Several major Internet figures, including Vint Cerf and Steve Crocker, intend to raise awareness in the French Parliament of the risks of DNS (Domain Name System) filtering, this technique which makes it possible to block access to a website.
Take Vincent Cerf, co-inventor of the TCP/IP protocol; Steve Crocker, inventor of the RFC (Request for Comments) series; very reputable members of the Internet Architecture Board (IAB) and the Electronic Frontier Foundation and so many other big names or protectors of internet freedom. Their common point is to have co-signed, on June 23, 2023, a forum relayed on Medium in which they call on French deputies and senators not to go too far in cyber regulations. For them, the French legislature would weigh ” serious risks to global internet security and freedom of expression “.
DNS blocking or filtering, a blow to the Internet…
The various regulatory projects under study in France could quite significantly extend the powers of certain authorities and agencies, such as ANSSI (the National Agency for Information Systems Security), ARCEP (the telecoms regulator) or ARCOM (digital and audiovisual authority).
The latter (or other specifically created entities) could in particular, in the context of the fight against piracy and cybercrime, force DNS resolvers (those services that deliver an IP address on request to a domain name) and browsers block sites, redirect users to government sites or collect data on private networks or data centers.
For the signatories, these extended powers would then threaten democracy and the Internet in general. They would lead, according to them, to accelerate the principle of DNS filtering, which makes it possible to block traffic from malicious or illegal sites. ” But these protections have always remained voluntary because of the extraterritorial implications and the immense potential for government overreach. “, they recall.
… in addition to proven inefficiency?
In theory, DNS blocking prevents access to dangerous sites and is a means of fighting against DDoS attacks, phishing, or ransomware. Except that a DNS blocking infrastructure could very well be ” suitable for suppressing internal revolt, censoring outside information or monitoring dissidents and journalists “warn computer scientists. They also remember the warning from community experts at ICANN (the international authority that allocates internet protocol address space and assigns IP protocol identifiers), who had pointed out the inefficiency of a system which is moreover ” fraught with unintended consequences “.
DNS filtering (or blocking) does not remove malicious or illegal content. It simply prevents DNS servers from redirecting users to it. But it is just as easy to circumvent this blockage, by changing DNS provider for example, or by using a VPN to activate another DNS resolver.
Let’s not forget that DNS blocking campaigns have also created a market of independent DNS providers, which help users circumvent local regulations. ” It is worth considering how the proposed measures may actually undermine security by driving users away from legitimate infrastructure “Add the signatories. Imposing suppressions on open DNS resolvers, even on a global scale, would only reinforce this phenomenon, while depriving a part of the population from accessing certain information.
The authors warn of the excessive powers that some French authorities could have
In France, ISPs have the ability to block certain malicious infrastructures, with the blocking of HTTP/HTTPS connections and that of IP addresses. And the authors of the post fear that the creation of a specific government web filter applied to web browsers will create ” a disturbing precedent where each national government can implement a veto over content that users around the world can access “.
Another cause for concern: article 35 of the military programming bill 2024-2030, which would give ANSSI the power to install surveillance software and equipment in private data centers, without due process. ” A serious risk for the civil liberties of French and global Internet users “, Denounced in the missive, among many others.
” We share the French government’s goal of building resilience against cyber threats and urge lawmakers to work with technical experts to achieve these goals without jeopardizing the wider ecosystem and civil liberties. “, conclude the authors, who hope to avoid regulatory escalation.
Source : Medium
11