http://www.extremetech.com/computing/109533-how-sopa-could-actually-break-the-internet

Depending on how its implemented, SOPA could demolish the cohesive structure of the internet by damaging the core functionality of the Domain Name Service (DNS) system. As written, SOPA tasks ISPs with preventing US internet users from accessing a site that’s been deemed to contain infringing content by preventing their browsers “from resolving to that domain name’s Internet Protocol address.”

The question is, how might that sort of blocking actually be accomplished? Existing legal structures already allow the government to petition Verisign to remove the DNS records that resolve to any given website (we’ll use pirates.com as an example). The government could also seize pirates.com under existing asset forfeiture law. Alternately, if an infringing site were hosted by a US DNS provider, the government could ask that provider to terminate service. In this last case, the site could still migrate to a different host.

All of these methods are already allowed under existing US law and have been used in the past. The third option, as described by Dyn and reportedly contemplated by SOPA, is the creation of restrictive DNS blacklists. Before diving into these, let’s discuss how DNS actually works.

DNS hierarchy

DNS is what enables your web browser to find any given site using a text string instead of an IP address. Each client requests information on where to find a particular domain from the DNS server it connects to. Type in “pirates.com,” and your web browser communicates with your ISP’s DNS server, which informs it that the IP address for that site is 12.130.102.11. Your web browser directs you to the IP address while displaying the typed domain.

So far, so good. The problem with SOPA is that the only way to block US users from visiting certain websites is to create a list of disallowed addresses, then block only US citizens from accessing them. For a practical example of how this impacts web traffic, consider airport security before and after 9/11. Before 9/11, airport security was little more than a brief stop. Now, it takes long enough that airports across the country have installed long queues to fit a sufficient number of people into a space that once held just a fraction of their number at any given time. This continues to be the case, despite a massive increase in the number of security personnel deployed at the terminal for screening purposes. As the map of the internet (pictured below) illustrates, that’s a lot of traffic to be filtered.

A map of the internet

The second major issue, as Dyn discusses, is the question of how these lists are to be maintained, communicated, and adjusted. Any attempt to maintain a comprehensive blacklist could turn into a game of chicken between foreign DNS providers registering new domains and copyright holder’s attempts to block US access.

In any such fight, the ISPs end up the true losers — the larger the blacklist, the longer it takes to screen attempts to access it. Meanwhile, updated list files would have to be constantly uploaded. Anyone who managed to crack the list server would have a nearly unlimited license to wreak havoc on the US internet. A centralized list server repository might help keep things secure, but who’s responsible for footing the bill?

As Dyn notes, savvy web users could end-run around SOPA by using offshore DNS hosts. The US could potentially counter by pressuring the providers of such services to block US-based traffic or implement SOPA-compliant servers. The problem with this scenario is that inevitably devolves into an increasing spiral of censorship and filtering in the name of protecting dubious copyrights that may not legally exist.

As the recent spat between UMG and Megaupload illustrates, copyright holders are scarcely neutral parties with an interest in upholding the law in a just and equitable manner. Any attempt to implement the filtering SOPA suggests will weaken the internet by creating artificial gateways that are themselves susceptible to attack. There’s no way to plug the holes SOPA leaves open without further draconian measures that would require offshore DNS providers and ISPs to agree to uphold SOPA’s restrictions. Taken to extremes, the reckless pursuit of secure content could fracture the dubious alliance that’s allowed the US to maintain control over the internet and lead to the creation of a second international network. That’s not a likely outcome — but it’s certainly a possibility if SOPA passes.

 

Comments are closed.