"After Being Cut From Norway, The Pirate Bay Returns From North Korea" or is it just BGP Tricks
Bacon Zombie
baconzombie at gmail.com
Mon Mar 4 13:43:05 PST 2013
The Pirate Bay have released a press release that they are now hosted
out of North Korea:
"The Pirate Bay has been hunted in many countries around the world.
....This is truly an ironic situation. We have been fighting for a
free world, and our opponents are mostly huge corporations from the
United States of America, a place where freedom and freedom of speech
is said to be held high......
...We believe that being offered our virtual asylum in Korea is a
first step of this country's changing view of access to
information......."
http://falkvinge.net/2013/03/04/after-being-cut-from-norway-the-pirate-bay-returns-from-north-korea/
https://thepiratebay.se/blog/229
But there is a lot of debate on Reddit that they are not really in
North Korea and just doing some BGP trickery:
"Anyone can hijack an AS number and not cause any issues for the real
user b� In this case The Pirate Bay set up a Sat dish in Phenom Penh,
Cambodia b� Intelsat gives them a BGP session there.
The peer net for BGP handoff is 175.45.177.217/30, .216 is Intelsats
side and .217 is The Pirate Bayb�s.
One can use ANY IP they wish for these handoffs, internal, their own,
b�hijackedb� b� In this case The Pirate Bay b�hijackedb� 2 IPs from the
North Korean network which does not matter for them as this is only
acessible from their side, not from the internet.
TBP then injected AS131279 as peer in the upstream table b� so it does
not look like this:
AS22351 b� AS51040
But instead:
AS22351 b� AS131279 b� AS51040
This is possible because either Intelsat does not filter BGP
announcements (unlikely) or TBP wrote a fake LOA for this AS (likely).
Now as we traceroute the TBP IP we see the /30 subnet used for the
handoff in Phenom Penh, which is why TPB says it is in North Korea b�
The ICMP (ping) reply from the IP makes it seem legit but does
actually come from and entirely different network (aka the real
Star-KP network).
(Theres some more but i spare you that as it is pretty technological b�
for example that AS131279 does not hand over AS51040 routes to
AS4737)."
http://www.reddit.com/r/technology/comments/19nb00/after_being_cut_from_norway_the_pirate_bay/
Anybody have an input on this and able to confirm or deny the claims
of BGP Hijacking?
--
BaconZombie
LOAD "*",8,1
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list