Facebook ChinaWe have another proof that things what we are writing here about are real. That your IP, your data flow, and your identity it is not something one can take lightly. Your data is in China.

Useful tip: use an antivirus software

Everyone knows that it is important to use antivirus software. That browsing internet without one can be risky as your computer might get infected and someone might steal your data or even identity.

A bit fewer people know that it is quite useful to also use something called firewall. If their system has something like that as a default than they do have it, if not… well… chances for this extra bit are small. Now, when it comes to awareness of our data flow, we are talking disaster.

There is a small group (well, maybe not that small but still it is not the majority of users) who do realize that they need this third part of the software to stay invisible. Most of the time these people use P2P networks, torrents and do know that it might not be that healthy for them to do it under their own IP address. They also know that best way to ensure no one knows what they are downloading/uploading and from/to whom is to encrypt their traffic. This allows them to stay hidden or access websites (with disguised IP from a different country) that are normally unavailable in their location.

The Internet is just not a trusted network

But the truth is the majority of people who do not use torrents, do not try to access “geo-blocked” websites even if told about the risks, that “the Internet is just not a trusted network” say: “Me? I do not need it. I only visit Facebook, send e-mails to friends… you know… normal stuff”. Well, this does not matter. You are still at risk! You are always at risk and if you do not take care of it yourself then only you are to blame for the trouble.

In recent days a lot of normal internet users (AT&T customers in this case but this might happen [and probably already did] to any ISP) who just wanted to access their accounts on Facebook did it but with a small detour of their unsecured data flow.

“Quietly this morning customers of AT&T browsing Facebook did so by way of China then Korea. Typically AT&T customers’ data would have routed over the AT&T network directly to Facebook’s network provider but due to a routing mistake, their private data went first to Chinanet then via Chinanet to SK Broadband in South Korea, then to Facebook. This means that anything you looked at via Facebook without encryption was exposed to anyone operating Chinanet, which has a very suspect Modus operandi.

This morning’s route to Facebook from AT&T:
route-server>show ip bgp 69.171.224.13 (Facebook’s www IP address)
BGP routing table entry for 69.171.224.0/20, version 32605349
Paths: (18 available, best #6, table Default-IP-Routing-Table)
Not advertised to any peer
7018 4134 9318 32934 32934 32934

  1. AT&T (AS7018)
  2. Chinanet (Data in China AS4134)
  3. SK Broadband (Data in South Korea AS9318)
  4. Facebook (Data back to US 32934)

Current route to Facebook via AT&T:
route-server>sho ip bgp 69.171.224.0/20
BGP routing table entry for 69.171.224.0/20, version 32743195
Paths: (18 available, best #6, table Default-IP-Routing-Table)
Not advertised to any peer
7018 3356 32934 32934, (received & used)

  • Should Facebook and or AT&T have notified their customers that their personal information was flowing over a network that they may not trust?
  • Should Facebook enable SSL on all accounts by default?
  • Was this actually a privacy breach or just the way the Internet functions?
  • Does Facebook have an ethical responsibility to buy additional IP connectivity to major broadband and mobile networks to prevent routing mishaps?
  • Is it time to focus on new options within BGP to prevent high profile sites from routing to non-authenticated networks?

[…]

What could have happened with your data? Most likely absolutely nothing. Yet, China is well known for its harmful networking practices by limiting network functionality and spying on its users, and when your data is flowing over their network, your data could be treated as any Chinese citizens’. Does that include capturing your session ID information, personal information, emails, photos, chat conversations, mappings to your friends and family, etc? One could only speculate, however it’s possible.

[Simply, we do not know what China will do with data of thousands of users, we do not know what kind of information you might have been sending in your wall posts, messages, etc. The point is you should not worry about it. Since all of us use antivirus software and we do not expect our ISP to take care of it, why do we expect ISP’s and websites (random) we visit to secure our data if we do not care about it?]

This brings up a lot of questions:

This happens all the time — the Internet is just not a trusted network.Yet, I prefer to know that when I am on AT&T’s network, going to US located sites, my packets are not accidentally leaving the country and being subject to another nation’s policies. I guess that’s why you should not use Facebook in “bareback” mode and use HTTPS (SSL) any time you can.”

This might happen to anyone, anywhere. What will be the outcome? Who knows? If big ISP’s have problems and make mistakes like that what about millions of free Wi-Fi hotspots around the world? Are you sure it is always a good guy who provides the access to the internet? Are sure no one is trying to monitor the traffic and read send and received packages?

Solution:

Try to use secure connections on any device you use to browse the internet. Try to encrypt data flow, if your ISP will have a problem with monitoring your activity then so do the bad guys. Be extra careful about “free” services like VPN and proxy – remember, nothing is free! For servers like this, someone has to pay… for equipment, traffic, etc…

Use well known, commercial VPN providers. They will hide your IP, encrypt your traffic and help you maintain a high level of security and anonymity when you browse the internet. Be smart.

[via Blyon and HideIpVPN]