Pakistan blocks YouTube, breaks trust

by billso on Sunday, 24 February 2008

Ear­lier today, we noticed that YouTube was not avail­able. An ISP in Pak­istan, PieNet, single-handedly blocked global access to the pop­u­lar video site for two hours, accord­ing to mul­ti­ple reports on the Times of Lon­don, ZDnet, ReneSys, OpenDNS and Data Cen­ter Knowl­edge.

PieNet hijacked YouTube’s domain name by send­ing Bor­der Gate­way Pro­to­col (BGP) instruc­tions called adver­tise­ments to reroute all requests for to an IP address in Pak­istan. ISPs use BGP to link the routers in their net­works together, cre­at­ing the global inter­net­work that we call the Inter­net. ISPs trust that the BGP adver­tise­ments they receive from other ISPs are correct.

Trust is cheap

Researchers have devel­oped encrypted forms of BGP, but ISPs would rather not imple­ment these more secure pro­to­cols because more pow­er­ful and expen­sive routers would be needed. While Cisco and other router man­u­fac­tur­ers would wel­come the addi­tional sales rev­enue, ISPs would pass along their increased costs to busi­nesses and consumers.

Many Inter­net pro­to­cols and ser­vices rely upon trust. Email is a good exam­ple. The core e-mail pro­to­cols do not check mes­sage con­tent or the iden­ti­ties of senders and recip­i­ents. Email mes­sages are sent across the Inter­net as alphanu­meric text. Over the years, as a few users decided to exploit the open nature of email, we have added pro­to­cols and ser­vices to iden­tify spam, check user iden­tity and encrypt mes­sages and passwords.

Pak­istan goes offline

It is very rare for a major mis­take like this to hap­pen, because ISP man­agers and staff under­stand the value of rep­u­ta­tion and trust. This redi­rect was prob­a­bly not an acci­dent or an error by PieNet staff – it was almost cer­tainly an inten­tional hijack­ing designed to make a polit­i­cal state­ment. A bogus BGP adver­tise­ment is a very loud and rude way to make such a statement.

Richard Sti­en­non of ZDnet notes that PieNet prob­a­bly brought all Inter­net traf­fic in Pak­istan to a grind­ing halt, as Pak­istan Tele­com could not han­dle mil­lions of requests for YouTube.

YouTube engi­neers detected the redi­rec­tion quickly and asked for help from major ISPs. Their next step was to find the bad BGP instruc­tions. This was a triv­ial exer­cise, as PieNet’s iden­ti­fiers were all over the advertisement.

PCCW Tele­com, the main Inter­net provider for Pak­istan, removed Pakistan’s ISPs from the Inter­net until the new BGP adver­tise­ments prop­a­gated to ISPs across the world. Once YouTube’s route was restored, users could watch their videos again.

Inter­net users in Pak­istan will have slower Inter­net con­nec­tions for the next few days, and net­work engi­neers around the world will keep close tabs on Pak­istani ISPs.

YouTube Preview Image

Previous post:

Next post: Linkedin Profile . Fallout Shelter Hack