Massive Overblocking Hits Hundreds Of UK Sites

from the well,-there's-a-surprise dept

Two years ago, Techdirt reported on a very troubling ruling in the UK courts that BT had to block access to the Usenet service provider Newzbin2. At the time, many feared that this would be the thin end of the wedge, giving copyright companies an easy way to shut down other sites. And with that power, of course, would come the inevitable errors, blocking completely unrelated sites. Just how seriously those mistakes could be is shown by this recent case of massive overblocking, reported here on PC Pro:

Virgin Media and Sky-owned Be Broadband customers found they were unable to access the Radio Times website last week, after the ISPs' anti-piracy filters included the site by accident. Telefonica, which still runs Be Broadband's network said that the overblocking had actually affected around 200 legitimate websites.
Radio Times is a well-known UK TV and radio listings magazine; another major site affected was the citizen science project Zooniverse. As an Open Rights Group (ORG) post explains, the specific Radio Times address that was blocked was radiotimes.com, while www.radiotimes.com continued to function. Here's why:
Many third-party load balanced systems, for example those using Amazon's AWS [Amazon Web Services] infrastructure, are enabled by pointing CNAME records at names controlled by those third-party systems. For example www.example.com may be pointed at loadbalancer.example.net. However, "example.com" usually cannot be directly given a CNAME record (CNAME records cannot be mixed with the other record types needed such as those pointing to nameservers and mailservers). A common approach is to point "example.com" to a server that merely redirects all requests to "www.example.com".

From forum posts we can see that it's this redirection system, in this specific case an A record used for "http-redirection-a.dnsmadeeasy.com", that has been blocked by the ISPs -- probably a court-order-blocked site is also using the service -- making numerous sites unavailable for any request made without the "www" prefix.
As ORG surmised, the problem arose from a UK court decision handed down last month that allowed the Football Association Premier League Limited to block FirstRow Sports, a site for live-streaming sports events. It turned out that the latter used the redirection service http-redirection-a.dnsmadeeasy.com, which was then blocked as part of the court order. Unfortunately, hundreds of other sites, which also used that redirection service, were also blocked as a result.

This is a classic case of overblocking, but on a scale hitherto unseen in the UK. It shows why such Web blocks are very crude instruments, and how easily they can go wrong for quite subtle technical reasons. The problem is that the companies seeking the blocks can make mistakes, but the ISPs implementing the blocks don't want to become responsible for checking that the blocks are correct, and thus implement whatever is sent to them.

A post on the Zooniverse blog explains why this is so problematic:

The fact that the court could issue an order which didn’t see this coming and that the ISPs would act on it without checking that what they were doing was sensible is, in my opinion, extremely worrying. It shows how little power we as operators of a website have -- there are no guarantees that our hard work will travel along the little tubes that make up the internet to make it to your computer, and -- although Virgin were nice in this case -- it's disturbing to think we would have had no redress had they decided to keep blocking us. In the midst of a huge political argument in the UK about filtering content online, it's worth bearing in mind how a simple attempt by a multi-billion pound business to protect its revenue stream ended up, by complete and careless accident, preventing science getting done at the Zooniverse.
Sadly, we can probably expect things to get worse, as copyright companies resort to this approach more often, more mistakes are made, and more overblocks occur with little concern for the damage they cause.

Follow me @glynmoody on Twitter or identi.ca, and on Google+



Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    ralph, Aug 15th, 2013 @ 12:08pm

    It's like letting two-year-old brats loose in a china shop.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    jameshogg (profile), Aug 15th, 2013 @ 12:10pm

    Futile Luddism.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 12:15pm

    Why dont they just admit it?

    The United Kingdom is now Airstrip One...

    Glad I live in the US... oh wait...

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    Zakida Paul (profile), Aug 15th, 2013 @ 12:17pm

    Same thing will happen when fat Dave's porn filters come into effect.

    People never learn.

     

    reply to this | link to this | view in thread ]

  5.  
    icon
    jameshogg (profile), Aug 15th, 2013 @ 12:20pm

    Re:

    Can't stop piracy. Can't stop porn.

    But we can TOTALLY stop pirated porn... right?!?

     

    reply to this | link to this | view in thread ]

  6. This comment has been flagged by the community. Click here to show it
     
    identicon
    out_of_the_blue, Aug 15th, 2013 @ 12:22pm

    OMG! "included the site by accident. ... around 200 legitimate websites."

    200 sites is not "massive", it's less than one in a million.

    Yesterday's story, presumably corrected by now, though seems none of the weenies report that was brief and minor.

    "At the time, many feared that this would be the thin end of the wedge, giving copyright companies an easy way to shut down other sites." -- Not many fear that now, after two years experience and yet the net goes on.

    Mike Masnick on Techdirt: "its typical approach to these things: take something totally out of context, put some hysterical and inaccurate phrasing around it, dump an attention-grabbing headline on it and send it off to the press."

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 12:23pm

    Re: Re:

    Question: is it ok to pirate pirate themed porn?

    "Yaaar I'll be having your booty!"

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 12:25pm

    Re: Re:

    Only if you're a quadriplegic retard, apparently.

    Or a Daily Mail reader.

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    That One Guy (profile), Aug 15th, 2013 @ 12:37pm

    You know what, no.

    I was going to type up a post pointing out the double-standards, the massive holes in logic, and the insulting nature of your post, but frankly, you're just not worth it.

    You're here to stir up a mess, not to debate, not discuss, so frankly it would be a waste of my time to treat you as more mature than you are.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 12:38pm

    All I see is dollar and pound signs flying around. Websites losing revenue due to totalitarian blocking measures, ISP's losing revenue due to the ever increasing costs of maintaining totalitarian blocking lists.

    Then there's the cultural and educational losses that will be incurred, due to totalitarian blocking

    It's simply a lose-lose situation. Incurring all kinds of public and business losses, all across the globe.

    Sounds about right for the human race. Expect nothing less.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 12:42pm

    Is it just blocking?

    Since I am from outside the UK, I have to ask: is this blocking simply blocking, as in purely dropping the packet or returning an ICMP administratively prohibited response?

    Or is it interception instead of blocking, where the request is redirected to an evil server, which answers pretending to be the original server?

    The Zooniverse blog post implies it is the later. If so, it is even more disturbing, as it is returning a counterfeit response to the client (which is not always a web browser), and strengthens the case for everyone to move to HTTPS-only (with certificate validation) as soon as possible.

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    Richard (profile), Aug 15th, 2013 @ 12:49pm

    Yesterday

    Yesterday our attempt to access a paper abput computational intelligence was blocked by websense with the explanation "category sex". The author works at the University of Essex - so this may be another instance of the Scunthorpe problem...

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Jasmine Charter, Aug 15th, 2013 @ 12:50pm

    What it shows is...

    What it shows is how complete ignorant and unqualified nearly ANY politician is to make ANY decision that remotely involves technology.

    We need to start awarding

    "Most technically ignorant" awards to politicians and make sure they get as much media coverage as possible.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 1:00pm

    Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    Some of the sites blocked are rather high profile, and the the incident has made the national news. You however would agree with the Premiere League that the sites should not be unblocked without their permission.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 1:04pm

    Re: Is it just blocking?

    As far as I understand it is a redirection at the IP address level. You cannot bypass it by using a different DNS thann your ISP's.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 1:30pm

    Re:

    You know you could have stuck withe saying, "a bull in a china shop", intend of demeaningly bring children in to this.

     

    reply to this | link to this | view in thread ]

  17.  
    icon
    Rikuo (profile), Aug 15th, 2013 @ 1:33pm

    Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    One site blocked by mistake is one site too many. This is the ability of people to make free speech online that is being threatened, but then again...you already knew that and you don't care. To you, no amount of collateral damage is too high, no amount of sites wrongfully shuttered is too high, as long as the copyright leeches get ever more and more power to block what they don't like.
    How come you're not railing against this clear abuse of power by the copyright corporations? What excuse are you going to trot out for your hypocrisy and double standards?

     

    reply to this | link to this | view in thread ]

  18.  
    icon
    That One Guy (profile), Aug 15th, 2013 @ 1:55pm

    Re: Re:

    But that would have been inaccurate, as Mythbusters have demonstrated, a bull in a china shop is actually very unlikely to break something.

    You're right though that kids shouldn't be demeaned by being compared to politicians, so maybe 'A politician in the budget room' should be the replacement saying?

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    That One Guy (profile), Aug 15th, 2013 @ 1:57pm

    Re: What it shows is...

    The problem is they seem to think being completely and utterly clueless about technology is something to be proud of, rather than an embarrassment and something that should disqualify them from making laws that affect technology.

     

    reply to this | link to this | view in thread ]

  20.  
    icon
    Modplan (profile), Aug 15th, 2013 @ 2:30pm

    ORG are also trying to make the court orders that demand blocking of sites public, which can be seen over at 451unavailable.org. Think chillingeffects.org for the UK, in a sense.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Quinn Wilde, Aug 15th, 2013 @ 2:50pm

    The worst thing about this story is that the Premier League were not only completely unapologetic about the overblocking, but they were actually angry with the ISPs who took unilateral steps to fix the screw up.

    They said "The court order that requires internet service providers to block this website clearly states that any issues they have in implementing the block must be raised with the Premier League before taking any further action."

    Can you imagine the size of the plums required for *that* to be your response to someone else cleaning up the collosal mess you made? Not 'thanks'. Not 'how can I repay you?' No. 'You should have left these other sites blocked till we said otherwise'.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 3:55pm

    this is the trouble when monkeys play, you get peanuts thrown back! Cameron ought to stick to politics. fucking that up only affects the UK. fucking with the Internet can screw things up for a much greater audience! when he thinks he knows more than his own advisors, such as Jimmy Whales, this is what happens! all those affected need to put in bills for the loss of service, going to court over it if necessary! he should also start listening to the people instead of just the self centered arse holes of the entertainment industries. they tell him how much they have lost by pulling a figure out of the air. he thinks the economy has then lost out rather than thinking the money went on other things, it didn't just vanish into thin air!

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    That One Guy (profile), Aug 15th, 2013 @ 3:57pm

    Re:

    Or other words:

    'Your quick fixing of the problem brought about by our poorly thought out and implemented system, rather than waiting for us to ignore it and only fix it when it got enough press attention we could show off to made us look bad, don't do it again.'

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 3:58pm

    could always get Claire Perry to sort it out. she seems to think it's an easy matter to filter out the things she doesn't want on the 'net! let her try!

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 5:15pm

    Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    '200 sites is not "massive", it's less than one in a million.'

    I see. So if someone kills 200 people, that would not count as a "massive" murder, since it's less than one in a million people. Makes sense to me.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 5:50pm

    Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    "little concern for the damage they cause

    What damage was caused?

    Answer: None.

    Absolutely none.

    Nothing but brief inconvenience for those too dumb to type 'www.'. Ohmagerd. How horrible...

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 6:35pm

    Re: Re:

    Yeah - why insult children like that? They are much better behaved.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Aug 15th, 2013 @ 10:48pm

    Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    A million isn't even that many, its less than a google!

    If a google of sites were taken down, then we you have real problems!

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    martyburns (profile), Aug 16th, 2013 @ 1:09am

    Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    Holy fuck. You absolute arsehole.

    If your business' website was blocked for no god damn reason how would you feel?

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    PaulT (profile), Aug 16th, 2013 @ 1:22am

    Re: Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    So, you're saying that the blocks are pointless, cause no damage and are easily routed around? What the hell's the point then? Why do you support them?

    Whatever. You're probably one of the idiots who bleats about your inane drivel being reported, even though they cause no damage and are equally easy to bypass.

     

    reply to this | link to this | view in thread ]

  31.  
    icon
    PaulT (profile), Aug 16th, 2013 @ 1:24am

    Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    Voted funny for the idea that someone as deluded and immature as ootb could run a business.

     

    reply to this | link to this | view in thread ]

  32.  
    icon
    PaulT (profile), Aug 16th, 2013 @ 1:27am

    Re: Yesterday

    It's rather depressing that this utterly predictable problem can be accurately described using a well known term coined nearly 2 decades ago.

     

    reply to this | link to this | view in thread ]

  33.  
    icon
    PaulT (profile), Aug 16th, 2013 @ 1:30am

    On a lighter note, I hadn't heard of Zooniverse till now, it looks pretty interesting.

     

    reply to this | link to this | view in thread ]

  34.  
    icon
    Ninja (profile), Aug 16th, 2013 @ 3:30am

    Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    Since many already responded I'll add to the mess:

    Anomalies. *RAGE* ANOMALIEEEESSSSS! *incoherent babbling* MY PRECIOUSSS!

    And just to emphasize your idiocy:

    Not many fear that now, after two years experience and yet the net goes on.

    Several million died on WWII yet humanity goes on. And seriously, only a few million in billions of people is not massive. No issues with gas chambers and all the mass killing. Right? Asshole ;)

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Pragmatic, Aug 16th, 2013 @ 5:54am

    Re: You know what, no.

    Ignore the troll.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Pragmatic, Aug 16th, 2013 @ 5:55am

    Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."

    She'd blame teh ebil Goooooglez, and everybody knows it.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Anonymous Coward, Aug 16th, 2013 @ 6:46am

    Re: OMG!

    When it comes to censorship of speech even one erroneous block is an outrage, let alone 200

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Myname, Aug 16th, 2013 @ 2:36pm

    And btw firstrosports

    ...is still accessible at http://www.firstrow.org

     

    reply to this | link to this | view in thread ]

  39.  
    icon
    Niall (profile), Aug 19th, 2013 @ 8:18am

    Re:

    Especially against as august and well-known/loved organisation as the Radio Times - and one which happens to be something that is supposed to be including/promoting your product.

    What would happen if the Radio Times decided to (inadvertently or deliberately) not mention Premier League games in their publications for a week or two?

     

    reply to this | link to this | view in thread ]

  40.  
    icon
    BabautaJr (profile), Aug 21st, 2013 @ 4:49am

    and meanwhile...

    Many proxies of firstrow appeared, e.g. http://www.firstrow.org and nothing changed. Whole UK is watching the match before 3PM.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This