Comment by greyface-

19 hours ago

How feasible would it be for the host under measurement to introduce additional artificial latency to ping responses, varying based on source IP, in order to spoof its measured location?

13 comments

greyface-

Reply
rnhmjoj  8 hours ago

Traceroutes are already notoriously hard to interpret correctly[1] and yes, they can be trivially spoofed. Remember the stunt[2] pulled by tpb to move to North Korea? If you are an AS you can also prepend fake AS to your BGP announcements and make the spoofed traceroute even more legitimate.

I wonder if this thing will start a cat and mouse game with VPNs.

[1]: https://news.ycombinator.com/item?id=5319419

altairprime  18 hours ago

Courtesy of Xfinity and Charter overprovisioning most neighborhood’s circuits, we already have that today for a significant subset of U.S. Internet users due to the resulting Bufferbloat (up to 2500ms on a 1000/30 connection!)

  • vitus  15 hours ago

    You probably meant to say oversubscribing, not overprovisioning.

    Oversubscription is expected to a certain degree (this is fundamentally the same concept as "statistical multiplexing"). But even oversubscription in itself is not guaranteed to result in bufferbloat -- appropriate traffic shaping (especially to "encourage" congestion control algorithms to back off sooner) can mitigate a lot of those issues. And, it can be hard to differentiate between bufferbloat at the last mile vs within the ISP's backbone.

TZubiri  15 hours ago

>varying based on source IP,

Aha, that's what you would think, but what if I fake the source of the IP used to do the geolocation ping instead!