Hacker News new | past | comments | ask | show | jobs | submit login
Danish Police Censor Google, Facebook and 8,000 Other Sites by Accident (torrentfreak.com)
189 points by websagir on March 2, 2012 | hide | past | favorite | 59 comments



So when exactly are we going to wake up to the fact that governments in the "free" West have over the past two decades implemented measures with respect to freedom of information, communication and privacy that in the decades before that we've consistently denounced as totalitarian police state tactics when it came to communist nations?

The problem is not that the police made this mistake. The problem is that they actually have the authority to do this in the first place.


As odd as this sounds, I tend to believe everything works itself out naturally over time. IOW, if you ran a simulation of the earth over and over again, the timelines might be skewed, but we would eventually end up in the same place. Every advancement, whether it be inventions or discoveries about the physical universe, push the human race forward. But it always has to happen in such a way that it's two steps forward, one step back. If there's a hole or weakness in a system there is an opportunity to exploit it and you better believe it will be done. That's a good thing as it makes the system stronger; the sooner the better.

As was mentioned before on HN the wonderful BBC documentary "The Century of The Self" delves into how the 20th century US democracy began controlling by pandering to consumerism/irrationalism (ie. the tie between big business/media and government), while our communist adversaries began governing by increasingly abject force. They're like two sides of the same coin. Is it bad/evil or did this need to happen? Think about what's happened in that timeframe... the automobile, airplane, radio, the depression, nuclear energy/weapons, two world wars, the computer, television, the personal computer, the internet, and everything the internet is beginning to mobilize. The change to the world in one century is absolutely mesmerizing.

I believe through globalisation these two sides are both merging and dissolving at the same time - that's not necessarily a bad thing, it's the world trying to work out inefficiencies in these respective systems; inefficiencies which could be seen as bugs in a system that invite corruption. When bugs are exposed and fixes begin to emerge, the pockets of corruption are going to fight back - as they should, because that's their livelihood at stake.

Information is more free than ever, and that is what truly sets us free. So they made this mistake. And it's been exposed, quickly. Think about all the nefarious things that happened in the cold war that took decades to come to light. Think about what happened in the Middle East last year; governments toppled, quickly. They tried to sneak SOPA under the public radar and look what happened.


Since it happened slowly, over decades, with real help from external forces like terrorists, and we did not "wake up" then, we certainly are not going to suddenly wake up now.

The world is slowly sliding towards a semi-free market/totalitarian government like Singapore has.

Totalitarian states like China are moving towards a bit more free markets. Formerly free states like the US and western Europe are moving towards more totalitarian state powers.

The key seems to be as long as the economy is OK people don't revolt. Look at the Arab spring vs. how prosperous and peaceful Singapore is.

Wasn't freedom nice while while it lasted? I wonder what our grandkids' reaction will be when we try to tell them how things used to be.


"Grandpa Grandpa! Tell us that story about using Google without a Search Authorization Form again!"


Please don't use the words "wake up" or put quotes around the word 'free.' It's bad writing.

Government is a constant tension between maintaining order/safety and allowing people to do as they like. It is a good thing that we have rules, and it's a good thing that somebody can enforce them; it's also a good thing to have as few rules as possible. Those two realities have to coexist, and it will never be a satisfactory "one or the other."

We're all aware when the balance swings a bit. That doesn't mean we need to... I don't know what you're suggesting; revolutionize? It means we need to push back politically, which we did with SOPA/PIPA, and find ways to maintain our own power, like circumventing the DNS weakness. We're not exactly lost in the wilderness here.

And I haven't even had my coffee yet.


Actually the balance between private life and public interference has swung back and forth many times in the US. Figures like Joseph Mccarthy and Anthony comstock still loom large in American history, and people were still being prosecuted for transporting obscenity across state lines through the 1970s and 1980s, even as we were winning the cold war.

Take a look at this paper examining obscenity law and computer networks, from 1997: http://michaelguth.com/jurimetrics.htm Note, for example, the case of Louis Gugliemi, who received a 25 year sentence for interstate transport of obscene materials in 1985. I don't know whether he made parole or not, but he was unable to get a court to reduce his sentence; chances are that he has been in federal prison from the late 1980s (after his appeals were rejected) until quite recently. In fact, it's just about possible that he's still in prison. It's unlikely he would be convicted today. Likewise, consider this 1985 submission to Attorney-General Meese's commission on pornography: http://obu-investigators.com/xuk/porn/meese/302-pornography-... which proposed vast prosecution powers for governments to stamp out pornography.

So while it's certainly appropriate to challenge governments' efforts to police the private sphere, those efforts need to be considered in a realistic context, not one that views the past through rose-colored spectacles. Overall I'm inclined to think that people enjoy considerably more freedom nowadays than they did a few decades ago.


"It's unlikely he would be convicted today."

I don't believe that true. You can see a recent obscenity case here: http://en.wikipedia.org/wiki/Max_Hardcore


But they tell us they are against totalatarian governments, so they must not be totalatarian, right? </sarcasm>

There are lots of people who have realized it, but they get derided for being extremists (and, many times, they are). Meanwhile, something that might be awesome has just come on TV, so I have to go...


I think the right take-away is that, while, yes, there are mechanisms that give authorities the power to do this sort of thing the whole thing is self correcting.

While technically possible, the Internet is much bigger than any one government. It'd be nearly impossible for any one organization to take it away without massive consequences that would naturally lead to a reversal and a substantial loss of power.

I would imagine that the next step in Denmark is to put into place a means to prevent that from happening ever again. Therefore, the police (or whatever agengy) just lost power due to the (unintended) action they took.

In the long run a dictator doesn't gain respect and power for abusing his people and authority, he actually looses most of it.


I hope that all 8000 accidentially blocked sites will demand being paid for damages. If each site gets a million in damages, it would be a nice reminder for the governments world wide that censorship is a bad thing.


> I hope that all 8000 accidentially blocked sites will demand being paid for damages.

They can demand all they want, but most govts give themselves rather wide immunity wrt such things.

They have the authority to block sites. They have procedures for doing so and have wide discretion as to what procedures to use. They made a small mistake in applying said procedures.

There's little/no chance that they'll be held liable, no matter how much damage you can show.


I don't think a Danish court would order the Danish government to pay a million dollars to a foreign company for damages due to mistakes made by Danish officials. That's just not how it works in a small country...


Definitely not. Furthermore you must be able to proof that you actually lost the money according to Danish legislation, so you will have a hard time sue'ing for millions of dollars for a short outage caused by an accident.


...unless of course you are Google, and actually lost out on a substantial amount of money.


The authorities are just going to end up developing a whitelist of high-profile sites not to block. This is unfortunate because even high-profile sites deserve to be subject to the same laws and levels of scrutiny everyone else must tolerate. Once there's a whitelist mechanism law enforcement will just be even more cavalier.


From the article, it sounds like the whitelist is exactly what was blocked.

It may well have been a list of urls recently found baseless, in which case there wouldn't be an override function ready, but the list was white.


> NITEC is responsible for maintaining a list of sites which they want to be made unavailable to Danish citizens. Each day the country’s Internet service providers retrieve the list and then apply DNS blockades across their infrastructure.

So that's already pretty weak, but then we find out it's implemented with a shared Windows folder.

sigh.


The article says "retrieved" from a "folder". It doesn't even say whether it was Windows, or on a server somewhere. It could have been FTP or something.


"It could have been FTP or something"

And that makes it better?!


FTP is still the standard for file transfer in most large corporations. It is as secure as other methods.


FTP has no security at all. Usernames, passwords, and data are all sent in the clear, in plain text. https://en.wikipedia.org/wiki/Ftp#Security


You might be thinking of SFTP which is a very different thing. FTP itself is very insecure and should only ever be used for anonymous downloading.


>FTP is still the standard for file transfer in most large corporations.

Um, what large corporations? And on God's green earth, why?

>It is as secure as other methods.

No, no it absolutely isn't. In terms of highly available ways of sharing data, FTP is the least secure of all of them. And it's not even a close race.


In order to prevent this kind of censorship in the future, a motivated individual just has to drop the ip address / hostname of the computer sharing the folder into the folder itself. Problem solved.


And they also have some site which blocked pages redirect to, with dire warnings about child pornography. With this infrastructure in place, and a little bit of cleverness, you could Rickroll an entire country. Or redirect everything to the Goatse guy, or a phishing page, or something even worse.


Wait until you find out how your OS gets updates, or your browser gets updates, or your certificate revocation list gets updated.


How?


The software retrieves the data and applies it from a list maintained by the software distributor. This sounds, from the high-level overview they gave, exactly the same as all update servers.


To be fair, for Windows and many Linux distrubutions (don't know about OS X) have signed packages, so it's not like they're grabbing any data and blindly running it.


Here's a good read of how Denmark originally intended to censor child porn went on to censor many other areas including piracy, sites that didn't pay taxes, etc: http://ww.reddit.com/r/bestof/comments/nqytz/censorship_what...


Legally, there should be libel issues.

How many of your clients are going to continue to want to do business with you when they come across a notice that you're serving child pornography off of your site?

And on a DNS note, I always have at least two alternative DNS servers memorized so that I can continue to get around when providers' DNS goes to hell.


The Google ones are easiest; 8.8.8.8, 8.8.4.4. You can get away with just the first, if you're feeling lazy.


As a grad I accidently changed hundreds of mortgage expiry dates from UK to US format (rectified immediately). Lesson learnt. Switching Facebook off for 5.5 million people trumps though!


"Fat Finger" errors are surprisingly common in finance.

(http://ftalphaville.ft.com/blog/2007/03/16/3207/the-curse-of...)


Haven't we had enough of these kind incidents to realize how slippery the censorship slope is? Censorship is pointless. People who want to circumvent the censorship will do so regardless. This just goes to prove that (by accident or not) censorship will be abused.


I don't understand why google or microsoft even doesn't distribute a list of their IP addresses for their online properties with Chrome/Windows respectively. That way you could get a pop-up that said, 'google.com is no longer resolving, fall back on the hardcoded list?' Then a check-box for never asking me again.

Google/Microsoft and other big properties could even push this out as a 'Security Feature' to prevent DNS spoofing attacks. I understand that that would lead to banning of actual IPs by governments, but given the organization of the internet, that is a bit harder than mucking around with DNS.


You never want to hardcode anything like that. You use DNSSEC instead. Right now the adoption is slow, but things are speeding up. With DNSSEC you would be able to authenticate that you are indeed getting the proper DNS reponse from your name servers. Combine that with SSL and you could be pretty sure that you are indeed talking to the right Google. Now we just need some form of fingerprinting like SSH has.


You think that would make sense to most Chrome/Windows users?


"By Accident" - read: global government successfully tested internet dissent suppression software in real environment and on real people. Small details, like the laws allowing them to actually use it (or not, as in the case of MegaUpload where they did not need it) will be provided soon. Mass media will report that these laws "were applauded by the general public, which now feels more protected from the threats of internet terrorism."

Self-destruction by greed is the dominant gene in the DNA of our current economic system. Let's hope it proceeds smoothly, and doesn't take the planet with it.


As long as they insist on breaking DNS there will still be easy solutions for us geeks, like using caches local IP lists. Just hope they don't start blocking actual IP traffic based on deep inspection.


Why not just set up your own resolver? If they start to filter out root servers they literally break the Internet, which is bad if you're in the business of delivering said Internets.


I doubt they'll end up using deep packet inspection for everyone, as far as I understand it's just too expensive at the moment. Maybe this will change though.


I can hardly keep up with what's politically correct these days. Isn't censorship for oppressive regimes and the sort? I thought Europe was supposed to be progressive..


It's nothing new (see: German laws regarding denial of the Holocaust).


Don't believe everything you read in newspapers. US Left Wing newspapers & media will cherry pick countries and places which can imply that the EU is a paradise.

Reality is a bit more complicated and nuanced than that.


It begs the question what the list of 8000 "legitimate" sites is for...



My concern, now that we know that it is THAT easy to block websites, I wonder how many more sites can be blocked in the next couple of months due to accidents. It is all automated, no human oversight after one guy presses the button to censor. Especially if none of those 8000 sites file a charge.


As a total aside have you seen what teenagers post on their Facebook pages? I've made comments to underage teenagers in my list that their pages are a little sexually creepy.

I have my 90 day Facebook chip. FBA... someone has to make a site/browser plugin for that.


Good thing DNSSEC will put an end to all this madness with DNS-filtering and spoofing. It's not working as intended and should never have been installed in the first place.


Couple of days ago USA Government was trying to pass a bill in Senate named SOPA and PIPA bills.And now Danish Police has been censoring Google,Face book and 8000 sites?So what about freedom of information,communication and the freedom of press?My question is "Is this was just an accident or they were just obeying the order of their government?" If yes then it is surely a stupid thing.


TL;DR - police in Denmark made a mistake that resulted in visitors to many sites being told that the site is blocked for possibly having child porn.

---

EDIT: Is there a guideline against 'TL;DR' comments? When I've written them in the past, they've been upvoted.


Let's see, how much damage was done by this?

Each blocked site lost:

- $X directly in business missed during those hours

- The trust of users who believed the warning

If they lost these things by arson or slander, the perpetrator might be punished. But since it was the government, they'll probably get nothing but an apology.

Any justice system will have some collateral damage: standing trial costs you time, money and reputation, even in a fair trial where you're declared innocent. But since the damage is so real and sometimes severe, we should REALLY force government to be careful how it applies itself. Warrants, oversight, auditing, judicial review, etc.

No bureaucrat should have a "ruin this business" button.


According to the article, it's a voluntary scheme, so presumably the right target of a lawsuit would be the ISPs who chose to blindly trust this data, not the government...

That's the way they're getting away with the lack of oversight: Make it "voluntary" ("or we'll tell the press you support child porn", nudge, nudge)


It could be that your TL;DR has exactly the same content as [the first paragraph of] TFA, so it adds nothing to the conversation, the way a good summary of a complex topic would.

Edit: forgot some words


That's kind of the very definition to "TL;DR". Personally, I think they are an atrocity, because if everything useful in an article could be distiller to a tweet, it should have been a tweet and not an article that made it to the front page of HN. I don't downvoted them, though (unless highly inaccurate), because they may provide use to some people in deciding whether TFA is worth spending their time on.


A distilled TL;DR is, as you say, either useless or an indication that the article is unworthy.

I prefer the commentary form of TL;DR which is a pithy remark that allows people who are already familiar with the subject to learn what biases or novel facts this article displays. For example, consider the fictitious article:

Are Human Ears High Resolution Signal Detectors?

which discusses a study of microphones, digital audio recordings and double-blind human subjects trying to distinguish signal in high-noise environments.

A useful TL;DR might be:

Human ears suck.

which might be a useful indicator of whether you're going to learn anything new from reading it.


I have to tell you, I love TL;DR's, maybe I've got a form of digital ADHD but I just want to get the content in a quick, bitesize chunk. Especially when its something like this that I'm not particularly passionate about.

Standing up for TL;DR's in general, not the OP's.


Whoops, yes. The original wording of my comment was the definition of TL;DR. The point I was trying to make is that in this case, the first paragraph of TFA was its own TL;DR, so GGP was particularly redundant.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: