Friday, August 30, 2013
The attack on the New York Times' web site this week was accomplished via a method that proponents of anti-piracy measures wanted written into U.S. law.
FORTUNE -- The attack that knocked The New York Times offline this week was an old-school hack: simple DNS blocking. The Syrian Electronic Army, which apparently mounted the attack, broke into domain-name servers run by Melbourne IT (and not into the NYT's own systems, which would have been a much bigger deal) and changed some numbers, redirecting the NYT's incoming traffic away from the site.
As tech journalist Rob Pegaro points out at Sulia (which, fair warning, is a confusing, unnavigable mess of a website), this technique is pretty much what the backers of the anti-copyright-infringement laws SOPA and PIPA wanted written into the law. It "would have let copyright holders require Internet providers to use DNS redirection to block access to allegedly infringing sites," Pegaro notes. "That authority would inevitably have been abused in social-engineering exploits -- and we'd likely see a lot more outages like the NYT's."
MORE: Make $377,000 trading Apple in one day
It's hard to know that for sure, but DNS blocking was something that backers of the bills insisted upon, and thanks to the backlash -- including from many security experts -- that insistence helped kill the bills in Congress. Blocking domain-name service -- which is one of the foundational technologies
Not only is DNS blocking dangerous, it's also "laughably ineffective" for something like stopping piracy, says Mike Masnick of TechDirt. That's because blocking DNS doesn't actually knock a site offline -- it merely causes the domain name (in this case, nytimes.com) to not work. The site is still there, behind its Internet protocol address. (Domain-name service is what maps an IP address, expressed in numbers, to a web domain like nytimes.com. The Washington Post has an excellent explainer on all this, including the hack.)
Masnick's right to a point. Some people did figure out how to get to the Times' web page. But most people would have no idea how to do so, and the newspaper lost a ton of traffic while it was down. When it comes to piracy, yes, people who want free movies from Pirate Bay would be able to get to that site even if its DNS were blocked -- and presumably more of them than average would be tech-savvy enough to figure out how to do so.
Meanwhile, Bloomberg reports that Twitter was able to withstand a similar attack because it has something called a "registry lock" in place. It can be had for $50.
