Monday, July 04, 2005

DNS Poisoning Requested From Providers by Rights Organisation

The German rights organisation for composers, lyricist and publishers, GEMA, has asked 42 access providers to poison their DNS servers in order to block sites that provide links to eDonkey files. In short, DNS poisoning obstructs the process of converting a URL to a numeric IP address. The GEMA apparently expects the access providers to configure their DNS servers so that "inquiries by end-users are not passed to the correct server, but to an invalid or another pre-defined side." The GEMA also demands that the providers sign a testimony,with which they commit themselves to ensure full blockage under a contractual penalty of 100.000 euro if any of their customers can still reach the targeted site after July 25th.

There's a good reason for the GEMA to target access providers. These are located at the end of the internet chain (source-ISP-"internet"-ISP-user), and usually fall within the (German) jurisdiction, which eases enforcement. However, the effectiveness of this measure may be questioned: users can still enter the numerical IP address of the sites (URL-IP address converters are easily available on the net), and other DNS servers may be used. The GEMA probably thinks that an average user may not be able to take these steps. It also has high expectations of the ability of providers to block the sites, or at least of providers in general, setting a huge sum of 100 000 euro for failure to comply.

The providers in question are still doing their legal evaluations of the request, or have said right out not to comply, because the GEMA is not the kind of judicial instance that can set these kinds of demands. They're considering to bring GEMA's actions to court, in order to see if GEMA has any standing. This question, and GEMA's actions that propel it, are a sign of the times: private parties (rightholders) seeking direct enforcement through private parties (ISPs), stripping down the constitutional protection of speech from the largest (third) private party (users).

In the Pennsylvania child pornography case, slightly reminiscent of this one, new legislation allowed the government to aks access providers to block sites, using DNS poisoning amongst others. In that case there was a law to challenge, constitutional restraints to invoke, a court to review the pressure put on the public (government) - private (users) relationship. While laws may be applicable in the German case, users could "constitutionally" loose out if private demands are enforced by private parties. A judicial review is appropriate here, if for one thing, to test how far decisions to block the information flow can be pushed and taken within the private realm. Even if there's arguably illegal activity involved. Because there always is....arguably.
- - -
Thru Heise [German]
Also DE-BUG Blog [German]

6 Comments:

Anonymous Anonymous said...

I don't think that it is ever right or fair to use DNS poisoning as a tool of IP enforcement. Nor do I think it fair for private groups to seek enforcement of what they perceive to be "right" from other private parties, this is equivical to me putting out a hit on someone because I don't like they way they looked at me the other day.

5/7/05 06:48  
Anonymous Anonymous said...

Let's just make note of the IP addresses for those servers, if they ever do poison the DNS we can just go direct. In any event, unlike individuals, providers have the money to defend their business interests, and they hardly want to waste their time as DNS-poisoner-cops.

5/7/05 13:31  
Anonymous Anonymous said...

Since there are already poisoned dns in my country (and i don't know if 'bad' name requestes are logged) i'm using another dns server from another country since the most of the dns doesn't have any limit policy to resolve requests:
you just need to set manually your dns with another one if an other provider, plus i'm using AnalogX FastCache to log a list of all resolved names with their ip, maybe in the future will be useful in case like this.

5/7/05 13:46  
Blogger The Antagonist said...

The media companies admitted almost ten years ago that they were 'shit scared' of the Internet and in those ten years failed to do anything to address what they openly stated to be one of their biggest fears.

Whose fault is that?

So what we are left with is a worldwide media industry that is watching the last remnants of its artificially maintained empire collapse and crumble as it lashes out at anyone and everyone in a desperate attempt to save something that doesn't exist in the form that it once did.

This, however, is not the whole story. The Antagonist has written a number of articles which discuss various issues that appear to be outside of acceptable peer-to-peer discussion. Contrary to popular belief, file-sharing is far bigger than just MP3s and movies, and far more widespread than traditional news sources would have everyone believe.

That files are being shared is only a very small part of the problem. The real issue is the inevitable knock-on economic effects of a world in which every form of media has been liberated - every track of every artist, every film, every category of book, every category of document, every report, every magazine and anything else that can be digitised.

The traditional distribution channels have been rendered redundant through revolutionary technological developments that cannot be reversed.

A new Filesharing Economy of Community has emerged which has jolted big business into all the wrong sorts of activity - suing customers, suing competitors, demanding anti-competitive legislation, and now the encouragement of DNS hijacking which would criminalise an individual who attempted the same tactic.

They knew a media revolution was coming ten years ago and chose to do nothing. Now, backed by the U.S. Senate, the media companies continue to try and criminalise the world while trying to fight a battle they lost some time ago.

Perhaps it's time for them to try a new strategy.

5/7/05 19:40  
Blogger Justin Mason said...

worth noting that 4.2.2.1 is a widely-resolvable, easily-memorisable, well-connected recursive nameserver -- for future reference ;)

6/7/05 02:08  
Anonymous Anonymous said...

Well i find it hard that such would be possible in sweden as in sweden the law says you can not log a IP number as it equals the same as a ID number and that may only be made by Police and goverment authorities. so i say use a Swedish DNS. :)

7/7/05 00:07  

Post a Comment

<< Home