Reducing Phishing Up Times
Preventing Access to or Removing Content: Laser, Scalpel, or Saw?

Domain Shutdowns, Suspensions, & Seizures… Oh, My!


Internet_censoredCopyright Greatfirewall2Child
Images by poetography, opensourceway, isaacmao, Southworth Sailor

What do censorship, intellectual property protection, dismantling criminal botnets, identity theft prevention, and stopping online child abuse have in common? They all involve remediating actions that prevent user access to content or remove content entirely.

Judgments about access to content, of course, are highly subjective. You need only look at the debates over legislation (SOPA, ACTA, or CISPA), punitive actions (WikiLeaks) or state-sponsored control of communications (the Great Firewall) to appreciate that opinions vary and emotions run high whenever access to content is involved.

Why is Access to Content Controversial?

Much of the controversy surrounding access focuses on the motive, authority, or constitutionality of suppressing or removing content. But what’s often overlooked in these discussions is that the technical actions a security expert takes to prevent people from visiting malicious links, or the legal orders that grant officials the authority to remove a child abuse site from the Web, can also be used to suppress free speech.

In the first example, harmful content is identified, and users or their organizations choose to participate. In the second, law enforcement agents collect sufficient evidence to obtain a court order to remove a child abuse site. In the third, an action is popularly disputed on the basis that the content was taken down without consideration of a perceived human right.

Asserting or disputing the correctness of these examples requires an individual effort to distinguish between motive and actions. We must separate why an action is taken (e.g., to comply with a legal order) from how it is taken (e.g., taking Web content offline). We also must consider the actor (a user, a private enterprise, a government) and how the scope of the actor’s authority (domain) is defined and bounded.

Technical Consequences when Access is Denied

All this brings us to the consideration of some common technical consequences involving corporate datacenters, networks, and impact on users when access is denied. For example, when an enterprise blocks an entire Top Level Domain, it has a certain effect. When a sovereign nation chooses to take the same action, the impact is dramatically different. Much of the dialogue today about shutdowns, filters, blocks, seizures, and takedowns fails to consider the less-than-black-and-white context of the action. And this is what instigates such strong reactions.

Sorting through these issues is very similar to untangling fishing line. At this point, you may be asking, "What does any of this have to do with my day job as a network systems engineer?"

Beyond the possibility that certain business or customer communications could be hurt if universal resolvability were no longer assured, you may be interested because you understand how blocking works. You are either concerned or outraged that the same technique you’d use to block a phishing site can be used by a sovereign nation to suppress free speech and control the content you can access when you visit that country.

In the next installment of this three-part series, I’ll look at some familiar practices -- blocking hyperlinks or domain names -- in a broader-than-technical context to illustrate the different effects that motives, actors, and technical measures have on Internet users. In part three, we’ll look at the more complex scenarios, where the motives are controversial, the actions have more sweeping consequences, and the effects on Internet users can be unpredictable.

Photo by Modern Relics

Originally posted at The Champion Community 2 May 2012


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.