Slashdot Mirror
8 Ways To Circumvent the PROTECT-IP Act
Dangerous_Minds writes "One of the things that the PROTECT-IP act is said to do is make DNS servers censor websites that have been accused of copyright infringement. Drew Wilson of ZeroPaid decided to look in to how many ways he could come up with that would circumvent such censorship. He found 8 ways to circumvent such censorship. The article includes pros and cons and links to guides on how to carry out these methods. The methods are: using a VPN service, using your HOSTs file, using TOR, using freely available DNS lookup tools, changing your DNS server to a non-US server, using command prompt, using Foxy Proxy, and using MAFIAAFire. If anything, the list raises serious doubts that the PROTECT IP Act will even put a dent on copyright infringement online."
Best idea: Don't use DNS servers located in the United States.
I mean, at the rate our country's going, it won't be long before other countries just start walling us in. Not out. In. "Those 'mericans are craaaazy. They think they own this shit. Well, this here is mah router, and this here is mah website, and those yankee bastards can eat a bag of dicks."
Progress: It's gonna happen, whether Uncle Sam wants it or not.
#fuckbeta #iamslashdot #dicemustdie
"One of the things that the PROTECT-IP act is said to do is make DNS servers censor websites that have been accused of copyright infringement. Drew Wilson ... found 8 ways to circumvent such censorship. ... If anything, the list raises serious doubts that the PROTECT IP Act will even put a dent on copyright infringement online."
Think of our legislators as black hats, poking holes in our network infrastructure because they are malicious pricks, or getting paid, or both, but the end result is that we learn how to make the network resistant to their attacks. In a way, they perform an important function. Sure, we all prefer white hats, but the black hats are out there, in congress, running major corporations, and even in the White House. Nothing is going to change that, so we must secure our network from the threat they represent.
Stop-Prism.org: Opt Out of Surveillance
I think it can be admitted after all the previous examples of IP protection schemes that this is only going to inconvenience those who actually follow the law. Everyone else will quickly find ways around whatever protection this legislation creates.
Run your own recursive DNS resolver with DNSSEC validation. I recommend Unbound, because it's easy to set up and it runs on Windows and Linux.
Granted, it is technically still possible to censor your results by intercepting your DNS packets, but if implementations of DNS censorship in other countries are any indication, running your own resolver works nicely.
Legislation, even in a more dictatorial environment like China's is invariably slow and misinformed regarding technology. The delusion of those who think themselves in power can be stated in one sentence, "We think the internet is controllable."
And it is, sometimes, for a while.
More so in China where fewer wish to rock the boat (for the moment), but censorship is a complete fail in countries like the USA and Russia or the former Eastern Bloc countries. Too many unhappy, unemployed, poor engineers. Articles like this one point out just how futile and absurd such efforts are.
Information may not want to be free, but *people* sure are nosy bastards. You can bet they'll work around anything throw in their path, even if means going back to exchanging CDs, tapes or paper.
Please do not read this sig. Thank you.
When did we move down south and become the new aUStralia?
Am I incorrect when I say that the root DNS servers are controlled by the US and all other servers are programmed to follow them?
Switching to a non-US DNS server would be silly since the other server only mirrors the root server.
What I think we need is a decentralized DNS equivalent.
How many times in any given week do I have to troubleshoot a network where the end user says "My Internet is down!" and it's a DNS related issue? Bottom line is that while the web is celebrating it's 20 year anniversary, we have an overwhelming population who don't understand how it works. It's that same population who has learned the absolute basics of downloading copyrighted music and movies for free. Search software brings up lists to download, installed software plays it. Idiot proof. So while we may read about 8 ways to bypass, I question how many people or incapable of using these ways and, if this DNS block won't actually reduce the usage substantially.
In Denmark all the ISPs block The Pirate Bay. I've tried to get around it, turns out it's implemented using DNS, which a retarded chimpanse could circumvent.
The problem is it sounds good on paper. Blocking access to the sites like that gets most of the n00b people away to alternatives, but if you have any technical skill you can get around it. The alternative is some form of deep packet inspection, and no ISP wants that.
I can't see how the blocking makes any sense. It is not impacting piracy whatsoever. Every blocked site has alternatives, and they too will need to be blocked. At some point they will be, but only to give birth to even more alternatives. One buys an internet connection, and that should come without restrictions. It's like selling a car and trying to prevent the driver visiting some foobar number of places.
It doesn't matter what laws they have in place or the methods they use. We'll simply find ways around it. It's really quite silly, they're attempting to hold onto a system that's morally flawed and very nearly outdated by fighting a large number of talented tech saavy people on the internet. They'd have better luck trying to call the internet police on the trolls at 4chan.
Complete prevention is not the point, even complete prosecution isn't the point. Anybody can get away with speeding, or breaking in a locked door, or any number of crimes if the circumstances are right.
The goal is sufficient deterrence, or sometimes just evidence that you're engaging in behavior you know to be complicit in a crime.
It lets them have a way to act when it comes up.
Don't use domain names. The abstraction may be convenient, it may be useful, but it isn't strictly necessary. The IP address works just fine.
http://216.34.181.45/ gets you to Slashdot with no DNS involvement.
Of course, the question is now around that missing abstraction. Do you trust me? Is that really Slashdot's address? Is it a rick-roll, a goatse, or a virus-laden fake? What most people don't consider is just how much they trust their DNS providers, but they do so with no authentication on that service. Many of the ways in the article are the ways that malware uses to subvert your relationship to your real DNS server.
John
Become very rich, bribe enough politicians with more money than the RIAA/MPAA offers, get them to change the laws.
6. Using Command Prompt Quick Explanation: In Windows at least, one can simply open up command prompt (explained in tutorial) and simply type in “ping [insert domain name here]” and obtain a server IP address for later use. nope! not really!
The goal is sufficient deterrence, or sometimes just evidence that you're engaging in behavior you know to be complicit in a crime.
Which it will completely fail to do. The pirate sites can get non-US domains or the people accessing them can easily route around the problem at their end.
It's just more knee-jerk bullcrap from technologically illiterate politicians which harms fundamental Internet infrastructure while it can't possibly achieve what they say they want to achieve. On the plus side, maybe it will help the push toward eliminating DNS in favor of a decentralised alternative which can't be censored.
I second that. Politicians live in a world of spin and make-believe -- the very antithesis to engineering.
The question ultimately is "What does the user DO to bypass these measures." In any of these cases, the user downloads and runs a small script, once. This makes getting illicit material a 2-step process, up from a 1 step one. The technical details of the script are so obvious that any coder could write it. That's better, but still a barrier so small you could trip over it. The past has proven that installing BitTorrent, Kazaa, or another single piece of software is no real barrier to anyone.
By comparison, Adobe's Creative Suite is pirated all of the time, but it is rather difficult to do so. You have to register with your e-mail address, and download a demo. You need to run a keygen. You have to modify your hosts files. You have to setup custom firewalls. Some software has to be allowed to connect to some addresses and not others. It's an actual preventative measure that requires constant vigilance from the end-user, and is quite the pain to attempt to defeat.
I'm all for technological measures to prevent casual piracy. But don't sacrifice infrastructure stability for a measure that has little chance of being effective. I'm sure we can come up with something better.
The ______ Agenda
"If anything, the list raises serious doubts that the PROTECT IP Act will even put a dent on copyright infringement online"
Let's be honest here... I doubt even the asshats who wrote the legislation thought it would do that. At best its real purpose is to create a mechanism the government can use to shut down websites.
=Smidge=
Since you are in effect accessing sites declared "illegal for a US citizen to view", is the very act of trying to get around the DNS block considered 'intent' and grounds for search/seizures looking for evidence of downloaded files or just outright criminal charges from the act itself?
Don't laugh. its possible..
---- Booth was a patriot ----
If you can prevent most people from doing it, you can then start issuing insane prison sentences/fines on those who do. Isolate and punish. No one is going to give jail time or excessive fines...(right? please?)...to the 14 year old who stumbled on Napster, but the computer geek who "bypasses DNS" using a dangerous hacker operating system called "linux": http://www.techdirt.com/articles/20090414/1837144515.shtml
In short, first you make sure only a tiny minority can sympathize with them, follow it up with character attacks, and BAMN: you can start sentencing people to a few decades in prison for a victim-less crime committed in their late teens.
Sure I'm being more than a little hyperbolic here, but the point is that the more steps you go to to bypass this sort of thing, the more you start to look like an unsympathetic, evil hacker to the nice gentlepersons on the jury...don't dismiss the value of making it harder for the average person to the censorship lobby's efforts.
93rd rule of Slashdot: No matter how obvious my sarcasm is, my comment will be taken seriously by someone.
Yes, of course it's illegal. Hope they don't catch you.
Good thing I didn't RTFA.
Also, I use AdBlock Plus.
Who cares... it's an interesting topic. I clicked to read the comments. I left a few. Kindly piss off with your observations.
They haven't voted it in yet. It's on hold in the Senate.
Write your congresscritters (one rep, two senators). Include Senator Wyden, who placed the hold on it. Good old fashioned snail-mail. They pay more attention to that than to emails or phone calls. In your own words, tell them why it's a bad law and should not be passed. Be polite. Then tell them that you'll be paying special attention to their votes on the bill. Follow through on that - write another letter if and when they vote.
I guess, in the USA at least, Innocent until proven guilty no longer applies. If Sony, the MPAA, RIAA, and the ass hats they happen to be sucking off this week decide your server might be guilty, Your business is basically toast. What, you don't have reserves to deal with a 6 month outage while you pay a bajillion in legal fees to prove your right? Too Frking bad. This is the new media world after all. They make the rules. Law and constitutionality have NOTHING to do with any of this.
"Computers are a lot like Air Conditioners" "They both work great until you start opening Windows"
How are the root servers affected by this? Since they are consistent worldwide, does this mean us residents can run their own DNS servers, reference the root servers, and get around the censorship? Are the root servers going to go away and be replaced with a separate set of root servers in each country?
If doctoring the DNS servers and search engines fails to please the copyright holders, what's to stop the copyright holders from having a new law passed which from blocking access to offending sites at the IP address level in the consumer ISP routing infrastructure.
If you're going to argue that copyright is censorship, then you have to also argue that laws against illegally selling copyrighted material is also censorship. Afterall, if "You can't give away free copies of other people's work without their permission" is censorship, then I don't see how "You can't sell other people's work without their permission" isn't also censorship. In other words, you're going to have to take the position that Walmart and Amazon.com should be able to print up all the copies of books, movies, software, and music that they want, and pay no money to anyone.
Honestly, all the "censorship" talk about copyright makes me imagine a spamlord complaining that he's being censored because he can't get his mass mailings out to everybody.
And all this just for the sake of the likes of Justin Bieber and Shakira and Hollywood so they can profit for the crap they do.
If you want to fight censorship you have to go directly to your " "artists" " and ask them why they work for a MAFIAA thats trying to fuck our internet. An active, longlasting and noisy boycott targetted to the "artist" him/herself is all You need.
But no! lets all fiddle with proxies and Tor so we can have our tunez and have the mental-fap that we 0wned the censorz and we can has "teh 1337est freedom"
Engineers think in solutions for engineers.. this is a problem that have root in society and how they consume media. Here we have 8 solutions the don't solve the inherent problem that is: Media industry have failed (You know it, they know it) and it's going down fucking everything in the way, because they can.
They are testing the waters and those 8 "solutions" are what they want to see, not the general public realization of the absurdity this is.
Well, the failure of sufficient deterrence depends on the opinion of what's sufficient, sometimes it's not that ambitious, the low-hanging fruit is more often the target, and that routing around a problem leads to the second part of what I mentioned, evidence of complicity in the crime. That is an important part of it.
It's a lot more damning when they can show you not only opened a door, but wore a black outfit and carried a set of lockpicks. That'll be worse for you than if you were just caught with your hand in the cookie jar.
How are they going to do this for those of us that run our own DNS servers at home? Good luck to them with that.
Two thoughts:
1. There is an immediate First amendment freedom of speech issue here, as speech will be silenced without due process. The abrogation of the right to speech is inherent in the abrogation of the ability to be heard in a public forum. If you tear gas the audience of the guy on the soapbox, you are still stifling speech. This silences speech, without any legal determination whether the speech is protected. Historical evidence has shown that laws of this sort will be abused to silence appropriate and protected speech. It will not fail to do this, because there is no process in place other than the will to power. We can bank on that. This aspect of the law should be struck down on basic Constitutional grounds (and it will be severable so it won't affect the rest of it, unfortunately.)
2. We are on our way to the Great Firewall. This is the exact same thing China does to websites that it thinks are against political interests. It's just that our political interests are based in the distorted idea that we can build an economy on censorship and artificial scarcity of information, in an age of unprecedented freedom and speed of communication which enabled that dream in the first place! It's a circular firing squad we're setting up here. We are on the wrong side of history if we let this pass or remain unchallenged. We are just absolutely brain-dead to shoot the nascent information economy in the face with the uncertainties this process will cause.
This provision is a myopic, special interest concern that fails to see that you can't have the good without some measure of bad. We should take the good and mitigate the bad. This is disrupting the whole damned thing, like a player who "wins" a chess game by throwing the board into the air. Write your congressperson a letter on letterhead. Call them. Visit them. March on Washington, if you are able.
For God's sake, we cannot let them do this. We're going for a triple-dip recession if we do.
Every drug store has blank DVDs and CDs at the front counter, in the impulse buy section, near the chewing gum and candy bars. Most computers come with a standard DVD/CD burner, and have for years. Why do you think people buy them? Look at the way personal computers are advertised: you buy a computer for Internet access, and you use the Internet for free music and video.
It's been obvious to most people for years now that there's no practical limitation on copying digital media. It's been common practice to do so for most people for years. First the technology changed, then popular practiced changed, then popular social standards changed. The law is the last thing to change.
The media industries are in the position of Wiley Coyote, having already run off a cliff, and just realizing that he's impossibly suspended in mid-air. They're just buying time, to crank out the last profits while they can. They know they're doomed.
Members of US Congress and the US President and Staff and Department Heads work under the presumption of ammunity ... ammunity from local laws ... ammunity from State laws ... ammunity from Federal laws ... ammunity from US Contitutional laws ... ammunity from International laws.
With such false presumptions it is no wonder that Barak Hessien Obama II does what he does.
What the people of the world need is a KILL swithch on all members of US Congress, all US Cabnet Heads and appointed officials and the staff of the Presedent of United States as well as the XOUS.
The S&P downgrade should breathe some life into the US electorate.
--//++
Search software brings up lists to download, installed software plays it. Idiot proof. So while we may read about 8 ways to bypass, I question how many people or incapable of using these ways and, if this DNS block won't actually reduce the usage substantially.
The trouble is that it's idiot proof because the engineers made it that way. Politicians think that if you remove thepiratebay.org from the DNS then people won't be able to type "thepiratebay.org" into their web browsers and get TPB. What will in actuality happen is that engineers will go back and make it idiot proof again: Someone will make a distributed name resolution system and it will end up being included in popular web browsers, or every P2P app will come with a copy of MAFIAAFire, etc. And then it goes back to being idiot proof.
. Idiot proof. So while we may read about 8 ways to bypass, I question how many people or incapable of using these ways and, if this DNS block won't actually reduce the usage substantially.
They won't need to understand the methods, they'll be built into the next generation of download software.
How well do these methods work against the 6 strike "collusion" the ISPs made with content companies? Isn't that more pressing than PROTECTIP? I gather the agreement is in place but this bill has yet to become law.
Does anyone knows if there is already someone working on an internet made by citizens? e. g. , wireless routers in homes linked to each other, on a city scale at least!
In typical fashion, the technical elite focus primarily on the technical solutions. That is not how this war will be won. This time the enemy is trying approach X, which is sloppy and inept, and you have 8 different technical solutions with which to counter it. So you chalk it up as a victory for the geeks or even as an important improvement to the system.
This clumsy assault which you've thwarted with your technical prowess, and all of its sibling assaults in this diversionary and dissipative battle, are not the war however. They know they can't win the technical battle, so of course they will not even set foot on the field. They will say "We tried to build a secure network, but we've been continuously thwarted in our every attempt. Now we need to go after these [insert scary moniker]." The next phase will be increased and targeted criminalization. This phase is the building of the case in support of the draconian laws that are to come. It's difficult to take away people's freedoms for no reason. It's easy to convince people to give them up voluntarily in exchange for security. Especially for security from mysterious threats involving forces that they do not understand (eg. technology). By feigning technical restriction, they are drawing you out so that you might build the case against you yourselves. It's classic battlefield tactics--use your enemy's strength against them.
This war can only be won by defeating the enemy's ability to create legislation against freedom. Since it is the public's ignorance that will make this possible, the battleground of education is where this contest will be decided. Unfortunately, that particular topic is deep behind enemy lines and well nigh unassailable.
One method the article didn't mention is to use your own caching DNS server. Bind is available for Windows, OSX and obviously Linux. The default installation is for a caching name server which does not rely on any external servers except the root servers.
Of the approximately 600 members of Dreamboard, only 72 were charged, and twenty of them as John Does. According to the Twitched Indictment, Dreamboard gave advice to its members as to which encryption to use, but obviously the Feds aren't shouting from the rooftops about which security protocols they weren't able to break and/or circumvent...
Linux users can easily bypass their ISP's DNS server by using pdnsd:
http://www.phys.uu.nl/~rombouts/pdnsd.html
MS Windows has the equivalent Treewalk:
http://confetch.com/mirrors.htm
Both utilities allow direct connections to any DNS server worldwide and both also have the extra benefit of providing local DNS caching for faster lookups.
Use pdnsd or treewalk and all troubles will be moot.
Locks just keep honest people honest.
Also, if you build it, someone will try to break it for the sheer joy or doing so. In this case it doesn't seem like much effort was required.
ghd uk is designed to create easy styles and texture, the Ghd Australia combines advanced ceramic technology which spreads evenly over the cushioned paddles.The Ghd Australia conducts heat fast and retains it more effiently thanks to its unique built-in microprocessor. This fantastic gift set includes the new GHD IV, which has a lovely glossy finish with a swirling effect floral pattern along the barrel of the Chi Camo Collection Flat Iron
The cold winter is coming, you can choose a Ugg Boots to welcome the winter. Ugg Online Store
Then Congress passes a law making that illegal, has a few testcases like RIAA vs. Limewire to ensure that the law passes muster in front of a lapdog SCOTUS, and we are back to where we started. Perhaps worse, as eventually we will end up with a US-wide NAC system -- either have a "trusted" router or a machine that has a V-chip like item to it, or it will not be connectable, and trying to connect something to the Net without it will result in a stiff Federal prison sentence.
Of course, said V-chip will pretty much work like an antivirus program, except if it detects anything, it would shut the computer down, shut the net connection down and notify the authorities of the breach.
vote out the authoritarian imperialists
So we've got to manage infrastructure in a way that's counter to it's purpose. They propose this already knowing the workarounds and that it's technically not a feasible solution for anything, and yet they want it to go through anyway.
Laws shouldn't be there to force third parties to operate in an inefficient or insecure manner. Laws are supposed to be to punish the guilty party, or get restitution for the wronged party. Yes, there are criminal laws that say "don't do this." Don't speed, or don't murder would be examples of those. But I'm having trouble remembering a law that required a 3rd party to censor things at someones request.
If libraries weren't dying as an instituion I'm sure the most obvious similarity would be a librarian being asked to pull books and hide them in the back room because they weren't allowed to show them to the public anymore. I find it interesting that people in America are scared to go to certain websites or look at some of these leaked documents online because it might be illegal or might be used against them. Not only have we bowed down to censorship, we're running scared that someone will find out we aren't so pure and innocent.
People even here are asking "will it be legal to circumvent this?" when the true question should be "why is censorship suddenly a part of the US federal governments mandate?"
The countermeasures look like they've been written by a script-kiddie. They are not 100% effective. Everybody has been concentrating on DNS servers. Guess what...
1) There are already some greedy asshat ISPs intercepting port 53 and replacing results with their own. Right now, they get a lot of complaints when they're caught. But if the government orders it, all ISPs will have to do it.That'll stop *ALL* regular DNS queries to foreign servers (including roots), unless you VPN, or ssh-tunnel, or use non-standard ports.
2) "Undesirable sites" can be null-routed. Remember when Pakistan accidentally knocked Youtube off the net for the entire planet? http://slashdot.org/story/08/02/25/1322252/Pakistan-YouTube-Block-Breaks-the-World Even knowing the correct IP address doesn't work then. Only VPN or ssh-tunneling will get you the content if the IP address itself is blocked. Of course if the US managed to knock foreign "infringing" servers off the net, the MAFIAA wouldn't exactly cry about it.
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
6. Using Command Prompt Quick Explanation: In Windows at least, one can simply open up command prompt (explained in tutorial) and simply type in “ping [insert domain name here]” and obtain a server IP address for later use.
The guy is a fucking cretin.
How do he think PING finds the address? It looks it up using the default DNS.
Sigs. We don't need no steenking sigs.
We (or most people) seem perfectly content to let other people control the internet. Suddenly the powers that be decide that they want to restrict the internet, and now everyone throws a fit. If we really gave a shit about freedom on the internet we would already have taken things like DNS into our own hands. The tools to do this are publicly available (eg, bitcoin, or just running your own DNS server), but no one cares enough to make this a reality. Maybe internet censorship will finally be enough of a driving force for people to make people realize just how powerless they have been happy to be.
You're looking at PROTECT-IP in terms of its goals, rather than as a security problem (capabilties).
Enforcing copyright requires censorship capability. It is impossible to build a system that is able to prevent access to thepiratebay without compromising that system such that access to CNN is also vulnerable.
PROTECT-IP makes it so that triggering this vulnerability doesn't even require a court order anymore. There's virtually no oversight at all.
CNN has to worry about this and take counter-measures (or else face the fact that some day, their site may get 0 visitors and generate $0 revenue). To them and every user of the Internet (excluding copyright infringers, if you like), this is censorship.
What's happening here is that DNS is going to become a system people can no longer trust. Whether you think it's good ("yay, people can't use DNS to violate copyright') or bad is irrelevant; the sun is setting on DNS and everyone (even non-infringers) is going to pay the price for this. The People are running out of time to stop their government from breaking DNS, unless they want to endure the growing pains that will inevitably stem from replacing DNS with something more tamper-resistant.
Just waiting for Facebook and Google to accuse each other
(no, didn't RTFA, but the summary said it would be enough with being accused accused - Is USA morphing into North Korea?)
Complete prevention is not the point, even complete prosecution isn't the point. Anybody can get away with speeding, or breaking in a locked door, or any number of crimes if the circumstances are right.
The goal is sufficient deterrence...
More simply: The goal is to make us afraid.
Il n'y a pas de Planet B.
Or you can just use namecoin which is a distributed DNS system.
Is there a difference?
Yeah, feels like a victory for the IT crowd.
Except that nobody cheers, and when you look up you realize there's nobody there, because the real game is being played next door, in the other arena.
Politicians don't care about the possibility to circumvent. That isn't their problem at all. These guys pass laws every day that are trivial to circumvent. They outlawed stealing once, and all I have to do is grab that car key you left on the table and run for it. See? Easy to circumvent, what a ridiculous law, they should abolish it!
But they don't, and they are right and we are wrong. It's not about it being easy to circumvent, it's about a proscription being there now, and passing new laws for stronger enforcement is a lot easier than getting the law itself passed in the first place.
And it's about setting cultural standards. While politics has long lost that game and the general public doesn't see them as guidance anymore, but as corrupt crooks, due to dissonance they don't see themselves that way.
Assorted stuff I do sometimes: Lemuria.org
The guy is a fucking cretin.
How do he think PING finds the address? It looks it up using the default DNS.
You're the one being the "cretin" (whatever that means).
TFA:
Obtaining this information through command prompt must be done before the domain is censored. Only one IP address can be obtained this way. If the website changes IP address for their server, you’ll lose access to the site unless you have the new one as well.
This is for people who don't know how to find out the IP of a domain at all. It's also mentioned in other sections that you need to get the info beforehand.
Dear CongressCritter,
I admire your voting the Protect-IP legislation into law. The power of this law enables computers to hide the address of web-sites that criminals will use while committing music piracy.
I ask that you support parallel legislation which prevents criminals from using vaults of money. This country needs a law which enables citizens to hide the street address of buildings containing a supply of dollar bills of various denominations.
Because you voted to hide addresses from music pirates, I know that you will sponsor my effort to hide street addresses from criminals. In our efforts to realise this legislation, I am pleased to receive your support and henceforth will speak as your proxy. I will write again soon, informing you what I have achieved in your name.
Yours truly,
Script kiddies? Sure, if what you really meant was script kiddies with guns and the special right to use them as a business model.
I think people sometimes forget that it is presisely the gun, and the special ability to employ that gun in offense (not merely defense), that seperates government from the rest of us.
Its stupid and unjust going after the dns servers instead of going after the people actually committing any crimes or infringement
People have to be somewhat computer savy to use the work-arounds mentioned here. While people who read slashdot could easily circumvent these DNS restrictions, the typical Internet user would struggle to do so. This kind of law would put a dent in the piracy, but it would not stop it. Any computer-savy pirate could circumvent the laws, but not everyone could.
Error 503 Service Unavailable
Service Unavailable
Guru Meditation:
XID: 743959834
Varnish cache server
Because of this single statement from the article here today, in regards to HOSTS files (which has been covered here by myself in points #4-#7 mainly below, & more, many times here @ /.):
"The methods are: using a VPN service, using your HOSTs file, using TOR, using freely available DNS lookup tools, changing your DNS server to a non-US server, using command prompt, using Foxy Proxy, and using MAFIAAFire." - Dangerous_Minds/Drew Wilson of ZeroPaid http://yro.slashdot.org/story/11/08/07/2221245/8-Ways-To-Circumvent-the-PROTECT-IP-Act
HOWEVER, a HOSTS file offers you a LOT MORE THAN JUST THAT, for FREE (better online SPEED, bandwidth, & YES, security + anonymity (vs. DNSBLs)):
My custom HOSTS file currently protects me vs. 1,554,666++ (& growing every 15 minutes) KNOWN bad sites/servers/hosts-domains that are KNOWN to be either maliciously scripted, or serving up malware-in-general, plus spamming/phishing sources as well as botnet C&C servers.
How/Why? Ok, read on:
20++ ADVANTAGES OF HOSTS FILES OVER DNS SERVERS &/or ADBLOCK ALONE for added layered security:
1.) HOSTS files are useable for all these purposes because they are present on all Operating Systems that have a BSD based IP stack (even ANDROID) and do adblocking for ANY webbrowser, email program, etc. (any webbound program).
2.) Adblock blocks ads in only 1-2 browser family, but not all (Disclaimer: Opera now has an AdBlock addon (now that Opera has addons above widgets), but I am not certain the same people make it as they do for FF or Chrome etc.).
3.) Adblock doesn't protect email programs external to FF, Hosts files do. THIS IS GOOD VS. SPAM MAIL or MAILS THAT BEAR MALICIOUS SCRIPT, or, THAT POINT TO MALICIOUS SCRIPT VIA URLS etc.
4.) Adblock won't get you to your favorite sites if a DNS server goes down or is DNS-poisoned, hosts will (this leads to points 5-7 next below).
5.) Adblock doesn't allow you to hardcode in your favorite websites into it so you don't make DNS server calls and so you can avoid tracking by DNS request logs, hosts do (DNS servers are also being abused by the Chinese lately and by the Kaminsky flaw -> http://www.networkworld.com/news/2008/082908-kaminsky-flaw-prompts-dns-server.html for years now). Hosts protect against those problems via hardcodes of your fav sites (you should verify against the TLD that does nothing but cache IPAddress-to-domainname/hostname resolutions via NSLOOKUP, PINGS, &/or WHOIS though, regularly, so you have the correct IP & it's current)).
6.) Hosts files don't eat up CPU cycles like AdBlock does while it parses a webpages' content, nor as much as a DNS server does while it runs. HOSTS file are merely a FILTER for the kernel mode/PnP TCP/IP subsystem, which runs FAR FASTER & MORE EFFICIENTLY than any ring 3/rpl3/usermode app can.
7.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR (by saving the roundtrip inquiry time to a DNS server & back to you).
8.) AdBlock doesn't let you block out known bad sites or servers that are known to be maliciously scripted, hosts can and many reputable lists for this exist:
GOOD INFORMATION ON MALWARE BEHAVIOR LISTING BOTNET C&C SERVERS + MORE (AS WELL AS REMOVAL LISTS FOR HOSTS):
http://www.mvps.org/winhelp2002/hosts.htm
http://someonewhocares.org/hosts/
http://hostsfile.org/hosts.html
http://hostsfile.mine.nu/down
Yeah, DHT is already built in to most current BitTorrent clients, which means all you have to do is host the .torrent files - not even running a tracker. And if you put them on an FTPd instead of an HTTPd, they're not on a "website" and therefore, I think, don't fall under the purview of this law. IANAL, but some of the phrasing in this stuff seems targeted at HTTP traffic only. Encourage Usenet in the public mind, and...
At a time when the US economy is as uncertain as it was in the depression, let's not waste money on unnecessary law passing. We don't really need more shit laws that won't be enforced.
I am Bennett Haselton! I am Bennett Haselton!
PROTECT-IP is dead. Stop talking about it. The Senator from Oregon blocked it a while back.
Sorry to reply offtopic to your dick joke, but I wanted to get this as high up as possible.
MafiaaFire has a known design flaw that presents security problems, use the fork FireICE instead:
https://addons.mozilla.org/en-US/firefox/addon/fireice/
"When information is power, privacy is freedom" - Jah-Wren Ryel
I thought there were going to be some legit solutions in TFA but... So here are a few that will actually work.
1) Create a DNSSec DNS service that runs over an "unblockable" encrypted protocol. For example, DNS over HTTPS. Blocking HTTPS traffic would fuck the people pushing this legislation in addition to banks, online shops, online services, etc...
2) Build a completely open wireless network using participation, pwnd phones, pwnd wireless, radio packet technologies, even pidgeons.
3) Revolt. None of this "vote them out of office" bullshit. If your congresscritter votes for this type of legislation go to their house, drag them into the street, beat them to death with a stick. I guarantee the next one will vote against it. If not. rinse. repeat.
Having to work for a living is the root of all evil.
In my opinions, if the PROTECT IP bill passes, everybody should start using the forums of corporate or government websites to trade rapidshares and torrent links.
See if they actually plan on shutting down websites that are suspected of being used for copyright infringement.
Usually with a cigar cutter.
This signature has Super Cow Powers