Thoughts On the Big Google BGP Leak

I had lunch with a talented Japanese web programmer recently. After tying up loose ends on a long-term web site makeover we talked about the web and the constant march of tech, but something was bothering him.

“I don’t trust things anymore,” he said. “Not after that BGP leak last August. It’s not right that one company (Google) can just shut down the internet in Japan and walk away. It’s not right they have that much power over us.”

He was talking about the big BGP leak  (Border Gateway Protocol) that shut down major parts of the Japanese internet including Apple Pay Suica iCloud services and online trading services. Japanese customers were locked out of their day trades with no explanation.

NHK and other Japanese media reported that Google apologized for the leak but I never found trace of it on any Google site. People criticize Apple for not communicating things but Google makes Apple a paragon of clear and responsible communication by comparison.

Since then nothing has been discussed by Google who initiated the leak, or Verizon and NTT Communications who propagated it. Web programmers in Japan are naturally worried because they want to prevent the same disaster from happening again, or catching blame for something they are not responsible for.

To put it bluntly, if big American traders had been affected by the BGP leak the world would have heard all about it and Google would be jumping through hoops. Japanese are expendable in a way that big American traders are not.

It goes much deeper than that. Nick Heer is one of the few people writing about this issue.  He warns of too much internet power being consolidated in the hands of a few American companies:

 Of the many serious flaws in the infrastructure of the internet is that most of it is powered by private corporations, many of which are based in the United States. Due to network effects, we have consolidated much of the web around just a handful of them…

There is a lot at stake here. People should be concerned.

UPDATE: China Telecom spoofing the BGP protocol to poison internet routes to suck up massive amounts of American and Canadian internet traffic for intelligence analysis is, yet another, huge security story that nobody talks about.