It would be quite ironic if the ultimate legacy of SOPA is to strengthen the web by evolving the nature of DNS.
I'm reminded of the past "victories" of the copyright lobby that ended up doing more harm (from their perspective) than good: shuttering Napster (which lead to the much better decentralized systems used for piracy today) and passing of the DMCA (which actually ended up giving legal coverage to businesses that profit from infringement).
The worst part of SOPA, in my opinion, is the ability for a rightsholder to ask any ad network or payment provider to stop doing business with any website merely by claiming the site's primary function is infringement... and the liability incentives the bill creates for doing so without a trial.
We can route around DNS blocks to get to the sites, but what does that matter if the sites close themselves because their funding was cut off? A site like YouTube would not be profitable without access to US-based ad networks.
While you can't prevent transactions in bitcoins, you absolutely can cut off conversions between bitcoins and USD. Just cut them off at the payment provider the same way. Right now, bitcoin exchanges can operate entirely above-board; driving them underground and equating them with money launderers would make it extremely difficult for bitcoin to solve any of the problems that people want it to solve.
While many people (myself included) would love to see a cryptographic currency replace all existing currencies, it needs a transition period to have a good chance of succeeding, and making it illegal would eliminate that transition period.
I have to say, as much as bitcoin is in a downfall, this actually makes a ton of sense. That was the initial goal of bitcoin, to create a de-centralized currency. As long as the BTC is a STABLE currency this works out well. Or short-term stable. It can become a medium of financial transfer: I buy 10 BTC, donate it, they claim 10 BTC, convert to cash. Done.
It would be great if there was a tool to literally facilitate this transaction without directly giving from one company to another, thus bypassing SOPA. I give the "holder" $10, the "holder" gives me 10 BTC. Then I give 10 BTC to say PirateBay. Then the "holder" guarantees that piratebay can sell 10 BTC to them for $10. Thats it. They only converted BTC to/from cash. I directly gave BTC to pirate bay. SOPA is ignored.
HOWEVER THIS IS EXACTLY WHAT THE INTERNET IS AGAINST. This will prevent all sort of anti-fraud that is going on now. You will wind up bypassing years of innovation to create a black market. It will be detremental.
> HOWEVER THIS IS EXACTLY WHAT THE INTERNET IS AGAINST. This will prevent all sort of anti-fraud that is going on now. You will wind up bypassing years of innovation to create a black market. It will be detremental.
Right now, in meatspace, I have both options: I can pay with cash and have little to no recourse or record, or I can pay with check or credit card and have a record and various fraud protection measures. I want to have both options on the Internet as well.
Also note that various bitcoin escrow agencies have popped up, which serve the obvious function. Assuming an agency exists that both parties trust, you can have the fraud protection you want if and when you want it.
But bitcoin escrow agencies don't solve the SOPA problem -- once you have a small number of intermediaries paying these websites, they become the place where the law can apply its force. They will be ordered/coerced to stop funding ThePirateBay or whatever site the media industry targets, so these sites either can't have reliable BC payments or they are subject to being cut off by these laws without trial.
Only if they operate in jurisdictions that can apply such force, and only if they make a connection between their online presence and their offline presence. An escrow agency could operate pseudonymously online without having an offline presence, as long as they built a trusted reputation around their online pseudonym and cryptographic identity.
The endgame is much, much more than that. Once the US lose control of the money supply it loses a ton of its power and we can (finally) stop fearing Washington.
That might be a solution 5, 10 years down the line.
What's the solution today?
If you cut any site off from Google/DoubleClick, you've effectively prevented them from monetizing through advertising enough to reach top 100.
That's not every site's business model, but there's certainly a class of sites we'd like to exist (of which YouTube is a prime example) that would not be able to exist without access to the US advertising networks.
If you cut of the other ways to get money then Bitcoin is the solution today (or in a few months when it is properly integrated with the merchant software).
Bitcoin is not a solution today. Your parents are not going to buy something from a website that only accepts payment in a currency they've never heard of and don't have. A website that can only accept BitCoin payments cannot be competitive.
SOPA specifically (without actually naming it) calls out addons.mozilla.org for the whole mafiaafire thing -- so under SOPA, this add-on wouldn't be allowed to stay up.
"[T]his version targets software developers and distributors as well. It allows the Attorney General (doing Hollywood or trademark holders' bidding) to go after more or less anyone who provides or offers a product or service that could be used to get around DNS blacklisting orders."
SOPA has not yet passed, it is not yet the law and I hope that Mozilla leaves it up for now. The DeSOPA program is meant to discourage passage of the bill by showing congress how easily it can be circumvented, so if it is removed after passage so be it. The link is:
I didn't mean at all to imply Mozilla would be taking it down; just that the government wasn't happy with the mafiaafire add-on and has included text in SOPA specifically targeted at making add-ons like this "illegal". Just another reason SOPA is bad :)
It's been shown in court that source code is free speech, protected by the First Amendment (cf. Bernstein v. US, Junger v. Daley). I don't want this to get to that point, but that could be a way of getting around it.
Some might argue that speech telling you how to commit a crime is not protected speech, but the Anarchist Cookbook is legal to possess as well.
Dammit Jim, I'm a hacker, not a lawyer. This is not legal advice.
China blocks sites, everyone uses a VPS. If peoples favorite sites start going down, i'm pretty sure the majority of users will start working out how to get around the block, and those that don't probably weren't as frequent users anyway.
You have to remember, for a lot of people their online experience ends at facebook, youtube and hotmail. Sites like reddit, stack overflow, digg, all have audiences that generally don't use IE and will also be able to find a way around a SOPA block. Sure, these sites will lose a lot of traffic, but SOPA will FAR from kill them.
In which case I'm sure "someone" will post it uuencoded to every forum operated by any subsidiary of companies supporting SOPA.
Or something to that effect.
They'll have fun moderating every scrap of user generated content they want to make use of or shut all their forums down, and still, circumvention tools will be everywhere.
If this passes, not only will they find people will create tons of tools to make circumvention easier than ever, but darknet efforts redoubled and work to make the net in general more censorship resistant explode; and people doing their worst to ensure it'll be harder than ever to stop piracy.
The legality isn't stopping people from copyright infringement, so why would it stop them from working around blatant censorship? If anything, something as drastic as SOPA is likely to make breaking these laws even more socially acceptable, which is bad news for its supporters.
This program is a proof of concept that SOPA will not help prevent piracy. The program, implemented as a Firefox extension, simply contacts offshore domain name resolution services to obtain the IP address for any desired website
Part of SOPA is a provision that any tools for circumventing the DNS hijacking are themselves banned. So this extension would have to be removed from the Mozilla repository. At best, it would be distributed underground, and hence would not help to preserve the freedom of the average user.
> So this extension would have to be removed from the Mozilla repository.
IM unfamiliar with the bill, but given SOPA's wording, could it be that the whole of addons.mozilla.org, or even mozilla.org end up banned?
> At best, it would be distributed underground
If it were to happen, I envision a world where Aunt Jackie will ask little nephew Steve to enable her the full internets because she can't watch some photos on Flickr anymore, just like she could not install the Flash ten years ago. Steve will simply be asked to provide a piece of software to bootstrap, which if banned from the internets, will be distributed on underground network channels then diffused on a local scale through sneakernet.
It looks awfully like the BBS and early Internet in the '90s, with those warez sources like IRC DDC bots, and a select few having access to such sources and able to distribute pirated games on high-price CD-Rs.
Most likely they will also be pressured into releasing a FireFox update that breaks previous versions as well (just so we cannot keep using older versions of the addon without also being stuck with an old/insecure version of the browser.)
finnw, the code is actually pretty trivial and does not make use of very special functionality. Further, if SOPA does pass, many even more innovative programs will come out of the woodwork, at the OS layer. I think forcing a patch like that would be a hard sell.
I run dnsmasq on my machines, for example, and its primary purpose is to alter DNS resolution - my nameserver is set to localhost, and my dnsmasq configuration sets which DNS servers to use for what top level domains etc., and routes *.local to a flat file on my home server, for example.
Dnsmasq itself isn't suited to avoid SOPA, but it's a good proof of concept for a small dns server that mediates the lookups based on rules, but defer to "regular DNS" for everything else. There are tons of simple DNS servers out there that can easily be modified to do detect likely SOPA blocked domains and use whatever mechanisms to resolve it through non-US servers (even if your upstream ISP gets forced to filter DNS).
Worst case? Distribute zone files of blocked domains as torrents automatically, or hide lookups in otherwise innocuous looking traffic.
If they IP block the sites, the same mechanism can be used to serve up lists of addresses of proxies instead of the real sites.
The system just needs to be faster than the SOPA proponents manage to send their extortion letters to ISPs.
The beauty is that if/when mechanisms like this start becoming commonplace, the cat is out of the bag - they'll never regain control.
I choose to be an optimist, and foresee a future where every user is dragged far enough up the evolutionary ladder to be able to subvert things like this.
The average user has friends who can supply him/her with this extension. As soon as these ordinary people her about these they will as "the guy they know who is really good with computers" about that program.
Won't take very much to do it. Heck I can even write one (since all you need to do is replace the DNS server).
Yes, I agree. However at this point I am just hoping that it catches the attention of congressmen giving them another reason to rethink SOPA's feasibility before the vote
I like your idea but I sincerely believe that congress(wo)men will only think of this as another attempt by infringers to continue to infringe and steal. If anything, it may want them to wish they could prevent tools and techniques like this from from being available for "just anyone" to download. </cynicism>
Thanks, I agree. That occurred to me too. However, I hoped that it would still force them to rethink their implementation strategy forcing them to allocate more resources to further the effort and buying more time for public awareness.
This program is a proof of concept that SOPA will not help prevent piracy. The program, implemented as a Firefox extension, simply contacts offshore domain name resolution services to obtain the IP address for any desired website
I thought a major part of SOPA will be censoring sites, not just removing them from DNS. So even if you can resolve them offshore, they are going to be censored versions of the sites you know and love.
SOPA (officially) only addresses foreign sites. So they order removal from DNS servers and interrupt advertising or other funding processes from US based companies. But the ability to change the content on a server that is hosted in another country (I believe, IANAL) is beyond their capability. Someone please correct me if I'm wrong.
Also, the issue between domestic and foreign sites is still a bit vague in regards to SOPA. Supporters claim it only addresses foreign sites but most opponents claim (I think) that domestic sites can also be affected.
This is accurate, and a big reason why the EU officially passed a resolution against U.S. domain seizures.
All SOPA can do without infringing upon another country's sovereignty would be to remove the DNS entry on the U.S. servers that ties back to a foreign server, but they can't impact the foreign content itself without violating world law. The EU resolution strengthens that by saying that if the U.S. had hoped they'd be able to censor foreign content, the EU isn't going to just casually allow that to happen.
I would like to know as well but I think they are relying on the existing DMCA, which I think have similar provisions: domain seizures but no server manipulation.
AIUI the DMCA does not provide for domain seizures. Those are done under a creative interpretation of the property seizure laws that were written to allow the government to confiscate property used in the commission of a crime, (e.g. seizing and auctioning off cars that were purchased with drug money).
This is an outrage. We need to pass a bill that forces ISPs to scan for this plugin and report users to the government for prosecution. The nerve of these criminals.
You can rename the extension to .zip and extract. If you have any problems, let me know via a comment or post a contact method and Ill send you the source. Its pretty simple. When on, it intercepts URLs, sends the base URL to three offshore DNS services via HTTP, makes a best effort to check that two of them are equivalent, caches the IP for the browser session, redirects to the equivalent URL using the IP, and substitutes out the domain name in the source code with the IP address for future requests. I admit that it could use some work, however, I wrote in hopes that I could help create some kind of change in the events that are about to transpire before the vote.
xpi files are "normal" renamed zip files. Try extracting the contents using your favorite unzipping application. You should then get access to the source files.
I don't see how DeSopa can work if ICE seizes domains. As soon as a US-based domain is seized, it will propagate to foreign DNS servers as well. So merely using DNS servers outside the US won't help.
DeSopa might help against local ISPs who engage in censoring certain domains on their nameservers, something the SOPA legislation might mandate, but it won't help if the domains are seized.
Better would be some kind of P2P DNS system proposed by Peter Sunde of Pirate Bay -- a decentralized replacement for ICANN and DNS.
I love this approach!: SOPA? DeSOPA, MF! Yes, run circles around these idiots.
Tamer, you also do a great job of explaining in passionately clear, objective terms, the SOPA agenda, the weaknesses of its assuptions and it's dire consequences.
However, I strongly take issue with your own assumptions about the value of today's internet services.
So any chance of someone developing a similar addon for Chrome and IE? Not that I am suggesting I would use such a thing (lest I be marked by the lovely NSA filter that I'm sure monitors this site among others)...
Honestly, I've never really understood networking in great depth, so this may be a dumb question, but isn't bypassing SOPA as easy as specifying a new DNS server for your network connection?
I'm reminded of the past "victories" of the copyright lobby that ended up doing more harm (from their perspective) than good: shuttering Napster (which lead to the much better decentralized systems used for piracy today) and passing of the DMCA (which actually ended up giving legal coverage to businesses that profit from infringement).