A simple human error resulted in the exposure of a serious systems design flaw in Denmark March 1st. A police officer accidentally copied a list of 8,000 legitimate domains, including Google and Facebook, to the child porn domain blocking directory.
Residents of Greenland and parts of Denmark awoke last Thursday to find they couldn’t access Google, Facebook, or almost 8,000 other popular websites. Instead, users were greeted by the Danish child pornography (CP) “STOP” page, warning them the page they were trying to access contained offensive material prohibited from viewing.
The message read, “The National High Tech Crime Center of the Danish National Police [NITEC], who assist in investigations into crime on the internet, has informed Siminn Denmark A/S, that the internet page which your browser has tried to get in contact with may contain material which could be regarded as child pornography.”
Denmark’s controversial CP blocking program came under fire again, as the mistake exposed a number of flaws in the way the service is managed. That a single clerical error could result in the blocking of thousands of innocent websites is worrisome for many.
AK Zensur, the German Working Group Against Access Blocking and Censorship, has been fighting the Danish block list for years, condemning the act of domain blocking by DNS hijacking as “looking away instead of acting.” In 2010, the group showed that with just a few emails, they could have entire sites, even those hosted in the U.S., taken down. In a sternly worded statement at the time, AK Zensur said, “Internet blocking does not fight abuse, in practice it only serves to conceal the failures of politics and police.”
NITEC manager Johnny Lundberg told Danish media after last week’s three-hour shutdown that a police officer had been using a colleague’s computer in his investigation of over 8,000 domains on the list. He accidentally copied the file to the wrong directory, resulting in Google, Facebook, and others landing on the CP list.
“We’re obviously very bad with it. We think it is a very important service we have with this blocking filter, and therefore it is something bad when something happens and we will of course apologize for the inconvenience it has caused,” Lundberg said (translated to English).
The incident raises a number of questions about the simplicity of a system with enough power to block out a substantial number of sites based on a single data input. It was the second time within a month Google has been misidentified as a threat. A Microsoft Forefront and Security Essentials update revealed an “incorrect detection” error that saw Google.com flagged as malware.