Syrian Electronic Army 'Hack' Of The NYTimes Was The Exact Remedy MPAA Demanded With SOPA
from the and-it-was-a-joke dept
There were many, many concerns related to SOPA and PIPA when they were proposed, but the absolute biggest was the use of DNS blocking as a “remedy” against sites where it was alleged that infringement was a primary purpose. Of course, as tons of technology experts points out, any form of DNS filtering or redirecting would be a security nightmare and would do almost nothing to actually stop infringement.
As you may have heard, this week the Syrian Electronic Army was effectively able to “take down” nytimes.com by engaging in a bit of DNS hacking, which was really nothing more than a DNS redirect. As Rob Pegoraro points out, this is the same basic remedy that the MPAA wanted so badly with SOPA. In fact, during the negotiations over SOPA (after it became clear that its companion bill in the Senate, PIPA, was stalled over the DNS blocking issue), this was the issue the MPAA refused to budge over: DNS blocking/redirects needed to be in SOPA. As Pegoraro writes, if SOPA had become law, we likely would have seen the law abused to take down sites just as the Syrian Electronic Army took down nytimes.com:
2011’s Stop Online Piracy Act would have let copyright holders require Internet providers to use DNS redirection to block access to allegedly infringing sites. That authority would inevitably have been abused in social-engineering exploits–and we’d likely see a lot more outages like the NYT’s.
At the same time, Ali Sternburg, over at the Disruptive Competition Project points out that this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA (despite the MPAA’s insistence that it was necessary), because it’s so easy to get around and many, many people did. It may have been an inconvenience, but it was hardly the game changer the MPAA predicted.
If this sounds familiar to you, perhaps it’s because Domain Name System (DNS) blocking was part of the original draft of SOPA. DNS blocking was suggested as a remedy to take entire allegedly infringing foreign websites down, but yesterday demonstrated that people can still navigate to sites through their IP address, even when domain name servers are offline. This is consistent with a major critique of the DNS blocking during the SOPA debate: that it wouldn’t even work. Some SOPA supporters had argued in response that “it would be a mistake to assume, as some of these network engineers have, that the average Internet user has the above-average technical skills necessary to do this.” But yet, people did yesterday.* If people want to access a website, they can figure it out pretty fast, and without needing any significant technological skills.
So it’s somewhat ineffective for blocking (though, very effective for drawing much more attention to what you want blocked). It was a dumb idea by the technologically illiterate folks at the MPAA to suggest a form of DNS hacking as any kind of remedy to copyright infringement, and the NY Times redirect hack just made that even clearer.
Filed Under: dns redirect, hacking, sopa, syrian electronic army
Companies: mpaa, ny times
Comments on “Syrian Electronic Army 'Hack' Of The NYTimes Was The Exact Remedy MPAA Demanded With SOPA”
?it would be a mistake to assume, as some of these network engineers have, that the average Internet user has the above-average technical skills necessary to do this.?
When did typing numbers become an above-average technical skill?
Re: Re:
When they have little dots between them, everyone’s eyes glaze over.
Re: Re: Re:
Wait! How can a number have more than one DECIMAL!!!
Re: Re:
In a country where evolution is debatable, knowing what a number is becomes an above average skill.
Re: Re:
When you’re an MPAA lobbyist, and you can’t count, that makes it a difficult challenge for everyone.
Re: Re: Re:
By default MPAA lobbyists can’t count. Failing at mathematics is a requirement to shill for the MPAA.
Re: to Michael, Aug 29th, 2013 @ 12:57pm
The above average skill is knowing what number to type.
The attack was mitigated by other means as well
A number of network engineers blunted the attack by having their resolvers return correct information, thus effectively rendering it null against anybody who was using those resolvers.
In English: you are a customer of Fred’s ISP, which you are connected via dialup/DSL/cable/fiber/whatever. When you make that connection, your modem/router is assigned an IP address by Fred and now you are on the Internet. Yay! You’re also assigned a bunch of other things (like a default route) including DNS servers. Thus when you attempt to connect to http://example.com, your system emits a query for the IP address of example.com and that query is directed at the DNS servers that Fred told you to use. (This is presuming you didn’t override all these things…which you probably didn’t.)
So if Fred’s operators notice that the SEA has done something evil to the DNS records for example.com, they can trump that by ordering their DNS servers — the ones you’re using — to return something else…like the correct DNS records.
This is not the sort of thing Fred’s people want to do every day, and they’re not going to do it for piddly little sites that nobody visits anyway…but replace “Fred” with “Verizon” and “example.com” with “The New York Times” and yeah…they just might. And in some cases: they did.
the difference would be that the entertainment industries wouldn’t give a toss who else or which other else sites were affected as long as they got what they wanted. it’s exactly the same with the supposed win against Hotfile. they haven’t even considered, let alone worried about all the side effects this ruling will have, if it stands, on every other 2nd and 3rd person liability. as long as they think they are stopping their stuff from being had, it’s got to be good! it’s got to be working right, right? if Obama wanted to do one thing to get the US economy going, he ought to stop what these industries are getting away with, stop helping them above all else and tell them to start doing what every other business has to do, COMPETE!! you’d be surprised how much money can change hands when a customer can get what he’s looking for without having the piss took out of him over the price!!
Google Hails Age of Cyber War & Digital Revolution
“Technocratic Aims Merge With Bilderberg Agenda, as Google Execs Eric Schmidt and Jared Cohen See Militarized Internet Where Privacy Is Dead
http://truthstreammedia.com/google-hails-age-of-cyber-war-digital-revolution/
As you strain here to be topical besides somehow — sheesh! — link to MPAA and SOPA, I bring in a similar enough given your wacky S-T-R-E-T-C-H subversive role that Google and its executives played in the “Arab Spring”. That article lays out long-term connections with WH and State Dept, not just a website hack.
Re: Google Hails Age of Cyber War & Digital Revolution
That article lays out long-term connections with WH and State Dept, not just a website hack.
Ha. If anyone actually has doubts about whether Truthstream Media is a loony conspiracy site, just read the other articles. Like this one:
Just by citing sources like that as credible, you’ve automatically proven that you are not to be taken seriously.
So you are just a big, chubby bag of contradictions:
First you claim: As you may have heard, this week the Syrian Electronic Army was effectively able to “take down” nytimes.com by engaging in a bit of DNS hacking, which was really nothing more than a DNS redirect.
And then you say: At the same time, Ali Sternburg, over at the Disruptive Competition Project points out that this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA (despite the MPAA’s insistence that it was necessary), because it’s so easy to get around and many, many people did.
So which is it? The Syrians can “effectively take down nytimes.com” but if used as part of SOPA it’d have been “laughingly ineffective? “
Re: Re:
So which is it? The Syrians can “effectively take down nytimes.com” but if used as part of SOPA it’d have been “laughingly ineffective? “
You are bad at reading comprehension. Note that I did not say that they took down “The NY Times.” I said they took down nytimes.com — the specific URL. That’s true. But, as Sternburg pointed out, this was useless, because it didn’t take down the content, nor make it difficult to reach.
They took down the URL, but not the content. Basically exactly what your preferred solution would have been.
Re: Re: Re:
Funny, the NY Times (as reported on can.com) said:
The newspaper posted a message on its Facebook page about 5 p.m. ET that said, “Many users are having difficulty accessing The New York Times online. We are working to fix the problem. Our initial assessment is the outage is most likely the result of a malicious external attack.”
So nytimes.com claim many users had difficulty accessing content. But I guess we should believe you instead because you just know these things, right?
Re: Re: Re: Re:
Many != all
Re: Re: Re: Re:
The given solution to access nytimes.com when you can’t rely on DNS is to type in a string of numbers. A very simple and easy solution. But only if you know about it, or know exactly what to ask or who to ask.
The average web surfer when trying to access nytimes.com wouldn’t have known even the slightest thing about DNS or the fact that the solution was incredibly simple. He would have just said to himself “Site is down, somebody hacked it, them geeks at the Times have to do some computer shit to fix it, there’s nothing I can do myself to get at the site”.
Re: Re: Re: Re:
“So nytimes.com claim many users had difficulty accessing content. But I guess we should believe you instead because you just know these things, right?”
So the NYT says “many users had difficulty accessing content” and Mike says “this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA… because it’s so easy to get around and many, many people did.” These two statement are NOT in conflict with each other. Both can be (and most probably are) completely correct.
Sorry, but your lame ‘gotcha’ fell flat on it’s face.
Re: Re:
I’ll take this one…
As you may have heard, this week the Syrian Electronic Army was effectively able to “take down” nytimes.com by engaging in a bit of DNS hacking, which was really nothing more than a DNS redirect
Notice that quotes around “take down”. This is an indication that the term within them does not accurately reflect what actually happened. They are just like people using air quotes when they talk about you being intelligent or well read.
At the same time, Ali Sternburg, over at the Disruptive Competition Project points out that this also shows just how laughably ineffective DNS blocking/redirecting would have been in SOPA
It can be pointed to as an example as to how ineffective DNS redirects would have been because people were still able to get to the website by easily typing in the IP address into their web browser. Lots of average-intelligence internet users managed to take on this complex task of typing numbers and easily defeated the blocade.
And of course, as Masnick warned during SOPA, the Internet is now broken because of this DNS blocking that just occurred.
Oh wait, no it isn’t.
Because slimy Mike Masnick and the turds that employ him over at Greedle were LYING to people.
Re: Re:
Okay, imagine what happened to this one website…
Happening to EVERY SINGLE WEBSITE…
Let that sink in.
Re: Re: Re:
Every single website is infringing? What kind of idiot are you? Oh, right. One of Masnick’s pet idiots… carry on with the buffoonery.
Re: Re: Re: Re:
Hmm, let’s see…
Just from a quick glance of SOPA’s DNS blocking…
Facebook
Google
Bing
Youtube
imgur
pixiv
deviantart
yahoo
wikipedia
tumbler
even steam
Hmm…
That’s a LOT of people affected by copyright claims. All it would take is ONE claim to hit them all.
Re: Re: Re:
imagine what happened to this one website Happening to EVERY SINGLE WEBSITE.
Imagine if you hadn’t been dropped on your head so much as an infant. Let that sink in.
Re: Re: Re: Re:
Clap clap clap What a comeback. You can’t think of anything to refute my statement, so you attack me.
Wow! Wish I had thought of that. Imagine how much easier it would be to win an internet argument if all I had to do was insult someone based on the fact that I don’t know anything about them.
Re: Re:
Still bitter SOPA/PIPA got curb-stomped by the public are we?
Re: Re: Re:
Six strikes, the industry agreements on advertising and payment processing and the recent judicial bitch-slaps of cyber lockers has made me feel much better. Thanks.
Re: Re: Re: Re:
Yup. The only thing that Google brought about with their SOPA scare-scam was a hammer from people who didn’t appreciate being manipulated by billionaire grifters.
Re: Re: Re:2 Re:
People who assert that the anti-SOPA campaign was a Google-led effort are one or more of the following: liars, ignorant, and/or stupid.
Google was brought into the effort late, and reluctantly.
Re: Re: Re:3 Re:
LOL
Total lie.
Look at Google’s lobbying expenditures during that period. Coincidence? Uh no. Then they used Reddit and that weasel Jimmy Wales to try cover their tracks. Epic fail.
Re: Re: Re:4 Re:
If that’s your “truth”, (btw [citation needed]) you must know all about being “dropped on your head so much as an infant” from experience.
Re: Re: Re:5 Re:
It was Google through Marvin Ammori, their DC hired gun. He personally wrote on the order of 50 of the 75 amendments offered at the SOPA markup. Mostly redundant and all calculated to bog the process down and allow momentum to build. It was nicely played, but only Holocaust and global warming deniers maintain that Google didn’t have its greasy fingerprints all over that.
Re: Re: Re:6 Re:
Mmmhmm… Sure, blame google. I’m sure that it makes you feel better at night thinking that it had to be evil Google’s fault that SOPA failed and not the fact that there were millions of phone calls to Congress.
Re: Re: Re:6 Re:
None of which has anything to do with the popular revolt against SOPA — which Google did not start and tried to avoid getting involved with until they realized it would have been a PR disaster if they didn’t.
yes, Google did want SOPA modified to benefit them (Google is far from an angel), but they had no interest in scuttling it altogether.
Re: Re:
And of course, as Masnick warned during SOPA, the Internet is now broken because of this DNS blocking that just occurred.
Oh wait, no it isn’t.
Because slimy Mike Masnick and the turds that employ him over at Greedle were LYING to people.
Hahahahahahahaha, nice of you to point that out. On another humorous note; the douchenozzles over at Demand Progress have resurrected the Justin Bieber in prison campaign over streaming. Seriously Masnick, the only you’re missing are the slap shoes, bulb nose and tiny little car.
Re: Re:
Yeah the funniest part (that you obviously understood but cherry-picked a couple of statements out of context)is that the initial point is true. It would break the internet… if it was systemic and not a hack.
Think about this… all of the “official” DNS servers are managed according to SOPA… what happens next is that the “hackers” or people intent on providing a free and open internet setup their own DNS servers and voila! no more DNS direct by the powers that be… Now imagine 100 or 1000 world-wide organizations all with their own DNS servers all having different IPs for a given domain or domains.
Result=Broken internet.
I love how the people trolling have no grasp what so ever of how Domain Name Resolution is enacted.
Normal people would go out and learn and say oh so that what he meant. Not trolls however they are not burdened with such silliness.
I can only hope that the next generation of government it not utterly technologically inept as the trolls in this forum.
Just for the sake of historical accuracy, re-directing was removed from the SOPA bill during the amendment process. To respond with “but it was there originally” would be literally true, but would be misleading in that if SOPA had passed it would have done so without a re-direct provision.
Re: Re:
Please don’t dilute the hysterics with facts. It is not the Techdirt way.
Re: Re:
There was still the fact that you would get hit with a felony for streaming/posting stuff that was under copyright.
Seriously, stop and think about that for a moment…
Posting a copy of something online had the potential to hit you with the same kind of punishment that someone who runs people over with cars, murders, rapes, steals thousands of dollars from a bank, certain animal abuses…
So, in what kind of world does THAT make any sense?
Re: Re: Re:
There was still the fact that you would get hit with a felony for streaming/posting stuff that was under copyright.
Seriously, stop and think about that for a moment…
Posting a copy of something online had the potential to hit you with the same kind of punishment that someone who runs people over with cars, murders, rapes, steals thousands of dollars from a bank, certain animal abuses…
So, in what kind of world does THAT make any sense?
All it does is elevate the penalties for illegal streaming to that of illegal downloading with the same thresholds. And it was not part of SOPA, it was a bill introduced by Klobachar.
Re: Re: Re: Re:
Haha, way to misdirect and not answer the question. You’re as slimy as you proclaim Mike to be.
Re: Re: Re:2 Re:
Obviously you are slow. I answered the question. The bill, (still not part of SOPA) brought illegal streaming penalties to the same as those for illegal downloading. That makes sense. And neither the streaming nor downloading penalties apply to anyone other than those doing it for commercial gain. It would not apply to silverscarcat streaming the latest episode of “Big Bang Theory” in his Mom’s basement. But it would apply to the crook seeking to unlawfully enrich himself on the creative output of another to which he is not entitled. If you can’t understand that, you should ask your Special Ed. teacher for a more in-depth explanation using smaller words.
Re: Re: Re:3 Re:
I believe the SSC’s point is that it’s pretty ridiculous that the “same thresholds” you mention mean that it’s worse to commit copyright infringement than to commit robbery, rape, or murder. It seems like a point well taken.
The problem with that is that it’s very, very difficult to tell what’s “commercial” and what isn’t. The industry’s perspective is if there’s an ad on the page, it’s commercial. By that definition, almost everything anybody does on the internet is “commercial”.
The distinction is a smoke screen, used to try to imply that ordinary users wouldn’t be affected when clearly almost all of them would be.
Re: Re: Re:3 Re:
Joke’s on you, I don’t live with my mother.
You have to realize that not everyone against this stuff is a dweller in their mommy or daddy’s basements.
Re: Re:
show me the text of the bill where it was removed…
Re: Re: Re:
Read the manager’s amendment…
Re: Re: Re: Re:
got a link to the managers amendment that was posted for the public to view?
and you can guarantee that what is in there was the final text? That they would not have tried to slip in any further amendments later attached as a rider on another bill?
Re: Re: Re:2 Re:
An online search using the term “SOPA manager’s amendment” will yield many sites that meet your request.
I happen to use the Thomas site as it is devoted to following federal bills, and well as Congress’ own site that likewise follows all bills at all stages of the process.
Re: Re:
Just for the sake of historical accuracy, re-directing was removed from the SOPA bill during the amendment process.
This is false. The manager’s amendment made some changes, but DNS issues remained. The “change” was that it no longer mentioned DNS specifically, but set it up such that the only way to really comply with the law would have been through DNS redirect.
This was the language in the manager’s amendment:
To respond with “but it was there originally” would be literally true, but would be misleading in that if SOPA had passed it would have done so without a re-direct provision.
Also false. As a last gasp effort, Senator Leahy promised to change PIPA to say that DNS issues wouldn’t have be implemented right away, but only after a “study.” The text of said language was never publicly introduced. Rep. Smith later made a vague promise to do something similar with SOPA, but never released any text.
But, until the end, SOPA had a requirement for blocking on the part of ISPs, and the style of blocking was almost certainly limited to DNS blocking.
You really shouldn’t lie when it’s so easy to prove you wrong.
Re: Re: Re:
Excuse me, but my comment was limited solely to noting “re-directing” having been removed from the bill as it wended its way through the legislative process.
Now, if it was explicitly retained in the bill then your comment would have merit. Since it was not retained it is difficult to understand your “liar, liar, pants on fire” retort.
Re: Re: Re: Re:
Excuse me, but my comment was limited solely to noting “re-directing” having been removed from the bill as it wended its way through the legislative process.
Redirecting was not removed from the bill as I noted in my comment.
Why do you lie? You really have a sick compulsion.
Now, if it was explicitly retained in the bill then your comment would have merit.
It was retained in the bill. As noted.
Since it was not retained it is difficult to understand your “liar, liar, pants on fire” retort.
As noted, it was retained. Which is why you’re a liar.
Re: Re: Re:2 Re:
Why do you lie about not intentionally censoring your critics, Mike? Why can’t you have an honest discussion about it?
Re: Re: Re:2 Re:
Not sure how this squares with “SEC. 2. SAVINGS AND SEVERABILITY CLAUSES.” Perhaps you can elaborate upon how your cited provision overrides the “savings” provision.
I call bullshit on the argument that normal people don’t know how to type in a numeric IP address.
You learn how to do the things you want to do. Years ago, people had simpler programs for email and social networking. Now you just ask a friend or Google what you don’t know. If routing around DNS blocking became widely necessary, very user friendly redirects to numeric IP addresses would pop up overnight.
even though this proves exactly how bad SOPA was, the MPAA and obviously the rest of the entertainment industries have now managed to get 2nd and 3rd person liability brought into their equation. the results of this can and probably will be catastrophic! the judge that arrived at this conclusion must be a fucking moron or well payed by the industries! the door is now open for all sorts of mischief to happen!
Beware my friends, you woke up the SOPA trolls. They still believe their beloved masters will see SOPA come to fruition! The amount of trolling in this article is rather telling 😉
Re: Re:
Totally. It’s like fun with ant hills or flipping over rotting logs.
The copyright industry sucks and they are a clear and present danger to any global society.
Re: Re:
Actually, everything that has happened since SOPA is SOPA+. Six strikes, ad network and payment processing cooperation without the need for judicial review, search engine demotion, secondary liability for file lockers. In total, it is much further reaching than SOPA. Who needs SOPA?
Re: Re: Re:
Except that those don’t affect everyone.
SOPA would have.
Link between MPAA and the so-called Syrian Electronic Army?
One wonders what the link is between the so-called Syrian Electronic Army and the MPAA…
It seems “convenient” that this was an attack orchestrated in response to some possible military activity by the US Government against Syria… It seems much more likely that it was an attack orchestrated by the MPAA and its co-conspiritors behind SOPA hiding behind a “front page name” organization.
Cynical… who me?
So the short version of this is that the Syrian Electronic Army used techniques advocated by the MPAA. So how do we know the SEA isn’t the MPAA gone rogue?
Chicken Little
The bottom line is that the primary criticism of the DNS blocking provision of SOPA is that it would “break the Internet.” But now DNS blocking is “laughably ineffective” and “easy to get around.” At worst, as you put it, it’s an “inconvenience.” SOPA was never going to cause the Internet sky to fall and everyone knew it.
Re: Chicken Little
The bottom line is that the primary criticism of the DNS blocking provision of SOPA is that it would “break the Internet.” But now DNS blocking is “laughably ineffective” and “easy to get around.” At worst, as you put it, it’s an “inconvenience.” SOPA was never going to cause the Internet sky to fall and everyone knew it.
I think you misunderstand the issues — either due to technological ignorance or willful misrepresentation. The fact that DNS blocking is easy to get around has nothing to do with the fact that forced DNS filtering would, in fact, break key aspects of the internet. No one claimed it would shut down the internet, but rather that it would make certain important parts of the internet, including certain forms of security (like DNSSEC) impossible to work properly.
So, yes, both statements are true. Forced redirects would break key components of the internet, and it would do so in a manner that would be highly ineffective in stopping what SOPA supporters wanted to stop. The main problem is that while it would be totally ineffective in stopping piracy, the things it would break would be hard to replace. So you’d damage internet security, without slowing piracy.
“I think you misunderstand the issues — either due to technological ignorance or willful misrepresentation.”
I think he understands just fine, and the technological ignorance and willful misrepresentation are just part of his job description.