Slashdot Mirror

← Back to Stories (view on slashdot.org)

Claims About China's April Internet Hijack Are Overblown

Posted by Soulskill on from the as-are-most-things dept.

sturgeon writes "Yesterday, we discussed what most of the world's major media outlets were reporting on China's April 2010 hijack of '15% of Internet traffic,' including sensitive US government and defense sites. The alarm came following a US Government report (see page 244) on China / US economic and security relations released on Tuesday. Unfortunately, few bothered with fact checking or actually reading the report. The actual study never makes any estimate of Internet traffic diverted during the hijack — it only cites a blog post to suggest large volumes of traffic were involved. And curiously, the cited blog at the heart of the report never mentions traffic at all — only routes. You have to go to an interview with a third-party security researcher in a minor trade magazine to first come up with the 15% number (and this article never explains where the number came from). In a review of real data and actual facts, Arbor Nework's Craig Labovitz has a blog post looking at the traffic volumes involved in the incident (only a couple of Gigabits per second, or a 'statistically insignificant' percentage of Internet traffic)."

18 of 78 comments (clear)

  1. Only more Evidence by x1n933k · · Score: 4, Insightful

    That there are fewer and fewer journalist. Now there are only people posting thoughtless articles with little merit in order to entertain and draw traffic/viewers to a web site or channel.

    [J]

    1. Re:Only more Evidence by TheLink · · Score: 3, Interesting

      What I'm very curious about is the claim that "the Chinese government holds a copy of an encryption master key" that a few of these "old media" made:

      http://www.telegraph.co.uk/news/worldnews/asia/china/8142267/China-hijacks-15-per-cent-of-worlds-internet-traffic.html

      http://www.nytimes.com/2010/11/18/world/asia/18intel.html

      --
    2. Re:Only more Evidence by thijsh · · Score: 3, Insightful

      Excellent example of non-technical journalism which blindly copies something without understanding it or looking in to it. I can already imagine them reading something about some master key to decrypt communication, and the Chinese also have a master key, so they put 2 and 2 together and think that the Chinese can decrypt anything... Don't bother checking facts, FUD sells!

      There are certain keywords to look for to know if the journalist knows what he/she is talking about (regardless of subject). Note: "there was speculation that ... " == "we're making this shit up as we go along, but try to cover our weasel asses"

    3. Re:Only more Evidence by pedrop357 · · Score: 2, Insightful

      This panic over misinformation could be useful when discussing encryption and the clipper chip proposals of the mid 90s and the newer escrow law proposals.

      If the government were to mandate a back door, there would effectively be a master key that could be leaked, requiring a complete digital "changing of the locks" every time the key were suspected of being compromised.

    4. Re:Only more Evidence by Combatso · · Score: 2, Funny

      yeah, I miss the good old days of... uhm.. Murphy Brown?

  2. It's not the 15% that mattered by goombah99 · · Score: 3, Insightful

    THe 15% number was just an eye grabber. The point is if a foreign government can redirect even a few messages that it chooses it is not good. Simply doing traffic analysis on the state department will alert people to crises. (they already do that with pizza deliveries to the whitehouse). I'd like to hear more abouthow it's done. is it some sort of DNS poisoning or publishing misleading ford-bellman shortest path info or rARP spoofing?

    --
    Some drink at the fountain of knowledge. Others just gargle.
    1. Re:It's not the 15% that mattered by FliesLikeABrick · · Score: 4, Informative

      BGP prefix hijacking
      http://en.wikipedia.org/wiki/IP_hijacking

      the 15% number came from the number of prefixes hijacked, not the actual amount of data (as TFA says here)

    2. Re:It's not the 15% that mattered by gsslay · · Score: 3, Insightful

      The point is if a foreign government can redirect even a few messages that it chooses it is not good.

      So if it wasn't a foreign government it would be ok? Remember, all governments are foreign to some of us.

  3. Not to mention TCP connections would break by Anonymous Coward · · Score: 4, Informative

    Open TCP connections would die when the prefixes were blackholed anyway, and new ones wouldn't establish. It is likely that very little data would actually be exposed, and would mostly come from push-type feeds which use UDP or some other type of data that never needs to be acknowledged. I agree this sounds extremely overblown. This just sounds like another unintentional BGP hijack, not some well-orchestrated event where data was captured. Not to mention that the barriers to using BGP to proxy traffic are much higher than simply blackholing with BGP

    http://mailman.nanog.org/pipermail/nanog/2010-November/027839.html describes it

  4. Re:heh by interkin3tic · · Score: 5, Funny

    I certainly didn't. When I saw TFA was from "foxnews.com" I thought "This is going to be entirely reasonable and free of any fear-mongering."

  5. Not surprising at all by GPLHost-Thomas · · Score: 3, Insightful

    You don't know how many times I have read that all spams are coming from China when they in fact come from USA. I've heard countless times French right wingers saying that France cannot compete with China because of their small work taxes, when in fact taxes in China are sometimes higher than in France. This is just an example. Here, we have more than 30% of the WORLD TRAFFIC that is hijacked by USA absolutely 100% of the time, and with NSA doing deep packet inspection (and not even hiding to do so). Medias in USA should look at their own gov. with suspicion rather than saying bullshit about others without checking!

  6. Sounded alarmist by Anonymous Coward · · Score: 2, Insightful

    The post that was referred to sounded alarmist in the first place so I doubt most people gave it too much thought.

    1. Re:Sounded alarmist by hackingbear · · Score: 2, Informative

      A report to US Congress is not for reporting balanced facts. It is a clever piece of political marketing material to fool you. Especially if the "report" is about China nowaday.

  7. Media abuses this formula too much these days... by grumpyman · · Score: 2, Insightful
    1. China
    2. FUD
    3. ???
    4. Profit!

    PS: Media includes sites such as /.

  8. Re:Inconceivable!!! by pitchpipe · · Score: 3, Insightful

    This is why Slashdot (News for Nerds) is "news" like Fox News is "news" - it's not.

    Maybe. But you'll never see a correction to an overblown sensationalist headline that Fox News put out hit the front page of foxnews.com. That's the difference.

    --
    Look where all this talking got us, baby.
  9. Re:Inconceivable!!! by bsDaemon · · Score: 2, Insightful

    Cowboy Neal also cries fewer Crisco tears into his Golden Grams in public than Glen Beck does. That's another (pretty big) difference.

  10. Re:It's just a statistic by boristdog · · Score: 2, Funny

    14% of all people know THAT!

  11. Volume doesn't matter by SnarfQuest · · Score: 2, Insightful

    The volume of traffic captured isn't as important as the actual traffic received.

    According to the low volume making it ok, if someone could steal 100 bytes off your 600gb hard drive, you'd be ok with that because it is such a small percentage. If that 100 bytes contained everything needed to use your credit card, would you still feel the same? It's the data that is important, not the volume.

    --
    Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.