Syrian Electronic Army 'Hack' Of The NYTimes Was The Exact Remedy MPAA Demanded With SOPA
from the and-it-was-a-joke dept
There were many, many concerns related to SOPA and PIPA when they were proposed, but the absolute biggest was the use of DNS blocking as a "remedy" against sites where it was alleged that infringement was a primary purpose. Of course, as tons of technology experts points out, any form of DNS filtering or redirecting would be a security nightmare and would do almost nothing to actually stop infringement.As you may have heard, this week the Syrian Electronic Army was effectively able to "take down" nytimes.com by engaging in a bit of DNS hacking, which was really nothing more than a DNS redirect. As Rob Pegoraro points out, this is the same basic remedy that the MPAA wanted so badly with SOPA. In fact, during the negotiations over SOPA (after it became clear that its companion bill in the Senate, PIPA, was stalled over the DNS blocking issue), this was the issue the MPAA refused to budge over: DNS blocking/redirects needed to be in SOPA. As Pegoraro writes, if SOPA had become law, we likely would have seen the law abused to take down sites just as the Syrian Electronic Army took down nytimes.com:
2011's Stop Online Piracy Act would have let copyright holders require Internet providers to use DNS redirection to block access to allegedly infringing sites. That authority would inevitably have been abused in social-engineering exploits--and we'd likely see a lot more outages like the NYT's.At the same time, Ali Sternburg, over at the Disruptive Competition Project points out that this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA (despite the MPAA's insistence that it was necessary), because it's so easy to get around and many, many people did. It may have been an inconvenience, but it was hardly the game changer the MPAA predicted.
If this sounds familiar to you, perhaps it’s because Domain Name System (DNS) blocking was part of the original draft of SOPA. DNS blocking was suggested as a remedy to take entire allegedly infringing foreign websites down, but yesterday demonstrated that people can still navigate to sites through their IP address, even when domain name servers are offline. This is consistent with a major critique of the DNS blocking during the SOPA debate: that it wouldn’t even work. Some SOPA supporters had argued in response that “it would be a mistake to assume, as some of these network engineers have, that the average Internet user has the above-average technical skills necessary to do this.” But yet, people did yesterday.* If people want to access a website, they can figure it out pretty fast, and without needing any significant technological skills.So it's somewhat ineffective for blocking (though, very effective for drawing much more attention to what you want blocked). It was a dumb idea by the technologically illiterate folks at the MPAA to suggest a form of DNS hacking as any kind of remedy to copyright infringement, and the NY Times redirect hack just made that even clearer.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: dns redirect, hacking, sopa, syrian electronic army
Companies: mpaa, ny times
Reader Comments
Subscribe: RSS
View by: Time | Thread
When did typing numbers become an above-average technical skill?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: to Michael, Aug 29th, 2013 @ 12:57pm
[ link to this | view in chronology ]
The attack was mitigated by other means as well
In English: you are a customer of Fred's ISP, which you are connected via dialup/DSL/cable/fiber/whatever. When you make that connection, your modem/router is assigned an IP address by Fred and now you are on the Internet. Yay! You're also assigned a bunch of other things (like a default route) including DNS servers. Thus when you attempt to connect to http://example.com, your system emits a query for the IP address of example.com and that query is directed at the DNS servers that Fred told you to use. (This is presuming you didn't override all these things...which you probably didn't.)
So if Fred's operators notice that the SEA has done something evil to the DNS records for example.com, they can trump that by ordering their DNS servers -- the ones you're using -- to return something else...like the correct DNS records.
This is not the sort of thing Fred's people want to do every day, and they're not going to do it for piddly little sites that nobody visits anyway...but replace "Fred" with "Verizon" and "example.com" with "The New York Times" and yeah...they just might. And in some cases: they did.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Google Hails Age of Cyber War & Digital Revolution
http://truthstreammedia.com/google-hails-age-of-cyber-war-digital-revolution/
As you strain here to be topical besides somehow -- sheesh! -- link to MPAA and SOPA, I bring in a similar enough given your wacky S-T-R-E-T-C-H subversive role that Google and its executives played in the "Arab Spring". That article lays out long-term connections with WH and State Dept, not just a website hack.
[ link to this | view in chronology ]
Re: Google Hails Age of Cyber War & Digital Revolution
Ha. If anyone actually has doubts about whether Truthstream Media is a loony conspiracy site, just read the other articles. Like this one:
- The Kubrick Code: Did Final Film ‘Eyes Wide Shut’ Expose Elite Satanic Cult?
Just by citing sources like that as credible, you've automatically proven that you are not to be taken seriously.
[ link to this | view in chronology ]
First you claim: As you may have heard, this week the Syrian Electronic Army was effectively able to "take down" nytimes.com by engaging in a bit of DNS hacking, which was really nothing more than a DNS redirect.
And then you say: At the same time, Ali Sternburg, over at the Disruptive Competition Project points out that this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA (despite the MPAA's insistence that it was necessary), because it's so easy to get around and many, many people did.
So which is it? The Syrians can "effectively take down nytimes.com" but if used as part of SOPA it'd have been "laughingly ineffective? "
[ link to this | view in chronology ]
Re:
You are bad at reading comprehension. Note that I did not say that they took down "The NY Times." I said they took down nytimes.com -- the specific URL. That's true. But, as Sternburg pointed out, this was useless, because it didn't take down the content, nor make it difficult to reach.
They took down the URL, but not the content. Basically exactly what your preferred solution would have been.
[ link to this | view in chronology ]
Re: Re:
The newspaper posted a message on its Facebook page about 5 p.m. ET that said, "Many users are having difficulty accessing The New York Times online. We are working to fix the problem. Our initial assessment is the outage is most likely the result of a malicious external attack."
So nytimes.com claim many users had difficulty accessing content. But I guess we should believe you instead because you just know these things, right?
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
The average web surfer when trying to access nytimes.com wouldn't have known even the slightest thing about DNS or the fact that the solution was incredibly simple. He would have just said to himself "Site is down, somebody hacked it, them geeks at the Times have to do some computer shit to fix it, there's nothing I can do myself to get at the site".
[ link to this | view in chronology ]
Re: Re: Re:
So the NYT says "many users had difficulty accessing content" and Mike says "this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA... because it's so easy to get around and many, many people did." These two statement are NOT in conflict with each other. Both can be (and most probably are) completely correct.
Sorry, but your lame 'gotcha' fell flat on it's face.
[ link to this | view in chronology ]
Re:
As you may have heard, this week the Syrian Electronic Army was effectively able to "take down" nytimes.com by engaging in a bit of DNS hacking, which was really nothing more than a DNS redirect
Notice that quotes around "take down". This is an indication that the term within them does not accurately reflect what actually happened. They are just like people using air quotes when they talk about you being intelligent or well read.
At the same time, Ali Sternburg, over at the Disruptive Competition Project points out that this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA
It can be pointed to as an example as to how ineffective DNS redirects would have been because people were still able to get to the website by easily typing in the IP address into their web browser. Lots of average-intelligence internet users managed to take on this complex task of typing numbers and easily defeated the blocade.
[ link to this | view in chronology ]
Oh wait, no it isn't.
Because slimy Mike Masnick and the turds that employ him over at Greedle were LYING to people.
[ link to this | view in chronology ]
Re:
Happening to EVERY SINGLE WEBSITE...
Let that sink in.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Just from a quick glance of SOPA's DNS blocking...
Facebook
Google
Bing
Youtube
imgur
pixiv
deviantart
yahoo
wikipedia
tumbler
even steam
Hmm...
That's a LOT of people affected by copyright claims. All it would take is ONE claim to hit them all.
[ link to this | view in chronology ]
Re: Re:
Imagine if you hadn't been dropped on your head so much as an infant. Let that sink in.
[ link to this | view in chronology ]
Re: Re: Re:
Wow! Wish I had thought of that. Imagine how much easier it would be to win an internet argument if all I had to do was insult someone based on the fact that I don't know anything about them.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Google was brought into the effort late, and reluctantly.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
Total lie.
Look at Google's lobbying expenditures during that period. Coincidence? Uh no. Then they used Reddit and that weasel Jimmy Wales to try cover their tracks. Epic fail.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
yes, Google did want SOPA modified to benefit them (Google is far from an angel), but they had no interest in scuttling it altogether.
[ link to this | view in chronology ]
Re:
Oh wait, no it isn't.
Because slimy Mike Masnick and the turds that employ him over at Greedle were LYING to people.
Hahahahahahahaha, nice of you to point that out. On another humorous note; the douchenozzles over at Demand Progress have resurrected the Justin Bieber in prison campaign over streaming. Seriously Masnick, the only you're missing are the slap shoes, bulb nose and tiny little car.
[ link to this | view in chronology ]
Re:
Think about this... all of the "official" DNS servers are managed according to SOPA... what happens next is that the "hackers" or people intent on providing a free and open internet setup their own DNS servers and voila! no more DNS direct by the powers that be... Now imagine 100 or 1000 world-wide organizations all with their own DNS servers all having different IPs for a given domain or domains.
Result=Broken internet.
[ link to this | view in chronology ]
Normal people would go out and learn and say oh so that what he meant. Not trolls however they are not burdened with such silliness.
I can only hope that the next generation of government it not utterly technologically inept as the trolls in this forum.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
Seriously, stop and think about that for a moment...
Posting a copy of something online had the potential to hit you with the same kind of punishment that someone who runs people over with cars, murders, rapes, steals thousands of dollars from a bank, certain animal abuses...
So, in what kind of world does THAT make any sense?
[ link to this | view in chronology ]
Re: Re:
Seriously, stop and think about that for a moment...
Posting a copy of something online had the potential to hit you with the same kind of punishment that someone who runs people over with cars, murders, rapes, steals thousands of dollars from a bank, certain animal abuses...
So, in what kind of world does THAT make any sense?
All it does is elevate the penalties for illegal streaming to that of illegal downloading with the same thresholds. And it was not part of SOPA, it was a bill introduced by Klobachar.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
I believe the SSC's point is that it's pretty ridiculous that the "same thresholds" you mention mean that it's worse to commit copyright infringement than to commit robbery, rape, or murder. It seems like a point well taken.
The problem with that is that it's very, very difficult to tell what's "commercial" and what isn't. The industry's perspective is if there's an ad on the page, it's commercial. By that definition, almost everything anybody does on the internet is "commercial".
The distinction is a smoke screen, used to try to imply that ordinary users wouldn't be affected when clearly almost all of them would be.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
You have to realize that not everyone against this stuff is a dweller in their mommy or daddy's basements.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
and you can guarantee that what is in there was the final text? That they would not have tried to slip in any further amendments later attached as a rider on another bill?
[ link to this | view in chronology ]
Re: Re: Re: Re:
I happen to use the Thomas site as it is devoted to following federal bills, and well as Congress' own site that likewise follows all bills at all stages of the process.
[ link to this | view in chronology ]
Re:
This is false. The manager's amendment made some changes, but DNS issues remained. The "change" was that it no longer mentioned DNS specifically, but set it up such that the only way to really comply with the law would have been through DNS redirect.
This was the language in the manager's amendment:
To respond with "but it was there originally" would be literally true, but would be misleading in that if SOPA had passed it would have done so without a re-direct provision.
Also false. As a last gasp effort, Senator Leahy promised to change PIPA to say that DNS issues wouldn't have be implemented right away, but only after a "study." The text of said language was never publicly introduced. Rep. Smith later made a vague promise to do something similar with SOPA, but never released any text.
But, until the end, SOPA had a requirement for blocking on the part of ISPs, and the style of blocking was almost certainly limited to DNS blocking.
You really shouldn't lie when it's so easy to prove you wrong.
[ link to this | view in chronology ]
Re: Re:
Now, if it was explicitly retained in the bill then your comment would have merit. Since it was not retained it is difficult to understand your "liar, liar, pants on fire" retort.
[ link to this | view in chronology ]
Re: Re: Re:
Redirecting was not removed from the bill as I noted in my comment.
Why do you lie? You really have a sick compulsion.
Now, if it was explicitly retained in the bill then your comment would have merit.
It was retained in the bill. As noted.
Since it was not retained it is difficult to understand your "liar, liar, pants on fire" retort.
As noted, it was retained. Which is why you're a liar.
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
You learn how to do the things you want to do. Years ago, people had simpler programs for email and social networking. Now you just ask a friend or Google what you don't know. If routing around DNS blocking became widely necessary, very user friendly redirects to numeric IP addresses would pop up overnight.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
The copyright industry sucks and they are a clear and present danger to any global society.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
SOPA would have.
[ link to this | view in chronology ]
Link between MPAA and the so-called Syrian Electronic Army?
It seems "convenient" that this was an attack orchestrated in response to some possible military activity by the US Government against Syria... It seems much more likely that it was an attack orchestrated by the MPAA and its co-conspiritors behind SOPA hiding behind a "front page name" organization.
Cynical... who me?
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Chicken Little
[ link to this | view in chronology ]
Re: Chicken Little
I think you misunderstand the issues -- either due to technological ignorance or willful misrepresentation. The fact that DNS blocking is easy to get around has nothing to do with the fact that forced DNS filtering would, in fact, break key aspects of the internet. No one claimed it would *shut down* the internet, but rather that it would make certain important parts of the internet, including certain forms of security (like DNSSEC) impossible to work properly.
So, yes, both statements are true. Forced redirects would break key components of the internet, and it would do so in a manner that would be highly ineffective in stopping what SOPA supporters wanted to stop. The main problem is that while it would be totally ineffective in stopping piracy, the things it would break *would* be hard to replace. So you'd damage internet security, without slowing piracy.
[ link to this | view in chronology ]
I think he understands just fine, and the technological ignorance and willful misrepresentation are just part of his job description.
[ link to this | view in chronology ]