[HN Gopher] Pirate site not impressed by Global DNS blocking order ___________________________________________________________________ Pirate site not impressed by Global DNS blocking order Author : gslin Score : 123 points Date : 2023-08-05 16:01 UTC (6 hours ago) (HTM) web link (torrentfreak.com) (TXT) w3m dump (torrentfreak.com) | yankput wrote: | I don't understand why they go on _DNS level_. | | The web is hosted somewhere, the actual files are hosted | somewhere (on a different site), yet they don't go after either | of these actual websites but after a DNS resolver? That's just | weird. | | On the other hand my country now DNS-blocks Russia Today so I | guess it's just the minimal viable block | folmar wrote: | The DNS provider has some German presence, and the site and its | hosting don't. The serving of torrent magnet links alone is not | illegal in most Europe. | rolph wrote: | quad9 should be blocking certain IPs in germany as well. | | such as the German branch of Sony Music. | | Sony uploads pirate torrents to the web, thus must be blocked. | badrabbit wrote: | Firefox should natively support OpenNIC and other alternative DNS | providers: | | https://en.wikipedia.org/wiki/Alternative_DNS_root | | This will help Mozilla gain marketshare by being the goto browser | for anyone wanting to access non-mainstream sites. | | But I admit, that also makes firefox hostile to corporate | environments. If only firefox obeyed windows system/gpo/registry | settings like chrome. I have never seen a non-tech company even | permit firefox in their IT policy for these and other reasons | anyways. | | If they really are for privacy for individuals, this is the way! | | It would also be ideal if alternative root systems supported DoH | well. But that's only half the problem, discovering a list or | resolvers is a big pain because those can also be blocked. | | My suggestion is for willing sites to frequently update their SRV | records with new/current list of authoritative root IPs that | support DoH. Supporting mainstream sites can also do that, so | when you visit these sites you have the latest root list, and if | that list is dynamic enough (have static root IPs but make them | reachable with IPs that change all the time) blocking the system | becomes a whack-a-mole and the difficulty is set by network size | and how many new root resolver's can be added (DHT over https | might help too). | nobody9999 wrote: | >But I admit, that also makes firefox hostile to corporate | environments. If only firefox obeyed windows | system/gpo/registry settings like chrome. I have never seen a | non-tech company even permit firefox in their IT policy for | these and other reasons anyways. | | Perhaps I'm missing your point, but Firefox does (and I use it | in my own AD forest) provide Group Policy[0] management | support. | | [0] https://support.mozilla.org/en-US/kb/customizing-firefox- | usi... | RobotToaster wrote: | I've been using OpenNIC as my primary DNS for a while. | midasuni wrote: | Why would to want my applications to use what my operating | system does? I control both, but typically I have more control | over the OS, and importantly it's a single location to | configure. | codetrotter wrote: | This is feels like the Barbara Streisand Effect in action. | | I had never heard about this Canna Power piracy website before. | Probably a lot of other people haven't either. But now, when Sony | and their friends made this DNS block happen, media coverage has | made more of us hear about the Canna Power piracy website. | alpaca128 wrote: | I heard of it ages ago, but it was a terrible experience | (constantly opened new browser windows with ads etc) compared | to torrents and by the time I actually got interested in music | the industry had come up with convenient legal means to buy it. | Didn't know that site is still alive though. | cute_boi wrote: | ublock origin fixes all | _joel wrote: | You and me both, nice one Sony. | kwanbix wrote: | Exactly my thoughts. | y-c-o-m-b wrote: | I have been sailing the dark waters for everything - movies, tv | shows, books, games, music, etc - since before the new | millennium and I can tell you I've never heard of Canna Power | until today. I usually get my content successfully off of the | larger public torrent sites, so I guess there's no need, but | it's good to have another bookmark in my arsenal! Definitely | the Streisand Effect here. | dizhn wrote: | It seems to primarily cater to a German speaking audience. | That's probably why it isn't more well known. I'd never heard | of it either. | alternatetwo wrote: | I'm German and I've known of it 10 years ago ... and 10 | years ago it looked like a site from 20 years ago. I didn't | know it still existed either. | ur-whale wrote: | DNS is the _one_ thing that needs to be based on bitcoin type | tech so as to forever escape any attempt at centralized control. | | Also, being able as an end user to easily choose _where_ you get | your name resolution from is essential. | | The whole idea of root DNS servers is utterly broken. | franczesko wrote: | THIS | null0pointer wrote: | I don't understand why ENS doesn't support normal record types | (A, AAAA, etc.) Support for these was in the original design | for ENS. I hope we see more support for alternative roots in | the future. Brave browser, which is already fairly crypto- | friendly, could add an ENS resolver for example. Maybe this is | something someone could build as a browser extension? | [deleted] | pmontra wrote: | Isn't everything on YouTube for free? Then downloading is as | simple as any software that extracts audio tracks from a YT | video. | brightlancer wrote: | Youtube serves the audio and video separately; yt-dlp (the | successor to youtube-dl) can download only the audio part, so | there isn't any extraction necessary. | | Honestly, I don't understand "piracy" much anymore -- almost | everything folks want is legally available on a streaming | service for cheap or no-charge. If something has been censored | or banned (or the owner refuses to sell it anymore), then | that's a different story, but legal services are cheap and easy | now. | trinsic2 wrote: | I definitely want to be in ownership of the things I | purchase. With streaming services your content can be taken | away from you. No thanks. | ipaddr wrote: | Where do I find Big Brother 3? | | Most things are not available in your location where that is. | raun1 wrote: | > almost everything folks want is legally available on a | streaming service for cheap or no-charge | | The majority of TV shows and movies that I watch are | unavailable on streaming services. I know there's some more | specialty streaming services for film these days, but besides | that, it seems like its mostly well-known classics, anything | mainstream from the past 20 years, or new releases that are | available. | | I solely credit piracy for enabling my appreciation of film | and TV. I was never a big fan of either until I got access to | a huge catalog and started watching classics that are not | popular enough for streaming services to pickup. | Larrikin wrote: | Streaming services WERE cheap and easy. Now all the content | providers are starting their own crappy streaming services | and you end up paying more than you would for cable, when | pretty much everything they offer used to be available | through one or two services tops. | | I expect piracy to rise until there is a Spotify of TV/movies | jorams wrote: | > I don't understand "piracy" much anymore | | For music I agree for the most part. Tons of music is both | available on streaming services, _and_ for sale as a DRM-free | download. The rest of the entertainment industry hasn 't | figured that last part out yet, unfortunately. | folmar wrote: | "Piracy" is still a thing for classical music - if you look | for a specific performance of a piece you'd often find that | it is not only not available online, but also permanently | out of stock in physical formats since 1998. | ransackdev wrote: | I don't know this case or the site, I'm only commenting on this | because, shouldn't we be very concerned that anything can be | silenced, globally, online? Where does it stop if we do it? Who | gets the say? Who watches them? You see what I'm getting at? | | Google started self censoring "Russian propaganda" and everyone | was so distracted with the war itself that nobody seemed to take | notice of what gears that type of thing set in motion. Sure, | they've probably been doing stuff like that the whole time, but | it was the first I'd ever seen them announce they were altering | results publicly and giving us things they deem acceptable. | | We need to wake up | Y_Y wrote: | Vodafone have blocked RT in several EU countries, try it | yourself: https://www.rt.com/africa/580875-france-niger- | military-agree... | mschild wrote: | Not just Vodafone. But this happened because RT is one the | EUs sanction list. | | https://www.consilium.europa.eu/en/press/press- | releases/2022... | mdekkers wrote: | > Google started self censoring "Russian propaganda" and | everyone was so distracted with the war itself that nobody | seemed to take notice of what gears that type of thing set in | motion. | | I recently found out that all of Russia Today is banned and | blocked throughout the EU, and whilst I appreciate it's pure | propaganda, I don't appreciate being told what I can and cannot | read/watch/hear. | | It's entirely against everything I was told to believe we stood | for, and I find it deeply offensive ans disturbing. | thejazzman wrote: | Please correct me if I'm misreading this, but are you saying | bad actors have an inherent right to exercise their bad | actions? It's on every individual to defend themselves | against whatever harm is being inflicted, and society should | stand by because, again, inherent right to be awful should be | protected? | SV_BubbleTime wrote: | Who define bad? | | And why can you not envision a scenario where someone else | finds you, or a known good actor to be bad? | | The most juvenile view from censorship discussions, is that | you will never be the one that's being censored. | matrix_overload wrote: | The idea is that people should have the skill of critically | assessing the information they see, not trusting it by | default, and knowing how to verify it. Like, check for | conflicts of interest, historical precedents, correlate | independent sources, etc. | | This skill only develops if people have to deal with lies | on a daily basis. If we delegate the function of telling | what's a truth and what's a lie to a 3rd party, it quickly | starts abusing it for its own gain and the quality of life | starts sliding downhill. | inetknght wrote: | > _people should have the skill of critically assessing | the information they see, not trusting it by default, and | knowing how to verify it_ | | Unfortunately, in America and I imagine abroad, those | skills have been actively eroded so as to favor of | consumerism. Moreover, the tools to pull one over on your | fellow man have gotten more and more sophisticated such | that you cannot trust recorded voices to be real, you | cannot trust recorded video of people talking, and likely | soon won't be able to trust recorded video at all. | | There's a serious problem with that in its own. But it's | compounded when people don't satisfy the very | requirements you want of them. | zdragnar wrote: | > This skill only develops if people have to deal with | lies on a daily basis. | | It's called critical thinking, and applies to every facet | of life. A person can honestly believe what they are | saying, but their belief is not, on its own, evidence | that what they are saying is true. | | I think schools in the US don't really teach critical | thinking, so much as regurgitation. I almost wish schools | required a full semester course of debate, pushing | students to craft arguments both for and against various | topics. I suspect our politics might look a lot different | if people were generally more skeptical of the things | they're told to just accept. | boredpeter wrote: | No I think he's saying the government should not get to | decide which speech should and shouldn't be allowed. For | example in the US the government attempted and was somewhat | successful in banning speech that favored communism which | was in no way justified. | | I think it's a reasonable criticism of these types of | policies given how governments of the past have misused | their power of censorship. | azangru wrote: | > bad actors have an inherent right to exercise their bad | actions? It's on every individual to defend themselves | against whatever harm is being inflicted, and society | should stand by because, again, inherent right to be awful | should be protected? | | I don't know about the right to be awful; but there is | something deeply unsettling about governments not trusting | their people to decide for themselves what kind of | information they want to access. Centuries ago, people | weren't trusted to read Wycliffe's translation of the | Bible. In the Soviet Union, people weren't allowed to read | The Gulag Archipelago. Now it's RT. It's preposterous. | somethingreen wrote: | I used to be a free speech absolutist, but now I believe | phylosophical principles exist in service of humanity, not | the other way around. If you consider that the goal of | russian propaganda is to help Russia succeed in genocide of a | 40 million nation, I think it should be fairly easy to handle | some censorship, at least until genocide is stopped. | Brian_K_White wrote: | What philosophical principle justifies censorship, which is | just propaganda through ommision? | | How can someone decide for themselves that they agree | something is bad, if they aren't allowed to see it, or even | know it exists? | | I don't think there is any philosophical principle that | resloves to "and therefor we should commit ignorance" | camgunz wrote: | I think the typical rejoinder here is Germany's | denazification. There's a difference between preemptively | censoring things and deciding some things are just wrong | and not worth debating for the umpteenth time. | | FWIW we preemptively censor things all the time. | Information is classified, we don't let you post plans to | build nuclear or biological weapons, etc. And to broaden | a little, we also have lots of speech restrictions and | compulsions. Fraud is against the law and that's largely | speech. Inciting imminent lawless action isn't allowed. | We require nutrition facts on products, we require | doctors to say things before performing abortions, we | compel testimony, etc. I personally wouldn't like it if | you posted my address and when I'm likely to be away. | | Speech is complicated, it's powerful, fundamental, and | there are a lot of competing interests and principles. | r3trohack3r wrote: | I think you cut to the core of it: genocide. | | Governments are entrusted with great power. Enough power to | decide an entire class of people no longer deserve to live. | Without checks and balances that hold the people we put in | government accountable, that power will be abused. | | "It should be easy to handle some censorship" is where your | point went off the rails. | | When you trust your government with the power to control | the flow of information, you trust them with the power to | hide their own actions from you - including genocide. You | trust them to censor people who vocally oppose an unjust | war. You trust them to censor people who report on broken | checks and balances. You trust them to censor people who | question their accumulation of power. | | History doesn't care if you meant well. Our descendants who | inherit these political systems won't care if you meant | well. They'll remember the results of the system you build. | ABCLAW wrote: | >When you trust your government with the power to control | the flow of information, you trust them with the power to | hide their own actions from you | | I think this is as false dilemma - no one's advocating | that any institution or system that can regulate the flow | of known bad information can operate without any | constraints, oversight, etc. | | If we assume any exercise of power will ALWAYS be misused | under any circumstance, then taken to the extreme we | literally shouldn't let people exercise under the notion | that they can and will use physical force to coerce | people. So we can't run on that assumption; sometimes | governments can use power over information to do good | things, like prevent the spread of pro-genocide | propaganda. | | We need to have a far more nuanced discussion about | whether or not THIS instance of censorship is more | positive or more negative. | somethingreen wrote: | You are talking about hypotethicals and I'm talking about | reality of today. If you let actual real innocent people | die for your principles - you are not virtuous, the | future you build and try to protect is not virtuous. It | doesn't matter how correct your principles are. | salawat wrote: | I have a question. | | How big does a group of people acting in concert have to | grow before we start slapping on the shackles because | they've reached a mass indistinguishable from an act of | governance? | | Is it purely a factor rrqrqrawreeqEeaerrteutreeerqeeesrEr | xdrdrwtrsraArRerrrsrssrrerAars numbers? Anything below N | is !government? Or is there a factor of impact? Can one | person's decision effect so many and so much that we have | to put on the brakes in spite of the fact it is _just one | person_? | | It's been no end of annoyance for me over the last few | years, because I personally have had a fairly difficult | time nailing down the sweet spot between _collective | action_ , and _everyone needs to take a chill pill, cause | this ain 't right_. | sgift wrote: | Do you mean rt.com? I just accessed that cesspool and Germany | is part of the EU, so .. nope. Not banned. | JackGreyhat wrote: | I just checked and cannot reach RT from Germany, using the | _ISP provided_ DNS server. I think that is key. | mdekkers wrote: | https://techcrunch.com/2022/02/28/eu-rt-ban-extends-online/ | philippejara wrote: | given that rumble was ordered to remove what I can only | assume is rt and decided to just stop serving the country | instead, It's certainly banned at the very least in France | itself. | | https://archive.is/Ryv67 | orangepurple wrote: | Banned in NL it gives an HTHS error | NET::ERR_CERT_AUTHORITY_INVALID the certificate common name | in the attack is advice.upc.biz | vlabakje90 wrote: | It's not banned in NL, I can access it just fine. | orangepurple wrote: | It is banned by Ziggo in the Netherlands. | | When I open it incognito I am redirected to a Ziggo.nl | page saying: | | Deze website is geblokkeerd | | Europese sancties | | De Raad van Europa heeft besloten dat de websites van RT | (voorheen Russia Today) en Sputnik News niet meer mogen | worden doorgegeven. De website die je probeert te | bezoeken, valt onder deze Europese sanctie. | | Vodafone | | Ziggo is verplicht de sanctie uit te voeren en heeft de | website geblokkeerd. | erfgh wrote: | Russia Today as a television network is banned because you | need a license to broadcast and that license can be revoked | when it is found that the network broadcasts only propaganda | that has nothing to do with reality. | | On the other hand, the website of Russia Today is not blocked | though it does have some intermittent ddos problems. | iraqmtpizza wrote: | you need a loicense to be on rumble lololol | 2OEH8eoCRo0 wrote: | Copyright infringement is not protected speech. Google is free | to provide or not provide results however they see fit. | | To me- freedom of speech is the right of citizens to criticize | the government without reprisal. | | This does not mean that adversaries have the right to flood our | airwaves with propaganda, lies, and other bullshit under the | guise of protected speech. | survirtual wrote: | The same tools used to "prevent copyright infringement" are | used to silence and censor legitimate protest and opposition | to tyranny. | landoftheice wrote: | [dead] | flangola7 wrote: | None of this is new. Blocking is not even that strong of an | action, ISIS domains are straight up seized and taken | possession of by the United States. | boringuser2 wrote: | You're just "waking up" _now_? | | Tech clearly engaged in election interference on behalf of | Trump's opponents in 2020. | | I don't like the man any more than anyone else, but that was a | crime. | Phelinofist wrote: | I remember CannaPower from my first steps with piracy (also: | eMule/eDonkey, KAZAA, BearShare, LimeWire). Good to know they are | still operating. | thefurdrake wrote: | The harder Sony screams, the better things are going in general. | This effort was pathetic and ineffective, just like every attempt | Sony has made to combat piracy. If only they spent all that | effort and money improving the user experience when accessing | their products instead of something doomed to failure. | ecf wrote: | it's entertaining to watch Sony throw these tantrums after one | of their prime complaints with the Activision + Microsoft | merger was how it might give Microsoft exclusivity for CoD | while forgetting how much they love exclusivity for Playstation | titles. | jacquesm wrote: | It isn't called 'Sony Entertainment' for nothing. | robertlagrant wrote: | The problem is Microsoft has leverage in other areas. I | understand Sony's nervousness. | jrm4 wrote: | When I think of the historical development of the internet, | events like this and the early recognition of "net neutrality" | makes me grateful for the bullets we did dodge. | | It's clear that we need to do some things better re: DNS, but | this could have gone sideways so much earlier. | derefr wrote: | Question: why are torrent sites not generally run as a Tor | hidden-site backend (that can therefore be accessed through any | existing Tor public-web gateway, rather than needing to set up | its own proxies) plus an IPFS-hosted SPA frontend (that can | therefore rely on any IPFS web gateway, and can then point as | many arbitrary human-readable DNSLink names at that IPFS CID as | it wishes)? | | Is it just because the web piracy community predates these | technologies? | charcircuit wrote: | To be more accessible and because they don't have to. | fsflover wrote: | It is not sufficient to serve the torrent files (or magnet | links) anonymously: you will leak your IP unless you also | download the actual files through darknet. However, Tor project | does not recommend to use Tor for that: | https://support.torproject.org/#misc_misc-4. | | The actual solution is torrenting through I2P: | https://geti2p.net. They support it out of the box and there | are a few good trackers. | CodesInChaos wrote: | I'm pretty sure sure pirate-bay is an onion site exposed via a | cloudflare gateway. You can use the onion service directly (and | presumably through whichever gateway you want). | plagiarist wrote: | Cloudflare can work over TOR? I'm only familiar with the | services they offer opening a tunnel across regular internet. | stavros wrote: | Yes it can, they have support for terminating TOR so you | don't go over the public internet. | stevefan1999 wrote: | Because it was veeeeeeeeery slow to me. As someone in East | Asia, you are lucky if you can load a hidden service under 10 | seconds. | | First we should briefly talk about how hidden services work. | You have a very long address encoding the portions of a HS | public key, which is stored in a special directory (HSDir), and | due to the P2P nature of Tor, that basically becomes a | DHT/Torrent Tracker which draws parallel to a DNS service. | | Then you initiate a rendezvous request in HSDir to request a | contact with the hidden service. | | The hidden service noticed the HSDir updated, then arranges a | Tor circuit (of arbitrary length) and then write back to HSDir | to tell the requesters to contact via that new circuit which | this information will ultimately be signed with the hidden | service's private key as a proof of identity so MITM is | impossible (like bootleg TLS, or a mock PKI actually) | | As you noticed there would be at least three user circuits | involved: the hidden service to Tor itself, the Tor end user, | and the hidden service relay circuits (I would like to call | that a transit tunnel, the middleman). | | The more the circuits and relays in between, the more likely | your data will fly around the world, and too many circuits is | the intrinsic reason why hidden services are very slow. | | Recall that each circuit is a linked list and to decrypt the | data cells you have to wait for the "pipe" to flow back and | forth serially. A to B to C, and C to B to A on back. Due to | this recursive relation, no relay preemption is allowed. | | Keep in mind the real torspec is very complicated (that took me | a few days) and I tried to make a gist for you, and in reality | this may not be accurate up to date. | | Adding insults to injury, the vast majority of Tor relays are | dominantly located in US and EU, and there are barely any Asian | Tor operators like me, let alone exit node operators. This | caused a serious "geofragmentation"/"geopartition" where one | group of people have degraded services over the others. | | Fortunately, if your sites are mostly static or deterministic | without any serverside dynamic and fancy UI (cough cough PHP | and Ruby), given enough patient I would still got what I want. | Just that it would have took it for me to be longer than | others. | | That is why I think SPA and PWA, both client-side oriented | application on such a low rate network like Tor hidden service, | and abstracting server interaction as low overhead APIs such as | gRPC and ttrpc, would be very useful as I was experimenting it | before, but most people uses Tor Browser, they would likely be | disabling JS with NoScript for...security reasons. They are | really afraid there will be 0days in the JS engine that would | pop them a dropper. There are couple of heap spraying 0days in | V8 but so far Greasemonkey is fine... | rightbyte wrote: | 10s? Sounds like the v56 days. If the site is designed for | it, with alot of info on each page, it should work fine but I | guess most are not? | ShowalkKama wrote: | >Then you initiate a rendezvous request in HSDir to request a | contact with the hidden service. >The hidden service noticed | the HSDir updated, then arranges a Tor circuit (of arbitrary | length) and then write back to HSDir to tell the requesters | to contact via that new circuit which this information will | ultimately be signed with the hidden service's private key as | a proof of identity so MITM is impossible (like bootleg TLS, | or a mock PKI actually) | | this sounds wrong. As far as I know the HS picks some nodes | as introduction points and builds long losting circuits to | them abd publishes them in ita descriptor. | | when a client wants to connect it fetches the list of IPs, it | picks a random node as rendezvous and, via the IP, tells the | HS about it which connects to it to allow communication | (basically you -> rendezvous <- HS (+ a bunch of other nodes | that blindly carry traffic for anonimization as is customs | with tor)) ___________________________________________________________________ (page generated 2023-08-05 23:00 UTC)