Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Piracy Networking The Courts The Internet

Sony Leaks Reveal Hollywood Is Trying To Break DNS 388

schwit1 sends this report from The Verge: Most anti-piracy tools take one of two paths: they either target the server that's sharing the files (pulling videos off YouTube or taking down sites like The Pirate Bay) or they make it harder to find (delisting offshore sites that share infringing content). But leaked documents reveal a frightening line of attack that's currently being considered by the MPAA: What if you simply erased any record that the site was there in the first place? To do that, the MPAA's lawyers would target the Domain Name System that directs traffic across the internet.

The tactic was first proposed as part of the Stop Online Piracy Act (SOPA) in 2011, but three years after the law failed in Congress, the MPAA has been looking for legal justification for the practice in existing law and working with ISPs like Comcast to examine how a system might work technically. If a takedown notice could blacklist a site from every available DNS provider, the URL would be effectively erased from the internet. No one's ever tried to issue a takedown notice like that, but this latest memo suggests the MPAA is looking into it as a potentially powerful new tool in the fight against piracy.
This discussion has been archived. No new comments can be posted.

Sony Leaks Reveal Hollywood Is Trying To Break DNS

Comments Filter:
  • by gstoddart ( 321705 ) on Wednesday December 17, 2014 @11:07AM (#48617471) Homepage

    The MPAA et al feel they have the right to undermine every bit of technology to server their purposes. They want veto over all new technology to ensure that it aligns with their goals, and makes sure their rent seeking is entrenched in law.

    Sony was more than willing to spread malware, and as a cartel these clowns have way too much sway over governments, and seem to think they can act with impunity.

    Want the sure file way to the shitty oligarchy of the future? Keep letting these bastards call the shots.

    I don't know who actually is behind this attack, but I'm starting to applaud them.

    Sony and the other members of the MPAA are out of control, and pretty much deserve to be burned to the ground for the crap they do.

    • Comment removed (Score:5, Interesting)

      by account_deleted ( 4530225 ) on Wednesday December 17, 2014 @11:29AM (#48617721)
      Comment removed based on user account deletion
      • ...but now I'm going to go see it anyway. You should really encourage all of your friends to do the same.

        Getting to sound like a good PR campaign now.. It'll probably still flop. It sounds like a real stinker.

      • Will you also be quoting the National Enquirer in your quest to demonize anyone questioning the MPAA and/or Sony's behavior?

        Do you believe that vigilantism is always wrong? Robin Hood was criminal stealing from "rich" who used criminal means of gaining wealth, and the peasants he was giving money to should have lynched him on the spot? (I realize this one is a fable, but a well known one and high on moral fabric).

        If you don't believe vigilantism is always wrong, where do you think the line should be? Big

    • by geekoid ( 135745 )

      If I broke into your house, and dug up all your secrets and then revealed them to the world, should I be applauded if I find out you where doing something 'wrong'?

      • by gstoddart ( 321705 ) on Wednesday December 17, 2014 @11:38AM (#48617861) Homepage

        Well, it's kind of like Snowden. Everybody knew they were doing something wrong. The sheer magnitude of it is slowly coming to light. Nobody started off with the illusion they were innocent before this.

        I'm torn, I really am. On the one hand, yes, hacking and extortion bad.

        On the other hand, I find multinational corporations like Sony to be complete douchebags, who will do anything to advance their own goals, at the expense of everyone else on the planet, and with the assistance of governments who have been willing to stick it to their citizens to protect corporate interests, largely because the politicians are on the fucking payroll.

        And then I want to go all Tyler Durden on them because I'm getting tired of the oligarchy and the asshole politicians enabling it.

        You don't keep a free society by making it beholden to corporations who tell us what we can and can't do.

        • by tnk1 ( 899206 ) on Wednesday December 17, 2014 @01:38PM (#48619191)

          The hackers are totally wrong. So is Sony.

          Sony is getting egg on their faces, and the hackers may eventually get caught. Both parties may well get theirs.

          And thanks to them, I get to see a real life version of "Swimming with Sharks". That's the positive.

          The big negative would be if this becomes yet another excuse for Sony to break the Internet with trying to cover their own asses by making everyone else do their work for them. And in that sense, that is the negative for having both Sony, and hackers who attack Sony existing. Sony will never fix their security, just like they won't fix their distribution. That would require effort. They'll just try and buy regulations that make other people have to jump through hoops so they can continue to store their master password list on unsecured shares on their open network and continue to use various pricing schemes to make people pay more for the same product.

    • And they have a better track record of enforcing the people's will than the supreme court at the moment when it comes to Sony.

      • by Mashiki ( 184564 )

        Well, they also have a great way of enforcing justice on anyone who disagrees with them too. The gulags, cannibalism, and eating tree bark sound wonderful this time of year.

    • People should be bashing sony for doing a shit job at being sony, but the MPAA is not only Sony.

      Meanwhile, the irony of attempting to break DNS is that it's going to come full circle and harm the MPAA. So they really aren't paying attention to what scorched earth tactics really do.

  • Go ahead (Score:5, Funny)

    by cdrudge ( 68377 ) on Wednesday December 17, 2014 @11:08AM (#48617473) Homepage

    If a takedown notice could blacklist a site from every available DNS provider, the URL would be effectively erased from the internet.

    Good strategy. Go ahead with that plan and let us know how that turns out.

    • So then we all get to subscribe to $10-30/yr private DNSs which aren't poisoned, I presume. It's not like I'm using my ISP for my DNS.

    • Meanwhile, in a forgotten corner of the internet, InterNIC cackles with glee as its plan comes together.

    • Re:Go ahead (Score:4, Interesting)

      by StikyPad ( 445176 ) on Wednesday December 17, 2014 @11:27AM (#48617705) Homepage

      Exactly. There's nothing frightening about this at all; it's a nuisance at best for the sites. Between using IP addresses directly, or editing a hosts file, or switching to an offshore DNS server, it's all of a 30 second delay.

      For sites dedicated to piracy, it won't make the slightest difference in traffic. The demand is there, so people will seek out the product. The idea that making it marginally (or even substantially) more difficult to find will reduce demand is like saying "If Barnes and Noble doesn't carry pornography, there won't be any demand!"

      Is piracy morally justifiable? Not really. In the end, someone is going around the rules of society for personal gain. Still, available evidence suggests that the actual economic damage is minimal, at worst, and possibly that it's helpful to the bottom line. People who pirate seem mostly to be people who wouldn't pay anyway, so they're not really lost as customers. Additionally, word of mouth can help the popularity of films, regardless of whether that opinion came from a free screening, a paid viewing, or a pirated download. From a practical standpoint, it doesn't make sense to focus efforts on stamping out something that's so benign. In other words, we shouldn't tolerate measures that negatively impact the rest of society to protect one group from an imaginary harm.

  • Comment removed (Score:5, Insightful)

    by account_deleted ( 4530225 ) on Wednesday December 17, 2014 @11:08AM (#48617477)
    Comment removed based on user account deletion
    • by geekmux ( 1040042 ) on Wednesday December 17, 2014 @11:42AM (#48617909)

      If they break DNS, we'll just move to a shadow system, whether based on hosts or just another flavor of DNS.

      Fuck them.

      That "shadow" system you speak of could in fact be the catalyst we've all been waiting for to push the majority into IPv6 space.

    • DNS was created in 1984 to replace the old flat HOSTS.TXT system, at which time the file contained only "several thousand" entries, according to one source I found. Maintenance and distribution of the file was already becoming a problem by that point.

      The oldest actual HOSTS.TXT file I found for download was from 1990, and contained about 9,200 lines. (No link; don't want to spam someone's Internet history server just to prove a point. Do your own Googling if you don't believe me.)

      There are single data cente

      • Comment removed based on user account deletion
        • by tangent ( 3677 )

          Distributed darknet crypto-geeks have a pretty poor track record of creating unbreakable systems, too.

          SSL/TLS: Launched 1994, sold as impervious, significantly compromised roughly once a year ever since

          PKI: Same story as SSL, except you also get fun design decisions that allow foreign governments and corporate IT to impersonate any host they like

          Tor: Launched 2002, all onion layers pierced by 2012, requiring only sufficient funding

          Bitcoin: Decentralized, anonymous, encrypted to the hilt, billed as economica

      • by sconeu ( 64226 )

        [PEDANTIC]
        What is a HOSTS.TXT file? Back in '84 there was /etc/hosts
        [/PEDANTIC]

        OK, maybe a VMS system had a HOSTS.TXT.

    • I don't think they care too much about what /.ers may do, I am sure at least some of them understand that technically savvy people will just route around the damage. It seems to me what they want to do is make it just difficult enough that Joe Average will shell out the bucks rather than figure out how to use Tor et al. In other words, scrapping the old 'sue 6 year olds for file sharing' approach. Instead taking a page from physical security and trying to make it just hard enough to maximize revenue.
      • It seems to me what they want to do is make it just difficult enough that Joe Average will shell out the bucks rather than figure out how to use Tor et al.

        What they clearly want to do is break the internet. However, if their goal is to stop infringement by Joe Average, this effort would fail. What will happen is an alternate system will be set up by those of us who know how to do such things (whether we engage in piracy or not -- it doesn't matter), then we'll encourage everyone to use it and when we set up machines for our nontech friends and family, we'll set them up to use the alternate system as well.

      • If the MPAA really was serious about fighting piracy, they would work with NetFlix and other online video providers to get their movies online for a reasonable price. How many would stop pirating if everything they wanted was a Netflix subscription away? Instead they treat Netflix like a big threat and try to deny them as much video content as possible.

    • by AmiMoJo ( 196126 ) *

      It would fracture the internet into two halves - the US and everywhere else. The take-down requests would be honoured by US servers only, and the US would probably find itself in front of the WTO for screwing with the domain names of other countries.

    • by Pontiac ( 135778 )

      They already exist.. [wikipedia.org]

  • comcast (Score:5, Insightful)

    by roc97007 ( 608802 ) on Wednesday December 17, 2014 @11:12AM (#48617543) Journal

    > and working with ISPs like Comcast to examine how a system might work technically

    Yet another reason not to do business... well, you know.

    • How should Comcast objectors living in Comcast territory cope with the 10 GB/mo cap of non-Comcast home Internet through the sat or cell company?

      • How should Comcast objectors living in Comcast territory cope with the 10 GB/mo cap of non-Comcast home Internet through the sat or cell company?

        I dunno. Perhaps complain to your municipality about the granting what is essentially a monopoly to a company with such a bad customer service record. Make correcting the situation a factor in getting re-elected.

        Where I am, we have a choice of cable or fiber, before you have to consider lower tier like DSL wifi, satellite. (I consider satellite lower tier because of the terrible upload speeds.) I understand that other areas, especially older municipalities, don't have the choices we have in my area. Tha

  • So how long until we scrap DNS for something both secure and P2P?

    • uhm, regular old dotted quads (ip addrs) work fine and cannot be 'taken down' since they are not lookup based but topology based.

      and even with ip alias and redirects, a dotted quad can be just about as good as a dns name. better, in some ways, since it cant' be faked like a name can, and does not require another fetch for the name->ipaddr lookup.

      • My website is at fd30:0000:0000:0001:ff4e:003e:0009:000e, please visit.

        • ipv6 is not going to take over any time soon. adoption has taken 20 yrs now and its still 'not there' for many places.

          IoT will use ipv6. but websites that are more than your personal site will always have access to ipv4.

      • uhm, regular old dotted quads (ip addrs) work fine and cannot be 'taken down' since they are not lookup based but topology based.

        and even with ip alias and redirects, a dotted quad can be just about as good as a dns name. better, in some ways, since it cant' be faked like a name can, and does not require another fetch for the name->ipaddr lookup.

        ...about the awesome library of stuff hosted at 127.0.0.1

    • Re:black DNS? (Score:5, Informative)

      by PhrostyMcByte ( 589271 ) <phrosty@gmail.com> on Wednesday December 17, 2014 @11:35AM (#48617819) Homepage
      Funny, Microsoft has actually had a P2P DNS system for several years: PNRP [wikipedia.org].
  • huh what? (Score:5, Informative)

    by Charliemopps ( 1157495 ) on Wednesday December 17, 2014 @11:15AM (#48617579)

    No one's ever tried to issue a takedown notice like that...

    Really?
    http://en.wikipedia.org/wiki/C... [wikipedia.org]
    They haven't?
    http://en.wikipedia.org/wiki/M... [wikipedia.org]
    Tried this?
    http://en.wikipedia.org/wiki/P... [wikipedia.org]

    Because, the last I checked...
    http://en.wikipedia.org/wiki/R... [wikipedia.org]
    It was happening
    http://en.wikipedia.org/wiki/C... [wikipedia.org]
    all the time...

  • This is totally unacceptable, IMO. I don't care if it's the MPAA suggesting it or the FBI or InterPol, or ??

    There should be plenty of ways to deal with hosted content on someone's server without resorting to breaking core functionality of Internet services like DNS!

    You could make hundreds of analogies (most of which would probably not be all that great), but to use the ever-popular automobile analogies for a minute? This is a little bit like trying to stop illegal sale of goods by a business by tearing out

    • There should be plenty of ways to deal with hosted content on someone's server without resorting to breaking core functionality of Internet services like DNS!

      Unfortunately, to the asshole lawyers these companies employ ... the core functionality of the internet be damned.

      They simply don't care about anything but their own profits. They just want to be in charge of how all technology is used.

      "A takedown notice program, therefore, could threaten ISPs with potential secondary liability in the event that they

    • I like to say, the Internet does not exist to guarantee the viability of their business model.
    • Well, you can still connect to the site if you know its IP address. A bit harder to remember though - especially if it's IPv6.
  • In Europe happens quite often that ISP are forced to remove "bad" sites (torrent, stream) from their DNS.
    People just learned to not use their ISP DNS anymore.

    • Re: (Score:2, Insightful)

      by l0ungeb0y ( 442022 )
      Well this is Murka and here we have freedum and speeches -- things you could never understand
  • Screw them! (Score:5, Funny)

    by excelsior_gr ( 969383 ) on Wednesday December 17, 2014 @11:28AM (#48617717)

    We'll make our own DNS!

    With blackjack and hookers!

  • by Esra Erimez ( 3732785 ) on Wednesday December 17, 2014 @11:32AM (#48617749)
    Even though the Pirate Bay move to North Korea was a hoax [bgr.com], but if North Korea really wanted to exact revenge on the industry why wouldn't they take an approach that would really hurt them and actually host pirated content?
  • by tiberus ( 258517 ) on Wednesday December 17, 2014 @11:32AM (#48617751)
    It's bad enough that companies like Verizon, in a effort to help us and provide better service, hijack 404 errors and redirect them to their tailored search results, now this. In light of how little vetting some of these take down notices seem to receive before the ban hammer falls, this is truly scary. Scary in that they think this is how to go about business. Like others have already alluded too, this is likely to at worst cause a minor bit of annoyance before a way to protect against this silliness is found.
  • I already override my ISP's advertised DNS settings to point to something that doesn't redirect to their advertising pages when I typo a URL. I can easily point it at something that doesn't listen to MPAA's bizarre demands.
  • So, instead of saying: "Hey Joe, check out vids.com", I'll say "Hey Joe, check out 74.238.38.132". Because that's somehow so much harder to do, especially in a link. Welcome to your HOSTS file.

    • It's inevitable that the copyright holders will expect IP addresses or ranges to be blocked or simply deleted from routing tables.

      And then innocent bystanders will become caught up in this.

      That's how this escalates. And how it is dangerous to let them do even the little thing.

  • Would a distributed hash table system (like eMule used(uses?)) make a good DNS replacement?

  • This story reminds me of the wasp that landed on the thistle. One of them is going to get stung but I really don't care which. It's bad that anyone gets hacked but it it Sony after all.
  • This would not really work. In practice, it would likely mean a return of Alternic system, with multiple roots - i.e., a dark DNS for the dark net, probably temporary DNS extensions for file sharing, etc.

    Somewhere, I suspect Eugene Kashpureff is smiling.

  • For other types of distribution, what remedies at law exist?

    For instance, if I start mailing pirated Blu-Ray disc all over the world, do they instruct the various shipping agents, postal agencies, and so forth to refuse to accept anything from me, and also to refuse to deliver to me? Can they do this without informing me? Do I have recourse if this also denies me lawful services?

    If I merely pack and ship these discs for someone else, is there a fix in law to also deny me access to shipping methods?

    Do they

  • They can compromise DNS all they want, but they can't prevent routing of packets from one numeric IP address to another numeric IP address.

    If they were actually trying to mess with DNS then they should be prosecuted under hacking laws, because if you or I were to do this thing, that's what would happen to us.

    Bastards.
  • A huge number of people already barely use DNS. They go to places like "The Pirate Bay" by entering "The Pirate Bay" in the Google Search window, and following the first link or two that they find. So, if Google indexes 194.71.107.27 [194.71.107.27] or there's a Wikipedia link to it (since, you know, that'd be newsworthy), the effect of a DNS ban has little impact on the original discovery of the site URL.

    Some (stupid) ISP's already take care of this search mechanism... enter a bad URL, go right to a search page. Most brow

  • A dozen viable DNS lookup services spring up in the event of a takedown.
  • Somehow, I doubt that any country outside the USA is going to tolerate this nonsense for very long. Entertainment can be boycotted. Other networks can be created. If the MPAA is dumb enough to try this (which is likely, because, you know... entertainment industry), they will just hasten the creation of a new and better decentralized set of internets.

  • by Archtech ( 159117 ) on Wednesday December 17, 2014 @12:07PM (#48618169)

    It seems that the bipeds who once inhabited this planet had, at one time, developed a comprehensive worldwide networking system. They accomplished much through it, from exchange of all kinds of information to commercial transactions, education, and even personal communications.

    But suddenly, one day, this useful system was destroyed. Apparently a small group of bipeds, which had enriched themselves by creating carefully distorted fictional representations of life and events, decided that the network might be slightly reducing the rate at which they amassed wealth. So they sabotaged it.

    We really have no idea what kind of intelligence those bipeds had - if it was even intelligence as we know it.

  • Just spread the ip addresses, like in the old days.
    In 1988, I used to know lots of IP addresses by heart. Though that will be a bit more difficult with IPv6.
    But we have /etc/hosts for that. Almost like a bookmark...

  • If A breaks or gets broken, B will emerge to fill the void.

    For reference, see content. When content for sale was broken past its usefulness by DRM, download pages popped up left and right where you could get it not only in better quality (no unskipable ads, no "always on" online connection for offline playing...), even the price was better!

Real programmers don't bring brown-bag lunches. If the vending machine doesn't sell it, they don't eat it. Vending machines don't sell quiche.

Working...