BGP Security, a fragile foundation?
So yet again we have a round of press concern about the security of the Internet infrastructure. This time the concern is BGP.
And yet again the press is asking why nobody knew about it &ct. &ct. And yet again the answer is that this problem was known and work has been underway to fix it for a very long time. I discuss the problem of fixing BGP security in my book The dotCrime Manifesto. I have been in meetings discussing BGP security at the IETF and elsewhere over the past four years.
As with the DNS security issue, there is a real vulnerability that we need to fix, but the significance of the vulnerability is much less than is being made out. The criminals have also known about the vulnerability and have found it less profitable than other techniques.
The biggest risk from a network layer attack is that the perpetrator would redirect traffic going to a bank site or an online store to their own site. This particular risk was addressed in 1995 when SSL was introduced. We knew then that the DNS and the BGP layers might be compromised and SSL security was designed to be secure even if an attacker had complete control over those layers. Public key cryptography is a very powerful tool, we do not have to secure the lower network layers in order to achieve security at the application level.
There is a residual risk from a network layer attack, while banks and online stores are usually protected by SSL, many popular sites are not. If an attacker redirects one of those sites they could drop malware such as a keystroke logger onto incorrectly configured machines attempting to visit the site.
What is to be done? Well in the first place, people must take care to only accept requests to install software on a machine if the code is signed by a trustworthy provider. And if you are running Windows, upgrade to Vista and take advantage of the six years of extra effort Microsoft have put into security design since XP. The Vista code base is much more robust than XP in my experience: I have run it for over a year now and the only issues I have had have been caused by faulty hardware.
