[LINK] Link Digest, Vol 192, Issue 22

Alana Maurushat a.maurushat at unsw.edu.au
Wed Nov 12 11:58:28 AEDT 2008


Internet Filtering
 
I wanted to annouce that the Cyberspace Law and Policy Centre at UNSW will run a symposium on Canberra's Internet Filtering scheme on Nov. 27 here in Sydney.  Our intention is for the symposium to be the first serious and  'informed' debate on the issues at hand.
 
We will be having technical officers from ISPs, telecommunication lawyers, media & journalism, and digital forensic experts there as speakers.  Hopefully the government will send someone to speak but they have not replied to our request at this juncture.
 
Please reserve this date in your calendar.  An official invitation with confirmed speakers will follow shortly.  Hope to see some of you there!
 
Alana Maurushat
Cyberspace Law and Policy Centre, UNSW
a.maurushat at unsw.edu.au

________________________________

From: link-bounces at mailman1.anu.edu.au on behalf of link-request at mailman1.anu.edu.au
Sent: Wed 12/11/2008 9:31 AM
To: link at mailman1.anu.edu.au
Subject: Link Digest, Vol 192, Issue 22



Send Link mailing list submissions to
        link at mailman.anu.edu.au

To subscribe or unsubscribe via the World Wide Web, visit
        http://mailman.anu.edu.au/mailman/listinfo/link
or, via email, send a message with subject or body 'help' to
        link-request at mailman.anu.edu.au

You can reach the person managing the list at
        link-owner at mailman.anu.edu.au

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Link digest..."


Today's Topics:

   1. Re: Fwd: Internet Filtering (Peter Batchelor)
   2. Canberra calls net filter trial (Bernard Robertson-Dunn)
   3. Re: Canberra calls net filter trial (Stilgherrian)
   4. Fwd: MR 141-08 ACMA encourages comment on mobile premium
      services code (Antony Barry)
   5. Re: XML isn't evil, just misunderstood (Richard Chirgwin)
   6. Google site warning on News.com.au (Richard Chirgwin)
   7. Re: Google site warning on News.com.au (Rick Welykochy)
   8. More trivia, what's an Avatar? (Marghanita da Cruz)
   9. Re: Google site warning on News.com.au (Fernando Cassia)
  10. Re: Google site warning on News.com.au (Kim Holburn)
  11. Re: Google site warning on News.com.au (Paul Bolger)
  12. Re: Google site warning on News.com.au (Kim Holburn)


----------------------------------------------------------------------

Message: 1
Date: Tue, 11 Nov 2008 13:53:38 +1100
From: Peter Batchelor <peter at batchelors.net>
Subject: Re: [LINK] Fwd: Internet Filtering
To: link at anu.edu.au
Message-ID: <8DCCBE0E-352F-4E1E-AA5E-A531B401E212 at batchelors.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed


On 11/11/2008, at 9:27 AM, Tom Worthington wrote:

>
> At 12:57 PM 10/11/2008, Roger Clarke wrote:
>>> ... http://www.userfriendly.org/ (see cartoon for 9/11/08 ) ...
>
> Perhaps "The Great Wave off Kanagawa" by Hokusai would be a better
> visual image for the problems of Internet
> filtering:
> <http://en.wikipedia.org/wiki/Image:The_Great_Wave_off_Kanagawa.jpg>.
>
> This shows fishermen rowing hard to get their catch to market, with
> the boats about to be swamped by a large wave. Mount Fuji is seen
> serene in the background.



old Russian proverb: Pray to God, but continue to row for the shore.

Peter





------------------------------

Message: 2
Date: Tue, 11 Nov 2008 16:15:10 +1100
From: Bernard Robertson-Dunn <brd at iimetro.com.au>
Subject: [LINK] Canberra calls net filter trial
To: link <link at anu.edu.au>
Message-ID: <491914DE.50101 at iimetro.com.au>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Canberra calls net filter trial
Fran Foo
November 11, 2008
The Australian IT
http://www.australianit.news.com.au/story/0,24897,24632210-15306,00.html

The federal Government has released details of its long-awaited call for
expressions of interest on live internet-service-provider content
filtering trials.

The Government is asking all ISPs to participate, as their feedback is
important.

Child protection group Child Wise welcomed the news, but a technical
group has dubbed the venture a risky business for ISPs.

BigPond, the nation's largest internet service provider, is reviewing
the call's terms and conditions before making a decision.

The Government, through the Australian Communications and Media
Authority (ACMA), has completed closed lab trials of ISP content
filtering conducted by Enex TestLab. The live trial, however, is the
first step towards evaluating whether ISP-level content filtering is
feasible in Australia.

"The participation of industry is crucial to providing evidence on the
real-world impacts for ISP content filtering, including on ISPs and
their customers," the government document, released yesterday, says.

ISPs have until December 8 to submit their applications.

The intention of the live pilot - also managed by Enex TestLab - is to
assess the impact of ISP content filtering on fixed and mobile internet
access devices.

The live pilot is scheduled to begin before the end of the year, but
ISPs will be able to start later, preferably before Christmas eve.

"Ideally, ISPs will participate in the pilot for a minimum of six
weeks," the document says. "ISPs that commence earlier will have the
discretion to participate in the pilot until its conclusion."

The Government plans to have two streams of filtered content. The
mandatory portion will adhere to a blacklist of thousands of illegal web
pages managed by ACMA and an optional clean feed of URLs that would
automatically censor content, mostly adult material.

"The Government intends to take an evidence-based approach to content
filtering at the ISP level and is committed to working closely with
industry to address any concerns, including costs and impacts on
internet speeds," the Communications Department said. "These concerns
will be carefully considered during a live pilot of ISP filtering, which
will test a range of content filtering solutions in a real-world
environment, with the co-operation of ISPs (including mobile telephone
operators) and their customers. The outcomes of the pilot will inform
the Government's decision-making on the ISP filtering framework."

A spokesman for Communications Minister Stephen Conroy said the
Government had been working with ISPs to develop the call for
expressions of interest.

Telstra, which runs the country's largest ISP, BigPond, has yet to
decide whether to participate. "We're in the midst of reviewing the EOI
document," Telstra spokesman Martin Barr said.

Sage-Au, a not-for-profit professional organisation representing system
administrators, said participating in the live trial at this stage was a
big risk for ISPs.

"It is a very important risk they take, as it is the participants in
this trial that are likely to be able to make the biggest difference in
discussions after the end of the trial," Sage-Au president Donna
Ashelford said. "On the other hand, if the live trial turns out to be a
disaster, having their name associated with it - as promised in the EOI
document - might be a dual-edged sword."

Ms Ashelford pointed to technical weaknesses with the EOI, one example
being that the live pilot would limit users to a maximum of 12Mbps.
"Many users exceed 12Mbps right now. Some national broadband network
proposals have involved technology that provides speeds up to 50Mbps.
How future-proof is the national broadband network supposed to be when
filtering systems are virtually guaranteed to bottleneck the resulting
network," she said.

Ms Ashelford pointed to a part of the document on ACMA's role: "ACMA is
responsible for maintaining the accuracy of the blacklist and the whole
framework requires use of the ACMA blacklist as a mandatory requirement.

"But who watches the watchers, and what methods are imagined for
addressing inevitable inaccuracies in the ACMA blacklist?"

Sage-Au has also proposed a three-pronged plan to keep the internet safe
for families, as it supports any practical initiatives to protect
children from viewing objectionable content on the web.

Ms Ashelford said a family friendly ISP program run by the internet
industry association lacked awareness and could do with a big push.

She called on the Government to invest more in educating parents on
cyber-safety. More funds should be allocated to organisations such as
ACMA and the Australian Federal Police to identify and remove illegal
content, usually hosted overseas, she said.

Meanwhile, Child Wise chief executive Bernadette McMenamin described the
release of the document EOI as "an excellent development".

"It's a fair and inclusive process that ISPs can be part of," she said.
"I wouldn't like to see anything but child sexual abuse sites blocked. I
like the two-tier approach of a mandatory, and opt-in and opt-out
mechanism."

However, any form of content filtering would have to accompanied by an
extensive education campaign, she said.

--

Regards
brd

Bernard Robertson-Dunn
Canberra Australia
brd at iimetro.com.au



------------------------------

Message: 3
Date: Tue, 11 Nov 2008 17:35:07 +1100
From: Stilgherrian <stil at stilgherrian.com>
Subject: Re: [LINK] Canberra calls net filter trial
To: The Link Institute <link at anu.edu.au>
Message-ID: <8EA36083-3627-4680-84D6-800D6FADCAAF at stilgherrian.com>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes

Or, this story just posted:

Net censorship plan backlash
http://www.smh.com.au/articles/2008/11/11/1226318639085.html

Opposition is mounting to the Government's controversial plan to 
censor the internet, with the head of one of Australia's largest ISPs 
labelling the Communications Minister the worst we've had in the past 
15 years.

Separately, in Senate question time today, Greens senator Scott Ludlam 
accused the Communications Minister, Stephen Conroy, of misleading the 
public by falsely claiming his mandatory censorship plan was similar 
to that already in place in Sweden, Britain, Canada and New Zealand.

...

Michael Malone, managing director iiNet, said he would sign up to be 
involved in the "ridiculous" trials, which are scheduled to commence 
by December 24 this year.

Optus and Telstra both said they were reviewing the Government's 
documentation and would then decide whether to take part.

But Malone's main purpose was to provide the Government with "hard 
numbers" demonstrating "how stupid it is" - specifically that the 
filtering system would not work, would be patently simple to bypass, 
would not filter peer-to-peer traffic and would significantly degrade 
network speeds.

"They're not listening to the experts, they're not listening to the 
industry, they're not listening to consumers, so perhaps some hard 
numbers will actually help," he said.

"Every time a kid manages to get through this filter, we'll be 
publicising it and every time it blocks legitimate content, we'll be 
publicising it."

...

Stil


--
Stilgherrian http://stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 9516 5630
Twitter: stilgherrian
Skype: stilgherrian
ABN 25 231 641 421



------------------------------

Message: 4
Date: Tue, 11 Nov 2008 17:37:02 +1100
From: Antony Barry <tony at tony-barry.emu.id.au>
Subject: [LINK] Fwd: MR 141-08 ACMA encourages comment on mobile
        premium services code
To: Link list <link at anu.edu.au>
Message-ID:
        <325A99CD-8C16-48A9-B156-FBE23D10184F at tony-barry.emu.id.au>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed



Begin forwarded message:

> From: "Australian Communications & Media Authority" 
> <media at acma.gov.au>
> Date: 11 November 2008 11:49:07 AM
> To: <tony at tony-barry.emu.id.au>
> Subject: MR 141-08 ACMA encourages comment on mobile premium 
> services code
> Reply-To: media at acma.gov.au
>
> ACMA encourages comment on mobile premium services code
> The Australian Communications and Media Authority welcomes the 
> opportunity for public and industry comment on the recently 
> released Communications Alliance Ltd draft industry code of 
> practice for mobile premium services.
> The full media release can be found at http://www.acma.gov.au/WEB/
> STANDARD/pc=PC_311493
>
>


------------------------------

Message: 5
Date: Wed, 12 Nov 2008 06:58:34 +1100
From: Richard Chirgwin <rchirgwin at ozemail.com.au>
Subject: Re: [LINK] XML isn't evil, just misunderstood
To: Link <link at anu.edu.au>
Message-ID: <4919E3EA.3090005 at ozemail.com.au>
Content-Type: text/plain; charset=ISO-8859-1

Thanks to all for suggesting tools to view XML. Firefox isn't much help
if it doesn't understand the XML; and regrettably, Craig, something's
not behaving in the XML2... toolset installation, but I will check out
the other tools and see where I end up.

RC

Marghanita da Cruz wrote:
> Richard Chirgwin wrote:
>> Jim,
>>
>> I guess it's the misuse that gets me rather than the use ...
>>
>>> Doesn't anyone remember the good old days of trying to reverse engineer
>>> maverick file formats that were different for every application?  When
>>> data is in xml you don't have to spend time working out the element
>>> order, where the commas and spaces go or if they're meant to be
>>> pipes or
>>> whatever.  It might make a simple csv list more difficult to wrangle
>>> but
>>> for any difficult data it's a godsend: you can read and write it with
>>> just about any recent environment using library functions with little
>>> work.
>> That's the theory ... I guess I'll have to pass to Craig's comment about
>> how often XML is done badly. The problem arises in two things, in my
>> experience:
>>
>> (a) people that roll-their-own XML assume that the consumer of the data
>> will be an expert, or that the "in house" XML reader actually works,
>> which only holds true until the person maintaining the dataset forgets
>> to pass on a change to the person maintaining the parser;
>>
>> (b) I can't, for the life of me, find a 'generic' parser - a stand-alone
>> app that would (for example) take an arbitrary XML file and produce a
>> table of "tags" so I can make sense of it. That would be a godsend ...
>> but it seems my Googling is letting me down.
> <snip>
>
> My experience of XML is limited to RSSFeeds, but I think what you're
> looking for is something to generate a DTD from a data file.
>
>> #
>> DTD Generator
>> If you choose to generate an external DTD, the DTD generator will
>> save the result to a file, and insert the !DOCTYPE declaration at the
>> top of XML instance ...
>> www.stylusstudio.com/dtd_generator.html - 24k - Cached - Similar pages
>> #
>> XML Tools : DTD, XML schema and XML document conversion software ...
>> Supply a file name and click the "Generate" button to display output
>> in a browser ... consistent XML interface to relational data and
>> includes Web Services. ...
>> www.hitsw.com/xml_utilites/ - 29k - Cached - Similar pages
>> #
>> Creating a Database Tag Definition (.dtd) File
>> in SGML data. A .dtd file serves as an interpreter for the Open
>> SiteSearch ... Use the following steps to create a .dtd file for your
>> SGML source data. ...
>> opensitesearch.sourceforge.net/docs/helpzone/dbb/dbb_50-00-11t.html -
>> 14k - Cached - Similar pages
>> #
>> SPLINK ? AsBeanGen - Generate value objects for DTD driven XML files
>> 28 Jun 2008 ... AsBeanGen is a class generator application written in
>> java which generates as3 data bean classes from DTD files. ...
>> splink.org/?p=14 - 31k - Cached - Similar pages
>
>
>
> Marghanita



------------------------------

Message: 6
Date: Wed, 12 Nov 2008 08:11:26 +1100
From: Richard Chirgwin <rchirgwin at ozemail.com.au>
Subject: [LINK] Google site warning on News.com.au
To: Link <link at anu.edu.au>
Message-ID: <4919F4FE.6050702 at ozemail.com.au>
Content-Type: text/plain; charset=ISO-8859-1

Linkers,

Looking for TV viewing habit data, I called up this search:
<http://www.google.com.au/search?hl=en&safe=off&q=australian+television+viewing+habits+site%3Aau&btnG=Search&meta=>

...and there on the first page of results was a News.com.au link:
<http://www.google.com.au/interstitial?url=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm>

...with Google's "this site may harm your computer" warning... using the
target URL brings up just the News.com.au link with the warning.

Now, I know that some people consider reading the Murdoch media to be
harmful in various ways, but it's the first time I've known Google to agree!

Sorry for the trivia, returning you to normal programming now...

RC


------------------------------

Message: 7
Date: Wed, 12 Nov 2008 08:42:23 +1100
From: Rick Welykochy <rick at praxis.com.au>
Subject: Re: [LINK] Google site warning on News.com.au
To: Richard Chirgwin <rchirgwin at ozemail.com.au>
Cc: Link <link at anu.edu.au>
Message-ID: <4919FC3F.7010802 at praxis.com.au>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Richard Chirgwin wrote:

> ...and there on the first page of results was a News.com.au link:
> <http://www.google.com.au/interstitial?url=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm>
>
> ...with Google's "this site may harm your computer" warning... using the
> target URL brings up just the News.com.au link with the warning.

Here is why: other sites accessed by News.Com are nasties:

http://www.google.com/safebrowsing/diagnostic?site=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm&hl=en

*OR*

http://tinyurl.com/6jpbd9


   "[The] Malicious software includes 33 scripting exploit(s),
    4 exploit(s). Successful infection resulted in an average
    of 3 new processes on the target machine."


This is simply not acceptable behaviour for a major news portal. Isn't it.


cheers
rickw



--
________________________________________________________________
Rick Welykochy || Praxis Services || Internet Driving Instructor

When the power of love overcomes the love of power,
the world will know peace.
      -- Jimi Hendrix


------------------------------

Message: 8
Date: Wed, 12 Nov 2008 09:03:04 +1100
From: Marghanita da Cruz <marghanita at ramin.com.au>
Subject: [LINK] More trivia, what's an Avatar?
To: Link list <link at anu.edu.au>
Message-ID: <491A0118.6010406 at ramin.com.au>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

<http://en.wikipedia.org/wiki/Avatar>
<http://en.wikipedia.org/wiki/Avatar_(computing)>

Marghanita
--
Marghanita da Cruz
http://www.ramin.com.au <http://www.ramin.com.au/> 
Phone: (+61)0414 869202



------------------------------

Message: 9
Date: Tue, 11 Nov 2008 19:14:41 -0300
From: "Fernando Cassia" <fcassia at gmail.com>
Subject: Re: [LINK] Google site warning on News.com.au
To: "Rick Welykochy" <rick at praxis.com.au>
Cc: Link <link at anu.edu.au>
Message-ID:
        <52733fad0811111414t293923a7m7a4d57de40af6932 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

On Tue, Nov 11, 2008 at 6:42 PM, Rick Welykochy <rick at praxis.com.au> wrote:

> Richard Chirgwin wrote:
>
> > ...and there on the first page of results was a News.com.au link:
> > <
> http://www.google.com.au/interstitial?url=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm
> >
> >
> > ...with Google's "this site may harm your computer" warning... using the
> > target URL brings up just the News.com.au link with the warning.
>
> Here is why: other sites accessed by News.Com are nasties:
>
>
> http://www.google.com/safebrowsing/diagnostic?site=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm&hl=en
>
> *OR*
>
> http://tinyurl.com/6jpbd9
>
>
>   "[The] Malicious software includes 33 scripting exploit(s),
>    4 exploit(s). Successful infection resulted in an average
>    of 3 new processes on the target machine."
>
>
> This is simply not acceptable behaviour for a major news portal. Isn't it.


There seems to be a problem with Google's reporting feature where anybody
can flag a given URL as malware-providing

See here
http://www.google.com/search?hl=en&safe=off&q=%22may+harm+your+computer%22+site%3Atheinquirer.net&btnG=Search

It branded PalmOS.com and a JavaFX blog as "harmful" before. The affected
sites were clueless of how to get rid of that flag.

I guess it can badly harm any legit site if enough people submit reports
against it...

Just my $0.02
FC


------------------------------

Message: 10
Date: Tue, 11 Nov 2008 23:26:02 +0100
From: Kim Holburn <kim at holburn.net>
Subject: Re: [LINK] Google site warning on News.com.au
To: link List <link at anu.edu.au>
Message-ID: <7C1087CD-2025-4FE5-85C4-0A93F8BDE050 at holburn.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes

It only appears to be ink.news.com.au, whatever that is.  Other 
news.com.au sites don't appear to have the problem.  Not that that's 
acceptable though.

Since the google diagnostic page doesn't say that it won't affect non-
windows systems, (unlikely as that is) plus the fact that it's a 
Murdoch site, I don't really feel like browsing there today.

There is really surprisingly little information on the diagnostic page 
about the type of infection which is a bit annoying.  Google doesn't 
give you the choice to go there except by copying and pasting the URL, 
just: "big brother google says this site is bad and we're not going to 
link to it".

On 2008/Nov/11, at 10:42 PM, Rick Welykochy wrote:

> Richard Chirgwin wrote:
>
>> ...and there on the first page of results was a News.com.au link:
>> <http://www.google.com.au/interstitial?url=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm 
>> >
>>
>> ...with Google's "this site may harm your computer" warning... 
>> using the
>> target URL brings up just the News.com.au link with the warning.
>
> Here is why: other sites accessed by News.Com are nasties:
>
> http://www.google.com/safebrowsing/diagnostic?site=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm&hl=en
>
> *OR*
>
> http://tinyurl.com/6jpbd9
>
>
>   "[The] Malicious software includes 33 scripting exploit(s),
>    4 exploit(s). Successful infection resulted in an average
>    of 3 new processes on the target machine."
>
>
> This is simply not acceptable behaviour for a major news portal. 
> Isn't it.
>
>
> cheers
> rickw
>
>
>
> --
> ________________________________________________________________
> Rick Welykochy || Praxis Services || Internet Driving Instructor
>
> When the power of love overcomes the love of power,
> the world will know peace.
>      -- Jimi Hendrix
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request







------------------------------

Message: 11
Date: Wed, 12 Nov 2008 07:28:50 +0900
From: "Paul Bolger" <pbolger at gmail.com>
Subject: Re: [LINK] Google site warning on News.com.au
To: Link <link at anu.edu.au>
Message-ID:
        <eab855560811111428m71b5cc29k17ae51c6ee56c234 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

I'm not arguing, but if you take a look at the site in question:

ink.news.com.au

It certainly doesn't look like anything an Australian media company
would produce - out of date content, misspellings, bad grammer.


2008/11/12 Fernando Cassia <fcassia at gmail.com>:
> On Tue, Nov 11, 2008 at 6:42 PM, Rick Welykochy <rick at praxis.com.au> wrote:
>
>> Richard Chirgwin wrote:
>>
>> > ...and there on the first page of results was a News.com.au link:
>> > <
>> http://www.google.com.au/interstitial?url=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm
>> >
>> >
>> > ...with Google's "this site may harm your computer" warning... using the
>> > target URL brings up just the News.com.au link with the warning.
>>
>> Here is why: other sites accessed by News.Com are nasties:
>>
>>
>> http://www.google.com/safebrowsing/diagnostic?site=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm&hl=en
>>
>> *OR*
>>
>> http://tinyurl.com/6jpbd9
>>
>>
>>   "[The] Malicious software includes 33 scripting exploit(s),
>>    4 exploit(s). Successful infection resulted in an average
>>    of 3 new processes on the target machine."
>>
>>
>> This is simply not acceptable behaviour for a major news portal. Isn't it.
>
>
> There seems to be a problem with Google's reporting feature where anybody
> can flag a given URL as malware-providing
>
> See here
> http://www.google.com/search?hl=en&safe=off&q=%22may+harm+your+computer%22+site%3Atheinquirer.net&btnG=Search
>
> It branded PalmOS.com and a JavaFX blog as "harmful" before. The affected
> sites were clueless of how to get rid of that flag.
>
> I guess it can badly harm any legit site if enough people submit reports
> against it...
>
> Just my $0.02
> FC
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>


------------------------------

Message: 12
Date: Tue, 11 Nov 2008 23:31:05 +0100
From: Kim Holburn <kim at holburn.net>
Subject: Re: [LINK] Google site warning on News.com.au
To: link List <link at anu.edu.au>
Message-ID: <33436772-1DD2-4A0E-97F4-0D0A349A5CBD at holburn.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes


On 2008/Nov/11, at 11:14 PM, Fernando Cassia wrote:

> On Tue, Nov 11, 2008 at 6:42 PM, Rick Welykochy <rick at praxis.com.au> 
> wrote:
>
>> Richard Chirgwin wrote:
>>
>>> ...and there on the first page of results was a News.com.au link:
>>> <
>> http://www.google.com.au/interstitial?url=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm
>>>
>>>
>>> ...with Google's "this site may harm your computer" warning... 
>>> using the
>>> target URL brings up just the News.com.au link with the warning.
>>
>> Here is why: other sites accessed by News.Com are nasties:
>>
>>
>> http://www.google.com/safebrowsing/diagnostic?site=http://ink.news.com.au/mercury/mathguys/articles/1999/990224a3.htm&hl=en
>>
>> *OR*
>>
>> http://tinyurl.com/6jpbd9
>>
>>
>>  "[The] Malicious software includes 33 scripting exploit(s),
>>   4 exploit(s). Successful infection resulted in an average
>>   of 3 new processes on the target machine."
>>
>>
>> This is simply not acceptable behaviour for a major news portal. 
>> Isn't it.
>
>
> There seems to be a problem with Google's reporting feature where 
> anybody
> can flag a given URL as malware-providing
>
> See here
> http://www.google.com/search?hl=en&safe=off&q=%22may+harm+your+computer%22+site%3Atheinquirer.net&btnG=Search
>
> It branded PalmOS.com and a JavaFX blog as "harmful" before. The 
> affected
> sites were clueless of how to get rid of that flag.
>
> I guess it can badly harm any legit site if enough people submit 
> reports
> against it...

In this case the diagnostic page says the following which is pretty 
specific (31 pages resulted in malicious software being downloaded):

> What is the current listing status for ink.news.com.au?
>
>     Site is listed as suspicious - visiting this web site may harm 
> your computer.
>
>     Part of this site was listed for suspicious activity 2 time(s) 
> over the past 90 days.
>
> What happened when Google visited this site?
>
>     Of the 284 pages we tested on the site over the past 90 days, 31 
> page(s) resulted in malicious software being downloaded and 
> installed without user consent. The last time Google visited this 
> site was on 2008-11-02, and the last time suspicious content was 
> found on this site was on 2008-11-02.
>
>     Malicious software includes 33 scripting exploit(s), 4 
> exploit(s). Successful infection resulted in an average of 3 new 
> processes on the target machine.
>
>     Malicious software is hosted on 9 domain(s), including 
> p060523.info, douhunqn.cn, ppexe.com.
>
>     4 domain(s) appear to be functioning as intermediaries for 
> distributing malware to visitors of this site, including 
> douhunqn.cn, letusearch.com, kkexe.com.
>
> Has this site acted as an intermediary resulting in further 
> distribution of malware?
>
>     Over the past 90 days, ink.news.com.au did not appear to 
> function as an intermediary for the infection of any sites.
>
> Has this site hosted malware?
>
>     Yes, this site has hosted malicious software over the past 90 
> days. It infected 1 domain(s), including masalafiles.com.
>
>

>
>
> Just my $0.02
> FC
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link

--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request







------------------------------

_______________________________________________
Link mailing list
Link at mailman.anu.edu.au
http://mailman.anu.edu.au/mailman/listinfo/link


End of Link Digest, Vol 192, Issue 22
*************************************




More information about the Link mailing list