government is mounting a campaign to disrupt independent media organizations and Web sites that air doubts about the validity of the re-election of Mahmoud Ahmadinejad as the nation's president. Reports from Tehran say that social networking sites such as Facebook and Twitter were taken down after Mr Ahmadinejad claimed victory. SMS text messaging, a preferred medium of communication for young Iranians, has also been disabled. 'The blocking of access to foreign news media has been stepped up, according to Reporters Without Borders. 'The Internet is now very slow, like the mobile phone network. YouTube and Facebook are hard to access and pro-reform sites... are completely inaccessible.'" And reader momen abdullah sends in one of the more disturbing Ask Slashdots you are likely to see. "People, we need your urgent help in Iran. We are under attack by the government. They stole the election. And now are arresting everybody. They also filtered every sensitive Web page. But our problem is that they also block the SMS network and are scrambling satellite TVs. Please, can you help us to set up some sort of network using our home wireless access points? Can anybody show us a link on how to install small TV/radio stations? Any suggestion for setting up a network? Please tell us what to do or we are going to die in the a nuclear war between Iran and US." Update: 06/14 18:32 GMT by KD : Jim Cowie contributes a blog post from Renesys taking a closer look at the state of Iranian Internet transit, as seen in the aggregated global routing tables, and concluding that the story may not be as clear-cut as has been reported.

Barlaam writes "A bug by router vendor A (omitting a range check from a critical field in the configuration interface) tickled a bug from router vendor B (dropping BGP sessions when processing some ASPATH attributes with length very close to 256), causing a ripple effect that caused widespread global routing instability last week. The flaw lay dormant until one of vendor A's systems was deployed in an autonomous system whose ASN, modulo 256, was greater than 250. At that point, the Internet was one typo away from disaster. Other router vendors, who were not affected by the bug, happily propagated the trigger message to every vulnerable system on the planet in about 30 seconds. Few people appreciate how fragile and unsecured the Internet's trust-based critical infrastructure really is — this is just the latest example." Vendor A, in this case, is a Latvian router vendor called MikroTik.

Barlaam notes a post from the Renesys Blog which follows up on news they discussed a couple weeks ago about the 'identity theft' of a root name server. To emphasize the issue of safeguarding such a system, they've now posted an explanation of exactly how the situation could be exploited. "It shouldn't be too hard to see that you could end up answering every DNS query from an organization that came to you for an updated list of root name servers. Every one. And you might end up doing this for a very long time, especially if your answers were largely correct. An attack like this would have no resemblance to the YouTube hijack, where the entire planet gets a blank page and it's immediately apparent that something isn't right. Obvious events like this will continue to occur, and we'll continue to resolve them relatively quickly. But as this incident demonstrates, DNS hijacks are far less obvious and potentially far more harmful."

aos101 writes "The Renesys blog has an interesting story about networks advertising the old address space of the L root name server after ICANN changed the IP address last November. These networks were also running root name servers on the old IP address of the L root name server up until last week, so any DNS servers still using the old IP address might have been getting their answers from these bogus name servers. A very cursory examination by Renesys of one of these bogus servers found that it appeared to be providing correct responses, which might be why no one noticed the problem. As Renesys points out, the volume of traffic to a root server is staggering, so the people running these bogus root servers must have had a reason. What did they get out of it?"

tmu writes "According to a recent press release, the Linux 2.4 and 2.6 kernels are free of any code that violate copyrights. OSRM, the new startup formed by Daniel Egger and including groklaw founder Pamela Jones, completed a 6-month review of all code in both kernels. They must be pretty confident of the results, because they're offering product liability insurance to both developers and users."

An anonymous reader writes "Renesys (the people who previously brought you cool animated graphs of the US/Canada power outage has a new report out. It challenges the widely held belief that the Internet was largely unaffected by the power outage. Lots of important networks lost connectivity, including banks, hospitals, government organizations and investment funds. There's a cool appendix on the huge Italian power outage in September as well. They conclude that the Internet is not ready to be critical infrastructure."

An anonymous reader writes "Renesys (the people who previously brought you cool animated graphs of the US/Canada power outage has a new report out. It challenges the widely held belief that the Internet was largely unaffected by the power outage. Lots of important networks lost connectivity, including banks, hospitals, government organizations and investment funds. There's a cool appendix on the huge Italian power outage in September as well. They conclude that the Internet is not ready to be critical infrastructure."

An anonymous reader writes "Renesys put together a special report on the effects of the recent blackout on routing and network reachability on the Internet. It includes a cool animation of networks dropping off the internet (presumably as a result of the power outage). It is interesting to see how localized some of the outage was--networks in New York state right up to the Vermont border go dark while everything on the other side of the border is quiet. New York City obviously gets clobbered."

An anonymous reader writes "Renesys put together a special report on the effects of the recent blackout on routing and network reachability on the Internet. It includes a cool animation of networks dropping off the internet (presumably as a result of the power outage). It is interesting to see how localized some of the outage was--networks in New York state right up to the Vermont border go dark while everything on the other side of the border is quiet. New York City obviously gets clobbered."

An anonymous reader writes "Renesys put together a special report on the effects of the recent blackout on routing and network reachability on the Internet. It includes a cool animation of networks dropping off the internet (presumably as a result of the power outage). It is interesting to see how localized some of the outage was--networks in New York state right up to the Vermont border go dark while everything on the other side of the border is quiet. New York City obviously gets clobbered."

James Cowie writes: "Fresh analysis here indicates that worm propagation periods correlate very strongly with global BGP routing instability, as measured by sustained exponential increases in the number of prefix announcements and withdrawals seen in BGP message traces."

James Cowie writes: "Fresh analysis here indicates that worm propagation periods correlate very strongly with global BGP routing instability, as measured by sustained exponential increases in the number of prefix announcements and withdrawals seen in BGP message traces."