• chevron_right

      Live ‘Piracy Shield’ Data Exposed By New Platform Reveals Akamai IP Blocking

      news.movim.eu / TorrentFreak · 2 days ago - 14:01 · 4 minutes

    Logo piracy shield After initially denying that Italy’s new Piracy Shield anti-piracy platform had been responsible for any over-blocking, last week telecoms regulator AGCOM conceded that an IP address belonging to Cloudflare had been blocked in error .

    While that might be considered progress of sorts, the incident was downplayed as minor on the basis it was rectified a few hours later. No consolation for the many Cloudflare customers affected, of course, but that particular problem isn’t going away. Cloudflare is encouraging its customers to file complaints to draw attention to the perils of widespread blocking measures.

    Yet despite calls for more transparency, not to mention an obvious need, AGCOM is still not reporting the IP addresses subjected to blocking, instead preferring to report the volume of IP addresses blocked instead. While the latter is not unimportant information, only the former can shine light on cases where IP addresses are blocked in error. Or when IP addresses are blocked despite the legal provision that prohibits blocking when IPs are not exclusively used for piracy.

    New Third-Party Service Imposes Transparency

    Official providers of all types of content have understood for some time that if they don’t meet demand, someone else will do it for them. After calls for transparency appeared to fall on deaf ears, transparency has been imposed on the Piracy Shield system thanks to a new, unofficial third-party system: Piracy Shield Search.

    The most important feature of the service is the ability to enter an IP address or a fully qualified domain name (FQDN) to find out whether they’re on the Piracy Shield system.

    The image below consists of an original blocking order (translated from Italian) issued in response to a blocking application by Sky Italia. To protect Sky’s broadcasting rights for FIM MotoGP World Championship and the Motul FIM Superbike World Championship, the domain http://live.vitocatozzo.eu was added to the Piracy Shield system.

    The response from Piracy Shield Search added by us directly underneath the relevant section in the application confirms that the domain was indeed placed on the blocklist. The response also provides the time the rightsholder or its representative added the ticket to the system, which acts as the instruction for ISPs to go ahead and start blocking.

    Rightsholder Tickets and Top AS By IP Address

    The Piracy Shield Search system shows data relating to currently active blocking, not the total number of requests made or IP addresses/domains blocked to date.

    In the image below we can see that 662 rightsholder tickets are currently live, and together they target 2,849 IPv4 IP addresses, zero IPv6 IP addresses, and 6,601 fully qualified domain names. The panel on the right shows the top AS (autonomous systems) ranked by the total number of IP addresses allocated to the AS that are currently subject to blocking.

    The ticket panel on the left shows that the system deployed in Italy operates similarly to the blocking system operated in the UK.

    Much is made in the media about the requirement to block IP addresses and domains within 30 minutes, possibly to imply that blocking takes place mostly during live matches. However, the two items at the top of the list show that IP addresses and domains are typically added in bulk, long after matches finish or, alternatively, long before they actually start.

    Tickets Reveal More Blocking Blunders

    The people behind Piracy Shield Search have decided to partially redact IP addresses requested for blocking in rightsholder tickets. Since the search facility on the front page responds to requests for specific IP addresses, there’s no need to expose the IP addresses in full here.

    However, since the names of the hosts are displayed in full, it’s possible to determine whether the IP addresses that appear on the left are likely to be operated by CDN companies. More importantly, there may also be enough information to determine whether multiple services potentially share the IP address.

    In a post to X, developer and researcher Matteo Contrini confirms what many people had suspected; Cloudflare isn’t the only major CDN provider whose IP addresses have ended up on the Piracy Shield system.

    “The platform #PiracyShield is blocking 15 Akamai IP addresses! Not only Cloudflare but also the largest CDN in the world…,” Contrini notes.

    The data suggests that transparency is a double-edged sword. Without transparency, there’s no scrutiny, and no specific fuel for criticism. When transparency exists, whether voluntarily or by imposition, scrutiny ensures that criticism can be backed up by data provided by the system itself.

    What transparency offers that opacity never does, however, is a powerful incentive to do better. Whether the addition of these IP addresses is due to blunder after uncorrected blunder isn’t clear, but the alternative is unquestionably much worse.

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      Sécurisez votre surface d’attaque avec cette fonctionnalité de Cloudflare

      news.movim.eu / Korben · Monday, 18 March - 09:57 · 2 minutes

    Vous pensiez que votre infra était bien protégée ? Détrompez-vous les amis, les cyberattaques sont de plus en plus vicieuses et sophistiquées !

    J’sais pas si vous utilisez Cloudflare pour sécuriser et optimiser votre site, mais si c’est le cas, vous allez être heureux puisqu’ils ont sorti un nouvel outil pour nous aider à garder nos sites en sécurité: Cloudflare Security Center .

    Cette nouvelle fonctionnalité nous permet d’avoir une vision globale de notre surface d’attaque , c’est-à-dire tous les points d’entrée potentiels pour les hackers. On parle des serveurs, des applis, des APIs, bref, tout ce qui est exposé sur le web. Le Security Center scanne tout ça et nous alerte sur les failles de sécurité et les mauvaises configurations qui pourraient nous mettre dans la mouise.

    Vous aurez donc besoin :

    • D’un compte Cloudflare (bah oui sinon ça marche pas)
    • Au moins un site web sous leur protection (logique)

    Passons maintenant à l’activation de la fonctionnalité et le lancement du scan initial

    1. Rendez-vous sur le dashboard de Cloudflare et sélectionnez votre compte.
    2. Foncez ensuite dans « Security Center » > « Security Insights « .
    3. Sous « Enable Security Center scans « , vous avez un bouton magique « Start scan « . Et bien cliquez dessus !
    4. Et patientez… Zzzz.. Le premier scan peut prendre un peu de temps selon la taille de votre site.
    5. Une fois fini, la mention « Scan in Progress » disparaît et laisse place à la date et l’heure du dernier scan. Easy !

    Vous verrez alors les problèmes détectés sur votre compte Cloudfalre ainsi que leur sévérité. De mon côté, rien de bien méchant.

    Mais attention, c’est pas juste un simple scanner ! L’outil a aussi des fonctionnalités de gestion des risques . Il vous aide à prioriser les problèmes et vous guide pour les résoudre rapidement. Plus besoin de se prendre la tête pendant des heures, on clique sur quelques boutons et hop, c’est réglé !

    Ensuite, vous n’aurez rien à gérer puisque Security Center fera des scans régulièrement en fonction de votre forfait. Plus vous avez un plan costaud, plus vos scans seront fréquents.

    Ce centre de sécurité propose également un scan de votre infra pour voir tous vos sous-domaines et savoir s’ils sont correctement sécurisés. Et si y’a une adresse IP, un nom de domaine, une URL ou un AS sur laquelle vous avez un doute, vous pouvez même mener une petite enquête dessus

    En plus, le Security Center surveille aussi les tentatives d’ usurpation d’identité et de phishing . C’est encore en beta, donc j’ai pas pu tester, mais imaginez un peu que des petits malins qui essaient de se faire passer pour votre boîte pour piquer les données de vos clients… Et bien avec Cloudflare qui veille au grain, vous devriez vite les débusquer.

    Bref, que vous ayez un petit site vitrine ou une grosse plateforme e-commerce, si vous utilisez Cloudflare, je vous invite à y faire un tour.

    • chevron_right

      Piracy Shield Cloudflare Disaster Blocks Countless Sites, Fires Up Opposition

      news.movim.eu / TorrentFreak · Monday, 26 February - 11:41 · 4 minutes

    Logo piracy shield Following a statement that Italy’s all-new anti-piracy system had received top marks from telecoms regulator AGCOM for “working perfectly,” on Saturday the truth came out in all its glory.

    Piracy Shield has only been fully operational for a few weeks. So, expecting it to work flawlessly, right out of the box, was always unrealistic. There have been reports of unexpected behavior in the ticketing system, for example, plus other issues one might describe as relatively normal for a new system, or at least non-critical.

    But while any unexpected behavior needs to be understood, the Piracy Shield system, i.e software, hardware, and sundry biological components, arguably had just one job to perform perfectly in its first month. Through meticulous care, prove the naysayers wrong by not blocking innocent sites and staying away from CDNs. A single IP address blocked in error can do damage anywhere but, on a platform such as Cloudflare, problems can multiple extremely quickly.

    Like a Moth to a Flame

    As reported less than two weeks ago, the first issue to cause elevated public concern was the blocking of Zenlayer CDN IP addresses . During the first two weeks in the public spotlight, that wasn’t ideal or even an isolated incident.

    Black spots = No connectivity Piracy Shield - ZenLayer Block - Error - 240222

    When AGCOM and anti-piracy group FAPAV turned up on TV recently to announce an expansion of Piracy Shield blocking, the system was said to be “working perfectly” while reports to the contrary were labeled “fake news.”

    But even before those statements had time to fully sink in, along came Saturday afternoon, otherwise known as ‘TTFN CDN’.

    AS13335 Cloudflare – IP: 188.114.97.7

    Around 16:13 on Saturday, an IP address within Cloudflare’s AS13335 , which currently accounts for 42,243,794 domains according to IPInfo, was targeted for blocking. Ownership of IP address 188.114.97.7 can be linked to Cloudflare in a few seconds, and doubled checked in a few seconds more.

    The service that rightsholders wanted to block was not the IP address’s sole user. There’s a significant chance of that being the case whenever Cloudflare IPs enter the equation; blocking this IP always risked taking out the target plus all other sites using it.

    Why blocking went ahead anyway has no good answers; from didn’t check and don’t understand to oops, too late… , how it managed to traverse the claimed checks and balances defies logic. Giorgio Bonfiglio , Principal Technical Account Manager at Amazon Web Services, warned of this specific risk last year. Some of the best advice available, pro bono , yet simply ignored.

    “When I talked about the risks of the Piracy Shield last year I focused on the impossibility for an external observer to understand whether an IP is shared or not. I never expected they would block one of the top 5 CDNs in the world, an AS that does ONLY that,” Bonfiglio wrote .

    Block Party Erupts

    On February 2, 2024, developer Marco d’Itri (aka rfc1036 ) published a pearl of wisdom on Twitter. On Saturday, a little over three weeks later, he was the first to publicly confirm that what shouldn’t have happened, had obviously happened, to the surprise of no one.

    Reports of sites suddenly going offline came in quickly. The IP address block went live at 16:13 and by 16:31, Italy was already covered head to foot in black spots indicating no connectivity (Source: RIPE via @auguzanellato ) .

    EU citizens’ right to receive and impart information without interference often enters site-blocking discussions. Such concerns were waved away in Italy because the above would never be allowed to happen.

    Communication to the Public, By The Public

    On X, @handymenny quickly pinpointed the source of his initial connectivity problem, and then went on to discover he was more affected than first thought. That appeared to pique his curiosity, so he decided to find out who else had been blocked.

    His discoveries included the ODV Prison Volunteers Association , a charitable group with a key goal of improving communication between prisoners and their families. Elimobile.it , a telecoms company that relies on people communicating so that they a) buy SIM cards and b) can access Elimobile’s video services, was also blocked.

    Several schools also suffering downtime is not just a terrible look. The laws and regulations passed last year that authorize rapid blocking include a mandatory educational component for kids. If anyone can think of a statement that will resonate with kids, to explain why preventing football piracy has a negative effect on education, answers on a blackboard please.

    Block Quietly Removed, But That Won’t Be Enough

    Around five hours after the blockade was put in place, reports suggest that the order compelling ISPs to block Cloudflare simply vanished from the Piracy Shield system. Details are thin, but there is strong opinion that the deletion may represent a violation of the rules, if not the law.

    Another legal aspect of potential interest involves a general principle of EU law, one that requires authorities to strike a balance between the means used and the intended aim when exercising their powers.

    IT enthusiast Ernesto Castellotti wasted no time deciding his course of action. Since his website was also unlawfully blocked on Saturday, he’s sent a civil access request to AGCOM demanding all information held on file to show why that happened. He’s also calling for the immediate resignation of the head of AGCOM “for demonstrated negligence in the implementation of the Piracy Shield project.”

    As far as we’re aware, there has been no formal comment from AGCOM on Saturday’s disaster.

    Share information with TF in confidence here

    Note: An earlier version of this article reported on a Bonfiglio tweet which appeared to estimate the number of sites potentially blocked on Saturday. We’re informed the tweet used an Italian phrase that simply suggests a very large number. The direct translation lacked nuance and has since been removed.

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      Another “patent troll” defeated by Cloudflare and its army of bounty seekers

      news.movim.eu / ArsTechnica · Tuesday, 13 February - 16:59

    Another “patent troll” defeated by Cloudflare and its army of bounty seekers

    Enlarge (credit: SOPA Images / Contributor | LightRocket )

    Once again, Cloudflare has proven that its unusual defense against meritless claims of patent infringement effectively works to end so-called "patent trolling."

    In a blog post , Cloudflare announced that its most recent victory—defeating a lawsuit filed by Sable IP and Sable Networks in 2021—was largely thanks to participants of Project Jengo. Launched in 2017, Cloudflare's program offers tens of thousands of dollars in awards to activate an army of bounty seekers and crowdsource submissions of evidence—known as "prior art"—that can be used to overcome frivolous patent claims or even invalidate patents that never should have been issued.

    To find prior art, Project Jengo participants comb through academic papers, technical websites, and patent documents, helping Cloudflare explain in detailed petitions to the US Patent and Trademark Office (USPTO) why certain patents should be invalidated.

    Read 14 remaining paragraphs | Comments

    • Wa chevron_right

      Cloudflare Tunnelling

      pubsub.slavino.sk / warlord0blog · Tuesday, 16 January - 18:48 edit

    Using Cloudflare, it is possible to connect to a private internal service via a tunnel. This enables the interaction of a DNS name to get proxied through Cloudflare, and over a tunnel into your secure application – without exposing the application ports to the internet. This means none of our internal services need be published via &ellipsisRead the full post »

    Značky: #Networking, #Web, #Linux, #cloudflare

    • chevron_right

      DNS Block: Canal+ Sues Cloudflare, Google & Cisco to Fight Piracy

      news.movim.eu / TorrentFreak · Saturday, 30 December - 15:54 · 3 minutes

    The music industry obtained a pioneering injunction to compel Danish ISPs to implement site-blocking measures back in 2006 .

    The goal was to limit access to unlicensed Russian music download platform AllofMP3, but the action also represented the thin end of a site-blocking wedge still being tapped in today.

    Broadcaster and site-blocking proponent Canal+ believes that when service providers implement technical measures to prevent access to pirate sites, that helps to reduce piracy rates. Unfortunately, online roadblocks reliant on technical tweaks always run up against other technical tweaks designed to circumvent them.

    Protecting Live Sports

    A report from the French news outlet l’Informé outlines a fairly typical framework adopted by rightsholders in Europe. To limit access to pirated live sports streams, this year Canal+ went to court in France arguing that local ISPs should prevent customers from accessing several pirate streaming sites.

    Through Footybite.co, Streamcheck.link, SportBay.sx, TVFutbol.info, and Catchystream.com, internet users were able to watch Premier League and Champions League football, plus matches from the Top 14 rugby union club competition, without paying Canal+, the local rightsholder.

    After the decisions went in favor of Canal+, ISPs including Orange, SFR, OutreMer Télécom, Free, and Bouygues Télécom, were required to implement blocking measures. This meant that when the ISPs’ customers attempted to visit any of the above domains, the ISPs’ respective DNS resolvers provided non-authentic responses, thereby denying customers access to the sites.

    Circumvention and New Legal Action

    The response to ISP blocking by increasingly savvy customers was to change their network settings to replace their ISPs’ DNS servers with those offered by unaffected third-party providers. By switching to DNS servers offered by Cloudflare , Google , and Cisco ( OpenDNS ), the domains functioned as expected. This entirely predictable response is now being countered by another.

    After tapping in the wedge just far enough to obtain the initial blocking orders, Canal+ has now returned to court hoping to resolve the blocking orders’ shortcomings. After failing to achieve voluntary cooperation, l’Informé reports ( paywall ) that Canal+ is now suing Cloudflare, Google, and Cisco at the Paris judicial court, to compel similar DNS blocking measures.

    Legal Basis: Article L333-10

    According to Article L333-10 of the French Sports Code (active Jan 2022), when there are “serious and repeated violations” by an “online public communication service” whose main objective is the unauthorized broadcasting of sporting competitions, rightsholders can go to court to demand “all proportionate measures likely to prevent or put an end to this infringement, against any person likely to contribute to remedying it.”

    Proportionate measures include blocking, deleting or deindexing communication services (in this case pirate streaming sites) when they meet the above criteria.

    The judicial court may order these measures to be implemented “for each of the days appearing in the official calendar of the competition or sporting event, within the limit of a period of twelve months.” In respect of the competitions Canal+ hopes to protect, that means until May 19, 2024, for the Premier League, until June 1, 2024, for the Champions League, and until June 29, 2024, for Top 14.

    How Serious is the Circumvention Situation?

    According to detailed reports published by telecoms regulator Arcom, ISP-only DNS blocking measures have enjoyed massive success in France.

    Published in May 2023, Arcom’s report for 2022 noted that the overall audience for illicit sports broadcasts decreased by 41% between 2021 and 2022, down from 2.8 million internet users on average to 1.6 million.

    On circumvention of blocking measures, in May 2023 Arcom reported that when confronted with a blocked site, almost half of all infringing Internet users (46%) completely abandoned the idea of watching the content.

    Of all infringing users, just 6% attempted to circumvent blocking measures using an alternative DNS, VPN or similar method.

    > france-dns-vpn-blocking

    While circumvention of blocking measures doesn’t seem to be an especially big problem in France right now, Arcom notes that it will remain vigilant moving forward.

    For the sake of curiosity, we searched for signs of blocking in France using data supplied by the Open Observatory of Network Interference ( OONI ). The system appears to detect pirate site blocking in France as an ‘anomaly’ (yellow) rather than confirmed, outright blocking (red).

    The green sections may indicate that a relatively small number of users are managing to access domains well-known for their links to piracy. Whether that volume warrants dragging third-party DNS providers to court is another matter.

    However, it can’t be ruled out that there’s also a strategic element to the Canal+ complaint; another tap of the wedge, more incremental progress, and then ever-expanding DNS blocking in preparation for whatever comes next.

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      Premier League Targets Dozens of Illegal Streaming Sites in U.S. Court

      news.movim.eu / TorrentFreak · Monday, 18 December - 07:58 · 4 minutes

    premier league Early December the English Premier League announced a new broadcasting rights deal worth a staggering £6.7 billion (US$8.5 billion).

    Running for four seasons from the 2025-26 campaign, the deal will see broadcasters Sky and TNT take the live games and the BBC continue with its popular highlights package.

    Amazon, which has been licensing Premier League games since 2019, hoping to drive customers towards its Prime service, wasn’t awarded a single match. In parallel, UK tabloid Daily Mail has taken a sudden and unusual interest in Amazon Firestick devices during the last two weeks.

    firestick-mail Published every few days with a similar theme, the goal appears one of piracy deterrence. Unfortunately, regularly associating a legitimate brand with negative imagery is unlikely to have much effect on the pirate market and won’t boost sales of legitimate products either.

    Since piracy rarely responds to negativity but loses market share as legal offers become more attractive, the Premier League’s decision to allow transmission of 270 fixtures in the new package instead of the current 200, is a step in the right direction. Still no matches available during the ‘3pm blackout’ or adjustments to pricing in the consumer direction, but the BBC now has a license to show highlights for all 380 matches.

    Other ‘broadcasters’ will show all 380 matches in full, with no license at all.

    All Matches, No Licenses: Premier League Targets Pirate Sites

    Sky’s deal with the Premier League means the broadcaster now pays £5.95 million per match . Pirate streaming sites, meanwhile, pay the Premier League absolutely nothing and since that has a devaluing effect on the matches already sold, enforcement is the inevitable outcome.

    In a letter dated December 14, 2023, Texas law firm Hagan Noll & Boyle informed Cloudflare that users of its “system or network” are infringing the Premier League’s copyrighted works, through dozens of websites, using an even greater number of domain names. Where relevant, the list also includes ‘backend URLs’ from where actual streams may (or may not) be served.

    A small sample of the pirate domains premier league-domains

    The list includes the popular crackstreams.me, which according to SimilarWeb data enjoyed 8.6 million visitors in the three-month period of September, October and November 2023.

    In common with many other domains in the list, a second domain is listed alongside crackstreams.me, indicating that visitors are redirected after visiting the initial domain.

    For crackstreams.me, the secondary ‘redirect’ domain is ronaldo7.io, which had around 750,000 visits during the same three-month period. While that’s significantly lower than crackstreams.me, visitors from the UK account for 75% of ronaldo7.io’s traffic, versus 25% for its redirection ‘partner’.

    Screenshots similar to those shown below form part of the evidence presented to Cloudflare, 103 pages in total.

    crackstreams.me (left), ronaldo7.io (right) crackstreams-premier

    Judging by the volume of gambling advertising on some domains, coupled with signs that sites are targeting countries including Thailand and China, the Premier League clearly has challenges ahead. Some may even be solvable in the United States, if it gets lucky with Cloudflare.

    Notification Under 17 U.S.C. § 512

    There are two reasons for sending a notification to Cloudflare under 17 U.S.C. § 512 . As a first step, the Premier League would like Cloudflare to take the infringing content down.

    “Cloudflare is asked to remove or disable access to Premier League’s copyrighted works, which, based on the infringement that has occurred to date through the websites and domain names identified above, will continue to be infringed in this same manner throughout the Premier League season,” the letter reads.

    Whether Cloudflare can or will comply in some or all cases is unclear. However, until Cloudflare is sent a compliant DMCA takedown notice, Premier League can’t follow up with the next step.

    DMCA Subpoena Application Filed at U.S. Court

    Through the same Texas law firm, on December 14 the Premier League filed an application for a DMCA subpoena. This allows a copyright owner (or a person authorized to act on their behalf) to request a clerk of any United States district court to issue a subpoena to a service provider (in this case Cloudflare) for the purpose of identifying an alleged infringer.

    The notification sent to Cloudflare identifying the alleged infringers and locations of the infringing content, a proposed subpoena, and a sworn declaration that the subpoena will only be used to protect Premier League’s rights, is usually enough for the clerk to sign off on a request.

    Kids’ presents and turkey or gambling with strangers? premier-gambling

    When that happens, Cloudflare will be required to hand over the following information for the domains listed below, and/or the ‘backend URLs’ listed in the notification to Cloudflare (not listed below).

    Information sufficient to identify the alleged infringers of the matches described in the attached notification, which would include the individuals’ names, physical addresses, IP addresses, telephone numbers, email addresses, payment information, account updates, and account history.

    The deadline in the proposed subpoena is December 29, 2023

    The list of domains and redirection domains reads as follows:

    88zhibo.me
    222live.net
    720pstream.me
    720pstream.nu
    7mscorethai.live
    bestsolaris.com
    bgibola5.xyz
    bgibola77.live
    cakhia51.tv
    cakhia22.live
    crackstreams.me
    ronaldo7.io
    dooball168-hd.com
    dooball2you.com
    dooballx.com
    duball356.com
    futebolplayhd.com
    futemax.app
    futemax.la
    livenettvapk.live/android/
    livehd7.cc
    as.livehd72.live
    mmfootballgroup.com
    mmfootball.cryptken.com
    multicanais.fans
    pawastreams.top
    pawastreams.info
    rakhoi4.tv
    rapidstreamz.tv
    rojadirectaenvivo.club
    rojadirectaenvivo.nl
    soccerlive.app
    nbastreamlinks.net
    soccerstreamlinks.com
    soccertv4k.com
    socolive.news
    socolive.fan
    sportsurge.club
    streamonsport.ru
    strims.top
    tvmob.net
    tvron.net
    tvtap-pro.net
    vertvenvivo.net
    weakstream.org
    weakspell.org
    xn--l3clbuukk5c4d8a3e5d.com
    crichdplayer.xyz
    crichd.com
    hd.cricfree.io

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      Ça y est, le chiffrement post-quantique du web décolle (un tout petit peu)

      news.movim.eu / Numerama · Tuesday, 12 December - 17:00

    chiffrement

    Cloudflare a remarqué un léger bond du chiffrement post-quantique, via TLS 1.3. Un bond encore modeste, mais qui traduit un début de déploiement d'un nouveau type de cryptographie, pour résister à de futures attaques quantiques.

    • chevron_right

      Cloudflare Applauds Court for Rejecting DNS Piracy Blocking Order

      news.movim.eu / TorrentFreak · Tuesday, 5 December - 11:15 · 4 minutes

    cloudflare logo Copyright holders have made serious work of website blocking in recent years, expanding the practice to over forty countries worldwide.

    In Germany, for example, the largest Internet providers agreed to voluntarily block pirate sites as part of a deal they struck with rightsholders.

    These blockades, which are put in place following a thorough vetting process, are generally implemented at DNS level. This is a relatively easy option, as all ISPs have their own DNS resolvers.

    The downside of this simple measure is that it’s easy to bypass. Instead of using the ISPs’ DNS resolvers, subscribers can switch to public alternatives offered by Cloudflare, Google, OpenDNS, or Quad9. This relatively simple change usually renders blocking efforts useless.

    Pirate Site DNS Blocking

    Copyright holders are aware of this weakness. In an attempt to broaden the impact of their anti-piracy efforts, they sued Quad9 , which was required to implement a global pirate site blockade . Meanwhile, Cloudflare also found itself in the crosshairs.

    The German branch of Universal Music previously sued Cloudflare for offering its services to pirate site DDL-Music. The Internet infrastructure company lost this legal battle in the first instance, before the case moved to the Higher Regional Court of Cologne.

    The appeal wasn’t just about Cloudflare terminating services to DDL-Music as a customer but also the implementation of an expanded DNS blockade. Universal demanded that Cloudflare should block the pirate site for all users of its publicly available 1.1.1.1 DNS resolver.

    Last month, the Higher Court concluded that Cloudflare doesn’t have to take any measures on its public DNS resolver in response to copyright complaints, as the service operates in a purely passive, automatic, and neutral manner. As a pass-through service, it is not liable for third-party actions under German and EU law.

    In a blog post , Cloudflare’s Senior Associate General Counsel, Patrick Nemeroff, applauds the verdict. The American company has always argued that public DNS resolvers are neutral services.

    Nemeroff notes that DNS servers are not a good place to try to moderate content on the Internet. This isn’t just disproportionate but also ineffective.

    “That’s a position we’ve long advocated, because blocking through public resolvers is ineffective and disproportionate, and it does not allow for much-needed transparency as to what is blocked and why,” he writes.

    Ineffective

    Cloudflare equates its DNS resolver to a phone book that people historically used to look up someone’s number. In a similar vein, DNS servers link a domain name to an IP-address, allowing people to access a website without having to memorize a string of numbers.

    Blocking a domain by tampering with a DNS resolver doesn’t take down the website. People can still use alternative DNS providers, build their own DNS solution, or simply enter the site’s IP-address manually.

    “[I]t’s not even effective. Traditionally, website operators or hosting providers are ordered to remove infringing or illegal content, which is an effective way to make sure that information is no longer available.

    “A DNS block works only as long as the individual continues to use the resolver, and the content remains available and will become accessible again as soon as they switch to another resolver, or build their own,” Nemeroff adds.

    Disproportionate

    Copyright holders are aware of this, of course, and would counter that doing something is better than nothing at all. At the moment, many ISPs also rely on DNS blockades and that tends to stop at least part of the traffic to pirate sites.

    Cloudflare stresses that public DNS resolvers shouldn’t be compared to ISPs’ DNS servers. The main difference lies in the audience, which is global in Cloudflare’s case. This means that basic DNS blockades would apply globally too.

    “[P]ublic DNS resolvers aren’t the same as DNS resolvers operated by a local ISP. Public DNS resolvers typically operate the same way around the globe. That means that if a public resolver applied the block the way an ISP does, it would apply everywhere.”

    There are technical solutions to apply blockades more locally over DNS, but that would require more data gathering, which limits the privacy of the public at large.

    “Blocking orders directed at public resolvers would require the collection of information about where the requests are coming from in order to limit these negative impacts while demonstrating compliance. That would be bad for personal privacy and bad for the Internet.”

    The Fight Continues

    The verdict of the Higher Regional Court is not entirely positive for Cloudflare, as it further clarified that the company can be held liable for pirate sites that use its CDN services. The case at hand revolves around DDL-Music, which is already defunct, but in future could expand to other Cloudflare customers such as The Pirate Bay.

    In addition, the DNS battle isn’t over either. There are similar legal battles ongoing against other providers such as Quad9 while Cloudflare itself has been targeted in Italy as well.

    “While the Higher Regional Court’s decision represents important progress on the DNS issue, the fight over how best to address online infringement continues,” Cloudflare notes.

    Cloudflare says that it will continue to protest such orders going forward and hopes that the Higher Regional Court’s reasoning on the DNS issue, which is partly grounded in EU law, will help to that end.

    “This decision marks further progress in Cloudflare’s fight to ensure that efforts to address online infringement are compatible with the technical nature of various Internet services, and with important legal and human rights principles around due process, transparency, and proportionality.”

    “We will continue that battle both through public advocacy and, as necessary, through litigation, as one more part of helping build a better Internet,” Nemeroff concludes.

    From: TF , for the latest news on copyright battles, piracy and more.