Comcast Outage Reveals DNS-Blocking’s Achilles’ Heel

Anyone wondering just how easy it will be to circumvent the domain-name system blocking proposed in the Combating Online Infringements and Counterfeits Act (COICA) received an object lesson last weekend. Comcast suffered a domain-name system (DNS) outage that spanned from Virginia to Boston, rendering customers – though still connected to the Internet – unable to reach websites by typing domains into the address bar or clicking links. One of CDT’s critiques of COICA has been that, for all the problems it poses, COICA just won’t be effective at stopping piracy and counterfeiting because evading DNS blocking will be trivially easy.

Getting around the outage was quick and easy: All we needed to do was simply update our browsers’ or routers’ DNS settings to direct requests to non-Comcast servers. How-to blog posts and tweets sprung up quickly. And not just in computer magazines and nerd-news sites, but also in major news outlets in Richmond, Washington, and Boston.

The point is not that everyone switched, or knew automatically what to do, but that the instructions were widely available and easy to find. Customers who found these posts were back online in minutes, and it will be just as easy for frustrated file-sharers to switch if their favorite torrent-tracker finds its domain blocked – maybe even easier, since a full-scale outage won’t be between them and the instructions. Food for thought as policymakers consider all COICA’s costs and limited benefits.