[ale] Revealed: The Internet's Biggest Security Hole

Greg Freemyer greg.freemyer at gmail.com
Thu Sep 4 17:13:19 EDT 2008


Chris,

I'm not intimate with BGP, but the basic concept of BGP is to find the
"cheapest" path between 2 points.  The newly publicised feature is
that a criminal enterprise, or governments, or simply an interested
party can tell a BGP router:

Yes, I may be on the other side of the globe, but I will deliver that
data for next to nothing, so send it all my way and I will make sure
it gets delivered as cheaply as possible.

(In the land BGP I assume instead of money they measure costs in
milliseconds or some virtual quantity.)

So now the router at your bank thinks it is cheaper to send your
online banking screens to a router in China than it is to send it
directly to the router of your ISP.

If the data is encrypted, they still have to unencrypt it once it gets
there.  If it is plain text, they just have to read it.

FYI: I think its 80% of the Internet traffic in the world comes thru
the US because our International facing routers advertise very cheap
transport rates.  (Could it be that the NSA is helping to keep those
rates cheap?)

Greg

On 9/4/08, Chris Kleeschulte
<chris.kleeschulte at it.libertydistribution.com> wrote:
> If someone can enlighten me on this BGP thing. I remember reading
>  about this years ago and it seemed pretty serious, why this story is
>  being recycled is beyond me. Here is my question about this:
>
>  During my studies in Computer Science, I took a network class and
>  learned about AS (autonomous systems) and what the border gateway
>  protocol is. I asked the professor this question and never got an
>  answer, so maybe someone here can answer this. How can I access the
>  communications between edge routers in AS's. The routers that speak
>  BGP. I am speaking from a computer that lives on a leaf of that AS.
>  It seems like I would need to have access to one of those routers
>  that are on the edge of the AS, correct?
>
>  So, if those routers are locked down pretty tight (and have routable
>  ip's from my location), it seems like a somewhat contained problem.
>  Sure, NOC people at your ISP can read your plain text email, but the
>  average guy down the street may not be able to since he is most
>  likely not receiving your packets.
>
>  I remember when I worked at an ISP and we worked with DSL traffic on
>  layer 2 and thinking, "wow, even the advanced users of this network
>  would never know that their traffic bounced all over layer 2 DSLAM
>  devices....what must they be wondering when their ping times are 130
>  ms to travel from Altanta to another host in Atlanta",  the
>  connections were actually being sent up to New York and then back
>  through layer 2 devices elsewhere.
>
>
>  thanks,
>
>  Chris
>
>
>
>  On Sep 4, 2008, at 11:57 AM, Greg Freemyer wrote:
>
>  > Everyone has said for years that the Internet is public and that
>  > anyone can read the data that traverses across it.
>  >
>  > If you want security, use encryption.
>  >
>  > Thus, this security hole seems way over blown to me.
>  >
>  > Greg
>  >
>  > On 9/4/08, krwatson at cc.gatech.edu <krwatson at cc.gatech.edu> wrote:
>  >> Revealed: The Internet's Biggest Security Hole
>  >>  http://www.neowin.net/news/main/08/08/27/revealed-the-internets-
>  >> biggest-security-hole
>  >>
>  >>  http://tinyurl.com/6bvblu
>  >>
>  >>  keith
>  >>
>  >>  --
>  >>
>  >>  Keith R. Watson                        Georgia Institute of
>  >> Technology
>  >>  Systems Support Specialist IV          College of Computing
>  >>  keith.watson at cc.gatech.edu             801 Atlantic Drive NW
>  >>  (404) 385-7401                         Atlanta, GA 30332-0280
>  >>
>  >>
>  >>  _______________________________________________
>  >>  Ale mailing list
>  >>  Ale at ale.org
>  >>  http://mail.ale.org/mailman/listinfo/ale
>  >>
>  >
>  >
>  > --
>  > Greg Freemyer
>  > Litigation Triage Solutions Specialist
>  > http://www.linkedin.com/in/gregfreemyer
>  > First 99 Days Litigation White Paper -
>  > http://www.norcrossgroup.com/forms/whitepapers/99%20Days%
>  > 20whitepaper.pdf
>  >
>  > The Norcross Group
>  > The Intersection of Evidence & Technology
>  > http://www.norcrossgroup.com
>  > _______________________________________________
>  > Ale mailing list
>  > Ale at ale.org
>  > http://mail.ale.org/mailman/listinfo/ale
>
>  _______________________________________________
>  Ale mailing list
>  Ale at ale.org
>  http://mail.ale.org/mailman/listinfo/ale
>


-- 
Greg Freemyer
Litigation Triage Solutions Specialist
http://www.linkedin.com/in/gregfreemyer
First 99 Days Litigation White Paper -
http://www.norcrossgroup.com/forms/whitepapers/99%20Days%20whitepaper.pdf

The Norcross Group
The Intersection of Evidence & Technology
http://www.norcrossgroup.com


More information about the Ale mailing list