I remember the face of one guy after we chatted about lawful interception over a couple of drinks. He was visibly shaken like he has seen the hell through the door just opened before him.

These kinds of infrastructure is present everywhere, for a very long time. Just because not everyone is talking about the matter doesn't make it non-existent.

For example, in 2003, I saw how Japan monitored their network traffic in real time. It was eye opening for me, too. Technologies like DPI which required beefy servers are now trivial to implement with the right hardware.

This is all I can say.

It's crazy that it seems like we're just going in loops every decade or so. New people enter tech, mostly focus on their own stuff, after a while, it becomes very clear how "deeply intertwined US companies and the US government are", and these people now lose their trust. Eventually, things been going well for some years, so new people enter the industry, with the same naive outlook, thinking "This couldn't be true of the government we have today" yet eventually, even they realize what's going on. Rinse and repeat every last 3 decades, and that's just what I remember, I'm sure others remember even further.

If you look closely, you can see the color of the orange Cloudflare logo being slightly adjust to match a particular individual's facial color tone.

This is... hard to follow. You seem to be implying that Cloudflare is covering for USG's failed military op-sec surrounding a malicious BGP leak, and judging that this is such a bad action (on the part of Cloudflare) to undermine your trust, not only in Cloudflare, but in all companies and the US government entirely. I don't think the situation is so dire.

Cloudflare's post boils down to Hanlon's razor: a plausible benign interpretation of the facts is available, so we should give some scrutiny to accusations of malice.

Are there specific relevant facts being omitted in the article, or other factors that diminish Cloudflare's credibility? They're clearly a qualified expert in this space.

Let's assume for the sake of argument that the BGP leaks (all of them from the month of December, in fact) were the result of secret US military intelligence operations. The fact that militaries generally use cyber vulnerabilities to achieve their objectives is not news, and the US military is no exception. Keeping specific exploits secret preserves a valuable advantage over competitor states.

One could argue that Cloudflare's post helps to preserve USG's secrecy. We can't know publicly whether USG solicited the article. But even if we assume so (again assuming malice): Is Cloudflare wrong to oblige? I don't think so, but reasonable people could disagree.

Merely pointing out Hanlon's razor doesn't fundamentally change the facts of the situation. In Cloudflare's expert opinion, the facts don't necessarily implicate USG in the BGP leaks without an assumption of malice. Assuming Cloudflare is malicious without justification is just deeper belief in the conspiracy that they're arguing against.

If Cloudflare is distorting the facts, we should believe (rightly) that they're malicious. But I don't see any evidence of it.

EDIT: Clarity tweaks.

Companies in country X are often intertwined with their governments? I'm not sure this is really news.

Respectfully your comment sounds like paranoid thinking.

The section of the article pointing out the AS prepending makes it really clear the route leak is a nothing Burger.

It's incredibly unlikely this leak change how any traffic was flowing, and is more indicative of a network operator with an understaffed/underskilled team. Furry evidence is that a similar leak has been appearing on and off for several weeks.

That's not to say the US government can't, doesn't or didn't use the Internet to spy, it's just that this isn't evidence of it.

Relevant section below: > Many of the leaked routes were also heavily prepended with AS8048, meaning it would have been potentially less attractive for routing when received by other networks. Prepending is the padding of an AS more than one time in an outbound advertisement by a customer or peer, to attempt to switch traffic away from a particular circuit to another. For example, many of the paths during the leak by AS8048 looked like this: “52320,8048,8048,8048,8048,8048,8048,8048,8048,8048,23520,1299,269832,21980”.

> You can see that AS8048 has sent their AS multiple times in an advertisement to AS52320, because by means of BGP loop prevention the path would never actually travel in and out of AS8048 multiple times in a row. A non-prepended path would look like this: “52320,8048,23520,1299,269832,21980”.

> If AS8048 was intentionally trying to become a man-in-the-middle (MITM) for traffic, why would they make the BGP advertisement less attractive instead of more attractive? Also, why leak prefixes to try and MITM traffic when you’re already a provider for the downstream AS anyway? That wouldn’t make much sense.

[flagged]