Hacker News new | past | comments | ask | show | jobs | submit login
Revealed: The Internet's Biggest Security Hole (wired.com)
15 points by nickb on Aug 27, 2008 | hide | past | favorite | 2 comments



Huh? There are tons of operational security measures in place to protect BGP peering sessions. ISPs filter TCP to their routers. BGP itself has been aggressively filtered at the AS/prefix level since the mid 90's. If there's no new vulnerability here, how are they choosing arbitrary prefixes to redirect?

If all they're saying is that Verizon can inject arbitrary prefixes into BGP, what's the news there? That's how routing works today. The NSA isn't capturing everyone's traffic in a room in San Francisco --- AT&T is. The NSA is just a customer. Didn't we already assume telcos could do this? Presumably, it's the rule of law that protects us from this attack, not a new PKI.


::patiently waits for "hole in the Internet" to become a 4chan meme::




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: