Technology Trumps ICE Domain Seizures: Browser Plugin Fix Created In Just Days
from the you-can't-stop-technology dept
As Homeland Security continues to defend the actions of ICE seizing domains names without real due process or concern for prior restraint, it's not surprising that technologists are quickly designing systems to route around such hamfisted attempts to censor websites without a trial or conviction. Apparently, a group of technologists who were fed up with such overbearing government maneuvers have created a rather straightforward Firefox add-on (Chrome support coming soon) called MAFIAAfire. What it does is pretty straightforward. If a site seized by ICE sets itself up on an alternative domain (as most of the copyright-related sites have -- contrary to claims by ICE and the MPAA), this addon will automatically redirect visitors. It even goes so far as to allow sites to pre-register alternative domains, in case ICE decides to seize their domain.The developers have more info on their website -- including a timeline. The key point, in my mind, is the timeline:
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: browser extension, domain seizures, ice
Reader Comments
Subscribe: RSS
View by: Time | Thread
I think the phrase is...
[ link to this | view in chronology ]
Re: I think the phrase is...
[ link to this | view in chronology ]
Re: Re: I think the phrase is...
[ link to this | view in chronology ]
Re: Re: Re: I think the phrase is...
[ link to this | view in chronology ]
Win
However, I'm just a bit wary of installing something which the stated purpose of is to redirect my browser away from where I thought I was going elsewhere.
I'd be curious to see what kind of controls they have in place to avoid someone from submitting a redirect request from google.com to installmalware.com.
[ link to this | view in chronology ]
Re: Win
[ link to this | view in chronology ]
Re: Win
They will also have to constantly investigate to make sure they don't include the malware installation sites or those that want to spoof a real site. How do they confirm that a request to register is from the domain's true owner?
Another problem that is introduced is how does a user decide who they can trust to download and install a plug-in?
Mozilla does check on plug-ins but if they allow Mafiaafire then why not others who look like they are legit at first. As a matter of fact my new Firefox plug-in, MalwareHelper, is much better than Mafiaafire.
[ link to this | view in chronology ]
Re: Re: Win
http://mafiaafire.com/add_site.php
We have final say as to what domains are eligable: 'Medicine' and 'replica' sites are NOT eligible.
Kiddy porn gets reported to the authorities...
[ link to this | view in chronology ]
Re: Re: Win
People can report if the site has gone rogue by clicking on the "link" as the page is redirecting.
>How do they confirm that a request to register is from the domain's true owner?
We use the same tech as Google to verify the site is owned by the person who claims so... Try adding your site and you will see how ;)
> Another problem that is introduced is how does a user decide who they can trust to download and install a plug-in?
The plugin's source is easily readable and is going to be open source...
[ link to this | view in chronology ]
Re: Re: Re: Win
[ link to this | view in chronology ]
Gulag Time
Obviously we need a 1960s gulag for economic dissidents - a place with no internet, no computers, no independent media, with one, single radio station and one movie theater that are wholly owned and operated by the RIAA and the MPAA.
[ link to this | view in chronology ]
Re: Gulag Time
Remember, it is every citizen's duty to report Entertainment License Violations to their local RIAA or MPAA office. If you hear it in a public place, it's probably illegal. Don't let the terrorists win. Do your duty!
[ link to this | view in chronology ]
Re: Re: Gulag Time
[ link to this | view in chronology ]
Re: Re: Re: Gulag Time
Remember, it is every citizen's duty to report Entertainment License Violations to their local RIAA or MPAA office. If you hear it in a public place, it's probably illegal. Don't let the terrorists win. Do your duty!
[ link to this | view in chronology ]
Re: Re: Re: Re: Gulag Time
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Gulag Time
[ link to this | view in chronology ]
Re: Re: Re: Re: Gulag Time
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Gulag Time
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Gulag Time
You have been flagged for re-education. Please report with your family to Edutainment Pod R-5622. Also you will need to bring a list of all friends and family members, even acquaintances. They will need re-education as well.
Remember, it is every citizen's duty to report Entertainment License Violations to their local RIAA or MPAA office. If you hear it in a public place, it's probably illegal. Don't let the terrorists win. Do your duty!
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Gulag Time
I am willing to settle however. I demand that you pay me $10 per infringing letter, or I will sue you for $1,000 per infringing letter.
Don't you know that ever time you infringe someone's copyrighted material a terrorist boils a puppy? Why would you do that?
Now report to your assigned re-education pod or things will get double-plus bad for you.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re: Gulag Time
Now that he has taken it from our site (stole) all other visitors wont be able to see it. Our right have been violated - can someone kindly tell us who do we talk to about getting a couple of trillion?
[ link to this | view in chronology ]
Re: Gulag Time
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Not that it matters now as they have just got a new domain.
Evidently the US government have learnt nothing from whats happening in the middle east.
Technology will always win out.
[ link to this | view in chronology ]
Re: Re:
http://en.wikipedia.org/wiki/Virtual_hosting
If it was a dedicated ip+port to begin with, it might not suffer from this problem.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Circumvention Device
"to 「circumvent a technological measure」 means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner"
Looks like it is bypassing a technological measure put in place by ICE.
[ link to this | view in chronology ]
Re: Circumvention Device
[ link to this | view in chronology ]
Re: Circumvention Device
ICE didn't put up any sort of blocking or prevention system - they did nothing to actively prevent access to the site, certainly not by adding any sort of technological measure. Instead they removed a technological measure for easily locating the site, and all this plugin does is supply another convenient way of doing that. It doesn't actually bypass anything that I can see.
[ link to this | view in chronology ]
Re: Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Circumvention Device
I'm not sure that holds water. Adding a lock to a door is security, but boarding over the door is not?
I think there is an argument here that they could make.
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
[ link to this | view in chronology ]
Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
ICE is a third party taking action on their behalf. You can have a locksmith install a lock. Nowhere in the DMCA does it state that the copyright holder has to create the technological measure they use.
[ link to this | view in chronology ]
Re: Re: Re: Re: Circumvention Device
The problem here is the government is using the Constitution, more or less, as toilet paper and it's hard to know what your rights are anymore because there is so much shit in the way now!
[ link to this | view in chronology ]
Re: Re: Re: Re: Circumvention Device
ICE DO NOT own the Domain name until a court grants it to them, they have only stopped usage of that name until a court decides one way or the other. Until that time the Site owner still owns the copyright of the DNS Name.
Whether there was alleged copyright infringing material on the site is irrelevant to the copyright on the DNS name. The only thing the ICE might have claim to is if their was an alleged trademark violation of the DNS itself, though their are easier and more legal ways to handle that with a problematic DNS name.
ICE is NOT a third party, since that means they ware acting as agents of private corporations when in fact they are Government entities acting under Government statutes for the benefit (supposedly) of the USA under what the US Congress has enacted.
If ICE is stating they are acting as agents of the Private organisations (Copyright holders) well you have more problems than just accusations of lack of due process.
[ link to this | view in chronology ]
Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Circumvention Device
I'm really interested in why you think that matters. I'm not sure it does.
"What is being bypassed is DNS and DNS is always just a first step to using the IP address directly"
That seems like a flimsy argument. You could make that argument against lots of DRM solutions. Many of them are simply ways of blocking access to content - so bypassing them is just another way of getting to a TCP/IP packet download. Unless your DRM solution was direct encryption of the content itself, the anti-circumvention clause would be meaningless.
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
They changed (usurped) DNS entries. So what? This in no way shape or form denies entry to what was originally behind said changed DNS records. They've "prevented" nothing. You cannot circumvent a block when there is no block. It's really quite simple actually.
It might be like.. perhaps.. taping over the title of a book or perhaps changing the library's DD entry for the title but leaving it on the shelf - if you really wants it.. finds it.. Yeah, hide and seek.
However, I suspect your argument is not entirely off base consider ass munch lunacy these days - thus, I'd suspect, the tool is authored by "anonymous" - the law (ICE) would, truly, have a real live, life size whac-a-mole game.
So I say go it - challenge it - bring on censorship circumvention technological advances and enhancements - bitches and hoes knows.\r
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
I believe your initial comment was a reference to DMCA. Circumvention deals with bypassing a technological measure put in place by the copyright holder. The technological measure in question, blocking the original domain name from being used to access an infringing website, was put in place by ICE. Bypassing that protection doesn't even get you to a website owned by the copyright holder. That technological measure is intended to benefit the copyright holder but I believe the circumvention can only qualify for measures put into place by the copyright holders themselves.
I am not arguing that DNS is a weak security measure. I am arguing that DNS can't be considered a security measure at all. It is just a convenience for humans and a level of abstraction allowing for IP addresses to change while the domain name remains the same. Both Linux and Windows have host files that can be used to map a domain name to an IP address. This also bypasses DNS but is intentionally designed into the OS. So, in no way could adding an entry to a host file be considered illegal circumvention. Similarly, filling in the browser's address bar with an IP address or using the Mafiaafire plug-in cannot be considered circumvention.
A couple of circumvention examples:
One of the weakest possible methods of content security is to not publish direct links to web-pages but still have those web-pages with the path name portion of the URL being sequential. Bypassing that could still be considered circumvention.
Another example concerns the NY Times paywall. Deleting cookies is one method of bypassing the paywall. It could be considered circumvention, and thus illegal under DMCA, to do that. However, most browsers all a user to deleted cookies. In fact, it is generally recommended that you delete cookies periodically. Given that, you couldn't consider it illegal to delete cookies.
[ link to this | view in chronology ]
Re: Re: Re: Circumvention Device
DNS is ONLY a database of meaningful names for humans into its corresponding numerical identifiers. ie: IP address
This is in no way shape or form a security device. It isn't even security by obfuscation. It is oNLY a form of translation from one readable format to another.
Sort of like ASCII to HEX.
Most people understand that Two Hundred and Fifty Five is written as 255.. though it can also be written as FF. DNS is really just the same thing. Makes the unreadable readable
Some people might say. Oh but what about DNSSEC.. but that is NOT about what the DNS is but more about what information is associated with the DNS entry and not of what it translates to
[ link to this | view in chronology ]
Re: Circumvention Device
[ link to this | view in chronology ]
Re: Re: Circumvention Device
[ link to this | view in chronology ]
I can imagine it pretty clearly. ICE fights endlessly and fruitlessly to keep doing what they're doing, thinking their NEXT solution to the problem will be the end-all answer.
[ link to this | view in chronology ]
Some suggestions
MAFIAAfire updates it's ruleset every time the browser starts which is inefficient and can bog the source servers down. A better implementation would be to store the ruleset, only update it every 3-5 days via subscription, and have a manual override button. Users should be able to put in their own ruleset URLs too, which would be a crucial feature if all of the 4-5 default ruleset mirrors died.
Pre-registration of alternate domain names can be a honeypot whether it's intended by the author to be one or not. Torrent-finder verified their old domain name prior to the seizure on Google Webmaster Tools, and used the "Change of address" feature after it was seized. A system like that can expedite the change fast enough without exposing the new domain name.
Finally, it's too focused on the United States even though it isn't the only country seizing domain names. Having a politically loaded name like that might get the plugin booted from the mozilla add-ons directory. I commend the author of the plugin for making it, but he should realize it's not just movie & music companies that want to seize domain names. If the EFF's plugin had a ruleset subscription feature it could serve the same purpose without so much of the baggage.
[ link to this | view in chronology ]
Re: Some suggestions
[ link to this | view in chronology ]
Re: Re: Some suggestions
This was a good first step and even if development stopped tomorrow, it has at least has brought awareness that domain name seizures can be bypassed a lot easier with a browser add-on compared to the other options that have been proposed.
[ link to this | view in chronology ]
Re: Some suggestions
[ link to this | view in chronology ]
ICE Domain Seizures...
[ link to this | view in chronology ]
Re: ICE Domain Seizures...
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Spotify
[ link to this | view in chronology ]
The work around is so damn easy its a joke
HARDY HAR HAR LOOKS GOOD ON THEM.
there all now nothing but a bunch a twisted sister lawyers form hell bent on global knowledge domination and guess what?
Mister poopy pants say you cant have it. OH say that to an american a day and watch em go postal ROFL.
[ link to this | view in chronology ]
Re: The work around is so damn easy its a joke
[ link to this | view in chronology ]
Re: The work around is so damn easy its a joke
http://www.twistedsister.com/
[ link to this | view in chronology ]
Re: Re: The work around is so damn easy its a joke
http://www.theonion.com/articles/members-of-twisted-sister-now-willing-to-take-it,6374/
[ link to this | view in chronology ]
Re: The work around is so damn easy its a joke
[ link to this | view in chronology ]
On a similar theme
[ link to this | view in chronology ]
What will happen?
Fragmentation of the DNS. ICE can only control the DNS in the US. Outside, nobody cares.
[ link to this | view in chronology ]
Duck on wheels rides again
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Tried it out
[ link to this | view in chronology ]
Prior Restraint?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Its a great idea...
This makes it easy for the common layman to find seized sites. Install the add-on, and never worry again.
So they took down your favorite site, well instant redirect, you dont have to find the new server and change your bookmark.
[ link to this | view in chronology ]
They just don't understand.
[ link to this | view in chronology ]
ICE or Vanilla Ice?
[ link to this | view in chronology ]
Hello!
I'm the guy who made the website :)
We did have help in the plugin code (a lot) so I cannot take credit for it myself (it looks nice on the site that way though...I did pay someone else for code), but I was the guy who had the idea.
Yes, a lot can be improved but it had to be _simple_.
For a pirate like me I can google, edit my hosts file and a lot of other tricks... these ICE blocks were not setup for determined guys like me but average Joe who has not idea what a hosts file is - and for the most part this is who we are targeting to install our plugin.
Better still if their tech pal/son etc installs it on their browser and forgets about it.
The reason we are not caching the "redirect list" is because if other countries (UK, Denmark) come up with a national block list it will only be as effective as the last time the user started their browser, but if we cache the list it can be blocked for days or more.
A future version would give the user the option of caching.
No donations so far so I just don't have time to create the Chrome plugin or hire someone else or do any updates - but I do not regret time/money spent or creating this.
Over 7k downloads so far - and 13k hits to the index page.
Any questions, please email us from the site.
Cheers!
[ link to this | view in chronology ]
Re: Hello!
Good on you.\r
[ link to this | view in chronology ]
Re: Re: Hello!
7k is total downloads from our site and official mozilla add-on site.
It might be slightly lower as we count all redirects to the Mozilla site as a download.
E.g: If someone clicks on download (version 1) from our site we redirect them to the mozilla site and the counter registers it as a download; this assumes that that person will install the plugin.
[ link to this | view in chronology ]
Re: Hello!
You might want to look at different subscription models though, sort of like how Adblock Plus does it, also look at alternate mirrors as well. Maybe organisations like the Pirate party in the EU, Wikileaks, Slashdot, even 4chan and other "underground" sites as alternatives to where the database can be accessed in the event (more likely than not) of the USG trying to make it in some way unlawful.
Talking about Wikileaks etc, you might want to place within your DB the wikileaks mirrors in the even that the USG (or even the BoA) has another coniption fit and tries to take it down again
[ link to this | view in chronology ]
Re: Re: Hello!
Will def look into it!
Cheers!
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
I was glad to see that in MafiaaFire's response to my comment, they said they were limiting what areas the plug-in supports. The following is a list (from Wikipedia) of ICE's responsibilities within "cybercrime" and are the categories for which ICE would use domain seizure.
* Possession, manufacture and distribution of images of child abuse.
* International money laundering and illegal cyber-banking.
* Illegal arms trafficking and illegal export of strategic/controlled commodities.
* Drug trafficking (including prohibited pharmaceuticals).
* General Smuggling (including the trafficking in stolen art and antiquities; violations of the Endangered Species Act etc.)
* Intellectual property rights violations (including music and software).
* Immigration violations; identity and benefit fraud
I assume that MafiaaFire is limiting their support to sites that only involve intellectual property rights. Is this true?
I think there is generally more support for domain seizures in most of those categories. Within each one there are controversial areas, however, with IP rights violations the entire category is controversial. Playing domain seizure whack-a-mole within the other categories might actually be useful but that won't be the case for IP rights.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
> I was glad to see that in MafiaaFire's response to my comment, they said they were limiting what areas the plug-in supports.
Absolutely.
Kiddy porn peddlers are scum, we actually hope some will sign up so we can help trace them and get them some nice cell mates.
Medicine sites are bad because fake medicine harms people. There is no way to know which are the actual "canadian medicine" sellers so all are a no-no.
Replica sites... well, while we can sympathize with the ladies for not wanting to pay the crazy prices again, its hard to say which ones are decent sellers and which ones just want to rip off people with crap... so again a no-no.
Spammers - they need their nuts in a vice (personal opinion), you can take a guess if we will allow them.
Other than that, if you are getting censored... we are (almost always) there to help. Every site will be manually approved.
> Let's suppose we can trust MafiaaFire. They say the code will be open source, so that makes trust easy.
Download our plug-in right now, rename it to .zip, open it in your fav zip program (winzip,7zip, winrar etc) see for yourself, we even left the comments as is to help you understand the scripting.
> Even so, MafiaaFire will need to stay constantly vigilant to protect against being used for nefarious purposes not actually related to intellectual property.
Thats why we have links on the plugin redirecting and on our site, our users can report a site at anytime and we do a check, any bad sites (both the main and redirected to site) gets blacklisted by us and can never come back.
> Mozilla is not going to be checking the domain name replacement lists.
Of course not, they cannot because it will keep changing. But also keep this in mind, people who download it are the ones who need to trust us, and nobody will download something like this without trusting us which is why we waited for TF to run the article before going live.
> Additionally, if Mozilla allows this plug-in how can they be sure that a developer who offers a similar plug-in can be trusted?
Because the people who use the plugin will not download from WeMayDirectYouToCrap.com
but I do get your point... it can be a bit hard.
ALL servers that supply the lists are ours (mine and friends/colleagues).
I'm a security guy (but don't work for HBGary :P) security was high on our list
[ link to this | view in chronology ]
a-holes
[ link to this | view in chronology ]