SOPA: Why Do We Have To Break The DNS?

Last month, we posted our position piece on the Stop Online Piracy Act, also known as SOPA or the E-Parasite Act. In this post, I’m going to examine the technical details of the act and how it relates to the operation of the global Domain Name System (DNS).

SOPA proposes the idea of using DNS-based filtering by Internet Service Providers (ISPs) as a means to remove U.S. support of a foreign infringing website.

While the bill doesn’t specifically define how the ISP should technically go about this, it does seem to indicate that an ISP should capture, redirect and modify DNS query / response pairs to ensure that a downstream user does not access the site. There’s a number of ways to “remove support” from a foreign infringing website at the DNS level, so we’ll take a look at the techniques that could be used at all the layers of the DNS and why some are more destructive than others.

There is the domain registration itself, which signals existence of a domain into the appropriate top-level domain’s DNS zone.

For example, if the domain “example.com” was a foreign infringing site, a law enforcement agency could petition Verisign (the registry operator of the .com TLD) to remove the relevant DNS records that provide the delegation for example.com. In fact, this type of behavior isn’t SOPA specific and our current judicial framework permits this to happen today.

One should note that the impact of such a suspension would have a worldwide impact. All users of the domain name would no longer be able to access services offered by that domain.

There’s the authoritative DNS service for example.com which could be terminated.

A delegation for example.com is made from Verisign to the domain’s authoritative DNS provider to a company such as Dyn. If a foreign infringing site were to be supported by a U.S. authoritative DNS provider, law enforcement could petition the authoritative DNS provider to remove support for the domain by terminating authoritative DNS service. Again, this would cause a worldwide suspension of services for the domain, but unlike a registry level termination, the alleged infringer could move services to another authoritative DNS provider and continue doing whatever he/she was doing utilizing the newly acquired authoritative DNS service.

There’s recursive DNS interception, redirection and alteration (which is the primary technique contemplated by SOPA) that would be implemented at the ISP level.

Unlike TLD and domain authoritative nameservers (of which any set are under the same common administrative control, i.e. Dyn), recursive DNS servers are deployed Internet wide in clusters throughout ISPs. Under SOPA, U.S. ISPs would be required to accept an additional “feed” of data which would include a list of known or alleged domains participating in foreign infringement.

The feed would be used to block DNS queries made for foreign infringing domains and would remove U.S. access of these domains for users of U.S. ISPs. The feed could be incorporated into DNS using a variety of techniques including deep packet inspection (DPZ), a software interface such as BIND’s Response Policy Zones (RPZ) or even by creating false zones in the recursive DNS servers view.

From Dyn’s perspective, the third option — ISP-based DNS query manipulation — is the most hazardous to the health of the global DNS.

Implementing such a solution breaks the distributed tree of authority concept used by the DNS by “injecting” U.S. nationalized pieces of DNS policy into the system. ISPs around the United States would become responsible for implementing, maintaining and monitoring these SOPA feeds into their DNS infrastructures, creating an additional layer of operational complexity for their DNS operations. Additionally, since not all DNS systems permit the inclusion of external data feeds to support local policy, many operators would be required to upgrade the recursive DNS infrastructures in significant ways.

There’s a number of conditions that could occur where a SOPA-fed recursive DNS server could hand back incorrect DNS data or be circumvented all together. If an ISP were to have issues pulling the SOPA feed or clearing domains from the SOPA list, a single domain could be blacklisted in the United States when it is perfectly legal to be used. If the source of a SOPA feed were to ever be compromised, an attacker could take critical Internet infrastructure domains offline by adding them to the feed (i.e. root-servers.net).

Savvy users could simply bypass a SOPA-enabled recursive DNS server by pointing their DNS settings to an off-shore recursive DNS server. Technically savvy networks might respond by blocking port 53 externally or by hijacking port 53 traffic on their network to their SOPA-enabled recursive DNS resolvers. Anyone want to bring Net Neutrality into this discussion? What would happen to users if an infringer decided to setup a “free, non-SOPA” recursive DNS server for users to use – one that additionally hijacked legitimate banking, ecommerce and business websites, too?

It is Dyn’s opinion that the technical implementation techniques contemplated by SOPA do more damage to the global DNS than help solve the problem it aims to tackle. There are existing law enforcement techniques available to deal with copyright infringement today at the registry level, so we ask why are they not being effectively utilized? Must we resort to breaking the DNS?

Other Posts Of Interest

Protesting SOPA With Website Blackouts

Giovanni

We already have this in Italy and guess what? Many of us switched their DNS settings to Dyn, OpenDNS or Google.

Gigi

many? surely not the poor net man.

Magnus Beutner

Again, bought politicians at play here protecting BIG businesses “intellectual preperty rights” at the cost of democracy.

http://twitter.com/alastairh Alastair Houghton

Small businesses and individuals have copyrights on things too, you know. Somehow this always gets forgotten in these kinds of discussions.

Tim

Small businesses and individuals handle their infringement issues more directly. They are not forgotten in these kinds of discussions, they simply gain no protection from this type of action.

http://twitter.com/alastairh Alastair Houghton

Actually, no, they have the same problems and have to use the same mechanisms (I should know, because I run such a business).

Fieldsr6

Interesting, I hadn’t thought much of SOPAs effect on small business’s copyrights. Coming from your experience, what are your thoughts on all of this?
Trenton Craig

The problem is, Alastair, that the larger companies will be more likely to have their requests implemented more quickly, while your efforts might take a rather long time to be implemented.

The technical practices that this piece of legislation proposes fly in the face of DNS architecture. No one is saying infringement ins’t an issue. This bill, however, goes about battling it in a way that would be more detrimental than beneficial.

Paul Smith

Yes, I run one. And SOPA could easily kill it. How? We produce music recordings for composers. A big media company simply has to claim our recordings infringe their rights, and, presto, our website can be eliminated. They don’t have to prove infringement. And the accused site is afforded no prior defense by these ineptly conceived laws.

I’ve already had BMI submit a take-down request to YouTube for music I composed and recorded! At least Google offered me the chance to explain why BMI was wrong, and they listened to me, ultimately rejecting BMI’s request. Under SOPA BMI wouldn’t have to do that. They and other big media companies would have no disincentive simply to issue as many infringement accusations as they can afford to create. And Google would not be required to listen to or side with any accused site.

So, small businesses are perhaps the most likely to become the adversely affected, innocent victims should SOPA pass.

Trenton Craig

I said something similar to this above, in that larger companies will likely have their requests granted much more quickly and blindly than small businesses. There’s no question that this piece of legislation was drafted by corporate-favoring lobbyists.
Anonymous

Post SOPA: file complaints against all the big entertainment businesses? Win.

Sheldon

It may seem like that is the issue, but it is really about censorship and communication. The government is afraid that you will wake up one day and see what they are doing. On that day, you might decide to protest or fight. You might decide you are tired of the evil, the murder and the lies. They must be ready because that day is coming.

http://twitter.com/alastairh Alastair Houghton

It’s probably worth pointing out that if ISPs and registrars were acting ethically in the first place, SOPA wouldn’t be necessary. Most ISP and registrar TOS agreements already state that use for copyright infringement is not permitted and cite the TOS as cause for contract termination.

Unfortunately, ISPs and registrars seem not to want to enforce their own TOS, and worse, actively protect infringers’ identities, *even when* the infringement is blatant. That is, you could set up a site tomorrow that stated plainly on its front page that it was for illegal download of movies, and in many cases the ISPs, registrars, DNS providers and others will ignore anyone pointing out that it was a TOS violation, will refuse to provide the identity of the owner without a court order in their own jurisdiction, and will generally and deliberately act in a manner obstructive to copyright holders.

Part of SOPA is actually intended to remove one of the few legitimate excuses ISPs and others have for this behaviour, namely that they were worried about being sued by their own customer.

Lincoln McCormick

Your use of words like “ethically” is frightening. It is neither your place nor that of the law to attempt to define a normative ethical standard. If ISPs are not acting *legally*, then perhaps we have a problem – a problem for which, no doubt, some kind of actual statistical evidence would then exist, which could perhaps have been included along with your comments.

So far the objections to SOPA presented here have come in the form of technically solid facts… and you’ve decided to counter them with sweeping, unsupported opinions. So I suppose you’ll understand if I’m not compelled to change my opinion.

http://twitter.com/alastairh Alastair Houghton

Why do you find the notion that businesses should behave ethically “frightening”? Are you really suggesting that anything you can do that is legal is OK, however awful it might be from an ethical perspective?

FWIW, my opinion of SOPA is that it probably won’t fix the problem, and I agree with many of the objections. It is, however, undeniable if ISPs, registrars and other service providers had acted on their own behalf and withdrawn or refused service when it was pointed out to them that the site they were hosting was dedicated to copyright infringement, nobody would be bothering with SOPA.

As for defining an ethical standard, let me list a few things that definitely aren’t ethical according to any reasonable standard you care to come up with:

1. Taking money in exchange for hiding the identity of someone who is obviously, overtly infringing or facilitating the infringement of someone else’s copyright.
2. Taking money in exchange for hosting a website dedicated to the infringement of other peoples’ copyrights.
3. Taking money in exchange for registering a domain that is being used exclusively for the purpose of facilitating copyright infringement.
4. Accepting donations or payments on behalf of a website that is dedicated to the infringement of other peoples’ copyrights.

IIRC none of those things are currently prohibited by law in most jurisdictions, and unfortunately it seems that many ISPs, registrars and payment providers are quite happy to do all four of them, and will make no attempt to do anything about it when it is pointed out to them, even when the activities in question are clearly prohibited by their own TOS, and even when it is blatant.

And in case you feel that ISPs, registrars et al are somehow not able to decide anything on their own account, you might care to compare what happens when someone points out that they are providing service to a copyright infringement site with what happens when someone points out child pornography. In the latter case, it seems ISPs, registrars and indeed payment providers can and do take action on their own account, to a greater extent than that required by legislation.

wallyworld_mn

Sadly, your position regarding ethics is valid. Your concern reflects a behavior norm in many industries and it happens wherever people think that they can make a quick buck. You will be attacked by those that either do not understand how pervasive it is or do not care. We absolutely must protect the openness of the net but must not let it shelter blatent theft and piracy of the legitimate companies and people that have played fair.
Jules

”
As for defining an ethical standard, let me list a few things that definitely aren’t ethical according to any reasonable standard you care to come up with: 1. Taking money in exchange for hiding the identity of someone who is obviously, overtly infringing or facilitating the infringement of someone else’s copyright.”

How about:

1(a) Providing information that was passed confidentially in the expectation that it would remain private to a third party without due process of law to ensure that said third party has an appropriate legal right to the information.

Actually, in my country, that would be illegal, not just unethical.
Trenton Craig

Having worked for two different ISPs in my career, you are mistaken on one thing, which is central to your argument.

The ISPs and other companies who provide hosting have TOC that prohibit posting copy righted material without permission. They do not have the manpower to scan all the sites they host or hosts that they provide services to.

To ask an ISP to scan every host, or a hosting company to scan every single page on its host for violations, or to ask a registrar to take care and analyze all the content of every domain that is registered through it, is beyond insane. It’s not possible.

When a copyright infringement is detected, a letter is sent to the ISP responsible for providing internet access to the offending host. That letter is handled usually by a fraud department within that company, and the offending host, if identified, is notified. Also, depending the policies of the ISP, those hosts could be suspended from internet access upon the first offense.

Let me also add to this argument that many torrent sites, and sites that provide access to copyrighted material without permission are not hosted within the US, nor are they registered through US-based registrars.

So… I agree with what you are saying but to tell us all that the ISPs, Registrars and hosting companies are all in it for the money is true, but to say they turn a blind eye to IP theft is ludicrous.

It is simply not possible for those companies to monitor every customer of theirs for infringement.

Anonymous

I too work for an ISP and you are dead on. It would put us under to have to implement SOPA.

255.255.255.255

Business Ethics? Isn’t that an oxymoron?
Incredulous Ted

Alastair: “FWIW, my opinion of SOPA is” — nonexistent and created for the purpose of pandering to one or both sides of an argument.

The problem with SOPA is not that it names a nonexistent problem (copyright infringment) so much as that it seeks to destroy a carefully engineered, MASSIVE network of valuable systems for the purpose of securing higher gains (the industry still makes gains or it would not be able to lobby, i.e. bribe our representatives) of a relatively small group of people (executives and middlemen.)

Your sense of ethics is infuriating. You seem to believe that allowing private interests absolute control of information for the purpose of saving their profits is ethical, while at the same time believing that ISP’s protecting the identity of their clients and attempting to protect their own business from being damaged (as in refusing to comply with excessive, badly-written, illegitimate or otherwise inaccurate copyright infringment claims) is unethical.

Content creators with a solid understanding of the principles of computer networking and the functionality of the internet (i.e. members of Ars Technica, the creator of XKCD, members of the EFF, among many others) are against this abuse of power and would not seek to defend its supposed purpose in the face of its massive potential (and quite possibly intended) abuses.

Develop an opinion based on fact rather than fear-mongering and inflated statistics:

VII. Conclusion
We find that file sharing has no statistically
significant effect on purchases of the average album in our sample.
Moreover, the estimates are of rather modest size when compared to the
drastic reduction in sales in the music
industry. At most, file sharing can explain a tiny fraction of this
decline. This result is plausible given that movies, software, and video
games are actively downloaded, and yet these industries have continued
to grow since the advent of file sharing.

The Effect of File Sharing on Record Sales, An Empirical Analysis
Felix Oberholzer, Harvard Business School
Koleman Strumpf, UNC Chapel Hill

wallyworld_mn

Simply turning a blind eye to the issue is no solution.

Anonymous

You’re painting with a broad brush what is best left to a pencil. The ISPs and Registrars who ignore legitimate abuse complaints and DCMAs are actually few and far between. I find that they’re generally Asian (China comes to mind) and there was a time when Joker (the German DNS registrar) was the best place to get abuse complaint-complaint-free domains.

What you’re missing is that content providers are not a police force. They generally have a very small staff compared to the number of customers they support. That’s what happens when you all buy the $19.99 all-inclusive hosting package. You get cheap outsourced tech support and no server police, do the math and I bet you can figure it out!

http://twitter.com/alastairh Alastair Houghton

What makes you think my opinions are “uninformed”? Unlike most people, I’ve actually *read* SOPA, and as a software developer (working for a *SMALL* business, not some huge mega-corp), copyright and the problem of enforcing it over the Internet is something I’m quite familiar with.

“Legitimate abuse complaints” and DMCA complaints do not address the problem, sadly. For instance, many ISPs do not regard it as a problem if one of their customers runs a bulletin board site that is exclusively dedicated to copyright infringement (since in most jurisdictions that is not illegal), provided that no infringing material is hosted on their equipment. You can file abuse complaints and DMCA complaints until you are blue in the face, but it won’t help with that.

DMCA complaints are also largely useless, as it turns out. File-sharing websites typically drag their heels over complying with them, and will insist on things that are not stipulated in the legislation (e.g. specific wording, or that all complaints are made via a web form involving a CAPTCHA). And by the way, removing a file that way usually results in the usual suspects uploading twenty more copies.

As for your argument that some of the firms in question do not have the staff to properly deal with problems like this, I’m afraid I have no sympathy. It boils down to complaining that “I can’t make a profit if I do the right thing”.

http://www.facebook.com/profile.php?id=731146210 Carlos Vergara

Dude, the fact that your business depends on the scarcity of something that has become ubiquitous means your business is flawed and you should get the hell out of there like, NOW or go the way of the dodo. I’m sorry about that.

Mucking with the core architecture of the internet won’t change the fact that I can throw thousands of copies of your crap on the streets via pendrives, minicds, dvds, sd chips or goddamn hand printed circuit cards were that necessary. Your problem won’t go away just by destroying the modern main cultural backbone of the west.

Tagarna

It should be noted I’m not being derisive to you or what you do when I talk about you “crap”. I should probably have said Your uncustomized, highly transportable and easily duplicable bytestream.
Yes_crap

I think instead that he mean ‘crap’
Incredulous Ted

You, sir, are my hero. This guy is a software developer and yet seems to think that years of systems analysis and design, along with countless more years of research and hard work improving upon the system should be corrupted and warped to suit the interests of private corporations in the U.S. at the expensive of the rest of the world. That way, he can be sure that people won’t sell keygens for his product that is probably built upon open-source libraries and written in an unlicensed copy of an IDE.

NoeValleyJim

You need to find a better way to support DRM without breaking the infrastructure of the Internet. This is really your problem, you should solve it yourself, not try and force ISPs to act as police agents for you. If someone in your neighborhood started selling drugs from their house, would it make sense for you to be deputized to stop and check people walking down the sidewalk? This is effectively what SOPA requires ISPs to do.
Jules

”
“Legitimate abuse complaints” and DMCA complaints do not address the problem, sadly. For instance, many ISPs do not regard it as a problem if one of their customers runs a bulletin board site that is exclusively dedicated to copyright infringement (since in most jurisdictions that is not illegal), provided that no infringing material is hosted on their equipment. You can file abuse complaints and DMCA complaints until you are blue in the face, but it won’t help with that.”

So you believe that you should be able to enforce US law against non-US citizens who are not performing any activity in the US and are complying with all their local laws, simply on the basis that you prefer your law to theirs?
Samuel Nelson

Small businesses are generally helped by piracy. Research network externalities – several major businesses (Microsoft, Adobe, Lotus) made use of very basic, easy-to-break copyright protection (serial keys) combined with trial versions of their software that could be activated with a serial key to make their software popular. Then, they charged insane amounts of money for it and relied on businesses paying the excessive fees because so many people had pirated it and knew how to use it that they determined the cost of the program a worthy alternative to training new employees in on something else.

Small music artists, writers, and so on are also helped by piracy, albeit more indirectly. If I download 3,000 songs from artists that have been recommended to me and I like 50 of them, I’m probably going to go out and buy music from the 50 that I like. There is no conceivable way to pull this off otherwise. Admittedly, this relies on the moral compass of the individual, but I think you’ll find that the individual’s moral compass is much stronger than that of any corporation.

As said before, business models that can’t compete with piracy should either grow and evolve or shut down. Make sure legitimate customers are not hindered by anti-piracy methods. Make sure that people pirating the product can’t get some features of the full version (e.g. paying customers of an office program could pay for an account on the company’s server, where their documents will be automatically backed up and available from any computer that has the office program in question installed).

Don’t whine and moan about how piracy is stealing your sales, because in reality, you’re the one to blame. If you can’t find a way to compete, chances are your business would fail anyway.

Malkin_grey

It should also be noted that the “piracy is stealing potential sales” idea has been thoroughly refuted.
I’m an independent artist whose work has been downloaded for free over the internet. It has HELPED sales of my work, as people who wouldn’t have access to it have heard it, liked it, and bought it to 1) support the original artist, and 2) get the “extras” I offer with every sold copy.

It should also be noted that many musical artists share their OWN music for free through filesharing (Ozzy Osborne and Trent Reznor, for example); they would be shut down by SOPA for doing so.

Lastly, some individuals & media companies have been claiming copyright infringement against rising YouTube artists who are unsigned/independent. Google has noticed, I’m sure, and many of these artists have complained to Google about the record companies doing this. BMI and Kent Hovind are the biggest instigators, but others have been doing it as well. SOPA would have YouTube itself shut down without investigation, just for one of these false claims.

Anonymous

So, I can set up a website and let other people download music and stuff “unethically” because:
A: ISP’s won’t do anything &
B: Ethics are personally relative.

wallyworld_mn

If ISP’s could be counted on to be ethical members of the net community, then this would not be necessary. Experience has already shown that the existing tools are not sufficient. While I don’t disagree with some of the concerns, I’d be more interested in a position that helps correct the peroblem rather than opposition without a plan to actively find a solution.
concerned Dutch internet user

I find it difficult to understand why the USA thinks it has to police the complete internet. For example: .com is not exclusive for the USA, so a Dutch site-operator can use it too, now if this Dutch site does nothig wrong (by Dutch laws) the USA still can take this site down -worldwide- if they feel it is against their laws or interests.

- What is your opinion on the extent of these laws?
- If the USA can filter / takedown sites it does not like what make it defferent from eg. China that also limits access to cerain sites.
- Do we need a global internet authority like the UN – that regulate the internet?
— Do we trust them to handle in our best interests, in stead of where the money comes from?

Martijn

DNS root definitely needs to be maintained by a neutral organization in a country able to guarantee its continued neutrality. (I propose Switzerland or Netherland, both of which have an excellent record on these things.)

Exactly how hard it is to move these responsibilities to outside the US, I have no idea. Assuming ICANN and Verisign can’t/won’t cooperate, it probably means that the entire rest of the world will have to agree to ignore them and listen to someone else from now on. This would probably save the non-US internet, but seriously break the US connection to the internet. The US will probably put a lot of diplomatic pressure on countries to stay with their DNS root, and countries that are very dependent on the US will comply.

BB

If we all ignored the US and allowed them to fall into their own internet black-hole, like China et al, it might stir up some action among Americans. I say let the US have its own way within the US and let them see the consequences.

Anonymous

The sad problem with that, is that this will have farther reaching problems than just in the US, at least at first, until people start getting circumventions up for SOPA/PIPA.

Or it could just be like the proxy battles at my school. They go like this:
Students use a proxy to bypass the school filter. The school filters that proxy, and all others it can immediately find. Some students use their home computers to route traffic through, and the school filters those. Another proxy pops up and the students pass it around while keeping it away from the teachers. This proxy eventually gets filtered, and the students try to find a new one. This continues ad infinitum.

Tyster04

Internet censorship worked very well in China and drastically improved its economy and overall happiness and contribution to the global market, right? Right? By the way, that was sarcasm.

Longbowmail

Almost raged. Thanks for identifying the sarcasm.

Snfubar

but you trust big tech more? really? I wouldn’t be so quick to put google up on a pedestal…

http://www.forbes.com/sites/ericsavitz/2011/08/24/google-to-pay-500-million-to-settle-pharma-ad-probe/

Anonymous

Yes, I do.
Both are untrustworthy but at least big tech can’t extradite me and toss me in a jail cell.

Me

Actually, the whole point of SOPA is to change this.

feet

No, it gives the power to throw you in a jail cell to the entertainment industry.

http://pulse.yahoo.com/_QYFOZZ5MKPMZ7ZKU2DI4FPSF5E Brian

Yet…

http://pulse.yahoo.com/_Q2EXPV4ZTPZSG7KOLSTNGNKKTE LewisC

In the place of a Dark Lord you would have a Queen! Not dark but
beautiful and terrible as the Morn! Treacherous as the Seas! Stronger
than the foundations of the Earth! All shall love me and despair!
Meh

Better the devil you know I suppose…the US is run by corporations anyway so we might as well acknowledge their authority.

Anonymous

Why it thinks this? Simple. The US lawmakers have been bribed . . . uh, sorry, had campaign funding donated to them.
Longbowmail

I didn’t even think of that. Then again, I wasn’t aware how much control we had over the worldwide internet before today.

Flibberdy

“If ISP’s could be counted on to be ethical members of the net community”
” if ISPs and registrars were acting ethically in the first place”
If the music industry could manage to recruit intelligent trolls, they wouldn’t use the same script on the same article.
Mike Latter

I am sure that Tom Daly has a good point – if only I could understand what he has written. Why do techies always write in such impenetrable jargon?
Mike

http://twitter.com/tomdyninc Thomas Daly

Hey Mike,
Sorry for all the techno jargon, its just the world that I live in. Here’s a few links around the ‘net that might help you out:

First, our post from our CEO, Jeremy Hitchcock, on SOPA in general: http://dyn.com/sopa-what-you-should-know-why-dyn-opposes-it/
Second, Wikipedia article on the DNS server types; the difference between authoritative DNS and recursive DNS is critical to know: http://en.wikipedia.org/wiki/Domain_Name_System#Name_servers
Last, think about it this way – if there was a TV show that was illegal to be on the air in the United States, should the Government go out an censor that TV show by asking every American to block it on their TV? Probably not, the FCC should likely go talk to the network that produced the show. SOPA talks about doing the former, wheras the later is safer for the Internet as a whole.

Hope this helps,
Tom

BobA

As a former DNS Engineer for a large carrier I concur with Tom completely. SOPA is is technically – well stupid is an OK description. It’s bought politicians ramming more congressional idiocy down our throats at the direction of their patrons which besides the technical issues raises the specter of censoring information causing yet more tears in our Constitution plus the impact on the global Internet because of corrupt US politics.

wallyworld_mn

So suggest a solution instead of making nothing more than a polital statement. Be part of the solution and not part of the problem with discourse.

https://plus.google.com/u/0/105252935991882231598 Henry Goodwin

And your point is?
Fieldsr6

Solution: Don’t allow a decrepit industry with a fundamentally flawed and outdated business model to strong-arm the government into passing detrimental laws that it doesn’t fully understand the technical implications of.

The only way to prevent piracy is, and always has been, to compete with it by offering better services. Other than that, it’s unstoppable.

Mega1mpact

For example spotify. I used to download most of my muwic illegally because it was too expensive to buy them. I had no chance to discover new bands without downloading them illegally. Ofcourse i stillwent to concerts wich gave the band some money but i almost never bought songs. Spotify changed that. I can now listen to as much music as I want for half the cost of a album a month.

There are artists out there, for example Dan Bull, who know that people won’t have a chance to discover his music if they must pay money for it. Because it would cost too much to “discover” more then a couple of bands a month. So he makes the music free to downlaoad and listen to but he tells people that he would apriciate it if they would buy it.

Anonymous

If you aren’t part of the solution, you’re part of the precipitate!

http://twitter.com/tomdyninc Thomas Daly

Hey BobA:
“As a former DNS Engineer…” <– .o0O (http://dyn.com/about/careers/)

Just sayin' – it's a great place to work with an awesome team behind it.

Tom

Mark Wooldridge

From my understanding, SOPA does definitely break the Internet as it stands. All we need now is someone (often going under the name of “Anonymous”) to go in and poison the SOPA feed. If that were to happen, I would suspect that perfectly legitimate websites would disappear from the Internet for quite some time – much longer than a normal DNS hack would do.

How hard would it be to set up a demonstration DNS server that would be SOPA compliant (as the Act is presently written) and show how bad the problem could be?
LoopBak127

I’ll just keep my own “hosts” file updated… Problem solved. Have a nice day …

Congress should pack up for Christmas and just stay home … happy holidays!

http://twitter.com/Luvz2Fly Gary R

Well that didnt take long!
DeSopa for Firefox Bypasses SOPA DNS Blocking

Lawrence

So the only two alternatives to the broken SOPA method will result in worldwide disruption of a site based on a non-judicial decision driven by corporate interests. That would be a digital declaration of war. And you really wonder why they are not considered. SOPA is a US abomination, and must remain contained in the US.

Malkin_grey

Actually, it shouldn’t even be in the US at all. It violates net neutrality, freedom of speech, the Fair Use Act, and the basis of the US judicial system.

Dru

I’m a patent owner and a small business owner. I paid money to the U.S.P.T.O. so that one day the would protect my patent if need be. I haven’t read SOPA or PIPA,so I won’t be commenting on them directly,but the U.S. constitution includes the following:

To promote the Progress of Science and useful Arts, by securing for
limited
Times to Authors and Inventors the exclusive Right to their respective
Writings and Discoveries;

And since clearly internet piracy has been rampant for well over a decade,something must be done. The basis of the U.S. judicial system includes the idea of parity–equal treatment. If I expect my property to be protected,then I should demand that others’ property is protected too. Perhaps we need something better than these two proposals,but we do need something.

Anonymous

You are saying that people are downloading and spreading patents over the internet now? Hello?
Where is this taking place?
kiwi

‘Author’s and inventors’.
I think that the people who wrote your constitution had no concept of ‘the corporation’ as it exists today. The intent seems to be individuals receiving a fair recompense for their work, rather than the gigantic, bloated, beuracratic, inefficient corporate leaches you have today.
Your small business may fit the bill..
Please

Dru, no one is telling that the megavideo-stuffs was not violating copyright, but this is like repairing a computer with a metal bar
Incredulous Ted

Are you really that dense? “I haven’t read SOPA or PIPA..” this is a discussion of SOPA and PIPA. Your entire argument is irrelevant, and if you read those bills you would know that they effectively destroy or at least severely cripple the progress of science and “useful Arts”.

mulberry

It has entered my thoughts that this technology also enables a way for governments to shut down sites like wiki leaks.

Codcae

how … convenient?
Me

Wanna bet that all the “Top Secret” files are copyrighted by the U.S. Gubbermint?

Anonymous

US Government documents are uncopyrightable (if that’s a word) as per the freedom of information act, but I’m sure there are plenty of other things on wiki leaks that could be construed as “copyright infringement.”

Farukanpanchu

True, except nobody has to prove anything to get something taken down, now do they?

Idiot alergic

In the long run I think it would make sense for american companies to move their servers abroad!

As a non american citizen I avoid services deployed on american ground. Dropbox is a good example. Use Wuala from Lacie (Switzerland) where it is perfectly legal to keep encryption keys on *your* machine rather on the servers!

I also like the acronym SOPA. In swedish that is a slang word meaning “dumb”, so it is a perfect name for this

Herr melin

I think I would translate it to ‘rubbish’ but, however, it is still a perfect description regardning the implications of this bill.

dan

Sopa is a terrible idea. Under no circumstances whatsoever should copyright infringement be seen as a greater evil than restricting the free, open, and level playing field of the internet.
Anonymous

After the 11th of September 2001 Mr. Bush turned the United States away from the previous trustworthy and respectable path and nobody has got it back on-track yet.

Tom, Thank you for putting us in the picture that was a very intersting letter especially as few people in Europe have heard or care about SOPA.

I have been in the communications business for many years and can remember the days that I had a BBS telephone number list. Breaking the DNS will not stop people anywhere from getting where they want. The IP address of a DNS server is configurable and I am sure you are right. Somewhere a “rogue” DNS server will pop-up and get people there where they want to go.

Don’t let burocrats mess around with the technique, thats what technicians are here for.

I’d like to give my thanks here to all the DynDNS team.
Stecman

Not a bullet proof plan as people can easily be corrupted and many would not want to risk losing their job(s), but if SOPA was to pass, couldn’t all the technicians just refuse to do it / go on strike? No matter how much money I was offered, I would never help put something like this into effect.

http://www.facebook.com/people/Bryan-Martin/100000983872934 Bryan Martin

Combined with NDAA they will be labeled as terrorists and disappear off the face of the earth.

Dave H

Would a domain such as .info or .eu offer better protection for non-US hosted sites? (The company running .info does have offices in the US, but it’s headquarters are in Europe.)
http://twitter.com/ahm Avery

You should note that options 1 and 2 appear to be infeasible. Option 1 would simply bump infringing sites to foreign TLDs, and torrent sites have already moved to other TLDs in the face of those weird ICE takedowns. Option 2 is ridiculous — Dyn would suddenly have responsibility for managing infringing sites, or else Dyn would surrender them to the government in which case we return to option 1.

So, it looks like the way this will be done in effect is option 3, which is indeed quite dangerous and exactly the same system used by China and Iran.
steven

what i dont get is why some sites like facebook and twitter are in jeopardy. what do they have to do with online piracy?

Tiron

That’s actually the point of the opposition: They have little or nothing to do with piracy. The fact that they’re affected by the bills anyway is one of the (many) reasons they’re bad bills.

SOPA/PIPA allow sites to be added to the block list if they so much as LINK to ‘infringing content’. The safe harbor provisions provided require that they more or less proactively remove such links. This means that EVERY site hosting user-generated content has to check each and every single thing that’s posted, manually, to make sure there aren’t any links to ‘infringing content’. If they don’t, they risk being essentially taken off the web.

This requirement makes anything that involves postings from the public economically nonviable: it’s simply not possible to make enough money to pay the number of people required to police it. Such sites would either have to shut down, or basically write off the US entirely, as it’s almost inevitable they’d be blocked sooner or later.

Jules

Simply writing off the US doesn’t help. As long as it’s possible for US users to access them (which is actually very hard to prevent), they can still be held to be infringing, which means their domain services, advertising services, and payment services can be cut off it they are controlled from the US. And as in the end all commonly-used payment services worldwide are controlled from the US (i.e. Visa, Mastercard, and American Express), this is a problem for everyone running a commercial service.

Sarcastic Dude

Hey – everything that everyone has been writing on this blog, I’ve already thought of. You are all STEALING my intellectual property! Cease and dissist NOW! Boy, I hope we get some laws passed soon that will keep you filthy pirates away from my personal ideas.
Branden

The US government seems to think its laws should apply to the whole world. This is just like when they threaten legal action against foreign websites, despite complete lack of jurisdiction. So now instead of going after the sites themselves, they are simply taking it upon themselves to prevent the site from being accessed in the first place. Either this bill needs to be stopped, which doesn’t guarantee lasting safety as another could come along in a few years, or we need some sort of neutral authority to ensure the continuity of the internet.
Tyster04

My biggest gripe (technical details aside as you all covered them so well): The American national government is a service of the people, by the people and FOR the people. The government does not own the money collected by the tax, but rather administrates it for the benefit of the people — ALL the people. This act would take the money of ALL the people and dedicate it towards SPECIFIC companies. The money to enact and enforce this law would not come from thin air (ok, so it could and further inflation would ensue), but would likely come from more important things like public education or law enforcement. How about we work on improving the enforcement of our current laws rather than making new one. I’m sure business owners could relate easily; a problem isn’t a lack of products, but rather a lack or quality in the current products. How many board meetings conclude with the decision to make more new products without finishing or maintaining the current ones?
Americans make me laugh

I think World War 3 could be totally fought online. My brother’s a really good World Of Warcraft player. Perhaps he could become a general?

He’ll have to lie about his age when he signs up though, he is only 9 after all….

Anonymous

Dude, WWIII would totally be fought with CoD:MW4. ;P
Each person only gets one life.
Everyone chooses a side: 20 billion people on one side(multiple accounts, IP spoofing, and botnets, Oh My!), and everyone who supports SOPA/PIPA on the other. >:D

Phoney McRingring

who needs DNS?

before smart-phones, we used to be able to remember phone numbers… as Phoney McRingring said ”… even monkeys can memorize 10 numbers. Are you stupider than a monkey?”

just 174.122.148.158 it!… 174.122.148.158 is your friend

Hmm

Phone numbers were specifically chosen to be 7 digits because it was shown that people actually CAN’T easily remember lots of 8+ digit numbers. Back in the day, most of the people you would call regularly would be nearby, so no area code. Nowadays, most people just let their phones remember the numbers for them so it doesn’t matter. Besides that, it’s just going to get worse as IPv6 takes over. Having your browser “remember” IPs
(i.e. bookmarks) isn’t all that great either: people don’t use only one computer like they use only one cell phone.

Blackberry Photo

Actually, the number of digits a person can remember is largely dependent on language. For English and most Latin-based languages, seven digits is all you can do.

With Mandarin, numbers take slightly less time to speak – and therefore, a Mandarin speaker can usually remember ten digits! See Malcolm Gladwell’s book “Outliers”.

Sture

At heart, americans don’t want to be free. Why else would they vote for the same morons every time ?

Farukanpanchu

sadly, there is nobody but morons to choose from

Youbet

also, they are all the same moron!

anonymouse

Can the underground really ever be quashed? Haven’t these guys learned anything from 4000 years of history?
255.255.255.255

Perhaps DNS registrars, certification authorities, etc, should be considering relocating all their operations to outside of the US? The internet in the rest of the world could continue just fine without US involvement. The cables would be effectively cut, and the US would become like North Korea, pretending to be a successful regime to the outside world when the reality is far from it. It’s already headed that way with so many relying on soup kitchens. These acts could completely cripple the US economy (which relies significantly on media exports, backed by advertising power) and push the country into third-world status…
um..

Having read
the article and the comments:

SOPA will
not properly nor appropriately fix the problem.
The problem is that pirating is illegal, unethical and exceedingly rampant.

There is no
viable system to solve this problem, since intimate knowledge of any system can
be circumvented or the intent of a system abused by a(n) enterprising (if not
unethical) mind(s) (the fact that a corporation can even exist is evidence of
this (ie how to exploit free people)). Although an idea for a tool to combat it
could include heuristically scanning packets at the border, and blocking
traffic via lower OSI layer filtering (not DNS). The US government would only
be permitted to look at the top one hundred identified foreign IPs’ daily that
are presented by such a heuristic algorithm, they would have to visit each IP
in turn to ascertain if the purpose of the IP is to facilitate piracy, then
they would have to get court orders (provided they are able to supply adequate
evidence), they would then proceed to block the IP, and inform the ISP, and the
ISP would then inform the host, who could appeal the court order and if they
are found in the wrong then they would have to pay for the entire court
proceedings. When such a host would move their “piracy site” to a
different IP, then the process either begins anew (in the case of a new ISP) or
escalates (in the case of the same ISP). Should the foreign ISP choose to
“free up” that IP address, they can inform the US government who
would subsequently unblock that IP. Another option in terms of a DNS solution
is to come at this like e-mail spam with a tar-pit and RBL solution, and that
wouldn’t be exceedingly difficult to set up either. Neither of which will stop
piracy, they’ll only be a bit of a hassle, which may help address at least the “rampant”
part of the problem.

I’ll segue
now and look at the problem itself, that being piracy is illegal and unethical
and exceedingly rampant. Well, if it’s so wrong, then why is it so rampant?
Either the issue is blown out of proportion, or the world is full of criminals.
I’m leaning toward a little of both, I mean seriously now, this isn’t child
porn or snuff films we are talking about here, we are talking about copying
music, movies and software, which will occur regardless of what happens with
SOPA. Music, movies and software are products of business (both large and
small), which both legally and (in some cases begrudgingly) ethically deserve
to be protected, however you can in no way fully protect these assets once someone
has a copy, therefore; if you want to keep your copyright, keep your product to
yourself. If we cannot sustain our businesses because of piracy then we need to
re-vamp our business models to become sustainable despite piracy.

SOPA: Why Do We Have To Break The DNS?

Enjoyed this post? Share It!