| ▲ | _heimdall 2 days ago |
| The comments here surprise me a bit. The common thread so far seems to be a general fear of US based companies, but how is that relates to the article? Cloudflare's post is pretty boring here in that regard. They dig into how BGP works and propose that similar leaks seem common for the Venezuelan ISP in question. Sure they could be wrong or even actively hiding the truth of what happened here, but the article mentions nothing of Cloudflare being involved in the action and they're describing a networking standard by pointing to publicly available BGP log data. What am I missing here that everyone else seemed to zero in on? |
|
| ▲ | zug_zug 2 days ago | parent | next [-] |
| I don't think this article provides any evidence of anything to be scared of. That said, based on what we know already, there is no reason to take everything is this article at face value necessarily. Firstly, if anybody isn't aware of the history of Stuxnet, it's worth reading, because otherwise you'd underestimate the government's ability to use 0-days by an order of magnitude (we're talking full custom-written multi-month hacking projects with root-kits and custom fake drivers delivered successfully to an airgapped system, source wikipedia). Also worth learning about Dual EC DRBG debacle. Secondly am immediate friend of mine worked at a FANG company that routinely sent a firehose of all sorts of things matching all sorts of filters directly to governments. In fact many ISPS have back-doors built in and that's not really disputed (wikipedia: room641A). So the question to ask yourself is -- if this was a deliberate interaction that cloudfare was required to participate in via a warrant, would they legally even be allowed to publish a blog post that contradicted this? So I think that is probably the default attitude of skepticism you are seeing, which in my opinion is a good default. Plus the primary claim of this article "Look it wasn't 1 routing issue, it's been happening for even longer! Therefore nothing to look at here!" seems really weak. |
| |
| ▲ | nucleardog 2 days ago | parent | next [-] | | > So the question to ask yourself is -- if this was a deliberate interaction that cloudfare was required to participate in via a warrant, would they legally even be allowed to publish a blog post that contradicted this? So you're proposing they could be in a situation where they can either: 1. Publish an untruthful blog post, relying on public data available from multiple parties, trying to somehow explain it all while avoiding talking about their involvement in a way that would get them in PR, legal or political hot water; or 2. Publish nothing. And they chose #1? The only way #1 makes any sense at all is if some greater consequence to not publishing was put in place. But that would be more something like "the US gov essentially forced Cloudflare to write this" than "Cloudflare was part of this". Unless they were part of this, _and_ the government forced them to write a post saying they're _not_ part of it and... For my money: this is something in the news making it a good marketing opportunity which is ultimately what the blog is--trying to market Cloudflare and the brand to technical crowds. | | |
| ▲ | neom a day ago | parent | next [-] | | For me number 1 is difficult basically because of who runs Cloudflare. I trust Matthew Prince because I find him to be: consistent and credible. I work in go to market, specifically for businesses like Cloudflare, I can and have said "this real world situation is going to have resonance for the next 5-10 days, what is the lowest cost blog post you could publish that is related?" - because I only manage teams who produce content that is genuinely, at some level, value add or interesting to my target market, you would end up with a blog post exactly like this. In fact, this blog post is doing that job, here we are, cloudflare users, discussing cloudflare. | | |
| ▲ | pamcake a day ago | parent [-] | | Does it work out if we imagine that Prince and/or the person who wrote the post don't have the full picture of Cloudflares own involvement? | | |
| ▲ | neom a day ago | parent [-] | | It becomes nuanced doesn't it? First thing is: to trust him fully is to understand what it means to trust him... that he knows his business well enough that he can intuitively feel things are wrong. That comes from not being checked out, so: he knows who is in his company and why, he knows the types of projects happening in his business and why, he has easy levers to gain real time information when something feels wrong, and - he monitors his business correctly. I trust Matthew because I know him, so I believe all those things are true. The final part is that trust is also about knowing that mistakes happen, and that they are being: sought out, addressed and owned. So when I say I trust him, it's because I believe everything aforementioned - it makes your scenario safe, at least to me. |
|
| |
| ▲ | DANmode a day ago | parent | prev [-] | | > if some greater consequence to not publishing was put in place. Such as, losing trust, due to this being the one postmortem you don’t write about? |
| |
| ▲ | zozbot234 2 days ago | parent | prev | next [-] | | > "Look it wasn't 1 routing issue, it's been happening for even longer! Therefore nothing to look at here!" seems really weak. It's actually really strong since it implies that there's no real time-based correlation with the recent action in Caracas. Especially as the purported correlation was rather weak to begin with. | |
| ▲ | HeyLaughingBoy a day ago | parent | prev | next [-] | | It's even older than Stuxnet, but either Dish Network (Echostar) or DirectTV did something similar in the early 2000's/late 90's. They were having a lot of trouble with pirate receivers, so they added small chunks of code to normal device updates and this went on over a period of weeks/months. On the final update, it stitched all those bits of code together and every receiver that wasn't a legitimate one displayed the message "GAME OVER" on the screen and stopped working. Obvs it was a long time ago so forgive me if I get some details wrong. | | | |
| ▲ | Aloisius a day ago | parent | prev | next [-] | | I looked at this a couple days ago and my thoughts were basically the same as Cloudflare's. It looks like a misconfiguration - one that's easy to make and isn't terribly uncommon. I can't rule out it wasn't an attack, but absent some other evidence, I don't see any reason to believe it was one. That said, looking at their Cloudflare radar page now for AS8048, I don't recall there being any other BGP route leaks listed there for December from AS8048 and I definitely don't recall there being any BGP origin hijacks listed. The latter is something rather different from a route leak - that looks like someone blackholing some of CANTV's IPs. I don't think I somehow just missed that since I definitely looked at CANTV's historical behavior to see if anything they did was unusual and that would have been one of the first things I checked, but perhaps they updated radar with data from other collectors or re-ran anomaly detection on historical data. | |
| ▲ | halJordan 2 days ago | parent | prev [-] | | Ah yes, and we're back into "but my buddy told me " if you have to say that then your story just isn't worth saying or hearing and you should reconsider how impervious you are to conspiratorial thinking | | |
| ▲ | aftbit a day ago | parent [-] | | The one thing they relied on "my buddy told me" for is actually not really in dispute as they say. Between CALEA, the Snowden leaks, and the earlier stuff (like the beamsplitters in Room 641A), we have known clearly based on a number of public and verifiable sources that the US government has its fingers deeply into the data streams that flow through US companies. This is a reasonable inference even absent all of this information. Now ... I don't think any of this actually supports the parent comment's implication that Cloudflare took some anti-Venezuela action at the request of the US government, just that your criticism is kinda unfounded. |
|
|
|
| ▲ | xocnad 2 days ago | parent | prev | next [-] |
| I share your view - how does this article imply US companies and/or government involvement? If there were such involvement what aspect of BGP gives the US entities more ability to carry this out vs other nefarious actors? I ask this sincerely knowing almost nothing about BGP and wanting to learn... |
| |
| ▲ | jeroenhd 2 days ago | parent [-] | | You may have missed https://news.ycombinator.com/item?id=46504963 a few days ago where this same anomaly was discussed and American government involvement was directly implied by the article. | | |
| ▲ | Ajedi32 2 days ago | parent [-] | | The top comment of that thread points out exactly the same thing this Cloudflare article does; that there doesn't really seem to be be any indication this was anything nefarious. |
|
|
|
| ▲ | ffsm8 2 days ago | parent | prev | next [-] |
| Probably because most people only read headlines (and maybe 3 paragraphs) combined with the fact that the US has a long history of doing what people are condemning them for, even if this particular instance probably wasn't a case of such behavior. Especially considering how the general sentiment towards the US has gotten bitter with constant threads of invasion of Denmark and Canada by their government. Or it's just Russian and China socket accounts? Who knows... |
|
| ▲ | jeroenhd 2 days ago | parent | prev | next [-] |
| There was another post a few days ago that suggested a connection between the American invasion of Venezuela and the BGP anomaly: https://loworbitsecurity.com/radar/radar16/ Combine that with the news of Trump publicly admitting that the US is willing to take military action to bring other countries in line, even against their own allies: https://edition.cnn.com/2026/01/06/politics/us-options-green... Personally, I don't think the Americans would bother hide their attack and make it look like an accident under the current regime. Trump would announce the CIA/NSA/FBI/whatever did the Greatest Attack, and Amazing Attack, to Completely Control and break the Weak Government of Venezuela to Rescue Their Oil. I'll believe the "it was just a misconfiguration" explanation for now. I think it only makes sense that people start fearing the influence of American companies given the current developments. When America is in the news, it's either threatening someone, pulling out of cooperative efforts, or delivering on a previous threat. That's bound to derail discussions whenever American companies are involved and it'll only get worse with the way things are developing. |
| |
| ▲ | k12sosse a day ago | parent [-] | | That's what I find interesting about the billionaire elite standing behind el presidente, like, sooner or later he'll be gone and you guys -and your companies- won't. There's been no more compelling argument to actually overtax the rich to give to the masses than the last 13 months. Eat the rich. History won't forget. |
|
|
| ▲ | appreciatorBus 2 days ago | parent | prev | next [-] |
| I think it’s just bog standard, “USA bad, not USA good” thinking. |
|
| ▲ | 2 days ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | caycep a day ago | parent | prev [-] |
| I mean, it's the context around the article...based on recent events... |
