The Online Piracy Act (SOPA), also known as H.R. 3261, is a bill working it's way though the House that promises to end piracy over the Internet. The crux of internet piracy is offshore web sites that the government can't control. Shutting down the web sites is almost impossible, so the bill provides a mechanism to disrupt how the sites are accessed using the Domain Naming System (DNS).
For those non technically inclined, DNS is the protocol use by web browsers to find the IP address of a web server. It's very similar to a phone book (you remember those). Back in the dark ages when you wanted to find how what time Bob's Auto Shop closed you pulled out the yellow pages, found the Automotive Services category and then found Bob's Auto Service. This provided you with Bob's phone number which you then dialed into your phone to call Bob. In the enlightened age of the Internet you go to your browser and type in www.BobsAutoService.com. Your browser then contacts the DNS server supplied by your Internet Service Provider (ISP) and asks whats the IP address for www.BobsAutoService.com. When the browser gets the reply from the DNS server it contacts the web site using the IP address and downloads the page that you want.
One of the provisions of the SOPA bill would allow the Department of Justice or any rights holders to establish blocks on DNS requests for domains that they believe are hosting copyright infringing content. So, when your thirteen years old daughter trys to go download the newest Justin Bieber song from SvensMusicDownloads.com the browser contacts the ISP's DNS server to get the IP address. However, since SvesMusicDownload.com is now on a block list the ISP's DNS server simply responds that it can not find it.
To return to our phone number analogy all this does is make the IP address unlisted in your local phone book. All anyone needs to do is find a phone book that still has the number listed.
So, your thirteen year old daughter really want's that Justin Bieber song. Her friend Susie's older brother gave her a tip that if she sets the computer to use 10.154.165.37 as the DNS server she can download her music. He herd about it from his buddy Steve who has an internship with IBM, so Steve knows what he's doing on the Internet. Plus, Susie's brother has been using this server for weeks and he can still get to Facebook AND download all the music he wants so it MUST be all right. She makes the change and wow, she can download her music again. All is right with the world.
Unfortunately your thirteen year old daughter, her friend Suzie's brother and even Steve the college intern did not know that the 10.154.165.37 server is actually run by a Vladimir's Cyber Crime Gang. Vladimir setup the server to return legitimate IP addresses for every web site on the Internet. Except for for a couple of large banks!
A couple of days later you sit down at the computer to pay your bills. You open your web browser to www.BankOfAmerica.com and see the same login page that you always use. However, on the back end your browser requested the IP address for www.BankOfAmerica.com form Vladimir's DNS server. Instead of providing the real IP address for your banking site it provided the ip address for Vladimir's web server. Your browser actually connects to Vladimir's web server but you can't tell the difference. Even the SSL security icon in the browser bar is green like it should be; the SSL security features in your browser also rely on DNS. You enter your password into the page get all those pesky bills paid and never notice anything is wrong. Vladimir's web server was acting as a middle man between you and the bank web server. Vladimir now has your password. A week later you log back in and see that your savings account has 27 cents left in it. Thirty thousand dollars has been transferred to a bank in the Caymans.
DNS is a VERY important part of the Internet. It is at the foundation of how the Internet works. This is just one example of how mucking with it can and will break the Internet! Please cal your Congressmen, write your Congressmen, do what ever you need to do to get this bill stopped!
No comments:
Post a Comment