6:00 am (UTC-7) | by Paul Ferguson (Senior Threat Researcher)
On Thursday, the U.S. House of Representatives discussed the Stop Online Piracy Act (SOPA), a proposal that would give the U.S. Government new tools to fight the online sale of infringing or counterfeit goods.
Trend Micro is aware of the ongoing legal and policy complexities involved in balancing protection of intellectual property rights with censorship concerns, and does not advocate a particular solution to that challenge. Yet, as a trusted security advisor and online crime fighter, we would like to inject some caution into the discussion.
SOPA has real and serious implications that could undermine the overall health and security of the Internet. It could actually make life easier for the criminals it is supposed to thwart.
This is because SOPA could negatively affect the Domain Name System (DNS), which is a fundamental building block of the Internet. Indeed, DNS is critical to everything that makes the Internet function.
DNS links numerical Internet addresses (such as 192.168.1.254) into friendly Uniform Resource Locator (URL) addresses that humans can easily use and understand.
Our URL, www.trendmicro.com, is certainly easier to remember than our numeric IP address.
Making changes to how DNS works, especially sudden changes, could inadvertently undermine everyone’s Internet security.
First, the DNS filters that would be required to enforce SOPA could be easily defeated, rendering them useless. Criminals could develop ways to redirect users to DNS servers outside the U.S. and SOPA’s influence, and users may even look for these foreign and/or unregulated DNS servers if the sites they are trying to locate have been blocked in their ISP’s DNS as a consequence of SOPA.
Right now, Internet Service Providers are the primary providers of DNS services. Moving away from them to a greater number of private DNS servers could harm efforts that rely on DNS data to detect and mitigate security threats, and would fracture the global DNS hierarchy.
Many people who do not like SOPA -based access limitations will doubtless start using DNS servers outside the US, effectively bypassing SOPA. Predictable global DNS hierarchy benefits the totality of seamless Internet functionality and security, which SOPA could undercut.
The legislation as proposed could undermine the universality of domain names, endangering the basic functionality and ease-of-use of the Internet.
Existing dependencies within the DNS could be broken, posing significant risk of collateral damage to “innocent bystanders” such as legal sites and their users. Sites with no infringing content could be blocked with limited ability to be quickly unblocked.
If that happened on Cyber Monday, for example, an Internet retailer could potentially be forced out-of-business.
The U.S. Government and private industry have created new technology, called Domain Name System Security Extensions (DNSSEC), which play a key role in a wider cyber security strategy.
Many private enterprise and governmental networks have invested in DNSSEC deployment. The site redirection envisioned by the legislation is inconsistent with, and could undermine, DNSSEC security deployment altogether.
Trend Micro knows the serious threats the Internet faces and works hard to fight them. We appreciate and welcome the interest government has shown in making the Internet a safer place.
However, if implemented as currently written, SOPA and its companion bills could encourage the same behavior that DNSSEC has been created to stop. And it does so with the force of law in the U.S, but is almost certain to be ignored elsewhere.
SOPA could expose networks and users to increased security and privacy risks. Certainly not the intent of its supporters.
The Internet’s Domain Name System is a key building block responsible for the Internet’s huge success. SOPA with well-meaning and unintended consequences could affect stability and security of the entire Internet and all its users.
Share this article