Blacklist hitch causes Virgin Media FileServe block

Summary:The inclusion of a single FileServe URL on the Internet Watch Foundation blacklist caused a chain of events that blocked the entire cyberlocker for all Virgin Media customers

Virgin Media customers found themselves blocked from accessing the FileServe file-hosting site last week as a result of the Internet Watch Foundation blacklisting a single FileServe URL.

The problem has now been cleared up, although not before inconveniencing people who use the cyberlocker service for legitimate business purposes. The Open Rights Group has described the issue as demonstrating inherent flaws in site-blocking schemes.

"Customers may have experienced problems accessing FileServe as a result of a specific URL being on the IWF [Internet Watch Foundation] watchlist," a Virgin Media spokesperson told ZDNet UK on Monday. "We've spoken to the IWF and FileServe to resolve the issue, and our customers should now have full access again."

The issue first became apparent on Wednesday, when Virgin Media customer 'SandyB' complained on the ISP's forum of not being able to access FileServe.

"I know the majority don't use these one-click file-hosting sites legitimately, but I do, and it's currently interfering with my work," SandyB said.

In the ensuing conversation, it emerged that other Virgin Media customers also could not access FileServe. When they tried to do so, they were met with a splash screen telling them: "The IWF has recently implemented changes that may affect your download ability on the site."

On Friday, forum manager Mark Wilkin explained what had happened. The IWF, as is its remit to do, had added to its blacklist the URL for a file hosted on FileServe that contained child sexual abuse content.

Virgin Media's systems respond to a specific URL's inclusion on the IWF blacklist by sending all customers' traffic to the relevant host through a web proxy that filters out the bad URL, supposedly while leaving the rest of the traffic alone.

However, in this case FileServe's systems interpreted the vast amount of traffic coming from the proxy's limited set of IP addresses as a potential malicious attack. In response, FileServe blocked all traffic coming from Virgin Media's customers.

This shows that blocking technologies, when they are targeted at any type of service with a large number of users, are very prone to failure.

– Jim Killock, Open Rights Group

"We've contacted the IWF, and they're confirmed [sic] that FileServe.com is not on their watchlist, but that a specific URL on FileServe is," Wilkin wrote. "They've temporarily removed that URL from the watchlist and are currently attempting to contact FileServe about the claims they've made... to try and resolve this. The updated watchlist was published at 6pm today so it should already be having an effect."

Wilkin added that Virgin Media has dealt with similar "previous problems with file-sharing services" by getting the companies behind such services to whitelist the ISP's proxy IP addresses.

The IWF told ZDNet UK on Monday that it was not responsible for the way ISPs implement its blacklist, which it said was intended as "a short-term disruption tactic which can help protect internet users from stumbling across [child sexual abuse] images, whilst processes to have them removed are instigated".

"IWF's role in this blocking initiative is restricted to the compilation and provision of a list: the blocking solution is entirely a matter for the company deploying the list," the non-profit organisation said. "Our list is designed and provided for blocking specific URLs only. Any decision to convert or adapt the list to block whole domains may lead to the overblocking of legitimate content and is not supported by the IWF."

Accidental blocking

According to Jim Killock, head of online rights activists the Open Rights Group, the accidental blocking of legitimate content has become "quite a common occurrence".

"This shows that blocking technologies, when they are targeted at any type of service with a large number of users, are very prone to failure," Killock told ZDNet UK. "They are hard to scale properly, and the costs of scaling them are likely to be enormous."

Killock added that blocking should be "an absolute last resort and not some sort of substitute for removing illegal material", and also criticised FileServe's splash screen for not being completely transparent about the reason for the service blockage.

According to TorrentFreak, Hong Kong-based FileServe is one of the top 10 sites for file-sharing, with almost 20 million visitors each month. ZDNet UK could not reach FileServe for comment.


Get the latest technology news and analysis, blogs and reviewsdelivered directly to your inbox with ZDNet UK'snewsletters.="http:>

Topics: Networking

About

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't be paying many bills. His early journalistic career was spent in general news, working behind the scenes for BBC radio and on-air as a newsreader for independent stations. David's main focus is on communications, of both... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.