llm/846c9a15-b41d-4838-95e2-c7f2b00a317f/topic-3-ab324344-0eab-4b70-b9bb-4419b935bca8-input.json
The following is content for you to summarize. Do not respond to the comments—summarize them. <topic> Network Security Infrastructure # Transit provider security practices, RPKI implementation, BGP route hijacking vulnerabilities, autonomous system path manipulation, route leak consequences </topic> <comments_about_topic> 1. Encrypted DNS has existed for quite a while now through DNS over HTTPS, the missing link was that to connect to a website, you first had to send the server the hostname in plaintext to get the right public key for the site. So someone listening on the wire could not see your DNS requests but would effectively still get the site you connected to anyway. The new development (encrypted client hello) is you no longer have to send the hostname. So someone listening in the middle would only see you connected to an AWS/etc IP. This will make blocking websites very difficult if they use shared services like cloudflare or cloud VPS hosting. 2. BGP is so unsecure that almost anyone can create chaos. 3. Most BGP peers have router filters in place. It's not 1996 anymore. I remember the days of logging into a Cisco connected to a Sprint T1 and seeing a coworker had fat fingered a spammer's route, sending it to null0. Oops. How did that happen? 4. I worked as a contractor for a IoT gig that sold sim cards services for buses, trains et cetera. The radio towers we used to access to obtain the accounting data (CDRs) all had the same very weak password. </comments_about_topic> Write a concise, engaging paragraph (3-5 sentences) summarizing the key points and perspectives in these comments about the topic. Focus on the most interesting viewpoints. Do not use bullet points—write flowing prose.
Network Security Infrastructure # Transit provider security practices, RPKI implementation, BGP route hijacking vulnerabilities, autonomous system path manipulation, route leak consequences
4