So they're pressuring a DNS resolver to block a specific website? That seems like an incredibly slippery slope.

What stops them from forcing Chrome to block the website, or LetsEncrypt to not issue any more certificates for the domain, or Microsoft and Apple to add them to their firewalls? Hell, can they go after the infrastructure software developers and say, force nginx to add a check and refuse to serve the domain?

Then what happens when a fake report is sent to an open source project without budget for lawyers?

Oh trust me, if they could enforce the block at the browser level they would. We're well past the start of the slippery slope here in France when it comes to surveillance and control.

I started with telling ISPs to block websites at the DNS level. The people started using 1.1.1.1, 8.8.8.8, 9.9.9.9 and so on. So now they pressure those third-party DNS providers to do the same. This is why 9.9.9.9 is now unavailable here: they stopped serving France because they did not want to comply.

We already did the slipping. Sony sued Quad9 to have them block The Pirate Bay. They only lost after a lengthy legal exchange.

There's also voluntary censorship, so without any real due process, in some countries. Mostly at ISP level, but all the other entities you mentioned could also implement it. They may be forced to, as a means of dodging liability. There's all kinds of nefarious schemes.

> What stops them from forcing Chrome

Amount of money and influence Alphabet has?

They've almost realized where to put the pressure. Almost. Once these kinds of attackers realize the real chokepoint of the modern web: certificate authorities for HTTPS certs, we're doomed. Everyone centralizes in the handful of companies and those companies decide every ~90 days which websites are visitable. Because browsers now come pre-configured to not allow visiting HTTP websites and people don't do HTTP+HTTPS anymore. Just HTTP-only.

The DNS resolver attacks are but pin pricks compared to the coming centralized control via CAs.