Hacker News new | comments | show | ask | jobs | submit login
ISPs Now Monitoring for Copyright Infringement (wired.com)
50 points by joshfraser 1696 days ago | hide | past | web | 44 comments | favorite

This is not even remotely a compromise:

"The plan does not prevent content owners from suing internet subscribers"

In other words, in addition to facing the risk of ludicrous damages, you can have your Internet access disabled, hampering your ability to find and communicate with a lawyer. Naturally, the Obama administration backs such a plan -- the thought of people actually defending themselves in court never occurred to them anyway.

"On the third and fourth infractions, the subscriber will likely receive a pop-up notice "asking the subscriber to acknowledge receipt of the alert.""

Hm, if I did this to communicate with my neighbors, I might go to prison. Nice to know that ISPs are not expected to follow the same laws I am.

I'm curious what "pop-up notice" means. I expect they simply mean a DNS redirect; anything more adds a whole new level of creepy (as if this plan needed more).

On the plus side, it's a good time to be in the VPN business. :P

I suspect that number of people using Tor to download their entertainment is going to skyrocket. Good news for cover traffic, of course, but without more exit nodes the network is going to be in trouble.

My impression was that this program will actually reduce the number of lawsuits due to copyright violations because it gives the Content Owners another avenue to enforce their claims.

Not as long as the copyright holder can both utilize this system and file suit. If it were an exclusive or it might reduce the number of lawsuits.

I'm making that assumption based on the personal opinion that there will be plenty of smaller cases that the copyright holder won't want to take to court due to the trivial nature/context/amount of sharing.

I recall a lot of lawsuits that looked terrible for the RIAA/MPAA because they ended up going for elderly people, or parents of a young child who didn't know better. This helps prevent those situations.

I agree and would prefer some sort of protections against the double whammy - but I really believe that this move is more to get the news out to inform people that they are pirating, and what to do about it.

you can have your Internet access disabled, hampering your ability to find and communicate with a lawyer.

None of the six steps involve disabling your internet. Some ISPs have said they will disconnect you after you've been through the six steps, but others claim they won't.

The headline is a flat-out lie. The monitoring is being done by content owners, using publicly-available information from torrent trackers and other peer-to-peer networks.

[Citation Needed]

Everything I've heard about this is that the monitoring is being done by the ISPs themselves, not the content owners.

Sure, straight from their FAQ[1]:

"Can this system see what sites I visit online?

No. There is no monitoring of any Internet traffic by ISPs. The identification of alleged infringement is done by Content Owners on peer-to-peer networks only. The Copyright Alert System applies only to peer-to-peer networks and not to general Internet use."

There's a lot of misinformation going around, spread by people who probably have good intentions but don't understand that by arguing against a straw man, they're actually making it easier for their opponents to discredit them. There are plenty of valid reasons to dislike this plan, we don't need to be making up fake ones.

[1]: http://www.copyrightinformation.org/resources-faq/copyright-...

Edit: Fixed quoting.

people who probably have good intentions but don't understand that by arguing against a straw man, they're actually making it easier for their opponents to discredit them

That's what I think whenever an Internet lynch mob forms (TCPA, SOPA, etc.) but somehow it never matters. There's hardly any backlash against the hyperbolic scaremongering.

sometimes i feel like thats the beauty and fatal flaw of our system. people are gonna basically do what they're gonna do. if it benefits enough of us (with relative/proportional amount of power) it'll happen but if it pisses enough of that demographic off it will get stopped eventually.

Just because the weakness hasn't been exploited doesn't mean it isn't there.

Why would ISPs monitor for content they don't own? They have no incentive to kick their own customers off their network for content the ISPs don't own. I'd love to see a source for "everything you've heard".

The whole system is about the RIAA/MPAA trying to force ISPs to do their bidding and how much of the cost they can offload to ISPs. I'm sure ISPs doing the monitoring was on the table at some point and then the parties "compromised" on letting the AA pay for the monitoring.

"[CAS] will use an analysis system called MarkMonitor to identify infringing activity. That system 'uses both trained professionals and automated processes to identify illegal downloading of whole movies, TV shows, and musical recordings, and the system is designed to eliminate false positives.'"

Source: http://arstechnica.com/tech-policy/2012/10/six-strikes-syste...

I'm curious, what does this do to account for trackers randomly listing fake IP addresses? Seems like trackers could bring the whole thing to its knees with a couple weeks of mass spoofing. After about the millionth false positive the customers will start lawyering up.

They would just follow the torrent swarm. If the tracker gives an address that doesn't have a client behind it, then assume it is fake. You'd also cause a lot of traffic to the spoofed addresses, which is suboptimal.

"The monitoring is being done by content owners"

My ISP owns a number of entertainment companies...

Here's an idea/concern -- for those of us NOT using our ISP's recursive DNS what will this notification plan look like? My ISPs notifications (as in an interstitial page) won't show if I'm not using their DNS.

Presumably if I'm using OpenDNS or Google DNS for my recursive DNS it's going to be impossible to browse my interwebs if this ever happens. I'd need to assume this might be the case, and then switch back to the ISP's recursive DNS just to proceed through their acknowledgement page. Derp.

Well, it is possible to capture and redirect DNS requests such that they can send you to their "captive-portal" page even if you've changed your DNS settings. On linux for example, something like:

iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j DNAT --to

will send all your DNS requests to no matter what your actual destination IP was. If Comcast did something like this at their level, it wouldn't matter what your router/modem DNS setting was. This is assuming you're destination port is still 53.

Does DNSSEC interfere with this? Comcast claims to have deployed DNSSEC on their DNS servers. Can they deliver their redirect even if your resolver is configured to validate DNSSEC records?

Sure. They can't serve you wrong DNS results, but they can just redirect your IP packets directed at some server to theirs.

Or to paraphrase the Matrix, what good is knowing the right IP of a server, if you're unable to reach it?

DNSSEC doesn't prevent them from serving you false DNS results. DNSSEC doesn't protect the communication between your resolver and the DNS server. DNSSEC allows for signing DNS entries with keys.

Since a large portion of DNS isn't signed in order to function on the Internet most resolvers with DNSSEC enabled will still allow results from domains which aren't signed for instance google.com. The easiest thing for Comcast to do is to return their false result indicating that the domain is not signed.

Since they can intercept all DNS traffic you send they could actually emulate all the way up to the root servers and sign with keys they generated themselves. This is probably overly complex but is possible and would allow a false dns entry to be accepted even by resolvers configured to only accept responses for domains which are signed.

>Since they can intercept all DNS traffic you send they could actually emulate all the way up to the root servers and sign with keys they generated themselves. This is probably overly complex but is possible and would allow a false dns entry to be accepted even by resolvers configured to only accept responses for domains which are signed.

this is not how DNSSEC works, if it did work this way it would be trivial for anyone to mitm it, thus render its entire purpose null and void.

Resolvers are preloaded with the dns root public key, that key signs the tld root keys, which sign your registrars key, which sign your domain. There is no effective way for comcast to spoof replies in this setup, as they have no access to any of these private keys.

That's a great point. Thanks for mentioning this.

Your ISP could block all traffic except DNS and port 80. They can then redirect your port 80 traffic to their servers using one of several methods such as WCCP, inline transparent cache,switch with transparent cache redirection, policy routing or a device which NATs your outbound traffic to external IPs to the IP of their internal server.

On the third and fourth infractions, the subscriber will likely receive a pop-up notice "asking the subscriber to acknowledge receipt of the alert"

I'm more curious about how this is supposed to work. Is my ISP going to dynamically insert javascript into random webpages? I don't use any of the infrastructure of my ISP, relying on my own email and DNS, so how exactly is this supposed to work?

Maybe altering your IP address to a private block that routes everything to a splash page (a la public wifi where you have to accept the ToS)?

It will be great when all the problems of this start popping. I'm really don't think the ISP's are going to invest very much in enforcement. It's going to take a lot of time and resources that I just can't see companies like Comcast investing much into it, they are way too bottom line driven.

On top of this you are going to have so many cases of people using open networks to download torrents. They may claim that they will still shut these connections down, but I really don't think they want to go through that PR nightmare of every coffee shop getting rid of wifi because of stupid policy.

This is going to be loosely enforced at best, and most likely a complete failure.

hence what I was saying - how effective is the war on drugs?

Epic failure.

This is about as effective as the "war on drugs"

We have open source software. Why not open source content? I do not have the chops to do it, but I would like to see software/start-ups that helps me, you and everyone else create content - muzak, movies, games, etc - free for anyone to download, sample, modify, sell, give away, with open source styled licenses - just like open source software. Like the linux ecosystem. Surely this is possible? We the consumers of content, should create the content. I am tired of being treated like a thief, although I have never stolen anything.

But we do.

Any type of editing software (open source or not) has some kind of "project file." Trent Reznor was called the first open source musician because he shared his .band files from Garageband.

How do I get my copyrighted material filtered? Can every reader of HN just produce a random 1GB string of characters, and get it filtered on the Net? [It is copyrighted just by authorship]

You have to pay DtecNet to track your content (if they are willing to deal with you at all). But when you say "filtered" I have a feeling you may not be clear on how the system works.

On a related note, who do you guys recommend for VPN? I've been looking at PPTP tunneling with https://www.tunnelr.com/

>>On a scofflaw's first offense.

If it's a first "offense", how can s/he be a scofflaw? And, shouldn't it be allegation instead of offense? What the hell is wrong with this guy?

From the New Oxford American Dictionary:

   scofflaw |ˈskôfˌlô, ˈskäf-|
   noun informal
   a person who flouts the law, esp. by failing to
   comply with a law that is difficult to enforce
I don't see anything there that precludes a first offender from being a scofflaw.

I think the word scofflaw implies repeatedly or habitually breaking the law. Perhaps breaking the law in a mocking way. I guess it just depends upon which dictionary you want to believe.

And thus, the Government became a listening party to every data transmission that will ever exist for the next thousand years. Voice, video, conversation. The talk with your kids. Everything. We need to do something about this. The internet is the future data transfer medium. It's the substrate we will be using to think among ourselves. Our government is trying to get inside our MINDS. By becoming our mind before the neurons have a chance to join up.

I'm just doing a little startup with me and my friends, I'd like to have a website, or broadcast to everyone around the world, but I can't afford to broadcast information to all the people like the big fat-cats who have paid off the government can.

This is step 1 of 10 in turning the Global internet in a controlled apendage of the american government, to be metered, spliced, diced, fast-laned, slow-laned and policed. There will be "pay me money to use this part of the internet" signs everywhere. And the taxes will be reasonable, at first.

The government will own the internet, and you will have to pay them dearly to use it. Even when the internet is simply a data transfer between two consenting adults that stand next to eachother.

The government then took a large step to becoming a God, omnipresent. Privacy? Out the fucking window. Kthx

Frankly, I'm surprised it's taken this long for the government-industrial complex to clamp down on the open internet, and even this is weak compared to the possibility space (internet driver's licenses, etc), though it's obviously a "boiling frog" situation.

But it was, and is, inevitable that this clash happens. Democracy is not achieved and then chiseled into stone permanently; it must continually be earned and fought for by real humans, every damn day.

In this case, that means getting regular people on board with encrypted communication. Yes, it's an uphill battle, but we all got our friends and family to migrate from IE to Firefox. Now it's time to get them on PGP email, VPNs, etc. As geeks, we need to be educating users, creating one-click auto-privacy tools, and doing whatever else we can as Binary Minutemen to maintain a balance of power against threats to open communication.

Unless I've missed something important, please help me out in making the connection between the strategy of monitoring torrents to "Government became a listening party to every data transmission."

I've been doing what I can, but so far I've discovered no significantly new monitoring techniques that are being introduced.

I can't remember where I read it (There were links I remember from 2 different places, one post was on HN about this but it was all hear say and rumors to grain of salt) that they want or are building a system like Watson to monitor internet traffic because currently they have so much information that its impossible to sift though it all.

Couldn't find it with a google, can't really remember any good key words, so the site may have been a bad source (probably) I don't remember. What I do remember about the article is how it was mentioned that it was a revival of a plan they tried to implement back after September 11, but the plan was leaked and there was enough public out rage the US congress squashed the plan. THAT I remember had reputable sources, I remember checking that out on google. Unfortunately I can't remember the name of the project to get you an article.

Maybe someone who knows what I'm talking about (mainly the later) could link it?

Anyway we won't know what if anything extra they're doing until someone leaves and blabs about it in 20-30 years time.

While I wasn't sure how true that was, I did throw it in the realm of possibility because it sounded feasible.

But I wouldn't blame anyone for considering this more hear say and rumors. :)

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact