Network News

X My Profile
View More Activity

YouTube Censorship Sheds Light on Internet Trust

If you happened to be searching for a video at YouTube.com Sunday afternoon, there's a good chance your browser told you it was unable to locate the entire Web site. Turns out, much of the world was blocked from getting to YouTube for part of the weekend due to a censorship order passed by the government of Pakistan, which was apparently upset that YouTube refused to remove digital images many consider blasphemous to Islam.

According to wire reports, Pakistan ordered all in-country Internet service providers (ISPs) to block access to YouTube.com, complaining that the site contained controversial sketches of the Prophet Mohammed which were republished by Danish newspapers earlier this month. The people running the country's ISPs obliged, but evidently someone at Pakistan Telecom - the primary upstream provider for most of the ISPs in Pakistan - forgot to flip the switch that prevented those blocking instructions from propagating out to the rest of the Internet.

To understand how a decision by bureaucrats in Islamabad could prevent the rest of the world from accessing arguably one of the Web's most popular destinations, it may first help to accept the basic notion that when the Internet was designed decades ago, everyone on the network pretty much knew and trusted one another. While the close-knit family of individuals responsible for keeping the Internet humming along has since grown into a larger community, it is still a fairly small community based largely on trust and everyone playing nice with one another.

So, what happened? From everything I've read and heard, the YouTube situation appears to have been due to an innocent -- if inept -- mix-up, which allowed Pakistan's ISPs to effectively announce to the world that its Internet addresses were the authoritative home of YouTube.com, and for about an hour or so, most of the rest of the world's ISPs incorporated those updated directions as gospel.

(ISPs manage Internet traffic coming in and out of their networks using expensive hardware devices called routers. Most ISPs have a set of routers that manage the traffic within their network, and a separate set of routers designed to hand off traffic to and from the larger Internet.)

In a country where the government more or less can tell resident ISPs what to do, blocking citizens from visiting certain sites is simple: The ISPs simply tell their customers that if they're looking for a censored site, they either receive an empty page or are redirected to wherever the ISP or government deems as an appropriate substitute destination.

But, if those same ISPs allow their internal blocking instructions to propagate out to their externally-facing routers - the ones that communicate with the wider Internet - such actions can have far-reaching implications, as we saw with YouTube on Sunday.

This kind of implicit trust has caused similar troubles on a number of prior occasions. While it's usually the result of an oversight, this trust can be abused: In 2003, Los Angeles County found that a large swath of its Internet space was suddenly redirecting visitors to porn sites. Investigators later learned a relatively small California ISP had simply declared itself the authoritative destination for a huge chunk of LA's Internet addresses in order to drive traffic to adult sites hosted on his network.

Another notable example occurred during a nearly 12-hour period in 2004 when Turkish Telecom leaked some routing announcements that caused service disruptions for AT&T, the Army Research Lab, General Electric and Level 3, among others.

Mix-ups like this are mostly innocent and happen on a fairly regular basis, albeit usually not with such far-reaching impact. There is, however, not a lot to stop a malicious, trusted actor from using this tactic to intercept traffic and impersonate trusted Web sites in order to steal information.

The U.S. government thought it a problem worthy enough of more scrutiny that it spent a few million dollars between 2004 and 2006 funding a research endeavor called the Secure Protocols for Routing Infrastructure project. Due to budget cutbacks at the Department of Homeland Security, however, the program is being discontinued.

Some experts on Internet infrastructure discussion lists such as the North American Network Operators Group (NANOG) are crying foul, saying this was an deliberate act of defiance or assertiveness by the nascent Pakistani government. But most seem to agree this was little more than a screw-up. Still, a nation state or other adversary could stir up diplomatic trouble by toying with this sort of trust built into the Internet. What would our government make of it, say, if all of a sudden all traffic destined for .gov domains wound up in China or North Korea?

Marc Sachs, director of the SANS Internet Storm Center - a Bethesda, Md., based group that tracks hacking trends - said for now the checks and balances in the system today are that the same trust that allows network providers to abuse the system can be revoked. In this latest case with Youtube, network operators affected by the bogus update simply discarded the errant directions from Pakistan and in all likelihood told their own routers to ignore any further updates from Pakistan, at least for the time being, Sachs said.

"Someone at a large network could probably get away with a stunt like that for up to 30 minutes or an hour before [those in charge of] the rest of the Internet would just start shunning them," Sachs said. "As soon as you have someone in the system acting in a rogue manner - intentionally or not - they tend to lose the trust of the rest of the community pretty quickly."

But will this latest incident be enough to rekindle interest in Washington for more R&D on ways to improve the security and reliability of the Internet's routing system? Probably not, Sachs said.

"I would presume that (on Monday) when the bureaucrats come back to work and sharpen their pencils that more than one person inside the federal government will show concern about this," Sachs said. "Just as sure, something else will happen a couple of days later and we'll end up shifting our attention to that instead."

By Brian Krebs  |  February 25, 2008; 11:08 AM ET
Categories:  From the Bunker  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Hackers Exploiting Facebook, MySpace Plug-ins
Next: When Blocking Porn Isn't Enough

Comments

Brian's rhetorical question about the reaction to rerouting all .gov traffic to China or North Korea seems staggering. Does this problem work only if individual domain names are specifically transferred, or is the transfer of a *.gov, (or *.mil) category of domains really a threat?

Posted by: KH | February 25, 2008 11:37 AM | Report abuse

It is not a question of transfering domain names. It is a question of claiming your network is authoritative for a particular range of IP addresses.

I mean, think of a domain name like a phone number. So - what you describe - taking over a domain name - would be like printing and sending out a fake directory with wrong entries, and the world believes it. Different from this situation.

What this is like, is someone in a phone company in Atlanta screwing up and announcing that everything in (say) the 781 area code belongs to his telephone exchange, and is routed out of Atlanta rather than out of Boston (which is where 781 is).

And then that Atlanta phone company sends out an update so that several other phone companies actually believe it.

So, calls for boston people with 781 area codes end up getting rerouted to Atlanta instead of Boston. And either getting lost in thin air (as theres nobody in Atlanta who has a 781 area code phone) or making random unrelated phones ring.

Its a crude analogy and phone switching doesnt really work this way .. but thought I would try at least making one.

Posted by: Suresh Ramasubramanian | February 25, 2008 11:49 AM | Report abuse

It should not suprise you,goverment has set that censorship on everthing so they can shut us off, and on any time their's a emergancy or maybe a take over, who would know till it's really over and by then homeland security has secured all cities under gov. control.We are not dumb as they??????????????? think.

Posted by: anthonty | February 25, 2008 1:05 PM | Report abuse

So should the larger internet community remove Pakistan's access to the backbone ? It seems like putting outside controls beyond their reach would prevent further incidents in case they see a picture of a Cow on Google and decide they need to protect Hindus as well.

Posted by: Steve | February 25, 2008 1:24 PM | Report abuse

Steve, that would fix the symptom, not the problem. *Anyone* with a certain minimum level of access (a lot of people have this level of access) can send out the fraudulent updates. Cutting off Pakistan would permanently break any and all web sites hosted in Pakistan, and wouldn't stop China, North Korea, or some podunk North Dakota ISP from creating the same havoc.

Posted by: Josh | February 25, 2008 2:03 PM | Report abuse

When routers are configured to ignore IP tables from a source, it doesn't stop the source from getting to the internet. It just stops the source from promoting any new IP assignments. And until Pakistan shows just cause why it should be let back as a trusted source, the root-level routers should simply ignore any change requests from Pakistan.

Posted by: TTP | February 25, 2008 2:08 PM | Report abuse

Steve, that would fix the symptom, not the problem. *Anyone* with a certain minimum level of access (a lot of people have this level of access) can send out the fraudulent updates. Cutting off Pakistan would permanently break any and all web sites hosted in Pakistan, and wouldn't stop China, North Korea, or some podunk North Dakota ISP from creating the same havoc.

Posted by: Josh | February 25, 2008 2:11 PM | Report abuse

Sorry for the double-post. Thought the first one was lost when it didn't show up for over 5 minutes.

Posted by: Josh | February 25, 2008 2:12 PM | Report abuse

Here's what happened straight from the router goons that run the interwebs.

http://www.merit.edu/mail.archives/nanog/threads.html

Posted by: nanog | February 25, 2008 2:51 PM | Report abuse

Good job you Muslim Idiots. Most of the world the internet world does not share your views.

Posted by: CA | February 25, 2008 3:35 PM | Report abuse

@Nanog....thanks. A variation of that link to the main threat at the Nanog/Merit mailing list is actually included in the blog post.

Posted by: Bk | February 25, 2008 4:30 PM | Report abuse

This reminds me of the time when my roommates and I went to the long-departed nightclub Tracks, which on that night was 21-and-over.

My roommate was 19, and they started to ask him for ID. I said "It's OK, he's with me," and they let us in.

I was 18.

Posted by: Jay Levitt | February 25, 2008 4:59 PM | Report abuse

Hmm - my naive question is why isn't the default setting for receiving such instructions set to "off"? It would seem natural that such instructions would require vetting by one of a few trusted authorities.

Posted by: Duh | February 25, 2008 7:18 PM | Report abuse

Why the hell shouldn't youtube take those not remove those videos, they were racist/ cruel. I actually saw one video called "Eff islam". If that isn't innapropriate I don't know what is. Sorry,but youtube has basically screwed the world over.

Posted by: I'm confused | February 25, 2008 8:48 PM | Report abuse

The part of the world who claim to be the protectors of human rights have themselves breached a basic rule: respect for others. Whether it be of religious sentiments or something else. The Danish community has every right to express themselves but they should not trespass ethical lines. And if they do, they should not claim to be civilized!

Posted by: controversy! | February 26, 2008 3:25 AM | Report abuse


I agree with "im confused" . How would the Christians like to see their Pope in blasphemous cartoons?

would't the Christians want those pictures to be blocked then? or would they go ahead and increase their publication and posting?


Posted by: controversy! | February 26, 2008 3:29 AM | Report abuse

to controversy and confused: this is america, where freedom of speech rules. we let nazi sympathizers demonstrate in the streets. we allow ku klux klan to do their stupid marches. making fun of religions is not PC, but it's certainly protected speech. should we let other countries where these freedoms don't exist dictate whether we should be able to express them?

Posted by: Anonymous | February 26, 2008 8:32 AM | Report abuse

Confused and Controversy, if you are not the same people:

You may like telling other people what they can do, think and say. The fact is, YouTube is an American Corporation, and in this country I can say that the Prophet Mohammad is a donkey and not be arrested and stoned for it. The point here is that Pakistan should NOT have the ability to disrupt the world's ability to communicate just because some Muslims don't like what we're saying.

I realize that evidently this was an 'innocent error' but what happens the next time, when it isn't? My God, what a stupid system; but since no one 'owns' the internet, it means no one can 'fix' it, either....

Posted by: fake1 | February 26, 2008 8:31 PM | Report abuse

The fact is that in Pakistan there is every right to freedom of speech! you only have to see our media power to realize it. and if you do not have enough knowledge to know about the freedoms granted to people in their countries, the fact is that that you should keep youir mouth tightly shut, and not display your ignorance. and as for your beloved America being a "free country which supports your rights" you only have to look at the position of your poeple who are living in slums to know the ground realities!!

Posted by: Controversy! | February 27, 2008 1:33 AM | Report abuse

Yes, you are free, but the point is, this perverted type of freedom is whats going to take your country down. When you do not respect others, respect their religions, respect their values, that is just the kind of racial discrimination that tears the worlds apart. And this wave of terrorism of which you are so afraid just think for a moment that why is the west a target? isnt this racialism spread by some poeple a cause of it all? think for a moment why are you afraid of terrorist attacks, get to the bottom of the problem you are facing,the wave of hatred generated by the situatins such as these crated by these controversial issues, and the answers will become crystal clear to you!

Posted by: Controversy! | February 27, 2008 1:39 AM | Report abuse

The blockage of Youtube all over the world was evidently an "innocent error" but i believe that this "error" should have resulted in total removal of those blasphemous pictures, and not just their blockage.

Posted by: Controveresy! | February 27, 2008 1:42 AM | Report abuse

i hope this issue will be closed here and my point is that we should, as fellow human beings, respect each others feelings, and be positive memebers of the community by building up harmony and peace in our world and not spread hatred. i hope this wave of terrorism gripping the world ends and it can only end when we all unite under the umbrella of peace and tolerance. i hope this issue will not continue further. We respect all religions, but and in return want to be respected. Peace to all!

Posted by: Controversy! | February 27, 2008 1:59 AM | Report abuse


I hope peace prevails on our mother earth.

Posted by: controversy! | February 27, 2008 2:05 AM | Report abuse

Ah... I don't think corrective measures within half an hour are good enough in an emergency. Talk about a gaping hole.

Posted by: Rick | February 27, 2008 8:24 AM | Report abuse

Sure, most people possess a basic understanding of the meaning of respect for others, but respect is something that can neither be measured, regulated, or applied in the same degree by all people.

If a cartoon or caricature of a national leader is considered an acceptable metaphor for conveying a political opinion in most, if not all cultures, who is to say that it is or is not acceptable when depicting a religious leader, particularly in cases where the religion and politics are merged?

I am dumbfounded by people whose acute sensitivities would cause them to kill themselves or others because they are "affronted" by a political cartoon that they are otherwise free to ignore if they so choose. I am referring to those who are seemingly "affronted" at every turn and seek a society of obedient robots who can be regulated like sheep in order to protect their acute sensitivities. Their utopia is a society where they will never be "affronted" again. They really do take themselves too seriously and it is unfortunate that they fail to see that this can never work.

Let us accept that there are individuals in our world and in all societies who will do things that others find in poor taste, offensive, or extremely bad, and let us not forget that we are free to choose to not follow them, listen to them, or read their garbage on a web site. If I don't like what I see on television, I can change the channel or simply turn it off. That is called "self-regulation" and it is the truest form of regulation for the Human species. What bothers me are the naive idiots who assume that an extremist or a tasteless pop artist are truly representative of the majority of the people in the society or culture from which they come.

Posted by: Scott | February 27, 2008 4:54 PM | Report abuse

What's with those Danes and Mohammed anyway ? Why don't they just stick to their topless beaches ?

Posted by: Carlos Idelone | February 29, 2008 4:38 PM | Report abuse

Thought you would like to see RIPE NCC's case study:
http://www.ripe.net/news/study-youtube-hijacking.html

Be sure to click on their cute video (YouTube, where else?) that shows how this thing propagated and how YouTube's fix propagated.

Posted by: Solo Owl | March 1, 2008 12:16 PM | Report abuse

@Fake1 -- this was not an innocent error. It was the foreseeable result of an edict by the Pakistani government.

It is disturbing that it took more than an hour for the techs at YouTube to react. Much mischief can be done in an hour.

This really bothers me. Can anyone with an AS number redirect whole blocks of the IP space wherever they want? Can some fanatic shutter the websites of a whole political movement they oppose?

The 'Net is more vulnerable than we thought, and it is not just the spams and con games we have to watch out for.

Posted by: Solo Owl | March 1, 2008 12:37 PM | Report abuse

Without prescription pharmacy http://rxwithoutprescription.com/

Posted by: Without prescription pharmacy | March 26, 2008 8:35 PM | Report abuse

Useful site. Thanks!!!
http://connecticut-lasik-eye-surgery.anabel.uni.cc/map.html connecticut lasik eye surgery

Posted by: connecticut lasik eye surgery | April 22, 2008 3:12 PM | Report abuse

Useful site. Thanks!!!
http://connecticut-lasik-eye-surgery.anabel.uni.cc/map.html connecticut lasik eye surgery

Posted by: connecticut lasik eye surgery | April 22, 2008 3:13 PM | Report abuse

Useful site. Thanks!!!
http://myra.20xhost.com/boxing-c34/index.html ping pong table table tennis

Posted by: ping pong table table tennis | May 3, 2008 2:25 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company