Slashdot Mirror

← Back to Stories (view on slashdot.org)

Above.net Blackholes, Unblackholes Macromedia

Posted by jamie on from the I-didn't-know-they-could-do-that dept.

Last week, neonzebra wrote us: "In addition to peacefire.org, and thousands of other blacklisted sites (some unjustifiably), the SPAM nazis at Above.net have now added internet software giant Macromedia to the list. Anyone trying to access Macromedia's website through Above.net's backbone will get a 'site not responding' error." And around the same time, aangelis wrote: "It seems that for the last 4 days Macromedia's web servers give back to my browser not even a bit! Are they down? Maybe it is a DNS problem, but nearly twenty people located at Greece, EU told me the same thing!" It wasn't a DNS problem. Last week, in a high-profile example of stealth blocking, Macromedia's website vanished from a significant minority of the internet. The site reappeared Friday, but I think it's worth taking notice of what happened last week anyway. Details below...

This is a sequel to last December's article, MAPS RBL is now Censorware. For the (very) long version of how the RBL works, and how it sometimes fills the same role as "filtering" software, go take a peek.

The short version is that a small group of anti-spam crusaders called MAPS publishes the RBL, which many ISPs subscribe to. Those ISPs block mail to and from addresses on the RBL list.

Some subscribers, notably the backbone provider Above.net, whose CTO is a MAPS co-founder, use the RBL to block not only mail but all internet traffic from IPs listed by RBL. Thus, to cleints of these providers, sites deemed to deliver spam -- or merely deemed spam-friendly -- just drop off the net.

That CTO/co-founder is Paul Vixie, author of Vixie cron and BIND and all kinds of good stuff. He makes some interesting observations about censorship in a 1997 SunWorld interview.

I checked the RBL's servers Thursday night and found that two of Macromedia's IPs were actually blocked. postal.macromedia.com was blocked, which makes sense for stopping spam; presumably that's where the spam emenates from.

But the other IP blocked was www.macromedia.com, which is of course their Web address. Blocking this address, I would assume, stops no spam from reaching anyone's inbox.

What it does do is get Macromedia's attention. Because Above.net blocks all traffic and is a major backbone provider, being put on the RBL effectively takes a site off the net for many users. Taking down a big corporation's website is a good way to show you mean business.

(Above.net's abuse department said I would have to talk to public relations, but their PR contact did not return repeated phone calls.)

I spoke with a Macromedia spokesperson both last week and today. She confirmed that "there were two addresses blocked, one of which resulted in users worldwide not being able to access the website." She also repeated several times that they were on the RBL for their email newsletter "the Edge," saying it "does have an opt-in model, that does not spam."

She also pointed out that "worldwide access to macromedia.com has been restored." That access happened sometime Thursday night or Friday morning. Our Slashdot submissions about the downed site came in on Thursday, and I confirmed the IP numbers' presence on the RBL Thursday during the day.

I've contacted several people at MAPS, but they had no comment and (per their policy) refused to tell me how long those IPs had been on the RBL.

The rationale for the RBL is that it tries to "prevent ... our paying, in money and resources and our own time, to receive and process, or relay, traffic which is nonconsensual in nature." (Their emphasis.) What is "nonconsensual" about reading Macromedia's website? Why was www.macromedia.com on the list?

I'm only running this story because it's Macromedia. After all, one it's of the larger sites on the net, home of Flash animation among other things. If it can be quietly removed from a chunk of the net, who can't? (If you noticed Macromedia missing last week, post a comment!)

Take a moment to go read that stealth blocking statement, issued last week. I signed as a member of the Censorware Project; other signatories were the ACLU, CPSR, EFF, and EPIC. We're concerned that, as the statement says:

ISPs that practice "stealth blocking" are violating consumer protection principles and restricting user choice and freedom in cyberspace.

What do you think?

9 of 334 comments (clear)

  1. Noticed the problem, didn't notice the reason by ximenes · · Score: 5

    As it happens, I did notice that Macromedia's website was unavailable last week. I was going there to download Flash or something of the sort. After making sure that my general Internet access was still operating, I gave up and tried again a few days later.
    <P>
    The important part is that I had no idea why Macromedia's site wasn't responding. Presumably due to some kind of legitimate, undesired situation on their end somewhere. I never would have expected this to be the reason.
    <P>
    All this blocking by MAPS and Above.net resulted in was me, a user who has never received e-mail from Macromedia, being unable to do what I wanted to. Neither my employer or me are Above.net customers, nor are we users of MAPS. We had no idea of what was going on (that it had been blocked due to "spam"), and we were not in favor of the action being taken.
    <P>
    Nevertheless, we were affected by the actions of MAPS and Above.net, as were Macromedia. That isn't very acceptable to me. Is this supposed to be for my own good?

  2. Re:RBL getting out of hand... by jamiemccarthy · · Score: 5

    "I don't suppose Jamie checked the RBL evidence files before writing the article, did he?"

    I did. I saw documentation of one statement of one incident from one person alleging spam from Macromedia. Perhaps there were more somewhere, but I did not see them. I would really like to go back and read exactly what it said, but when I asked MAPS if I could link to it or just read it for myself, they said no.

    MAPS removed their documentation from public view when they took the site off the RBL -- and in several communications with them, they made it clear that (although they presumably had this information archived somewhere) they would refuse to let me look at it again.

    "The only comment's from Macromedia PR..."

    Correct. This is because Above.net and MAPS were unavailable for, and refused to, respectively, comment.

    "What the RBL administrators will have done would be to list the entire Macromedia netblock in which the spewing mailserver exists - NOT just two IPs, as Jamie says."

    I am not sure why you say that. Thursday, I checked the RBL and these were the only two IPs that were blocked (I spot-checked up and down from those two to see if others nearby were blocked; nope).

    "Peacefire, your favoured 'hey, there's another example', is collateral too - it is in the middle of a netblock containing a load of spam support sites (Sam Al's Samco, in this case) and was MOVED there by Media3 in August 2000, after the RBL listing for that particular netblock was in place (the listing is dated June). And Media3 is suing MAPS, and so MAPS is not going to remove the listing. I wonder whether Media3 was trying a publicity stunt, and using Bennett as a figurehead?"

    As Bennett Haselton wrote me when I asked him about this:

    It was August 2000, but it was planned months before it happened, and months before MAPS started complaining to Media3 about the content of the other sites. But all that the public knew was that the scheduled date of the transfer fell after the date of the RBL listing; that's why a bunch of people were screaming that Media3 must have done it on purpose to cause trouble.

    However, there were dozens of other sites that were moved, as a group, all at the same time. And Media3 knew that we were not using the server to send email, so the idea that they moved it into an RBL'ed range to cause trouble, doesn't make any sense -- they host a lot of sites that are (1) more popular, and (2) send more mail to their users, and those sites would have made a much better "human shield"! In fact, Media3 they found out that an application on our server *did* need to send mail to people, and was being blocked, they configured the server to route outgoing mail through another, non-RBL'ed machine, without me even asking them. They obviously wouldn't have done that if they were trying to cause trouble.

    When the discussion started on UseNet, I posted this information many, many, many times. And then I stopped.


    Jamie McCarthy

    --

    Jamie McCarthy
    jamie.mccarthy.vg

  3. Re:OK, a couple of things... by jamiemccarthy · · Score: 5

    "Macromedia could have fixed this 'censorship' problem in 10 minutes by separating the mail and web services on their server, and assigning the web server a new IP address."

    You completely missed the point. Macromedia's mail server and web server were separate. Their mail server was blocked for alleged spam, OK, fine. But their web server, on a totally different IP number, was deliberately targeted for blocking anyway.

    postal.macromedia.com 216.35.148.39
    www.macromedia.com 216.35.148.103

    Since (presumably) no spam comes from the webserver, the only point of putting it on the RBL is to annoy Macromedia by having the BGP-subscribed backbone providers like Above.net cut off their web traffic.

    "...by referencing 'nazis' in your first paragraph, you've already lost your argument..."

    -1, Redundant :)

    The submittor sent that in, I didn't edit it, we generally do very light editing of submissions (grammar and spelling, if anything).

    Jamie McCarthy

    --

    Jamie McCarthy
    jamie.mccarthy.vg

  4. "common carrier" status lost by Barbarian · · Score: 5

    This has been mentioned about 10^6 times in respect to censorship here before, but by selectively filtering IP traffic to places they don't like (for political and ideological reasons, not for network integrity reasons) does above.net lose any possible status as a common carrier, and are they now responsible for filtering traffic to meet US law? That is, are they going to have to filter out stuff like DeCSS, porn that violates decency standards, and whatever anyone can get a court order on?

    1. Re:"common carrier" status lost by mrsam · · Score: 5
      ...does above.net lose any possible status as a common carrier?...

      above.net has nothing to lose. The notion that ISPs are common carriers is an urban legend. You do not become a "common carrier" simply by proclaiming yourself to be one. The common carrier status is something that has to be explicitly granted by the FCC, and it comes with stringent standards and regulations. Neither above.net, nor consumer ISPs are common carriers. There is some confusion whether or not ISPs operated by RBOCs (Verizoff, USWorst, PacHell) are common carriers, or not, but that's about it.

      And just to clear up another popular misconception: above.net does not have any legal obligation to uphold anyone's First Ammendment rights. The 1st Ammendment only applies to the government. Unless above.net is a federal, state, or local, government agency, they are under no legal obligation to carry anyone's packets.

      Although I am not familiar with the details of this particular situation, I strongly support above.net's right to firewall anyone and everyone they choose to firewall for any reason whatsoever. What those pseudo-libertarians around here who are shaking with righteous indignation, right now, are failing to realize is that civil liberties go both ways. If you would like to have your civil liberties respected, you'll just have to respect everyone else's civil liberties too. Blocking network traffic to/from netblocks that you don't want to route traffic to is conceptually identical to not being able to tell people to stop driving on your front lawn. This is above.net's network, their private properties, they have every right to tell anyone that they cannot use it, just like you have the civil right to tell anyone that they cannot drive on your private property too.

      ---

  5. Too bad by babbage · · Score: 5
    Ahh, if only it were that easy to make Flash go away. Sadly, the software is out in the wild, and even if we cut off the source, we'll still be seeing stupid Flash intro pages for years to come. Killing off Flash is indeed an admirable goal, but I'm afraid this isn't the most effective way to do it.

    ;)

    --
    DO NOT LEAVE IT IS NOT REAL
  6. above.net blocked me, too by ahodgson · · Score: 5

    Above.net dropped packets bound for a couple of my systems last year, because I was a secondary DNS provider for ORBS, who Above.net was in a pissing contest with (mostly due to MAPS wanting to create a monopoly on anti-spam services, but also due to some questionable things the ORBS operator was doing from New Zealand).

    It's a fine line. Clearly, above.net has the right to do anything they want with their systems, and I fully support that right (it's the only thing that allows us to fight SPAM at all).

    However, their customers should know what they're doing so they can make an informed choice about who they get service from.

    Dave Rand, the MAPS board member and CTO of Above.net, actually sent me a note threatening to block my employer's class C if I so much as connected to any of above.net's mail servers, just because I was associated with ORBS.

    Bottom line - Rand's a dick. But, MAPS does good things and Above.net supporting them helps keep the real SPAM under control.

  7. Re:Not quite by rgmoore · · Score: 5

    This is a crap argument for two reasons. One is that there's no guarantee that even switching to another provider would actually help the situation. Above.net is a big backbone provider, so in practice it may be impossible to avoid using them short of building your own network. Saying that the alternative to accepting censorship is to create your own multinational corporation is not a strong argument.

    The bigger point is that getting access to web sites is not an optional service for a web provider. You claim, in essence, that you get what you pay for and that if you want good service you may have to pay more for it. But your restaraunt analogy points out that there are some aspects of a service that we consider to be essential, not optional, and businesses that fail to provide them should be shut down. In restaraunts, we expect that the food and facilities will meet certain minimum standards, and we have periodic health inspections to ensure that the restaraunts are meeting those standards. We are merely expressing the view that the minimum acceptible standard for an internet provider is that they deliver the information that their users request and not censor it because they disagree with the policies of the source.

    This is actually a pretty good analogy, because the kitchen of a restaraunt, like the backbone provider for an ISP, is something that's generally hidden from the end user. Most people aren't given the option of inspecting the kitchen of a restaraunt for roaches before eating there, and most users aren't given the option of finding out about their ISP's backbone providers before deciding whether to pick it. This is reasonable behavior in each case, but it means that the companies involved have a responsibility to maintain acceptible standards even when their customers aren't looking.

    --

    There's no point in questioning authority if you aren't going to listen to the answers.

  8. Re:Don't use Above.net by bobthemonkey13 · · Score: 5
    I'm suprised their customers let them get away with that crap.

    Unfortunatly, they can. Here's why:

    1. The automatic customer's response to a "DNS Error" message is "Oh, the web site is down." Almost noone stops to think if they are being censored unless the error says so (or they have other evidence)
    2. Abovenet is a backbone provider, not an ISP. Therefore, even if someone sees this story on some website, they probably won't know if it affects them. "Oh, but this is about Abovenet, I use (insert any Abovenet powered ISP)"
    3. Very few people are behind an Abovenet ISP, and try to visit a certain censored site on a certain day, and see a news story about that same site being blocked by Abovenet, and realize that they are using an ISP that uses Abovenet, and complain about it.