End User Filtering
Download
Report
Transcript End User Filtering
Analysis of technical measures to
suppress online copyright infringement
Stakeholder Dialogue on Illegal Uploading and Downloading
Brussels 02nd June 2010
Malcolm Hutty
[email protected]
Solving copyright infringement online
Demand-led solution is required
New business models that give consumers timely, affordable
and convenient access to digital content legally
HADOPI-style disconnection is disproportionate and
contrary to the Digital Agenda
Network based technical measures are inappropriate
on technical, legal, economic, and social policy
grounds
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Technical objections to network-based measures
Ineffective
Cannot significantly inhibit infringing behaviour amongst
those that infringe
Harmful to the network
Can reduce network speed, create congestion
Introduces new points of vulnerability, reduces network
resilience
Tendency for overblocking
Harmful to innovation
Reduces network flexibility
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Harmful to innovation:
undermining the end-to-end principle
The end-to-end principle is a basic organising principle of the
Internet
It says that intelligence occurs at the network edges, not in the
core routers
It permits technological development, including invention of
web, VoIP, etc
Requiring blocking at the network level undermines the endto-end principle and the capacity for invention
Arguably, it invites network operators to subvert the end-toend principle further
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Harmful to the network
Three ways network speed is harmed:
1.
2.
3.
Direct processing overhead
Architectural constraints frozen in place
Diversion of investment and innovation
Network resilience is undermined
Introduces new potential points of failure
Blocking systems are an attractive target
Greatly increased attack surface
Now operating at application layer
Blocklist itself is vulnerable, and not only to technical attacks
Tendency to overblocking (depends on technique)
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Inherent inefficacy of network-based measures
as a policy response to
online copyright infringement
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Context:
Purposes of Content Blocking 1
Protection
– Help the users to avoid material that they do not wish to
encounter
Compliance
– Prevent users from accessing material that they are actively
seeking
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Context:
Purposes of Content Blocking 2
Protection
User does not want to access blocked material
User will not deliberately subvert blocking system
User’s normal usage will usually not strain the blocking
system by introducing difficult cases
Compliance
User wishes to access blocked material
User may deliberately subvert blocking system
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Examples
Protection
Protecting families from accidentally stumbling across
child pornography sites
Protecting bank customers from phishing sites
Compliance
Prevent people infringing copyright
Preventing people gambling online
Preventing religious extremists exchanging views
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Does blocking work?
How hard is it to avoid so-called “mandatory”
blocking?
Even if there are counter-measures to blocking,
is it still a significant barrier to infringement?
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Analysis methodology
Specify distinct levels of expertise
“proficiency levels”
Identify avoidance techniques for each technical
measure
Ascertain proficiency level required to employ
avoidance technique
Compare required proficiency level to engage in
infringement with required level to employ
avoidance technique
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Proficiency levels required for avoidance
Advanced network software research
VERY HIGH
HIGH
Good understanding of networking
principles. Basic software development
skills.
MODERATE
Can search for and find obscure or
complex software. Can follow complex
instructions. Capable of imagining
secondary uses of “dual-purpose”
software.
LOW
Aware of common applications e.g. peerto-peer. Capable of following written
instructions to download, install and use
such software.
VERY LOW
Can use web browser, e-mail. Cannot set
up own computer to use Internet
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Methodologies of Blocking
End-user filtering
DNS poisoning
Web Proxy filtering
IP blocking
Hybrid IP blocking/proxy filter
Network-based deep packet inspection & filtering
Alternatives to blocking
Removal at source / Disconnection
Demand-led solutions
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Avoiding Blocking Systems 1
• End User Filters
– Removal by PC owner (LOW expertise)
Surreptitious
by-pass by PC user (MODERATE to
VERY HIGH expertise)
• DNS poisoning
– Use different ISP’s DNS resolver (LOW expertise)
– Run your own DNS resolver (MODERATE expertise)
– Avoid or confuse DNS (MODERATE expertise)
– DNS-SEC will make this obsolete
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Avoiding Blocking Systems 2
All methods except DPI and End-User Filters
– Use Peer-to-Peer (LOW expertise); only provides access to
content, not applications such as gambling sites
– “Anonymizer.com” style tunnel (VERY LOW expertise)
– Create your own encrypted tunnel (MODERATE expertise)
– Confuse the blocking system with technical attacks1
(MODERATE to VERY HIGH expertise, variable
effectiveness)
1Simple
examples include URL Character encoding, web file-path traversal with “..” etc
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Avoiding Blocking Systems 3
Network-based Deep Packet Inspection
Avoidance technique: use file transfer software that
employs encryption
Also (or alternatively), other built-in avoidance techniques
Requires: install peer-to-peer software (LOW expertise)
Requires no additional expertise for those who are already
installing such software
•Encryption is increasingly built-in and automatic
•In software that does not employ yet encryption (or another
effective technique), the user would simply experience this as
software failure and can simply select a new product that “works”.
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Beyond peer-to-peer
Private, password-protected download sites
Easy to establish (VERY LOW expertise)
Essentially infinite pool of sites
Immune to blocking until infiltrated
No limit to number of sites any individual can establish, at least until
individual is brought to justice
Pool of opponents is entire file-sharing community
Location unknown to enforcers; encryption defeats DPI
Number of unknown locations is unknowable
Cannot appear on blocking list until location is known
Long life before being infiltrated
Swift recovery time once infiltrated
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Conclusion of analysis
Network-based measures are inherently ineffective
All known measures have well known counter-measures
Counter-measures are intrinsic not implementation-dependent
Counter-measures are as easy or even easier to employ than
it is to infringe in the first place
Q.E.D., those people already infringing cannot be dissuaded
by such technical “barriers” to infringement
It is unreasonable to expect ISPs to deploy inherently
ineffective measures
Especially considering other objections
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Supporting Annex
End User Filtering
Methodology
Software installed on each PC prevents access to certain
materials
Financial Costs
Varies; from bundled product to around €50 per PC
Falls on customer
Non-financial costs
Choice of sites to block can be questionable
Classification of sites can be questionable
2
0
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
End User Filtering 2
Features
Commonly targets web, e-mail
Rarely targets Games, IM, Peer-to-Peer etc
Vibrant commercial market means state of the art is
continually advancing
Customer has choice of a wide range of reasons for sites to
be blocked (e.g. pornography, violent imagery, gambling,
racism, even “lack of educational value”)
2
1
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Web Proxy Filtering
Methodology
All web traffic passed through a proxy cache, which
selectively refuses access to particular web pages
Financial Costs
Very high (€100,000s for an ISP with 50,000 customers)
Non-financial costs
Can slow down network traffic
Can reduce network reliability
But no overblocking
2
2
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Web Proxy Filtering 2
Features
Centralised mandatory blocking of all web traffic
Generally, limited block-list from a qualified source e.g. court, IWF
Does not block non-web traffic
2
3
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
DNS Poisoning 1
DNS is the system that translate human-readable addresses
into machine-readable Internet protocol addresses
Example DNS address: www.google.com
Corresponding IP address: 216.239.59.147
Every ISP provides a “DNS resolver” to look up these
translations for its customers.
Each customer configures their PC to use their ISP’s DNS resolver as
part of the process of connecting to that ISP
Whenever they visit a new website (or use any other Internet
resource), their PC contacts the DNS resolver to discover the IP
address to contact
Customer could instead configure their PC with any other DNS
resolver, e.g. from an American ISP or one they run themselves
2
4
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
DNS Poisoning 2
Methodology
ISP configures DNS resolver to lie about existence of sites
to be blocked
Financial costs
Low (Can be less than €5000 per ISP)
Non-financial costs
Massive over-blocking, as a whole domain is blocked (e.g.
all of MySpace, Geocities, terra.es etc)
Surprisingly difficult to implement without errors
2
5
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
DNS Poisoning 3
Features
Blocks more than just web;
But non-use of DNS by site operators can limit
effectiveness; and
Over-blocking is a serious problem, and can cause
user rejection
2
6
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
IP Address Blackholing 1
Methodology
ISP prevents all traffic from routing to specified IP
addresses
Financial costs
Depends on length of block list
Non-financial costs
High level of overblocking due to shared web space (e.g.
all of MySpace, Geocities, terra.es etc)
2
7
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
IP Address Blackholing 2
Features
Blocks access for all protocols
Over-blocking is again a serious problem
Danger of unintended outcomes
e.g. Pakistan YouTube incident
2
8
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
IP Blackhole/Proxy Hybrid (“Cleanfeed”)
Methodology
Use the same technology for IP-based blocking to route
only selected traffic to a web proxy; the web proxy decides
what to block
Again, web proxy element means only blocks web sites
Financial Cost
Less than full proxy, but still substantial
Non-financial costs
Over-blocking greatly reduced compared with IP address
blackholing
2
9
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION
Encryption and peer-to-peer
Can peer-to-peer file-sharing be protected by
encryption without defeating its purpose?
Encryption can defeat DPI
Manual enforcement at edges can act post TLS decryption
DTECNET/Media Sentry approach
Only works for transport-layer encryption, not encrypted payloads
IP address thereby obtained can be used for enforcement
But DPI still cannot break encryption tunnel
Technically possible to spot (and block) all activity by same IP
address (super-HADOPI)
Still not possible to identify similar transfers by this or other IP
addresses
EUROPEAN INTERNET SERVICES PROVIDERS ASSOCIATION