Slashdot Mirror
China's Great Firewall Infects Other Countries
angry tapir writes "A networking error has caused computers in Chile and the US to come under the control of the Great Firewall of China, redirecting Facebook, Twitter, and YouTube users to Chinese servers. Security experts are not sure exactly how this happened, but it appears that at least one ISP recently began fetching high-level DNS information, from what's known as a root DNS server, based in China. That server, operated out of China by Swedish service provider Netnod, returned DNS information intended for Chinese users, effectively spreading China's network censorship overseas."
Misconfiguration of resolv.conf does not put China's firewall in your way. Add yourself to the tool belt.
Which, proves the point that perhaps China should not be allowed to have any DNS root servers.
I would say that if a DNS server does not return the same information as all other root servers in the world that it should not be allowed to be a root server.
Your rampant racism not withstanding, that was an idiotic post.
China cannot 'take our DNS down'. In worst case scenario, the world would just disconnect from China if that were to happen.
Have they ever?
Also, the internet routes around censorship? Ooops....
LedgerSMB: Open source Accounting/ERP
Now will somebody tell them to keep their sh*t for them? Or are we too weak to talk frankly to Chinese authorities?
Well, I suppose it pays to talk real sweet to a country that pretty much owns us now.
American Third Position
Finally, a real choice!
Well, that's assuming that the ISP actually made that configuration. There are a number of other possibilities (Such as someone hacked those servers, someone silently redirect queries from the actual root server to the China one, etc). Regardless of how the issue came about, the fact that China had those systems in place makes them at least partially responsible (not from a legal perspective, but from a philosophical one) for people not reaching their destination...
If a man isn't willing to take some risk for his opinions, either his opinions are no good or he's no good
Except that the Chinese government would be perfectly happy to be cut off from the rest of the Internet. If we cut them off, they can just blame it on the US and claim they've done nothing to censor anything. You'd be giving them exactly what they wanted.
Everything I say is a lie. Except that... and that... and that, and that, and that, and that... and that.
Not really surprising, because the root DNS servers are not yet all signed with DNSSEC and Verisign is dragging its heels when it comes to implementing DNSSEC in the .com domain. Apparently there isn't much real-world use for DNSSEC. Nice to have a concrete counter-example - thanks China.
I am TheRaven on Soylent News
China can have all the root servers they want - just don't configure your server to poll them.
Actually China is demonstrably incapble of having any working root servers at all. A DNS server that returns incorrect information is not a "root" server, if by "root" you mean "authoritative source of DNS information that resolves domain names properly."
It's really too bad that China is incapable of hosting DNS root servers. Hopefully by the end of the 21st century China will be a little less backward and isolated from the rest of the world, which would benefit greatly from interaction with so many people from such diverse cultural and political backgrounds.
Blasphemy is a human right. Blasphemophobia kills.