Feeds

Anti-piracy laws will smash internet, US constitution - legal eagles

Three wise profs warn of looming DNS disaster

Beginner's guide to SSL certificates

Legal experts are warning that the proposed PROTECT IP and the Stop Online Piracy Act (SOPA) legislation, currently working their way through Congress, will damage the world's DNS system, cripple attempts to get better online security and violate free speech rights in the US constitution.

In an essay published in the Stanford Law Review professors Mark Lemley, David Levine and David Post warned that the overarching reach of the legislation would cause people to seek alternatives to the existing DNS system, manufacture massive technical problems in the implementation of DNSSEC and trample over rights of free expression by allowing the total suppression of published opinion based on allegations without proof, or even a hearing.

“These bills, and the enforcement philosophy that underlies them, represent a dramatic retreat from this country’s tradition of leadership in supporting the free exchange of information and ideas on the internet,” the trio warn.

Under the terms of the proposed PROTECT IP legislation a US federal prosecutor who finds a foreign website that is “dedicated to infringing activities” can force all US internet service providers, domain name registries, domain name registrars and operators of domain name servers to block either the offending page or the whole web domain from the DNS system* - effectively wiping the site off the internet map.

The professors warn that the SOPA legislation is even worse in this regard. “Under SOPA, IP rights holders can proceed vigilante-style against allegedly offending sites, without any court hearing or any judicial intervention or oversight whatsoever… and all of this occurs based upon a notice delivered by the rights holder, which no neutral third party has even looked at, let alone adjudicated on the merits,” they write.

The team also echoes concerns from Sandia Labs and others that the laws would break the implementation of DNSSEC. Those companies using the secure protocol could find themselves liable for legal action, some experts have warned, and would encourage the formation of new, unregulated DNS systems that would fracture the overall structure of the internet.

From a legal standpoint the proposed laws are almost certainly unconstitutional, the trio warns, since it can be used to deprive first amendment free speech rights without any access to a court hearing and with little or no evidence presented of a crime – indeed overseas website owners may not even be informed before a site is taken down.

Who is leading the fightback?

Some of the biggest names in the internet world have rallied to fight the current round of legislation, including some unlikely bedfellows. Vint Cerf and other leading luminaries have warned of the dangers, Google, Facebook and other online businesses are battling against it and Mozilla is mobilizing the open-source community. Even the Business Software Alliance has opposed it – and when the software industry’s anti-piracy goon squad doesn't like copyright legislation you know it has to be seriously flawed.

News of the proposed changes has even reached China, where it is inspiring some bloggers to take the piss out of America for copying the Great Firewall of China. Weiping Li, a blogger with Global Voices Advocacy, told The Register that the similarities between the two countries were amusing some.

“Now they’re copying us to build up a wall. It’s like after climbing over the wall, we then bump into another one. It’s crazy!” said one web scribbler.

Even the legislators themselves are expressing concern at the lack of technical expertise they can access during House Judiciary Committee hearings on the bills and the speed with which they are being asked to act.

“When we had that last hearing, there wasn't a single person who could answer the technical questions, and they all admitted that, even though a couple of them still opined,” complained California congressman Dan Lungren.

"But that is very unsatisfactory to me, and it ought to be very unsatisfactory to this committee, and it certainly ought to be very unsatisfactory to this institution. This is an extremely important issue. We better do it right, and I would just hope that we would take the time to do that.” ®

Bootnote

DNS, for the uninitiated, is the vital system that points browsers at websites when given a human-readable address, such as facebook.com or theregister.co.uk. Get removed from the DNS system and you can kiss goodbye to your traffic.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.