Slashdot Mirror

← Back to Stories (view on slashdot.org)

Claims About China's April Internet Hijack Are Overblown

Posted by Soulskill on from the as-are-most-things dept.

sturgeon writes "Yesterday, we discussed what most of the world's major media outlets were reporting on China's April 2010 hijack of '15% of Internet traffic,' including sensitive US government and defense sites. The alarm came following a US Government report (see page 244) on China / US economic and security relations released on Tuesday. Unfortunately, few bothered with fact checking or actually reading the report. The actual study never makes any estimate of Internet traffic diverted during the hijack — it only cites a blog post to suggest large volumes of traffic were involved. And curiously, the cited blog at the heart of the report never mentions traffic at all — only routes. You have to go to an interview with a third-party security researcher in a minor trade magazine to first come up with the 15% number (and this article never explains where the number came from). In a review of real data and actual facts, Arbor Nework's Craig Labovitz has a blog post looking at the traffic volumes involved in the incident (only a couple of Gigabits per second, or a 'statistically insignificant' percentage of Internet traffic)."

4 of 78 comments (clear)

  1. Only more Evidence by x1n933k · · Score: 4, Insightful

    That there are fewer and fewer journalist. Now there are only people posting thoughtless articles with little merit in order to entertain and draw traffic/viewers to a web site or channel.

    [J]

  2. Not to mention TCP connections would break by Anonymous Coward · · Score: 4, Informative

    Open TCP connections would die when the prefixes were blackholed anyway, and new ones wouldn't establish. It is likely that very little data would actually be exposed, and would mostly come from push-type feeds which use UDP or some other type of data that never needs to be acknowledged. I agree this sounds extremely overblown. This just sounds like another unintentional BGP hijack, not some well-orchestrated event where data was captured. Not to mention that the barriers to using BGP to proxy traffic are much higher than simply blackholing with BGP

    http://mailman.nanog.org/pipermail/nanog/2010-November/027839.html describes it

  3. Re:heh by interkin3tic · · Score: 5, Funny

    I certainly didn't. When I saw TFA was from "foxnews.com" I thought "This is going to be entirely reasonable and free of any fear-mongering."

  4. Re:It's not the 15% that mattered by FliesLikeABrick · · Score: 4, Informative

    BGP prefix hijacking
    http://en.wikipedia.org/wiki/IP_hijacking

    the 15% number came from the number of prefixes hijacked, not the actual amount of data (as TFA says here)