Quad9 and Sony Music: German Injunction Status

I was sued in Germany by Axel Springer due to an ad blocker I wrote. The lower court of Hamburg ruled against me. They openly admitted they did not know what they were doing because the case was too technical for them. They were just happy to please the big corporation.<p>Hamburg is a favourite for such cases because they just have no clue about technology. They are just old fashioned.<p>As a small indie developer, I could not afford to keep on fighting. I gave up. I was a psychological wreck. And since it is not binding, big entities can afford to sue you non-stop.<p>Hamburg was the second time I was in a court. I got sued by the same big corporation. I won the first one.<p>Despite not being binding Sony will use this as a precedent and they will start going against the bigger DNS players, till all of them have to comply with their demands.

Fun fact: The same court ruled in 2008 that access providers may not be forced to block DNS: <a href="https:&#x2F;&#x2F;www.telemedicus.info&#x2F;lg-hamburg-bestaetigt-wirkungslosigkeit-von-dns-sperren&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.telemedicus.info&#x2F;lg-hamburg-bestaetigt-wirkungsl...</a><p>This Hamburg court in particular has produced hundreds of scandalous injunctions over the years, many of which were overturned later.

This, again, is like the local phone company being forced to block your ability to call people because of an assertion that the person being blocked has infringed on their copyright. It&#x27;s clear that the phone company has nothing to do with the situation and it&#x27;s a massive legal overreach to compel them to get involved.<p>But media megacorps have never cared about logic or sanity. They make their own reality with their piles of money and lawyers.

I really, really don&#x27;t like DNS censorship. I think that if a site is bad enough to warrant being taken down, it should be taken down by the authorities that host it.<p>OR, these governments should have a formal enforcement regime that monitors and sends takedown requests to DNS resolvers.<p>Then, high-tech people will either use .onion, or we will see again the popularity of alt-root DNS services.<p>So will the alt-root DNS website (whose domain is on the &quot;official&quot; root) be taken down, because it is a pointer to a pointer to potentially illegal stuff?<p>Where does it end? Or will the goal be simply to make it hard enough that only 1% of people know how to access it, vs. 20%?

Reading the suit, it is interesting that it is very much based around the fact that Quad9 already blocks resolution for &quot;malicious&quot; domains, and therefore already has a censorship process in place. Basically &quot;you&#x27;re already censoring, one more domain won&#x27;t hurt.&quot;

Maybe in retaliation to this &quot;legal&quot; attack on open infrastructure, DNS providers should de-list Sony domains.

It&#x27;s amazing Quad9 is run as a non-profit org.<p>I run an email forwarding[0] app and I need to do a lot of DNS query(for spam filtering purpose), I run dnsmasq top load balance between CloudFlare, OpenDNS, GoogleDNS, Quad9 and Hetzner DNS. Quad9 outperform the rest with 2-4x faster and more reliable. In term of reliable I meant they won&#x27;t rate limit me.<p>If anyone need reliable DNS, Quad9 rocks it. I&#x27;ll contribute my part on this battle too.<p>Thanks Quad9<p>---<p>0: <a href="https:&#x2F;&#x2F;hanami.run" rel="nofollow">https:&#x2F;&#x2F;hanami.run</a>

DNS is distributed, you can always run your own resolver <a href="https:&#x2F;&#x2F;openwrt.org&#x2F;docs&#x2F;guide-user&#x2F;services&#x2F;dns&#x2F;unbound" rel="nofollow">https:&#x2F;&#x2F;openwrt.org&#x2F;docs&#x2F;guide-user&#x2F;services&#x2F;dns&#x2F;unbound</a>

&gt; Artists deserve to be compensated,<p>I like this dig at Sony. I don&#x27;t believe for a second that Sony has any interest of the artists in mind. It&#x27;s all about their own profits at all cost. They wouldn&#x27;t care in the slightest if artists died of hunger. But that&#x27;s just my opinion from dealing with the record labels myself.

This is the equivalent of mandating that every freight company, shipping agent or port inspect every box for fakes or infringing materials.

This is a strange case in my opinion. Quad9 <i>and other open DNS servers such as CloudFlare, AddGuard, CleanBrowsing, Comodo, Google, OpenDNS, UltraDNS, Dyn, Yandex, HE.net and other open recursive servers</i> are additive. They are not authoritative for the offending domain, nor are they promoting it. Just because some of these servers happen to filter malicious sites does not mean their role or legal responsibility is to filter sites that break copyright laws. This is the wrong target and sets a bad precedent in my opinion. <i>I am not a lawyer.</i> The right approach would be to have the domain seized and removed from the root servers. There is already a process in place for this as I am sure Sony is aware.<p>I could see some people equating Quad9 to a CDN but that is not the same. CDN&#x27;s require the offender to set up an account and manually point the CDN to their site after accepting an acceptable use policy. An open DNS server requires no setup by the offender and no AUP. Anyone can point their client to the open DNS servers and request any domain.

I hope this is not frowned upon here but I believe the domain in question is canna[dot]sx. You can confirm this by taking some of the URLs in the report and substituting the blacked out domain with it and it indeed shows the Evanescence album that the document points to.<p>(I got this by doing reverse dns lookups on some of the IPs they list without censoring)<p>Edit: I have tried resolving using 9.9.9.9 and get the same answer as other DNS servers, even running from a VPS in Germany. It appears they have not blocked it yet?

Though they redacted the domain name at issue, they failed to redact the IP address that it resolves to. As a result, I can say that the domain at issue is www.canna.to. Further confirmation of this is that the banner of the forum associated to that page, board.canna.to, has a banner warnings its users that it&#x27;s moved to board.canna.tf to avoid the DNS block (&quot;Um einer DNS-Sperre auch des Boards vorzubeugen, haben wir es von canna.to abgekoppelt.&quot;).

I&#x27;ve been a happily paying customer of Spotify for nearly a decade now.<p>This is the kind of shit that makes me reconsider returning to piracy.

&quot;The Net interprets censorship as damage and routes around it&quot;.<p>- John Gilmore

Independent of the current case (and Hamburg rulings in gernal), I haven&#x27;t made up my mind yet about DNS blocking.<p>The countless analogies don&#x27;t really help me to find the right approach to handle these kinds of things.<p>First, the &quot;it only increases friction&quot; argument: Basically everything is like that. Barely anything is absolute in the regard. If locked doors are effective at stopping most get-ins, it doesn&#x27;t matter that they can easily be opened with a bit of skill.<p>Second, should every country have to accept everything that is legal to host in any other country, i.e., should countries be allowed to make and uphold their own laws? I mostly think so, but am not sure how to achieve this. Violations can easily be outside of the reach of the country but there is still a desire to prevent the influence. Is DNS resolution an appropriate point to attack this problem? I am not sure, neither from an effectiveness nor an sensibility point of view, but I find the point of view to pursue everyone in their home jurisdiction (if it can be determined at all) convincing either.

I don&#x27;t get it. Quad9 is Swiss based. How is it relevant what the clowns from the court in Hamburg think?

Ridiculous! A terrible precedent and failure of logic. I&#x27;m struggling to find words to express my frustration. They don&#x27;t even list the domains that we aren&#x27;t allowed to resolve!<p>Can we use this precedent to sue the US government in court for using DNS to kill Yemenis (drones run software like libc, libc uses DNS), or perhaps to sue Kellogg&#x27;s for making breakfast cereal that was eaten by someone on the morning they decided to kill someone?

How does Quad9 make money? Just through sponsors? Just seems like they don’t have any income with a free service but maybe I don’t understand.

Verizon has also been blackholing routes to ddos-guard for the past few weeks, cutting off access to any sites protected by them: <a href="https:&#x2F;&#x2F;torrentfreak.com&#x2F;why-is-verizon-blocking-pirate-sites-such-as-nyaa-and-mangadex-210608&#x2F;" rel="nofollow">https:&#x2F;&#x2F;torrentfreak.com&#x2F;why-is-verizon-blocking-pirate-site...</a>

Quite a lot of these lawsuits happening in Germany against local businesses. But can a German court really order a company located in Switzerland to comply? I thought that was the main selling point of Swiss-based companies.

If anyone from Quad9 is still here, I have an interesting suggestion.<p>While finding a legal solution, the resolvers could mark if a block was done due to a legal reason (ie. censorship), so that clients can react to that and ask another resolver instead. If enough resolvers would adhere to this practice, it would render these censorship attempts useless. Of course, client software would need to support this too.<p>I haven&#x27;t talked to the team yet here at <a href="https:&#x2F;&#x2F;safing.io&#x2F;" rel="nofollow">https:&#x2F;&#x2F;safing.io&#x2F;</a>, but I think we&#x27;d be willing to implement that in our DNS client.

Damn, that is my standard DNS by now. I hope they win the case, although chances are very low. I live a short trip outside the city where the judges preside and the court is quite infamous on rulings like these. They are old, afraid and wrong about many issues and won&#x27;t see that DNS provider aren&#x27;t responsible for content. Germany isn&#x27;t able to tackle modern communication infrastructure and related problems. On the other hand it has the capacity to ruin one of the best human developments in recent history. It is not beyond their capabilities.

Is the censorship applied globally or just to their resolvers in or near Germany? Unfortunately the domain names are redacted so it’s not straightforward to test this.

Oh well. I use Quad9. But at least now when a torrent site won&#x27;t work I&#x27;m reminded to turn on the VPN .

Caving in to Sony’s lawyers again. DNS resolution is not copyright infringement and someone needs to put Sony&#x2F;BMG in their place and make them go after those who are actually infringing instead of those who are providing internet backbone services.

&quot;The assertion of this injunction is, in essence, that if there is any technical possibility of denying access to content by a specific party or mechanism, then it is required by law that blocking take place on demand, regardless of the cost or likelihood of success.&quot;<p>Technically, this block does not stop anyone from getting the IP address for a domain. Anyone can resolve a domain name using public information that is disseminated from domain name registries, domain name registrars and other authoritative DNS providers. Quad9 is just a third party DNS provider, not an authoritative source for IP addresses. In theory, third party DNS providers could refuse to provide (resolve) the IP address for any domain name. They could do this on their own accord, to suit their own interests, or at the behest of anyone, e.g., an end user, a financial contributor (donor), an interested corporate partner, or perhaps pursuant to a court-ordered injunction.<p>In fact, this in exactly what Quad9 does: they block domains. They advertise this capability on their website, where even the most non-techical reader could find it. From the &quot;About&quot; page:<p>&quot;Quad9 blocks against known malicious domains, preventing your computers and IoT devices from connecting to malware or phishing sites.&quot;<p>Third party DNS has a number of potential problems; filtering is one. Funny how people have literaly turned that problem into a selling point. For example, OpenDNS, now part of Cisco, started a business doing DNS-based filtering.<p>Personally I fail to see why third party DNS (ISP-provided DNS or so-called &quot;open resolvers&quot;) remains a preferred method of retrieving IP addresses or other RRs. IMO, there is no technical advantange anymore.<p>Many years ago I wrote a system for resolving domains without using recursion, using only authoritative queries, never setting the RD bit. It was very fast. Faster than a cold cache, IME. It could actually get faster as it acquires more addresses of authoritative servers, because it does not need to look them up again. It &quot;learns&quot;. The best aspect though is that there are no unecessary third party middlemen. Third party DNS providers are not authoritative sources for any RR. They are middlemen. They do not operate for free. They are potentially subject to influence from whomever pays the bills.<p>People often discuss &quot;privacy&quot; when they discuss third party DNS service. IMO, using a shared third party DNS cache seems antithetical to &quot;privacy&quot; (not to mention &quot;security&quot;). In any event, it enables filtering by someone who is not an authority for the DNS data they are serving, a middleman. This is the view of an end user, not a corporation nor a developer working for one.

So now we know why the push to centralize DNS even more... ?

This is what the TOR browser is for.

Sony: the surreptitious installer of rootkits, COPA violator, and payola bribers. Now, with 50% more suck through DNS censorship!

The irony is, I’ve never experienced DNS problems with invite only piracy sites with quality and quantity 100x the public ones. And doubly so, because I’m sure a lot of Sony employees use them.

1.1.1.1 is the solution?

I wish they hadn&#x27;t complied. It wouldn&#x27;t be the first time a tech company stood up to this kind of thing. (Github and youtube-dl, Digg and HDDVD key, etc).<p>Not familiar with German law. What would happen if they simply ignored the injunction?

The fact that Quad9 so easily complies = will not use quad9