Cloudflare Starts Blocking Pirate Sites For UK Users

An anonymous reader quotes a report from TorrentFreak: Internet service providers BT, Virgin Media, Sky, TalkTalk, EE, and Plusnet account for the majority of the UK's residential internet market and as a result, blocking injunctions previously obtained at the High Court often list these companies as respondents. These so-called "no fault' injunctions stopped being adversarial a long time ago; ISPs indicate in advance they won't contest a blocking order against various pirate sites, and typically that's good enough for the Court to issue an order with which they subsequently comply. For more than 15 years, this has led to blocking being carried out as close to users as possible, with ISPs' individual blocking measures doing the heavy lifting. A new wave of blocking targeting around 200 pirate site domains came into force yesterday but with the unexpected involvement of a significant new player.

In the latest wave of blocking that seems to have come into force yesterday, close to 200 pirate domains requested by the Motion Picture Association were added to one of the longest pirate site blocking lists in the world. The big change is the unexpected involvement of Cloudflare, which for some users attempting to access the domains added yesterday, displays the [Error 451 -- Unavailable for Legal Reasons] notice ... As stated in the notice, Error 451 is returned when a domain is blocked for legal reasons, in this case reasons specific to the UK. [...] In this case there's no indication of who requested the blocking order, or the authority that issued it. However, from experience we know that the request was made by the studios of the Motion Picture Association and for the same reason the High Court in London was the issuing authority. [...] The issue lies with dynamic injunctions; while a list of domains will appear in the original order (which may or may not be made available), when the MPA concludes that other domains that appear subsequently are linked to the same order, those can be blocked too, but the details are only rarely made public.

From information obtained independently, one candidate is an original order obtained in December 2022 which requested blocking of domains with well known pirate brands including 123movies, fmovies, soap2day, hurawatch, sflix, and onionplay. This leads directly to another unusual issue. The notice linked from Cloudflare doesn't directly concern Cloudflare. The studios sent the notice to Google after Google agreed to voluntarily remove those domains from its search indexes, if it was provided with a copy of relevant court orders. Notices like these were supplied and the domains were deindexed, and the practice has continued ever since. That raises questions about the nature of Cloudflare's involvement here and why it links to the order sent to Google; notices sent to Cloudflare are usually submitted to Lumen by Cloudflare itself. That doesn't appear to be the case here. "Domains blocked by Sky, BPI and others, don't appear to be affected," notes TorrentFreak. "All relate to sites targeted by the MPA, and the majority if not all trigger malware warnings of a very serious kind, either immediately upon visiting the sites, or shortly after."

"At least in the short term, if Cloudflare is blocking a domain in the UK, moving on is strongly advised."

Three letters

[Kernel Kurtz]

V P N

Re:

[gweihir]

Or for free, Tor browser.

Re: Three letters

[Anonymous Cward]

Or manipulate the Host: part of your HTTP(S) requests and no VPNs are needed. It bypasses UK censorship because the DPI checks are dumb. Some ISPs fail if you use hOSt, for example. Others need a bit more work, including some cheeky packet fragmentation. Others fail to filter QUIC because they are even dumber.

I cannot give any more hints then this, because it does not just bypass the high court block filters but also other types of content, some which people would almost universally agree should be filtered, like IWF blocklists too because our stupid government decided to scope creep an otherwise noble filtering system and turn it into something authoritarian instead.

Please use this information responsibly.

Re:

[martin-boundary]

Seems like the kind of task a browser extension would be ideal for.

Of course, only if programmed responsibly.

Re:

[allo]

QUIC was made to be hard to block.

Re:

[quenda]

The article keeps referring to "domains", which means DNS-level, in which case VPN would be overkill. You would just need to use a uncompromised DNS server, and HTTPS. Using an adblocking DNS server will also fix the site-blocking problem.

But it sounds like there is more here, with vague words like "geoblock websites to limit access in the relevant jurisdiction to those websites through Cloudflare’s pass-through security and CDN services".
Can someone explain? Doe

Re:

[Kernel Kurtz]

Does this mean blocking IP addresses? Wouldn't that also block a lot of other sites sharing the same server set and IP addresses?

I can only speculate but it was discussed here recently that that is how they do it in Italy. The courts there seem fine with any collateral damage.

Citations needed

[abulafia]

Any state-ordered blocking must link to the text of the specific legal order on the page returned when someone accesses a banned URL.

Unless this is done, the government has a cheap, easy, undetectable way to censor. Just slide in whatever URLs you want and everyone has to assume it is part of one of the many blocking orders.

Profitable tool of the government

[OrangeTide]

Business and authoritarianism working hand in hand. That's nothing new.

Re: Profitable tool of the government

[ArmoredDragon]

Depends whether they're going along with it begrudgingly. I doubt ISPs are interested in costs for maintaining filtering systems and monitoring and updating from government lists. And I doubt this does anything to add value to their services -- if anything, it likely does exactly the opposite.

But at the end of the day, they have to follow the laws of their jurisdiction, and not much they can do about that. The electorate have the ultimate authority here, and they've chosen to do nothing. Same reason nobody

Re:

[Tim the Gecko]

From what I understand, the upper chamber of their parliament are unelected aristocrats who inherited some sort of title by birthright.

90-ish of the current 832 members are hereditary peers, and they will not pass membership on to their heirs. From wikipedia [wikipedia.org]:

In contrast to the House of Commons, membership of the Lords is not generally acquired by election. Most members are appointed for life, on either a political or non-political basis. Hereditary membership was limited in 1999 to 92 excepted hereditary peers: 90 elected through internal by-elections, plus the Earl Marshal and Lord Great Chamberlain as members ex officio. No members directly inherit their seats any longer. The House of Lords also includes up to 26 archbishops and bishops of the Church of England, known as Lords Spiritual.

Re:say something or shut the fuck up

[nightflameauto]

i will not read the source article.

this summary provided exactly zero information and ends with this threatening nebulous quote..

"At least in the short term, if Cloudflare is blocking a domain in the UK, moving on is strongly advised."

yeah.. OKAY.

A large business interest deemed that site naughty, therefore, accept that it is naughty and move on.

Why we let big business decide what's "legal" and "not legal" is pretty much beyond me. These thugs are barely one step removed from mafia bosses themselves.

They do the work for me.

[blowdog]

Thanks for letting me know about those sites Motion Picture Association

How does that work?

[PPH]

I thought CloudFlare sat between client websites and the Big Bad Internet. From whence the DDoS attacks come. Not between users and the Internet at large. So, unless pirates contract with ClownFlare (doubtful), they shouldn't have anything to to with that traffic.

Start sniffing the traffic of some people who have no expectation of monitoring and counterintelligence would like a word with you. You might even get your own private flight to a Caribbean vacation spot like Gitmo. Orange jumpsuit and hood includ

Re:

[PPH]

I'd venture a guess that the likes of the DoD don't use it. And if someone thinks that they can monitor the traffic between myself and my customer without prior permission, black helicopters will be landing on their lawn.

That said, I'm sure pirate sites don't use a CDN either. So without that client relationship in place, the CDN has no business looking at my network traffic. Because if they sniff the wrong socket connection, you can visit them in Gitmo.

Re:

[WolfgangVL]

We are long past the days when you could hook up a 486 running Apache to a T1 line and serve a website to the world

We are very much still there my friend. Just because you don't want to doesn't mean the rest of us cannot.

Re:How does that work?

[AgTiger]

Cloudflare is one of the DNS providers for the "DNS over HTTPS" (DoH) service inside browsers, and it may well be the default choice. If your browser is configured to use DoH, and it's set to use 1.1.1.1, it's pushing its DNS resolution calls through Cloudflare.

As such, Cloudflare makes for a good choke point for the music and movie consortiums to use to lock out resolution of these sites based on the user's geo-located IP.

Me, I turned off DoH as soon as I heard about this new service. I run my own local Bind9 server with protection against malware sites, and I didn't want them doing an end-run around that layer of protection.

Run your own resolver, like we used to do?

[DarkHelmet433]

I don't understand why more people don't run a local recursive resolver. It isn't hard.

Additionally, I'd love to see every consumer router have a local Unbound recursive resolver (or similar) included. Ideally, used by default. With an optional forward to the local ISP or a 3rd party DNS resolver if absolutely necessary.

Having mega-resolvers like cloudflare, google, 9.9.9.9 etc makes them an overly attractive target.

Re:Run your own resolver, like we used to do?

[raburton]

I don't understand why more people don't run a local recursive resolver. It isn't hard.

I do, but this isn't a block on simple DNS. I just tested with some of the reported urls, and am getting a webpage with 451 error.
The message says: "Cloudflare has taken steps to limit access to this website through Cloudflare's pass-through security and CDN services within the United Kingdom". I doubt the pirate sites use cloudflare at their end, so I assume it's the ISPs that are using it as some kind of proxy, or new greatfirewall of the UK, hence their involvement - ISPs delegate enforcement to them, if all their traffic is going through them anyway.

Re:

[DarkHelmet433]

I checked one from the article at random (hdtoday) and it was definitely hosted/fronted by cloudflare. DNS wouldn't help here. Sigh.

Re:

[luther349]

all the sites will do is change there urls.

Re:

[thegarbz]

I doubt the pirate sites use cloudflare at their end

I don't. Cloudflare provide a lot of scope to host sites in a quick transferable way which previously was quite resistant to blocking efforts. It's one of the reasons why they have been dragged into court multiple times.

Re:

[Cajun Hell]

My understanding of Cloudflare is that they're a reverse-proxy. So I think the issue is that due to these particular sites using Cloudflare, a legit DNS lookup still resolves to Cloudflare's service.

These websites have chosen for Cloudflare to be the middleman between themselves and all their users.

Sigh

[Zak3056]

Remember when the internet was the best communications tool ever devised by man instead of just another way to funnel advertising to you and a mechanism to control what you are allowed to speak about? I do, too. :(

Re:

[SlashbotAgent]

While I do understand the intent of your comment, as well as sharing your frustration, I would like to say that the internet hasn't changed all that much. Sure, advertising is a big part of websites and we didn't used to have to deal with DNS services filtering access. But, the conduit remains as open as ever. We didn't used to have all the millions of sites(mostly free) that we have today. The richness of the content may have decayed but the expanse of the content didn't exist.

We didn't used to have free t

Criminal gang

[Anonymous Coward]

Who are these crooks? Every time the internet goes down, it's a message about Cloudflare.

I didn't vote for these cunts. Jail them.

Here we go again

[Random361]

And VPN usage skyrockets in the UK. Or people could use Tor but the performance may suck.

Oh, by the way: Fuck the MPAA. [youtu.be]

Thank god!

[Truth_Quark]

In a world where rising autocrats are using the internet to erode Europe [citystgeorges.ac.uk], destabilize the U.S, [brookings.edu] disturb the peace in the west [bbc.co.uk], spread disease [nih.gov], and support genocide [reuters.com], thank God we’re finally committing resources to stop a few people from watching a movie without the amazon prime subscription that supports the people doing the real damage [bbc.com].

Principals vs. profits

[CommunityMember]

Cloudflare, like all the big multi-national tech companies, follow all legal requirements in the jurisdictions where they operate, or they choose to exit the jurisdiction. And when it comes to shareholder value (stock price), that usually means that they will agree to anything to make a few extra dollars. As I recall, only Google took a principled position with one country (China), and the result is that Google no longer (in practice) exists in China. Apparently Cloudflare has chosen a different path.

Yet another reason not to use Cloudflare

[RUs1729]

And to use your own DNS server: it is not such a difficult task these days.