The gist of things it that the mainland Chinese network operators allowed the anycasted routes for the I-root in China to leak outside of their networks and into the global BGP routing table. If you made a DNS request to the I-root during that leak, and the best route to the I-root prefix was the leaking route from China, then your DNS traffic went through the great firewall and was altered accordingly.
Finally, I want to give the article the benefit of the doubt with regard to this:
And he said he believes there were more instances of Web traffic
being diverted to China, or "hijacked," around that time, but
wouldn't elaborate. "I believe it happened more than twice,"
Joffe said. "I can't comment on how many times because the
information is not generally public."
but many views of the BGP routing table are public (http://routeviews.org) and/or fairly well monitored for hijackings, etc. by network operators and others like Renesys and BGPMon (http://bgpmon.net/). Unless this is occurring only within China's regional networks, I expect we would've heard something about this already.
Couldn't this be the result of a misconfigured router that broadcasts that it is the shortest hop to everywhere? I recall in school one of the professors said they had to put protections in place in one of the labs because one of the students router projects had once gone awry and did something similar.
"Operators of those servers would have had the capability to read, delete, or edit unencrypted e-mail and other communications passing through those servers during that time, he said. The Secure Sockets Layer (SSL), used by e-commerce sites to encrypt traffic over the Internet, has been compromised so even supposedly protected traffic could have been exposed, according to Joffe."
This bit of the article doesn't make sense to me, and wasn't explained further. How could SSL be compromised via an Internet routing hack such as this?
The gist of things it that the mainland Chinese network operators allowed the anycasted routes for the I-root in China to leak outside of their networks and into the global BGP routing table. If you made a DNS request to the I-root during that leak, and the best route to the I-root prefix was the leaking route from China, then your DNS traffic went through the great firewall and was altered accordingly.
Finally, I want to give the article the benefit of the doubt with regard to this:
but many views of the BGP routing table are public (http://routeviews.org) and/or fairly well monitored for hijackings, etc. by network operators and others like Renesys and BGPMon (http://bgpmon.net/). Unless this is occurring only within China's regional networks, I expect we would've heard something about this already.