Blacklist hitch causes Virgin Media FileServe block

Blacklist hitch causes Virgin Media FileServe block

Summary: The inclusion of a single FileServe URL on the Internet Watch Foundation blacklist caused a chain of events that blocked the entire cyberlocker for all Virgin Media customers

SHARE:
TOPICS: Networking
0

Virgin Media customers found themselves blocked from accessing the FileServe file-hosting site last week as a result of the Internet Watch Foundation blacklisting a single FileServe URL.

Read this

Home Office sets out plan to block websites

The government is considering plans for the web blocking of certain sites, such as those dedicated to Islamic fundamentalism, on state-funded networks

Read more+

The problem has now been cleared up, although not before inconveniencing people who use the cyberlocker service for legitimate business purposes. The Open Rights Group has described the issue as demonstrating inherent flaws in site-blocking schemes.

"Customers may have experienced problems accessing FileServe as a result of a specific URL being on the IWF [Internet Watch Foundation] watchlist," a Virgin Media spokesperson told ZDNet UK on Monday. "We've spoken to the IWF and FileServe to resolve the issue, and our customers should now have full access again."

The issue first became apparent on Wednesday, when Virgin Media customer 'SandyB' complained on the ISP's forum of not being able to access FileServe.

"I know the majority don't use these one-click file-hosting sites legitimately, but I do, and it's currently interfering with my work," SandyB said.

In the ensuing conversation, it emerged that other Virgin Media customers also could not access FileServe. When they tried to do so, they were met with a splash screen telling them: "The IWF has recently implemented changes that may affect your download ability on the site."

On Friday, forum manager Mark Wilkin explained what had happened. The IWF, as is its remit to do, had added to its blacklist the URL for a file hosted on FileServe that contained child sexual abuse content.

Virgin Media's systems respond to a specific URL's inclusion on the IWF blacklist by sending all customers' traffic to the relevant host through a web proxy that filters out the bad URL, supposedly while leaving the rest of the traffic alone.

However, in this case FileServe's systems interpreted the vast amount of traffic coming from the proxy's limited set of IP addresses as a potential malicious attack. In response, FileServe blocked all traffic coming from Virgin Media's customers.

This shows that blocking technologies, when they are targeted at any type of service with a large number of users, are very prone to failure.

– Jim Killock, Open Rights Group

"We've contacted the IWF, and they're confirmed [sic] that FileServe.com is not on their watchlist, but that a specific URL on FileServe is," Wilkin wrote. "They've temporarily removed that URL from the watchlist and are currently attempting to contact FileServe about the claims they've made... to try and resolve this. The updated watchlist was published at 6pm today so it should already be having an effect."

Wilkin added that Virgin Media has dealt with similar "previous problems with file-sharing services" by getting the companies behind such services to whitelist the ISP's proxy IP addresses.

The IWF told ZDNet UK on Monday that it was not responsible for the way ISPs implement its blacklist, which it said was intended as "a short-term disruption tactic which can help protect internet users from stumbling across [child sexual abuse] images, whilst processes to have them removed are instigated".

"IWF's role in this blocking initiative is restricted to the compilation and provision of a list: the blocking solution is entirely a matter for the company deploying the list," the non-profit organisation said. "Our list is designed and provided for blocking specific URLs only. Any decision to convert or adapt the list to block whole domains may lead to the overblocking of legitimate content and is not supported by the IWF."

Accidental blocking

According to Jim Killock, head of online rights activists the Open Rights Group, the accidental blocking of legitimate content has become "quite a common occurrence".

"This shows that blocking technologies, when they are targeted at any type of service with a large number of users, are very prone to failure," Killock told ZDNet UK. "They are hard to scale properly, and the costs of scaling them are likely to be enormous."

Killock added that blocking should be "an absolute last resort and not some sort of substitute for removing illegal material", and also criticised FileServe's splash screen for not being completely transparent about the reason for the service blockage.

According to TorrentFreak, Hong Kong-based FileServe is one of the top 10 sites for file-sharing, with almost 20 million visitors each month. ZDNet UK could not reach FileServe for comment.


Get the latest technology news and analysis, blogs and reviewsdelivered directly to your inbox with ZDNet UK'snewsletters.

Topic: Networking

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion