Cogent Accidentally Blocks Websites In Global Ham-Fisted Piracy Filtering Effort

from the scorched-earth dept

Last week, reports began to emerge that internet users were unable to access The Pirate Bay and other BitTorrent-focused websites. Ultimately it was discovered that this was courtesy of transit provider Cogent, which was blackholing an undetermined number of IP addresses allegedly linked to copyright infringement. The IP addresses in question didn't belong to the websites -- but to popular CDN provider Cloudflare. All told, Cogent's blockade impacted around twenty different websites -- but the impact was global, with ISP users worldwide unable to access these IP addresses if they traveled the Cogent network.

Initially, Cogent wouldn't comment whatsoever on why this was occurring, but later confirmed to Ars Technica that the company had received a Spanish court order (it's not clear if it's the same 2015 order demanding Cogent block access to music streaming website Goear.com). Cogent was vague about the order itself, but did confirm that The Pirate Bay was blocked -- despite it not being a target of the court order. Subsequent routing checks confirmed the impact was global across Cogent's footprint.

As we've seen time and time again, actual pirates with just a modicum of technical knowledge utilize a variety of tools (VPNs most specifically) to tap dance around such restrictions, making these filtering efforts ham-fisted "solutions" that cause more problems for the internet and end users than they traditionally solve. In talking to Ars, Cogent acknowledged the potential "collateral impact" that such orders and filters can cause, especially when applied globally at scale to multihosting transit operators like Cloudfare, where one IP address may be home to multiple, unrelated websites:

"Cogent went on to say that “as a general matter, courts may require Cogent, as an ISP, to take certain actions with respect to a third-party website, an IP address or block of IP addresses. If Cogent’s customer decides to commingle traffic from the website that is the target of the court order with the traffic of other websites, the other websites that point to the same block of IP addresses may be adversely affected. When a Cogent customer controls the affected IP addresses, Cogent does not have the ability to know ahead of time what other websites may be affected or to control the collateral impact on these other websites. When collateral effects occur, we do work with our customer to try and mitigate the effects on others websites."

While U.S. net neutrality rules do prohibit network providers from blocking specific websites, exceptions were carved into the rules governing copyright infringement. Cloudfare, which helps websites improve performance and fend off DDoS attacks, can manage its IP addresses in such a way to help Cogent comply with court orders more narrowly. But this becomes arguably untenable when dealing with multiple court orders, all dealing with different websites and ISPs at global scale. Take the kind of filtering collateral damage we've long seen, and apply it globally in disjointed chorus.

Cloudfare often pops up as an entertainment industry bogeyman simply because its services often obscure the real origin server from the end users. But Cloudfare's General Counsel Doug Kramer was quick to complain that these sorts of orders, especially if poorly crafted and targeting core transit networks, can have a broad impact on the general health of the internet:

"This is part of the danger you get into when you start to censor the Internet or you get orders to pull things down,” Kramer said. “It may not be so easy to limit access to a specific domain," or to make sure a block applies only in a certain country. Cogent, and not Cloudflare, is the company that had to implement the block, but Cloudflare is “trying to set up a technical system where Cogent can respond to the order that they’ve been given, but within the narrow scope of that and not have impacts that go beyond that," Kramer said."

Kramer also pointed out that it might be important to understand how the internet works before you set about chopping giant holes in it via court order:

"It’s important for courts to understand how Internet systems work so they can write orders that don’t end up having unintended consequences,” Kramer stresses. "As a company, Cloudflare believes strongly in an open, free, and secure Internet. And it is also our policy to fully comply with legitimate court process," Cloudflare’s General Counsel says. "This can be challenging at times, especially when courts target backbone providers and don’t understand fully how they work. Cloudflare takes steps to make sure those court orders don’t lead to unintended impacts."

Take the non-transparent, ham-fisted, and ultimately futile filtering efforts we've come to know and love, and apply them at global scale, with little to no real concern about the obvious unintended impact on the health of the internet itself. What could possibly go wrong?


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Machin Shin (profile), 21 Feb 2017 @ 11:26am

    These are times where if I ran a company like that I would resort to "malicious obedience".

    They come and start talking about things they don't understand and giving stupid demands, instead of trying to explain things you just follow their demands EXACTLY.

    Then toss up a nice big splash page explaining to the millions of customers why a large chunk of the internet took a dive.

    Odds are the massive backlash from millions of customers against those idiots will do much better at teaching them then you ever could.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 Feb 2017 @ 11:32am

      Re:

      No only that, but imagine the backlash from businesses. Would be seriously hilarious for the big media companies to get blocked hard and blocked for a while too by saying we discovered potentially infringing material on your sites and as you requested... they got blocked!

      mwuahahahaaaaaaa!!!

      reply to this | link to this | view in chronology ]

    • icon
      Mononymous Tim (profile), 21 Feb 2017 @ 3:07pm

      Re:

      Sounds good to me! I'm all for teaching people lessons by doing my job.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2017 @ 2:06pm

    "While U.S. net neutrality rules do prohibit network providers from blocking specific websites..."

    Until the orange rat decides otherwise after one of his middle of the night tweets...

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Feb 2017 @ 5:08am

      Re:

      Make the internet great again. It will be the greatest evv-are. It will be soooo great you will get tired of it being so great.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 Feb 2017 @ 5:29pm

    "Take the non-transparent, ham-fisted, and ultimately futile filtering efforts we've come to know and love, and apply them at global scale, with little to no real concern about the obvious unintended impact on the health of the internet itself. What could possibly go wrong?"

    SOPA.

    reply to this | link to this | view in chronology ]

  • identicon
    Cowardly Lion, 22 Feb 2017 @ 2:11am

    Scope

    I'm genuinely baffled as to why Cogent Communication, a US based company, would jeopardize their business by (mis)interpreting the order of a Spanish court whose jurisdiction ends on the eastern shore of the Atlantic.

    Yes, I get it that they likely have infrastructure in Spain, but whereas a company like Google seems to be able to (mainly) limit the impact of a bizarre court order to the originating country's borders, Cogent seems to have applied this globally.

    I would have expected better from a communications company.

    reply to this | link to this | view in chronology ]

  • icon
    Peter (profile), 22 Feb 2017 @ 4:27am

    All of Spain or some of the world

    Maybe next time when some local stakeholder wants to block a chunk of the internet worldwide, the service provider can block all of the internet for the offending country instead?

    Solves the problem just as well, and helps the locals to understand the implications of their request.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer
Anonymous number for texting and calling from Hushed. $25 lifetime membership, use code TECHDIRT25
Report this ad  |  Hide Techdirt ads
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.