

Danish Police Censor Google, Facebook and 8,000 Other Sites by Accident - websagir
http://torrentfreak.com/google-facebook-and-8000-other-sites-accidentally-dns-blocked-120302/
Censorship online is an emotive issue.<p>Some people believe that all information should be free and as adults it
======
rickmb
So when exactly are we going to wake up to the fact that governments in the
"free" West have over the past two decades implemented measures with respect
to freedom of information, communication and privacy that in the decades
before that we've consistently denounced as totalitarian police state tactics
when it came to communist nations?

The problem is not that the police made this mistake. The problem is that they
actually have the authority to do this in the first place.

~~~
anigbrowl
Actually the balance between private life and public interference has swung
back and forth many times in the US. Figures like Joseph Mccarthy and Anthony
comstock still loom large in American history, and people were still being
prosecuted for transporting obscenity across state lines through the 1970s and
1980s, even as we were winning the cold war.

Take a look at this paper examining obscenity law and computer networks, from
1997: <http://michaelguth.com/jurimetrics.htm> Note, for example, the case of
Louis Gugliemi, who received a 25 year sentence for interstate transport of
obscene materials in 1985. I don't know whether he made parole or not, but he
was unable to get a court to reduce his sentence; chances are that he has been
in federal prison from the late 1980s (after his appeals were rejected) until
quite recently. In fact, it's just about possible that he's still in prison.
It's unlikely he would be convicted today. Likewise, consider this 1985
submission to Attorney-General Meese's commission on pornography: [http://obu-
investigators.com/xuk/porn/meese/302-pornography-...](http://obu-
investigators.com/xuk/porn/meese/302-pornography-justice-system-
recommendations.htm) which proposed vast prosecution powers for governments to
stamp out pornography.

So while it's certainly appropriate to challenge governments' efforts to
police the private sphere, those efforts need to be considered in a realistic
context, not one that views the past through rose-colored spectacles. Overall
I'm inclined to think that people enjoy considerably more freedom nowadays
than they did a few decades ago.

~~~
nkassis
"It's unlikely he would be convicted today."

I don't believe that true. You can see a recent obscenity case here:
<http://en.wikipedia.org/wiki/Max_Hardcore>

------
yaix
I hope that all 8000 accidentially blocked sites will demand being paid for
damages. If each site gets a million in damages, it would be a nice reminder
for the governments world wide that censorship is a bad thing.

~~~
pavlov
I don't think a Danish court would order the Danish government to pay a
million dollars to a foreign company for damages due to mistakes made by
Danish officials. That's just not how it works in a small country...

~~~
oellegaard
Definitely not. Furthermore you _must_ be able to proof that you actually lost
the money according to Danish legislation, so you will have a hard time
sue'ing for millions of dollars for a short outage caused by an accident.

~~~
geoffw8
...unless of course you are Google, and actually lost out on a substantial
amount of money.

------
fluidcruft
The authorities are just going to end up developing a whitelist of high-
profile sites not to block. This is unfortunate because even high-profile
sites deserve to be subject to the same laws and levels of scrutiny everyone
else must tolerate. Once there's a whitelist mechanism law enforcement will
just be even more cavalier.

~~~
sesqu
From the article, it sounds like the whitelist is exactly what was blocked.

It may well have been a list of urls recently found baseless, in which case
there wouldn't be an override function ready, but the list was white.

------
feralchimp
> NITEC is responsible for maintaining a list of sites which they want to be
> made unavailable to Danish citizens. Each day the country’s Internet service
> providers retrieve the list and then apply DNS blockades across their
> infrastructure.

So that's already pretty weak, but then we find out it's implemented with a
_shared Windows folder_.

sigh.

~~~
sp332
The article says "retrieved" from a "folder". It doesn't even say whether it
was Windows, or on a server somewhere. It could have been FTP or something.

~~~
pdeuchler
"It could have been FTP or something"

And that makes it better?!

~~~
fraserharris
FTP is still the standard for file transfer in most large corporations. It is
as secure as other methods.

~~~
sp332
FTP has no security at all. Usernames, passwords, and data are all sent in the
clear, in plain text. <https://en.wikipedia.org/wiki/Ftp#Security>

------
Joakal
Here's a good read of how Denmark originally intended to censor child porn
went on to censor many other areas including piracy, sites that didn't pay
taxes, etc:
[http://ww.reddit.com/r/bestof/comments/nqytz/censorship_what...](http://ww.reddit.com/r/bestof/comments/nqytz/censorship_what_happened_in_denmark/)

------
orbitingpluto
Legally, there should be libel issues.

How many of your clients are going to continue to want to do business with you
when they come across a notice that you're serving child pornography off of
your site?

And on a DNS note, I always have at least two alternative DNS servers
memorized so that I can continue to get around when providers' DNS goes to
hell.

~~~
ukd1
The Google ones are easiest; 8.8.8.8, 8.8.4.4. You can get away with just the
first, if you're feeling lazy.

------
eblackburn
As a grad I accidently changed hundreds of mortgage expiry dates from UK to US
format (rectified immediately). Lesson learnt. Switching Facebook off for 5.5
million people trumps though!

~~~
DanBC
"Fat Finger" errors are surprisingly common in finance.

([http://ftalphaville.ft.com/blog/2007/03/16/3207/the-curse-
of...](http://ftalphaville.ft.com/blog/2007/03/16/3207/the-curse-of-the-fat-
fingered-trader/))

------
mvip
Haven't we had enough of these kind incidents to realize how slippery the
censorship slope is? Censorship is pointless. People who want to circumvent
the censorship will do so regardless. This just goes to prove that (by
accident or not) censorship will be abused.

------
guimarin
I don't understand why google or microsoft even doesn't distribute a list of
their IP addresses for their online properties with Chrome/Windows
respectively. That way you could get a pop-up that said, 'google.com is no
longer resolving, fall back on the hardcoded list?' Then a check-box for never
asking me again.

Google/Microsoft and other big properties could even push this out as a
'Security Feature' to prevent DNS spoofing attacks. I understand that that
would lead to banning of actual IPs by governments, but given the organization
of the internet, that is a bit harder than mucking around with DNS.

~~~
vegardx
You never want to hardcode anything like that. You use DNSSEC instead. Right
now the adoption is slow, but things are speeding up. With DNSSEC you would be
able to authenticate that you are indeed getting the proper DNS reponse from
your name servers. Combine that with SSL and you could be pretty sure that you
are indeed talking to the right Google. Now we just need some form of
fingerprinting like SSH has.

------
ypcx
"By Accident" - read: global government successfully tested internet dissent
suppression software in real environment and on real people. Small details,
like the laws allowing them to actually use it (or not, as in the case of
MegaUpload where they did not need it) will be provided soon. Mass media will
report that these laws "were applauded by the general public, which now feels
more protected from the threats of internet terrorism."

Self-destruction by greed is the dominant gene in the DNA of our current
economic system. Let's hope it proceeds smoothly, and doesn't take the planet
with it.

------
dendory
As long as they insist on breaking DNS there will still be easy solutions for
us geeks, like using caches local IP lists. Just hope they don't start
blocking actual IP traffic based on deep inspection.

~~~
vegardx
Why not just set up your own resolver? If they start to filter out root
servers they literally break the Internet, which is bad if you're in the
business of delivering said Internets.

------
smokeyj
I can hardly keep up with what's politically correct these days. Isn't
censorship for oppressive regimes and the sort? I thought Europe was supposed
to be progressive..

~~~
rmc
Don't believe everything you read in newspapers. US Left Wing newspapers &
media will cherry pick countries and places which can imply that the EU is a
paradise.

Reality is a bit more complicated and nuanced than that.

------
MattJ100
It begs the question what the list of 8000 "legitimate" sites is for...

~~~
strictfp
Maybe for the whitelist ( <http://news.ycombinator.com/item?id=3656682>)?

------
redridingnews
My concern, now that we know that it is THAT easy to block websites, I wonder
how many more sites can be blocked in the next couple of months due to
accidents. It is all automated, no human oversight after one guy presses the
button to censor. Especially if none of those 8000 sites file a charge.

------
orbitingpluto
As a total aside have you seen what teenagers post on their Facebook pages?
I've made comments to underage teenagers in my list that their pages are a
little sexually creepy.

I have my 90 day Facebook chip. FBA... someone has to make a site/browser
plugin for that.

------
vegardx
Good thing DNSSEC will put an end to all this madness with DNS-filtering and
spoofing. It's not working as intended and should never have been installed in
the first place.

------
Porter_423
Couple of days ago USA Government was trying to pass a bill in Senate named
SOPA and PIPA bills.And now Danish Police has been censoring Google,Face book
and 8000 sites?So what about freedom of information,communication and the
freedom of press?My question is "Is this was just an accident or they were
just obeying the order of their government?" If yes then it is surely a stupid
thing.

------
billybob
TL;DR - police in Denmark made a mistake that resulted in visitors to many
sites being told that the site is blocked for possibly having child porn.

\---

EDIT: Is there a guideline against 'TL;DR' comments? When I've written them in
the past, they've been upvoted.

~~~
billybob
Let's see, how much damage was done by this?

Each blocked site lost:

\- $X directly in business missed during those hours

\- The trust of users who believed the warning

If they lost these things by arson or slander, the perpetrator might be
punished. But since it was the government, they'll probably get nothing but an
apology.

Any justice system will have some collateral damage: standing trial costs you
time, money and reputation, even in a fair trial where you're declared
innocent. But since the damage is so real and sometimes severe, we should
REALLY force government to be careful how it applies itself. Warrants,
oversight, auditing, judicial review, etc.

No bureaucrat should have a "ruin this business" button.

~~~
vidarh
According to the article, it's a voluntary scheme, so presumably the right
target of a lawsuit would be the ISPs who chose to blindly trust this data,
not the government...

That's the way they're getting away with the lack of oversight: Make it
"voluntary" ("or we'll tell the press you support child porn", nudge, nudge)

