Engineers: PROTECT IP Act would break DNS

The legislation would drive U.S. Internet users to alternative and unsafe DNS services, the engineers say

Provisions in U.S. legislation designed to protect copyright online could break the Internet's Domain Name System by driving users to untrusted DNS services outside the U.S., a group of Internet engineers said Thursday.

The Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PROTECT IP Act), which awaits action in the U.S. Senate, would allow the U.S. Department of Justice to seek court orders requiring search engines and Internet service providers to stop sending traffic to websites accused of infringing copyright.

But the infringing websites, and customers who want to find them, could bypass the ISP blocks in "approximately 30 seconds of work," said Dan Kaminsky, chief scientist at security vendor DKH. Scores of U.S. Web users will then abandon their ISPs' services that point them to websites, and use untrusted DNS services for all their Web surfing needs, including online banking, he predicted.

With copyright-infringing sites getting an estimated 53 billion page views a year, a huge number of U.S. residents would seek out alternative DNS servers to access the sites if their ISPs weren't directing them there, Kaminsky said during a press conference. "It's not just that lookups to the Pirate Bay go overseas; lookups to Bank of America go overseas," he said. "This is handing over American Internet access to entities we explicitly do not trust, entities that are unambiguously bad guys."

Alternative DNS services could intercept Internet traffic and use customers' data "in any way the remote operator would like," said David Dagon, a post-doctoral researcher at the Georgia Institute of Technology and co-author of a May paper focused on the technical problems that PROTECT IP could create.

The Internet engineers' press conference, organized by the Center for Democracy and Technology and other groups, came a day after the U.S. Chamber of Commerce organized a lobbying effort in support of the PROTECT IP Act. Representatives of more than 30 companies told lawmakers the bill would make it more difficult for piracy and counterfeit-selling websites to market their products to U.S. residents. The companies asked lawmakers to pass PROTECT IP in the Senate and introduce a similar bill in the House of Representatives.

In addition to the DNS blocking provisions, the bill would allow copyright holders to seek court orders requiring payment processors and online ad networks to stop doing business with allegedly infringing websites.

Copyright theft hurts the U.S. economy, said Richard Cotton, executive vice president and general counsel at NBC Universal. "Our message is simple: The broadband Internet cannot be a haven for Internet theft that kills American jobs," he said.

Marketers of counterfeit software take out search ads and put up sites that look legitimate, added Bruce Ghrist, vice president and associate general counsel at language software developer Rosetta Stone. In a recent two-month period, Rosetta Stone's customer service representatives received more than 1,000 complaints about malfunctioning pirated software that customers believed was legitimate, he said.

"It goes without saying that this can have a very corrosive effect on one's brand," he said.

Asked about concerns that the legislation would create security problems in the Internet's DNS, Cotton downplayed those concerns. ISPs are able to block other sites from subscribers, including malware and child pornography sites, he said.

The concern "clearly has no basis in reality," Cotton said. "That blocking activity is not remarkable."

But the blocking that occurs today comes as a service that ISP customers have agreed to, not generally as an attempt to keep Internet users away from sites they want to see, the engineers said. But malware and child pornography sites don't generate billions of page views, Kaminsky said.

"We think that the scale of the number of people who will engage in [looking for alternative DNS services] makes this something that should give pause to policymakers," Dagon added.

There is no good technical solution to block U.S. Internet users from accessing infringing foreign websites, Dagon said. "Were there such a technological solution, we wouldn't have waited for Congress," he added. "We would have used it 15 years ago, 20 years ago, against malware."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is

Join the PC World newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags e-commerceDavid DagonRosetta StonelegislationinternetInternet service providersNBC UniversalGeorgia Institute of Technologyintellectual propertycopyrightU.S. Chamber of CommercelegalDan KaminskyRichard CottonCenter for Democracy and TechnologygovernmentBruce GhristDKH

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Grant Gross

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Matthew Stivala

HP OfficeJet 250 Mobile Printer

The HP OfficeJet 250 Mobile Printer is a great device that fits perfectly into my fast paced and mobile lifestyle. My first impression of the printer itself was how incredibly compact and sleek the device was.

Armand Abogado

HP OfficeJet 250 Mobile Printer

Wireless printing from my iPhone was also a handy feature, the whole experience was quick and seamless with no setup requirements - accessed through the default iOS printing menu options.

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?