You have probably heard of the Stop Online Piracy Act (SOPA) and its chilling effects on the Internet and all its users. „The originally proposed bill would allow the U.S. Department of Justice, as well as copyright holders,to seek court orders against websites accused of enabling or facilitating copyright infringement. “ (quote taken from the Wikipedia article) SOPA is a major security risk for it advocates to change the DNS zones for specific domains. Blocking would be done by DNS, so the bill compromises the Internet’s infrastructure. Speaking from the view of security researchers we would like to quote the white paper written by Steve Crocker and Dan Kaminsky:
From an operational standpoint, a resolution failure from a nameserver subject to a court order and from a hacked nameserver would be indistinguishable. Users running secure applications have a need to distinguish between policy-based failures and failures caused, for example, by the presence of an attack or a hostile network, or else downgrade attacks would likely be prolific.
SOPA has many more disadvantages and should never be passed. Basically SOPA is Internet censorship and can be used/abused to take down arbitrary content, for example information about security vulnerabilities (which has happened in the past with the DMCA and still continues to happen). This is why the main DeepSec.net web site takes part in the strike against SOPA. Let’s hope we won’t need to shut down our web sites for the real SOPA.
If you are worried about our digital future, please consider joining the protests.