|
|
|
|
|
|
by JadeNB
1712 days ago
|
|
|
> If you are certain in this argument, then you master electric switch is dangerous because you could switch off the power to your house. This seems like a response to an argument I haven't made yet! (All else aside, if you prebut my argument, it allows me not to make that argument.) Sure, it's possible to do dangerous things with BGP; that alone is not why I say it's possible to use it dangerously. What is dangerous is the fact that a small and apparently innocent change can have such far-reaching consequences—for example, I'll bet there was no serious consideration at Facebook of not being able to open electronic door locks in the case of an apparently innocent BGP update. I don't consider my master electric switch dangerous because I could switch off the power to my house. I would consider it dangerous if, after switching off the power to my house, I was ejected from my house, and could no longer open the doors of my house to get in and switch the power back on. |
|
|
If that was actually the case, a lot of heads at FB should roll over this. The logic is simple and obvious, and if the sysadmins and network admins didn't think about this line of thinking then they're overpaid:
1) Our door control system is accessed via a public IP/address, not via an internal/private address.
2) Accessing our public IPs/addresses is dependent on BGP and DNS not getting borked.