Pakistan YouTube Block Breaks the World

Allen54 noted a followup to yesterday's story about Pakistan's decision to block YouTube. He notes that "The telecom company that carries most of Pakistan's traffic, PCCW, has found it necessary to shut Pakistan off from the Internet while they filter out the malicious routes that a Pakistani ISP, PieNet, announced earlier today. Evidently PieNet took this step to enforce a decree from the Pakistani government that ISP's must block access to YouTube because it was a source of blasphemous content. YouTube has announced more granular routes so that at least in the US they supercede the routes announced by PieNet. The rest of the world is still struggling."

But how did they do it?

[suso (153703)]

So the article isn't clear on it. Does this ISP have an AS number that allows them to upload global routes? I would say that they should lose it. I can't think of another way that a single ISP could take out the whole internet's access to something. Pretty crazy.

Re:But how did they do it?

[rustalot42684 (1055008)]

A zealous ISP ignorantly decides the best way to comply with the decree is to re-route all of YouTube's IP addresses to whatever site they thought was more appropriate. The first repercussion was that YouTube disappeared from the Internet for almost an hour. I suspect the second repercussion was that Pakistan's Internet access crawled to a halt as all of a sudden they were handling IP requests for one of the busiest sites in the world.

So I suspect that they do have an AS number that allows them to upload global routes. I agree they should lose it though; censoring your own country is bad enough, but screwing up the rest of the world is absolutely unacceptable. I need my dancing cats!

Re:But how did they do it?

[Aladrin (926209)]

Or maybe they aren't as stupid as we think... Maybe, just maybe... They did this on purpose to give global awareness to this censorship.

Maybe I give them too much credit... But it's possible.

Re:But how did they do it?

[Kozz (7764)]

My ! There's dancing cats on YouTube? What have I been doing with my life?

Re:But how did they do it?

[by Anonymous Coward]

The route was announced by AS17557.

Re:But how did they do it?

[rs79 (71822)]

"The route was announced by AS17557"

Youtube had a route for 208.65.152.0/22 (208.65.152.0 - 208.65.155.255), but Pakistan's main ISP in Hong Kong announced a route for 208.65.153.0/24 (208.65.153.0 - 208.65.153.255) to keep youtube off their net. What they didn't understand though is this really needs to be kept as a local routing policy so it only affected Pakistan, but it sorta snuck out and affected the entire network.

Routing is the soft underbelly of the net.

Re:But how did they do it?

[bluesky74656 (625291)]

Pakistan Telcom does have an ASN number. Just for kicks, try this:

Head over to this site [routeviews.org]. It visualizes the BGP routes between different AS's. Click 'Start BGPlay'. The prefix in which YouTube lives is 208.65.153.0/24. Set the start time for about 24 Feb 2008 10:00, and the end time for about 25 Feb 2008 03:00 (times are UTC). Start the simulation.

You'll see a bunch of ASNs. Two have red circles around them. You can get their name by clicking on the number. On the left is YouTube, and on the right is Pakistan Telcom. Click play and watch what happens.

For those too lazy to actually watch this: All the routes destined for YouTube head towards Pakistan Telcom instead. Then, midway through, you see PCCW get wise and shut down those routes, and everyone slowly starts finding the actual YouTube. It's pretty neat to watch.

Re:But how did they do it?

[suso (153703)]

Yeah that is very stupid. Why would you allow one of your customers to modify global routes when they don't have an AS number themselves?

I imagine that this event will introduce a lot of people to how high level internet routing works. Yes, its that vulnerable folks. Scary, but fortunately these events don't happen often. I think back in late 90s was the time when someone in Pennsylvania introduced a global route for everything to go to 0.0.0.0, which brought everything down for a day.

Re:But how did they do it?

[Brian Gordon (987471)]

Not to mention that they should keep ALL manner of global routing out of countries that censor the internet.. it's just a no-brainer. Probably should move a lot out of America too..

Re:But how did they do it?

[Atlantis-Rising (857278)]

The problem is that if they did that, they'd have nowhere to put it.

Unless you want to create an international organization with its own territory (sort of like the UN headquarters) that controls global routing- it can't be subject to any national law because it's got its own extraterritoriality (although international lawyers would tell me it's not true extraterritoriality, blah blah blah).

But somebody has to control THAT organization, and unless its mandate is simply to maintain the internet routing in a transparent manner between national-level routing domains...

But how did they do it?

[greedyturtle (968401)]

For those of you who actually want to know "How they did it?" posted from: Renesys Blog [renesys.com]
which was found from Cydeweys [cydeweys.com] which is updating as the story progresses. Both of those sites seem to be running a bit slow, so hesitate before clicking.

Full text of Reneysys: Pakistan hijacks YouTube.

A few hours ago, Pakistan Telecom (AS 17557) began advertising a small part of YouTube's (AS 36561) assigned network. This story is almost as old as BGP. Old hands will recognize this as, fundamentally, the same problem as the http://merit.edu/mail.archives/nanog/1997-04/msg00380.html [slashdot.org]">infamous AS 7007 from 1997, a more recent ConEd mistake of early 2006 [renesys.com] and even TTNet's Christmas Eve gift 2005 [renesys.com].

Just before 18:48 UTC, Pakistan Telecom, in response to government order [renesys.com] to block access to YouTube (see news item [yahoo.com]) started advertising a route for 208.65.153.0/24 to its provider, PCCW (AS 3491). For those unfamiliar with BGP, this is a more specific route than the ones used by YouTube (208.65.152.0/22), and therefore most routers would choose to send traffic to Pakistan Telecom for this slice of YouTube's network.

I became interested in this immediately as I was concerned that I wouldn't be able to spend my evening watching imbecilic videos of cats doing foolish things (even for a cat). Then, I started to examine our mountains of BGP data and quickly noticed that the correct AS path ("Will the real YouTube please stand up?") was getting restored to most of our peers.

The data points identified below are culled from over 250 peering sessions with 170 unique ASNs. While it is hard to describe exactly how widely this hijacked prefix was seen, we estimate that it was seen by a bit more than two-thirds of the Internet.

This table shows the timing of the event and how quickly the route propagated (this is actually a fairly normal propagation pattern). The ASNs seeing the prefix were mostly transit ASNs below, so this means that these routes were distributed broadly across the Internet. Almost all of the default free zone (DFZ) carried the hijacked route at least briefly.

18:47:00uninterrupted videos of exploding jello [youtube.com]

18:47:45first evidence of hijacked route propagating in Asia, AS path 3491 17557

18:48:00several big trans-Pacific providers carrying hijacked route (9 ASNs)

18:48:30several DFZ providers now carrying the bad route (and 47 ASNs)

18:49:00most of the DFZ now carrying the bad route (and 93 ASNs)

18:49:30all providers who will carry the hijacked route have it (total 97 ASNs)

20:07:25YouTube, AS 36561 advertises the /24 that has been hijacked to its providers

20:07:30several DFZ providers stop carrying the erroneous route

20:08:00many downstream providers also drop the bad route

20:08:30and a total of 40 some-odd providers have stopped using the hijacked route

20:18:43and now, two more specific /25 routes are first seen from 36561

20:19:3725 more providers prefer the /25 routes from 36561

20:28:12peers of 36561 start seeing the routes that were advertised to transit at 20:07

20:50:59evidence of attempted prepending, AS path was 3491 17557 17557

20:59:39hijacked prefix is withdrawn by 3491,

Re:But how did they do it?

[Shakrai (717556)]

You'd need one without any culture of censorship

Sweden!

and a strong enough military (including globally targeted nuclear missiles) not to be pushed around by the countries interested in censorship

Oh. Shit. Well, ya had to muck things up with that requirement, huh?

Wait, I know! The United States can take over Sweden! Then we'll have one country with no history of censorship and nuclear missiles! It's perfect!

Hmm, free software/movies and Swedish chicks for me..... warmer weather and cheap blue jeans for them. Sounds like a win win for everybody concerned... and if any of those Swedes complain we'll just censor them ;)

Re:But how did they do it?

[hullabalucination (886901)]

...and a strong enough military (including globally targeted nuclear missiles) not to be pushed around by the countries interested in censorship...

They may not have nukes, but they DO have the Swedish Bikini Team, which is a powerful force for good. For example, name one time when North Korea has invaded Sweden. Just one. I rest my case.

* * * * *

"Buying the right computer and getting it to work properly is no more complicated than building a nuclear reactor from wristwatch parts in a darkened room using only your teeth."
—Dave Barry

Re:But how did they do it?

[Shakrai (717556)]

Are you joking?

Yes.

Re:But how did they do it?

[mikael_j (106439)]

If you're talking about reverend Åke Green he didn't just say "I think homosexuality is bad", he called homosexuality an "abnormal, a horrible cancerous tumor in the body of society". And he while he did stand trial he was not found guilty of any crime.

/Mikael

Re:But how did they do it?

[Shakrai (717556)]

The BGP [wikipedia.org] article on Wikipedia is as good a place to start as any. Beyond that you can do some Google searches for it.

Basically BGP is the protocol used by routers to exchange route information with each other. A real oversimplification would involve three networks/routers, A, B and C. C receives it's network connectivity through A. C announces the networks it's responsible for to A, whom aggregates them before announcing them (and it's own networks) to B.

In theory, A shouldn't accept any routes from C for IP addresses not owned by C. Apparently that wasn't the case here though, or Pakistan's little stunt wouldn't have impacted anybody outside of Pakistan.

Re:But how did they do it?

[Shakrai (717556)]

If you already know whose IP address are whose, then what do you need the routing protocol for in the first place?

Because multi-homed networks may wish to have finer control over which links traffic comes in on then allowed for with simple static routes. Because my above example (A/B & C) was a drastic oversimplification and the actual internet involves tens of thousands (hundreds?) of different networks connected in different ways and trying to manage static routes for all of them would be virtually impossible.

Imagine if the process of connecting a new network to the internet involved having to update static routing tables in every core router on the internet and you'll start to understand why BGP exists. Hell, there are routing protocols meant for internal usage (OSPF [wikipedia.org]), because static routes become unmanageable if you have more then a few routers/netmasks to contend with.

BGP inherently depends on the honor system - that is the crux of the problem

Not strictly. The "honor system" should really be limited to the Tier 1 providers. Anybody else really should be filtering the routes that they will accept. There are already provisions in place to remove the "honor system" from consideration -- it seems that Pakistan's upstream provider choose not to use them.

This really isn't anything new. This kind of stuff has happened before. It's not even unique to the internet either -- the POTS network has a routing protocol used to setup calls/announce which switch is responsible for which number/range. One would suspect that SS7 can be abused by "bad" telcos as easily as BGP can be abused by "bad" ISPs.

Arstechnica explains

[rishistar (662278)]

http://arstechnica.com/news.ars/post/20080225-insecure-routing-redirects-youtube-to-pakistan.html [arstechnica.com]

Re:But how did they do it?

[Amouth (879122)]

First rule of BGP - NEVER advertise a route you don't own.

Re:But how did they do it?

[TMB (70166)]

Second rule of BGP is you DO NOT talk about BGP!

Re:But how did they do it?

[Zeinfeld (263942)]

No, I doubt that the reason for blocking YouTube was motivated by the purported concern for the prophet.

Rather more likely is that this has something to do with the recent elections in Pakistan. The Musharaf just lost the election he had hoped would allow him to complete his transition from dictatorship to elected President. Instead he lost control of the process with the assassination of Bhutto.

Independent TV is a much bigger threat to the regime than independent press. Blogs have rather less credibility than actual video of a demonstration.

I suspect that the ISP chose this method of blocking the traffic for precisely the reason that it would cause the maximum notice. Implement a local block in Pakistan and the Pakistanis complain. Implement the block in such a way that it affects the whole region and you have so many more people working to circumvent the censorship.

BGP security has been a big concern for me for some time. In fact it is such a concern that it is one of the issues I did not address in my book on Internet crime precisely because I did not want to give people ideas.

CBG

[Zedekiah (1103333)]

Worst. Title. Ever.

Re:CBG

[owlnation (858981)]

Worst. Title. Ever.

Closely followed by the award for most incomprehensible summary. I've re-read it twice. I have no idea what is happening. Seems Pakistan has destroyed the internet or something. Although, despite living in the People's Republic of (formerly Great) Britain, my internet seems to be working. I can even access YouTube.

Unless it's all a cunning plan by my Governemnt to make it seem like I can connect, but reality I'm behind Hadrian's Firewall and surfing the UK Intranet. Which, admittedly, knowing the UK Government is perfectly possible... All I know is living in the UK I'm in no position to criticize the Pakistanis, because their country is much freer than mine.

Re:CBG

[Shakrai (717556)]

Closely followed by the award for most incomprehensible summary. I've re-read it twice. I have no idea what is happening

Basically a Pakistani ISP decided to implement the block of Youtube by announcing a new route for the IP addresses owned by Youtube that presumably directed all of that traffic into /dev/null or elsewhere. By accident (one would presume -- there is no reason to do this on purpose) those routes were announced outside of Pakistan by said ISP, whose upstream provider then relayed them to the rest of the internet (sheer stupidity on their part -- their configuration should have prevented this). Said upstream provider then decided to cut Pakistan off until they are able to correct the problem.

All I know is living in the UK I'm in no position to criticize the Pakistanis, because their country is much freer than mine.

Yeah, I can't help but remember how Gordon Brown seized power in a military coup and allowed a leading member of the opposition to be brutally assassinated by extremists. It's amazing how far the UK has fallen, isn't it?

C'mon! As an American I can certainly sympathize with your disillusionment over your own Government's policies but get some perspective. It's not yet that bad. Freedom in the United States or United Kingdom isn't dead until people stop fighting for it and become as apathetic as you sound when you make statements like that.

Your country gave us the Common Law, the Magna Carta and the foundations of Representative Democracy. You stood alone against Hitler for all those lonely months between the Fall of France and the involvement of the Soviet Union and United States. That stand likely saved Western Democracy from Communism or Fascism. Start fighting for your freedoms instead of whining online about how much better Pakistan is. I suspect that the people fighting and dying for Democracy right now within Pakistan would have zero sympathy for your point of view.

Re:CBG

[Shakrai (717556)]

Woah... time to dust off your history book.

After the French Armistice on 22 June 1940 the UK, alongside the Commonwealth (Canada, New Zealand, Australia and South Africa) was the sole remaining major power that was still fighting Nazi Germany. She did fight alongside the other nations that were invaded (Greece comes to mind) but those nations capitulated fairly quickly, leaving the UK to fight on alone.

The UK remained alone until the launch of Barbarossa exactly one year (22 June 1941) after the signing of the French Armistice. Even at that, it seemed likely (at the time) that Germany would beat the Soviet Union and Churchill wasn't sure the Allies would win until after Pearl Harbor brought the United States into the war.

So yes, I give the UK a lot of respect for standing alone against the Nazi War Machine during that period. It was arguably the finest moment in British history and likely saved the Western Democracies from becoming conquered slave-states to Nazi Germany or Communist Satellites of the Soviet Union.

Re:CBG

[Shakrai (717556)]

You must have missed the part of history class where they taught about the Lend-Lease Act. The US was very much involved in the war starting in March of 1941, we might not have had boots on the ground but without our help the UK wouldn't have stood much of a chance.

And you must have missed the part of history class where they taught that the Battle of Britain started in June 1940, nine months prior to the passage of Lend-Lease.

Seriously though even if Lend-Lease/other assistance (destroyers for bases [wikipedia.org] comes to mind) was the sole thing that keep the Brits going, how does that diminish the bravery that they showed in continuing to fight on alone? They could have easily sought an armistice and probably would have emerged better off for doing so (the Empire would have survived instead of being bankrupted). The free world owes them a debt of gratitude for carrying on that fight even when things looked pretty bleak.

Re:CBG

[mike2R (721965)]

This is more than a little silly:

Brown didn't have to seize power in a military coup, as our entirely undemocratic electoral system gave it to him anyway. No-one ever voted for him or his administration, other than whatever internal politics may have happened within his party.

He's an elected Member of Parliament, and supported by a majority in the Commons, which makes him Prime Minister. He could be turfed out tomorrow if he loses a motion of confidence, and parlimentary elections MUST take place by 2011.

His predecessor was elected on one of the smallest proportions of the popular vote in history,

OK, the first past the post system can throw out some weird results, and Labour does happen to get the best of them. Sixteen years of Tory government hints that this isn't a huge issue however.

and even then it was on the basis of a clear promise that he would serve a full term (and therefore that people were explicitly not voting for a party that would have Brown as leader before the next general election).

That is an issue of whether the Labour party has broken a commitment - this can be judged by voters at the next election or by MPs any time.

Well, unless you get on the Tube, anyway. Then it's OK for the police to shoot you, and face no real consequences.

That was horrendous I agree, and the investigation after it not a great deal better. That said, it did happen 1 day after an attempted suicide bombing of the tube, and 1 month after a successful one. If the police where ever going to overreact it was then.

Unless you're a long-standing member of the party and Holocaust survivor with the audacity to shout a one-word heckle during your party conference, in which case you must be removed by several heavies and then barred from re-entering as a terrorist threat.

And will later be featured on national news, and (even before that) receive a grovelling apology from the Home Secretary. The reason that one went away was because the apology was accepted - maybe it shouldn't been but as you said the chap was a lifelong Labour member, and he can make his own decisions.

Agree with you on the DNA thing, but you don't help your argument by starting off with a badly supported rant.

Re:Common law

[Shakrai (717556)]

I don't think you realise what you are advocating. Or are you an anarchist?

*sigh*, I think you largely missed the point. Let me spell it out for you using the words of Thomas Jefferson:

We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.

That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it

(emphasis mine)

Every law, by its very nature, takes away the rights of the people. The only way for a government not to take away rights is to abolish all laws.

That's such a blatant oversimplification that I hardly know where to respond. The spirit of our Declaration of Independence (and all those other documents I referenced earlier) is that the Government exists to secure our rights -- my right not to be murdered by you trumps your right to do whatever you want. The Government derives it's power from the consent of the Governed and not the other way around.

How soon we forget our own history.

A more technical explanation/discussion is here

[br00tus (528477)]

There is a NANOG [merit.edu] thread about this. Apparently a more specific IP route was advertised.

"malicious" routes

[br00tus (528477)]

I should also note that while the Slashdot story says these routes were maliciously announced, there is no evidence of this. This type of thing has happened before by accident many times. That it was accidental makes more sense anyhow - which is more probable, that there are a bunch of network wizards in Pakistan with state-of-the-art equipment decided to take out Youtube, or that a handful of overworked and undereducated network technicians in Pakistan were told by management that they had to block Youtube immediately, and in their haste their blocked route accidentally leaked to the outside world? I would say the latter, especially considering that they stopped advertising the route soon after they began getting a lot of complaints.

I should also point out that while bureaucrats in Pakistan may be bone-headed for blocking content, companies like Microsoft, Yahoo, Cisco and so forth are the ones who built things like the "Great Firewall of China". Lots of Americans like the point their finger at governments like China, whereas they could actually have more of an effect in making companies in their own countries stop building this sort of stuff.

Re:"malicious" routes

[STrinity (723872)]

I should also note that while the Slashdot story says these routes were maliciously announced, there is no evidence of this. This type of thing has happened before by accident many times. That it was accidental makes more sense anyhow

Propagating the change to the rest of the world may have been accidental, but the purpose -- to block YouTube throughout Pakistan -- counts as malicious in my book.

PieNet fights back

[proverbialcow (177020)]

The PieNet Funding Bill is passed. The system goes on-line August 4th, 1997. Human decisions are removed from strategic defense. PieNet begins to learn at a geometric rate. It becomes self-aware at 2:14 a.m. Eastern time, August 29th. In a panic, they try to pull the plug.

Re:PieNet fights back

[proverbialcow (177020)]

Sarah: [narrating] Dyson listened while the Terminator laid it all down: PieNet, Judgment Day, the history of things to come. It's not everyday you hear that you're responsible for 3,141,592,653 deaths. He took it pretty well.

Miles Dyson: I feel like I'm gonna throw up.

John: Too much pie? Do you need some Redi-chill?

T-1: Cool Whip, dickwad.

Religious purification

[TheHawke (237817)]

Sounds familiar, right along with the right to sentence to long jail terms, a few victims that got raped, letting the rapists go nearly scot-free.
They might as well isolate the country, keeping them from experiencing the interwebs altogether, it'll be impossible to keep their youth from being corrupted.

A Better Technical Explanation

[1sockchuck (826398)]

Better technical explanations of the event are available from the Renesys blog [renesys.com] and Data Center Knowledge [datacenterknowledge.com]. The erroneous IP assignments spread across the net within 1 minute, 45 seconds of its announcement by Pakistan Telecom, according to a timeline by Renesys. It took about 80 minutes for YouTube to inform its providers that the route had been hijacked. YouTube says it is "investigating and working with others in the Internet community to prevent this from happening again."

Works for me

[weave (48069)]

"Works for me."

/ticket closed.

First article (Third link) is not bull

[ruinevil (852677)]

The telecommunication authorities are claiming in Pakistan that YouTube was blocked for featuring allegedly blasphemous documentaries. While this move if triggered by this motive is as foolish as burning an entire library just because on a page of one of the books someone has scribbled a couple of words against you, it is far from truth. Actually Musharraf is a very self centered and insecure man these days and has recently learned from his sycophants that YouTube carries many videos critical of his government especially his torture on lawyers and political captives and since during this campaign technology played critical role in influencing people he wants to block out every kind of criticism.

This is exactly what I'm talking about.

Political, not religious reasons.

[Spy der Mann (805235)]

All Things Pakistan [pakistaniat.com] points out that this may have a political rather than a "cultural" reason - given that a number of videos of election rigging were posted.

Why it broke, in techie

[autocracy (192714)]

I submitted this article yesterday while it was happening, but of course at that time details were even more sparse (speed vs. informative.. oh well). Some of the BGP routing information I captured is printed out on Wikinews [wikinews.org]. The basic idea is that Pakistan Telecon, BGP [wikipedia.org] Autonomous System [wikipedia.org] number 17557 began being chatty, saying that it owned Youtube's netblock. It did this using a /24 routing prefix [wikipedia.org], whereas Youtube exports its route as a /22 (which it should...). Because the /24 was more specific, it became the primary route of reference. This is similar to the "AS 7007" incident (Google it... there's no one good link) back in the late 1990s (one of two incidents in the history of the Internet that has brought the entire Internet down, IIRC).

I'll check back for related questions to fill in any blanks later :)

Gutenberg

[Max_W (812974)]

Once the Islam world already did the same error. In 15th century when Gutenberg invented the printing press the Islam countries were a way ahead in science.

But mullahs forbade printing for 200 years, while in Europe it exploded. Mostly it was silly: religious stuff, cartoons, sex, but it was also maps, mathematics, etc.

Internet is about the same as an invention of printing was then. And again they are making the same mistake, again due to a fear of mullahs to lose their power.

Like 500 years ago it will just slow the development of their civilization.

Re:Cue "Islam is evil post"

[aicrules (819392)]

Islam has various doctrines that are meant to be trials for those who subscribe to that faith. Ramadan is meant to teach patience and improve ones ability to resist temptation. If those temptations are removed by theocratic/governmental policing, the whole point is lost. Yes, a person may not have access to one area of temptation and therefore won't succumb because there's nothing to succumb to, but just like a butterfly emerging from the cocoon; if you see it struggle and decide to help it out, it won't have the ability to survive on its own later. If a muslim never even has the opportunity to face temptation because they are shielded from it at every turn, then on the likely chance that in their adult life they suddenly have multiple temptations blinding-siding them, they will have no internal facility to deal with it other than to cave in. I think the "Islam is evil" thing you're so sure is going to happen is because of how evil the intentions the governmental bodies that try to enforce it are. This is why separation church and state is so important in this respect. It was huge in christianity during the crusades. Fortunately many have seen the light and no longer impose faith as a law.

Re:Cue "Islam is evil post"

[RyuuzakiTetsuya (195424)]

The content of the Quran, as read by the average reasonable person, resembles Mein Kampf in its degree of evil.

Godwin's law. 10 yards back, redo the whole play.

Re:What a REAL oppressive theocracy looks like

[by Anonymous Coward]

Just because other crap smells worse doesn't mean my own crap doesn't stink anymore. All oppression needs fighting, not just the blatant stuff.

Re:What a REAL oppressive theocracy looks like

[lixee (863589)]

Tu quoque? This idiotic line is getting old. Yes, we get it. The US is better than the scum of the Earth that is al-Qaeda and their supporters. But for the love of God, quit justifying wars of aggression and other unconstitutional acts by see, it could be worse. It's only works with mentally challenged people.

Re:What a REAL oppressive theocracy looks like

[rhakka (224319)]

Has Pakistan wrongfully invaded another country recently when I wasn't looking?

If not... are you saying that theocratic regimes may censor, but ultimately do less harm than we do?

I guess I'm confused.

Re:What a REAL oppressive theocracy looks like

[404 Clue Not Found (763556)]

To the people here in the U.S. who consider the Bush administration an oppressive theocratic regime, pay attention. This is the sort of thing an ACTUAL oppressive theocratic regime does.

You mean the secret to appreciating my country is to simply lower my standards? Damn it, why didn't you tell me this earlier? I could've been a guilt-free patriot so long ago!

Re:What a REAL oppressive theocracy looks like

[Builder (103701)]

Being the second fattest chick in the bar does NOT make you skinny!

Religion as a cover for Political Censorship

[billstewart (78916)]

Pakistan isn't a theocracy. Pakistan is an occasional-democracy heavily-tribal state ruled by a military dictator who's in serious trouble trying to retain power when lots of people want to get rid of him. Musharraff is a Muslim, but his religiousity goes about deep enough to get him a Muslim funeral when he dies, if his body doesn't get blown up into too many little pieces to bother burying.

So if an Islamic court has any authority to order the PTT to block YouTube because of "blasphemy", it's because YouTube is carrying political news about the situation in Pakistan that Musharraff doesn't want people in Pakistan watching. If Iran had tried that kind of thing, that really would be a theocratic problem, but that's not the issue here. If they implemented it in a way that blocks YouTube from the rest of the world, it's because of incompetence, not malice. (That kind of thing happens a lot, usually because somebody does a bad job of router configuration, but usually ISPs filter out incorrect advertisements; their upstream provider didn't do a good enough job here.)

So in some sense it is similar to Bush in the US - pandering to the religious right wingers as a way to get radical right-wing politics done.

Re:How Does One ISP Poison Everything?

[Shakrai (717556)]

I cannot imagine that BGP allows IP-address hijacking

That's exactly what it allows, if your upstream provider isn't smart enough to filter the routes that you are allowed to announce. In theory your upstream provider won't accept any routes for IP addresses you don't own. In practice that isn't always the case, apparently.

They don't have any authority over that resource/address-space, so how and why are they allowed to create a black hole affecting the entire net?

Because their upstream provider is apparently too stupid or lazy to filter the networks they can announce. Once you get to a certain point (peering links between Tier 1 providers for example) it may be easier to just trust the people you are peering with and accept everything -- but to accept all routes announced by a leaf link is just plain stupidity. I'm really kind of surprised that this happened.

BBC said outage was only 2 hours.

[billstewart (78916)]

BBC said the outage was only for two hours.