Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo


Unsupported browser: Your browser does not meet modern web standards. See how it scores »

{ action.text }

ISPs can take basic steps to prevent their routers from adopting bad paths. Major Internet firms should block bad routes announced by their customers. For example, if a company claims its network is a valid route to portions of the Internet, the company’s Internet provider should catch the error and stop the update. China Telecom failed to do this. In addition, Internet infrastructure companies should filter out obviously invalid announcements, Santorelli says.

A more involved proposal calls for the creation of a system of encryption and authentication that would verify the legitimacy of routing announcements. Known as Secure BGP, the technology would digitally sign BGP updates to prevent forged announcements and include information about the range of IP addresses for which a router is responsible.

These additions would eliminate the threat of network hijackings, but not without a price. Adding encryption to infrastructure technologies requires heftier processors and more memory, requiring ISPs to purchase new routers. Without a mandate from a coalition of governments or industry—which is what happened to reform the security of the Internet’s DNS system—it’s unlikely Secure BGP will be adopted. And unless it’s adopted everywhere, Secure BGP will not offer any benefits, says Renesys’s Zmijewski.

“With Secure BGP, you have a chicken and egg problem,” he says. “No company wants to be the first to adopt it, because of the costs involved.”

A more reasonable solution that offers benefits even before widespread adoption is Pretty Good BGP, a proposal from researchers at the University of New Mexico and Princeton University. That plan essentially suggests that ISPs hold any router updates for 24 hours. Since most bad updates can be fixed well before that time, it could dramatically reduce the impact of any Internet hijacking. “The waiting period would eliminate a lot of mistakes, (and) Pretty Good BGP could be implemented today,” Zmijewski says.

But there would be a downside to this method as well. It could prevent routers from responding to announcements that are designed to route around sudden failures and changes to the Internet.

5 comments. Share your thoughts »

Credit: Technology Review

Tagged: Computing, Web, Internet, China, networking, Internet filtering, routing

Reprints and Permissions | Send feedback to the editor

From the Archives


Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me