The blackout was _not_ about preserving free speech, or any other moral high road. It was purely about control. Tech hadn’t yet cemented their position as a dominant player and didn’t want to cede the control they had.

Now that they’ve embedded themselves in the ruling class they don’t care as much because they already have control.

For better or worse, if you do business in you follow 's laws or GTFO.

That does rather imply that the laws are worthless. Obviously there is going to be someone who doesn't do business in France and operates a public DNS server that doesn't censor anything.

Regardless of that, I would challenge your premise. You can violate an unjust law and risk the consequences. And if you get the PR right, there may not even be any consequences:

https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_d...

But to your point, this is one of the reasons it's important to get these laws off the books and keep them off the books. Once you have the law, the government gets to choose the test case. You know perfectly well they'll be using it against dissidents and false positives tomorrow, but the test case is going to be some loathsome terrorists or a commercial piracy operation with no shades of grey, and then that's the case that sets the precedent.

They should never be allowed the opportunity.

and so when the rights holders notice enough people pirating using dns resolvers they can't force to do anything via the french courts, they'll probably just take it up with the french ISPs and ask for IP blocks of these resolvers. And I'd guess they may already be trying to IP block various piracy sites.

Will be interesting to see them play whack-a-mole. I wonder if at some point France will just start maintaining national blocklists, that if you want to run an ISP or reply to DNS queries from France, you are legally obligated to follow (or get blocked yourself); from the article, it sounds like the current law is significantly short of that so the whack-a-mole will continue.

Except when is ruled by , in which case you impose a small fine as to not upset .

Tech is under corp in the chain or command, which in turn is under national law.

Gross lack of extra-technical nuance here.

You can buy an iPhone there today, and Apple has agreements with China to hand over user data and has done so in the past.

You and GP are both correct. Most Google services are not accessible in China but Google the company still has a significant presence there.

The iPhone is losing its luster and competitors are coming with extremely competitive devices at much cheaper prices, even at the most premium end there is not much of an edge, the product has been perfectly commoditized. Pursuing luxury will inexorably make it a smaller and smaller share of the market every year passing. The iPad and the Mac are pretty small share of the revenue too, by pursuing luxury Apple has put itself into the same corner, repeating previous mistake Steve Jobs warned against in an interview (while working at Next).

I don't see how they reconciliate their need for growth without fucking over their users at some point on the privacy bullshit. It's not as if they don't have a long history of doing that. There is one thing that is clear about Apple as a company: it loves money much more than its customers; in a way that makes regular companies look like boy scouts...

/s

Fighting online piracy: First world, or even zeroth world problem.

It's not loke the pirates are saying "hmm, should I pay exorbitant rates for this or should I pirate it?"

The real competition is alternatives: "should I bother pirating this or just go do some other activity."

Bottom line: In most cases it's actually free marketing, and has a net positive effect for the copyright holders. The continual attempts to aggressively clamp down really says a lot about the mentality of the Big Market Forces, *iaa, *aa, and now MS and Elgoog. Even when it's good fertilizer for their perpetual evergreen money tree, they still flip out.

Used to be like that. Now they have renamed “Chilling Effects” to “Lumen Database” and require submitting an email address to view each individual complaint.

  root@jack:~# dig footybite.cc @8.8.8.8

 ; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> footybite.cc 
 @8.8.8.8
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 14528
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, 
 ADDITIONAL: 1

 ;; OPT PSEUDOSECTION:
 ; EDNS: version: 0, flags:; udp: 512
 ; EDE: 16 (Censored): (The requested domain is on a court 
 ordered copyright piracy blocklist for FR (ISO country 
 code). To learn more about this specific removal, please 
 visit https://lumendatabase.org/notices/41606068.)
 ;; QUESTION SECTION:
 ;footybite.cc.                  IN      A

 ;; Query time: 7 msec
 ;; SERVER: 8.8.8.8#53(8.8.8.8) (UDP)
 ;; WHEN: Sun Jun 16 19:24:29 CEST 2024
 ;; MSG SIZE  rcvd: 243

Curious why Cloudflare has been singled out in the submission title?

Also, the phrasing in both, but especially the HN title made me think Cloudflare chose to do something, but it turns out the French court is forcing all of them.

I'm surprised you're so keen on having big tech companies intentionally ignore court orders and just break the law. Like, it's obviously something none of us should want.

If being unpopular makes a law more likely to pass, then surely the French government tars and feathers all French children every other week.

No, they don't, since the voters would prevent that by voting for a different government.

(Read: The status quo is the status quo because most people are prefer the status quo.)

From a small in-group of well connected people.

> The voters freely decide wether they wish to have representatives who pass laws which are benefitial to Elon Musk.

No, the voters at best select a bundle of stances for/against various things. Effectively this means you have no input except for maybe one or two issues you care most about. In practice you do not even get to do that as your representatives are not bound to what they promised to get you to elect them.

It's censoring DNS. That's a bad precedent. The technical capacity to do it shouldn't exist because otherwise it will be used for every other form of censorship, and deprive democratic countries of any moral or technical authority to object when authoritarian countries want to do it.

It will also be ineffective, leading for calls to make it effective, but the only way to do that is totalitarianism. There is no good that comes from setting out on that road.

> The other answer is that you really don't want big corporations to be ignoring laws they don't like, because odds are pretty good that your list of bad laws doesn't match theirs.

Ignoring the law doesn't get them out of paying the penalty, but penalties are meant to be sane, not some Hollywood accounting nonsense where one person watching one illicit stream of a sporting event causes the event organizers six billion dollars in damages. Then if Cloudflare wants to say "yeah, we're not doing that" and just pay the $100,000 dollar fine, it's clear that they're standing on principle -- they're paying $100,000 in exchange for ostensibly nothing -- and there is nothing wrong with that. The purpose of the penalty is to deter the underlying wrongdoing, not to deter civil disobedience. Anyone should be able to say "I am going to suffer the consequences of this because my principles are worth more than the fine" without having some authoritarians ratchet up the penalty to infinity.

> Countries have sovereignty.

Democratic countries have checks and balances. One of the checks and balances is that if you pass a law people don't respect, they don't respect it. Then you have to choose between punishing not the evildoers, but the principled idealists -- or repealing the law.

France uses a sane legal system based on civil law, so precedents rarely matter. In this case the Sports Code says that piracy is bad and operators can be requested to block piracy websites if they're used and "harm" rights holders. That doesn't mean that tomorrow in a random case not related to sports piracy a judge can refer to that law and order censoring of other DNS entries.

What does online streaming have to do with unsanctioned boating activities.

> What's odious about copyright laws?

Their violation of our rights to freely share and improve on our culture.

> This also appears to be pretty much the gold standard of due process.

This doesn't mean the court's decision is any more defensible.

And it would all be done under the color of local law.

But also, in answer to your question, sort of, yes. 1.1.1.1 is any cast so that users will be routed to a server geographically near them. So then 1.1.1.1 a user gets in the US is quite literally a different one than a user in France will get.

I suspect France could find a way to make things very difficult for them all.

I suppose they could withdraw their service from the country in protest, but it's not obvious that would leave anyone better off.

It's a difficult call and I'm not prepared to harshly judge an organization for complying with a legal, enforceable injunction.

If anyone wants to suggest an accurate, neutral title that gets it all under the 80 char limit, we can change it again.

Heavily biased article.

Remember that dns/ip systems are decentralized at the national precisely so that countries have sovereignity.

The editorial line would have us believe that france is committing a free speech crime or overturning internet infrastructure, while in actuality they are exherting their national rights.

Further the action of a single state often influences other states, as is especially true when it comes to the internet which is global by nature.

Cloudflare runs widely used public DNS server 1.1.1.1

That's my guess why these two companies were singled out.

In the past 3 years or so they have repeatedly proven that to be a lie; they weren’t able to have their cake and eat it too. But their old reputation still sticks around amongst people who don’t follow the space that closely.

And the the response is that the server cannot faithfully answer the DNS query due to legal reasons.

Just make sure its not configured to be a public resolver, and only allow local network or whitelisted addresses.

This level of deep packet inspection and injection is not what ISPs commonly do in my experience. At this point, it is much easier to just block the service's IP addresses than deep-inspect DNS traffic and match the query identifier and stuff to inject a false response. Why spend that engineering time when people will just fix the DNS server and can access the site directly? Might as well force people to set up a full tunnel (such as a VPN) to bypass the block, if your ISP or court order shows this level of motivation anyway.

Insofar as I've experienced these things: fetching the mapping yourself, from a server not operated by your ISP, will circumvent DNS blocks your ISP was ordered to put in place.

Currently I've got live access to one such blocking mechanism:

   $ dig +short thepiratebay.org
   195.121.82.125
   $ dig +short +trace thepiratebay.org | tail -1
   A 162.159.137.6 from server 172.64.35.164 in 5 ms.

The first IP address is a block page (accessible from outside the network, if anyone wants to take a look), the second one of the real IP addresses

Because IP addresses can change frequently, and also because if a site is behind a CDN, that would cause a lot of collateral damage.

> The first IP address is a block page (accessible from outside the network, if anyone wants to take a look), the second one of the real IP addresses

Okay, so your ISP's particular blocking mechanism doesn't hijack recursive queries. But others do.

Sure, that's common too. But that also precludes you from running your own recursive resolver to circumvent their blocks.

Of course, as mentioned putting your recursive DNS server on a cheap VPS somewhere that doesn't hack your connection would.

The entire ad revenue market (desktop + mobile + social + ....) in France, in 2023, was 5.8 billion dollars (The spread in public sources data seems to be 5.0billion-6.2 billion, so i just took the high side)

1. Google made over $240 billion in ad revenue in 2023, so even if it had 100% of all ads revenue in France, France would only account for 2.5% of Google's revenue.

2. However, Google's share in France is nowhere close to 100%. Search + Display overall is currently sitting at 20-25% of the french ad revenue above (same sources). Let's assume Google has 100% market share in France in those areas.

Then France would account for about 1.25 billion dollars of revenue for google, or about 0.5 percent of Google's revenue. Which is not a lot.

But it's still something. Or it would be, except:

3. France has fined Google 224 million so far in 2024.

Google's margins are around 25%. So that 1.25 billion of revenue produces around 312.5 million of profit. Maybe less

Of which they've been fined 224 million :)

If Google gets fined in France again this year, it would probably be operating at a loss.

Hell, they could setup their own public DNS outside of France and suggest users use that. Users already switched from local/ISP DNS to Cloudflare / Google because of the previous law so that is not a big hurdle (ignoring the obvious security problem - many users won't care they just want to watch the game).

My point though is that these laws will be very easy to bypass just like most anti piracy laws before it. Note that The Pirate Bay is still up and running.

In many cases it was browsers changing the used resolver behind the users back contrary to OS-wide settings.

And many websites use CF, so if you were to block a CF IP, you'd block a whole bunch of websites.

Meanwhile it would do nothing to put the site offline regardless because there are more hosting companies than there are atoms in the universe and many of them serve primarily local clientele and wouldn't really care if they got blocked in a country where their customers aren't. They'd have to be blocking the majority of the total IPv4 address space before the site ran out of somewhere to move.

Most if not all of these domains probably use Cloudflare as their authoritative DNS servers because they are using Cloudflare CDN. Why not just ask Cloudflare to "poison" those RRs. No need to issue orders to a selection of cache operators.

1. Recursively lookup DNS, so domains will have to be blocked at the registrar level, since DNS is unencrypted, it can be blocked at ISP level as well.

2. Use a protocol alternative to DNS, a good mature example is GNS. It aims to replace DNS, with a built from group up, modernish protocol. Using a DHT and public-key cryptography.

3. There are "block chain" solutions to the whole domain problem, look at Handshake, ENS etc.

No matter how decentralized something is, ultimately you need to have a server and cables connecting it to the internet located somewhere. That somewhere will be within some legal entity or sovereign's jurisdiction which you must answer to and comply with.

If whatever technology that is being used is so intertwined into the base of all use cases (including totally legal) and legal vs. illegal is practically indistinguishable at scale, then decentralization cannot be blocked without physically blocking all the legal use cases too: sure they can "cut cables" but it will have much more greater consequences as they have just cut cables connecting all the legal activity too.

DNS can be used for both legal and illegal purposes, and the French courts authorized dropping nukes on them to stop illegal activities with no damns given to the legal because the laws cited provided no such safeguards or reservations.

If you just want to prevent other central authorities (e.g. France) from barging in on the existing central authorities your computer expects to get answers from (e.g. ICANN, Verisign etc) there are plenty of projects for semiuncensoring DNS in a distributed way. But nobody is stopping, say, the US from doing to ICANN or Verisign what France is doing to CloudFlare and Google.

That's literally what blockchain solves. ENS (Ethereum Naming Service) already does this.

Other people have even argued that blockchains are states - as in governments, not as in distributed state replication protocols.

It's clearly not about severity, but about control. They would try the overreach even if there is no damage to be found (like using ridiculous "this is the money we lost" calculations).

800 is the figure given by google's attorney for people that would be affected by the block enforced by public DNS servers, not the total amount of "rampant piracy" that's going on.

* Domestic abuse is the victim's fault because they shouldn't have made their partner angry. * The Chinese GFW is the fault of the people who criticized the government. They shouldn't criticize the government. * Israel indiscriminately bombing Gaza is the fault of the Gazans who fought back the last time Israel did that. * The Holocaust is the Jews' fault for not fleeing the country sooner.

I don't think it's a good principle.

Being "annoying" however does justify you being escorted off the premises, which is probably closer to what's happening to those streaming sites than being "punched in the face".

>Even if you have no right to watch sportsball, watching sportsball doesn't justify shutting down the Internet.

Get a grip. Returning incorrect IPs for several known illegal stream websites is hardly "shutting down the Internet", any more than arresting a bunch of belligerent protesters is enacting a police state.

Your claim would make sense if they had no operations in France, but I highly doubt that's the case. If you operate in those countries, you have to comply with their laws. The fact that your company is incorporated elsewhere is irrelevant.

Rightsholder: "Let's see, life insurance payouts are €1M and we are losing at least €50M to these sites, so..."