My 12/05/10 Missoulian column
Last month, you might have heard on the news or read on the Web that China hijacked part of the Internet for 18 minutes or so – possibly by accident, possibly not – and stole a bunch of Internet data.
The news cycle picked it up, saying that an Internet service provider in China intercepted something like 15 percent of the Internet’s traffic for those 18 minutes.
They intercepted secret e-mails from the U.S. government, bank account traffic, personal e-mails, you name it. And how they did the hijacking exposed a serious flaw in the way the Internet works.
But like many things, cooler heads prevailed with better data on what actually took place. The sky didn’t fall on the Internet, and what really happened was more nuanced.
Even though the Chinese ISP was less than forthcoming on what happened, many agreed it wasn’t malicious. Even in the light of other incidents, such as experts implicating the Chinese government in hacking attacks against the U.S. and Google, the “great firewall” of China that blocks selected Internet traffic and others.
But most agree there is a problem, too, and it’s an interesting story, both for what happened and what is possible when it comes to hijacking the Internet.
The issue is a protocol called Border Gateway Protocol, developed in the early days of the Internet. That protocol lets routers at ISPs talk to one another and guide Internet traffic over the fastest routes, and also change routing when needed for breakdowns and for new routes that are added.
Border Gateway Protocol and many other Internet protocols are based on the concept of trust. Back when the Internet was being designed, engineers knew the most efficient way for the network to work was based on being completely open and allowing the machines of the backbone of the Internet to trust one another and exchange information without being hindered.
Every ISP that forms the backbone of the Internet has people and equipment that participate in the the routing of traffic in the best interests of the Internet. But can the people and governments that manage the modern Internet handle the burden of trust?
The Chinese hijacking incident took place last April, but really was only news after the incident was outlined in the annual U.S.-China Economic and Security Review Commission Report presented to Congress last month.
That report says that, “For a brief period in April 2010, a state-owned Chinese telecommunications firm ‘hijacked’ massive volumes of Internet traffic.”
Next week: It’s both more interesting and nuanced than that.
This week in Mac Q & A: How Much Memory Should I Get?