Johanna Faust, a mixed race Jew, prefers to publish pseudonymously. She is committed: first, to preventing war, ecological disaster, and nuclear apocalypse; last to not only fighting for personal privacy & the freedom of information, but, by representing herself as a soldier in that fight, to exhorting others to do the same. She is a poet, always. All these efforts find representation here: "ah, Mephistophelis" is so named after the last line of Christopher Marlowe's Dr. Faustus, whose heretical success flouted the censor for a time. What a DNS Sinkhole Looks Like, Or, Adventures in Censorship

I had an interesting time of it recently, on the World Wide Web, as I was attempting to check out the latest instantiation of the renegade undead Grooveshark.  You probably know that the popular music streaming site was shut down for good on April 30. 

You may not know that almost immediately, another one sprung up in its place. 

I was first hipped to this phenomena by Digital Music News  Here is an excerpt from Torrentfreak on the ongoing situation:

So I decided I would check out this supposed 'new' Grooveshark – and, since things got ...interesting, to report on what I had found. : -- courtesy Robtex.comThis is not about or because of the music -- others have reported on this; I hear mp3s were ripped from somewhere.  This incarnation was never functional for me as a music site. I miss the old Grooveshark, I really do. (I heard one can still get playlists.... ) But my browser has been found out -- too old, perhaps finally, though I suspect I have yet a trick or two up my sleeve.  (It wasn't too old for the old Grooveshark.) 

No -- instead, i want to illustrate what it looks like when DNS is sinkholed. I think the information may stand you all in good stead one day in the not too distant future, for some reason.
So it goes like this:

I try to go directly to   'Its a trap,' I am informed by my version of Firefox.  More on that in a little bit.   For now, no Grooveshark, so I keep trying.

I try to use cURL, through the 'NIX terminal, and at first get nothing.I look up the site in Robtex.  It looks a a little odd ---  but there it has that IP. So I do a traceroute, both as myself, and though the use of a remote traceroute server.  Mine never completes, at least at first; later it does, though I get the same results through my browser.   But there is something definitely there.

Thinking the site may actually be dangerous (I do take the warning seriously) I thought, before I access it directly, let's try getting just the source over the web.

After all, webmasters have special software and equipment to handle the Evil, right?

My favorite online toot for this is, which will call a page you specify with parameters you specify using the syntax of cURL.  This allows you to set user agent, referer, cookies, even what offset to continue at, what data to upload, and what type of authentication to use, if you know what you're doing.  (Mastering cURL syntax is one of the most incredibly rewarding things you can do for yourself, if you like that sort of thing, that is.) 

No dice.


No dice using the IP address either.

So, getting bolder, I use that IP address in terminal, and get some source code.  Save it and view in terminal, and it is for this strange cgi-generated page:

Meanwhile, a computer running Windows was able to just go directly to the site, like that, no problem.  He had to manually remove the 's' in https, that's all.  He was picking out songs and everything.  Same local network.

So I go back and just enter in the address, and look at that warning that Firefox throws up. It doesn't look like the normal error message from Firefox.  Here, for comparison, are a few versions of the error messages with which I am familiar.

 And here is the error I received when attempting to access

I decided to try a web proxy, and, despite noticing a warning or two, went with an old favorite, Anonymouse.  I figured that I just wanted to see if I could get the page, at this point, and would deal with the finer details later.  Anonymouse did in fact deliver the goods.

It should be noted that my fellow Windows computer abandoned the site, before streaming any music, after they required an upgrade to Firefox -- which was already upgraded! So perhaps they aren't 'specifically too good,' to understate the matter -- but why block my computer from the ISP level and allow another on the same network to merely hack the URL?

The observant will note that all the examples of the warning error message above include, somewhere on the page,  an option to circumvent the block and load the page anyway.  The last error page does not.  It simply includes a button that opens up a comment form: a textbox that appears when you click on 'Tell us'.

I decided to write them a little note, whoever 'they' are.

I thought I would reproduce it here.

My Letter To Whoever Authorizes DNS Redirects (Sinkholes)

The Internet is dangerous.

Countermeasures are assumed to be the responsibility of the end-user. If offered, these are considered a value-added service by the ISP, and availability is driven by market forces; they are traditionally offered on a volunteer, or "opt-in," basis, and ISPs are under no legal obligation, as far as I know, to provide such services.

The Internet will be dangerous, or it isn't the internet. 

If one is really skydiving one must pack one's own parachute; if one is really surfing there may be a freak wave, or shark; a certain percentage of individuals crossing the street will meet with their demise at the wheels of an oncoming vehicle; a certain number of patients undergoing routine surgical procedures will never regain consciousness; healthy individuals in the prime of their lives, described with terms like 'optimistic' 'enthusiastic' or cheerful' by those few last known to encounter them, have nonetheless been found suddenly, inexplicably, incomprehensibly dead; and not every jetliner forced to attempt an emergency water landing will be lucky enough to have the legendary Chesley Sullenberger for a pilot.

The web-page I requested contains neither spoofed pages (phishing) nor code that seeks to infect or control my computer or my files (malware); this may, however, not be as easily able to be said of "you," whoever "you" are, since a) you appear to have created a page which is being given to me in lieu of the page in which, it seems, we both share a rather keen interest; and b) not only have you, at least for now, succeeded in preventing me from surfing according to my own will, but also c) it appears that the button enabling me to "opt out" of this 'protective' service is missing entirely, having been replaced by a cryptic, rather ominous assertion -- more warning, or threat, really, than helpful pointer -- concerning the close interconnectedness between my desire for un-'filtered' content and my relationship to my sweet, honest, forthright ISP, a tone which my many positive experiences to date would leave me hoping is uncharacteristic and unwarranted.

The internet has to be dangerous -- if it is really the Internet, the real Internet, and not just a walled garden, infomercial, shopping network, reality tv, photo album, fancy telephone, ankle-bracelet, or screen-saver.

‘Free' and 'open' are not fungible, nor negotiable.

Please contact me below, if you would, to confirm receipt of this communication; you are welcome to comment or reply.

Comments always welcome. Contact me on twitter or email me should there be a problem with the comment system.

Be seeing you.

No comments:

Post a Comment