Massive Overblocking Hits Hundreds Of UK Sites
from the well,-there's-a-surprise dept
Two years ago, Techdirt reported on a very troubling ruling in the UK courts that BT had to block access to the Usenet service provider Newzbin2. At the time, many feared that this would be the thin end of the wedge, giving copyright companies an easy way to shut down other sites. And with that power, of course, would come the inevitable errors, blocking completely unrelated sites. Just how seriously those mistakes could be is shown by this recent case of massive overblocking, reported here on PC Pro:
Virgin Media and Sky-owned Be Broadband customers found they were unable to access the Radio Times website last week, after the ISPs’ anti-piracy filters included the site by accident. Telefonica, which still runs Be Broadband’s network said that the overblocking had actually affected around 200 legitimate websites.
Radio Times is a well-known UK TV and radio listings magazine; another major site affected was the citizen science project Zooniverse. As an Open Rights Group (ORG) post explains, the specific Radio Times address that was blocked was radiotimes.com, while www.radiotimes.com continued to function. Here’s why:
Many third-party load balanced systems, for example those using Amazon’s AWS [Amazon Web Services] infrastructure, are enabled by pointing CNAME records at names controlled by those third-party systems. For example www.example.com may be pointed at loadbalancer.example.net. However, “example.com” usually cannot be directly given a CNAME record (CNAME records cannot be mixed with the other record types needed such as those pointing to nameservers and mailservers). A common approach is to point “example.com” to a server that merely redirects all requests to “www.example.com”.
From forum posts we can see that it’s this redirection system, in this specific case an A record used for “http-redirection-a.dnsmadeeasy.com”, that has been blocked by the ISPs — probably a court-order-blocked site is also using the service — making numerous sites unavailable for any request made without the “www” prefix.
As ORG surmised, the problem arose from a UK court decision handed down last month that allowed the Football Association Premier League Limited to block FirstRow Sports, a site for live-streaming sports events. It turned out that the latter used the redirection service http-redirection-a.dnsmadeeasy.com, which was then blocked as part of the court order. Unfortunately, hundreds of other sites, which also used that redirection service, were also blocked as a result.
This is a classic case of overblocking, but on a scale hitherto unseen in the UK. It shows why such Web blocks are very crude instruments, and how easily they can go wrong for quite subtle technical reasons. The problem is that the companies seeking the blocks can make mistakes, but the ISPs implementing the blocks don’t want to become responsible for checking that the blocks are correct, and thus implement whatever is sent to them.
A post on the Zooniverse blog explains why this is so problematic:
The fact that the court could issue an order which didn’t see this coming and that the ISPs would act on it without checking that what they were doing was sensible is, in my opinion, extremely worrying. It shows how little power we as operators of a website have — there are no guarantees that our hard work will travel along the little tubes that make up the internet to make it to your computer, and — although Virgin were nice in this case — it’s disturbing to think we would have had no redress had they decided to keep blocking us. In the midst of a huge political argument in the UK about filtering content online, it’s worth bearing in mind how a simple attempt by a multi-billion pound business to protect its revenue stream ended up, by complete and careless accident, preventing science getting done at the Zooniverse.
Sadly, we can probably expect things to get worse, as copyright companies resort to this approach more often, more mistakes are made, and more overblocks occur with little concern for the damage they cause.
Follow me @glynmoody on Twitter or identi.ca, and on Google+
Filed Under: censorship, copyright, filters, overblocking
Companies: premiere league
Comments on “Massive Overblocking Hits Hundreds Of UK Sites”
It’s like letting two-year-old brats loose in a china shop.
Re: Re:
You know you could have stuck withe saying, “a bull in a china shop”, intend of demeaningly bring children in to this.
Re: Re: Re:
But that would have been inaccurate, as Mythbusters have demonstrated, a bull in a china shop is actually very unlikely to break something.
You’re right though that kids shouldn’t be demeaned by being compared to politicians, so maybe ‘A politician in the budget room’ should be the replacement saying?
Re: Re: Re:
Yeah – why insult children like that? They are much better behaved.
Futile Luddism.
Why dont they just admit it?
The United Kingdom is now Airstrip One…
Glad I live in the US… oh wait…
Same thing will happen when fat Dave’s porn filters come into effect.
People never learn.
Re: Re:
Can’t stop piracy. Can’t stop porn.
But we can TOTALLY stop pirated porn… right?!?
Re: Re: Re:
Question: is it ok to pirate pirate themed porn?
“Yaaar I’ll be having your booty!”
Re: Re: Re:
Only if you’re a quadriplegic retard, apparently.
Or a Daily Mail reader.
OMG! "included the site by accident. ... around 200 legitimate websites."
200 sites is not “massive”, it’s less than one in a million.
Yesterday’s story, presumably corrected by now, though seems none of the weenies report that was brief and minor.
“At the time, many feared that this would be the thin end of the wedge, giving copyright companies an easy way to shut down other sites.” — Not many fear that now, after two years experience and yet the net goes on.
Mike Masnick on Techdirt: “its typical approach to these things: take something totally out of context, put some hysterical and inaccurate phrasing around it, dump an attention-grabbing headline on it and send it off to the press.”
Re: You know what, no.
I was going to type up a post pointing out the double-standards, the massive holes in logic, and the insulting nature of your post, but frankly, you’re just not worth it.
You’re here to stir up a mess, not to debate, not discuss, so frankly it would be a waste of my time to treat you as more mature than you are.
Re: Re: You know what, no.
Ignore the troll.
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
Some of the sites blocked are rather high profile, and the the incident has made the national news. You however would agree with the Premiere League that the sites should not be unblocked without their permission.
Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
“little concern for the damage they cause
What damage was caused?
Answer: None.
Absolutely none.
Nothing but brief inconvenience for those too dumb to type ‘www.’. Ohmagerd. How horrible…
Re: Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
So, you’re saying that the blocks are pointless, cause no damage and are easily routed around? What the hell’s the point then? Why do you support them?
Whatever. You’re probably one of the idiots who bleats about your inane drivel being reported, even though they cause no damage and are equally easy to bypass.
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
One site blocked by mistake is one site too many. This is the ability of people to make free speech online that is being threatened, but then again…you already knew that and you don’t care. To you, no amount of collateral damage is too high, no amount of sites wrongfully shuttered is too high, as long as the copyright leeches get ever more and more power to block what they don’t like.
How come you’re not railing against this clear abuse of power by the copyright corporations? What excuse are you going to trot out for your hypocrisy and double standards?
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
‘200 sites is not “massive”, it’s less than one in a million.’
I see. So if someone kills 200 people, that would not count as a “massive” murder, since it’s less than one in a million people. Makes sense to me.
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
A million isn’t even that many, its less than a google!
If a google of sites were taken down, then we you have real problems!
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
Holy fuck. You absolute arsehole.
If your business’ website was blocked for no god damn reason how would you feel?
Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
Voted funny for the idea that someone as deluded and immature as ootb could run a business.
Re: Re: OMG! "included the site by accident. ... around 200 legitimate websites."
She’d blame teh ebil Goooooglez, and everybody knows it.
Re: OMG! "included the site by accident. ... around 200 legitimate websites."
Since many already responded I’ll add to the mess:
Anomalies. RAGE ANOMALIEEEESSSSS! incoherent babbling MY PRECIOUSSS!
And just to emphasize your idiocy:
Not many fear that now, after two years experience and yet the net goes on.
Several million died on WWII yet humanity goes on. And seriously, only a few million in billions of people is not massive. No issues with gas chambers and all the mass killing. Right? Asshole 😉
Re: OMG!
When it comes to censorship of speech even one erroneous block is an outrage, let alone 200
All I see is dollar and pound signs flying around. Websites losing revenue due to totalitarian blocking measures, ISP’s losing revenue due to the ever increasing costs of maintaining totalitarian blocking lists.
Then there’s the cultural and educational losses that will be incurred, due to totalitarian blocking
It’s simply a lose-lose situation. Incurring all kinds of public and business losses, all across the globe.
Sounds about right for the human race. Expect nothing less.
Is it just blocking?
Since I am from outside the UK, I have to ask: is this blocking simply blocking, as in purely dropping the packet or returning an ICMP administratively prohibited response?
Or is it interception instead of blocking, where the request is redirected to an evil server, which answers pretending to be the original server?
The Zooniverse blog post implies it is the later. If so, it is even more disturbing, as it is returning a counterfeit response to the client (which is not always a web browser), and strengthens the case for everyone to move to HTTPS-only (with certificate validation) as soon as possible.
Re: Is it just blocking?
As far as I understand it is a redirection at the IP address level. You cannot bypass it by using a different DNS thann your ISP’s.
Yesterday
Yesterday our attempt to access a paper abput computational intelligence was blocked by websense with the explanation “category sex”. The author works at the University of Essex – so this may be another instance of the Scunthorpe problem…
Re: Yesterday
It’s rather depressing that this utterly predictable problem can be accurately described using a well known term coined nearly 2 decades ago.
What it shows is...
What it shows is how complete ignorant and unqualified nearly ANY politician is to make ANY decision that remotely involves technology.
We need to start awarding
“Most technically ignorant” awards to politicians and make sure they get as much media coverage as possible.
Re: What it shows is...
The problem is they seem to think being completely and utterly clueless about technology is something to be proud of, rather than an embarrassment and something that should disqualify them from making laws that affect technology.
ORG are also trying to make the court orders that demand blocking of sites public, which can be seen over at 451unavailable.org. Think chillingeffects.org for the UK, in a sense.
The worst thing about this story is that the Premier League were not only completely unapologetic about the overblocking, but they were actually angry with the ISPs who took unilateral steps to fix the screw up.
They said “The court order that requires internet service providers to block this website clearly states that any issues they have in implementing the block must be raised with the Premier League before taking any further action.”
Can you imagine the size of the plums required for *that* to be your response to someone else cleaning up the collosal mess you made? Not ‘thanks’. Not ‘how can I repay you?’ No. ‘You should have left these other sites blocked till we said otherwise’.
Re: Re:
Or other words:
‘Your quick fixing of the problem brought about by our poorly thought out and implemented system, rather than waiting for us to ignore it and only fix it when it got enough press attention we could show off to made us look bad, don’t do it again.’
Re: Re:
Especially against as august and well-known/loved organisation as the Radio Times – and one which happens to be something that is supposed to be including/promoting your product.
What would happen if the Radio Times decided to (inadvertently or deliberately) not mention Premier League games in their publications for a week or two?
this is the trouble when monkeys play, you get peanuts thrown back! Cameron ought to stick to politics. fucking that up only affects the UK. fucking with the Internet can screw things up for a much greater audience! when he thinks he knows more than his own advisors, such as Jimmy Whales, this is what happens! all those affected need to put in bills for the loss of service, going to court over it if necessary! he should also start listening to the people instead of just the self centered arse holes of the entertainment industries. they tell him how much they have lost by pulling a figure out of the air. he thinks the economy has then lost out rather than thinking the money went on other things, it didn’t just vanish into thin air!
could always get Claire Perry to sort it out. she seems to think it’s an easy matter to filter out the things she doesn’t want on the ‘net! let her try!
On a lighter note, I hadn’t heard of Zooniverse till now, it looks pretty interesting.
And btw firstrosports
…is still accessible at http://www.firstrow.org
and meanwhile...
Many proxies of firstrow appeared, e.g. http://www.firstrow.org and nothing changed. Whole UK is watching the match before 3PM.