Wednesday, January 19, 2022

TorrentFreak's Latest News

 

The EU Wants Its Own DNS Resolver that Can Block 'Unlawful' Traffic
Ernesto Van der Sar, 19 Jan 10:11 AM

eu-flagThe Domain Name System has been an essential component of the Internet since the mid-eighties.

DNS resolvers make it possible to map a human-readable domain name to an IP-address, so a website or service can be easily located. Older people also call it the Internet's phone book.

Nowadays, there are several large DNS resolvers. Many ISPs operate their own but third-party DNS services are very popular too. The most used third-party options include Google, Cloudflare, OpenDNS and Norton, which are all US-based. This large foreign footprint has the EU worried.

DNS4EU

To offer some balance to the American dominance in the DNS industry, Europe is proposing its own alternative titled DNS4EU. Last week the European Commission published a call for proposals, which also describes in detail what features the government-controlled DNS resolver should offer.

The project overview makes it clear that DNS4EU is meant to protect the privacy of end-users and keep them secure.

"DNS4EU shall offer a high level of resilience, global and EU-specific cybersecurity protection, data protection and privacy according to EU rules, ensure that DNS resolution data are processed in Europe and personal data are not monetised," the EU writes in its overview.

In addition to serving individuals directly, the resolver will also be available to Internet backbone networks that handle traffic in, from, and to Europe. These backbones are part of global traffic routes which means that millions of people could potentially be impacted.

DNS4EU

Many of the proposed DNS4EU features aim to protect EU citizens. For example, the DSN resolver is not allowed to monetize user data and has to comply with applicable privacy regulations including the GDPR.

At the same time, there is also a heavy focus on filtering. DNS4U should help to block malware and phishing, for example, and protect against other cybersecurity threats. These are quite common features for DNS services nowadays.

Blocking Unlawful Traffic

The EU initiative goes a step further though. While details are scarce at this early stage, the language in the official documentation suggests that "illegal content" could be blocked as well.

"Filtering of URLs leading to illegal content based on legal requirements applicable in the EU or in national jurisdictions (e.g. based on court orders), in full compliance with EU rules."

lawful filtering

The above suggests that pirate sites can be blocked by DNS4EU as well, if there's an applicable court order. These sites will then be blocked for all users in the region. At the same time, it could also affect traffic that passes through the Internet backbones that use the DNS resolver.

Without knowing the full technical setup we're cautious not to draw strong conclusions. That said, backbones generally operate across borders and continents, so potential overblocking is a serious concern.

The project overview stresses that filtering and blocking measures should be in line with national rules so we assume that the DNS resolver may treat traffic from individual member states differently if needed.

Censorship Risk?

Patrick Breyer, Member of the European Parliament (MEP) for the Pirate Party, believes that the project is unnecessary. The current DNS solutions work fine and adding government-run filtering and blocking tools is dangerous.

"A government-run DSA scheme comes with the risk of online censorship," Breyer tells TorrentFreak, while adding that DNS blocking itself is easily circumvented.

"Access blocking leaves content online and therefore can easily be circumvented and often results in overblocking and collateral suppression of legal speech hosted on the same website, by the same provider or via the same network."

This type of collateral damage is not just hypothetical. Breyer notes that, in 2020, the public domain library Project Gutenberg was blocked in its entirety in Italy because some content allegedly violated local laws.

Borderless Backbone

That blocking won't always stop at borders is also well known. In 2017, several websites were blocked around the world because Internet backbone provider Cogent blackholed several Cloudflare IP-addresses in response to an Italian court order.

According to Breyer, infringing content should be removed, not blocked. Otherwise, there's always the risk of overblocking.

"Illegal content should be removed where it is hosted," Breyer says, adding that this is why the civil liberties committee will ask the European Parliament to scrap blocking orders from the Digital Services Act.

The DNS4EU also raises other issues. For example, it will offer better security options for "customers" who pay, which seems strange for a government-backed service.

As said before, the project is still in its early stages and a lot of details have yet to be fleshed out.

According to Breyer, this DNS solution shouldn't turn into a "Chinese-style Euro-Net." It's important that people are aware of these plans and that they are amended where needed, in order to maintain an open Internet.

From: TF, for the latest news on copyright battles, piracy and more.

'Criminal' VPN Shut Down By Europol and International Law Enforcement
Andy Maxwell, 18 Jan 05:04 PM

vpnlabIn common with all communications systems such as telephone networks, internet service providers and even email, VPN services can be used by honest citizens and criminals alike.

In terms of staying within the boundaries of the law, the important factor is whether the communications provider or service actively and knowingly encourages or facilitates illegal activities. According to an announcement by Europol, VPN provider VPNLab appears to have overstepped the mark.

VPNLabs Domain Seized, Service Shut Down

Historical visitors to the VPNLab.net website were previously greeted with the kind of message associated with many privacy-focused services.

"VPNLab is a service providing your security on the Internet by encryption of original traffic. Our service is designed for a broad spectrum of clients: webmasters, SEO-optimizers, traders, businessmen and people, who care about their personal security," the site read.

"Average users don't see the necessity of the described procedure and may even find it useless, however the latest featured legal proceedings involving people who were just expressing their opinions in their own web-diaries show the seriousness of Internet security issue."

Following a long-running international investigation by authorities in Germany, the Netherlands, Canada, Czech Republic, France, Hungary, Latvia, Ukraine, the United Kingdom and the United States, a new message is visible – one that suggests that the service was more than just a vehicle for enabling free speech.

vpnlab seize

VPNLab – 2008 to 2022

According to a Europol announcement, VPNLab began its operations in 2008, offering an OpenVPN-based service designed to provide online anonymity for as little as $60 per year. Exactly when the service came to the attention of law enforcement isn't currently being made clear but according to Europol, at some point VPNLab became popular with cybercriminals.

"Law enforcement took interest in the provider after multiple investigations uncovered criminals using the VPNLab.net service to facilitate illicit activities such as malware distribution. Other cases showed the service's use in the setting up of infrastructure and communications behind ransomware campaigns, as well as the actual deployment of ransomware," Europol says.

The European Union Agency for Law Enforcement Cooperation adds that as a result of the VPNLab investigation, more than 100 businesses have been identified as "at risk of cyberattacks" with law enforcement agencies currently working with these potential victims to mitigate their exposure.

International Cooperation

There seems little doubt that law enforcement authorities viewed VPNLab as a major cybersecurity problem.

In Germany, the Hanover Police Department played a key role and in the Netherlands, the country's Hi-Tech Crime Unit was called upon. Also taking part in the operation were the Royal Canadian Mounted Police, the Czech National Organized Crime Agency, the UK's National Crime Agency, the FBI in the United States, plus specialized agencies across Europe.

"On 17 January, disruptive actions took place in a coordinated manner in Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States and the United Kingdom. Law enforcement authorities have now seized or disrupted the 15 servers that hosted VPNLab.net's service, rendering it no longer available," Europol adds.

vpnlab seize2

Criminals "Running Out of Places to Hide"

According to Edvardas Šileris, Head of Europol's European Cybercrime Centre, the action against VPNLab shows that bad actors can't take anonymity for granted.

"The actions carried out under this investigation make clear that criminals are running out of ways to hide their tracks online. Each investigation we undertake informs the next, and the information gained on potential victims means we may have pre-empted several serious cyberattacks and data breaches," Šileris says.

An important feature of the announcement lies in the description of VPNLab. Rather than simply just another VPN provider offering anonymity on the regular internet, the service is claimed to have advertised itself on the dark web. While that certainly isn't a crime in itself, Chief of Hanover Police Department Volker Kluwe suggests an unacceptable level of participation in the illegal activities of VPNLabs' customers.

"One important aspect of this action is also to show that, if service providers support illegal action and do not provide any information on legal requests from law enforcement authorities, that these services are not bulletproof," Kluwe says.

"This Operation shows the result of an effective cooperation of international law enforcement agencies, which makes it possible to shut down a global network and destroy such brands."

The action against VPNLab follows a similar operation in June 2021 that targeted DoubleVPN. In that matter the VPN provider was also claimed to be complicit in the actions of its users, not simply by providing anonymity, but by advertising itself on cybercrime forums as a means for ransomware operators and phishing fraudsters to hide their locations.

From: TF, for the latest news on copyright battles, piracy and more.

 
 
Powered by Mad Mimi®A GoDaddy® company

No comments: