Sandia National Labs: DNS Filtering In SOPA/PIPA Won't Stop Piracy, But Will Hurt Online Security

from the more-experts-weigh-in dept

We've covered at great length the problems with DNS filtering in SOPA and PROTECT IP (PIPA) and how it will harm internet security. These concerns were first highlighted by a group of folks who are considered to be some of the foremost experts (and original architects) on DNS. The MPAA and other SOPA/PIPA startups have been trying for months to diminish these points, but have yet to find any kind of argument that makes sense. The argument they fall back on is "well, if this law breaks DNSSEC, just change the code and fix it." This represents a fundamental misunderstanding of the technoloy. That's not too surprising, coming from the MPAA, frankly. However, now, Sandia National Labs, which is a part of the Department of Energy, has sent a letter to Rep. Zoe Lofgren confirming most of the problems with the idea of DNS filtering, noting that it would make the internet less secure... and would do nothing to actually stop piracy.
It is not likely DNS filtering would be effective in blocking U.S. access to targeted foreign websites....
On the question of DNSSEC, the letter notes that slowing the adoption of DNSSEC would have significant "negative consequences" for US online security. While DNSSEC may not be fully rolled out yet, nearly everyone who understands this stuff knows that it's needed to fix key flaws in DNS. And while it takes time, simply breaking it and waiting for the next generation to rewrite it from scratch would be a mistake. Many years of careful work has gone into DNSSEC. Scrapping it for something else random is not going to help.

At this point, I don't see how any SOPA/PIPA supporters can still claim that the concerns over DNS blocking are unfounded. When you even have a major national lab saying that it's a bad idea, won't work and will be bad for online security... can the MPAA still respond with nothing more detailed than "we disagree" (which was the MPAA's actual statement at the hearing when challenged about the security problems associated with DNS blocking).
Napolitano Response Rep Lofgren 11 16 11 c
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: censorship, department of energy, dns, filtering, sopa
Companies: sandia national labs


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    A Guy (profile), 18 Nov 2011 @ 11:00am

    I am still trying to figure out who sold them on the idea of DNS censoring to begin with. Seriously, someone had to understand it well enough to tell them what it is but not well enough to understand how it works.

    It baffles me. What kind of engineers do they work with? Which incompetent consultants told them this would work?

    Oh well, their entire internet campaign has been riddled with incompetence so it's not that surprising.

    link to this | view in thread ]

  2. icon
    :Lobo Santo (profile), 18 Nov 2011 @ 11:04am

    Re: Consultants

    Perhaps it was the same guys who made the New York Times paywall...

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 18 Nov 2011 @ 11:09am

    SOPA/PIPA is tearing families apart

    So Leonard Napolitano is dead set against it, while his sister Janet is in favor of it (I presume, based on her leadership of DHS & ICE).

    Here's Hoping that they get together for Thanksgiving and Leonard helps her understand a thing or two.

    link to this | view in thread ]

  4. identicon
    hothmonster, 18 Nov 2011 @ 11:09am

    Like this

    Sandia National Labs obviously profits from the proliferation of massive pirating. We can't trust anyone whose business plan requires the massive theft of content.

    link to this | view in thread ]

  5. identicon
    out_of_the_blue, 18 Nov 2011 @ 11:11am

    Well, China manages DNS blocking...

    And if DNS is fatally flawed, there goes your "Internet repairs damage" riff.

    I've given you empirical example and a logical counter to a prior line of argument. You're basically just using a "fear of change" line here. -- Most things never get fixed until they are broken, so could be just the impetus needed for DNS, eh?

    link to this | view in thread ]

  6. icon
    Trails (profile), 18 Nov 2011 @ 11:12am

    A key point

    The redirect requirements in SOPA are not a problem because they make DNSSEC insecure, that is incidental. The problem is that the requirements themselves are unsound. Saying "well the geeks can just fix it" is idiotic, dismissive and condescending.

    link to this | view in thread ]

  7. icon
    lucidrenegade (profile), 18 Nov 2011 @ 11:13am

    Re: Well, China manages DNS blocking...

    You really are mentally retarded.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 18 Nov 2011 @ 11:15am

    So if the bill were to only mandate foreign pirate sites be blocked, how would that harm DNS? Don't they already do that with child porn?

    link to this | view in thread ]

  9. icon
    Chosen Reject (profile), 18 Nov 2011 @ 11:17am

    Credibility

    Yeah right, like they have any credibility. Who's going to believe that a watermelon research facility has any idea what they're talking about? Might as well be the corn farmers.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 18 Nov 2011 @ 11:21am

    Re:

    it mandates anything that content owners report be blocked, foreign and domestic

    link to this | view in thread ]

  11. identicon
    Anonymous Coward, 18 Nov 2011 @ 11:52am

    The issue of DNSSEC is that it requires almost every piece of network gear to either be entirely replaced, or patched with software upgrades is possible. On many routers, this is not possible.

    Currently, most networks are upgrading to allow for IPv6. Upgrades for DNSSEC may not or may not be possible on all of this equipment. It is likely that until the current equipment reaches it's EOL and is taken down that DNSSEC will not be any more complete than IPv6 currently is.

    Further, a full implimentation of DNSSEC requires replacement of eveything right down to your local router at home. The time frame for that to happen is "years", if not a decade or more at all levels.

    If anything, DNSSEC turned on too early could break the internet. So DNSSEC at this point is just not really an issue, even those who created it admit that it is not widely in use and unlikely to be there any time soon.

    link to this | view in thread ]

  12. identicon
    Anonymous Coward, 18 Nov 2011 @ 11:55am

    Re:

    http://www.shinkuro.com/PROTECT%20IP%20Technical%20Whitepaper%20Final.pdf

    Quote:
    With copyright-infringing sites getting an estimated 53 billion page views a year, a huge number of U.S. residents would seek out alternative DNS servers to access the sites if their ISPs weren't directing them there, Kaminsky said during a press conference. "It's not just that lookups to the Pirate Bay go overseas; lookups to Bank of America go overseas," he said. "This is handing over American Internet access to entities we explicitly do not trust, entities that are unambiguously bad guys."

    Alternative DNS services could intercept Internet traffic and use customers' data "in any way the remote operator would like," said David Dagon, a post-doctoral researcher at the Georgia Institute of Technology and co-author of a May paper focused on the technical problems that PROTECT IP could create.

    Source: http://www.pcworld.com/businesscenter/article/235742/engineers_protect_ip_act_would_break_dns.html

    When things break people go after solutions, if you believe any American will seat idle and allow censorship you are just an idiot.

    link to this | view in thread ]

  13. icon
    Rikuo (profile), 18 Nov 2011 @ 11:56am

    Re: Well, China manages DNS blocking...

    China doesn't have ICANN. China doesn't have the backbone of the world's internet reside within its borders. Therefore, what China does to DNS pretty much affects only China.
    The situation is completely different with regards to the US. Because so many Internet-related and Internet using companies are based/headquartered in the US, SOPA is bad news for them. SOPA isn't a bill being discussed in my country, but if it passes, some of my favourite websites will have to redesign themselves completely (i.e., forgo user participation entirely) even though I am accessing the site from a country where SOPA isn't a law.
    What if I want to upload a video to Youtube? Sorry, someone just accused them and Youtube's been blocked from receiving income through its payment processors! Therefore, I can't upload video and expect it to be watched.

    link to this | view in thread ]

  14. icon
    Rikuo (profile), 18 Nov 2011 @ 12:00pm

    Re: Re: Well, China manages DNS blocking...

    In addition, the tech companies that will be impacted by SOPA the most will have to make a choice: either censor themselves completely...or leave the US. While not totally practical, that is what these companies are debating amongst themselves. Google, Facebook et al bring in billions to the US economy: what if they shut up shop and opened their new global headquarters somewhere else? Now suddenly, Silicon Valley is deserted, the US loses out on taxes, thousands of people are without jobs...and people still haven't been convinced to pay for a song/movie/book/whatever.

    link to this | view in thread ]

  15. identicon
    Anonymous Coward, 18 Nov 2011 @ 12:00pm

    I wonder how the fools from the industry will do "whois" searches on databases that have content blocked.

    ARIN probably will be forced to remove contact information and IP address from its database, meaning not even them will be able to find out who is who LoL

    That is just marvelous.

    link to this | view in thread ]

  16. icon
    A Guy (profile), 18 Nov 2011 @ 12:07pm

    Re:

    DNS blocking doesn't remove a site from the internet. That is your first mistake. That is also why DNS blocking will never work.

    I don't know what they do with child porn sites but I assume it involves getting local authorities involved to remove the content from the servers and track down the perpetrators.

    You see, other countries will track down citizens whom engage in the vile and disgusting act of abusing children and spreading that abuse around the internet for fun and profit.

    On the other hand, governments of other countries care a lot less that some guy in Hollywood or an already rich artist claims they aren't making enough money off their population.

    You see, any reasonable person sees that these two things are nothing alike and anyone that compares the sexual exploitation of defenseless children to not making enough money can probably go fuck themselves.

    link to this | view in thread ]

  17. icon
    Zangetsu (profile), 18 Nov 2011 @ 12:16pm

    The Internet itself is IP

    Isn't the Internet full of Intellectual Property? Wasn't it created using the creative minds of thousands of people? If the House and Senate were so interested in protecting IP wouldn't they protect the Internet?

    (self deluded individual who believes that government is "of the people, for the people by the people" )

    link to this | view in thread ]

  18. identicon
    Anonymous Coward, 18 Nov 2011 @ 12:22pm

    You could also just skip DNS altogether.

    Just make entries in your hosts file for TPB or What.cd. Circumvented.

    link to this | view in thread ]

  19. identicon
    Anonymous Coward, 18 Nov 2011 @ 12:32pm

    Your pop quiz du jour

    Your task is to answer these questions without resorting to any resources other than your own brain. If you can, then you might be competent to discuss this issue. If you can't, then you should probably defer to people who actually have a reasonable grasp of the technical issues. Let's begin:

    1. What is the difference between an authoritative resolver and a recursive resolver?

    2. How does DNS cache poisoning work?

    3. What does NXDOMAIN mean, and when does it mean it?

    4. What are the DNS requirements for a mail server?

    5. What is the relationship between the TTL value and DNS caching?

    6. Presuming you're using the ISC BIND distribution, what is the best command-line program to use in order to find out DNS information?

    7. What is a lame delegation?

    8. What would one expect to see in the DNS A records for a multi-homed host?

    9. What command-line tools do you use to trace the hierarchy of reverse DNS assignment?

    10. What does "fast flux" mean, and why do we care?

    link to this | view in thread ]

  20. identicon
    rubberpants, 18 Nov 2011 @ 12:45pm

    Re:

    Hey, a new species of troll at Techdirt: The Concern Troll

    link to this | view in thread ]

  21. icon
    Chronno S. Trigger (profile), 18 Nov 2011 @ 1:14pm

    Re: Your pop quiz du jour

    So we should listen to people like David Ulevitch

    link to this | view in thread ]

  22. identicon
    anonymous, 18 Nov 2011 @ 2:13pm

    how can a company that has so little knowledge of the internet and how it works, be so scared of it, say that 'they disagree' when told by actual experts in not only the use of the internet but the makers of it, be believed and those experts be discounted? i know money talks louder than anything, but surely even the bought and paid for advocates of SOPA/PROTECT IP have enough intelligence to realise who's right and who's just really clueless and wanting to safeguard their own interests above all else.

    link to this | view in thread ]

  23. identicon
    Anonymous Coward, 18 Nov 2011 @ 3:24pm

    Re: SOPA/PIPA is tearing families apart

    Wait, what? They're related? How the hell did I miss that? Hmmmm... I feel stupid.

    link to this | view in thread ]

  24. icon
    John Fenderson (profile), 18 Nov 2011 @ 3:29pm

    Re:

    I don't think the people who wrote SOPA (MPAA, etc.) are idiots. Given that, since it's obvious that SOPA won't do anything to stop piracy, I think that it's reasonable to assume that's not the goal of the legislation.

    What SOPA will do is to make it easy for big companies to outright kill innovative noninfringing startups on the net. It's very clear from their actions as well as their words that the **AAs are terrified that they are losing control of the distribution channel. SOPA is a powerful tool to let them forcibly take control of the internet as such a channel.

    I think that this is the real purpose of the law. If so, then there's nothing wrong with it, technically. It can easily accomplish that goal.

    link to this | view in thread ]

  25. icon
    BearGriz72 (profile), 18 Nov 2011 @ 4:06pm

    Re: Re:

    +1 Scary, but probably true...

    link to this | view in thread ]

  26. icon
    SlinkySlim (profile), 18 Nov 2011 @ 4:07pm

    Re: Your pop quiz du jour

    1-10) vi /etc/hosts

    Yeah? Did I win?

    link to this | view in thread ]

  27. icon
    BearGriz72 (profile), 18 Nov 2011 @ 4:12pm

    Re: Your pop quiz du jour

    Cool I know 8 of those off the top of my head.
    Do i win anything? ;-)

    link to this | view in thread ]

  28. identicon
    Anonymous Coward, 18 Nov 2011 @ 4:23pm

    Funny, the Internet didn't break when Google blocked the Public Knowledge site:

    "SOPA supporters question Google's blocking of website
    By Jennifer Martinez

    11/18/11 5:18 PM EST
    Google and Public Knowledge are both opposed to online copyright legislation in Congress, but the search engine’s blocking of the public interest group’s website this week gave supporters of the bills some new ammunition.

    For part of Friday, visitors who attempted to access Public Knowledge’s site via the Mozilla Firefox browser were greeted with a bold warning message that said visiting the site may harm their computers. Public Knowledge spokesman Art Brodsky said that the organization found a piece of malicious code was slipped onto the site and Google blocked access to the site because of this security threat.

    The malware has since been scrubbed from Public Knowledge’s site. But the incident has motivated supporters of the two bills — the PROTECT IP Act in the Senate and Stop Online Piracy Act in the House — to ask why the search giant is objecting to taking the same action against so-called rogue sites that offer illicit copies of entertainment content and counterfeit goods when served with a court order.

    “It does beg the question, if they do this on their own to prevent malware, couldn’t they do the same when a court tells them a domain name is being used to sell counterfeits or pirated works?” a Senate aide for a member who supports the PROTECT IP Act told POLITICO.

    In response, Google pointed to the testimony of the company’s copyright counsel Katherine Oyama this week at the House Judiciary Committee hearing on the Stop Online Piracy Act.

    “Google takes the problem of online piracy and counterfeiting very seriously, devoting our best engineering talent and tens of millions of dollars every year to fight it,” Oyama said.

    She also noted that the search company has spent more than $60 million to remove online pirates from its ad services and processed Digital Millennium Copyright Act takedown requests for nearly five million items so far this year.

    Public Knowledge’s site was accessible via Microsoft’s Internet Explorer and Apple’s Safari browsers, Brodsky said. The site became available via Firefox Friday afternoon.

    Brodsky lauded Google for taking action to prevent Web visitors from picking up a virus.

    Both Google and Public Knowledge are staunch opponents of the House and Senate bills. They have argued the bills would threaten constitutionally protected speech on the Web, discourage online innovation and ultimately not solve the problem of online piracy.

    Google’s blocking of sites infected with malware and its objection to domain name blocking and filtering in the copyright legislation are “not analogous at all,” according to Brodsky.

    “The situations are very different,” he said."


    https://www.politicopro.com/go/?id=7428

    link to this | view in thread ]

  29. identicon
    Anonymous Coward, 18 Nov 2011 @ 4:28pm

    Re: Re:

    it mandates anything that content owners report be blocked, foreign and domestic

    Wrong FUDpacker. Only the US Attorney can bring an action that would lead to site blocking. I guess when you have no answer you simply invent a new lie.

    link to this | view in thread ]

  30. identicon
    Anonymous Coward, 18 Nov 2011 @ 4:30pm

    Re: Re:

    it mandates anything that content owners report be blocked, foreign and domestic

    Wrong FUDpacker. Only the US Attorney can bring an action that would lead to site blocking. I guess when you have no answer you simply invent a new lie.

    link to this | view in thread ]

  31. icon
    A Guy (profile), 18 Nov 2011 @ 4:32pm

    Re: Your pop quiz du jour

    8 for me too.

    I say anyone who can think of one easy way to bypass this proposed regime and realizes the importance of a single root DNS for commerce and internet stability has every right to comment.

    link to this | view in thread ]

  32. icon
    A Guy (profile), 18 Nov 2011 @ 4:37pm

    Re:

    That's right, because Google didn't censor the DNS or take actions that would fragment the root DNS. They control a list that users of certain browsers may choose to use to avoid malware.

    link to this | view in thread ]

  33. identicon
    Anonymous Coward, 18 Nov 2011 @ 4:40pm

    That's right, because Google didn't censor the DNS or take actions that would fragment the root DNS. They control a list that users of certain browsers may choose to use to avoid malware.

    Oh good, then they should have no problem applying this to infringing content.

    link to this | view in thread ]

  34. icon
    A Guy (profile), 18 Nov 2011 @ 4:44pm

    Re: Re:

    I was thinking the same thing. However, rather than engage them on "I think this is what you are trying to do and if it is this seems wrong"

    I thought I'd engage them on "this is what you say, it is silly and will not work"

    link to this | view in thread ]

  35. icon
    A Guy (profile), 18 Nov 2011 @ 4:47pm

    Re:

    That would be acceptable to everyone except copyright holders I think.

    A voluntary list that users may or may not use and may or may not ignore based upon their choice. That is weaker than a DMCA notice.

    link to this | view in thread ]

  36. identicon
    Ed C., 18 Nov 2011 @ 4:58pm

    Re:

    Their merely evoking the "executive prerogative"--the right to completely ignore reality and facts solely in favor of their own "intuition", and force their underlings (and the the rest of humanity) to deal with the details.

    link to this | view in thread ]

  37. icon
    Mike Masnick (profile), 18 Nov 2011 @ 5:17pm

    Re:

    Did you really just cut and past an entire behind-the-paywall article on my site in *defense* of stricter copyright laws?

    Under SOPA I would need to start blocking you as an infringer, or risk having Techdirt shut down.

    link to this | view in thread ]

  38. identicon
    Anonymous Coward, 18 Nov 2011 @ 5:21pm

    Re: Re: Re:

    What are you an idiot, where do you think those lists come from?

    The US Attorney don't even bother checking those list apparently since they seized a lot of things that are not even infringing or against the law.

    link to this | view in thread ]

  39. identicon
    Anonymous Coward, 18 Nov 2011 @ 5:25pm

    Re:

    Actually for infringing content one doesn't need DNS at all, you can just type what you want in the embedded search engine that many P2P applications has an bam! there you go.

    But others would not do that, they would simply configure their DNS servers to be foreigner servers that the US has no control off of it, which can expose people to problems.

    Basically we are going back 30 years to a time when there was no authoritative DNS system and people where still developing the solutions they use today, but this time it will be decentralized so you muppets can't meddle with it.

    link to this | view in thread ]

  40. identicon
    Anonymous Coward, 18 Nov 2011 @ 5:28pm

    Re:

    Yes because counterfeit and illegal filesharing are so easy to spot right, what idiot try to compare malware that is cut and clear to something that not even people versed on that fucking shit understands.

    link to this | view in thread ]

  41. identicon
    Anonymous Coward, 18 Nov 2011 @ 5:31pm

    Re: Re: Re:

    And lets not forget that I can't see any judge applying any reasonable standard to a list with thousands of entries in it anytime soon.

    link to this | view in thread ]

  42. identicon
    Anonymous Coward, 18 Nov 2011 @ 8:45pm

    Frankly, and without discussing the technical merits of the letter's contents, I am shocked beyond words that someone from Sandia would "officially" correspond with a member of Congress.

    Sandia is what is known as a GOCO, which stands for Government Owned Contractor Operated, that manages the Sandia National Laboratories for the Department of Energy, the latter, of course, being an executive agency. Having worked closely with Oak Ridge, Sandia, and other labs that have managed these various DOE facilities, it is nothing short of amazing that this letter appears to have bypassed the DOE. I rather suspect that both Lockheed Martin and the DOE are about to have some very interesting conversations (what I call "bonding sessions") with Mr. Napolitano. He may know a lot about technical matters, but does appear to be a bit naive about political matters.

    link to this | view in thread ]

  43. icon
    elemecca (profile), 18 Nov 2011 @ 8:58pm

    Re:

    I think you've misconstrued the issue with routers. The only way in which DNSSEC will affect most provider devices (including true layer 3 routers) is by increasing the size of DNS packets. For almost all devices that shouldn't be a problem. ISPs, then, shouldn't have to upgrade their infrastructure much beyond their nameservers.

    Where DNSSEC could become a problem is the ALG in NAT gateways (including home routers), which is responsible for parsing DNS responses to determine which masked computer they're intended for. Poorly implemented ALGs may be confused by DNSSEC packets. I suppose it's also possible that some gateway devices include a caching DNS resolver or some sort of DNS proxy that would need to be updated, but I've personally never seen one. DNSSEC is not exactly a new protocol, however. Most reasonably new hardware should support it.

    Turning on DNSSEC too early won't break the Internet. Legacy clients will simply continue to use regular, unsecured DNS. Rolling out DNSSEC won't do anything to change that. While it is true that clients configured to require validation will fail if the recursive resolver doesn't support it, that's a per-client setting and can easily be disabled.

    All of that is largely irrelevant to the discussion of SOPA. Your post seems to be insinuating that DNSSEC is not ready and thus we have time to fix it. Unfortunately, SOPA doesn't just break some implementation detail of DNSSEC as the MPAA seems to think. It breaks the very idea of DNSSEC. It enshrines in law the idea that the recursive resolver must lie to the client, which is exactly what DNSSEC was designed to prevent.

    link to this | view in thread ]

  44. identicon
    Rekrul, 18 Nov 2011 @ 9:01pm

    Re: Re: Re: Well, China manages DNS blocking...

    Google, Facebook et al bring in billions to the US economy: what if they shut up shop and opened their new global headquarters somewhere else? Now suddenly, Silicon Valley is deserted, the US loses out on taxes, thousands of people are without jobs...and people still haven't been convinced to pay for a song/movie/book/whatever.

    What you fail to understand is that only the entertainment companies matter. They are single-handedly keeping the world's economy afloat. Without them, the economy would be doomed, the governments would fall and the world would descend into chaos! Also, the planet would probably stop turning and the sun would go out.

    Do you really want to be the cause of the extinction of the entire human race???

    link to this | view in thread ]

  45. identicon
    Rekrul, 18 Nov 2011 @ 9:09pm

    Re:

    Here's the net with child porn sites blocked;

    .....................#.....................#...................

    Here's the net after SOPA passes;

    ..#..#.##...###...##.###....####..#.###.###.##.

    Any questions?

    link to this | view in thread ]

  46. icon
    Hephaestus (profile), 18 Nov 2011 @ 9:13pm

    Re:

    "I am still trying to figure out who sold them on the idea of DNS censoring to begin with. "

    It was probably the same idiot that told them IPv6 would be the, end all and be all, of IP infringement tracking, and prevention.

    link to this | view in thread ]

  47. icon
    Hephaestus (profile), 18 Nov 2011 @ 9:15pm

    Re: Re: Well, China manages DNS blocking...

    I like using the word Idiot to describe him or her.

    link to this | view in thread ]

  48. icon
    Hephaestus (profile), 18 Nov 2011 @ 9:30pm

    Re: Your pop quiz du jour

    Very nice, you just posted several copyrighted questions from a DNS exam ... you fucking pirate!! :)

    link to this | view in thread ]

  49. identicon
    Rekrul, 18 Nov 2011 @ 9:34pm

    The most frustrating thing about this whole mess is being able to see how easily these bills could be killed, but knowing it will never happen.

    If every ISP in the country agreed to shut down their network and show each user a page urging them to contact their congressmen demanding the end of net censorship bills, SOPA & PROTECT IP would be going through the shredder by the end of the day.

    I don't think the government can legally force any private company to do business, can they? If every ISP did this, they wouldn't lose any customers to the competition, and unless I'm mistaken, it wouldn't cost them anything to not use their network for a few days. Of course there's always the risk that some people will cancel their accounts in protest, but would that really be an option for most people, especially if they have nowhere else to turn?

    Sure, it's nice to say that the government doesn't give in to blackmail, but what choice would they have? They wouldn't have the resources to take over every ISP, and even if they did, how would that even be legal?

    If a few web sites blacking out part of their pages (which I never even saw) can get half a million protest letters (or so I read) to congress, think what having every consumer level internet account shut down would do.

    link to this | view in thread ]

  50. icon
    Jay (profile), 19 Nov 2011 @ 8:35am

    Re: Re: SOPA/PIPA is tearing families apart

    Janet's probably the black sheep of the family given how DHS is nothing more than a theater troupe.

    link to this | view in thread ]

  51. identicon
    Anonymous Coward, 19 Nov 2011 @ 10:59am

    Re: Re:

    Sadly, many routers used today in the field are unable to handle oversized DNS packets, and specifically filter for them to avoid what use to be a rudimentary type of DoS attack. Combining something like a Fraggle attack with oversized packets, and you would get all sorts of amusing and unintended results.

    As a result, each of those routers along the way have to be at minimum reprogrammed not to filter oversized packets, and in many cases, may not be able to handle oversized UDP packets (which they handle seperate from other traffic to speed them up).

    Safe to say that DNSSEC, even without SOPA, wouldn't be here much before 2020.

    It would also appear that DNSSEC was designed with the intent of hurting the ability for anyone to control or filter the net in any manner, and that itself may be enough of a reason not to go down that road.

    link to this | view in thread ]

  52. identicon
    Anonymous Coward, 19 Nov 2011 @ 12:24pm

    Re:

    “The situations are very different”

    What a lying piece of shit slimeball.

    Yeah, they're different alright: with piracy Google makes money.

    Fuck off and die Google.

    link to this | view in thread ]

  53. icon
    TtfnJohn (profile), 19 Nov 2011 @ 4:47pm

    Re: Re: Re:

    "It would also appear that DNSSEC was designed with the intent of hurting the ability for anyone to control or filter the net in any manner, and that itself may be enough of a reason not to go down that road."

    If that's the design in intention of DNSSEC then I want to go down that road as fast as we can.

    On the other hand if SOPA/PIPA wants to break that road then it's better avoided. The statement from Sandia Labs is anything to go by the proposal is not only easily circumvented but may also have commercial and military consequences for the United States.

    Europe won't follow suit, Canada won't, Japan won't, China doesn't care and, in fact, the only country I can think of that might is that already dangerously censorious country known as Australia.

    In the age of the Internet the United States isn't an island and can't be. Doing things like this hurts the US more than it does anyone else. Consequently it doesn't help the *AA's one bit as it's inconsequential to work around what they propose.

    Ironic, don't you think?

    link to this | view in thread ]

  54. icon
    Brad (profile), 19 Nov 2011 @ 5:47pm

    Because scribd is annoying

    PDF copy of the Sandia response mirrored on S3 for your viewing pleasure.

    link to this | view in thread ]

  55. icon
    wvhillbilly (profile), 19 Nov 2011 @ 6:48pm

    Re: Re:

    "What SOPA will do is to make it easy for big companies to outright kill innovative noninfringing startups on the net. It's very clear from their actions as well as their words that the **AAs are terrified that they are losing control of the distribution channel. SOPA is a powerful tool to let them forcibly take control of the internet as such a channel."

    I suspect you are dead on in your analysis of this. The people who want this are so paranoid that someone is going to get something without their getting a big chunk of money for it, that they would - so to speak - burn the entire barn (the Internet) to the ground to get rid of a few pesky rats.

    Stupid.

    link to this | view in thread ]

  56. icon
    wvhillbilly (profile), 19 Nov 2011 @ 6:51pm

    Re: Like this

    Prove it.

    link to this | view in thread ]

  57. icon
    wvhillbilly (profile), 19 Nov 2011 @ 7:00pm

    Re: Re: Re:

    Still, I see much potential for abuse if this is implemented.

    link to this | view in thread ]

  58. icon
    wvhillbilly (profile), 19 Nov 2011 @ 7:13pm

    Re:

    Like I said earlier, the people who want DNS blocking are so paranoid of anyone getting anything without their getting a big chunk of money out of it, they're willing to burn the barn to the ground to get rid of a few rats.

    Barn-the Internet
    Rats-infringers

    Get it?

    link to this | view in thread ]

  59. identicon
    Anonymous Coward, 20 Nov 2011 @ 4:38pm

    We're gonna make our own DNS! With hookers and blackjack!

    link to this | view in thread ]

  60. identicon
    Renee Marie Jones, 20 Nov 2011 @ 6:28pm

    Re: DNS filtering

    I think they really did think it up themselves. They are technological children. Most of them probably don't know how to use a computer, but the ones that do just know that you either click a link or you type in a domain name. So, they figure that if you can stop those two things, then a site is unreachable. They don't think beyond that. That is all they can understand.

    The sad thing is that incompetent fools like this are allowed to dictate tech policy.

    link to this | view in thread ]

  61. identicon
    dave, 21 Nov 2011 @ 9:27am

    Re:

    good news everyone!

    link to this | view in thread ]

  62. identicon
    hemo_jr, 22 Nov 2011 @ 8:09am

    More to the point, SOPA/PIPA are harshing my mellow.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.