SlideShare ist ein Scribd-Unternehmen logo

SOPA 4 dummies

W
wremes

This document tries to explain on a non-technical level how SOPA will not be able to do what it is intended for but will also break DNSSEC at the same time. Forward this to anybody you know to convince them to express their support to SOPA resistance.

BildungTechnologie
1 von 3
Downloaden Sie, um offline zu lesen
Is SOPA worth the sacrifice of a secure internet? On October 26th 2011, the “Stop Online Piracy Act” (SOPA) was introduced to the U.S. congress with the intent to curb the proliferation of copyright infringement and the piracy of intellectual property. The goals of SOPA are clear and understood. The means by which the proposed bill will try to achieve these goals are, however, not without a far- fetching negative impact on the stability and the security of the internet. This documents intends to clarify the repercussions of SOPA and how the bill contradicts earlier U.S. commitment to internet security and the protection of online U.S. assets. When an individual is looking for information, purchasing goods or doing business on the internet she uses a computing device that, either through a web browser or another applications, allows her to interact with assets on the internet. Today she can use a phone, a tablet, a laptop, a PC or a fridge for this purpose. The assets she interacts with can be anywhere in the world. While her user experience is smooth and everything seems to go back and forth automatically there is a lot of technology involved. Technology that is not relevant to the end user. Technology that is ubiquitous and trivial, until it breaks. The main technology enabling people to send mails, buy presents, write blogs, etc. etc. is the Domain Name System (DNS). Where all assets on the internet are known by their ‘Internet Protocol addresses’, the DNS translates these weird numbers to human-readable addresses. www.facebook.com, www.whitehouse.gov and www.google.com are all examples of such DNS names. They are easy to remember, easy to use and easy to share. The DNS is, and will remain to be, what makes the internet user-friendly for most of it’s users and thus a crucial part of our online life. Internet users are, on a daily basis, targeted by online criminals who abuse several weaknesses in the DNS. Online criminals impersonate social networks, banks and legitimate online businesses. The weaknesses allow viruses to be installed on the devices used by our citizens, they facilitate identity theft and the abuse of credit cards. As online crime has soared over the past years, impacting citizens and businesses alike, several counter-measures have been evaluated and most of them have been proven to fall short in re-establishing the trust in the internet. The only solution, build on the DNS, that maintains the flexibility of today’s internet while adding the required robustness is DNSSEC : Domain Name System Security Extensions. DNSSEC is so much of a necessity for a secure internet that it has been supported and promoted by the highest levels of the U.S. government since the Clinton administration. George W. Bush included securing the DNS among national cybersecurity priorities and when DNSSEC roll-out started in 2010, the Obama administration called it “a major milestone for internet security”. This all underlines the importance of the DNS as a technology supporting the internet and the crucial part it plays in enabling and securing online business.
DNSSEC guarantees the authenticity of a DNS name. When a user requests the DNS name associated with an ‘Internet Protocol’ address from a DNS server using DNSSEC, she can trust the response as the cryptographic signature associated with the DNS name can not be forged or changed. This blocks any attempt by online criminals to impersonate online assets, secures the internet from the ground up and re-establishes trust in running businesses online. SOPA, at it’s core, contains a provision to filter traffic between the internet user and a website hosting pirated content using the DNS. This would empower the Department of Justice, with a court order, to require operators of DNS servers to redirect traffic for a specific website to a specific textual notice developed by the Attorney General thus rendering the pirated content unavailable. The first problem with using this counter-measure to protect intellectual property is that it will not prevent internet users that want to access pirated content from doing so. There are 10 million DNS servers, a minority of those operated by U.S. organizations, on the internet that those users can connect to instead of the DNS servers that have filtering implemented. Moreover they can connect to the servers hosting the pirated content using their ‘Internet Protocol’ addresses, thus completely circumventing the DNS (and rendering the filtering useless). SOPA’s DNS filtering provision will (and can) not prevent internet users who are looking for pirated content from accessing it. The second, and more serious, problem is that SOPA will undermine the trust between consumers who use online services and businesses who offer their services online. Online trust has been eroding over the past decade as no technology was able to prevent criminals from stealing identities, other personal information or impersonate popular or high profile websites. Just like in the real world, where consumers tend to do business with those entities that they can trust, the online world needs a system that can guarantee that a specific website is the website that the consumer intends to do business with. We, as humans, tend to avoid buying bread from those bakeries that are suspected from messing with the ingredients in their products. We take our business to other butchers once we get a hunch that ours is selling us second grade meat. We buy from those that we trust and the economy soars when trust is honored. DNSSEC, as it is in the process of being rolled out, is supported by the U.S. government and the only solution to guarantee online users that they are dealing with the online entity they intended to deal with. It works very much like an online identity store, maintained by it’s owner, listing all the names of online resources that are allowed to represent it’s brand name. When a DNSSEC enabled application requests such a resource, the answer is basically signed by the owner’s CEO, giving the user the guarantee that it’s ok to conduct business. As more and more applications start supporting DNSSEC, any attempt to redirect a user to a resource she didn’t intend to access will no longer happen without
notice thus preventing online criminals from using the simplest tool available without being detected. The DNS filtering provision in SOPA relies on the same technique that online criminals use to steal from our citizens. If we accept this provision to become law, we do not only give those criminals a waiver to keep doing damage to our citizens and businesses but we also call a stop to a joint effort to secure the internet. We have been going forward with great strides. The U.S. government, (inter)national corporations and internet users have joined hands allowing DNSSEC to gain traction and get up to speed. We can not allow a provision that doesn’t have the capacity to prevent what it’s intended to prevent to undermine online trust, render the internet insecure forever and wipe away an unprecedented effort - made possible by citizens, the government and corporations - in one go.

Empfohlen

The new internet part i
The new internet part iThe new internet part i
The new internet part ithenewinternet02
 
Internet Terms Slideshow
Internet Terms SlideshowInternet Terms Slideshow
Internet Terms SlideshowTori Small
 
DCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetDCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetPaul Elliott
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Name parul
Name parulName parul
Name parulParul231
 
Montilla K32 - DEEP WEB
Montilla K32 - DEEP WEBMontilla K32 - DEEP WEB
Montilla K32 - DEEP WEBPoch Montilla
 

Empfohlen

The new internet part i
The new internet part iThe new internet part i
The new internet part ithenewinternet02
 
Internet Terms Slideshow
Internet Terms SlideshowInternet Terms Slideshow
Internet Terms SlideshowTori Small
 
DCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetDCB1309 - F2_Dark_Net
DCB1309 - F2_Dark_NetPaul Elliott
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Name parul
Name parulName parul
Name parulParul231
 
Montilla K32 - DEEP WEB
Montilla K32 - DEEP WEBMontilla K32 - DEEP WEB
Montilla K32 - DEEP WEBPoch Montilla
 
Hass & Associates Online Reviews
Hass & Associates Online ReviewsHass & Associates Online Reviews
Hass & Associates Online Reviewsaleenia23
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Internet law
Internet lawInternet law
Internet lawshrayerlaw
 
Internet law
Internet lawInternet law
Internet lawshrayerlaw
 
The Rise and fall of Sopa and pipa
The Rise and fall of Sopa and pipaThe Rise and fall of Sopa and pipa
The Rise and fall of Sopa and pipaBrian Mazurowski
 
Competence & Confidentiality: Practice in the Post-Information Age
Competence & Confidentiality: Practice in the Post-Information Age Competence & Confidentiality: Practice in the Post-Information Age
Competence & Confidentiality: Practice in the Post-Information Age Get Noticed Get Found
 
Computer crime
Computer crimeComputer crime
Computer crimeIstiak Niloy
 
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...dmenken60
 
Norton scientific news
Norton scientific newsNorton scientific news
Norton scientific newssheltonwaltz
 
Pl internet(cyberspace)
Pl internet(cyberspace)Pl internet(cyberspace)
Pl internet(cyberspace)Lance Gerard G. Abalos LPT, MA
 
Limewire
LimewireLimewire
Limewirewmorris
 
Cyber crime-in-bangladesh
Cyber crime-in-bangladesh Cyber crime-in-bangladesh
Cyber crime-in-bangladesh Md Nazmul Hossain Mir
 
Sif14 How Trade Agreements Mess Up with Internet Freedoms
Sif14 How Trade Agreements Mess Up with Internet Freedoms Sif14 How Trade Agreements Mess Up with Internet Freedoms
Sif14 How Trade Agreements Mess Up with Internet Freedoms Carolina Rossini
 
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...Steven Rhyner
 
E-Commerce: Challenges and Issues
E-Commerce: Challenges and IssuesE-Commerce: Challenges and Issues
E-Commerce: Challenges and IssuesDr. Prashant Vats
 
CAN-SPAM at 5
CAN-SPAM at 5CAN-SPAM at 5
CAN-SPAM at 5Internet Law Center
 
Latin America’s Internet Usage Increases
Latin America’s Internet Usage IncreasesLatin America’s Internet Usage Increases
Latin America’s Internet Usage IncreasesLorence Fogelman
 
Cyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution JaCyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution Jautkarshjani
 
Violations of Cybercrime and the Strength of Jurisdiction in Indonesia
Violations of Cybercrime and the Strength of Jurisdiction in IndonesiaViolations of Cybercrime and the Strength of Jurisdiction in Indonesia
Violations of Cybercrime and the Strength of Jurisdiction in IndonesiaUniversitas Pembangunan Panca Budi
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against propertyvarunbamba
 
How can i hide my ip on permanent basis
How can i hide my ip on permanent basisHow can i hide my ip on permanent basis
How can i hide my ip on permanent basishidemyipaddress
 

Weitere ähnliche Inhalte

Was ist angesagt?

Hass & Associates Online Reviews
Hass & Associates Online ReviewsHass & Associates Online Reviews
Hass & Associates Online Reviewsaleenia23
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
The Rise and fall of Sopa and pipa
The Rise and fall of Sopa and pipaThe Rise and fall of Sopa and pipa
The Rise and fall of Sopa and pipaBrian Mazurowski
 
Competence & Confidentiality: Practice in the Post-Information Age
Competence & Confidentiality: Practice in the Post-Information Age Competence & Confidentiality: Practice in the Post-Information Age
Competence & Confidentiality: Practice in the Post-Information Age Get Noticed Get Found
 
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...dmenken60
 
Norton scientific news
Norton scientific newsNorton scientific news
Norton scientific newssheltonwaltz
 
Limewire
LimewireLimewire
Limewirewmorris
 
Sif14 How Trade Agreements Mess Up with Internet Freedoms
Sif14 How Trade Agreements Mess Up with Internet Freedoms Sif14 How Trade Agreements Mess Up with Internet Freedoms
Sif14 How Trade Agreements Mess Up with Internet Freedoms Carolina Rossini
 
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...Steven Rhyner
 
E-Commerce: Challenges and Issues
E-Commerce: Challenges and IssuesE-Commerce: Challenges and Issues
E-Commerce: Challenges and IssuesDr. Prashant Vats
 
Latin America’s Internet Usage Increases
Latin America’s Internet Usage IncreasesLatin America’s Internet Usage Increases
Latin America’s Internet Usage IncreasesLorence Fogelman
 
Cyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution JaCyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution Jautkarshjani
 
Violations of Cybercrime and the Strength of Jurisdiction in Indonesia
Violations of Cybercrime and the Strength of Jurisdiction in IndonesiaViolations of Cybercrime and the Strength of Jurisdiction in Indonesia
Violations of Cybercrime and the Strength of Jurisdiction in IndonesiaUniversitas Pembangunan Panca Budi
 

Was ist angesagt? (19)

Hass & Associates Online Reviews
Hass & Associates Online ReviewsHass & Associates Online Reviews
Hass & Associates Online Reviews
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
 
Internet law
Internet lawInternet law
Internet law
 
Internet law
Internet lawInternet law
Internet law
 
The Rise and fall of Sopa and pipa
The Rise and fall of Sopa and pipaThe Rise and fall of Sopa and pipa
The Rise and fall of Sopa and pipa
 
Competence & Confidentiality: Practice in the Post-Information Age
Competence & Confidentiality: Practice in the Post-Information Age Competence & Confidentiality: Practice in the Post-Information Age
Competence & Confidentiality: Practice in the Post-Information Age
 
Computer crime
Computer crimeComputer crime
Computer crime
 
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
Cyber Security For Law Firms - February 2015 -Westchester County Bar Associat...
 
Norton scientific news
Norton scientific newsNorton scientific news
Norton scientific news
 
Pl internet(cyberspace)
Pl internet(cyberspace)Pl internet(cyberspace)
Pl internet(cyberspace)
 
Limewire
LimewireLimewire
Limewire
 
Cyber crime-in-bangladesh
Cyber crime-in-bangladesh Cyber crime-in-bangladesh
Cyber crime-in-bangladesh
 
Sif14 How Trade Agreements Mess Up with Internet Freedoms
Sif14 How Trade Agreements Mess Up with Internet Freedoms Sif14 How Trade Agreements Mess Up with Internet Freedoms
Sif14 How Trade Agreements Mess Up with Internet Freedoms
 
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
HOMELAND SECURITY BITCOIN TASK FORCE REVEALED BY DEPARTMENT OF JUSTICE INDICT...
 
E-Commerce: Challenges and Issues
E-Commerce: Challenges and IssuesE-Commerce: Challenges and Issues
E-Commerce: Challenges and Issues
 
CAN-SPAM at 5
CAN-SPAM at 5CAN-SPAM at 5
CAN-SPAM at 5
 
Latin America’s Internet Usage Increases
Latin America’s Internet Usage IncreasesLatin America’s Internet Usage Increases
Latin America’s Internet Usage Increases
 
Cyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution JaCyberspace Usages Challenges And Disputeresolution Ja
Cyberspace Usages Challenges And Disputeresolution Ja
 
Violations of Cybercrime and the Strength of Jurisdiction in Indonesia
Violations of Cybercrime and the Strength of Jurisdiction in IndonesiaViolations of Cybercrime and the Strength of Jurisdiction in Indonesia
Violations of Cybercrime and the Strength of Jurisdiction in Indonesia
 

Ähnlich wie SOPA 4 dummies

Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against propertyvarunbamba
 
How can i hide my ip on permanent basis
How can i hide my ip on permanent basisHow can i hide my ip on permanent basis
How can i hide my ip on permanent basishidemyipaddress
 
Computer Security for Lawyers
Computer Security for LawyersComputer Security for Lawyers
Computer Security for LawyersMark Lanterman
 
2ndnov_txicybersec& SAFETY.pptx
2ndnov_txicybersec& SAFETY.pptx2ndnov_txicybersec& SAFETY.pptx
2ndnov_txicybersec& SAFETY.pptxSSPTRGCELL
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internetdevashishicai
 
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Property Portal Watch
 
CTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliamsCTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliamssegughana
 
MindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no coverMindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no coverPJStarr
 
Web 3.0 app- features and its importance in future
Web 3.0 app- features and its importance in futureWeb 3.0 app- features and its importance in future
Web 3.0 app- features and its importance in futuredeorwine infotech
 
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...IJNSA Journal
 
Internet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docxInternet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docxnormanibarber20063
 
The Potential of Web 3.0 Apps & websites!
The Potential of Web 3.0 Apps & websites! The Potential of Web 3.0 Apps & websites!
The Potential of Web 3.0 Apps & websites! Shelly Megan
 
Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...IJNSA Journal
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
What is Web3 All About? An Easy Explanation With Examples
What is Web3 All About? An Easy Explanation With ExamplesWhat is Web3 All About? An Easy Explanation With Examples
What is Web3 All About? An Easy Explanation With ExamplesBernard Marr
 
A Comprehensive Guide to Web 3.0 Development Companies.
A Comprehensive Guide to Web 3.0 Development Companies.A Comprehensive Guide to Web 3.0 Development Companies.
A Comprehensive Guide to Web 3.0 Development Companies.Techugo
 
Internet advantages and disadvantages
Internet advantages and disadvantagesInternet advantages and disadvantages
Internet advantages and disadvantagesHamza Iqbal
 

Ähnlich wie SOPA 4 dummies (20)

Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
Cyber crime against property
Cyber crime against propertyCyber crime against property
Cyber crime against property
 
How can i hide my ip on permanent basis
How can i hide my ip on permanent basisHow can i hide my ip on permanent basis
How can i hide my ip on permanent basis
 
Computer Security for Lawyers
Computer Security for LawyersComputer Security for Lawyers
Computer Security for Lawyers
 
2ndnov_txicybersec& SAFETY.pptx
2ndnov_txicybersec& SAFETY.pptx2ndnov_txicybersec& SAFETY.pptx
2ndnov_txicybersec& SAFETY.pptx
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internet
 
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
Distil Network Sponsor Presentation at the Property Portal Watch Conference -...
 
Cyber law in bangladesh
Cyber law in bangladeshCyber law in bangladesh
Cyber law in bangladesh
 
CTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliamsCTO-CybersecurityForum-2010-RonWilliams
CTO-CybersecurityForum-2010-RonWilliams
 
MindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no coverMindingTheCloud_NPR_Sum2014-no cover
MindingTheCloud_NPR_Sum2014-no cover
 
Web 3.0 app- features and its importance in future
Web 3.0 app- features and its importance in futureWeb 3.0 app- features and its importance in future
Web 3.0 app- features and its importance in future
 
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...
MULTI-LEVEL PARSING BASED APPROACH AGAINST PHISHING ATTACKS WITH THE HELP OF ...
 
Internet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docxInternet service provider(ISP)An organization or firm th.docx
Internet service provider(ISP)An organization or firm th.docx
 
The Potential of Web 3.0 Apps & websites!
The Potential of Web 3.0 Apps & websites! The Potential of Web 3.0 Apps & websites!
The Potential of Web 3.0 Apps & websites!
 
Deep Web
Deep WebDeep Web
Deep Web
 
Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...Multi level parsing based approach against phishing attacks with the help of ...
Multi level parsing based approach against phishing attacks with the help of ...
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and Encryption
 
What is Web3 All About? An Easy Explanation With Examples
What is Web3 All About? An Easy Explanation With ExamplesWhat is Web3 All About? An Easy Explanation With Examples
What is Web3 All About? An Easy Explanation With Examples
 
A Comprehensive Guide to Web 3.0 Development Companies.
A Comprehensive Guide to Web 3.0 Development Companies.A Comprehensive Guide to Web 3.0 Development Companies.
A Comprehensive Guide to Web 3.0 Development Companies.
 
Internet advantages and disadvantages
Internet advantages and disadvantagesInternet advantages and disadvantages
Internet advantages and disadvantages
 

Mehr von wremes

Distributed Denial Of Service Introduction
Distributed Denial Of Service IntroductionDistributed Denial Of Service Introduction
Distributed Denial Of Service Introductionwremes
 
Intro to Malware Analysis
Intro to Malware AnalysisIntro to Malware Analysis
Intro to Malware Analysiswremes
 
Crème Brulée :-)
Crème Brulée :-)Crème Brulée :-)
Crème Brulée :-)wremes
 
Vinnes jayson koken
Vinnes jayson kokenVinnes jayson koken
Vinnes jayson kokenwremes
 
Build Your Own Incident Response
Build Your Own Incident ResponseBuild Your Own Incident Response
Build Your Own Incident Responsewremes
 
Secure Abu Dhabi talk
Secure Abu Dhabi talkSecure Abu Dhabi talk
Secure Abu Dhabi talkwremes
 
Collaborate, Innovate, Secure
Collaborate, Innovate, SecureCollaborate, Innovate, Secure
Collaborate, Innovate, Securewremes
 
Data Driven Infosec Services
Data Driven Infosec ServicesData Driven Infosec Services
Data Driven Infosec Serviceswremes
 
In the land of the blind the squinter rules
In the land of the blind the squinter rulesIn the land of the blind the squinter rules
In the land of the blind the squinter ruleswremes
 
And suddenly I see ... IDC IT Security Brussels 2011
And suddenly I see ... IDC IT Security Brussels 2011And suddenly I see ... IDC IT Security Brussels 2011
And suddenly I see ... IDC IT Security Brussels 2011wremes
 
Blackhat Workshop
Blackhat WorkshopBlackhat Workshop
Blackhat Workshopwremes
 
SIEM brown-bag presentation
SIEM brown-bag presentationSIEM brown-bag presentation
SIEM brown-bag presentationwremes
 
10 things we're doing wrong with SIEM
10 things we're doing wrong with SIEM10 things we're doing wrong with SIEM
10 things we're doing wrong with SIEMwremes
 
Fosdem10
Fosdem10Fosdem10
Fosdem10wremes
 
OSSEC @ ISSA Jan 21st 2010
OSSEC @ ISSA Jan 21st 2010OSSEC @ ISSA Jan 21st 2010
OSSEC @ ISSA Jan 21st 2010wremes
 
Open Source Security
Open Source SecurityOpen Source Security
Open Source Securitywremes
 
Teaser
TeaserTeaser
Teaserwremes
 
Ossec Lightning
Ossec LightningOssec Lightning
Ossec Lightningwremes
 
Brucon presentation
Brucon presentationBrucon presentation
Brucon presentationwremes
 
Pareto chart using Openoffice.org
Pareto chart using Openoffice.orgPareto chart using Openoffice.org
Pareto chart using Openoffice.orgwremes
 

Mehr von wremes (20)

Distributed Denial Of Service Introduction
Distributed Denial Of Service IntroductionDistributed Denial Of Service Introduction
Distributed Denial Of Service Introduction
 
Intro to Malware Analysis
Intro to Malware AnalysisIntro to Malware Analysis
Intro to Malware Analysis
 
Crème Brulée :-)
Crème Brulée :-)Crème Brulée :-)
Crème Brulée :-)
 
Vinnes jayson koken
Vinnes jayson kokenVinnes jayson koken
Vinnes jayson koken
 
Build Your Own Incident Response
Build Your Own Incident ResponseBuild Your Own Incident Response
Build Your Own Incident Response
 
Secure Abu Dhabi talk
Secure Abu Dhabi talkSecure Abu Dhabi talk
Secure Abu Dhabi talk
 
Collaborate, Innovate, Secure
Collaborate, Innovate, SecureCollaborate, Innovate, Secure
Collaborate, Innovate, Secure
 
Data Driven Infosec Services
Data Driven Infosec ServicesData Driven Infosec Services
Data Driven Infosec Services
 
In the land of the blind the squinter rules
In the land of the blind the squinter rulesIn the land of the blind the squinter rules
In the land of the blind the squinter rules
 
And suddenly I see ... IDC IT Security Brussels 2011
And suddenly I see ... IDC IT Security Brussels 2011And suddenly I see ... IDC IT Security Brussels 2011
And suddenly I see ... IDC IT Security Brussels 2011
 
Blackhat Workshop
Blackhat WorkshopBlackhat Workshop
Blackhat Workshop
 
SIEM brown-bag presentation
SIEM brown-bag presentationSIEM brown-bag presentation
SIEM brown-bag presentation
 
10 things we're doing wrong with SIEM
10 things we're doing wrong with SIEM10 things we're doing wrong with SIEM
10 things we're doing wrong with SIEM
 
Fosdem10
Fosdem10Fosdem10
Fosdem10
 
OSSEC @ ISSA Jan 21st 2010
OSSEC @ ISSA Jan 21st 2010OSSEC @ ISSA Jan 21st 2010
OSSEC @ ISSA Jan 21st 2010
 
Open Source Security
Open Source SecurityOpen Source Security
Open Source Security
 
Teaser
TeaserTeaser
Teaser
 
Ossec Lightning
Ossec LightningOssec Lightning
Ossec Lightning
 
Brucon presentation
Brucon presentationBrucon presentation
Brucon presentation
 
Pareto chart using Openoffice.org
Pareto chart using Openoffice.orgPareto chart using Openoffice.org
Pareto chart using Openoffice.org
 

Kürzlich hochgeladen

A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 

Kürzlich hochgeladen (20)

Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 

SOPA 4 dummies

  • 1. Is SOPA worth the sacrifice of a secure internet? On October 26th 2011, the “Stop Online Piracy Act” (SOPA) was introduced to the U.S. congress with the intent to curb the proliferation of copyright infringement and the piracy of intellectual property. The goals of SOPA are clear and understood. The means by which the proposed bill will try to achieve these goals are, however, not without a far- fetching negative impact on the stability and the security of the internet. This documents intends to clarify the repercussions of SOPA and how the bill contradicts earlier U.S. commitment to internet security and the protection of online U.S. assets. When an individual is looking for information, purchasing goods or doing business on the internet she uses a computing device that, either through a web browser or another applications, allows her to interact with assets on the internet. Today she can use a phone, a tablet, a laptop, a PC or a fridge for this purpose. The assets she interacts with can be anywhere in the world. While her user experience is smooth and everything seems to go back and forth automatically there is a lot of technology involved. Technology that is not relevant to the end user. Technology that is ubiquitous and trivial, until it breaks. The main technology enabling people to send mails, buy presents, write blogs, etc. etc. is the Domain Name System (DNS). Where all assets on the internet are known by their ‘Internet Protocol addresses’, the DNS translates these weird numbers to human-readable addresses. www.facebook.com, www.whitehouse.gov and www.google.com are all examples of such DNS names. They are easy to remember, easy to use and easy to share. The DNS is, and will remain to be, what makes the internet user-friendly for most of it’s users and thus a crucial part of our online life. Internet users are, on a daily basis, targeted by online criminals who abuse several weaknesses in the DNS. Online criminals impersonate social networks, banks and legitimate online businesses. The weaknesses allow viruses to be installed on the devices used by our citizens, they facilitate identity theft and the abuse of credit cards. As online crime has soared over the past years, impacting citizens and businesses alike, several counter-measures have been evaluated and most of them have been proven to fall short in re-establishing the trust in the internet. The only solution, build on the DNS, that maintains the flexibility of today’s internet while adding the required robustness is DNSSEC : Domain Name System Security Extensions. DNSSEC is so much of a necessity for a secure internet that it has been supported and promoted by the highest levels of the U.S. government since the Clinton administration. George W. Bush included securing the DNS among national cybersecurity priorities and when DNSSEC roll-out started in 2010, the Obama administration called it “a major milestone for internet security”. This all underlines the importance of the DNS as a technology supporting the internet and the crucial part it plays in enabling and securing online business.
  • 2. DNSSEC guarantees the authenticity of a DNS name. When a user requests the DNS name associated with an ‘Internet Protocol’ address from a DNS server using DNSSEC, she can trust the response as the cryptographic signature associated with the DNS name can not be forged or changed. This blocks any attempt by online criminals to impersonate online assets, secures the internet from the ground up and re-establishes trust in running businesses online. SOPA, at it’s core, contains a provision to filter traffic between the internet user and a website hosting pirated content using the DNS. This would empower the Department of Justice, with a court order, to require operators of DNS servers to redirect traffic for a specific website to a specific textual notice developed by the Attorney General thus rendering the pirated content unavailable. The first problem with using this counter-measure to protect intellectual property is that it will not prevent internet users that want to access pirated content from doing so. There are 10 million DNS servers, a minority of those operated by U.S. organizations, on the internet that those users can connect to instead of the DNS servers that have filtering implemented. Moreover they can connect to the servers hosting the pirated content using their ‘Internet Protocol’ addresses, thus completely circumventing the DNS (and rendering the filtering useless). SOPA’s DNS filtering provision will (and can) not prevent internet users who are looking for pirated content from accessing it. The second, and more serious, problem is that SOPA will undermine the trust between consumers who use online services and businesses who offer their services online. Online trust has been eroding over the past decade as no technology was able to prevent criminals from stealing identities, other personal information or impersonate popular or high profile websites. Just like in the real world, where consumers tend to do business with those entities that they can trust, the online world needs a system that can guarantee that a specific website is the website that the consumer intends to do business with. We, as humans, tend to avoid buying bread from those bakeries that are suspected from messing with the ingredients in their products. We take our business to other butchers once we get a hunch that ours is selling us second grade meat. We buy from those that we trust and the economy soars when trust is honored. DNSSEC, as it is in the process of being rolled out, is supported by the U.S. government and the only solution to guarantee online users that they are dealing with the online entity they intended to deal with. It works very much like an online identity store, maintained by it’s owner, listing all the names of online resources that are allowed to represent it’s brand name. When a DNSSEC enabled application requests such a resource, the answer is basically signed by the owner’s CEO, giving the user the guarantee that it’s ok to conduct business. As more and more applications start supporting DNSSEC, any attempt to redirect a user to a resource she didn’t intend to access will no longer happen without
  • 3. notice thus preventing online criminals from using the simplest tool available without being detected. The DNS filtering provision in SOPA relies on the same technique that online criminals use to steal from our citizens. If we accept this provision to become law, we do not only give those criminals a waiver to keep doing damage to our citizens and businesses but we also call a stop to a joint effort to secure the internet. We have been going forward with great strides. The U.S. government, (inter)national corporations and internet users have joined hands allowing DNSSEC to gain traction and get up to speed. We can not allow a provision that doesn’t have the capacity to prevent what it’s intended to prevent to undermine online trust, render the internet insecure forever and wipe away an unprecedented effort - made possible by citizens, the government and corporations - in one go.