Largest internet security hole revealed… or what is BGP?

Wired has the story of the latest major security hole on the internet, the routing protocol BGP:

Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency.

The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination.

The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet’s core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy. The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness.

This is the second major security flaw found in the core protocols that govern how the internet routes packets of information around the world. Earlier this year, issues with the DNS protocol were revealed and shown to be a significant security issue.

See Also

The core issue security researchers face with the DNS and BGP protocol issues is one of trust. Both security “holes” exist because when the protocols were originally developed they assumed that any node on the internet could be trusted. But in today’s world of botnets and black-hat hackers, it’s clear that many internet nodes simply can’t be trusted. But the protocols have never been updated…

Unfortunately, a solution to both of these issues may be a long way down the road:

Douglas Maughan, cybersecurity research program manager for the DHS’s Science and Technology Directorate, has helped fund research at BBN and elsewhere to resolve the BGP issue. But he’s had little luck convincing ISPs and router vendors to take steps to secure BGP.

Picture of Matt Craven

Matt Craven

Matt Craven is the former editor & publisher of The Blog Herald. Currently, Matt is the co-founder of Bryghtpath LLC, a consulting practice located in Woodbury, Minnesota. Matt's presently looking for new blogging gigs. Ping him at matt (at) bryghtpath dot com. You can follow him on Twitter.

RECENT ARTICLES

TRENDING AROUND THE WEB

7 personality traits that make someone an amazing grandparent, according to psychology

7 personality traits that make someone an amazing grandparent, according to psychology

Global English Editing

If you can do these things in public without feeling self-conscious you have a very strong personality

If you can do these things in public without feeling self-conscious you have a very strong personality

Global English Editing

Behaviors of people who have virtually no close friends

Behaviors of people who have virtually no close friends

Global English Editing

These 4 zodiac signs can do what 80% of people can’t

These 4 zodiac signs can do what 80% of people can’t

Parent From Heart

Stop being too nice at work: 8 things successful people do to more genuine and trustworthy

Stop being too nice at work: 8 things successful people do to more genuine and trustworthy

Global English Editing

People who refuse to use self-checkout at the grocery usually display these 7 traits, according to psychology

People who refuse to use self-checkout at the grocery usually display these 7 traits, according to psychology

Global English Editing