Slashdot Mirror

← Back to Stories (view on slashdot.org)

Claims About China's April Internet Hijack Are Overblown

Posted by Soulskill on from the as-are-most-things dept.

sturgeon writes "Yesterday, we discussed what most of the world's major media outlets were reporting on China's April 2010 hijack of '15% of Internet traffic,' including sensitive US government and defense sites. The alarm came following a US Government report (see page 244) on China / US economic and security relations released on Tuesday. Unfortunately, few bothered with fact checking or actually reading the report. The actual study never makes any estimate of Internet traffic diverted during the hijack — it only cites a blog post to suggest large volumes of traffic were involved. And curiously, the cited blog at the heart of the report never mentions traffic at all — only routes. You have to go to an interview with a third-party security researcher in a minor trade magazine to first come up with the 15% number (and this article never explains where the number came from). In a review of real data and actual facts, Arbor Nework's Craig Labovitz has a blog post looking at the traffic volumes involved in the incident (only a couple of Gigabits per second, or a 'statistically insignificant' percentage of Internet traffic)."

60 of 78 comments (clear)

  1. Only more Evidence by x1n933k · · Score: 4, Insightful

    That there are fewer and fewer journalist. Now there are only people posting thoughtless articles with little merit in order to entertain and draw traffic/viewers to a web site or channel.

    [J]

    1. Re:Only more Evidence by thijsh · · Score: 1

      Hello Rupert is that you?

      But seriously, this is what old media claims time and time again, but the quality of their reporting is just as abysmal. A few original well researched pieces aside (I treasure those) every news item is either some unchecked internet hearsay or a rehash or an ANP newsitem (which is by the way used just as well on the internet).

    2. Re:Only more Evidence by TheLink · · Score: 3, Interesting

      What I'm very curious about is the claim that "the Chinese government holds a copy of an encryption master key" that a few of these "old media" made:

      http://www.telegraph.co.uk/news/worldnews/asia/china/8142267/China-hijacks-15-per-cent-of-worlds-internet-traffic.html

      http://www.nytimes.com/2010/11/18/world/asia/18intel.html

      --
    3. Re:Only more Evidence by Anonymous Coward · · Score: 1, Insightful

      Yet, this is what you demand in political journalists. If they don't praise Obama, or fail to ignore it when he talks about the 54 states, you rant and pull out the pitchforks and torches.

      What do you expect to end up with when you shut down all opposing views. Politics is the news leader, and when you screw that up enough, why should you expect the rest of the media to act any differently? You don't want facts, you want a happy meal with apple pie.

    4. Re:Only more Evidence by thijsh · · Score: 3, Insightful

      Excellent example of non-technical journalism which blindly copies something without understanding it or looking in to it. I can already imagine them reading something about some master key to decrypt communication, and the Chinese also have a master key, so they put 2 and 2 together and think that the Chinese can decrypt anything... Don't bother checking facts, FUD sells!

      There are certain keywords to look for to know if the journalist knows what he/she is talking about (regardless of subject). Note: "there was speculation that ... " == "we're making this shit up as we go along, but try to cover our weasel asses"

    5. Re:Only more Evidence by delinear · · Score: 1

      Indeed, the only real difference between online and offline is that offline is a day late (and has the chance to crib people's comments for extra misinformation fuel to pour onto the fire). I would pay good money for a reliable, independent, fact-checking news source at this point, but I suspect there are too few others who would do the same that the cost would be prohibitive.

    6. Re:Only more Evidence by thijsh · · Score: 1

      I have the best of both, I pay good money for a newspaper subscription which gives me an online newsfeed of articles (with e-mail notification of important news) as well as the weekend newspaper. While the quality of news may decline the few good original researched articles in the newspaper are still wort it for me.

    7. Re:Only more Evidence by pedrop357 · · Score: 1

      Please. The old guard outlets are guilty of the same exact thing. Look at any "mainstream" print media's coverage of Four Loko for proof.

    8. Re:Only more Evidence by pedrop357 · · Score: 2, Insightful

      This panic over misinformation could be useful when discussing encryption and the clipper chip proposals of the mid 90s and the newer escrow law proposals.

      If the government were to mandate a back door, there would effectively be a master key that could be leaked, requiring a complete digital "changing of the locks" every time the key were suspected of being compromised.

    9. Re:Only more Evidence by poetmatt · · Score: 1

      have you never read fark?

      believe it or not, as much as their headlines are funny sometimes and generally sarcastic, they and reddit and a number of sites tend to debunk bad fact checking quite often.

    10. Re:Only more Evidence by Combatso · · Score: 2, Funny

      yeah, I miss the good old days of... uhm.. Murphy Brown?

    11. Re:Only more Evidence by lobotomir · · Score: 1

      I guess this is the right time to forecast that, once again, quality information is going to cost money?

    12. Re:Only more Evidence by x1n933k · · Score: 1

      Actually no, I don't expect this of political journalists at all, especially in regards to Obama since I'm not American.

      There is a less political example of this type of situation involving Steve Wozniak being mis-quoted by a Dutch tabloid newspaper.

      I disagree that Politics is the news leader, but it is the drama that is created to make it a news leader that the mindless are drawn to. My comment was about research and merit that lacks in modern, mainstream journalism. Politicians making extremes back and forth is only a part of the problem.

      [J]

    13. Re:Only more Evidence by countertrolling · · Score: 1

      What would make you think it's any worse now? Yellow journalism has a long glorious history. It has propped up the drug war for 80 years. By shaping a complacent, submissive public's opinion, it serves the government agenda quite well. Sorry, nothing new to see here. It's the same as it ever was.

      --
      For justice, we must go to Don Corleone
    14. Re:Only more Evidence by mysidia · · Score: 1

      The problem is with the traditional media like newspapers... you pay money but a long time ago, they realized that it's less expensive to produce lower quality info, so you pay and still get low quality info; they earn their costs from the advertising, and the reduction in costs due to lower quality info (few quality controls) is pure profit.

      "High quality info" is such a niche market nowadays, that you would have to pay a lot just for the privilege of something that apparently very few people demand and can recognize when they don't get it.

  2. It's not the 15% that mattered by goombah99 · · Score: 3, Insightful

    THe 15% number was just an eye grabber. The point is if a foreign government can redirect even a few messages that it chooses it is not good. Simply doing traffic analysis on the state department will alert people to crises. (they already do that with pizza deliveries to the whitehouse). I'd like to hear more abouthow it's done. is it some sort of DNS poisoning or publishing misleading ford-bellman shortest path info or rARP spoofing?

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:It's not the 15% that mattered by FliesLikeABrick · · Score: 4, Informative

      BGP prefix hijacking
      http://en.wikipedia.org/wiki/IP_hijacking

      the 15% number came from the number of prefixes hijacked, not the actual amount of data (as TFA says here)

    2. Re:It's not the 15% that mattered by gsslay · · Score: 3, Insightful

      The point is if a foreign government can redirect even a few messages that it chooses it is not good.

      So if it wasn't a foreign government it would be ok? Remember, all governments are foreign to some of us.

  3. Inconceivable!!! by unjedai · · Score: 1, Troll

    What?!!! A Slashdot summary was wrong? A sensationalist headline was wrong? No one did any fact checking?!!!! Inconceivable!

    This is why Slashdot (News for Nerds) is "news" like Fox News is "news" - it's not. There's no journalistic ethics applied. It's entertainment and maybe occasionally informational.

    1. Re:Inconceivable!!! by pitchpipe · · Score: 3, Insightful

      This is why Slashdot (News for Nerds) is "news" like Fox News is "news" - it's not.

      Maybe. But you'll never see a correction to an overblown sensationalist headline that Fox News put out hit the front page of foxnews.com. That's the difference.

      --
      Look where all this talking got us, baby.
    2. Re:Inconceivable!!! by bsDaemon · · Score: 2, Insightful

      Cowboy Neal also cries fewer Crisco tears into his Golden Grams in public than Glen Beck does. That's another (pretty big) difference.

    3. Re:Inconceivable!!! by Sponge+Bath · · Score: 1

      Crisco tears into his Golden Grams

      I failed to make sense of this even with an internet search, can you translate for me?

    4. Re:Inconceivable!!! by ginbot462 · · Score: 1

      I think it is about how Crisco creates a flakier crust (just don't over mix).

      --
      Atlas Shrugged : Thematic Story :: Battlefield Earth : Organized Religion
    5. Re:Inconceivable!!! by Aighearach · · Score: 1

      Impossible, there has to be some way to reconsider what was said to create some light in which it is true. This is slashdot, it can't contain incorrect information. Never has, never will.

    6. Re:Inconceivable!!! by bsDaemon · · Score: 1

      Fat people would cry/sweat Crisco which is a common shortning agent used in making high-fat content foods such as some cakes and cookies. It's a fat joke.

    7. Re:Inconceivable!!! by Sponge+Bath · · Score: 1

      That's comforting, I thought it might be a reference to Glenn Beck's sexual practices involving his puppets.

  4. Not to mention TCP connections would break by Anonymous Coward · · Score: 4, Informative

    Open TCP connections would die when the prefixes were blackholed anyway, and new ones wouldn't establish. It is likely that very little data would actually be exposed, and would mostly come from push-type feeds which use UDP or some other type of data that never needs to be acknowledged. I agree this sounds extremely overblown. This just sounds like another unintentional BGP hijack, not some well-orchestrated event where data was captured. Not to mention that the barriers to using BGP to proxy traffic are much higher than simply blackholing with BGP

    http://mailman.nanog.org/pipermail/nanog/2010-November/027839.html describes it

    1. Re:Not to mention TCP connections would break by Monkeedude1212 · · Score: 1

      You'd think if they wanted to capture some sensitive data they could employ some of the normal methods like trying to gain access to a specific system - or at least planting some form of promiscuous reciever/interceptor so they wouldn't get caught within a few minutes.

    2. Re:Not to mention TCP connections would break by mysidia · · Score: 1

      Open TCP connections would die when the prefixes were blackholed anyway, and new ones wouldn't establish

      Perhaps you are assuming they wouldn't have done one of two things.... (1) maintain the TCP connection by forging acknowledgements. Or (2) drop captured packets off somewhere else on the internet, via tunnels placed strategically to ensure the packet reached its ultimate destination. If they did this, the TCP connections would just experience higher latency, the programs at the endpoints would have no way of knowing the connection was being tapped.

  5. I for one ... by Rato+Ruter · · Score: 1, Funny

    ... welcome our new chinese overlords

    1. Re:I for one ... by ginbot462 · · Score: 1

      ... welcome our new chinese overlords

      I would wait an hour before making that statement.

      --
      Atlas Shrugged : Thematic Story :: Battlefield Earth : Organized Religion
  6. As with most by jav1231 · · Score: 1, Interesting

    As with most reports, there's often more to it than is reported and often less. I don't think this gets China "off the hook," though. I'm not a fan of our open relations with China going back years. It's one of the inconsistencies in U.S. foreign policy that irks me. OTOH, I'm not one who thinks "live and let live" extends to governments who have serious human rights concerns. But I digress.

    I would be surprised that the government was letting sensitive data from military branches route out unencrypted. Let me quantify. Do I think that it's incompetent enough to let data get rerouted? Yes. But the report cites the major military branches. This makes me wonder if there isn't some propaganda at work. It could have been information but it could have been misinformation. Lay the dollar on the table and you find out how honest your friends are while you're in the bathroom.

    1. Re:As with most by shentino · · Score: 1

      I think that china's ballsy move with rare earths is a power play to say "don't fuck with us"

    2. Re:As with most by sgt_doom · · Score: 1
      "I'm not a fan of our open relations with China going back years."

      Hold it! Are you trying to suggest there's something wrong with sending a Chinese female citizen to the labor camp for re-tweeting a joke?

      Or that using the dead bodies of enslaved political dissidents, after their murders, as a money-making scheme called "The Bodies Exhibit" which the running dogs of capitalism will pay to eat up, is somehow amoral?

      We are brothers.....

  7. Re:heh by interkin3tic · · Score: 5, Funny

    I certainly didn't. When I saw TFA was from "foxnews.com" I thought "This is going to be entirely reasonable and free of any fear-mongering."

  8. Looks like a job for DHS... by bsDaemon · · Score: 1

    Maybe one of the new regulations that they mandate should be BGP route origin validation and proper response (filtering the announcement of the specific route in preference of a route with a valid origin bit)?

  9. Not surprising at all by GPLHost-Thomas · · Score: 3, Insightful

    You don't know how many times I have read that all spams are coming from China when they in fact come from USA. I've heard countless times French right wingers saying that France cannot compete with China because of their small work taxes, when in fact taxes in China are sometimes higher than in France. This is just an example. Here, we have more than 30% of the WORLD TRAFFIC that is hijacked by USA absolutely 100% of the time, and with NSA doing deep packet inspection (and not even hiding to do so). Medias in USA should look at their own gov. with suspicion rather than saying bullshit about others without checking!

    1. Re:Not surprising at all by BrokenHalo · · Score: 1, Insightful

      You don't know how many times I have read that all spams are coming from China when they in fact come from USA.

      This (in my experience) is true. I haven't quantified this figure very recently (I have more useful ways to spend my time, since my anecdotal impression is unchanged), but last time I checked the proportion was over 98%.

      However, the Chinese take the prize in the number of scam sites. I apologise in advance if the following comes across as racist, but sometimes it seems almost as if there is some wide and deep-seated national streak of dishonesty that they have to feed in order to validate their existence. I never cease to find it scary that our governments and larger corporations all fall over themselves scrambling to do business with the Chinese when they keep showing us, time and again, that they are not to be trusted.

    2. Re:Not surprising at all by thijsh · · Score: 1

      Really 30%? Wow, that's more than I thought... Do you have a source for that traffic statistic? Not that I don't believe it, I just want to repeat bullshit without checking facts like you illustrated. :)

    3. Re:Not surprising at all by GPLHost-Thomas · · Score: 1

      Tsss... I'll take that as humor. But just in case anyone think you are serious, let me show my reasoning.

      I can't remember exactly where I could read it, but I did read that there was 30% of all Internet traffic going by California alone. I wonder how that was in fact checked, but had all the reasons in the world to believe it. Now, I wrote "USA" because I thought it was very difficult to check for geographic locations of routes. But that's not it: I do check for it very often myself. I in fact believe that 30% is very under-estimated, not only because of that thing that I read online, but simply because I very often use traceroute (in fact, I use mtr) to check for my servers (my company has many points of presence all around the world). And to date, I can't remember a single time where traffic from Asia-Pacific isn't going through USA to reach Europe !!!

      So, I'm not even using a 3rd party, I know because I use Internet! Unless all these reverse DNS entries are fake (which would be strange: what network provider isn't willing to advertise about himself?), all traffic really IS going by USA. Now, consider this: there's a lot of Internet users in Asia, which very often are reaching sites in America (the continent...), Europe and other places. That alone is a reassurance that 30% isn't at all unbelievable. Then compare this to how much traffic is actually going BY China (in order to reach another destination), see the difference, and understand how much this buzz was silly. Of course, so much traffic from China is going to USA all the time, and never ever, the opposite thing happens.

      As for ChinaNet (one of the 2 gov. controlled Internet access provider in China), I can tell (by my own experience, not by any reading from others...) that their link to USA is often saturated to the point it becomes very difficult to browse any site that isn't in Asia if you don't bounce. I wouldn't be surprised if they were trying to save on the huge cost that this traffic must be generating.

      Do you have any reasoning that would help thinking otherwise? I don't think so...

    4. Re:Not surprising at all by thijsh · · Score: 1

      Thanks for explaining. The question remains how much of the traffic is also routed trough ECHELON...
      When you mention California I suspect that the 30% number may have been from an article about the infamous Room 641A.

    5. Re:Not surprising at all by GPLHost-Thomas · · Score: 1

      If I'm not mistaking, Echelon is a pretty old technology that does voice recognition on the phone lines, and that works with an agreement with Australia, USA and UK. I don't think Echelon has anything to do with the Internet traffic man in the middle, which might be designated otherwise. Am I wrong here?

    6. Re:Not surprising at all by thijsh · · Score: 1
      It started as a cold-war system that did what you describe along with some other sigint. But it has since evolved into a worldwide sigint system used by several allies.

      The system known as ECHELON is an interception system which differs from other intelligence systems in that it possesses two features which make it quite unusual:

      The first such feature attributed to it is the capacity to carry out quasi-total surveillance. Satellite receiver stations and spy satellites in particular are alleged to give it the ability to intercept any telephone, fax, Internet or e-mail message sent by any individual and thus to inspect its contents.

      The second unusual feature of ECHELON is said to be that the system operates worldwide on the basis of cooperation proportionate to their capabilities among several states (the UK, the USA, Canada, Australia and New Zealand), giving it an added value in comparison to national systems: the states participating in ECHELON (UKUSA states) can place their interception systems at each otherís disposal, share the cost and make joint use of the resulting information.

      This quote is from this publicly available EU report from 2001. The document further explains how sigint has become easier since the internet age, since all information passes trough a small amount of central nodes. They also recommend encrypting all sensitive information (especially data that can be abused in industrial espionage, because apparently that has become the #1 use of the system since the cold war was over). Cited examples include the 6 billion deal with Saudi Arabia (that went to McDonnel-Douglas instead of Airbus after the NSA released intercepted communications indicating bribes) and the Wobben wind wheel design that the NSA stole and Enercon patented before the inventor could.

      Echelon exists today, but it's role changed a lot since the cold war. It's good indicator of govenment priorities.

  10. I want to believe... by digitaldc · · Score: 1

    What other total BS stories are out there that we have readily accepted as the truth?

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  11. Sounded alarmist by Anonymous Coward · · Score: 2, Insightful

    The post that was referred to sounded alarmist in the first place so I doubt most people gave it too much thought.

    1. Re:Sounded alarmist by hackingbear · · Score: 2, Informative

      A report to US Congress is not for reporting balanced facts. It is a clever piece of political marketing material to fool you. Especially if the "report" is about China nowaday.

  12. Media abuses this formula too much these days... by grumpyman · · Score: 2, Insightful
    1. China
    2. FUD
    3. ???
    4. Profit!

    PS: Media includes sites such as /.

  13. Re:heh by BrokenHalo · · Score: 1

    Of course. Everybody should know by now that 95% of statistics are made up on the spot.

  14. Re:It's just a statistic by boristdog · · Score: 2, Funny

    14% of all people know THAT!

  15. Comments by lymond01 · · Score: 1

    Republicans use Fox.
    Democrats use the Daily Show.
    I use Slashdot comments.

    Everyone has their news sources of choice. I'm fairly certain there is no sure source of information: even your own memory goofs up (see that game "Telephone" from elementary school). We do the best we can. The problem, these days, is that the "trusted" sources of information are going for the excitement factor rather than the truthiness factor. So "Aliens land in LA!" takes precedence over "Mexican immigrants take boat to San Diego".

    I'm not sure who is to blame here, but I think it's desire for money. Whatever sells goes on the front page.

    1. Re:Comments by ginbot462 · · Score: 1

      ... So "Aliens land in LA!" takes precedence over "Mexican immigrants take boat to San Diego". ...

      I thought you said the Aliens went to LA?

      --
      Atlas Shrugged : Thematic Story :: Battlefield Earth : Organized Religion
    2. Re:Comments by lymond01 · · Score: 1

      It's all Southern California: blonde and well-tanned.

  16. Volume doesn't matter by SnarfQuest · · Score: 2, Insightful

    The volume of traffic captured isn't as important as the actual traffic received.

    According to the low volume making it ok, if someone could steal 100 bytes off your 600gb hard drive, you'd be ok with that because it is such a small percentage. If that 100 bytes contained everything needed to use your credit card, would you still feel the same? It's the data that is important, not the volume.

    --
    Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
  17. Re:heh by Bill,+Shooter+of+Bul · · Score: 1

    Yeah, I thought that was pretty suspicious too. Until I found this reference on a website held in the highest esteem.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  18. Worried where you internet data goes? by cenobyte40k · · Score: 1

    Then you should not be using the internet. Honestly if you think your data is so important that even after encrypting you are worried someone might get a hold of it, then you should be using a private network or good old sneaker net.

    1. Re:Worried where you internet data goes? by mysidia · · Score: 1

      Or just SSL with AES256 or better :P

  19. Re:heh by f.ardelian · · Score: 1

    Who gives a shit? What I want to know is: Is it possible? If yes, how can we fix it?

    --
    I'm being Insightful or I'm trying to be funny. Seriously, no trolling! Maybe!
  20. Probability is high... by sgt_doom · · Score: 1
    ...that some buds were helping out Richard Clarke, who was trying to push his book recently, titled Cyber War, warning the nation about the future Chines cyber war against America, but neglecting to mention to his readers that Clarke was National Security Advisor to Clinton when Clinton "gave away"*** the over-the-horizon targeting technology to the Chinese dictators, and Clarke was also Advisor the the Bush administration when they allowed China to purchase that highly technical and defense-sensitive ball bearings factory in Ohio.

    ***And people wonder why the USA flew and rolled so easily into Iraq a few years back after the Chicoms had installed their sophisticated electronic countermeasures (try tit-for-tat).

  21. Negative, stranger... by sgt_doom · · Score: 1

    It's a reverse-conspiracy ploy to drum up publicity for a faltering site...

  22. Re:Live and let live? by jav1231 · · Score: 1

    Bathe, shave, and get a job. Or, with props to Animal House, "Fat, drunk, and stupid is no way to go through life, Son."