Slashdot Mirror
"Piracy Filter" Blocks TorrentFreak for 4 Million Sky Customers
An anonymous reader writes "Website blocking has become a hot topic in the UK in recent weeks. Opponents of both voluntary and court-ordered blockades have warned about the potential collateral damage these blocking systems may cause, and they have now been proven right. As it turns out blocked sites can easily exploit the system and add new IP-addresses to Sky's blocklist. As a result TorrentFreak has been rendered inaccessible to the ISP's four million customers."
This is why censorship of the internet is a fucking stupid idea.
The piracy filter works, for those that don't know how to get around it(yet).
Oh! You expected me to be outraged. I'll work on my righteous indignation.
"To the last, I will grapple with thee... from Hell's heart, I stab at thee! For hate's sake, I spit my last breath at thee!"
I'm a sky customer. Couldn't give a Monkey's uncle.
4 million Sky Customers != 4 million people blocked from TorrentFreak.
What with Netflix, catch up TV services like iPlayer, and Spotify, I can't remember the last time I used a torrent for anything other than a Linux distro.
For me, when torrents, and more to the point the whole P2P scene, came along, it was a convenient way to consume the content I wanted, when I wanted. Was most of it copyrighted? yes. Of course it was, but it wasn't downloaded with the intent of ripping someone off, there just wasn't a more convenient way of doing it.
Now we're starting to approach the ideal middle ground - I pay a nominal amount every month for a library of films and music on Lovefilm / Netflix / Spotify; I get free access to catch up services for broadcast TV, and I can watch as many films as I like at the cinema for £15 a month.
So torrentfreak is blocked - will the average person care?
If the blocks are applied to any IP address pointed to by a blocked site, maybe as a demonstration a blocked site should add the IP addresses of all of the major UK political parties, BBC iPlayer, Youtube, Netflix, lovefilm etc. If mainstream media sites get (automatically) blocked then perhaps the backlash might force TPTB into either removing the requirement to block or require the ISPs to use a blocking mechanism with less potential for collateral damage.
Blocking trackers for a few people that actually care to go to that site. But you know what's the best site to fetch torrents? Google. What are they going to do? Ban people from accessing Google? Ain't gonna happen, and if it does, the NSA will be pissed!
I'm a Sky user in the UK, and I am here to post the text of the article:
"Website blocking has become a hot topic in the UK in recent weeks. Opponents of both voluntary and court-ordered blockades have warned about the potential collateral damage these blocking systems may cause, and they have now been proven right. As it turns out blocked sites can easily exploit the system and add new IP-addresses to Sky’s blocklist. As a result TorrentFreak has been rendered inaccessible to the ISP’s four million customers.
stop-blockedFollowing a High Court ruling last month, six UK ISPs are required to block subscriber access to the popular TV-torrent site EZTV.it.
The actions EZTV faces are not the first taken against a torrent site in the UK. The Pirate Bay, KickassTorrents and several other “pirate” sites have been blocked by previous court orders and remain inaccessible by conventional means.
However, over the past couple of days Sky subscribers noticed that the blocklist had been quietly expanded with a new site that’s certainly not covered by any court order – TorrentFreak.com.
Our site first became inaccessible on Wednesday night, only to be unblocked 14 hours later. However, about an hour ago it was again added to the blocklist.
The recent blocking spree is causing confusion among Sky subscribers who have no idea why TorrentFreak is longer accessible. However, we can confirm that the problem lies with Sky’s filtering software that is supposed to enforce the court-ordered torrent site blockades.
The owner of EZTV informed TorrentFreak that he used Geo DNS to point UK visitors to TorrentFreak’s IP-address. Soon after there were reports that our website had become inaccessible to Sky users."
EZTV should have their DNS servers point to SKY's IP addresses and sit back and watch as hilarity ensues.
"I have downloaded hundreds and hundreds of records, why would I care if somebody downloads ours?" Robin Pecknold
How many Sky customers are reading the article?
“He’s not deformed, he’s just drunk!”
am i supposed to be surprised that it actually works? cause a piracy filter blocking a site focused on torrents isn't a huge supervise
They are evil too, even more so.. that should get about 3.9 million of their 4mil customers pissed off.
---- Booth was a patriot ----
A month or two back not long after they blocked TPB I was getting the same 'this website is blocked by court order' page for Golden Old Games (GOG.com) when I went there to purchase a game. It only happened for a day but I bet that was similar fallout from the blocking scheme.
I wonder how many other people saw that? I wonder how many people who saw that then thought GOG was a pirate site charging money for old games without the correct licenses? I wonder how long before somebody sues for loss of trade over and damage to reputation over these fault filters.
By bypassing dns altogether since hosts = 1st thing IP stack references for host-domain/subdomain resolutions by default:
---
Microsoft TCP/IP Host Name Resolution Order:
http://support.microsoft.com/kb/172218
PERTINENT QUOTE/EXCERPT:
"The client checks to see if the name queried is its own.
The client then searches a local Hosts file, a list of IP address and names stored on the local computer.
A sample hosts file, Hosts.sam, is installed with the TCP/IP protocol showing the proper format.
Domain Name System (DNS) servers are queried.
If the name is still not resolved, NetBIOS name resolution sequence is used as a backup. This order can be changed by configuring the NetBIOS node type of the client."
---
* :)
(I don't agree with stuff like Torrents or other piracy online though...)
APK
P.S.=> Creating such a custom hosts file? Easy (per "yours truly"):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
---
Short synopsis/summary - Custom hosts files give users of them great benefits in added better:
---
1.) Speed (blocking adbanners & hardcoding your favorite sites into them - faster than remote DNS lookups)
2.) "Layered-Security/"Defense-in-Depth" (vs. known malicious sites/serves/hosts-domains that serve up malware or are malscript bearing - blocking spam/phish malicious links also, & host-domain names are used more BY FAR vs. IP addresses (like 99%:1% ratios due to fastflux & dynDNS using botnets))
3.) Reliability (vs. Kaminsky bug vulnerable DNS servers, 99% of which are STILL unpatched vs. it & worst of all @ the ISP level + vulnerable as hell vs. FastFlux + Dynamic DNS using botnets (or even DOWNED DNS servers too))
4.) "Anonymity" to an extent (vs. dns request logs + DNSBL's you may not like too - which is the case here since DNS is employed to do the blocking).
---
Enjoy!
... apk
Less electrcity, cpu cycles & other forms of I/O used too http://yro.slashdot.org/comments.pl?sid=4075157&cid=44530335
* It's extremely useful in situations like these too, vs. DNSBL's (& dns request logs tracking, plus downed DNS servers too) - Even complimenting them vs. their flaws (vs. fastflux + dynDNS using botnets, the HUGE majority vs. IP addressed ones OR Kaminsky bug redirect flaws (of which 99% of ISP dns servers = unpatched vs. it, even though a fix has been out for nearly 6 yrs. now...).
Less IS more! Good engineering = doing more with less, using a tightly integrated native part of the IP stack to do so as well as offering more speed, layered-security/defense-in-depth, reliability, and anonymity (to an extent) - FROM A SINGLE FILE no less!
To quote the film "I AM LEGEND":
"The premise is, quite simple: Take something designed by nature & reprogram it to work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
APK
P.S.=> Best part is they're easily FULLY end-user controlled (a simple text file edit with simple easy to understand line entries to either BLOCK sites or speed them up by avoiding remote DNS lookup for host-domain name IP address resolution - nothing more) & no more "added moving parts" or complexity + learning curve... apk
It does the job for you (as long as you run it as admin class user) since that allows for bypass of UAC (I decided NOT to use 'impersonation' routines in my code, & the shortcuts you make for it can do it anyhow in their options)...
As far as you NOT seeing the %WinDir%\system32\drivers\etc subfolder?
That's a simple matter of altering your folder view options in CONTROL PANEL (I hate the defaults hiding things, but that's to protect users vs. themselves, especially "delete crazy" types, lol) -> Appearance and Personalization -> Folder Options -> Show Hidden Files and Folders (checking off "Hidden Files and Folders", "Show Hidden Files and Folders" in the popup dialog box).
And, there ya go...
APK
P.S.=> This works excellently vs. DNSBL's that work on host-domain based blocks, downed, or redirect flaw (Kaminsky bug unpatched on 99% of the world's DNS servers for more than 1/2 a decade now, worst @ ISP level, even though a patch has been out that long)... apk
TorrentFreak is a Honeypot for the industry anyways. If you like getting flagged, use torrentfreak.
Per my subject: That allows this to work via hosts usage to bypass DNSBL's done by host-domain names... and will, of course, allow these filesharing sites to work vs. this also.
* Always more than 1 way to "skin a cat"...
( & you can BET that's what these filesharing sites will do, or have to do, to circumvent this ).
APK
P.S.=> I didn't see that in the article summary here though (what you mention in using IP address based blocks) & I didn't read the source article either though - However/Again though:
That IP addressed blocking you speak of?
VERY simple to bypass for these file-sharing sites by them switching hosting providers - then you get their IP address & equate it to the host-domain name in your hosts file & voila - done (I do NOT agree with PIRACY though, by any means)...
... apk
http://piratebrowser.com/
http://tech.slashdot.org/story/13/08/10/1519211/the-pirate-bay-launches-browser-to-evade-isp-blockades
* Like I said earlier here to you -> http://yro.slashdot.org/comments.pl?sid=4075157&cid=44530715 "Always more than 1 way to skin a cat" (besides doing what I noted in switching their hosting providers, which hosts would work for since it's host-domain name based, but hosts won't work vs. firewall outbound/inbound ISP level rules based on IP addresses).
APK
P.S.=> Big "Cat & Mouse" game is all this is... you take what people want from them in this arena (computing)? They figure out a way to do an "end run" around it...
... apk
SKY is operated (largely) by NEWS Corp aka Murdoch and Fox news
So CAN WE PLEASE HAVE A BLOCK ON the SUN Newspapers Website and FOX news -
That would at least be some positive achievement out of this shambles
I live in the UK and I see a totally inept, totally technophobic government try to work the 21st century with 19th century tools and mentality.
We have 2 little rich boys trying to run a country that is in a shambles because they don't understand anything - basically.
Oh and to keep the balance - the other lot aren't much better
Too many lawyers and PR executives and not enough techies - or anyone who has actually had to work for a living - in our government.
... who thinks they should have added Sky's website once they figured it out? "ISP accidentally blocks itself" might get more mainstream news attention on how poor of an idea this is.
Use your antivirus rules: "Overriding" defaults by creating an "exception" rule 4 hosts to leave it alone (was a problem initially in Windows Defender in Windows 8 initially in fact)...2nd: Regarding hosts files being attacked (by malware makers):
My app overwrites the hosts in its default location to protect vs. malware contaminating the hosts file.
Even if/when redirected too via -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters DatabasePath, since that's what I do to AVOID malware contamination the hosts file in 1 part (overwrite from a pristine copy is 2nd measure). Essentially creates almost a *NIX style 'shadow password' list file decoy in the default location - So, if anything changes it? It only reads up from where I REDIRECTED the hosts to be referenced (not the default either, it's off slower HDD & onto a "True SSD" here for faster seek/access that's based on DDR-2 RAM)). That keeps it clean, via refreshing it periodically.
UAC helps too, but that's bypassable - BUT to supplement UAC protection (especially if you leave my program running resident in the tooltray doing automatic 12 hr. updates)? I made my program, while running, WRITE PROTECT the hosts file every 1/2 second - too fast to "unlock" it for malware to overwrite it & to update it periodically/automatically as well... It works to protect hosts alongside UAC: Especially when coupled with the fact my app updates & refreshes hosts (overwriting malicious entries by malware).
In this case though, hosts probably won't work - ISP's got wise to that & can do DNS ip block (this article) or firewall inbound/outbound rules. Neither of which hosts combat here anymore than they do BGP tricks.
APK
P.S.=> 7 doesn't do it afaik! However, I *may* have created that exception rule I spoke of in my subject-line LONG ago & forgotten about it (Windows 8 initially had issues with it though)... apk
The Internet has become a war zone (Because government agencies have tried to seize control over it, and corporation want control over a lot more than their share).
Government and corporate sites can and should be taken down using similar methods. If an ISP gets in the way, then find ways to motivate them.
If tTorrentFreak switched hosting providers = new IP address (for a domain name they own @ least, or should).
However, I imagine if caught in "wrongdoings" online, THAT host-domain name (or their right to it) could be "revoked" too.
Who knows.
I do know & ADMIT that hosts won't stop IP based threats or blocks based on IP address @ the ISP level, admittedly. Hosts won't stop it if they implemented firewall rules outbound/inbound @ the IP address level as well vs IP address based DNSBL (hosts = ineffective vs. BGP threats too).
* Hosts files excel on a number of levels, but they don't solve everything... but can compliment &/or supplement things that can on the same OR other, levels.
APK
P.S.=> Apparently as I noted in my other post @ the same threshold reply level as yours? The TorrentFreak people put out something entirely different to combat this (TOR onion router based FF build) -> http://yro.slashdot.org/comments.pl?sid=4075157&cid=44531127 ... apk
There are a variety of solutions to these problems.using alternative DNS is one but this does not work in the case that IP addresses are blocked. Proxies may also work but in the end these are reliant on no blocks existing on the proxies network .Even then how long before proxies are blocked ?TOR seems like a good idea but in reality its a bit slow and thus you couldn't just route all your traffic through it.
What is the long term solution to this?
Does anyone have any long term predictions or ideas about how we might work around this in a way that performs well and is more future proof?
FYI. EZTV is also blocked with BT infinity. And my VM at Bytemark cannot access either
my fear is that what happens when Microsoft or apple start putting pressure on the government to block things like cyanogen or the Linux kernel?
Electronic Music Made Using Linux http://soundcloud.com/polyp
Shows you how much 'filesharing' I do (none): It's thieving 99% of the time ("spelled sideways")!
* Heck - I don't even KNOW the difference between any of them: They're "all the same to me" (since thieves are thieves, & I avoid them is all).
APK
P.S.=> Still, my point's there: These file sharing/thieving sites/networks (whatever) CAN get around blocking them out to user access, & by a variety of means & yes: This is a GIANT "cat & mouse" game that'll be ongoing till doomsday... apk