Re: China ’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’ s BGP Hijacking
Blake Hudson
blake at ispn.net
Fri Oct 26 16:30:22 UTC 2018
Harley H wrote on 10/26/2018 8:52 AM:
> Curious to hear others' thoughts on this.
> https://scholarcommons.usf.edu/cgi/viewcontent.cgi?article=1050&context=mca
>
> This paper presents the view that several BGP hijacks performed by
> China Telecom had malicious intent. The incidents are:
> * Canada to Korea - 2016
> * US to Italy - Oct 2016
> * Scandinavia to Japan - April-May 2017
> * Italy to Thailand - April-July 2017
>
> The authors claim this is enabled by China Telecom's presence in North
> America.
Not sure I agree with the author's argument of having Access Reciprocity
between nations/governments (both as a technical solution or on
political principle). Moving towards an ecosystem where prefix
advertisements and AS paths are validated to prevent both accidental and
intentional hijacks is probably a better solution to improve
availability, integrity, and confidentiality. Encrypting traffic so
that, even if it does go through a hostile network, it remains
confidential and the integrity is validated is also probably a better
solution than the proposed access reciprocity. With the number of
players involved, neither of these will be short term changes. But, over
time, we seem to be moving in that direction already.
More information about the NANOG
mailing list