Down By Law
August 15, 2013 8:46 AM Subscribe
ISPs often don't say why a website is blocked and court orders are rarely voluntarily published. So when sites are blocked, it's really hard to find out why.
451 Unavailable is here to help ISPs make it clear why websites are blocked and to encourage courts to publish blocking orders.
Error 451 is a new error code to be shown when people visit websites blocked for legal reasons.
Courts can require ISPs to block access to certain websites. Showing the Error 451 message makes it clear when a website has been blocked after a court order.
In the UK, the websites that have been blocked so far have linked to content that infringes copyright.
In some countries, websites that contain material criticising the government are blocked. Access to the online work of journalists and opposition groups can be restricted.
Error 451 is a new error code to be shown when people visit websites blocked for legal reasons.
Courts can require ISPs to block access to certain websites. Showing the Error 451 message makes it clear when a website has been blocked after a court order.
In the UK, the websites that have been blocked so far have linked to content that infringes copyright.
In some countries, websites that contain material criticising the government are blocked. Access to the online work of journalists and opposition groups can be restricted.
Err no, not all websites blocked in the UK have done anything wrong at all.
posted by edd at 8:53 AM on August 15, 2013 [2 favorites]
posted by edd at 8:53 AM on August 15, 2013 [2 favorites]
"Oh, that's interesting. Let's see what's up with 451unavailable.org"
Your request was denied because of its content categorization: "Proxy Avoidance"
Welp.
posted by boo_radley at 8:53 AM on August 15, 2013 [6 favorites]
Your request was denied because of its content categorization: "Proxy Avoidance"
Welp.
posted by boo_radley at 8:53 AM on August 15, 2013 [6 favorites]
So has anyone implemented this in any webservers or proxies yet? Was the standard approved? It says it's still in draft form.
posted by Joe Chip at 8:54 AM on August 15, 2013
posted by Joe Chip at 8:54 AM on August 15, 2013
Your request was denied because of its content categorization: "Proxy Avoidance"
That is interesting. Can you connect to openrightsgroup.org? From what kind of organization are you connecting?
posted by RobotVoodooPower at 9:05 AM on August 15, 2013 [1 favorite]
That is interesting. Can you connect to openrightsgroup.org? From what kind of organization are you connecting?
posted by RobotVoodooPower at 9:05 AM on August 15, 2013 [1 favorite]
Doesn't this just add some transparency to what would otherwise be a dead URL? At least you know it is not a technical problem.
posted by three blind mice at 9:15 AM on August 15, 2013
posted by three blind mice at 9:15 AM on August 15, 2013
“Don't ask for guarantees. And don't look to be saved in any one thing, person, machine, or library. Do your own bit of saving, and if you drown, at least die knowing you were heading for shore.”
― Ray Bradbury, Fahrenheit 451
posted by MonkeyToes at 9:33 AM on August 15, 2013 [4 favorites]
― Ray Bradbury, Fahrenheit 451
posted by MonkeyToes at 9:33 AM on August 15, 2013 [4 favorites]
Should be a 5xx error, not a 4xx error.
posted by tylerkaraszewski at 9:45 AM on August 15, 2013
posted by tylerkaraszewski at 9:45 AM on August 15, 2013
Should be a 5xx error, not a 4xx error.
Disagree. If 401 Unauthorized is a client error, so is this.
posted by bfranklin at 9:50 AM on August 15, 2013
Disagree. If 401 Unauthorized is a client error, so is this.
posted by bfranklin at 9:50 AM on August 15, 2013
Disagree. If 401 Unauthorized is a client error, so is this.
401 is like showing up to your office and realizing you forgot your keys. This is like showing up to your office and finding the police have surrounded it with yellow "police line, do not cross" tape. The first is your fault. The second is not.
posted by tylerkaraszewski at 9:53 AM on August 15, 2013
401 is like showing up to your office and realizing you forgot your keys. This is like showing up to your office and finding the police have surrounded it with yellow "police line, do not cross" tape. The first is your fault. The second is not.
posted by tylerkaraszewski at 9:53 AM on August 15, 2013
But I was the one who left the lobby full of dead bodies.
posted by Ice Cream Socialist at 9:55 AM on August 15, 2013 [5 favorites]
posted by Ice Cream Socialist at 9:55 AM on August 15, 2013 [5 favorites]
Doesn't this just add some transparency to what would otherwise be a dead URL? At least you know it is not a technical problem.
It doesn't really add anything in practice. You could just redirect the whole site to a page that says "the government shut us down!" but returns 200 OK and the end user would see the same sort of message. Changing the server to return a 451 (or whatever) is going to be essentially an equal amount of work as making it always redirect to an error page. The URL is dead if the server's down regardless, it still has to be online to return 451s.
posted by tylerkaraszewski at 9:57 AM on August 15, 2013
It doesn't really add anything in practice. You could just redirect the whole site to a page that says "the government shut us down!" but returns 200 OK and the end user would see the same sort of message. Changing the server to return a 451 (or whatever) is going to be essentially an equal amount of work as making it always redirect to an error page. The URL is dead if the server's down regardless, it still has to be online to return 451s.
posted by tylerkaraszewski at 9:57 AM on August 15, 2013
401 is like showing up to your office and realizing you forgot your keys. This is like showing up to your office and finding the police have surrounded it with yellow "police line, do not cross" tape. The first is your fault. The second is not.
Analogies are inherently imperfect. And you're failing to make a case with your analogy for why this is a server error -- it isn't, it's an intermediate device, and the transparent filtering device is stating that you're not authorized to view the resource. Note that intermediate device codes are in the 400 series with 407, proxy authentication required.
posted by bfranklin at 9:58 AM on August 15, 2013
Analogies are inherently imperfect. And you're failing to make a case with your analogy for why this is a server error -- it isn't, it's an intermediate device, and the transparent filtering device is stating that you're not authorized to view the resource. Note that intermediate device codes are in the 400 series with 407, proxy authentication required.
posted by bfranklin at 9:58 AM on August 15, 2013
According to da specs, 4xx is client error, 5xx is server error.
451 still works in this context, because obviously the error was with the client in wanting illicit information.
I really do hope this gets implemented. It would be the best HTTP code since 418.
posted by neckro23 at 9:59 AM on August 15, 2013 [1 favorite]
451 still works in this context, because obviously the error was with the client in wanting illicit information.
I really do hope this gets implemented. It would be the best HTTP code since 418.
posted by neckro23 at 9:59 AM on August 15, 2013 [1 favorite]
Client error is correct; this is not a server error. The server is working fine, but refuses the client's request. It is not much different from a 403 Forbidden response.
posted by ryanrs at 10:10 AM on August 15, 2013 [1 favorite]
posted by ryanrs at 10:10 AM on August 15, 2013 [1 favorite]
I'm sitting here with my mid-morning coffee realizing that if televised debates over the proper use of server error codes was a thing, I would definitely watch it. Maybe even root out loud for my favorite team. Stay nerdy, Metafilter.
posted by bizwank at 10:21 AM on August 15, 2013 [2 favorites]
posted by bizwank at 10:21 AM on August 15, 2013 [2 favorites]
Has anyone submitted an RFC yet?
Yes. What is Error 451 links to an IETF submission, draft-tbray-http-legally-restricted-status-02.
posted by RichardP at 10:21 AM on August 15, 2013
Yes. What is Error 451 links to an IETF submission, draft-tbray-http-legally-restricted-status-02.
posted by RichardP at 10:21 AM on August 15, 2013
re: non-standard error codes, returns error 420 'Enhance Your Calm', if you're making too many requests on the search API.
posted by cmyr at 10:24 AM on August 15, 2013
posted by cmyr at 10:24 AM on August 15, 2013
Note that intermediate device codes are in the 400 series with 407, proxy authentication required.
407 is the *only* code in the 4xx range relates to proxies and it is a client error because the client failed to provide valid auth.
Please see the following codes:
10.5.3 502 Bad Gateway
The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed in attempting to fulfill the request.
and:
10.5.5 504 Gateway Timeout
The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server specified by the URI (e.g. HTTP, FTP, LDAP) or some other auxiliary server (e.g. DNS) it needed to access in attempting to complete the request.
Why would this not fall into the same category as these other two 5xx errors?
posted by tylerkaraszewski at 10:37 AM on August 15, 2013
407 is the *only* code in the 4xx range relates to proxies and it is a client error because the client failed to provide valid auth.
Please see the following codes:
10.5.3 502 Bad Gateway
The server, while acting as a gateway or proxy, received an invalid response from the upstream server it accessed in attempting to fulfill the request.
and:
10.5.5 504 Gateway Timeout
The server, while acting as a gateway or proxy, did not receive a timely response from the upstream server specified by the URI (e.g. HTTP, FTP, LDAP) or some other auxiliary server (e.g. DNS) it needed to access in attempting to complete the request.
Why would this not fall into the same category as these other two 5xx errors?
posted by tylerkaraszewski at 10:37 AM on August 15, 2013
I wonder if the NY Times problem yesterday was related to this. Not that I'm paranoid or anything.
posted by etaoin at 10:38 AM on August 15, 2013
posted by etaoin at 10:38 AM on August 15, 2013
Has anyone submitted an RFC yet?
Not if there's an NSL blocking one.
posted by Blazecock Pileon at 10:45 AM on August 15, 2013
Not if there's an NSL blocking one.
posted by Blazecock Pileon at 10:45 AM on August 15, 2013
> Doesn't this just add some transparency to what would otherwise be a dead URL? At least you know it is not a technical problem.
Not if, as boo radley points out, the third-party information site is also required to be blocked.
The point of 451 is that your browser gets a message more or less of "this site is blocked intentionally because of law", which is informative and unique. Proxiers and browser makers have a meaningful error code that can be distinguished from codes that mean "this site refused your connection" and "this site is unable to fulfill the request," and present a message appropriate to censorship.
posted by ardgedee at 12:21 PM on August 15, 2013
Not if, as boo radley points out, the third-party information site is also required to be blocked.
The point of 451 is that your browser gets a message more or less of "this site is blocked intentionally because of law", which is informative and unique. Proxiers and browser makers have a meaningful error code that can be distinguished from codes that mean "this site refused your connection" and "this site is unable to fulfill the request," and present a message appropriate to censorship.
posted by ardgedee at 12:21 PM on August 15, 2013
Why would this not fall into the same category as these other two 5xx errors?
While most proxies can capably function as both reverse proxies and general purpose proxies, the former is architecturally considered part of the server infrastructure, given that it lives at the remote socket.
The latter cannot be architecturally associated with the server infrastructure, and in the specific case that this code is addressing lives on the client's network.
posted by bfranklin at 12:22 PM on August 15, 2013
While most proxies can capably function as both reverse proxies and general purpose proxies, the former is architecturally considered part of the server infrastructure, given that it lives at the remote socket.
The latter cannot be architecturally associated with the server infrastructure, and in the specific case that this code is addressing lives on the client's network.
posted by bfranklin at 12:22 PM on August 15, 2013
I would love for nothing more than to have my website blocked by Russia, Ukraine, and China, if only to stop 95% of the spamming and hacking attempts it gets.
posted by elmwood at 2:24 PM on August 15, 2013
posted by elmwood at 2:24 PM on August 15, 2013
Anyone else think it's a bit insulting to be referencing Fahrenheit 451 in relation to websites blocked largely because they were devoted to spreading content like the latest Game of Thrones episodes?
posted by Muddler at 3:19 PM on August 15, 2013 [1 favorite]
posted by Muddler at 3:19 PM on August 15, 2013 [1 favorite]
Yes please. We need all manor of tools to expose what politicians and bureaucrats do.
posted by jeffburdges at 4:15 PM on August 15, 2013
posted by jeffburdges at 4:15 PM on August 15, 2013
Muddler: "Anyone else think it's a bit insulting to be referencing Fahrenheit 451 in relation to websites blocked largely because they were devoted to spreading content like the latest Game of Thrones episodes?"
Yeah, pointing to Fahrenheit 451 as expressing the evils of government censorship seems like a misinterpretation of Bradbury's work. I understood the book as a criticism of television and mindless entertainment more than censorship per se. Government censorship is definitely present in the book, but as I understood it, the book burning was done to preserve the happiness of the people, not as 1984-style political control. I felt like 451's firemen mostly had the support of the citizenry. Not quite the same here.
posted by Wemmick at 4:18 PM on August 15, 2013
Yeah, pointing to Fahrenheit 451 as expressing the evils of government censorship seems like a misinterpretation of Bradbury's work. I understood the book as a criticism of television and mindless entertainment more than censorship per se. Government censorship is definitely present in the book, but as I understood it, the book burning was done to preserve the happiness of the people, not as 1984-style political control. I felt like 451's firemen mostly had the support of the citizenry. Not quite the same here.
posted by Wemmick at 4:18 PM on August 15, 2013
(which is not to say that I'm opposed to making people aware of what has been suppressed by the government, just that Bradbury was writing about more than just censorship.)
posted by Wemmick at 4:19 PM on August 15, 2013
posted by Wemmick at 4:19 PM on August 15, 2013
Newest YouTube user to fight a takedown is copyright guru Lawrence Lessig
posted by jeffburdges at 7:05 AM on August 24, 2013
posted by jeffburdges at 7:05 AM on August 24, 2013
« Older VIDEO DESTROYED GAME OVER | Ladies and gentlemen, may I introduce the... Newer »
This thread has been archived and is closed to new comments
posted by schmod at 8:48 AM on August 15, 2013 [1 favorite]