Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Hundreds of Sites Blocked By Canadian ISP

Zonk posted more than 8 years ago | from the quite-the-smooth-move dept.

Censorship 302

An anonymous reader writes "Last week Slashdot reported on the blockage of a union website by Telus, a leading Canadian ISP. Since that story, the company has restored access but the fallout continues. The move may lead to new ISP regulations in Canada and a study by the OpenNet Initiative has found that by blocking the union site, Telus also blocked an additional 766 websites including a breast cancer fundraising site." From the article: "While there are a number of different ways to block access to Web sites, the method Telus chose to block the Voices for Change site -- blocking its IP address -- produced massive collateral filtering. Filtering by IP address is efficient since ISPs can quickly and effectively block access to the target site using their existing routing technology. Many ISPs already block certain IP addresses to combat spam and viruses. Large networks, like Telus, have mechanisms in place to block IP addresses almost instantaneously, simply by updating their routers with a "block list" of addresses. However, it is common for many different, unrelated Web sites to share the same IP address."

cancel ×

302 comments

SPACE KUNG FU ON TEH SPOKE (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13238904)


If they want to do that its fine (3, Insightful)

Anonymous Coward | more than 8 years ago | (#13238908)


but expect to be sued for providing access to childporn, illegal software, coprighted material, terrorist training manuals, political sites, communists, bomb making equipment

slippery slope egh ? see you in the next RIAA lawsuit !!

Re:If they want to do that its fine (2, Insightful)

Anonymous Coward | more than 8 years ago | (#13239056)

Uh, Telus is in Canada & we don't have the RIAA up here.

Re:If they want to do that its fine (0, Offtopic)

MasterSLATE (638125) | more than 8 years ago | (#13239176)

Just to get you back on semantics, last time I checked, Canada is in America. North America, to be specific. So, RIAA technically can be Canada too. Next time, don't italicise the last A.

Re:If they want to do that its fine (3, Insightful)

Anonymous Coward | more than 8 years ago | (#13239276)

Actually, Canada would be part of the Americas, North and South, but North America specifically. Traditionally the United States of America is referred to as "America" in short. You can ignore this all you like and argue semantics, but it won't change a few hundred years of established usage in the English language.

It's like the hacker/cracker thing that comes up on Slashdot all the time. You know, that's great that you guys don't like that hacker is associated with taking down systems. Doesn't change the the public usage of the term "hacker" has become synomymous with it. Same with pirate. Make the cute statements like "Arr" or "Prepare to be boarded", but realize that wide public usage defines words, not the ineffectual semantical hair-splitting of some Slashdot poster.

Re:If they want to do that its fine (1)

NickCatal (865805) | more than 8 years ago | (#13239077)

ISPs are covered, at least in the USA, as long as they are proactive once receiving notice about these activities. And most hosts are only worried about the first three of the list you mentioned, the rest fall within "free speech." At least for now... diverging slightly... Being able to block IP addresses is extremely important. The reason it is so easy is because ISPs do it quite a bit when there is a major change in network activity (DDOS, Spam, etc), although there are other protective measures.

Re:If they want to do that its fine (3, Interesting)

Patrik_AKA_RedX (624423) | more than 8 years ago | (#13239313)

So all I need to do the get the post office in trouble is mail something illegal to some random person? In essence the post office and an ISP provide the same kind of service. Both allow 2 individuals to send each other materials. If I send a list of instructions on how to build some kind of explosive device, does it make any difference if I send it by email or by regular mail?

Besides can an ISP check on what you send without violating the law on privacy (the one that makes it illegal to read other peoples mail)?
IMO an ISP can't be held resposible for a email or file transfered. However they can be held responsible if they, after being notified by other people or an authority, don't stop a certain person from continuing sending harmfull mails or don't remove illegal content from their webspace.

Just my 2 cents.

i'm confused.... (1, Interesting)

BillyZ (169879) | more than 8 years ago | (#13238909)

"However, it is common for many different, unrelated Web sites to share the same IP address."

It is?

Re:i'm confused.... (2, Informative)

[Galaxie] (40909) | more than 8 years ago | (#13238918)

If your using hostname headers to distinguish between sites you host then yes, 1 ip can represent an unlimited number of websites.

Re:i'm confused.... (1)

Virak (897071) | more than 8 years ago | (#13238921)

Yes. A lot of cheaper hosting plans host the site on the same server as many others.

Re:i'm confused.... (0)

Curien (267780) | more than 8 years ago | (#13239059)

Without HTTP 1.1 and the Host header, you could just bind multiple IPs to a single machine. Similarly, a lot of very expensive hosting services use one public IP and load balance across several servers.

In short, I can't figure out what the point of your post is. The only time you're guaranteed one IP per domain name is if they uses HTTPS, and even then you're still not guaranteed one IP per machine.

Re:i'm confused.... (1)

TripMaster Monkey (862126) | more than 8 years ago | (#13239099)


Without HTTP 1.1 and the Host header, you could just bind multiple IPs to a single machine.

Yes, but I believe your limit with hard IPs is 256 (IIRC). With host headers, your only real limit is the robustness of your hardware and the size of your pipe (although with Apache, at least, if you want more than 2048 hosts, you do have to redefine the HARD_SERVER_LIMIT in src/include/httpd.h, and then recompile...again, IIRC).

Re:i'm confused.... (1)

Virak (897071) | more than 8 years ago | (#13239105)

That's what I was saying; a lot of sites are hosted on the same server, and as a result usually have the same IP address.

Re:i'm confused.... (3, Informative)

jez9999 (618189) | more than 8 years ago | (#13238928)

Yyyyyes, it is. Name-based hosting allows the web server to serve multiple sites up, based on the browser's Host: header as well as the IP address connected to.

Re:i'm confused.... (1)

Kjella (173770) | more than 8 years ago | (#13239033)

Which is what make it difficult to block. You need an layer 7 (application layer) firewall to block it, whereas any firewall can block a specific IP. While not unheard of, it requires a whole lot more processing power because you need to monitor the stream and parse text headers.

Re:i'm confused.... (1)

SillyNickName4me (760022) | more than 8 years ago | (#13239112)

While not unheard of, it requires a whole lot more processing power because you need to monitor the stream and parse text headers.

Ever heard about http proxy servers and transparant proxying?

In case of http its really easy since the tools for doing it are readily available and have been for a long time.

Re:i'm confused.... (1)

buysse (5473) | more than 8 years ago | (#13239315)

... Which does not change the fact that a layer 7 filter, such as an HTTP proxy, takes quite a bit more processing power than a simple IP-based (layer 3) ACL on a router.

In short, of course the parent's heard of a proxy. Of course it's easy *to set up* and the tools are available. Now, build me one that can handle multiple OC-48 pipes without slowing down traffic and won't piss off paying customers by caching pages with old information (such as pages that a web designer is working on, or cnn.com).

Not so easy anymore.

Re:i'm confused.... (1)

scovetta (632629) | more than 8 years ago | (#13239067)

They could always be a little smarter and have the router look into the packets to see if they are HTTP and contain a Host header that is blocked.

Note that SSL doesn't give much of a problem here Yes, the data (including the headers) is encrypted, but you can only have one SSL certificate per IP address (per port). I forgot the technical reason, but it seems silly that they haven't come up with a workaround yet.

Re:i'm confused.... (1)

halivar (535827) | more than 8 years ago | (#13238933)

>>"However, it is common for many different, unrelated >>Web sites to share the same IP address."

> It is?


Surely you didn't think that for $30 a month Hostway was giving you your own box, did you?

Re:i'm confused.... (5, Informative)

bmalnad (808193) | more than 8 years ago | (#13238936)

Yes! It is. It's called virtual hosting [apache.org] .

Re:i'm confused.... (1)

macklin01 (760841) | more than 8 years ago | (#13239281)

That's interesting. I'm sure many people who aren't familiar with the inner workings of the net (myself included) are surprised. The attitude of one website, one IP address seems to pretty prevalant. Take this tool [mozilla.org] , for instance, that shows the IP address of any website.

So, I suppose that visiting any one of these addresses should show the same address, right? Thanks again for your helpful explanation! -- Paul

Re:i'm confused.... (1)

TripMaster Monkey (862126) | more than 8 years ago | (#13239299)


Take this tool, for instance, that shows the IP address of any website.

All websites have at least one IP address. Not all websites have a unique IP address, however.

Re:i'm confused.... (0)

Anonymous Coward | more than 8 years ago | (#13238937)

Yes, you can point multiple domain names to one IP Address, and still have them as seperate websites.

Re:i'm confused.... (2, Informative)

jellomizer (103300) | more than 8 years ago | (#13238945)

Yes it is.

From the Apache WebSite.

http://httpd.apache.org/docs/2.0/vhosts/name-based .html [apache.org]

IP-based virtual hosts use the IP address of the connection to determine the correct virtual host to serve. Therefore you need to have a separate IP address for each host. With name-based virtual hosting, the server relies on the client to report the hostname as part of the HTTP headers. Using this technique, many different hosts can share the same IP address.

Name-based virtual hosting is usually simpler, since you need only configure your DNS server to map each hostname to the correct IP address and then configure the Apache HTTP Server to recognize the different hostnames. Name-based virtual hosting also eases the demand for scarce IP addresses. Therefore you should use name-based virtual hosting unless there is a specific reason to choose IP-based virtual hosting. Some reasons why you might consider using IP-based virtual hosting:
  • Some ancient clients are not compatible with name-based virtual hosting. For name-based virtual hosting to work, the client must send the HTTP Host header. This is required by HTTP/1.1, and is implemented by all modern HTTP/1.0 browsers as an extension. If you need to support obsolete clients and still use name-based virtual hosting, a possible technique is discussed at the end of this document.
  • Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol.
  • Some operating systems and network equipment implement bandwidth management techniques that cannot differentiate between hosts unless they are on separate IP addresses.

Re:i'm confused.... (1)

Dtyst (790737) | more than 8 years ago | (#13238955)

With apache you can host as many domain as you like on on IP check NameVirtualHost [apache.org]
So many ISPs (especially small ISPs) host as many domains as one physical server (1 ip-adress) is capable of. So having hundreds of domains of one IP-adress is very common and one of the reason why there's still (ipv4) IP-adresses even if internet/domain usage is increasing.

Re:i'm confused.... (1)

brenddie (897982) | more than 8 years ago | (#13238976)

virtual hosts
as long as all of them resolve to the same IP
The server can tell which page to serve based on the request
Thinking about it, theres no way each site could have an unique IP address, theres just so many addresses

Re:i'm confused.... (0)

Anonymous Coward | more than 8 years ago | (#13238996)

Who would of though a 2 word post would get so much responce. Of course you probably should have put a [scarasm][/scarasm] tag around your post inorder to be modded funny.

Hey BillyZ, (0)

Anonymous Coward | more than 8 years ago | (#13239173)


With such a low slashdot ID (169879) you can't be new here. This is Just to remind you that on slashdot you never say "i'm confused" or "I don't know" you must always post as if you are matter expert on the subject - even if you are talking out of your arse.

Actually, especially if you are talking out of your arse. That is what makes slashdot interesting and funny to read.

Not that sinister (0)

Anonymous Coward | more than 8 years ago | (#13238910)

Our little northern brothers were just excited about their zamboni driving jobs coming back with teh NHL.

Uh oh (3, Interesting)

coflow (519578) | more than 8 years ago | (#13238914)

From TFA: "the blockage occurred at the Internet backbone level, thereby blocking access for other ISPs (and their customers) that use Telus as their provider."

I'm certainly no legal expert, but this seems like it could open the floodgate for litigation. Maybe by the time the regulations arrive the market will have already corrected this problem?

Re:Uh oh (1)

James_Aguilar (890772) | more than 8 years ago | (#13239061)

If it's been going on for so long and no one has sued yet, what reason is there to believe that anyone will? Plus, I'll bet that Telus has its butt covered with stuff in the license agreement about how they can block anyone and everyone they choose and you are not allowed to complain.

Re:Uh oh (1)

PhYrE2k2 (806396) | more than 8 years ago | (#13239193)

Why?
  The data passes over their network, so they can do as they wish with routing it. they're not stealing it, they're just not completing the route.

Look at any dedicated service contract (T1's, ethernet, T3's etc) and you'll see lovely print saying they can do whatever they want.

You are connecting to their network- not the other way around... hence you are subject to the way they run their network..

-M

Illegal, reckles, and dangerous. (4, Insightful)

TripMaster Monkey (862126) | more than 8 years ago | (#13238915)


From The OpenNet Initiative PDF:
Section 36 of the [Canadian Telecommunications] Act states that, without the approval of the Canadian Radio-Television and Telecommunications Commission, a "Canadian carrier shall not control the content or influence the meaning of telecommunications carried by it for the public," and Section 27(2) of the Act prohibits a Canadian character, in providing a telecommunications service, from "unjustly discriminat[ing] or giv[ing] an undue or unreasonble preference toward any person, includ[ing] itself, or subject[ing] any person to an undue or unreasonable disadvantage.
Clearly, Telus violated the Canadian Telecommunications Act by their heavy-handed disconnection of www.voices-for-change.com. This alone should be grounds for revocation of their license, but the incidental blocking of an additional 766 unrelated websites is even more reprehensible than their intended censorship.

Re:Illegal, reckles, and dangerous. (3, Insightful)

BHearsum (325814) | more than 8 years ago | (#13238965)

Does this mean that the blocking of ports is illegal?

Re:Illegal, reckles, and dangerous. (1, Insightful)

Anonymous Coward | more than 8 years ago | (#13239190)

If it isn't, it should be. An ISP must not interfer. I don't care if, for example, hundreds of thousands of users of a monopoly OS are getting infected by a worm which an ISP could easily block in the name of "customer protection".

The most I'd grant an ISP is anti-spoofing and blocking of bogon prefixes, although I'm not even sure about those. Any policy above that level is beyond technical considerations and must not be the IPS's concern.

Re:Illegal, reckles, and dangerous. (2, Interesting)

oostevo (736441) | more than 8 years ago | (#13238981)

I'm about the farthest from an expert on Canadian legal matters that one can be, so I'm truly curious, not trying to argue:

Does the Canadian Telecommunications Act include ISPs as 'carriers'? Most legislation considering telecommunications and common carriers that I know of was written before the internet was as popular and vital as it is now.

Re:Illegal, reckles, and dangerous. (2, Insightful)

Emperor Cezar (106515) | more than 8 years ago | (#13238982)

If they are not enforcing the regulations they already have, then why are they making new ones?

Re:Illegal, reckles, and dangerous. (1)

TripMaster Monkey (862126) | more than 8 years ago | (#13239156)


Exactly my point. Telus has clearly violated existing regultions...the authorities should be concentrating of enforcing those, rather than pointlessly re-legislating.

Re:Illegal, reckles, and dangerous. (1)

TeQGame (902612) | more than 8 years ago | (#13238994)

Alas, Telus has a long history of using their power and position to disadvantage others that dates back into the mid 90's.

Re:Illegal, reckles, and dangerous. (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#13238997)


From the TripMaster Monkey Karma whoring methodology manual :

here is where you insert a quote from the particular article the forum is discussing.
Pay attention to include approx 1 or 2 paragraphs from the article emphasizing this text with italics (using html code) to denote that you copied it from the article and so give the appearance that you read and understand the article, this will impress the moderators more than single comments


Here is where you state your conclusion about the above quote, again giving the moderators the impression that you indeed read and understood what was being discussed/comented on, this along with this posts visual formatting structure will impress the moderators who will more likely give you moderation points over other posters who do not follow this structure.

insert
/-\SCII _/'IG
- - --- -- -

MOD PARENT (0)

Anonymous Coward | more than 8 years ago | (#13239010)


see how easily moderators are suckered

Re:MOD PARENT (0)

Anonymous Coward | more than 8 years ago | (#13239053)

Big fucking deal. Why don't you go and tell your mummy, or perhaps teacher can sort it out for you?

Re:Illegal, reckles, and dangerous. (1, Interesting)

Anonymous Coward | more than 8 years ago | (#13239012)

I was under the impression that the web site was posting the address and personal information of scabs. Thats obviously an intimidation tactic, possibly even dangerious.

I think if they felt the site posed a danger to their employees, their right to safety is more important then thier status as a carrier, collateral damage be damned.

Re:Illegal, reckles, and dangerous. (2, Informative)

Aim Here (765712) | more than 8 years ago | (#13239028)

It wasn't. Telus lied.
Hope this helps.

Re:Illegal, reckles, and dangerous. (0, Troll)

cannuck (859025) | more than 8 years ago | (#13239106)

Illegal?! Huh. "Rule Bending" is the norm up here in Canada (just like it is in the USA). Once a business gets large enough - run by a bunch of rich wannabes - the business is protected by unwritten "laws" - only enjoyed by the self selected eiltes. The "normal" laws do not apply - and they even get even away with murder.

Re:Illegal, reckles, and dangerous. (1)

stillmatic (874559) | more than 8 years ago | (#13239215)

The funny part being is that if they revoke their license as a carrier, all the members of the union that Telus was trying to silence will be out of a job.

i'm glad... (5, Funny)

Anonymous Coward | more than 8 years ago | (#13238919)

i'm glad i live in the US where i don't have to worry about such things

Re:i'm glad... (1)

yls07 (885856) | more than 8 years ago | (#13239238)


In all seriousness, though, does anyone know if doing the exact same thing in the USA would be against any U.S. laws, or not?

I'm curious to know, and I think the point about oligopoly (made below) was spot-on: the fewer choices you have for ISPs (and the sunk costs involved make it a virtual certainty that there will be few), the less likely that you can "vote with your wallet" as a writer above suggests.

Re:i'm glad... (0, Flamebait)

uberfrank (899496) | more than 8 years ago | (#13239263)

Yeah, it's much better to concentrate on the important stuff, like not getting stabbed in the subway by a disgruntled minimum wage worker on crack! ;)

Never thought about it (1)

ChrisF79 (829953) | more than 8 years ago | (#13238920)

I never gave it much thought but that really is true, especially with all of the sites out there that don't do any form of e-commerce and don't need an SSL certificate. That really could be quite a few sites sharing that IP address. I'm not surprised I didn't think of it, because I'm an idiot, but it does surprise me that the ISP didn't--or maybe they just didn't care.

Re:Never thought about it (1, Informative)

Anonymous Coward | more than 8 years ago | (#13239075)

I think some people make the mistake that people who work at ISPs are expert, forward thinking network gurus with 30 years experience and a phd in networks and systems.

More often than not they are just kids recruited from school and payed a pitance, they may as well be flipping burgers.

Same goes for all sorts of companies and institutions. All your precious data and services are run by cretins.

Oh Canada!! (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13238924)

I love you man. Screw those bastards. Block those sites. Piss on these whiny liberal shites!

Canada is teh coolest!

Hypocrisy in action. (0, Flamebait)

Willeh (768540) | more than 8 years ago | (#13238927)

This is just some ploy to get people up in arms under false sentiments. What if instead of some poor cancer website, it'd been terrorists? Or the National Child Pornographer's association?

Just report the facts. Yes, blocking websites you don't like is bad (and bad PR). Yes, it should be stopped. But not because you're blocking some poor other websites. Collateral damage happens, like it or not.

Re:Hypocrisy in action. (3, Interesting)

TheSneak (904279) | more than 8 years ago | (#13238957)

It's not that they blocked these websites really, it's that they went about it the wrong way. There are rules and regulations regarding this sort of thing, and they were not followed.

If they had gotten the permission of the Canadian Radio-Television and Telecommunications Commission, then you would be correct. Though i suspect that even if they did this the legal way, it would cause bad PR anydangway!

Re:Hypocrisy in action. (1)

Willeh (768540) | more than 8 years ago | (#13239001)

It doesn't say there's already regulation, just that there's a review going on that MAY LEAD TO an ISP trust framework that prevents scummy things like this from happening (whether it's 1 site, or 767 sites).

Re:Hypocrisy in action. (5, Insightful)

TripMaster Monkey (862126) | more than 8 years ago | (#13238980)


Collateral damage happens, like it or not.

No, it doesn't. Collateral damage happens when the sysadmin is question is lazy and/or ignorant. It would have been easy to block access to only www.voices-for-change.com, and no others, but instead they chose to block the entire IP address. Either they wanted to pass the blockage off as an accidental outage (and failed) or the sysadmin just couldn't be bothered to do the extra work, and just blocked an entire IP in the router. Either way, it's despicable.

Re:Hypocrisy in action. (4, Informative)

whois (27479) | more than 8 years ago | (#13239234)

Thats not how it works, and I suspect these guys are running into the same problem we did.

I used to work for a national NSP and during my tenure there we developed a few ways to block IP's despite the fact that half the linecards in our network didn't support packet filtering.

The best way to do this was with a global null route. We'd add a route on all the routers pointing one of our unused IPs to the null0 interface. Then we ran a "null route server" where anything we wanted to block was routed to that IP address (causing all traffic to it to get blocked at the entry point, rather than routed through the network)

We used these measures exclusively for spammers and for large DOS attacks. (For DOS attacks it was less effective because you actually had to block the victim instead of the source, but it was better than nothing)

The point behind this is, many times we had virtual hosting providers call us up and tell us we'd blocked thousands of sites, some even went on to name names. We told them to get the spammer off their server before service would be restored.

This is the normal policy of most ISPs. No Collateral damage involved, you violated the terms of service and I'm sorry your business revolves around the idea of putting a thousand customers on one point of failure.

Now, I'm not saying this is what Telus did. I'm saying this is what they probably did and you guys are jumping to conclusions. The fact is, from a router standpoint it's extrodinarly hard to block "www.example.com" without doing it by IP address.

Re:Hypocrisy in action. (4, Informative)

B3ryllium (571199) | more than 8 years ago | (#13238985)

It could have been both (at 766 sites, it could quite easily have been both), not to mention that business websites could have been blocked as well. It was a nice, tidy, cut-and-dry violation of the Canadian telecommunications regulations act. The CRTC will probably have some fun things to say about it.

Re:Hypocrisy in action. (1)

unexpected (635152) | more than 8 years ago | (#13239039)

Invoke anger through false sentiments, eh? How about:

"This just in... among the 766 sites were numerous open source communities, pro-Linux news forums, and anti-Microsoft blogs..."

Now THAT would have been a much better tactic than some poor cancer website.

Re:Hypocrisy in action. (2, Insightful)

antifood (898331) | more than 8 years ago | (#13239060)

Right... but the initial ban was on a website that was revolving around the plight of union workers. What if instead of some poor cancer website, it'd been terrorists? Or the National Child Pornographer's association? Terrorists? National Child Pornographer's Association? Talk about red herrings.

Telus is a company that holds itself out to the public. They had no right to block information that was discerning to their own viewpoints (something we agree on). So if they didn't have a right to block the union website, how does "some poor cancer website" constitute as just collateral damage? This is not war, this is a company stepping over the boundaries of its regulatory regime. Maybe I just see it differently than you.

Re:Hypocrisy in action. (2)

iGN97 (83927) | more than 8 years ago | (#13239088)

I like to think that I pay for access to the Internet, not some corporation's idea of what the Internet should be like.

Unfortunately, that's not the case.

Re:Hypocrisy in action. (2, Insightful)

MarkKnopfler (472229) | more than 8 years ago | (#13239124)

And what of the poor terrorists who are incidentally paying for the bandwidth too ? I am not trolling or flamebaiting -- all I am saying is that censorship is not a part of a free society -- disagreement is.

Re:Hypocrisy in action. (3, Insightful)

Sique (173459) | more than 8 years ago | (#13239138)

Collateral damage is, what it is: Damage. And as such it should be handled. If you damage something, it's YOUR fault. End of story.

Public Outcry (5, Insightful)

Emperor Cezar (106515) | more than 8 years ago | (#13238959)

The ISP was pretty much forced to take down the block because of public outcry. No one wants to do business with an ISP that does things like that. With regulation the Canadian government has two options:

a) Force them to let everything through, but this means they can't block virus speading sites, etc

b) Only allow them to block what the regulators seem fit. Which puts what you see and can't see into the hands of beurocrats. This would cover all ISPs in Canada so you can't switch to one that does block stuff you want it to (Porn if you have little kids, etc.)

I personally prefer to let people hurt them in the wallet when they pull crap like this. Corporations take more notice when something hurts them in the wallet.

Re:Public Outcry (2, Insightful)

Ingolfke (515826) | more than 8 years ago | (#13239068)

The ISP was pretty much forced to take down the block because of public outcry... With regulation the Canadian government has two options:

Ah yes, the old government needs to get involved where the peopl have already solved the problem argument. The Canadian government doesn't need to do anything here. If Telus did violate a law on the books then the ONLY thing government should do is prosecute them, and that should come from the judicial part of the government, not the legislative part (I'm not sure exactly how Canada has all of this structured, hence the generic terms). Point is... congress and Co. are a bunch of kharma trolling whores that love to run in after a problem has already been solved, write soem hideous red-tape legislation, and take credit for solving the problem all the while mugging for the camera so they can get reelected during their next terms.

I personally prefer to let people hurt them in the wallet when they pull crap like this. Corporations take more notice when something hurts them in the wallet.

Maybe I misread you... because it seems like this solution should be option c)... meaning keep the government out of it. I would agree with this option.

Re:Public Outcry (1, Interesting)

TCM (130219) | more than 8 years ago | (#13239297)

a) Force them to let everything through, but this means they can't block virus speading sites, etc

And why should they? Blocking the spreading won't make the viruses go away. Plus, if I were a researcher or hobby virus analyser, I couldn't get to them anymore.

How about we get systems more secure so it wouldn't matter a single bit whether a site distributing some malware is reachable or not?

bad move by telus (0)

Anonymous Coward | more than 8 years ago | (#13238964)

This was really a short sighted move by Telus to block the Union's website and they should be held accountable. I'm hoping the intent was only to block the site from internal PCs so workers or scabs couldn't slander the company while at work but I doubt it. With pics of managers/people crossing the picket lines and scabs, the website did pose a potential risk (especially in radical-pro-union BC) but Telus should've taken proper the routes to have this material removed.

Wow (5, Informative)

GordoTheGeek (608960) | more than 8 years ago | (#13238967)

A buddy of mine is a desktop admin at Telus in Toronto (the strike is in Alberta and BC). That's a hell of a message to send to the rest of your employees: "We 'support' your right to strike, but we don't want your message to get out to the world."

And he thought he hated his job before the strike. Yow.

Re:Wow (0)

Anonymous Coward | more than 8 years ago | (#13239133)

The expression 'Don't bite the hand that feeds you' comes to mind in this case.

I encourage your friend to find employment somewhere else if he hates his job that much.

reality check (-1)

SalsaDoom (14830) | more than 8 years ago | (#13239324)

Hello?

We are talking about someone in Canada, when you get a job here that doesn't pay minimum wage you don't just quit it, even if its complete hell (and it usually is) -- because its so damn hard to find a decent IT job. The very best you can do is look for work while your working and hope someone is interested -- but just quitting a job here and sitting on unemployment while looking is a good way to end up selling your shit at the pawn shop to pay rent.

--SD

Blame it on Canada (0)

anandpur (303114) | more than 8 years ago | (#13238970)

Blame it on ....

Re:Blame it on Canada (0)

Anonymous Coward | more than 8 years ago | (#13239085)

Yeah, they're not even a real country, anyway.

And the moral of the story is... (2, Interesting)

jerryodom (904532) | more than 8 years ago | (#13238973)

Don't block IPs unless you're really really sure about it. Lasy bastard admins.

Not lazy; only choice (2, Insightful)

Anonymous Coward | more than 8 years ago | (#13239018)

If you are working with large-scale routing you aren't going to do application-layer filtering unless you have to. They didn't have to until this incident so the infrastructure (and it does require a massive one, transparent proxies for all their bandwidth) wasn't in place. Therefore, a quick instruction to the Cisco BFRs and no more website, based on IP.

It's unfortunate that the virtual hosting got nailed by it but if their decision (a bad one, the PR in Canada right now is horrible) was to block it, that was the only way to implement it.

the ultimate hypocrisy of slashdot (-1, Troll)

Anonymous Coward | more than 8 years ago | (#13239002)

uhm, slashdot bans IPs all the time. and many 'open source gurus' would ban entire IP subnets off of their irc channels without a second thought.

their argument? their space in cyberspace is 'private property' so they can do whatever they want and everyone is a guest on that property.

the ISP has the same argument, and if you disagree with that logic, then examine
your own actions, you hypocrites.

Re:the ultimate hypocrisy of slashdot (3, Interesting)

TeQGame (902612) | more than 8 years ago | (#13239034)

Hm, Telus is an NSP not just an ISP. They are a significant part of the backbone in Canada. As an NSP they are subject to different criteria for providing connectivity. Unfortunately, the laws in Canada are somewhat different than the laws elsewhere.

the ultimate flawed argument (2, Interesting)

TripMaster Monkey (862126) | more than 8 years ago | (#13239071)


So let me get this straight...you're comparing the behavior of an ISP, who is required by law to not impede access to the websites it hosts, to the behavior of a private website, who is under no such requirement.

Your argument is rather like saying since the city cannot ban people from driving down a street for no good reason, then it necessarily follows that these same people must be allowed unfettered access to the private residences on that street.

Next time, think before you post.

Re:the ultimate flawed argument (1)

LexNaturalis (895838) | more than 8 years ago | (#13239111)

I'm pretty new to Slashdot, but I'm fairly confident that thinking isn't a pre-requisite for posting comments. That's what it seems to me, anyway.

I for one welcome the slashdot thought police!

HEY JERKFACE! (1)

hoborocks (775911) | more than 8 years ago | (#13239229)

Internet's a public service - paid for by tax dollars.

Also, their blocking of the sites prevent OTHERS from getting to it - not necessarily ONLY their customers!

Try this on for size:

2. dstswr2-vlan2.rh.prnynj.cv.net (67.83.242.34)
3. r2-ge9-1.mhe.prnynj.cv.net (67.83.242.5)

...

10. csr1-ve240.SantaClarasc8.savvis.net (66.35.194.34)
11. 66.35.212.174 (66.35.212.174)
12. slashdot.org (66.35.250.150)

Now, if savvis.net decides to block 66.35 because it's an anti-savvis website, they are not only affecting their direct connectors (in this case, cablevision), they are affecting cablevision's customers as well.

Try thinking for ONE second next time.

Nothing new (3, Informative)

vchoy (134429) | more than 8 years ago | (#13239021)

For those of us with Dynamic IP addresses: there always been those times where you get that one bad bad 'black-listed' IP (previously used for spamming, haxing etc).

Worse still, 'black-list' blocks not JUST only the IP, but entire subnets or IP ranges...you spend a whole friggen day debugging your network-router-firewall setup and spend the rest of the week arguing with your ISP about who's fault it is.

Solutions:
ifconfig /renew? - sometimes does not work due to DHCP server keeps on serving you the same IP based on your MAC ADDR, and you are forced to wait for expiry lease to lapse.
change MAC address? - an option, as 'most' routers can 'spoof' MAC addresses.

Re:Nothing new (0)

Anonymous Coward | more than 8 years ago | (#13239107)

I ran into that problem last year when I was blocked for months from a website that lists cinema showtimes. Ipconfig/renew did nothing. Each time the IP address expired, I would be given the same one. An e-mail sent to the webmaster gave me the response of, "Oh, we don't block anyone." Riiiight. That's why I can access your site from work but not from home.

Re:Nothing new (0)

Anonymous Coward | more than 8 years ago | (#13239147)

Riiiight. That's why I can access your site from work but not from home.

Maybe your ISP did the same thing as Telus. Maybe the cinema listings site doesn't block anyone but their upstream provider does.

Re:Nothing new (1)

Trigun (685027) | more than 8 years ago | (#13239202)

No, changing MAC addresses is not an option either. What would you change it to? What if more than one person did it? You can really fuss to get it to work on cable, but a non-shared medium is going to send up a shitload of flags, and cause issues for at least two parties, if not everyone plugged into the same switch.

ipV6 with mandatory ingress and egress filtering at all routed connections, from the ISP to the backbone, and portable address spaces based on a logical heirarchy would go a lot farther.

Legal Precedent (1)

Sierpinski (266120) | more than 8 years ago | (#13239045)

"It's in the Canadian Criminal Code eh, like there's legal precedents set in cases in law."

"Yeah, so like give us our free beer, eh."

"You want free beer? Go to the brewery. Now get outta here before I put the two of YOU in a bottle."

On that good 'ole Canadian Criminal Code.
(Special thanks to Bob & Doug [imdb.com] )

Peoples Republic of Canada (1)

torrents (827493) | more than 8 years ago | (#13239072)

Haven't you heard? Canada is the new China... On a serious note, this is probably one of the few times when government should start meddling in the affairs of private enterprise. Especially one part of an oligopoly.

Goodbye Telus, Hello Shaw (2, Interesting)

Winterblink (575267) | more than 8 years ago | (#13239086)

In my area I have a choice between two high-speed internet carriers, Telus and Shaw Internet. Telus has pretty much just cinched the deal for me, that I'll be moving to Shaw as soon as possible.

Re:Goodbye Telus, Hello Shaw (1)

HermanAB (661181) | more than 8 years ago | (#13239178)

Just bear in mind that Shaw only allows SMTP/POP over their own network. So, if you are a typical geek and want to read your email from anywhere, then you may not like having to use webmail.

Re:Goodbye Telus, Hello Shaw (1)

Winterblink (575267) | more than 8 years ago | (#13239253)

Yep, Telus is the same way actually. It's annoying as hell, if you ask me. But I don't use my ISP email anyway so it won't be as much a concern to me.

Re:Goodbye Telus, Hello Shaw (1)

HermanAB (661181) | more than 8 years ago | (#13239291)

You can POP Telus mail servers from anywhere. They just block outgoing port 25.

And then there's DynIP. (1)

crovira (10242) | more than 8 years ago | (#13239135)

where IP addresses change pretty much at the whims and vaguaries of the sys admin and of reality interfering with assigning a 'stable' (not static) IP address.

What if yourHost.site.tld is given an IP address that is 'banned' as belonging to undesirables?

I long for the good ole' days... (3, Funny)

Ingolfke (515826) | more than 8 years ago | (#13239136)

when big corporations would just hire a bunch of thugs to beat the hell out of union organizers.

Re:I long for the good ole' days... (1)

mOdQuArK! (87332) | more than 8 years ago | (#13239295)

I wonder if they tried to beat any union organizers who were registered members of the NRA.

Corporations Replacing Governments (3, Interesting)

loyukfai (837795) | more than 8 years ago | (#13239139)

Used to see films set in the future that corporations had replaced governments and thought, it will never happen.

But seeing more and more such news today, it happens to me that, are we in the midst of this change?

In China, the government censors you, in Canada and Australia, the ISP censors you!

QOS Regulations Yes! (2, Insightful)

webzombie (262030) | more than 8 years ago | (#13239164)

I have long argued that the internet access business has needed regulations that govern Quality of Service, Code of Conduct and a Consumer's Bill of Rights.

The behaviour of Telus is outrageous and is probably a VERY SMALL tip on a MASSIVE iceberg.

As more and more services fight for consumer's internet pipe they should have protection against bad service and questionable tactics.

"the future is frendly" from telus website. (0)

Anonymous Coward | more than 8 years ago | (#13239174)

I hate telus- the union has been without a contract for several years.

Die union scum.... die (0, Flamebait)

variable26 (254802) | more than 8 years ago | (#13239199)

unions create lazy workers...

Don't cry for telus employees (3, Insightful)

Anonymous Coward | more than 8 years ago | (#13239236)

Ok fine it is a stupid move to have an ISP block access to any website and it should not be done... But the striking telus workers are just as much to blame. Those striking goons have been going about cutting fiber lines... Not to mention they have been asking people to pretty much DOS telus call centers with fake problems.

PS: The website was blocked after Telus found that their striking workers where taking pictures of employees who were crossing the picket line for the purpose of later harrasing those said employees. In my opinion both parties are equally at fault for the nice mess they cooked up.

Contact the CRTC about this (2, Informative)

StandardCell (589682) | more than 8 years ago | (#13239318)

http://www.crtc.gc.ca/RapidsCCM/Register.asp?lang= E [crtc.gc.ca]

There's a five-step form, and they'll refer the complaint. For a quick cut-and-paste snippet, go to the following:

Please be advised that Telus Corporation may be in violation of the Telecommunications Act, Section 36. Please see http://www.crtc.gc.ca/RapidsCCM/Register.asp?lang= E [crtc.gc.ca] for details on the violation.

better option (1)

SiggyRadiation (628651) | more than 8 years ago | (#13239329)

why didn't they configure their domain name servers to simply refuse to resolve the domain name. I create "special" copies of my own domains so they point to my private IP-addresses at home in stead of the internet-address that the rest of the world can use.

They could have created a pointer to a site of their own saying: "we don't like this site and have blocked it".
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...