DNS Screwup Accidentally Extends Great Firewall Of China To Chile And The US?

from the yes,-but-could-you-use-Google? dept

A bit surprised this story didn’t get more attention, but apparently some sort of DNS networking “error” meant that certain computers in both the US and Chile came up against the infamous Great Firewall of China — meaning many sites were suddenly inaccessible (and, one assumes, Google sent folks to Google Hong Kong):

Security experts are not sure exactly how this happened, but it appears that at least one ISP recently began fetching high-level DNS (domain name server) information from what’s known as a root DNS server, based in China. That server, operated out of China by Swedish service provider Netnod, returned DNS information intended for Chinese users, effectively spreading China’s network censorship overseas. China tightly controls access to a number of Web sites, using technology known colloquially as the Great Firewall of China.

The issue was reported Wednesday by Mauricio Ereche, a DNS admin with NIC Chile, who found that an unnamed local ISP reported that DNS queries for sites such as Facebook.com, Twitter.com and YouTube.com — all of which have been blocked in China — were being redirected to bogus addresses.

I’m reminded of the case when Pakistan tried to block YouTube and ended up blocking YouTube around the globe. Just a bit of a scary reminder of how fragile and interconnected the internet can be at times.

Filed Under: , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “DNS Screwup Accidentally Extends Great Firewall Of China To Chile And The US?”

Subscribe: RSS Leave a comment
Anonymous Coward says:

Re: Re: Re:

“Setting up your own DNS is not a solution at all. In fact even the suggestion of it show’s your inexperience with it.”

— Your comment shows you to the ignorant one.

“Even if you setup your own DNS you still need to point it somewhere, and if that source screws up your still down.”

— Well, Duh. Thank you Capt Obvious.

— Well, mister know it all … is that all you’ve got?

JPerridew says:

removing China from the DNS chain

Cutting off China from the rest of the world is something that I’m sure they would consider. However, doing so would allow the government free reign to fabricate reality (ex. 1984). Furthermore, their educational institutions would still require the link outside in order to communicate and compete with others or else they would fall considerably short.
The true problem is not with China, they’ve chosen the path that they are on. The problem is with the individuals programming their ISP routers with the wrong AS numbers. Good on them for fixing it quickly, but hopefully they’ll do a sanity check before publishing their ‘shortest route’ algorithm to their users again.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...