Please create an account to participate in the Slashdot moderation system


Forgot your password?

What a 'Six Strikes' Copyright Notice Looks Like 273

The new Copyright Alert System, a.k.a. the 'Six Strikes' policy, went into effect on Monday. Comcast and Verizon activated it today. Ars Technica asked them and other participating ISPs to see the copyright alerts that will be sent to customers who have been identified as infringing. Comcast was the only one to grant their request, saying that a "small number" of the alerts have already been sent out. The alerts will be served to users in the form of in-browser popups. They explain what triggered the alert and ask the user to sign in and confirm they received the alert. (Not admitting guilt, but at least closing off the legal defense of "I didn't know.") The article points out that the alerts also reference an email sent to the Comcast email address associated with the account, something many users not be aware of. The first two notices are just notices. Alert #5 indicates a "Mitigation Measure" is about to be applied, and that users will be required to call Comcast's Security Assurance group and to be lectured on copyright infringement. The article outlines some of the CAS's failings, such as being unable to detect infringement through a VPN, and disregarding fair use. Comcast said, "We will never use account termination as a mitigation measure under the CAS. We have designed the pop-up browser alerts not to interfere with any essential services obtained over the Internet." Comcast also assures subscribers that their privacy is being protected, but obvious that's only to a point. According to TorrentFreak, "Comcast can be asked to hand over IP-addresses of persistent infringers, and the ISP acknowledges that copyright holders can then obtain a subpoena to reveal the personal details of the account holder for legal action."
This discussion has been archived. No new comments can be posted.

What a 'Six Strikes' Copyright Notice Looks Like

Comments Filter:
  • by dougmc ( 70836 ) <> on Thursday February 28, 2013 @04:27AM (#43032199) Homepage

    That is complete and utter non-sense. Checking a certificate is sufficient to solve this problem.

    The "problem" being that your http streams are mucked with? You don't seem to understand the situation then ...

    1) certificates are only used by SSL connections. Most web pages are still plaintext HTTP, not HTTPS.

    2) even if you do look at the certificate and see that it's not what it should be (and therefore reject it) -- you're still not getting the page you asked for. At best, "checking a certificate" will allow you to avoid seeing their warning. Which might be nice, but things are *still* going to break until you see it and click "Click to Close" or whatever they have on it.

    3) they might not do MITM attacks on http requests, but instead DNS requests. So you look up *anything*, and it gives you the address of their server that gives these notices. That will break *everything* until you click on it, not just http requests. (Thought it would work if you didn't rely on DNS requests going out for whatever reason.)

  • by ledow ( 319597 ) on Thursday February 28, 2013 @10:29AM (#43033931) Homepage

    It's not hard to transparently forward packets to a particular server. We do it all the time for HTTP, and for DNS it's just a matter of changing the port on an iptables line.

    Given me being the only gateway at the other end of your connection, I can screw with anything you do if I want. Once you're marked as "restricted", you could basically end up on an internal VLAN that prevents all outside access. It's not even that difficult without VLAN-specific support, these people are being trusted by you to talk to or whatever on your behalf anyway and return the packets - there's nothing stopping them setting up an "offline" Internet with just being redirected wherever they like.

    You *think* you're talking to but it's really just my internal DNS returning always "", which (although it is also a valid external IP address) is really just an internal address that I put a webpage up at.

    Until you click "I agree", you don't get put back on the normal network, and the restricted network can block anything and everything.

    If you need a real-world example, go to a wifi hotspot. You can do what you like and set what settings you like, but until you pay money through their portal page, nothing will resolve properly, not even google's DNS servers. Every page you try to access will go to the captive portal webpage. And then, when you're authorised, it'll go back to "normal" and you can send email, use Google's servers, etc.

    Just because you think you're being clever, doesn't mean it'll work. As a further hint, how does the SSL certificate for any page verify that you're on without trusting the DNS response from the network (answer, it doesn't). Sure, there are solutions (DNSSEC, etc.)

  • by ultrasawblade ( 2105922 ) on Thursday February 28, 2013 @10:50AM (#43034169)

    OpenDNS takes queries on 5353, tcp and udp. Also you could do all your DNS queries over Tor.

In the realm of scientific observation, luck is granted only to those who are prepared. - Louis Pasteur