All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Aruba announced stolen IP space from Santrex for the Italian Military Police
This is a first, as far as I know. No other institution in the world has "forced" an ISP to do this before. Or at least it hasn't been discovered, well.
This is exactly what happened on July 3rd, 2013 when after nine earlier outages that year, the Santrex IPv4 prefix 46.166.163.0/24 became permanently unreachable. The Wikileaks document described how the Italian ROS reached out to Hacking Team to work together on recovering the VPS server that ran on 46.166.163.175. [...]
A plan then was devised to make the prefix 46.166.163.0/24 reachable again by announcing it in BGP. Since the prefix wasn’t announced by Santrex (AS57668) anymore, originating it from a different AS should make the network reachable again. The Wikileaks documents show how ROS worked with the Italian network operator AS31034 (aka Aruba S.p.A) to get the prefix announced in BGP and bring up a new “Anonymizer” server with the IP address 46.166.163.175. ROS also was hoping that other Italian ISPs wouldn’t filter that hijacked announcement.
When we look at historical BGP data we can confirm that AS31034 (Aruba S.p.A) indeed started to announce the prefix 46.166.163.0/24 starting on Friday, 16 Aug at 2013 07:32 UTC.
Comments
I saw that yesterday and it just made me think that despite the brilliance of the original internet design, we never got around to finishing the details. This, and the BGP crash last year make me wonder why this kind of vulnerability has not been more targeted by state actors.
And why did Aruba's upstream update their filters to permit them to announce this space?
Maybe they weren't filtering in the first place? Maybe Aruba presented a falsified LoA?
@Nyr - Aruba is too small to not be filtered.
Because there could be very serious consequences if they started to hijack already announced IP space and in the case of Aruba, non-national upstreams wouldn't allow it (I hope).
The plain internet is insecure. Only an encrypted layer above in an unbreakable mesh kind of network, with random routing and packets following various routes to be assembled only at the destination will be secure enough to force police states to do real police work, i.e. undercover ops, sting operations, instead of simply forwarding an email to an ISP or simply hijacking your traffic.
We will see then, how will they prioritize their staff, undercover ops to fight democracy and freedom of speech, or real criminals? We already see that today, but will be much more obvious then.
Did the Carabinieri succeed in their operation? Have they got what they wanted?
Also, this is another prime example of "above the law" behavior that caused riots and shit like that
This does not matter, when the police behaves like thugs, whether they work for the community or against it becomes irrelevant.
Most likely, since the C&C IP was routed successfully. The saddest part is: upstreams will probably not care much about this news and Aruba will have nearly zero consequences as long as they keep paying for their bw.
It's almost like most upstream ISPs are just large evil corps who only want money.
My asshatery aside though, it is unfortunate.