For 18 Minutes, 15% of the Internet Routed Through China 247
olsmeister writes "For 18 minutes this past April, 15% of the world's internet traffic was routed through servers in China. This includes traffic from both .gov and .mil US TLDs." The crazy thing is that this happened months ago, and nobody noticed. Hope you're encrypting your super-secret stuff.
As designed (Score:5, Insightful)
Isn't that what the Internet was designed to do; route as need to get bits to their destination?
Imagine how china feels (Score:5, Insightful)
when that 18mins is over and all their stuff goes through American servers
The Chinese aren't the reason to use encryption (Score:5, Insightful)
There are plenty of reasons to use encryption but the Chinese government just isn't one of them for me. If I view something they don't like, what exactly are they going to do? I suppose they could block my access but it's not like I would get thrown in a Chinese prison.
I have a lot more to worry about from identity thieves, scams and heck, my own government.
Re:Imagine how china feels (Score:3, Insightful)
and on the other side of the world... (Score:5, Insightful)
Re:The Chinese aren't the reason to use encryption (Score:3, Insightful)
Re:Is .cn special? (Score:3, Insightful)
If you only encrypt sensitive data it attaches a huge neon light to it.
Re:The Chinese aren't the reason to use encryption (Score:5, Insightful)
Depends. Sending any igs files of that new project to anybody?
How about that source code.
I fear we are getting way too comfortable with email for my taste.
Re:The Chinese aren't the reason to use encryption (Score:5, Insightful)
Yeah, seriously. I'm a lot more concerned about what the US government and the molestation department at TSA might do then I am about the Chinese government.
This story is interesting from a tech perspective, but the commentary at the end is BS on a site from a country with ever decreasing privacy standards.
Re:Is .cn special? (Score:3, Insightful)
you know i just had that conversation with my general manager.
except it was about shredding documents - they couldn't imagine someone going though a bag of strip shredded paper trying to find something.
my comment was - it takes effort and a reason.. important info that shouldn't be public is a good reason.. and if you only shred important things it makes the effort all that much easier..
needless to say we will be investing in a large capacity cross cut shredder - with hopes to put all our outgoing paper through it.
I don't think the authors understand cryptography (Score:3, Insightful)
There are two problems here:
1) Can China redirect traffic through its network by advertising that it has the lowest cost routing path? (Apparently, yes.) This is a wormhole attack, and is well documented in research literature.
2) Can China record or alter any traffic that passes through its network? If the data is sufficiently well encrypted, it can not read that data, although it can record the cyphertext. The fact that China can issue a certificate does not mean that it can read *your* data. It only means that encrypted data sent to Chinese servers can be read by the holder(s) of the encryption keys used by those servers.
If you are sending data over the net, and want to protect it, be sure that it is encrypted. If you don't care, be aware that anyone might be able to monitor it, even governments of other countries. If you don't trust the Chinese root CA to certify the identity of servers that you go to, don't accept their CA's certificate as an authority for that purpose.
Re:The Chinese aren't the reason to use encryption (Score:3, Insightful)
it is true that the usa has decreasing privacy standards
it is also true that china's privacy standards are orders of magnitude below the usa's standards, firmly entrenched in the toilet
so i don't understand a point of view that is more concerned with flawed standards, but much better standards, than they are with a country that is an actual, no-apologies firmly authoritarian "i tell you who your master is and what you can can cannot think" regime
it makes me wonder at your critical thinking skills
when you can't tell the difference between hyperbole and reality, and you wind up more worried about the hyperbolic and fantastic threats to human rights rather than the actual and real threats to human rights, then you just seem to be some sort of propagandized fool to me
Re:I don't think the authors understand cryptograp (Score:5, Insightful)
2) Can China record or alter any traffic that passes through its network? If the data is sufficiently well encrypted, it can not read that data, although it can record the cyphertext. The fact that China can issue a certificate does not mean that it can read *your* data. It only means that encrypted data sent to Chinese servers can be read by the holder(s) of the encryption keys used by those servers.
I don't think you understand MITM attacks.
Take a moment to look at the list of trusted root certificate authorities in your web browser right now.
FF Preferences > Advanced > Encryption > View Certificates
Notice the Chinese ones? The Chinese government can compel any of those root CAs to produce a certificate for any domain they choose. For example, let's say CNNIC [slashdot.org] creates rogue certs for Google.com.
1) You request a secure page "https://mail.google.com"
2) MITM intercepts the request and makes their own connection to mail.google.com using the real cert.
3) MITM uses the fake cert to encrypt it's connection to you, and pass you the mail.google.com data.
4) Firefox validates the cert chain and gives you a big "look it's secure" bar, and you just got pwned.
The real problem is with the retarded cert system. Any CA can create certs for any domain without the domain's permission; If the CA is trusted your browser won't complain at all.
This is why it's important to view the certs that you are using (in Firefox, click or hover over the "secure" bar).
Note: If you had a cookie that kept you signed in to gmail, its too late to check the cert after the MITM is logged into your account.
Re:I don't think the authors understand cryptograp (Score:3, Insightful)
Please excuse the reply to myself, but I'd like to point out that I'm not trying to single out China here, the above statements apply to USA, UK, Canada, or government that a trusted Root CA company resides within.
Eg: The US Government could compel (and also gag-order) Thawte into creating fake certs for Google.com (or any other domain), and in Google's case, you wouldn't even find out you've been pwned by checking the cert...
Honestly, HTTPS / SSL is The Ultimate Theater of Security.
Re:Protocols used on the 'net are horribly outdate (Score:4, Insightful)
You cannot have the centralized control you need to block out abuse without also having that centralized control in the hands of censorship happy powers.
Freedom of expression implies freedom to be an ass.
Re:There goes the neighborhood... (Score:3, Insightful)
What the hell is a 'trust system' anyway? Is that part of the Border Gateway Protocol? [cisco.com]
Maybe someone needs to take a closer look at this 'trust system.'
This is a classic example of the guy who doesn't know wtf he's talking about being the only one asking the questions that actually need to be asked.
Re:Keepalive -packet for friendships (Score:1, Insightful)
So computer maintained relationships have some meaning in your shallow world?
There is a time to let go. Your fear of loneliness and irrelevancy will not be helped by this any more than your picture in your 6th grade yearbook.
The Invasion of the Chineeese Terror! (Score:4, Insightful)
Chineeese! It's ALIVE! It's coming for YOU and your family! Hide in your bomb shelters! Wrap wet towels on your heads! Cover your bedrooms in tin foils. The Chineeese Terror is coming!!!
Seriously, what is wrong with you Americans? Can't you and your government live through life without manufacturing an enemy to hate? What is it in your national psyche that requires an opponent? Is it because you actually bought into your own "we're the Good Guys(TM)" propaganda that the only way to validate this absurd world view is to manufacture "bad guys". My theory is that you are so hung up on WWII, the last "good war" that you fought in, that you and your leaders are subconsciously trying to recreate it so that you can feel good about yourselves again. Hence, the Axis of evil, war on terror, and now a more traditional enemy, the Red Peril. Get over it.
Re:Nobody Noticed ... Except Everyone (Even Slashd (Score:4, Insightful)
Re:The Chinese aren't the reason to use encryption (Score:3, Insightful)
If you're sending any type of sensitive data without PGP or other good encryption, you're a fool.
Protect your own data, any idiot at the ISP can read your E-mails -- not just China.
Re:Keepalive -packet for friendships (Score:2, Insightful)
The point is you still can't read.
Its not about your friend. Its about some random kid you went to school with who you keep a link to for no other reason than to show how "connected" you are. You never talk to them, write to them or even read what they write.
Not a friend.
Do you even understand what a facebook poke is?
Re:Nobody Noticed ... Except Everyone (Even Slashd (Score:1, Insightful)
What's the purpose of FarmVille?
FarmVille is a Web 2.0 application depressed folks to sit around doing nothing for HOURS each day, in isolation, while getting the emotional feedback of accomplishment.
While you can say some of the same things about all video games, these "social" games are different because they NEVER END and they give people a false sense of community. Inter-personal communication is reduced to automatically spamming everyone's news feed.
As the US economy spirals down, expect more people to become insular and hooked.