Search This Blog

Thursday, November 17, 2011

Update to SOPA thoughts from Nov. 16, 2011

Amazingly, none of the witnesses at yesterday’s hearing knew enough about the effect of SOPA on the efforts to harden the DNS against various (very nasty) attacks. These attacks expose people to bogus web sites (among other things), raising attacks like phishing to new heights. DNSSEC, a protocol that would ameliorate much of these problems, will be much less functional should SOPA pass. (Actually, it would work until an order to associate a different IP address with a host or domain name was issued. Once the change is made—anywhere—the DNSSEC entry will show up as corrupted, and the system will break.) So an effort to make the Internet more secure (as the supporters of SOPA claim) will actually have the opposite effect. I guess it depends on how you define “security” and whom you are trying to protect. SOPA certainly won’t protect individual Internet users.

Oh, and suppose you bypass the DNS entirely—just use the IP address directly? For example, if my host is blacklisted because of some of my research, you could always go to to see the “blacklisted” work. Back to the pre-DNS days of host tables! (Note: if you're interested in problems like the “insider” problem, data sanitization, teaching robust, a.k.a. “secure” programming, and modeling election processes, please do visit. Anyone who wants to blacklist my host for those has, I think, one of several possible severe problems!)

The point is that, apparently, not only do lawmakers not understand the technology, they either don’t know what questions to ask, or they don’t want to understand the capabilities. This does not speak well for the effectiveness of legislation.


  1. Hi Matt,
    Totally agree with your article here. Apologies if my comment is almost a year old. There was lot of brandishing of the salient features of SOPA act but as you say it will ultimately lead to the breaking of the Internet.

    Also, this would mean monopolization of the entire internet (well not entire, but since most of the DNS\Web servers are hosted) by one country and end of liberal and freedom of speech enjoyed by those on the net. The Internet extends boundaries sketched by political factions and true mingling of the common man unaffected\unconcerned by what higher powers wants or intends. Lets all try to keep it that way.

  2. Nice Post.Thanks for Sharing this in your Blog