Italy demands Google poison DNS under strict Piracy Shield law
arstechnica.com176 points by DanAtC 2 months ago
176 points by DanAtC 2 months ago
> The goal is aimed at preventing illegal football streams
It's impressive how much internet censorship in Europe is currently being caused by this one group of extremely greedy people. It's one of the rare cases where the sheer size and international influence of companies like Google and Cloudflare can actually do some good for the world by fighting back against such laws.
> It's impressive how much internet censorship in Europe is currently being caused by this one group of extremely greedy people.
How is this greedy? It's clearly illegal behavior, both from illegal re-broadcasters and from users. Most of those re-broadcast services aren't even free either, they're directly making money from the broadcasts they're replicating.
The problem is that we still haven't figured out a way to properly enforce laws on the internet. Even for completely egregious violations there's no way to do anything once you track down the website to a bulletproof host in Russia or Ukraine or similar countries that don't cooperate. After 20 years of getting nowhere the courts have to find new and creative ways to enforce laws. I think everyone agrees that ideally this shouldn't be DNS blocks or IP blocks but rather these services getting removed from the internet and/or having to implement regional blocks to comply with laws. But there's just no way at all to make this happen right now.
> How is this greedy? It's clearly illegal behavior, both from illegal re-broadcasters and from users. Most of those re-broadcast services aren't even free either, they're directly making money from the broadcasts they're replicating.
Because piracy is a service problem. Pirate streaming sites attract users because they provide a better, more convenient service than the paid options.
We've recently seen this happen in real time with TV/movie streaming services: If you simply tell users "Pay us this single, simple and affordable fee every month and we will provide you with unrestricted access to the content you want, whenever you want", the users will come. But then the investors come knocking. It's not enough that you made N money last quarter, you have to make N+1 next quater. The line has to go up. So the subscription prices go up, the number of subscriptions required to access everything goes up, you start getting ads even though your subscription was originally ad-free, and suddenly the service doesn't seem so appealing anymore.
I've heard endless stories of people having to pay for multiple subscriptions just to watch all of their favorite team's games, and still missing out on some due to whatever new money-making scheme sports companies came up with this month. It's not hard to see why so many people resort to just going online and finding a pirate stream.
From the revenue extraction POV, the optimum price is such that user is unhappy to pay it, but is still paying, while raising the price even by a small amount would convince the user to cancel the service.
This means that the companies are constantly testing this edge, and check whether too many subscribers start to fall off the edge when the price rises.
This is only true in economics model that do not take any morality or the customer's satisfaction into account.
Customer satisfaction is priced in: the customer is still satisfied enough to keep paying, by their own free will.
Entities like corporations aren't conscious and have no morality. They often discover and apply such things much like the biological evolution discovers and applies things. The closest proxy to morality that affects corporations is law; I assume here a completely legal, free interaction where the customer is not even held by an imperfect, monopoly-dominated market, like suburban internet access, or, well, sports events broadcasting.
That is literally any economic model that assumes capitalism as the underlying system.
Morality and ethics are just a way to hurt profits.
>Pirate streaming sites attract users because they provide a better, more convenient service than the paid options.
Pirate streaming sites attract users because they are cheaper. People are using them because they can’t or won’t pay.
disagree. in the US my family would need to sign up to 5 different streaming platforms to be able to view everything that we watch. So that’s 5 separate accounts i need to create, 5 separate apps to install, and i need to remember which app each TV show or movie is in on my apple tv.
And then sometimes only 1 or 2 seasons of a show are available for free on amazon prime, and i need to pay PER EPISODE for the remaining content. It’s also fun when a show my wife wants to watch is not available in our region - even if we wish to pay for it.
Talk about a garbage experience!
There’s a reason _some_ people with the technical chops set up something like plex or jellyfin, and source the content (via torrents or usenet) using sonarr, radarr, etc (the “ARR” stack). For some its cost savings. Others just can’t be bothered.
We can argue about the ethics of doing so all day, but it’s truly a failure on the industries part that they make things so complicated.
Which all sounds like a post hoc justification to me.
Just because you lack the capacity to understand something does not mean you are morally superior for it. It means you need to re-evaluate yourself and find why you cannot understand the fallibility of service providers.
i’m not doing it to save money. really. streaming is cheap as it is. But “content rights” are a dumpster fire. I refuse to use 5 different apps to watch tv / movies. the only one i pay for is apple tv+, because the quality is fantastic and i want to reward that.
I don’t understand why the rights holders can’t partner with apple, netflix, whoever, and offer EVERYTHING in their catalog. And just let me pay for it! In a single app. Kind of like how i used to be able to walk into a blockbuster and pick any DVD.
anyway we clearly disagree. i personally don’t feel guilty worrying about how Hollywood actors will get paid. Have a nice day. :)
This is bollocks.
Netflix gained popularity because they sold their service artificially cheap at a loss for many years to build market share and Kill off their competition, and that's it.
Can you point to the year Netflix made a loss for me? I don't see one in the last 12 years.
https://www.macrotrends.net/stocks/charts/NFLX/netflix/gross...
That's because they don't declare taking out long term bonds as part of their p/e calculations, just the cost of servicing the loan.
Netflix were borrowing circa $4 billion dollars a year to license content until two years ago. There's nothing wrong with that, but you aren't making a genuine profit.
> How is this greedy? It's clearly illegal behavior, both from illegal re-broadcasters and from users. Most of those re-broadcast services aren't even free either, they're directly making money from the broadcasts they're replicating.
It's both. The re-broadcasters may be violating the laws and laws themselves could be unjust, nonsensical, yet existing and enforced because of a group of greedy benefactors actively keeping them that way.
You were a significant contributor to a DMCA circumvention measure for playing pirated Nintendo games. What changed since then?
So basically the problem is reduced to "how can Italy fight against a crime happening somewhere in Russia or Ukraine"? Imagine there is a TV broadcast from Russia, how can Italy forbid it? They can definitely disrupt it (by electronic jamming), but not forbit it. Similar to Internet, the difference is the medium of transmission, not the facts of the matter.
In Communist times in my country I was watching cartoons broadcasted from the neighboring country. Adults were watching adult content at night from the same source. There was no way to stop that.
> is currently being caused by this one group of extremely greedy people.
You can be sure it's not limited to just them. This just appears to be the most publicized example because the government happens to be the unusual position that the entity under scrutiny has far more money and legal power than they do.
> This decision follows a similar case against Internet backbone firm Cloudflare. In January, the Court of Milan found that Cloudflare's CDN, DNS server, and WARP VPN were facilitating piracy. The court threatened Cloudflare with fines of up to 10,000 euros per day if it did not begin blocking the sites.
I'm always curious about jurisdiction on this stuff.
If Cloudflare had no physical machines, employees, and property within Italy's borders, under what law could Italy levy a fine?
I'm not sure how there's any ambiguity to this? We're talking about the EU here. The same laws that enable you to do business across borders without having a legal presence in every country also outline how to deal with issues like these.
They need to say "fuck off, then, enjoy EuropeNet" and ignore their demands. There should be zero ambiguity and zero compliance. The internet doesn't work if arbitrary restrictions on speech get imposed. You cannot give a single goddamn inch or they will claw miles away, insidiously inserting their ever growing list of forbidden things.
The internet most definitely does work with some restrictions on speech, pretty much everywhere worldwide has rules that limit freedom of speech to some extent. In some countries it's defamation, in others it's hate speech, etc, and it's no different in the US. Freedom of speech means you're protected from government censorship, not that you can freely say anything without consequence. For example, you can't publicly say that you will give X amount of money to anyone who will kill person Y, that's not what freedom of speech is about.
As evidenced by the fact that the Internet still works with Cloudflare on it.
Seriously, they're one of the biggest restrictors of speech.
Child porn? Drug markets?
What about drug markets? There will always be demand for it, for many reasons. You simply cannot stop demand.
Have a good read: https://academic.oup.com/book/2163.
I agree with you. My point is that one persons “arbitrary restrictions” is different from somebody else’s.
Classic "what about the children" fallacy
Not at all. The comment I was responding to said the internet doesn’t work with ’arbitrary restrictions’.
Let me guess. Parent poster doesn’t consider child pornography an ‘arbitrary restriction’. Who decides what is an ‘arbitrary restriction’?
I propose we let a country’s government decide what is a reasonable restriction, not an American corporation. In this case, the Italian government.
No, we should not let the Government to meddle in people's business at all. Have we not seen enough about the awful consequences of Government intervention? We need less nanny states, not more.
Well again, when does “meddling“ starts and when does “provide good conditions for a thriving civilisation” starts. I think I want the government to chase criminals. Although I agree that movies piracy is really low on my list of priorities when it comes to criminals.
But instead of DNS they should actually simply delete the files. It’s so simple, yet no one does it. All these forums host the files (except torrent) on some server. In general, the providers serving the file will happily delete it if asked to, they don’t want to host illegal stuff.
Example:
https://www.spiegel.de/netzwelt/netzpolitik/sexueller-missbr...
Piracy is low on my list too, but so are people who do drugs as long as they do it at home[1], responsibly, so called productive junkies. Child porn is indeed high on the list, though.
Honestly, in the US, obesity is probably the number 1 factor for all sorts of illnesses and expenses, yet we do not restrict people's food, we leave it up to them, in fact, recent trends are all about how it is OK to be obese, so why care about someone unwinding after a long day of work with weed, not harming anyone, and not being a burden on the healthcare system (unlike the obese)?
You can replace weed with heroin, too, FWIW. Kratom is an alternative (illegal in some states by now), of course, but it is less clean than heroin, but this discussion is for another day.
As for the rest, I agree nevertheless.
[1] Not to be confused by people who re-use needles, litter the city with their bullshit, aggressive, stink, and so forth. My girlfriend lives in LA and she is constantly afraid of them (as she should). Many of them probably have untreated schizophrenia or something, too.
In the parts of the EU I've lived there is plenty of dietary paternalism, from banning sugar in schools to mandating that products carry "nutri-scores." It's not very controversial either.
Neither of those things are addressed by DNS poisoning
One tool in the toolbox.
FWIW I don’t agree with this law. But I also do t think it’s up to American corporations to decide what laws to comply with.
The UK literally requires DNS providers to do poisoning via Cleanfeed by law for child pornography.
The point of Cloudflare is that it's widely available and that your customers can connect to it. Italy could block Cloudflare access to Cloudflare for its citizens, which would make non-italian CF customers who have users in Italy extremely unhappy.
Imagine an American SaaS company that uses Cloudflare CDN to distribute their assets and tunnels their traffic through CF for DoS mitigation. That company has paying customers in Italy. If Cloudflare gets blocked, that company's software no longer works in that country. They have a choice between switching to a different provider (which will make Cloudflare lose money) and telling their Italian customers to go away (which they don't want to do for obvious reasons).
Considering how much infra actually relies on CF, Whether the Italian government would actually fight that fight is a different matter entirely. Sometimes centralization is a good thing.
IMO, a far more interesting question is what would happen if Italy asked CF to block some content worldwide.
CF blocking a whole country like this would be interesting... basically half the internet would stop working, probably a bunch of italian government stuff too, and people would hopefully blame the government, because i'm pretty sure there are almost zero italian voters who wanted this from their representatives.
Sadly, companies bow down instead of just risk it once.
In fact, Italy DID block Cloudflare within the country at one point, and a bunch of people DID blame the government, and the government undid it.
I'm told Italy is a hotbed of corruption and they only undid it to save face.
Are you suggesting that it is a good thing for corporations to be more powerful than governments?
Yes, it is a good thing governments do not have absolute authority over whatever they decide and have to follow laws protecting the rights of people who own corporations, like not having to censor one set of people because another set of people paid a lot of money so they can continue exploiting the public with outrageous licensing laws.
The correct response to piracy is to make your content more conveniently available to more people, so it's easier to get it through an authorized channel than through piracy. The people doing the sales want to arbitrarily pick and choose, imposing artificial scarcity, hoarding massive collections of copyright licenses, and exploit markets with outrageously inflated prices that only ever enrich the lawyers and centralized rights-holders groups, and somehow rarely ever enrich the people who create the media. And because that money gets pooled by lawyers and corrupt do-nothings, they spend huge amounts on propaganda and outright corruption of politicians to push laws like this.
Why would they be more powerful than their governments? It's the government forcing them to ban (or else, the fines), the government is in a position of power here.
The people on the other hand should demand their government to do what they (the people) wan't, and yes, people should be more powerful than the government, even if it's something like a piracy dns ban.
> basically
> probably
> bunch
> hopefully
> pretty sure
> almost
What are you trying to say?
They're all from the post I was replying to, once I realised how meaningless the post was because of all of these, I gave up taking it seriously
I'm not going to say that this is necessarily true, but why even post anything if you're going to waffle that much?
CF down means an unclear but sizeable amount of the internet down, so “basically half”. There’s no info on CF usage by government, but “probably a bunch” is a realistic guess. Voters opinions vary, but there are chances that they see that blocking is unreasonable, so “hopefully almost no one”.
It’s a post with all the proper quantifiers and hypotheticals, which demanding people will demand the other day due to overgeneralization.
The EU companies make payments to Cloudflare, and these could be confiscated. Also any staff in Italy is in danger.
The question clearly stated the assumption that there is no staff in Italy. Also the payments cannot be confiscated unless they are made to Italian banks, which makes no sense if they don't have a branch there, so if the payments are made to US, there is no way to confiscate by the Italian authorities.
Presumably italian courts could seize payments made by italian clients of cloudflare, yes? Even if the account is located well outside of italy, the owners can be compelled by legal means.
(To some degree of effectiveness, to be sure. But I have a hard time imagining there are no clients registered in italy at all.)
The payment is done, money is at Cloudflare in a US bank, Cloudflare takes it and move it somewhere else. How do they seize it? The money is gone and it's not coming back.
Assuming the client is an italian company, as would make sense in this thread, they would issue a court order compelling the corporation to comply with domestic law or get fined (or worse, idk, this is all speculative). Presumably the ask would be handing over control of the client's bank account for the needs of the court fulfilling its duties moving forward from the court order.
Edit: corrected mistake about whose account would be within the court's grasp.
It's more simple, imagine Cloudflare is used to show pedophile content, and refuses to remove it. Then the solution is to cut access to Cloudflare.
That's the logic here. It's not about whether they have offices or not, but whether they are distributing content to users in Italy.
There is always a local relay or ISP in Italy that offers access to Cloudflare, and this relay can be coerced into blocking Cloudflare.
Of course 1% of people may be able to access otherwise (for example, via Starlink or VPNs), but the objective is to block 90%+ of the traffic, so Cloudflare reconsiders following local laws.
The "refuses ro remove it" part is not even necessary. I run a large cloud storage site, and like all cloud storage it sees some abuse. I have set up a few processes to detect and remove child abuse content.
At some point the Police in Italy found some abusive content on my site. They did not inform me, they did not report the files. Instead they just blocked the whole site with a large pedophilia warning.
I have been trying to get in contact with the Italian police for months, but there is no working email address on any of the sites, and the people on the phone only speak Italian. It's a pretty hopeless situation.
Connections to foreign computers are not subjected to regulation currently.
> Connections to foreign computers are not subjected to regulation currently.
Italy has banned access to Deepseek a couple of weeks ago. Is that different?
That is a big 'if' though. Don't CDNs work by having equipment in every country so you don't have to?
They can peer with large local providers / exchanges and rent some of their local storage capacity without owning that equipment, and without having corporate presence in Italy. (You don't have to be German to rent a Hetzner server, do you?)
That's enough of a corporate presence. Whatever they have in Italy can be shut down. You don't get to not follow the law just because you're buying from a vendor.
Enough to shut down by ordering that the local providers stop providing service to Cloudflare; likely not enough to sue Cloudflare proper.
Not a big difference for the customers in Italy.
> If Cloudflare had no physical machines, employees, and property within Italy's borders, under what law could Italy levy a fine?
https://blog.cloudflare.com/rome-data-center/
They have two data centers in Italy.
In term of jurisdiction, global companies tend to have physical machines, employees, and property that is spread out globally. If its not branch offices, it is equipment and remote workers. Cloudflare specifically has a branch office in Portugal and England.
Many many years ago there was a case, when youtube showed school bullying video from Italy, in recommended content, for several weeks.
If I remember correctly, Italy criminally charged some YT execs, and asked Interpol to get them.
Imagine an American defrauded a bunch of Italians remotely from America and then when Italy tried to extradite him he claimed that he had never been to Italy so their laws couldn't possibly apply to him. That would obviously be absurd. And similarly since Cloudflare engages in business transactions (albeit remotely) in Italy they must follow Italian law regulating such transactions.
Unfortunately, even if we ignore the fact that Cloudflare probably has many Italian customers, there are other ways they can interfere with Cloudflare's services, such as by blocking their IP addresses in the country. It wouldn't be the first time this has been done by European ISPs, sadly.
Is that a problem for Cloudflare or with Italy? In the end, can Italy break Internet or can Internet cut off Italy? It is a theoretical question, I wonder how much control countries can have over a non-country level concept as Internet. The jurisdiction question is very much the point, does Cloudflare or Google provide a paid DNS service to Italian clients and the contract is regulated by Italian laws or it is a universal and free DNS service that Italy cannot regulate?
Italy already blocked Cloudflare once. The Mafia (seriously, it's thought to run a lot of these legal sports things) is a more powerful force in Italy than working internet.
> If Cloudflare had no physical machines, employees, and property within Italy's borders, under what law could Italy levy a fine?
I assume they have _customers_ in Italy though? If so, they [cloudflare] are doing business there.
If they have no customers in Italy, then yeah… no clue.
What do you mean what law? See the court case, they've issued it and so they can either pay it or see what Italy wants to do about it
If you get a speeding ticket in North Korea and fly off before it arrives at the car rental, you can ask what law the rental is going to use to get the money from you abroad. You can not pay and choose to never visit the country again. In Cloudflare's case, however, they probably want to continue doing business in that market so just fleeing with the money is not likely the most profitable option for them
There's tons of international cases if you want to know more. It's also a common (to the point of trite) discussion point about GDPR saying it applies globally. Obviously it doesn't unless the non-treaty country lets an EU/EEA country enforce it (I am not aware that this ever happened) if the fined party does not care to continue doing business in the EEA
I'm not sure North Korea is a place you'd make a car rental, but this is now 99% of car rentals work:
1. You agree up-front in the contract with the car rental company that you will pay for all fines, parking tickets, etc. you might incur during the rental. You agree ahead of time the rental company won't waste any money defending you, arguing you didn't do it, and will instead pay the whole fine immediately and pass it on to you, and payment will be automatically taken. You always agree this because otherwise they just don't rent the car to you.
2. You incur a fine.
3. The authorities fine the owner of the vehicle, which is the rental company.
4. The rental company immediately bills you for the fine, converted to the currency you paid them in, using your payment details, and they add an extra administrative fee as well.
5. The rental company pays themselves and the fine-issuing authority with your money.
Indeed this is how it generally works with rentals. GP’s situation can just be reframed as “you get a ticket handed to you for [any small infraction] and leave the country without paying”.
> The rental company immediately bills you for the fine
...just to find out the card is blocked :)
You can get away with that once, but the downside is you can't rent a car again (from that company, and possibly other companies if they share information about fraudsters with each other)
Is all that folks "Why is Europe like that" from US? In that case, remember that TikTok is going to be banned because it is destroying US social networks business. On the contrary, this is an official order after the proof of copyright infringement, and targets the specific devices that are attached by people here in Italy on their TVs to stoke content (pezzotto).
It's not single people that go watch some streaming, it's a criminal organization that resells copyrighted content like footbool, F1, ... and make the customers pay (less than Sky of course). This is stealing.
Banning TikTok from the U.S. is really just banning them engaging in financial transactions in the U.S. Asking Google or whoever to poison DNS in a country is a whole different technical ball of wax. The two are not comparable. One difference is that ByteDance won't attempt to engage in financial transactions in the U.S. because doing so would create a diplomatic crisis and anyways it's not easy for a company of that size and with that much business to evade sanctions like that. While the pirate will and can just due to their small size and their ability to set up new bank accounts, which is why countries try to block pirates in the network rather than in the financial system, but blocking them in the network is pretty difficult, and blocking them in DNS -DNSSEC be damned- is basically the easiest way.
The US ban banned app stores from providing their free applications, which is just as much as a technical choke point as DNS and nothing to do with financial transactions.
That sounds much better than DMCA takedowns for sure. But many of us are against the current copyright regime itself. The ridiculously long duration of copyright ensures that nothing culturally relevant goes to the public domain. For things that are relevant, the weaponization of copyright laws takes away our ability to own what we bought and paid for. There's even a common saying that "if buying isn't owning, piracy isn't stealing."
> TikTok is going to be banned because it is destroying US social networks business
Didn't Europe ban Russia Today and other Russian state sponsored media?
Those never were real media though and they didn't even pretend anymore.
Officially it was banned as a part of the economic sanctions but being a part of their war machine would have been enough of a reason by itself.
And what do you think tik tok is? It's a similar service exerting propaganda on the populace at china's algorithmic control.
For now the Russian media and Twitter have worse influence on democracy than Tiktok ever did.
You're not thinking like a politician - you're thinking like the point is to maintain democracy etc. Russia Today will never tell people there's a genocide in Gaza, while TikTok does tell them that, so the latter is much more dangerous to politicians.
I don't know why politicians have this weird attitude towards Gaza, but they do.
Also, the propaganda on Russia Today supports strong governments, so your job as a politician will be safe even if they swing the next election. The propaganda on TikTok does not.
> Russia Today will never tell people there's a genocide in Gaza, while TikTok does tell them that
Well if RT was banned for other instances of disinformation, then Tiktok should absolutely be banned for this one.
That isn't disinformation though? The disinformation in that case is the one being pushed by Western politicians.
The propaganda on RT is of a completely different nature than the propaganda on TikTok.
It's copyright infringement. That's the only correct word to use. (Stealing is a wrong word because it implies physical scarcity)
What does it matter what nonsense we in the US do? The Italian law is well-made and justly-carried out, or it isn't. Personally, I am happy to condemn my own government for its many failures.
The TikTok ban is about Chinese Communist Party brainwashing our teenagers, spreading propaganda, and stealing Americans' personal data. It was never about protoecting facebook or twitter.
TikTok is a legitimate national security concern.
In the EU, I'd rank it a lower national security threat than Twitter or Facebook, by far.
And seeing what's going on in the US now, I'd maybe have the same analysis for the US.
China doesn't consider EU it's primary advesary/competitor either though. They have a lot more incentive to use it against the USA.
But it is a threat and all of those threats should be dealt with .
All threats aren't equal. I'm more afraid of Twitter and Facebook, where there's tons of official government presence.
How? It might expedite intel gathering and psychological warfare to an extent but let's not pretend China doesn't have agents inside of all of the "friendly" platforms already.
Because China can control what gets recommended to TikTok viewers and actively brainwash them. Even if it does not work on all people that's enough to be a security concern.
So is Facebook and Instagram.
We’re only talking about banning the foreign one.
Also, by that logic, all publishing is potentially a “national security concern”.
Banning /foreign/ influence and propaganda? Why would a country want to do that I wonder?
We should bring back RT while we're at it then eh?
Yes. Human rights to free expression don’t end at the border, and are not contingent on citizenship.
If you only believe in human rights for passport holders, you don’t believe in human rights.
Furthermore, if you think your enemies having the right to publish whatever they like is a national security threat, you don’t believe in the nation or its founding principles as outlined in the US constitution.
State censorship is much more of a national security threat than foreign propaganda.
I think a lot of people don't consider the implications of foreign powers acting against their nation, not a corporation in that country but the actual government using it's vast resources to undermine other countries.
That Facebook/whatsapp/instagram arent ‘foreign’ is an illusion. They are controlled by the same entity, the capitalist elite.
Am I correct in recognizing this as a new low, or is there a prior example for such a demand?
Right there in the article:
"This decision follows a similar case against Internet backbone firm Cloudflare. In January, the Court of Milan found that Cloudflare's CDN, DNS server, and WARP VPN were facilitating piracy. The court threatened Cloudflare with fines of up to 10,000 euros per day if it did not begin blocking the sites."
That’s hilarious to me suggesting that DNS can facilitate privacy.
What about the people who own the copper that’s transporting the piracy? That actually seems like it’s more of a direct link than DNS.
Disintermediation is the name of the game, and they won't stop because there's money to be made.
A Spanish judge ordered blocking of Telegram for the same reason.
https://medium.com/enrique-dans/why-blocking-telegram-in-spa...
It was reversed quickly on complaints, though.
Yeah in fact it never even happened. I set up some MTProto proxies for some of the communities I engage in but it was never actually needed.
It was exactly 1 year ago, I know because I ordered some domains for the proxies and I just got the final reminder.
Sony sued Quad9 in Germany back in 2021 and won an early injunction[1], however Quad9 successfully appealed[2]. Interestingly, Sony is now going after them in Italy according to that second article.
[1]: https://torrentfreak.com/sony-wins-pirate-site-blocking-orde...
[2]: https://torrentfreak.com/dns-resolver-quad9-wins-pirate-site...
No, states fuck with DNS all the time; it's probably the single most legible control point on the Internet for governments.
ISPs being asked by the government to block sites at the DNS level is very common.
Why must the Europeans be like this? Why do they insist on fucking with a free and open internet instead of addressing the apparently unmet demand that is fueling a black market?
For one simple reason.
If the US wants some content gone from the internet, they (usually) have enough might to make that happen.
Most major tech companies are registered in the US, and can be ordered by a US court to stop providing services to pirates. This notably includes most major DNS registrars, reputable ad networks and major payment processors.
There's no point in blocking a website if you can just boot it off Visa, or force it to show penis enlargement / shady gambling ads or malware popups to survive.
Even if a website miraculously has no US links to exploit, there are extradition treaties, good relations with foreign law enforcement, control over the financial system, or even international sanctions if the situation gets dire enough.
European countries are far less powerful here, especially when they act alone (as they usually do in these matters) instead of doing it under the auspices of the EU. Site blocking is often the only remedy they have.
The US has an opposite problem with scam calls. Because there are so many English speakers in India, and Indian law enforcement largely doesn't care about scammers as long as they scam foreigners, there's little the US can do about the issue. European countries whose first language is not English have it much easier, as there's often no third-world country that speaks the same language and where the scammers could be recruited from.
> If the US wants some content gone from the internet, they (usually) have enough might to make that happen
There are plenty of states in the US that enacted age verification laws for porn sites. Every single one of the porn sites that are not hosted in the US just ignored the laws. I live in one of those states
This just proves my point, individual states are nowhere near powerful enough to demand those sorts of changes.
If this was a federal law (and one that the government actually cared about enforcing), it would be a different matter entirely. Case in point, all the crypto services that make themselves unavailable to AMericans, even if they have no direct links to the traditional financial system, much less American banks.
I disagree.
Site blocking is the lazy solution favored by bureaucrats who don't understand technology and as an easy way out for their tech companies from having to adapt to what the people are demanding (and getting from the black market instead). If the streaming services refuse to offer what the people want, then the people will bypass them.
What piracy has the US government ever stopped? The pirate bay is up all the free movie tv.com sites are up
The US pressured the Swedish government to close Pirate bay, sieze its servers etc. Tried to shut it for the whole world.
This is the country that banned Tiktok, inacted the DMCA. Apparently the US has blocked 1.2m websites since 2010. They sieze domains, sieze servers. They stop payment companies working for the sites.
Please, do not confuse Europeans with the entities taking such actions. I know of nobody supporting such draconian measures. However, the government, the football league and the guys taking decisions at agcom (which in the past has been a serious and respected agency for the battle he took with tech companies) are, quite apparently, banding together to make the football league will become reality above anything else
> Please, do not confuse Europeans with the entities taking such actions
Both Spainish and Italian governments created laws for which these companies are going after Cloudflare. Europeans elected them and work in those governments and courts.
Expecting large companies in any country not to have lawyers figure out how to use and abuse this stuff is pretty naive. Heavy regulatory environments are very popular in Europe and just like America they almost always benefit/protect entrenched powers while being sold (and defended online) as necessary to protect the small players and upstarts.
The internet has been warning about the risks of excessive anti piracy laws being anti-open internet for as long as I remember.
While I generally agree that one should not conflate private individuals with the actions of their government, I do think it is fair to hold people who live in democracies responsible in a general or aggregate sense for the actions of their elected governments.
In other words, I think it is fair to say that Italy pulls shit like this because enough Italian voters want it to happen or otherwise let it happen.
Heh, I partially agree with general politics, however actions like this are so distant from the average Joe that the chances are they do not even know the pros and cons of similar actions. One might argue that they can get informed, but once you get into technicalities like this, one should spend its entire free time getting informed on similar issues. I see a lack of general discourse about this - in the past it happened to have some Google drive urls blocked if I'm not wrong - because it is not perceived as an issue unless something big happens that (such as drive not working)
You also have to add the fact that this issue goes relatively "unnoticed" compared to other issues that are perceived as much more important
> I do think it is fair to hold people who live in democracies responsible in a general or aggregate sense for the actions of their elected governments.
Are you american? Should you be held responsible for Trumps' and Musks' actions?
I am American.
I did not vote for Trump and I think he belongs in prison. I am not responsible as an individual but as an American I do accept that elections have consequences that we are all collectively responsible for. Sovereignty rests with We The People.
The Democratic Party lost a crazy contest to a crazy man and honestly I'm even more furious with the Democrats for losing an election that they had absolutely no business losing than I am with Trump right now.
Regardless, my point was more that the Europeans seem to delight in their heavy-handed regulations and obnoxious court orders rather than address the real issue of why people feel the need to go out of their way to stream sports events via the black market or rolling up their sleeves and providing compelling alternatives to all of these big bad American tech companies they love to hate but can't stop using.
Europeans consistently support a regulation regime that routinely pushes absurd tech policy. It sounds great to normies so it goes unresisted. But it's a complete fucking nightmare for anyone trying to actually build+ship anything.
The DMCA is a complete nightmare for Europeans trying to ship anything in the US. The US control over the payment industry is a complete nightmare for Europeans trying to ship anything anywhere.
[flagged]
I am not sure if I'm understanding what you're saying. Anyway.
What I am against is equating leader's behavior and people's behavior. It's not a nazi Germany situation where the people supported this action, it's a situation where most people don't know about it, and those who know are probably against it. It's such a minor issue that until something very big will happen and go on the news, nobody will care about it since people are mostly trying to make a living without much thought about what happens outside their garden
> It's not a nazi Germany situation where the people supported this action,
Um, you do know that a good chunk of the logistics involved were about hiding what was going on so that the populace wouldn't object, yes?
Ursula v.d. Leyen, the president of the European Commission, is not voted by the EU people the same way the US president is for example, she's appointed by the European Parliament's own elections who act sort of as a middle man.
So in that regard no, we don't have elected leaders, since Ursula, the de-facto EU leader, makes giant trade and political deals in our name, like regarding Covid and Ukraine, but none of us here voted for her, nobody likes her, she's been incompetent as German politician, she's incompetent and corrupt as an EU politician, she's been groomed since youth for this position due to her influential family, and yet we can't vote her out if we don't like it since we didn't vote for her to begin with.
So when someone you didn't vote for has sovereignty over you and your country, I'm not sure how people can look at this and say it's a democratic arrangement. Do you think a privileged upper class politician from Germany has any clue about the impact or struggles of the average citizen in say, Bulgaria, when she makes decisions for the whole EU?
I think there’s a balance. It’s too easy to say “let’s not regulate anything, they could exaggerate”, it’s intellectually very comfortable. Germany blocked some putin disinformation site for example, and they were right in my opinion.
Lol.
Operation Choke Point. MasterCard's (secret) list of banned terms. FOSTA/SESTA
The US has literally never had a free and open internet and has exported much of their toxicity.
> Why must the Europeans be like this?
because europe is pro-socialism/communism and anti-liberalism.
You are presenting that the Internet is free and open when it is very clearly not.
If there is ONE thing that needs to be decentralized RTFN, it is DNS.
It's taking time, but the thugs in charge in various countries are slowly coming to realize that the easiest place to apply censorship is DNS because of its antiquated design and pervasiveness.
One: you should be able to freely choose or name-to-IP-translation provider.
Two: modern DNS should run on top of a trustless blockchain infrastructure.
Namecoin was a very nice initial attempt, it's really sad it never took off.
To some extent it is decentralized is it not? Other than a small list of who serves which TLD you should be able to find the canonical nameserver for any domain.
It should be more normal for people to have a DNS running locally perhaps.
> To some extent it is decentralized is it not? No. Everything relies on the root servers, as recursive servers rely on them.
But you can run your own root servers.
And what good does that do?
Prevents some MITM attacks. You can also run your own TLDs where the registries are public enough.
You are already free to choose your name-to-ip provider - there are many DNS servers, you can even run your own
We all want the same view of the Internet and the Domain Name System, do we not?
If so then that entails centralized registries and registrars.
Perhaps what you have in mind is that the registries should be published, including incremental updates, "on a blockchain" so that we can all run our own authoritative DNS root, TLD, and ccTLD servers. You don't need a blockchain for this unless you want people to be able to register domainnames without registrars to mediate the registrations.
Disintermediation of domainname registration might be a worthy goal, and it would help people run their own servers if it meant that registries were public (i.e., iterable, including ownership metadata). But you know that's going to be hard for governments to accept that insist on knowing who the domainname owners/operators are. But you don't need this in order to be able to run your own DNS authoritatives to avoid censorship: if they are public (available for download) just download the various TLD zones and serve them to your devices!
Or, if you don't care for us all to have the same view of the Internet, then.. well, I don't think that would be a good thing. You might send me a link that I can't resolve unless you tell me what DNS you're using so I can switch to it, but switching to it might break other things -- in the worst case you we might not even be able to communicate which DNSes to use in order be able to communicate! That would be terrible. So on the whole IMO we just have to have a centralized DNS and we can only hope to defeat the DNS censors by sidestepping the operators' servers that the censors will rely on -- you might as well just use a VPN.
Oh, and of course you know that nation states won't allow operating systems to have DNS censorship bypass functionality pre-installed, so most users won't know how to do it and won't do it.
Why is Europe like this? I feel like this is what happens when you have a region that can't innovate and only knows how to regulate.
Innovators cease to be represented at the government level and the general public equates regulation with safety. The result is an increasing amount of absurd policymaking related to technology.
Is there any offering you think should be blocked? Or do you think everything should be allowed? Child porn, disinformation attempting to destabilise a democracy, …?
Are you seriously saying he‘s a child predator because he thinks the EU poisoning DNS is bad? And are you actually equating child abuse with “disinformation attempting to destabilize a democracy”? What democracy? What disinformation? What relevance does either of these things have to do with some guy not paying money to watch football?
I really don’t understand how my comment can be interpreted like this in good faith.
I asked if parent doesn’t think that there might be urls that should be blocked, for example sites serving child porn.
DOH is your friend. My regime poisons DNS and enabling DOH makes things accessible again.
Serious question: how is DoH supposed to help when the resolver itself is being asked to return bad results? DoH makes sense if something is MITM-ing your DNS requests, but it sounds in this case that Google is being asked to just straight-up return bad results?
It would not.
You'd need a resolver that was provided by a foreign organization, preferably a non-profit, with no business interests in your country whatsoever, so that your government had nothing to threaten them with if they didn't comply with the order.
Such a resolver would also need to be the default shipped with at least one major browser, such that blocking it would essentially mean "turning off the internet" for some users.
Then the pressure would move to forcing browsers to use a different DNS resolver, and the game would continue.
DNSSEC is the actual solution, providing authenticity and integrity for DNS records. The DNS client can verify that the received DNS response is what the zone admin intended. Additional records (NSEC / NSEC3) are used to provide a proof of non-existence, preventing suppression from a mitm attacker. But if your government is mitming you, you don't want them to see you use DNSSEC. DoH is useful in that case, because a mitm sees only https traffic, which is less suspicious than DoT.
DNSSEC isn't going to prevent suppression, it just makes it detectable. Cloudflare is still going to send you a doctored record - which will fail verification. But that doesn't magically give you an undoctored record, unfortunately.
I think the actual reason this works is because if you use DoH, you are probably also setting your resolver to something other than the default, which might not be poising the records.
So the real answer to governments requiring dns resolvers to censor results is to ... not use those resolvers. which is actually relatively easy to do. But most internet users don't even know what a dns resolver is, much less how to configure their browser to use a public resolver that isn't big enough to attract the attention of your government.
DoH some other resolver, there's an internet outside Google, you know.
Exactly. In a world of many resolvers, poisoning a few doesn’t matter. In all likelihood the folks consuming these streams aren’t using mainstream DNS anyway.
DNS is usually poisoned at the ISP level. ISPs provide DNS for the customers. DoH helps in two ways: You choose a different DNS resolver and it's over HTTPS so you don't have any goons meddling with it.
[flagged]
If we wouldn’t do that for Russia, which I suggested years ago and was massively dragged for it on HN, then why would we do it for Italy? I don’t agree with poisoning DNS, but there are way worse things happening on the internet that we don’t disconnect whole nations for.
Then do it for Russia too. I also don't care if I get "dragged" for suggesting it. Capitulating to poor leadership is enabling poor leadership and the world is in a bad state because of it.
Literally the only reason it doesn't happen is because there's too much money to be made for people who are not you and me.
Frankly if it did happen, someone would bridge it and I'm sure that rogue bridge ain't gonna be poisoning anything. They'd be a hero and a broker.
The fact that Russia is still connected to the Internet is a thorn in the side of a lot of anti-piracy efforts because pirating western content is legal there, as far as I understand it.