Early yesterday the U.S.-China Economic and Security Review Commission released its 324 page annual report to Congress. The lead story in the press has been an April 2010 BGP incident. While the underlying technical problems of BGP are well known and similar situations occur frequently, the incident is being painted ominously as a routing “hijack” that affected traffic to U.S. government websites – something which China Telecom is denying and which Renesys and Arbor Networks have done a good job of refuting. Another incident in the report, not mentioned in the press, was the March 2010 tampering of DNS responses from an i-root instance located in Beijing, which resulted in some Internet users from outside of China being blocked from reaching certain websites that are censored inside of China.
Isn't it convenient how the Chinese government's ham-handed efforts to tinker with DNS traffic is not covered by the major media, the very same morning that the U.S. Senate Judiciary Committee conveyed to vote on the Combatting Online Infringement and Counterfeits Act (COICA) – a bill which could result in similar DNS blocking?
The hypocrisy here gets only worse when one reads the section of the Commission's report on the “Spillover of China’s Internet Censorship Activities”:
“This incident, which relates to the Internet ‘‘Domain Name System’’, helps illustrate the implications of China’s effort to impose ‘‘localized’’ restrictions to something as inherently global in scope as the Internet.”
Going on to describe repeated leaking of China's DNS blocking efforts,
“These incidents do not appear to be a deliberate act of cross-border censorship from China. Rather, because of vulnerabilities in the Internet’s architecture, the faulty information likely resulted from an accidental ‘‘leak’’ of conditions intended only for a Chinese audience. Nonetheless, these events demonstrate the disregard networked systems have for national borders and illustrate ripple effects from China’s elaborate censorship activities. “
It would serve Congress (the Senate will now consider COICA on the floor) well to read the above statements, but substitute “U.S.” for “China.” Using the global DNS to implement domestic policy is a bad idea, no matter who's side your on.