Why PROTECT IP Breaks The Internet

from the collateral-damage dept

Last year, after the entertainment foisted COICA on an unsuspecting public, Paul Vixie -- a guy you should listen to when he's concerned about the technical impact of something on the internet -- explained why COICA's reliance on DNS block was incredibly stupid. Not only would it not work, but it would fundamentally fracture the way the internet works, creating massive collateral damage. Last week, when the Senate Judiciary Committee pushed forward with PROTECT IP, we mentioned in passing a new report from Vixie and other internet technology gurus explaining why PROTECT IP's focus on the DNS system would cause tremendous damage. While we had mentioned it, lots of folks keep submitting it, and judging from the ridiculous claims of those in favor of PROTECT IP, the folks in DC pushing for this bill are apparently still ignorant of what the report says -- so we're posting about it again. The report, titled Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill (pdf) is worth a read. The five authors are incredibly well respected, and the entertainment industry folks who are trying to claim this paper can be ignored are going to come out of this looking quite silly.

These are concerns that shouldn't be taken lightly. The paper's authors also make it clear that they're not in favor of infringement, and in fact support enforcement of IP laws. They just recognize that this particular solution is dumb and counterproductive:
Two likely situations ways can be identified in which DNS filtering could lead to non-targeted and perfectly innocent domains being filtered. The likelihood of such collateral damage means that mandatory DNS filtering could have far more than the desired effects, affecting the stability of large portions of the DNS.

First, it is common for different services offered by a domain to themselves have names in some other domain, so that example.com’s DNS service might be provided by isp.net and its e-mail service might be provided by asp.info. This means that variation in the meaning or accessibility of asp.info or isp.net could indirectly but quite powerfully affect the usefulness of example.com. If a legitimate site points to a filtered domain for its authoritative DNS server, lookups from filtering nameservers for the legitimate domain will also fail. These dependencies are unpredictable and fluid, and extremely difficult to enumerate. When evaluating a targeted domain, it will not be apparent what other domains might point to it in their DNS records.

In addition, one IP address may support multiple domain names and websites; this practice is called “virtual hosting” and is very common. Under PROTECT IP, implementation choices are (properly) left up to DNS server operators, but unintended consequences will inevitably result. If an operator or filters the DNS traffic to and from one IP address or host, it will bring down all of the websites supported by that IP number or host. The bottom line is that the filtering of one domain name or hostname can pull down unrelated sites down across the globe.

Second, some domain names use “subdomains” to identify specific customers. For example, blogspot.com uses subdomains to support its thousands of users; blogspot.com may have customers named Larry and Sergey whose blog services are at larry.blogspot.com and sergey.blogspot.com. If Larry is an e-criminal and the subject of an action under PROTECT IP, it is possible that blogspot.com could be filtered, in which case Sergey would also be affected, although he may well have had no knowledge of Larry’s misdealings. This type of collateral damage was demonstrated vividly by the ICE seizure of mooo.com, in which over 84,000 subdomains were mistakenly filtered.
The defenders of propping up the business models of dying industries will brush these unintended consequences as no big deal or a "small issue" at the expense of "saving" the entertainment industry. This is because they don't understand the technology at play, the First Amendment or the nature of collateral damage. It's pretty ridiculous in this day and age that we still have to deal with technically illiterate "policy people" and politicians trying to regulate technology they clearly have little knowledge about. Only those who don't understand the technology think the collateral damage described above is minimal.

Filed Under: dns, internet, paul vixie, protect ip

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    HothMonster, 1 Jun 2011 @ 1:26pm

    Re: Re: Re: Re: Re: Re: Re: Re: Re:

    funny that you bring up newspapers to support your point.

    Newspapers are having the same trouble as the music gatekeepers. They used to be the only way for a journalist to reach a large audience. Now people have started getting their news from the internet where a journalist/author can produce his content without the assistance of a gatekeeper. We see a new style of content delivery gaining ground for news and classic newspapers are finding they have to adapt to stay in business. The demand for news and talented people delivering news has not declined but the supply of news sources has grown by a ridiculous amount while at the same time the margins for producing and distributing that news have greatly diminished. It is greatly parallel to the state of the recording industry.

    "The distribution is independent of the product. Record labels sell their music via CD, digital downloads, vinyl, tapes, and other methods (including streaming). The distribution is part of but separate from the creation part, which the labels also participate in, by financing recordings, by providing staff such as producers, recording engineers, and so on. Labels often have song writers on staff or on contract who can work with artists to refine their material before recording."

    This is true. Although 30 years ago to have a record produced that had the potential to reach millions of people you needed to go through a major label. Today you have a practically free content delivery system that allows you to reach the entire globe. Also the equipment needed to record and master a studio quality album used to be very costly, now with a little know how you can produce something of great quality on a mac book.

    Now the problem arises because the recording industry wants to stick with the old 1989 way of doing things because it netted them amazing profits. This means regaining and maintaining their position as gatekeepers and refusing to adjust price points for new modes of delivery.

    The were able to make these profits because it was a very small industry (the number of major players) and a very restricted industry (the amount of money required to be a major player). They used to hold all the cards and if an artist wanted to reach millions of fans they had to go through the existing industry. Now that door is open and the industry wants to close it as fast as possible before all their control is gone. Today you can see more and more minor labels reaching large audiences and representing major artists. You see more already established artists experimenting outside of the profit margins of the industry. But in much the same way that over 1/3 of Steam users still use windows xp people, as a whole, tend to accept change slowly and the industry has one last chance to stifle many of the technologies that shift the power from their hands into that of the content producer before the majority begins to move to these new and alternative means of production and distribution.

    The other reason I mention was the refusal to adjust price points. The cost of a cd was justified by the production of physical media, all the trappings that media was stored in, and the delivery of that media. So why should a digital copy of a cd cost the same amount(or often times more if you buy by song) as an actual cd, case, and liner notes that had to be physically created, physically packaged and physically driven across the country? The only reason is so they can continue selling cds. There is no reason digital songs cant be a fraction of their current cost except it would (probably) hurt cd sales. There is no reason entire back catalogs can't be pulled up and released for a few dollars for an entire artists discography (I mean old stuff that is currently unavailable on physical media could be re-released for a few dollars an album instead of the same cost as a new album). Why are old early 80s tv shows the same price as brand new tv shows? There is no reason except maintaining a high fixed price across the market is good for the gatekeepers; not the artist, not the consumer just the label.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.