[Outages-discussion] [outages] Google 8.8.8.8 Resolution of Route53 domains

Charles Sprickman spork at bway.net
Wed Apr 25 15:03:15 EDT 2018 

Moving to -discuss… (a second time, sent to outages-discuss@)

> On Apr 25, 2018, at 10:35 AM, Zach Hanna via Outages <outages at outages.org <mailto:outages at outages.org>> wrote:
> 
> That would require 1) the wallet company understanding the technical details of the outage (a stretch), and 2) understanding that it is preventable, and 3) how and by whom. 

I think the wallet company understands, and I think they probably felt pretty safe using one of the world’s largest DNS providers for their service.  If they thought about this they probably figured “who could hijack Amazon?” and “Google is clever, 8.8.8.8 probably can’t be fooled”.

Although I guess they didn’t think about DNSSEC, so maybe I’m all wrong. :)

   Domain Name: MYETHERWALLET.COM <http://myetherwallet.com/>
   Name Server: NS-1007.AWSDNS-61.NET <http://ns-1007.awsdns-61.net/>
   Name Server: NS-1498.AWSDNS-59.ORG <http://ns-1498.awsdns-59.org/>
   Name Server: NS-1993.AWSDNS-57.CO.UK
   Name Server: NS-73.AWSDNS-09.COM <http://ns-73.awsdns-09.com/>
   DNSSEC: unsigned

One of my clients is a customer of HE, and I’m wondering if they will have anything to say about this. I only do very small-fry stuff with BGP, but even I know that if I provide a customer the ability to speak BGP to me, I have to be paranoid and only let them announce an agreed-upon list of networks.

Anyone have any articles that look more at the two providers involved here, preferably with some statements from HE or eNet?

Charles

> 
> On Wed, Apr 25, 2018 at 12:04 AM Gert Doering via Outages <outages at outages.org <mailto:outages at outages.org>> wrote:
> Hi,
> 
> On Tue, Apr 24, 2018 at 07:47:36PM -0400, J Kibler via Outages wrote:
> > Here is a more detailed analysis of what happened:
> > https://arstechnica.com/information-technology/2018/04/suspicious-event-hijacks-amazon-traffic-for-2-hours-steals-cryptocurrency/ <https://arstechnica.com/information-technology/2018/04/suspicious-event-hijacks-amazon-traffic-for-2-hours-steals-cryptocurrency/>
> 
> Maybe that is actually good news.
> 
> Financial damages have been done, by a US company, to a US company, due
> to neglicience in BGP filtering.  This is going to be an expensive lawsuit,
> and hopefully people will start proper BGP filtering afterwards...
> 
> gert
> -- 
> "If was one thing all people took for granted, was conviction that if you 
>  feed honest figures into a computer, honest figures come out. Never doubted 
>  it myself till I met a computer with a sense of humor."
>                              Robert A. Heinlein, The Moon is a Harsh Mistress
> 
> Gert Doering - Munich, Germany                             gert at greenie.muc.de <mailto:gert at greenie.muc.de>
> _______________________________________________
> Outages mailing list
> Outages at outages.org <mailto:Outages at outages.org>
> https://puck.nether.net/mailman/listinfo/outages <https://puck.nether.net/mailman/listinfo/outages>
> _______________________________________________
> Outages mailing list
> Outages at outages.org <mailto:Outages at outages.org>
> https://puck.nether.net/mailman/listinfo/outages



-- 
Charles Sprickman
NetEng/SysAdmin
Bway.net - New York's Best Internet www.bway.net
spork at bway.net - 212.982.9800



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20180425/fbef8e25/attachment.html>

More information about the Outages-discussion mailing list