NEW YORK, (
) -- A controversial set of bills to combat online piracy could pose massive cybersecurity risks if approved by lawmakers, warn experts.
Stop Online Piracy Act (SOPA)
, currently in the House, and the PROTECT-IP Act, which is in the Senate, have already provoked fierce criticism from an unlikely alliance of libertarians, rival Internet giants and social networkers.
In a letter to Congress earlier this week, for example,
slammed the bills.
Online privacy bills currently making their way through Washington could kill the Internet, warn experts.
SOPA and PROTECT-IP, they argue, would involving censoring Web sites on behalf of content providers such as the Motion Picture Association of America (MPAA), which are pushing for the legislation.
Sandia National Lab also added its voice to the chorus of criticism this week, citing major security concerns.
Leonard Napolitano, the lab's director of computer sciences and IT, blasted the bills in a letter to Rep. Zoe Lofgren (D., Calif.) on Wednesday. Lofgren, who represents Silicon Valley, has been a vocal critic of SOPA and PROTECT-IP.
Specifically, Napolitano criticized a Domain Name Service (DNS) filtering proposal, which would force ISPs to make sure that offending Web sites cannot be accessed. DNS functions as a sort of Internet "lookup," translating Web site names into a numeric IP address
"The biggest risks to cyber security are to users who circumvent the DNS filtering by using foreign DNS servers or HTTP proxies, which could allow foreign servers to handle critical DNS lookups and Internet traffic," explained Napolitano, in his letter. "Using untrusted servers puts the user in dangerous circumstances by routing their sensitive DNS lookups and other Internet traffic through devices potentially controlled by criminals."
Napolitano also warned that the Internet itself could feel the strain of DNS. "Domain names often depend on other names to be resolved, and the failure of these dependencies can cause partial or complete failure of the dependent names," he wrote.
Additionally, the security expert warns that an authentication technology called DNSSEC could be disrupted by new DNS filtering requirements. "A DNS filtering mandate will likely slow DNSSEC adoption overseas and use of DNSSEC will make it more difficult for ISPs to comply with the filtering mandate in the bills."
"This analysis from one of our nation's top cybersecurity experts is the definitive word that this legislation would undermine Internet security efforts and would harm the Internet," added Lofgren, in a statement.
Earlier this year, a study published by a group of researchers, which included the chief security officer of
, warned of tension between PROTECT-IP and DNSSEC, describing the initiatives as "incompatible."
The MPAA, however, has fired back at Sandia's findings. "The negative impact to cybersecurity is related to how many users circumvent blocking by using foreign DNS servers," explained a spokesman, in an email. "We do not believe users are likely to flock to foreign DNS servers."
The association also refuted the suggestion that DNS filtering would slowdown DNSSEC adoption. "Contrary to what is claimed in the paper, DNS filtering and DNSSEC are not mutually exclusive," explained the spokesman.
Rep. Lamar Smith (R.,Texas), who introduced SOPA, also shrugged off the security concerns, highlighting instead the economic impact of so-called "rogue" Web sites.
"The theft of America's intellectual property costs the U.S. economy more than $100 billion annually and results in the loss of thousands of American jobs," he said, in an email. "If we allow these websites to continue to operate, we will hurt American companies, lose American jobs and stall American innovation."
The top contributors to Smith's campaign committee are the
, according to OpenSecrets.org.
--Written by James Rogers in New York
>To follow the writer on Twitter, go to
>To submit a news tip, send an email to: