Kazakh Government Takes Down 93k Websites To Site-Block A Single Massage Parlour

from the got-'em-though dept

Site blocking. When it comes to law enforcement and IP enforcement efforts, site blocking is the simple man's solution to a very complicated problem. The claim that floats out there in the ether is something like: hey, if we discover sites are breaking the law in some way, we can just order ISPs to block access to the site and the problem's solved. Despite that simplistic send up, the practice of blocking sites in this way inevitably leads to massive collateral damage and flat out abuse. And, yet, those that advocate for site blocking shrug their shoulders at this. After all, if you want to make an IP omelette, you have to break some percentage of the internet, right?

But the award for fucking this all up at scale must certainly go to the government of Kazakhstan, which wanted to take a massage parlor's website off of the internet for engaging in some very massage-parlor-y behavior, and managed to pull down 93,000 other websites along with it.

State censors trying to erase the web presence of an erotic massage emporium called Rainbow Spa back in late July did so by ordering the blocking of the site's IP address instead of its domain name.  The ban-happy block was targeted at two IP addresses, reported by local outlet Hola News as 185.165.123.36 and 185.165.123.206. The first of these hosts around 9,500 domains, while the second keeps just over 84,000 websites online.

Unfortunately for the bungling censors, these two IPs resolve to shared infrastructure in Russia – including a large number of websites hosted on the Tilda Publishing platform, a sort of Wordpress-style CMS-plus-prebuilt-skins intended for rapid deployment by the unskilled.

First, blocking a website by its IP address in 2019 is hilariously inept. Sites these days routinely share cloud infrastructure through providers. This isn't strictly some cost-cutting measure by web providers, but necessary to secure sites at scale against attack by filtering against malicious traffic. This is how hosts protect against DDoS attacks. To be handing the keys to blocking websites to people that very clearly haven't the slightest clue what they're doing is the kind of thing only national governments can do.

Tilda Publishing itself pointed this out.

Blocking a resource by IP address is an outdated and barbaric practice that has long been inconsistent with modern cloud-based IT technologies and access restriction mechanics.

And it's not just that there was so much collateral damage that makes all of this so damning for the Kazakh government. The massage parlor, as I type this, still has one of its websites up and live.

It's hard to imagine a better example of why we shouldn't allow government the power to block websites than this.

Filed Under: censorship, cloud computing, kazakhstan, site blocking


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    PaulT (profile), 27 Sep 2019 @ 12:41am

    "The first of these hosts around 9,500 domains, while the second keeps just over 84,000 websites online."

    But, I'm sure one of the regulars will be in here soon to tell us how an IP identifies an individual for the purposes of criminal prosecution...

    "The massage parlor, as I type this, still has one of its websites up and live."

    So, sadly typical of this kind of thing. Nearly 100,000 innocent people have potentially suffered, but the person they're supposed to be targeting may have barely noticed.


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Insider Shop - Show Your Support!

Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.