IT pede here in networking, not nearly on the level of FB though...from what I can see from sources, this isn't an issue with the BGP being hijacked or rerouted like can happen sometimes. It looks like as you said, the records have been completely withdrawn. If that's the case, there's only a couple things I can think of that caused that to happen:
There is some sort of hellish attack specifically targeting FB that went on using a method that no one's aware of yet. If this is the case then shit is scary as hell as it means that someone has basically found a "kill switch" for large Internet services.
Someone super high up at FB went rogue and pulled the routing tables.
Someone with just-high-enough levels of access to their system pushed out an update that is literally the perfect storm of stupid that cascaded and took down their entire networks. If this is the case then FB has a gaping design hole bigger than the one in between a Vegas hooker's legs and should never be trusted for anything again.
Also IT pede: 100% concur. Pulling the records from the Root Servers could only be intentional, though. BGP has nothing to do with DNS. But I want it to be (2) and (4) together, please...
Absolutely nothing would surprise me at this point. Would they do it intentionally and pre-emptively? Absolutely. Remember the email tale of Hillary and the hammers? I put NOTHING past them.
Yeah I have to admit I only know the fundamentals of BGP. But my thought is that it most likely isn't internal, or if it is then it's an inside job or some kind of inside control. We're talking about one of the largest infrastructures in the world here. You're going to have failovers, you're going to have failovers for those failovers, and then you're going to have "oh shit" levels of failover that will at least allow internal routing. But from the sounds of it their internal systems are down too...door locks not working, keycards being down, messaging systems down...
One failover server going out is a big inconvenience. Two is a coincidence. Three is a catastrophe. Every single one going down is planned.
That's if it's from the inside though. If it's from the provider end, then someone would have either have to have given the order to shut it down or someone would have to have control from the provider side of things. Which could be a sign of very very very bad things if that's going on and whitehats aren't in control of this.
So for the big guys each isp can run a "local" server. For example, a gov't level sip will run Google servers on their network, to help with load balance, accessibility, and the like. Some of these networks could have a dozen servers distributed across the state, more often more. Gives redundancy, speed, and service. This is PER ISP. FB can have servers all over too. Many servers just do distribution, they dont serve to customers, theyre just running backend sharing to keep everything up to date. With load balancing, you are talking about hundreds, thousands of servers, with legions of switches, routers, and thousands of DNS servers spread all over for support.
The redundancy built into this is rediculous. No random hacker group or script kiddie did this.
Who could do this:
Larger gov't agencies -
Space Force- yes
CIA or FBI/DHS...maybe? Remember, these slovenly agencies have had many of their military & tech assets pulled, so possibly still reeling from the loss. Thank you Trump.
FB itself - yes
China.....eh, maybe
Any European country.... Maybe
England?
Russia...probably...maybe?
Mafia - no.
Competitive companies....yeah like who is big enough to take that on....Microsoft? Google? Allies screwing each other?
Patriots, no group I know of, but that isn't surprising.
Yep. The only way that it could be "hacking" isn't by attacking BGP like some people are claiming. Someone would either have to have found a way to breach FB so badly that they have full control of the most critical part of their infrastructure and take it down from inside (not likely). Or they'd have to have control of either the BGP provider or the global root servers. Slightly more likely I suppose but way more scary.
Couldn’t say, haven’t been monitoring threatmaps. Doesn’t fit their MO in my opinion. Usually them and China like DDoSing stuff to death. Methinks if this is an external attack it’d have to be extremely precise with a high likelihood of someone internal being involved to assist.
Physically haD to pull the routing tables? Oh boy, folks, we were told, I hope it smashes em to shit. Deep state voluntary link analyisis collection device.
IT pede here in networking, not nearly on the level of FB though...from what I can see from sources, this isn't an issue with the BGP being hijacked or rerouted like can happen sometimes. It looks like as you said, the records have been completely withdrawn. If that's the case, there's only a couple things I can think of that caused that to happen:
There is some sort of hellish attack specifically targeting FB that went on using a method that no one's aware of yet. If this is the case then shit is scary as hell as it means that someone has basically found a "kill switch" for large Internet services.
Someone super high up at FB went rogue and pulled the routing tables.
Someone with just-high-enough levels of access to their system pushed out an update that is literally the perfect storm of stupid that cascaded and took down their entire networks. If this is the case then FB has a gaping design hole bigger than the one in between a Vegas hooker's legs and should never be trusted for anything again.
IS HAPPENING.
That's all I can think of.
Also IT pede: 100% concur. Pulling the records from the Root Servers could only be intentional, though. BGP has nothing to do with DNS. But I want it to be (2) and (4) together, please...
Do you think theyd do this preemptively to cover crimes?
Im talking back door pay to play pages on their site to CP. Putin called them out on this a few days ago.
Could be done intentionally to establish a record of failure on advance of communication blackout
No.
This is either gov't level temp shutdown, or some internal strife took it down for a while. 2 or 4. But not exactly either.
Absolutely nothing would surprise me at this point. Would they do it intentionally and pre-emptively? Absolutely. Remember the email tale of Hillary and the hammers? I put NOTHING past them.
Yeah I have to admit I only know the fundamentals of BGP. But my thought is that it most likely isn't internal, or if it is then it's an inside job or some kind of inside control. We're talking about one of the largest infrastructures in the world here. You're going to have failovers, you're going to have failovers for those failovers, and then you're going to have "oh shit" levels of failover that will at least allow internal routing. But from the sounds of it their internal systems are down too...door locks not working, keycards being down, messaging systems down...
One failover server going out is a big inconvenience. Two is a coincidence. Three is a catastrophe. Every single one going down is planned.
That's if it's from the inside though. If it's from the provider end, then someone would have either have to have given the order to shut it down or someone would have to have control from the provider side of things. Which could be a sign of very very very bad things if that's going on and whitehats aren't in control of this.
Sorry for not having the correct terms.
So for the big guys each isp can run a "local" server. For example, a gov't level sip will run Google servers on their network, to help with load balance, accessibility, and the like. Some of these networks could have a dozen servers distributed across the state, more often more. Gives redundancy, speed, and service. This is PER ISP. FB can have servers all over too. Many servers just do distribution, they dont serve to customers, theyre just running backend sharing to keep everything up to date. With load balancing, you are talking about hundreds, thousands of servers, with legions of switches, routers, and thousands of DNS servers spread all over for support.
The redundancy built into this is rediculous. No random hacker group or script kiddie did this.
Who could do this:
Larger gov't agencies -
Space Force- yes
CIA or FBI/DHS...maybe? Remember, these slovenly agencies have had many of their military & tech assets pulled, so possibly still reeling from the loss. Thank you Trump.
FB itself - yes
China.....eh, maybe
Any European country.... Maybe England?
Russia...probably...maybe?
Mafia - no.
Competitive companies....yeah like who is big enough to take that on....Microsoft? Google? Allies screwing each other?
Patriots, no group I know of, but that isn't surprising.
For those saying hacking:
Yep. The only way that it could be "hacking" isn't by attacking BGP like some people are claiming. Someone would either have to have found a way to breach FB so badly that they have full control of the most critical part of their infrastructure and take it down from inside (not likely). Or they'd have to have control of either the BGP provider or the global root servers. Slightly more likely I suppose but way more scary.
You think maybe Russia could be behind this? They were warning Fakebook last week about CP being on their network.
Couldn’t say, haven’t been monitoring threatmaps. Doesn’t fit their MO in my opinion. Usually them and China like DDoSing stuff to death. Methinks if this is an external attack it’d have to be extremely precise with a high likelihood of someone internal being involved to assist.
Occam's razor says #3. I hope for #4.
Physically haD to pull the routing tables? Oh boy, folks, we were told, I hope it smashes em to shit. Deep state voluntary link analyisis collection device.