Internet

Circumventing SOPA is as Easy as Installing a Browser Add-On

|

Circumventing the website blocking mechanism proposed by the Stop Online Piracy Act (SOPA) is as easy as adding a browser extension. Via Andy Greenberg at Forbes:

While Congress has postponed the second half of its hearing on SOPA until next year, a developer named Tamer Rizk has been busy building an add-on for Firefox called DeSopa, which aims to give any Firefox user access to sites that SOPA's copyright protection measures have blocked. "This program is a proof of concept that SOPA will not help prevent piracy," reads a note including on DeSopa's download page. "If SOPA is implemented, thousands of similar and more innovative programs and services will sprout up to provide access to the websites that people frequent. SOPA is a mistake. It does not even technically help solve the underlying problem, as this software illustrates."

DeSopa takes advantage of an blatant weakness in how SOPA's controversial filtering mandate would function under the current version of the bill. The new copyright infringement regime would allow editing of the Domain Name System, the registry that converts websites' domains (like Google.com or Yahoo.com) into an Internet Protocol address (like 74.125.157.99 or 98.137.149.56). When you type "Google.com" into your browser, your computer communicates with DNS servers that convert that name into an IP address. But type the IP address directly into your browser, and it works just as well.

Since SOPA would lead to editing American DNS servers' IP lists to insert errors for sites deemed illegal, DeSopa simply checks with foreign DNS servers to find the correct IP address and navigates directly to whatever blocked site the user enters. To avoid incorrect IP addresses in those foreign servers, the program even checks domains with three DNS servers and grabs whichever IP address has at least two agreeing answers. 

As currently envisioned, SOPA looks like a stunning anti-success: Not only would it undermine core elements on the Internet's architecture, it wouldn't stop much piracy. Indeed, as Greenberg points out, it would probably make the Internet substantially less secure:

Just because SOPA's DNS censorship can be defeated, however, doesn't mean the bill won't damage the Internet. Engineers have been warning Congress that monkeying with DNS will make it impossible to implement DNSSEC, a new DNS protocol designed to prevent DNS spoofing attacks that hijack users' browsing and take them to untrusted sites even when they enter the domain of a trusted one.

For a infuriating sense of just how clueless and careless Congress is when it comes to regulating both technology and speech, it's worth reading this open letter opposing SOPA and its sister legislation, PIPA, from 83 Internet engineers and inventors. Here's a sample:

The current bills—SOPA explicitly and PIPA implicitly—also threaten engineers who build Internet systems or offer services that are not readily and automatically compliant with censorship actions by the U.S. government. When we designed the Internet the first time, our priorities were reliability, robustness and minimizing central points of failure or control. We are alarmed that Congress is so close to mandating censorship-compliance as a design requirement for new Internet innovations. This can only damage the security of the network, and give authoritarian governments more power over what their citizens can read and publish.

The US government has regularly claimed that it supports a free and open Internet, both domestically and abroad. We cannot have a free and open Internet unless its naming and routing systems sit above the political concerns and objectives of any one government or industry. To date, the leading role the US has played in this infrastructure has been fairly uncontroversial because America is seen as a trustworthy arbiter and a neutral bastion of free expression. If the US begins to use its central position in the network for censorship that advances its political and economic agenda, the consequences will be far-reaching and destructive.

The good news is that as opposition to the legislation, led by folks like Democratic Sen. Ron Wyden and Republican Rep. Darrell Issa, has swelled, it's been put on the back burner in Congress, with a vote delayed until sometime next year. 

Read my previous take on how SOPA would break the Internet without stopping piracy here

NEXT: Ron Paul Ugly, Racist Newsletters Not Going Away, But Do They Invalidate His Candidacy?

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. SOPA has nothing to do with actually stopping piracy. It is about giving the government and Hollywood the power to harass people they don’t like.

    1. Yep.

      The republicans should declare war on IP overreach. It’s a classic example of crony capitalism that everyone hates and it primarily benefits flaming liberal assholes.

      It’s a rare case where political venality can lead to freer markets and more personal liberty.

      So of course the stupid party won’t go there.

      1. The reason they won’t go there is because every single social conservative wants to use this as a way to crack down on “indecent material”

        1. The reason they won’t do it is because nobody wants to be the politician who crossed Disney.

          1. There’s more in the tunnels of Disneyworld than Walt’s frozen body.

  2. reposting:
    Here’s a list of companies and organizations supporting SOPA.

    http://gizmodo.com/5870241/pre…..orship-law

    Not sure why some of them seem to support it since it won’t really help them out.

    1. It looks like a large number of major media outlets are supporting censorship.

      ABC, CBS, ESPN, NBC, News Corp, among others.

      1. Well, in those cases, some people were streaming sports games onto websites without permission from the network. Like NFL games. On Sunday, you get 4 games… 1 in the morning and 2 in the afternoon or vice versa and 1 on Sunday night. Well, those day games are only available in regional areas. To get to see all the games, you gotta get the NFL Sunday Ticket through DirecTV only. Some people were pointing cameras at their screens or streaming directly from their laptops to certain websites so people could watch the games not offered locally and bypass getting the NFL package. So, it makes sense why these networks would be supporting it.

        1. The irony is that most of the piracy would go away if the NFL would break down and make the games more widely available on a pay basis. Why can’t I buy the Tebow game a la carte? Because the NFL says so. They say it would cut into profits, but I suspect the opposite would occur. Just look at how much people spend on iTunes.

          1. I wonder how much of the opposition comes from the NFL, and how much comes from the networks? I would think that the NFL would stand to make the most money, by streaming individual games on demand, but that would go against the best interest of their network partners.

          2. You have no inherent right to watch football games or own music or movies free of charge.

            1. If you’re gonna televise your games on regular networks, but only in select areas, that’s a pretty dick thing to do. And fuck you (not you personally) very much if you are going to show your movie or tv show free of charge on hulu or your website or wherever, I damn well should be able to watch it for free where ever I choose to.

              1. Well, here’s the issue. Networks usually have rights to show games a certain time. Since the Sunday games are on two stations and there are often 16 games on during the whole day, you cannot put them all on at the same time over 2 networks nationwide. So, each network gets a regional game. So, this week you get Dallas @ New England on Fox. Then next week you’ll get Denver @ Minnesota.

                there’s not really a way for you to watch all of the Fox games at the same time, except on the NFL Sunday Ticket. But some people did streaming. I don’t see how it personally hurts the networks, because they do get their advertising across, though I guess it is harder to track. Plus, many ads are locally based, so the advertisers don’t benefit from someone in Tennessee seeing an ad for a small company in New York.

                I digress. But what it boils down to more is the NFL. They want you to get their package. Don’t have DirecTV? Then go get it… blech.

                Personally, I have the NFL Sunday Ticket, and I love it and DirecTV. But I do think it is a bad move by the NFL, and it is expensive as ****!

            2. And there is no inherent right to a government granted monopoly over particular configurations of 1s and 0s in a digital signal.

              But, I digress. If we accept the premise of intellectual property being legitimate (as I implicitly did in my comment), that still leaves the question as to whether you’re following a sustainable strategy as regards protecting your IP. Apple found a way to do it with iTunes, but the NFL didn’t, so now they want another law.

        2. This goes to the greater issue of what government does. Instead of creating, and enforcing laws that punish those who violate property rights, government creates laws that try to prevent someone from committing a crime in the first place. They criminalize activity that could possibly lead to doing something wrong, even if that was not your intent.

          If SOPA becomes law, how long until the government enacts laws, which make it illegal to circumvent SOPA?

  3. The only way for governments to control the internet like they would like is to fundamentally change the way the internet is architected. I’m sure they’ll try to do something like that, but luckily, governments are filled to the brim with morons. They’ll just write retarded, easily circumvented laws.

    1. I can’t believe you said “architected”.

      1. “Architected” is perfectly acceptable computer geek jargon.

  4. Suderman, you’ve come so far with the alt-text. Keep it up!

  5. One benefit: DNS is a very weak part of the Internet.

    People don’t realize that the Domain Name System was invented as an ad work around to the problem of maintaining lists of which servers had which address on hundreds of computers.

    The modern system has lots of weaknesses, for example see the chaos that occured when Pakistan govt ordered youtube removed from the local DNS servers, and the system attempted to propagate the changes worldwide.

    SOPA will probably give impetus towards development of a proper decentralized system, and at that point it will be nearly game over for government control of the Internet.

    1. “SOPA will probably give impetus towards development of a proper decentralized system, and at that point it will be nearly game over for government control of the Internet”

      I love the idea that more control is leads to less; I see a homologue in governments health care legislation.
      -somethings got to give

      1. I think what he was saying is that the government saying they want more control over the internet is going to lead to people actively working to try and decentralize it even more in an attempt to keep governments greasy paws off of it.

    2. Ok maybe I am a technological ignoramus, but even things like torrents still eventually need some kind of main listing servers somewhere, I cannot see how any network system will work without relying on some central servers that contain the addresses to all the other machines.

      1. Life and technology will find a way

      2. A DNS system essentially takes a string (a sequence of letters) and returns a numerical address.

        All the computer wants is to have a place to submit the string and get the numerical address back.

        So you could have a number of independent systems that all maintain their own lists. There’s nothing to prevent the maintainers of list B from incorporating information from list A into their list. However, a modification on list B would not automatically be propagated to list A.

        Eventually, you would have a DNS that was popular with script kiddies, a DNS that was approved by MS, a DNS that was run by google, a DNS run by scientology etc.

        There’s still a way to do the SOPA censorship: if the govt ordered TELCO’s to block traffic to and from certain numerical addresses, they would probably comply. But, getting new IP addresses is pretty easy, and I thin it would become a giant game of whack-a-mole that would lead to a Balkanized Internet – something ttech companies do not want.

      3. Eh. You can change the DNS settings on your own computer. In Windows the name of the file is hosts. It’s just a .txt file that tells your computer when your IP resolver is looking for “foo.com” send them to 127.0.0.1 or some other IP address. Yes, there are some major servers, but it is fairly trivial to get yourself listed. The internet is built to be interrupted, so there is always (as of right now) a way to point your computer to whatever DNS list you want.

        The whole thing is built on trust. That reputable DNS hosts won’t point google.com to bing.com’s IP addresses. SOPA or other regulation could cause this to change. Hosts would have to decide whether they want to be reputable with internet users or the US government.

    3. It doesn’t matter how decentralized navigating the internet gets if government is monitoring everything on the backbones.

      1. End-to-end encryption and use a trustworthy method of obtaining public keys (PGP web of trust good; X.509-style central CAs bad)

    4. That’s my hope — that Hollywood will finally prompt pirates and cyberlibertarians to create a true decentralized internet. Because it will be much harder when it’s the security state that’s pushing it instead.

      Still, at the end of the day the entire process of transferring data needs to be anonymized, encrypted, and decentralized, efficiency be damned.

  6. To date, the leading role the US has played in this infrastructure has been fairly uncontroversial because America is seen as a trustworthy arbiter and a neutral bastion of free expression.

    Those were the days.

    1. Note that without the clarifying description “seen as” the statement, sadly, becomes false.

  7. These technical hurdles can be overcome now, but eventually the governments will get more clued up and it will be harder and harder to do so.

    If the moral and political argument by the SOPA people wins, then in the end will totally block all workarounds.

    1. This assumes the government works faster than the black market of tech geeks. I refuse to believe that until I see at least ONE example…ever.

      1. ^^THIS^^

        Most computer applications have cracks available before the application is even publicly released.

        There is no law or technology that won’t have a work around within 5 days of being released.

        Mark the tape.

    1. Essentially the causus belli from Singularity Sky a most excellent book about the hopelessness of governments trying to oppress technology.

  8. DeSOPA doesn’t even work with the new Firefox 9. Doesn’t the MAFIAAFire plugin do the same thing? Theres also alternative DNS systems.

  9. *but it looks like it works with Firefox 9.0.1

Please to post comments

Comments are closed.