18 January 2012
Wikipedia, Google, WordPress, and several other websites will be shut down or blackout special pages for 24 hours as form of protest of US Bills called the Stop Online Privacy Act (SOPA) and Protect IP Act (PIPA). SOPA and PIPA will give authorization to US Government (Department of Justice) to shutdown websites that are accused of containing "copyright infringement".
According to Executive Director of the Wikimedia Foundation, Sue Gardner:
"The reality is that we don’t think SOPA is going away, and PIPA is still quite active. Moreover, SOPA and PIPA are just indicators of a much broader problem. All around the world, we’re seeing the development of legislation seeking to regulate the Internet in other ways while hurting our online freedoms. Our concern extends beyond SOPA and PIPA: they are just part of the problem. We want the Internet to remain free and open, everywhere, for everyone."
What is SOPA and PIPA?
The implementation of SOPA and PIPA allows for the Justice Department to filter the domain name from publicly registered DNS servers. For example, if a web site called piratemusic.com is found in violation of this law then a court order could be initiated to have all registered Domain Naming Servers (DNS) servers in the .com Top Level Domain (TLD) redirect a potential user to a new Internet Protocol (IP) address. This basically means the US Government will poison DNS. What this does mean is that:
- The website will still be reachable over its IP address. Meaning if piratemusic.com has been redirected to the US server saying that "This domain is offine due to copyright violations" the site will still be accessed from its original IP address via http://192.168.1.100.
- If the Top Level Domain (TLD) exists outside the US like .eu, .ru, .cn then the US government does not have authority to block them.
This won't work!!
For every network engineer, DNS is understood as a core function of the Internet. So messing with it in this way can have serious systemic technical issues.
- The first is called the "fat finger effect." Basically, if the Justice Department finds that youtubeee.com is in violation and orders it to be shut off, but the operator of the .com TLD instead redirects youtube.com then the consequences are far reaching. This, in fact already happened by the Pakistan Telecommunications Authority (PTA) in 2008 when they poisoned the routing tables to say that they owned the address space for YouTube. What this did was take down YouTube entirely.
- DNSSEC (DNS Security) was a technology that was implemented to solve the problem of malicious hackers from poisoning DNS. This security mechanism would have to be removed now because the redirection is actually breaking DNSSEC. So SOPA would break Internet security.
- Any filtering by nameservers, even without redirection, will pose security challenges, as there will be no mechanism to distinguish court-ordered lookup failure from temporary system failure, or even from failure caused by attackers or hostile networks. So there could be no way for network operators to tell if a site being down because of DNS poisoning is due to hackers or a SOPA court order. Why? Because the trust model (see DNSSEC) is broken.
- If the web site operator moves overseas, then this cannot be enforced.
About Site by Tommy
Freelance web design and developer in Jakarta and Microsoft Certified Professional with five years of experience in web design and development, application development, database system, Search Engine Optimization (SEO), graphic design, logo design, business cards, corporate letterhead, posters/banners, brochures and flyers, social media marketing, and email marketing/campaign.