Friday, 13. September 2002
What does the Düsseldorf blocking order want to say?
While the Chilling Effects of a German state trying to block some US websites would justify a long discussion on itself, the letters of the district government's blocking order strike me as another Example of the problems the legal community has at talking about technical circumstances.
While I have a dim feeling what the district government wants to
get blocked, I can't find it in
their words. They talk about the internet pages
http://www.stormfront.org and http://www.nazi-lauck-nsdapao.com
But it seems they don't mean this pages but the whole sites since
they don't use the pages referenced by the URLs above as reasoning for the blocking order but
several other pages accessible on the servers via the same domain
name (FQDN).
They also use pages on another domainname for
reasoning, e.g. http://stormfront.org/german/zonen.htm - this URL
results in no page at all but in a HTTP-Redirect to
http://www.stormfront.org/german/zonen.htm which is again on the
same domain name like the two ordered to be blocked.
They also
mention "all offerings of
nazi-lauck-nsdapao.com". http://nazi-lauck-nsdapao.com seems to
present the same content as
http:/www.nazi-lauck-nsdapao.com. Later they speak of "the service
providers stormfront.org and
nazi-lauck-nsdapao.com" They ask for blocking of the offerings above.
So what could that mean? They speak about the ISPs stormfront.org and nazi-lauck-nsdapao.com. So they might mean blocking all offerings of this "ISPs". This would mean blackholing their (IP) netblocks at router level. But since the district government also agrees that it is OK to do blocking by DNS forgery which can't be used for blackholing netblocks they must mean something else than blackholing netblocks.
What they might want is that certain names are not reachable. www.stormfront.org and www.nazi-lauck-nsdapao.com seem to be the names they mean. But wait, at http://nazi-lauck-nsdapao.com there is the same content as at http://www.nazi-lauck-nsdapao.com, so this should be blocked, too.
Perhaps they mean *stormfront.org and *nazi-lauck-nsdapao.com should be blocked. But then there is no reasoning in their order why stuff like http://kkk.stormfront.org or http://whemporium.stormfront.org/ is illegal and should be blocked, too. So that can't be what they mean. I'm confused.
Let's try again: They want "pages" to be blocked. They write of HTTP-URLs. This makes you think that they want Web-Pages to be blocked. This means port 80 and maybe port 443 of the IP addresses used by www.stormfront.org and www.nazi-lauck-nsdapao.com have to be blackholed at router level. But wait! We don't know anything about the webservers hosting the webpages for this domainnames. Maybe we hit thousands of other, non-illegal sites, when these Servers employ virtual hosting. This would be very unreasonable, they can't mean that.
Back to forging DNS. But wait again! Forging DNS does not only block web pages but all traffic to the hosts referenced by the blocked names. But there seems to be no proof that the usage of IRC, ftp and mail at this hosts is illegal. So this interpretation of the order seems unreasonable again.
I'm still confused. I'm unable to interpret the blocking order in a logical consistent manner. Maybe it's me. Maybe it's the wording of the order.
01:09 |
#
disLEXia, a research project by Maximillian Dornseif
 |  |  | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |  |  | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||