In Pakistan vs. YouTube, it's not all about technology

Why can't governments mimic Pakistan Telecom's denial of service attack against YouTube? Because it's the kind of thing that Internet's network operators will detect and stop.

The flap earlier this week in which Pakistan Telecom knocked YouTube.com off the Internet for two hours seems almost inexplicable.

It's not like when a court in Turkey blocked access to YouTube from within the country, or when China restricts Western news sites.

Those were country-specific and intentional. The outage on Sunday was global and, as far as we know, unintentional.

So what's to stop another Internet service provider--especially a government-owned one--from intentionally trying this trick? It's easy enough to imagine a situation in which North Korea feels like yanking Voice of America off the Internet, or some nations choosing to assail al-Jazeera (their satellite broadcasts already have been interrupted).

The short answer is that while the Internet is anarchic, it's not that anarchic. (It's closer to the original definition of anarchy: order without government regulation, from the Greek "anarchos," meaning without a ruler.)

In fact, the way network providers handle Internet routing is very specific and carefully defined in a series of standards.

Network providers--called autonomous systems, or ASs--are assigned unique ID numbers that are compiled by the Internet Corporation for Assigned Names and Numbers. While ICANN holds the master list of AS numbers, they're actually assigned by allocating large blocks of 1,000 or so at a time to regional address registries.

And when one network provider misbehaves and broadcasts a false claim to be the proper destination for certain Internet addresses--as Pakistan Telecom (AS 17557) did this week--it's easy enough to figure out what's going on. If AS 17557 hadn't backed down and fixed the problem relatively quickly, some network providers probably would have "blackholed" it by ignoring some or all of its broadcasts. At the very least, there would have been some manual intervention.

Don't believe me? Some sysadmins have banned all e-mail from China, Korea, and Taiwan on grounds that so much of it is spam. There are commercial products that will do just that for you.

The Internet may be run by computers, but it's managed by people--a remarkably savvy and dedicated group of folks, in fact, who share tips and alert each other to potential network problems. Some of these discussions take place on public mailing lists; some occur in more private settings. Many of these network operators know each other personally through groups like NANOG, AfNOG, and SANOG.

Human intervention, manual overrides, and personal relationships based on in-person meetings aren't perfect: ideally, false broadcasts could be prevented completely through encryption-outfitted mechanisms like Secure BGP. But these less-formal relationships have worked remarkably well, and are (for now at least) the first line of defense against someone learning the lessons from Pakistan Telecom and attempting to do far more damage than merely taking out YouTube for a few hours.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Catwalk contraptions: High-tech couture of 2014 (pictures)
The most anticipated games of 2015
Tech industry's high-flying 2014
Uber's tumultuous ups and downs in 2014 (pictures)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)