The thing is, you have to go to court simply to RESTORE your access.
In my example, this happened because megaupload was completely ignoring take down notices (not even countering), so they were cut off at a service provider level.
In the mean time, you could be down for days or weeks.
So, they should have just let it fly because they ignored genuine take downs?
You get 5 days to contest it before payment processors are barred from doing business with you and search engines must stop acknowledging your existence. That alone is alarming to me.
Which is a provision after a take down notice had been ignored if you read the SOPA legislation.
Even worse, however, is the provision that gives immunity to those who take that action with just reasonable belief of infringement
I have mentioned this in my own post that I am not happy with lack of evidence required to process such requirements. However, I did already note it was slightly better in the way that it requires a judge to approve the action.
now of anyone who's ever gotten even a slap on the wrist for sending out abusive takedowns?
I have seen counter actions (sample1, sample2), in summary, yes.
DMCA is already abusive as hell in that fraudulent claims can be made and the only recourse the attacked individual has is a counter-claim that might not even get the content reinstated.
Which is not always the fault of the law it self. Content hosting providers such as Youtube do choose not to host content for some people after receiving complaints, regardless of legitimacy involved - people agree to these terms when they signed up for the service. This is a different matter, it's not the law preventing the content to be returned at this point.
There is no mechanism for holding those who abuse the system accountable.
Apparently there is, because I linked some examples.
In the face of all that, what about the response seems hyperbolic to you?
Only thing I found annoying about your post is completely ignoring the good the DMCA has given, portraying it in a purely negative fashion.
It has been used to protect copyright holders, even GPL software. It has given small companies and individuals an out to deal with issues that would otherwise require very costly lawyers for very legitimate issues that without would have only been achievable if they were a large firm with deep pockets.
I feel these are genuine issues that need to be resolved, that said, I still don't agree with PIPA or SOPA legislation's methods and I still don't agree with what many are regurgitating (mainly misrepresenting what is intends to do and then going about saying it doesn't do that, then further blatantly lying about how certain things won't work).
The issue isn't so much a literal breaking of DNS.
I'm sorry, but I read the information being used to counter the legislation and they did focus on literal breaking of DNS.
Once the censorship starts will the common person ever even realize they are inside a walled garden?
Although anecdotal... Considering people tell me the government is censoring websites when the sites go out from heavy traffic, no. The common man appears to be plenty paranoid.
But I am not so naive that I believe the government won't abuse their new powers.
Under this logic, we should get rid of DNS, because of how centralized it is and can be potentially abused by governments. I prefer to draw the line when there is abuse.
This is not true, because of what the EFF calls the "vigilante provision". They just tell your service provider to cut you off. The service provider gets absolute immunity for doing so whether a trial would find you innocent or not.
What court refused to let a provider restore access when still fighting in court over the matter until it was resolved? I can't think of any.
I can think of instances where they did let them do so, such as with the court cases that involved megaupload.
But I think a dark/. would be a good solidarity statement anyway. Geeks who weren't planning to do anything special in protest today might put some extra effort in.
Indeed. I for one would put extra effort into dispelling the myths people keep coming up with. Like how the proposed DNS filtering system breaks DNSSEC, despite the fact DNS resolvers would use the response code REFUSED (see RFC 1035) for A/AAAA/CNAME related queries which would tell the DNSSEC client that the resolver refused to resolve it's request, not fake it. This doesn't break the DNSSEC zone chains and doesn't prevent DNSSEC validation regardless.
Or how people completely misrepresent the purpose of the DNS filter, which is to stop copyright infringing websites from posing as legitimate sites and charging customers for advertising time or trick them into paying for a product that isn't actually genuine.
It is not intended to be a magic stop all for all piracy like people who are trying to stop PIPA and SOPA are claiming. It's meant to make the line between genuine and non-genuine content much easier to see.
Not to mention these anti PIPA and SOPA advocates conveniently forget to note that a lot of the take down issues are more of a problem when it comes to the already existing DMCA because there is ZERO validation by a judge.
The only additionally area (talking about the scope in take downs) that the DMCA does not particularly cover where SOPA and PIPA are intended to deal with is a loop hole that sites like the pirate bay exploit. Where they are not handling copyright infringing content directly and by doing so, they are in a loop hole of US law where the domain cannot be closed despite the fact there is 100%, absolute clear intent in their assistance of doing copyright infringement.
Now, there are definitely issues with SOPA and PIPA, mainly the lack of evidence requirement before a judge should be a changed (although I expect that many judges will want to see some evidence regardless - They didn't get into their position by screwing people, despite what people think). Yes, there will be abuses, all laws will get abused at some point or another. But when you compare the abuses to current existing laws, there isn't actually that much more it could do.
And before someone makes the argument that they can make a website poof, if you actually read the legislation, that is a last measure when there has been no cooperation with the people involved in the matter. The decisions can be challenged in court just fine, there is nothing that says you cannot do that, just like with the DMCA.
It pisses me off so many people get their information from a 3rd party sources and don't even bother verifying the information. You're on the Internet, you can get access to the original legislation as well as many related documents - Why are people advocating something that is blatantly lying about many things, didn't anyone learn in school to verify facts at all?
People are lying worse than the politicians right now. I am appalled by so many people who represent themselves as someone knowledgeable in the tech industry.
FYI: I am against SOPA and PIPA as I feel that the legislation should require more evidence on the copyright holder before they can get a judge to issue a take down request, but a lot of the other crap people are talking about is just complete utter bullshit to me.
I don't want to associate with the anti SOPA and PIPA crowd.
I'm typing this out by hand from a book called "Oxford Dictionary of English" (ISBN: 978-0199571123) in front of me regarding the definition of 'America'.
A landmass in the western hemisphere that consists of the continents of North and South America joined by the Isthmus of Panama.
No offence, but I think I am going to stick with the Oxford Dictionary of English definition, I think it's far more of an authority on this sort of thing that a random person on the Internet.
Yup, but DNSSEC means this will cause an error. You can't "just" censor the requests. DNSSEC can tell the difference between the legit answer and any fake answer or non-answer.
You could just simply not send a DNS response at all.
Browsers would just show an error like this:
Server not found
Firefox can't find the server at www.awawdmawda.adwada. Check the address for typing errors such as
ww.example.com instead of
www.example.com
If you are unable to load any pages, check your computer's network
connection.
If your computer or network is protected by a firewall or proxy, make sure
that Firefox is permitted to access the Web.
DNSSEC won't know any better, there is nothing in the DNSSEC protocol for even handling a lack of response.
if you're an ISP the Attorney General is asking you to eat an enormous customer support bill in order that some other company can get richer.
I don't think so. Person has DNS failure on well known piracy site = Huge support costs. What?
My small business runs PPC Macs on OS 10.4. We cannot upgrade to 10.5 because of certain software dependencies which would cost too much to fix. What are IT people like me supposed to do now that the only remaining browser that was any good on our machines is going away?
Upgrade and virtualize the stuff that cannot or is too costly to migrate.
Why are you running software on such slow computers that it takes weeks to install a version of Firefox? Surely you can run something a bit more modern?
I never said it was. I simply said that most domains aren't interesting enough to warrant the degree of paranoia you were displaying over someone hacking into your servers to access your Namecoin keys.
I already gave you evidence regarding insecure installations being exploited on an automated basis. Interesting doesn't matter and yet you simply choose to ignore this fact I highlighted.
You obviously have no real interest in a distributed name resolution system.
I have interest in having a secure system that has proper controls for dealing with problems. I'm going to participate because solutions like this effect me if they end up becoming something major.
but does affect others to the point where the cost and risk of managing their own security is far outweighed by the protection against censorship the distributed model offers
To be fair, if censorship is the real issue, use a system like Freenet, which is built for handling censorship issues instead of deciding that Domain Name System needs to be redefined. DNS is only but a small part of information exchange. Blocking can take place on many other levels without touching DNS. One only needs to look at how China has technologies that intercept packets of all kinds, scanning for forbidden elements and forcing a disconnect.
Also, by not taking security into consideration, such as hash collisions (which are fairly easy with how the bitcoin cipher is currently done), you can't expect to exercise good anti-censorship technologies when governments have vast amounts of resources to throw at a problem to make it go away.
The Namecoin protocol allows you to run your own traditional nameservers for subdomains, so you're unlikely to require frequent updates to the top-level domain in the first place.
One of the domains I run is an IRC network that occasionally has some annoying script kiddies that attempt DDoS attacks. The DNS servers are automatically rotated to prevent DDoS attacks from taking it out and to make it more difficult to gather all the different name servers for attack lists. For obvious reasons, your method isn't applicable to dealing with this particular issue.
I would use glue records for the network, but sadly they don't update fast enough when things need to be changed. Namecoin makes handling such situations more difficult, slower with more risk, if script kiddies can cause a problem like this, do you really think this will stop a government who has far more resources at their disposal than any single script kiddy?
I should also note that Anonymous' favourite tool for censorship is DDoS attacks as well. A technology like Freenet is far better suited for the uses of anti-censorship. Namecoin's useful would be short lived if it gained popularity due to all the glaring issues it fails to deal with on a security and censorship level.
Namecoin is as much the solution to DNS as SOPA is the solution to piracy.
Why are you keeping your domain keys on publically-accessible servers in the first place?
To dynamically change settings as needed on the fly. Not everyone can afford anycasting.
Keep the keys on an offline PC, sign any domain changes offline, and transfer the signed transactions to an Internet-connected computer after the fact. Problem solved.
De-automate my work? Yeah, no.
P.S. In case you hadn't noticed, people lose domains all the time with the current system.
Indeed, I manage quite a lot of domains and I have been able to reacquire every single one that got "lost". I believe this would not be the case if similar events happened on a decentralized system.
Forget to renew your domain on timeâ"transferred to some ad agency who will be happy to sell it back for ten times what you originally paid.
To be fair, most decent registrars hold on to the domain for two weeks after it expires before letting it go, so if you aren't noticing your domain being inaccessible for an entire week, it's probably not very important.
Annoy the wrong three-letter agencyâ"redirected to an ICE warning page.
I run a stupid amount of domains and websites for over a decade without pissing off any three letter agency, I don't think this is likely to effect me.
Unless you're the holder of a Top 100 domain name, I'd say the threat of a zero-day exploit targeting your Namecoin keys should be rather far down the list of things to worry about
I'd say you're wrong. How many automated spidering systems exist out there, looking for vulnerable phpbb, phpnuke, old IIS servers etc? Loads, to the point that if you install this software and it gets listed on a search engine, it won't take long before it gets exploited.
Additionally, why the hell would you think it's a good idea if the "Top 100 domain name" are at risk!? People rely on those "Top 100" domain names to be accurate and not be a scam.
I simply cannot condone using this system for security purposes.
I can understand if an unexperienced user buys a domain or two from them, not knowing that there are alternatives
As domain registrars go.. I don't know of any better alternatives, most other domain registrars I have used take long to process whois changes, lock/unlocks, dns server changes, dns glue changes, transfers etc.
but anyone who knows what they are doing should be immediately turned off by GoDaddy's horrible interface
Actually, their domain management control panel is pretty awesome, I haven't seen any other registrar that lets me manipulate settings on multiple domains in one go like I can on Godaddy.
It's not even cheaper than alternatives.
As a Godaddy user, I don't know many registrars where I can get a special deal of 4-5USD/year on common TLDs (I own many domains).
I should note that I don't use Godaddy for hosting or even DNS (which is free).
Feel free to respond with any genuine comparable alternatives, I'll give them consideration. I just don't know of any that come close to my current experience with Godaddy.
Or is there something I'm missing?
You can't transfer some TLDs, so, I'll be stuck using Godaddy regardless for some domains.
Without at least 14 people to submit their keys, we can't derive even one bit of the actual encryption key used to sign things. What if they only exist as an online entity and you have to track them all down?
Seems easy to defeat. You get enough to of them so they can't operate anymore, thus destroying the network's ability to assign new addresses and you offer your own set of keys that can't be easily damaged (many people are creatures of convenience after all). Mandate only your keys be put in computer systems by law. Or, you just get enough of them to make it your authority. It doesn't seem that far fetched to me.
What is to stop people from downloading and installing software that didn't come with their computer?
From a technical perspective, TPM based systems like the latest game consoles.
From an enforcement perspective, strict punishments on people caught using other devices (death sentence?) will discourage the use greatly as well as continuous propaganda while pushing forth technologies that work with this to make it more convenient to use for every day purposes and security.
* you saw a place where some software could really help; * you knew they wouldn't buy it; * you were told they wouldn't pay you to write it; and * it wasn't in your job description to write it (side note: seriously?)...but * you wrote it anyway; and * now what?
Get extra paid holidays off instead? It seems to me that they can afford that.
At best, if the uploader indemnified Google, Google could force him to pay Google for any damages the Orchestra gets from Google. But the orchestra would still be able to enforce any rights it had.
You're acting on behalf of the Orchestra, you entered an agreement on behalf of them, which means they have ended up agreeing to said agreement. If you didn't, then you uploaded the video unauthorized and you are subject to being sued by both parties.
That still relies on some sort of centralized authorities still, what is to stop a physical intervention. Where an armed force threatens someone under the cost of their lives to sign a new "digital ID", invalidate the old ones etc?
Then, what of the similar situation to now, government requires these 'authorities' to follow or face the consequences of breaking the law?
What is to stop them from requiring all computers sold in country X, only trust authorities Y and Z that is under their control?
Deep packet inspection also defeats the ssh-tunnel route.
I have yet to encounter any that worked against one of my methods and if it did, I don't think it would take me long to figure out a method that wasn't blocked.
Slashdot Mirror
In my example, this happened because megaupload was completely ignoring take down notices (not even countering), so they were cut off at a service provider level.
So, they should have just let it fly because they ignored genuine take downs?
Which is a provision after a take down notice had been ignored if you read the SOPA legislation.
I have mentioned this in my own post that I am not happy with lack of evidence required to process such requirements. However, I did already note it was slightly better in the way that it requires a judge to approve the action.
I have seen counter actions (sample1, sample2), in summary, yes.
Which is not always the fault of the law it self. Content hosting providers such as Youtube do choose not to host content for some people after receiving complaints, regardless of legitimacy involved - people agree to these terms when they signed up for the service. This is a different matter, it's not the law preventing the content to be returned at this point.
Apparently there is, because I linked some examples.
Only thing I found annoying about your post is completely ignoring the good the DMCA has given, portraying it in a purely negative fashion.
It has been used to protect copyright holders, even GPL software. It has given small companies and individuals an out to deal with issues that would otherwise require very costly lawyers for very legitimate issues that without would have only been achievable if they were a large firm with deep pockets.
I feel these are genuine issues that need to be resolved, that said, I still don't agree with PIPA or SOPA legislation's methods and I still don't agree with what many are regurgitating (mainly misrepresenting what is intends to do and then going about saying it doesn't do that, then further blatantly lying about how certain things won't work).
So, I tried to look up information on this Wikipedia thing, but all it does is give me philosophical tasks like:
I don't think that will help anyone pass exams.
I'm sorry, but I read the information being used to counter the legislation and they did focus on literal breaking of DNS.
Although anecdotal... Considering people tell me the government is censoring websites when the sites go out from heavy traffic, no. The common man appears to be plenty paranoid.
Under this logic, we should get rid of DNS, because of how centralized it is and can be potentially abused by governments. I prefer to draw the line when there is abuse.
What court refused to let a provider restore access when still fighting in court over the matter until it was resolved? I can't think of any.
I can think of instances where they did let them do so, such as with the court cases that involved megaupload.
Indeed. I for one would put extra effort into dispelling the myths people keep coming up with. Like how the proposed DNS filtering system breaks DNSSEC, despite the fact DNS resolvers would use the response code REFUSED (see RFC 1035) for A/AAAA/CNAME related queries which would tell the DNSSEC client that the resolver refused to resolve it's request, not fake it. This doesn't break the DNSSEC zone chains and doesn't prevent DNSSEC validation regardless.
Or how people completely misrepresent the purpose of the DNS filter, which is to stop copyright infringing websites from posing as legitimate sites and charging customers for advertising time or trick them into paying for a product that isn't actually genuine.
It is not intended to be a magic stop all for all piracy like people who are trying to stop PIPA and SOPA are claiming. It's meant to make the line between genuine and non-genuine content much easier to see.
Not to mention these anti PIPA and SOPA advocates conveniently forget to note that a lot of the take down issues are more of a problem when it comes to the already existing DMCA because there is ZERO validation by a judge.
The only additionally area (talking about the scope in take downs) that the DMCA does not particularly cover where SOPA and PIPA are intended to deal with is a loop hole that sites like the pirate bay exploit. Where they are not handling copyright infringing content directly and by doing so, they are in a loop hole of US law where the domain cannot be closed despite the fact there is 100%, absolute clear intent in their assistance of doing copyright infringement.
Now, there are definitely issues with SOPA and PIPA, mainly the lack of evidence requirement before a judge should be a changed (although I expect that many judges will want to see some evidence regardless - They didn't get into their position by screwing people, despite what people think). Yes, there will be abuses, all laws will get abused at some point or another. But when you compare the abuses to current existing laws, there isn't actually that much more it could do.
And before someone makes the argument that they can make a website poof, if you actually read the legislation, that is a last measure when there has been no cooperation with the people involved in the matter. The decisions can be challenged in court just fine, there is nothing that says you cannot do that, just like with the DMCA.
It pisses me off so many people get their information from a 3rd party sources and don't even bother verifying the information. You're on the Internet, you can get access to the original legislation as well as many related documents - Why are people advocating something that is blatantly lying about many things, didn't anyone learn in school to verify facts at all?
People are lying worse than the politicians right now. I am appalled by so many people who represent themselves as someone knowledgeable in the tech industry.
FYI: I am against SOPA and PIPA as I feel that the legislation should require more evidence on the copyright holder before they can get a judge to issue a take down request, but a lot of the other crap people are talking about is just complete utter bullshit to me.
I don't want to associate with the anti SOPA and PIPA crowd.
I'm perfectly fine with Slashdot remaining neutral on the matter.
Okay, I'll do as you say, AC.
Wikileak's founder, tell us (I'll use your PGP key for verification it's you replying).
I'm typing this out by hand from a book called "Oxford Dictionary of English" (ISBN: 978-0199571123) in front of me regarding the definition of 'America'.
No offence, but I think I am going to stick with the Oxford Dictionary of English definition, I think it's far more of an authority on this sort of thing that a random person on the Internet.
You could just simply not send a DNS response at all.
Browsers would just show an error like this:
DNSSEC won't know any better, there is nothing in the DNSSEC protocol for even handling a lack of response.
I don't think so. Person has DNS failure on well known piracy site = Huge support costs. What?
Pop quiz!
Q: What does America, Europe and Scandinavia have in common?
A: They aren't countries.
I don't really recall seeing any whining last year actually. Surprising since I visit Slashdot daily.
Upgrade and virtualize the stuff that cannot or is too costly to migrate.
Why are you running software on such slow computers that it takes weeks to install a version of Firefox? Surely you can run something a bit more modern?
If I recall correctly, a PowerPC-based mac can still run Linux distributions.
If it's that serious, go search Google.
I think law draws the line when they have crossed the point of no return in treatment.
I'm pretty sure a doctor can and he'll likely be capable of giving a reason that is acceptable, even if that is not the truth.
I already gave you evidence regarding insecure installations being exploited on an automated basis. Interesting doesn't matter and yet you simply choose to ignore this fact I highlighted.
I have interest in having a secure system that has proper controls for dealing with problems. I'm going to participate because solutions like this effect me if they end up becoming something major.
To be fair, if censorship is the real issue, use a system like Freenet, which is built for handling censorship issues instead of deciding that Domain Name System needs to be redefined. DNS is only but a small part of information exchange. Blocking can take place on many other levels without touching DNS. One only needs to look at how China has technologies that intercept packets of all kinds, scanning for forbidden elements and forcing a disconnect.
Also, by not taking security into consideration, such as hash collisions (which are fairly easy with how the bitcoin cipher is currently done), you can't expect to exercise good anti-censorship technologies when governments have vast amounts of resources to throw at a problem to make it go away.
One of the domains I run is an IRC network that occasionally has some annoying script kiddies that attempt DDoS attacks. The DNS servers are automatically rotated to prevent DDoS attacks from taking it out and to make it more difficult to gather all the different name servers for attack lists. For obvious reasons, your method isn't applicable to dealing with this particular issue.
I would use glue records for the network, but sadly they don't update fast enough when things need to be changed. Namecoin makes handling such situations more difficult, slower with more risk, if script kiddies can cause a problem like this, do you really think this will stop a government who has far more resources at their disposal than any single script kiddy?
I should also note that Anonymous' favourite tool for censorship is DDoS attacks as well. A technology like Freenet is far better suited for the uses of anti-censorship. Namecoin's useful would be short lived if it gained popularity due to all the glaring issues it fails to deal with on a security and censorship level.
Namecoin is as much the solution to DNS as SOPA is the solution to piracy.
To dynamically change settings as needed on the fly. Not everyone can afford anycasting.
De-automate my work? Yeah, no.
Indeed, I manage quite a lot of domains and I have been able to reacquire every single one that got "lost". I believe this would not be the case if similar events happened on a decentralized system.
To be fair, most decent registrars hold on to the domain for two weeks after it expires before letting it go, so if you aren't noticing your domain being inaccessible for an entire week, it's probably not very important.
I run a stupid amount of domains and websites for over a decade without pissing off any three letter agency, I don't think this is likely to effect me.
I'd say you're wrong. How many automated spidering systems exist out there, looking for vulnerable phpbb, phpnuke, old IIS servers etc? Loads, to the point that if you install this software and it gets listed on a search engine, it won't take long before it gets exploited.
Additionally, why the hell would you think it's a good idea if the "Top 100 domain name" are at risk!? People rely on those "Top 100" domain names to be accurate and not be a scam.
I simply cannot condone using this system for security purposes.
As domain registrars go.. I don't know of any better alternatives, most other domain registrars I have used take long to process whois changes, lock/unlocks, dns server changes, dns glue changes, transfers etc.
Actually, their domain management control panel is pretty awesome, I haven't seen any other registrar that lets me manipulate settings on multiple domains in one go like I can on Godaddy.
As a Godaddy user, I don't know many registrars where I can get a special deal of 4-5USD/year on common TLDs (I own many domains).
I should note that I don't use Godaddy for hosting or even DNS (which is free).
Feel free to respond with any genuine comparable alternatives, I'll give them consideration. I just don't know of any that come close to my current experience with Godaddy.
You can't transfer some TLDs, so, I'll be stuck using Godaddy regardless for some domains.
Seems easy to defeat. You get enough to of them so they can't operate anymore, thus destroying the network's ability to assign new addresses and you offer your own set of keys that can't be easily damaged (many people are creatures of convenience after all). Mandate only your keys be put in computer systems by law. Or, you just get enough of them to make it your authority. It doesn't seem that far fetched to me.
From a technical perspective, TPM based systems like the latest game consoles.
From an enforcement perspective, strict punishments on people caught using other devices (death sentence?) will discourage the use greatly as well as continuous propaganda while pushing forth technologies that work with this to make it more convenient to use for every day purposes and security.
Get extra paid holidays off instead? It seems to me that they can afford that.
You're acting on behalf of the Orchestra, you entered an agreement on behalf of them, which means they have ended up agreeing to said agreement. If you didn't, then you uploaded the video unauthorized and you are subject to being sued by both parties.
That still relies on some sort of centralized authorities still, what is to stop a physical intervention. Where an armed force threatens someone under the cost of their lives to sign a new "digital ID", invalidate the old ones etc?
Then, what of the similar situation to now, government requires these 'authorities' to follow or face the consequences of breaking the law?
What is to stop them from requiring all computers sold in country X, only trust authorities Y and Z that is under their control?
I have yet to encounter any that worked against one of my methods and if it did, I don't think it would take me long to figure out a method that wasn't blocked.