November 22, 2011 archive

3 Whitepapers You Need To Read To Understand How SOPA Could Damage DNS And Decrease Security

US Capital
How exactly will the proposed "Stop Online Privacy Act (SOPA)" impact the DNS infrastructure of the Internet? What are the technical and engineering problems caused by the proposed bill? How will the bill actually DECREASE our national cybersecurity?

I covered the basics of SOPA (HR.3261) and its companion bill in the Senate, S.968, the "PROTECT-IP Act", last week and and in the time since I wrote that post the public opposition to SOPA has mounted dramatically as people have come to understand what exactly these bills will do. Like many, I applaud the intent of these bills to protect intellectual property, but am concerned that the mandated mechanism of "DNS filtering" proposed by these bills will have serious negative consequences.

If you want to understand the technical issues with the proposed mechanism, there are three whitepapers I would recommend for reading - and for sharing with your legislators. (I've sent the links in to my representatives.) I'd note that the first two documents were prepared back in the spring of 2011 to address the U.S. Senate's version, the PROTECT-IP Act, but the mechanism proposed in SOPA is essentially the same.

  • Internet Society Perspectives on Domain Name System (DNS) Filtering (direct link to English PDF)
    In this easy-to-read paper, the Internet Society explains why DNS filtering is not a solution, how the mechanism can be easily circumvented and how it will "not solve the problem, interfere with cross-border data flows and services, and undermine the Internet as a single, unified, global communications network." The document discusses the issues of "collateral damage" of website blockage, explains some of the non-technical issues and provides links to further resources.
  • Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill (PDF)
    This whitepaper was written by 5 of the leading DNS designers, operators and researchers and dives into significant technical depth. In particular, it looks at how the proposed DNS filtering mechanism would break the implementation of DNSSEC, a newer method being deployed to help secure the DNS infrastructure. The paper, too, addresses how easily DNS filtering can be bypassed (and provides very simple examples demonstrating this) and the security issues that come with that circumvention. It also looks at the "collateral damage" issue, the impact to content delivery networks (CDNs) and the overall impact that DNS filtering would have to the Internet.
  • Cybersecurity in the Balance: Weighing the Risks of the PROTECT IP Act and the Stop Online Piracy Act
    This recent paper from Allan A. Friedman, a Fellow at the Brookings Institution, frames the SOPA/PROTECT-IP debate in terms of the impact to national cybersecurity. It again covers the issues with DNS filtering, impacts to DNSSEC, unintended consequences, etc., but does so from the point-of-view of how this will affect the cybersecurity position of the U.S., both domestically and at an international level.

All three of these papers are good to read (and share) to understand the technical weaknesses of the proposed solutions in SOPA/PROTECT-IP.

Please do pass them along so that people can understand the technical issues with these proposed solutions.

Image credit: jasonippolito on Flickr

Please note that this blog post represents my personal opinion and has no connection whatsoever to any employers or other organizations, either past or present.

If you found this post interesting or useful, please consider either:

How The NFL Loses With Its Copyright Takedown Notices On Video Clips

I'm not a regular football fan. Sure, I enjoy watching a game if it's on somewhere and I might watch the playoffs or Super Bowl... but watching football is not part of my daily/weekly routine.

Still, when I saw an tweet about the video of an amazing touchdown run, I went to go look because such feats are often great to watch.

But... after pressing the "play" icon, here's what greeted me:


Yep, the NFL apparently issued a copyright claim to YouTube to have this clip taken down.


43 seconds.

My initial thoughts, of course, were extremely negative to the NFL ("What a bunch of losers!").

My second thought was... oh, well, there are a ton of other interesting sports and other video clips to see.

NFL Loss #1: Any Potential Interest I Might Have Had

Right then, the NFL had a moment to engage with me and remind me again of how exciting the game can be!

Maybe I might have said to myself that I should watch games some more and perhaps take up my brother-in-law on his invite to come over and watch the Patriots play. Maybe I might have read up more about what was going on within football. Maybe I might have looked for some other football video clips.

Regardless, I would have been more positive about football and the NFL.

Instead it just leaves me with a negative attitude toward the NFL and no further interest in looking for more football info.

I'm even less a fan now.

NFL Loss #2: Viral Sharing

Note the "Share This Story" part of the screenshot above:

Nflcopyrightclaim sharing

Consider those stats:

  • 831 people liked this page, with the result being that the link to this page went out in the new Facebook Ticker to be potentially seen by their friends. How many people might have seen that? hundreds? thousands?

  • 293 people specifically shared this post out into their Facebook NewsFeed, meaning that their friends would see it in their feeds. Once in Facebook it can be shared out again by others. Again, how many people? hundreds? thousands?

  • 8 people clicked the "tweet" button on this page. Countless others could have tweeted it out through other tools, or retweeted those tweets.

  • 25 people emailed it using this interface.

  • 4 people "+1"'d it.

And this only shows the numbers of people who shared the story using this widget. The story may have been shared many other times via other routes. The link to the video on YouTube may have been shared out through many other ways, too. (And YouTube no longer shows the stats for the video, so we have no idea how many people actually watched it.)

So how many people saw the link to this story? hundreds? thousands? more? fewer? Hard to say... but some number saw it and did what I did - clicked over to see what sounded like an interesting video to watch.

And all of them got the same message... that the NFL had a copyright claim on this particular video.

And odds are that they won't blame the news story or the Huffington Post for linking to the video... instead they'll mentally blame the NFL for asserting a copyright claim.

And there will be no further re-sharing...

43 Seconds

Now I completely "get" that the NFL needs to defend the copyright it has on it's content. I create my own content and have done so for many years both for myself and my various employers. I fully understand the need for protecting intellectual property.

But a 43 second video clip?

Granted, it might have been the most exciting 43 seconds of that entire game... I don't know, since I didn't watch it.

But would it have killed the NFL to make that short clip available?

It would really be "marketing" for the sport of football. It might have gotten more people talking about the sport ("Wow, did you see that amazing touchdown run?"). It would have spread virally as people shared it even more with others.

I know, I know... it's a "slippery slope" and if the NFL doesn't assert it's copyright where it can then it opens the doors for many others to post videos. And I don't know the rest of the story. Maybe this particular YouTube user has repeatedly posted copyrighted video clips. Maybe there's an "official" video clip that the NFL wants people to use... maybe... maybe... maybe...

But still, 43 seconds?

P.S. And a quick google search shows that the clip is still available on other sites...

If you found this post interesting or useful, please consider either: