[LINK] Filter to cause World Wide Wait
Marghanita da Cruz
marghanita at ramin.com.au
Thu Oct 30 15:30:22 AEDT 2008
Stephen Wilson wrote:
> There's an odd line about breaking open security that I don't understand
> in this report ...
>
> Bernard Robertson-Dunn wrote:
>> Filter to cause World Wide Wait
>> Jennifer Dudley-Nicholson
>> October 30, 2008
>> The Australian
>> http://www.australianit.news.com.au/story/0,24897,24575125-15306,00.html
>
> <snip>
>
>> Electronic Frontiers Australia board member Colin Jacobs warned the web
>> filter could also unwittingly make the internet unsafe for financial
>> transactions by breaking the secure encryption used by banks online.
>>
>> Five of the six web filters tested by the Australian Media and
>> Communications Authority this year were able to filter websites using
>> the secure protocol HTTPS, which would leave financial details exposed
>> to the internet service provider in charge of operating the filter.
>>
>> "If they sit in the middle and get between your web browser and the
>> bank's server it really breaks open the security and leaves the details
>> open to attack," he said.
>
> But the filter cannot break into the HTTPS stream without knowing the
> session key. That would require an extra arrangement for keys to be
> relayed to the filter from the *server*. Yikes!? Not even the ISPs
> would have these keys would they?
>
> What the ACMA report actually says is that "five of the six products are
> capable of filtering HTTPS traffic" which to me sounds like they were
> reading from a product spec, rather than reporting an actual test
> result. That is, the ACMA test didn't seem to actually run any filters
> in a mode where they really filtered HTTPS content.
>
> Does anyone know of a set-up where filters are getting HTTPS keys from
> somewhere? Or is it just a cute theoretical capability in these
> products' brochures, never actually put into practice?
>
it is a rumour...which I raised on link and kim responded to....
<http://mailman.anu.edu.au/pipermail/link/2008-October/079624.html>
--
Marghanita da Cruz
http://www.ramin.com.au
Phone: (+61)0414 869202
More information about the Link
mailing list