What is Digg?Sponsored by Machinima.com
Rejected Mortal Kombat Fatalities view!
youtube.com - The Mortal Kombat developers came up with all kinds of ideas for fatalities. These are the ones that didn't make the cut.
61 Comments
- jliu125, on 08/27/2008, -1/+19Does anyone else see how the most savy and capable institution that has the resources and the incentive to utilize this hack is our own government? Tell me if I'm wrong, but doesn't that imply something far more sinister than some 3rd world hacker trying to eavesdrop on American data and messages? What's worse is that the NSA has already been made fully aware of this potential for a decade, and who knows how many tax payer dollars have been funneled into applying this hack in a governmental methodology already.
- KableKiB, on 08/27/2008, -1/+14It's saying that anyone with access to certain BGP servers (network of ISP's etc) can redirect traffic to key sites and intercept data (usernames and passwords) and you would never know because after intercepting they forward the information to the legitimate site and it all goes without a hitch to the end user.
It could be used for more than just getting information such as usernames and passwords. - eecue, on 08/27/2008, -2/+14That's easy to say, but they did the "hack" in what most would consider an internet savvy country, the United States, and routed the traffic to their servers in New York.
They didn't have to hack any systems, just announce a route with a tighter netmask. - sobe4u8k, on 08/27/2008, -3/+14"Uh-Oh"
- Majjoodi, on 08/27/2008, -0/+9Digg, is that you! I can't believe I'm reading a tech article!
- t1n0m3n, on 08/27/2008, -0/+8Nope, all you have to do is find a BGP enabled connection, announce the more specific route, and the route is advertised throughout the Internet. It doesn't matter if a Tier 1 provider trusts a Tier 2 provider or not.
Even if Tier 1 trusts Tier 2, which in turn trusts it's Tier 3 providers and so on. Once it enters the "trusted" network from the edge, it is too late. Like you said, any Tom, Dick, and Harry can purchase a BGP enabled connection... Ideally the provider would do some filtering, but as the article says, if only one does not, then everyone is possibly compromised.
Back in the day, AT&T used to use us to blackhole Verizon off the air all the time. (Accidentally of course) Verizon would get all pissed off at us and we would point the finger at AT&T. Again, as the article states, this has been known for a very long time. The trick now is specifically with AS prepend and how it lets you craft routes through the internet.
I would say that a tip off (but not always) that this is happening would be that your bank traffic suddenly gets very slow. If you notice your bank site crawling, I would not login to the site. Of course this is if they redirect the entire farm of servers (trying to make lots of money.) If they specifically target you instead, you would never know... For example, if they redirect an IP fronts a webfarm that normally pushes a DS3's worth of bandwidth, they would have to have two DS3's worth of bandwidth to support the site while redirected without obvious slowdowns. (1:2 ratio, scale to whatever bandwidth needed.)
The traffic model is just another version of ARP poisoning, it just uses layer 4 instead of layer 2. (And thus is easily propagated throughout the internet, versus local subnet only.) - KublaiKhan, on 08/27/2008, -4/+10Would anyone care to summarize the article for those of us (read "me") who have been baffled by all the jargon?
- flailking, on 08/27/2008, -5/+10For those who understand BGP or not.... Sounds like that hack would be kinda tough, at least in internet savvy countries (having somewhat responsible ISPs). I mean you'd have to hack tier 2 providers to announce the AS and you go from there and have to hope that some tier 1 providers accept any AS advertisements from tier 2 based on "trusted" customers. So that leave us overseas where that could happen. Well it really wouldn't affect the good 'ol USA..too many hops (responsible ISPs)...Just time to stop letting Tom, Dick, and Harry to be able to get an AS# and want BGP
- inactive, on 08/27/2008, -0/+5No traffic "goes through BGP's." BGP is just one way that a router decides how to set it's routing table up.
- Stiffler1, on 08/27/2008, -0/+5'Remaining Balance: 0.00'
- inactive, on 08/27/2008, -0/+4Of course, TOR is encrypted, so you still have that line of defense.
- S5S5S5, on 08/27/2008, -0/+2If anyone needs a summary of the article;
You go to your postman and say that there is a shortcut through your driveway to where he is going. He blindly trusts you. As he is going through your driveway, you take a peek at all the postage. He goes on his merry way and no one is the wiser. - ShittyPunGuy, on 08/27/2008, -2/+4Boy, it sounds like some WINDOWS need to be shut!
- KublaiKhan, on 08/27/2008, -3/+5I did "read the article," just got a bit discouraged when I couldn't understand much of it, and so I started skimming...
But thanks for the info, Kable and ivebeenhigh. - itsfunny, on 08/28/2008, -0/+1Woo, I'm an idiot.
- inactive, on 08/27/2008, -0/+1I forgot to mention, you could also try finding a BGP session that isn't encrypted and hijack that, requiring neither an AS number nor a link with a provider.
- NinjaNato, on 08/27/2008, -1/+2I was going to digg you down for the misplaced pun, then I read your name and some of your previous comments. I have to digg you up, if not just for effort.
- itsfunny, on 08/27/2008, -1/+2It can't be such a huge security hole if it's taken so long to find. And congratu-*****-lations to these guys for telling everyone about it, that sure has made the situation a whole lot better. xD
- ivebeenhigh, on 08/27/2008, -1/+2read the article
"Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can't always vacuum in traffic within a network -- say, from one AT&T customer to another." - mrBitch, on 08/28/2008, -0/+1RE: " congratu-*****-lations to these guys for telling everyone about it, that sure has made the situation a whole lot better. "
You idiot, security through obscurity only allows the situation to get worse since the professionals will take advantage of the situation before the general public is even aware there is an issue.
Microsoft do the "as long as the general public don't know then it's not a security issue" dance - and look where that has got them. - inactive, on 08/27/2008, -1/+2The article isn't entirely correct(this is Wired we're talking about, after all). You would need a router that supports BGP AND an AS number, or in absence of an AS number, a link to a network that's dumb enough to fall for you lying about having an AS number that you don't.
- bangelo, on 08/27/2008, -2/+3Yes, it applies, even TOR traffic goes through BGP's.
- djfang, on 09/18/2008, -0/+1As time goes on we will only become more integrated with the Internet as everything and everyone goes digital in a more globalized society. So getting hit by a successful attack would equate to an even harder fall. I don't believe customer demand would result in a secure BGP (as it hasn't really happened to anyone yet), but government intervention would do the trick. The problem lies in getting the government to act not only on this matter but other cyber security threats. Unfortunately, I foresee a major attack on the US and in its aftermath, government legislation would be quickly passed to fix the problem. Especially, with enforcing compliance of ISPs and router vendors to secure BGP.
- kaelyiesta, on 08/27/2008, -0/+1"Peiter "Mudge" Zatko, noted computer security expert and former member of the L0pht hacking group, [...] disclosed privately to government agents how BGP could also be exploited to eavesdrop."
That's like going to the school bully first with a way to open any of the lockers before any of the other petty thieves find out how. - mrBitch, on 08/28/2008, -0/+1nice summary, and a good analogy.
- rmxz, on 08/27/2008, -0/+1I don't see why this is a security hole. ISTM we need to assume that the computers being routed through are untrusted anyway - since there have been enough examples of ISPs doing spying on routers through which the traffic is expected to pass anyway. The same encryption&authentication tools that protect against untrusted routers at ISPs seem to me to protect against this attack too.
- MtheoryX, on 08/27/2008, -0/+1Yes, I realize that many of you are not going to get the joke at all.
- 3Den, on 08/27/2008, -0/+1This isn't surprising, or top secret. The internet is a public network that works by cooperation, and by networks of all sizes and shapes using open protocols and agreeing in many different ways how to route and move packets around.
That someone in a trusted position and level of access with BGP could abuse it is no surprise - and ihappens. Those people quickly lose that access, and those companies lose credibility with their peers.
Fundamentally, the internet is a public place, from a security point of view. Your packets are going into the wild with an unknown number of unknown people with access to them --- use encryption, use it properly.
And digg, for the love of bob, please fix the BOUNCE BOUNCE BOUNCE BOUNCE... - belibem, on 08/27/2008, -1/+2Wow the internet is not a trusted network! Is this new or something??? If the internet was trusted there would be no encryption protocols.
- ParanoydAndroid, on 08/27/2008, -0/+1I'm not an expert at networking by any means, but wouldn't BGP operate at layer 3 (Network)? Not layer 4 (transport), it seems to me that it's more closely related to IP than it is to TCP ...
- ShittyPunGuy, on 08/27/2008, -0/+1lol
- shig, on 08/27/2008, -1/+2I can imagine that they designed the protocol, specifically, for eavesdropping on data.
- iocc, on 08/27/2008, -0/+1solution to this "problem": Encrypt your data.
End of story. - robdiggity, on 08/27/2008, -0/+1You're not. I'm serving this article to you via my hijacked BJP link.
- MadHarvey, on 08/27/2008, -0/+0who?
- rootxploit, on 08/29/2008, -0/+0THIS IS NOT NEW! We've always assumed that major ISPs were trusty to learn routes from.
"Pilosov and Kapela use a method called AS path prepending", EVERYONE in routing knows about this, it isn't anything new either.
MANY years ago this was known and SBGP was the replacement. That will never be implemented, because it is expensive and there has never been an intentionally malicious case of this happening because you have to be an important ISP to successfully pull this off.
Also this is more of an issue of authentication and not really encryption. We need to trust the data not necessarily conceal it.
"Anyone with a BGP router" - WRONG, anyone TRUSTED with a BGP boarder router. There are things in routers called route filters which allow you to block the advertised routes from untrusted entities.
This is a great article for 1990, terrible for 2008. Either Wired reported on a very old not newsworthy issue or they misrepresented the idea. Either way TERRIBLE article. They should not compare this to a REAL attack like Kaminsky's! - t1n0m3n, on 08/27/2008, -0/+0ParanoydAndroid
BGP operates on TCP 179.
BGP runs on layer 4, controlling the routing of layer 3 (IP) - inactive, on 08/27/2008, -2/+2"Kapela said eavesdropping could be thwarted if ISPs aggressively filtered to allow only authorized peers to draw traffic from their routers, and only for specific IP prefixes. But filtering is labor intensive"
This is absolutely false. Only accepting BGP sessions from authorized peers and only for specific prefixes is piss easy... you're adding 1 minute to a 3 minute job when you initially set the session up, assuming you've got appropriate ACLs and route maps configured. In the grand scheme of a network admin's work, this is tit change.
Nonetheless, this sort of thing needs to be addressed. RIRs probably need to be more stingy with AS numbers, and there should probably be a watchdog that actively looks for this sort of tampering and has no problem dragging a company through the mud if it turns out they or one of their peers are doing it.
OT: ***** the jumping comment box. - hojibuji, on 09/13/2008, -0/+0"The traffic model is just another version of ARP poisoning" huh? I was with you up until that line. I wouldn't even call ARP a "traffic model"....
- hojibuji, on 09/13/2008, -0/+0BGP sessions are rarely, if ever, encrypted
- jrobbio, on 08/27/2008, -1/+1Don't you think this ties in nicely to the fact that Obama's selected VP is opposed to encryption? They may not have exactly designed the system to be snoopable, but they haven't done anything to patch it up either.
I remember on an ethical hackers course that I went on being alarmed out how easy it was to listen to unencrypted traffic without anyone noticing there was a problem.
A certificate system sounds like a bad idea because it could kill the flexibility of the internet if it wasn't managed properly. Or am I wrong? - jamdogg, on 08/27/2008, -1/+1ftfa - "I went around screaming my head about this about ten or twelve years ago.... We described this to intelligence agencies and to the National Security Council, in detail."
So this is nothing "new" yet we still have unimpeded internet access around most of the world. If it's so simple to bring down the internet then what are the the cyber-terrorists waiting for? - t1n0m3n, on 01/07/2009, -0/+0hojibuji: And if you comprehended my post, you will notice that I didn't call "ARP" a traffic model.
LERN TO RED <---- (Intentionally misspelled for the retards actually reading this.) - joesmilie, on 08/27/2008, -0/+0So this is at the ISP level and there is nothing end users can do?
The fixes sound complicated and hopefully this is not an issue in the new 2.0 Internets. - linuxpenguin, on 08/27/2008, -1/+1Is it just me, or does this come across as a lot of fluff?
"Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can't always vacuum in traffic within a network -- say, from one AT&T customer to another."
Wow - you mean to tell me that someone with access to the router could reprogram it to change data? THAT'S the big security hole?
People have been complaining about Comcast using software to prioritize packets, block BitTorrent, etc. - and you just figured out that maybe they can tamper with your data connections? This is not a security flaw - this is how the Internet works. Secure or not.
This is nothing new - the router is "insecure" because the admin set it up that way, not because of some flaw in the router. As to why they set it up. . . companies do it to log traffic and block site and protocol access. Other places/people do it for other, less-than-legal purposes. Like it or not, there's nothing you can ever do about this - whoever has control of the router determines how it acts. You don't get to decide what software/firmware someone else's router uses, or how the router works. If they program it to log all your packets, that's what's going to happen - as I said this is nothing new. A router is a computer with special software, and a computer does what it's programmed to - no more, no less - unless it malfunctions.
Or maybe I just misunderstood. . . but I don't think so. - hojibuji, on 09/13/2008, -0/+0This article has nothing to do about the quality or security of the code... the problem resides with lazy/uneducated network engineers at ISPs not properly configuring their BGP routers...
-
Show 51 - 65 of 65 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is