The RAD paper's random decoy placement is heavily biased in favor of the censor: 86.2% of all Internet ASes are edge ASes with customer cone size 1, so random selection rarely hits transit ASes. Replacing random with sorted-no-ring placement (decoys chosen from ASes that appear most on adversary BGP routes) disconnects China from 30% of Internet destinations using only 2% decoy coverage, versus the 4% disconnection reported in the original RAD paper.

Under the RAD attack a large fraction of China's routes to Internet destinations shift to non-valley-free (NVF) paths, which impose direct monetary costs because ASes must pay for traffic they would normally earn revenue transiting. Among valley-free paths that survive, 6%–21% switch to less-preferred (more expensive) routes, 20%–43% become longer, and average path length increases by 1.12×–1.40× depending on placement strategy.

§VII-B, §VII-C evaluation

Even under the most censor-favorable (random-no-ring-1) decoy placement, launching the RAD attack increases average Internet route latency from China by over 4×; under strategic placements the average latency increase factor reaches 8×. These increases arise because RBGP is forced onto lower-capacity, less-popular transit ASes even when path hop-count is unchanged.

§VII-C, §I evaluation

The feasibility of the RAD attack scales sharply with the censor's network connectivity. Strategic placement of decoys in just 1% of ASes disconnects China from 18% of Internet destinations, Venezuela from 54%, and Syria from 87%. Countries with fewer controlled ASes and ring ASes have dramatically less routing flexibility and are far more vulnerable to even small decoy deployments.

§I, §VII evaluation

The RAD attack requires converting a large number of Chinese edge ASes into transit ASes: placing decoys in 2% of global ASes (random-no-ring-1, China-World scenario) forces 59 edge ASes to become transit ASes, nearly doubling China's 30 existing transit ASes. One Chinese transit AS must carry approximately 122× its normal load; the abstract reports a peak of 2,800× in a more aggressive scenario, a threshold the paper considers operationally infeasible.

§VII-D evaluation

Article 19 documents that Iran's National Information Network (NIN / SHOMA) was designed with explicit reference to China's Great Firewall as a model, with institutional mirroring: Iran's Supreme Council of Cyberspace parallels China's Cyberspace Administration of China, and both governments share a "cyber sovereignty" doctrine used to justify domestic content controls and cross-border technology transfer. The report frames Iran's filtering infrastructure as deliberately architected to replicate GFW capabilities, not as an independently developed system.

2026-article19-tightening-the-net §2, §3 dpisni-blockingdns-poisoningip-blockingbgp-hijackthrottling

On March 28, 2022, Russian ISP RTComm (AS8342) hijacked Twitter's IPv4 prefix 104.244.42.0/24 for approximately 45 minutes (12:05–12:50 UTC) and announced it to the global Internet as a blocking measure. The hijack was blunted because Twitter had preemptively registered RPKI route origin authorizations (ROAs) for its prefixes, causing RPKI-validating ASes worldwide to reject the hijacked route.

2023-ramesh-network §4.3 bgp-hijackasn-blackholing

On Feb. 5, 2021, Campana Mythic (AS136168) announced Twitter's 104.244.42.0/24 prefix—apparently intending to blackhole Twitter traffic locally as part of the national Twitter block—but the route leaked to operators in Singapore and Vietnam, causing collateral disruption for Twitter users outside Myanmar. This accidental BGP leak corroborates evidence that Myanmar ISPs were independently implementing IP-level censorship without a centralized national kill switch.

2021-padmanabhan-multi-perspective §3.4 bgp-hijackip-blocking

For China (a highly connected, routing-capable adversary), the gossip protocol combined with any symmetric decoy routing design requires only 5 heavyweight downstream stations plus 880 lightweight upstream gossip stations — versus 880 heavyweight stations for purely symmetric designs. Five downstream stations alone impact 78% of routes from Chinese users, while a single downstream station already covers nearly 25% of traffic.

2018-bocovich-secure Table 2 / §3.2 bgp-hijack

Any one of five Indian ASes — each needing control of only its BGP-speaking routers — can individually censor traffic for all ~896 Indian ASes via IP prefix hijacking. For example, AS4755 (Tata Comm.) fake advertisements can impact 955 ASes total (896 Indian + 41 foreign); AS9730 (Bharti Telesonic) requires as few as 7 edge routers to execute such an attack.

2017-gosain-mending §4.3, Table 4 bgp-hijack

If India deployed centralized filtering at its key ASes, approximately 121,931 foreign-origin paths (1.15% of all Internet paths to censored sites worldwide) that transit Indian ASes would experience collateral blocking, affecting non-Indian users in Finland, Hong Kong, Singapore, Malaysia, the US, and elsewhere who have no connection to Indian censorship law.

2017-gosain-mending §4.1, §4.4 ip-blockingbgp-hijack