[LINK] Green light for internet filter plans

Stilgherrian stil at stilgherrian.com
Wed Dec 16 18:36:17 AEDT 2009 

On 16/12/2009, at 6:22 PM, Rick Welykochy wrote:
> Does anyone know what level of detail is contained in the black list
> that drives powers the filter?
>
> If it includes IP addresses, the filter will not attain 100% accuracy.
> IP addresses change all the time, in tune with the flux of the DNS.
>
> If it includes just domains, as in "wired.com.au", then the filter
> will overkill and block acceptable content.
>
> If it includes complete URLs, as in "http://nasty.com/?page=1239823&SID=1234 
> "
> then it cannot possibly be accurate since dynamic pages as per such
> a URL change all the time and often include things like SID (a  
> session ID)
> and other user-level identifying and modifying information. It is  
> impossible
> for the filter maintainers to know what all the parameters on a  
> dynamic
> URL are and what they are used for.

That one.

The ACMA blacklist is compiled from complaints from the public by  
staffers who are not by any stretch of the imagination network  
engineers.

A version of the blacklist was leaked to Wikileaks in March. It's easy  
enough to find.

As an example, a page at AbortionTV was on the site, with a file name  
of the form imagesN.html. It was blacklisted. But the pages with  
different values of N were not listed, even though they contained  
similar material, presumably because they were not complained about.

Other URLs in the list has PHP session IDs in the URLs, which means  
they would have only blocked the original complainant and no-one else.

Other people have reported that just adding a "?" at the end or a  
blacklisted URL would prevent it being blocked by the filter.


> It has been presumed or even indicated with some certainty that  
> other protocols
> such as BitTorrent, Tor and tunneling schemes will not be filtered.  
> Is this
> actually true? And if so, then the filter cannot be delivered with  
> 100%
> accuracy if it can be demonstrated that banned content is being  
> delivered
> into Australia using those protocols.

The Enex TestLab report confirms that NONE of the filters tested would  
block peer-to-peer traffic, instant messaging or chat rooms.

I wrote a bit about this in Crikey today (free to read):
http://www.crikey.com.au/2009/12/16/internet-filters-can-block-acma%E2%80%99s-blacklist-so-what/
or
http://is.gd/5pAYk


> If Conroy and his team do not understand the implications of the above
> observations, it is evident that they do not understand the underlying
> architecture of the Internet, or worse, that they are equating one
> protocol (http) with the Internet.

Actually they may well understand this, but this is a political  
exercise not a technical one.,


> Aside: what happened to the idea of an opt-in filter, for those who  
> really
> do want a "clean feed", whatever that really means?

That is the optional extra layer of filtering beyond the ACMA  
blacklist, still the subject of political discussion.

Stil


-- 
Stilgherrian http://stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 9516 5630
Twitter: stilgherrian
Skype: stilgherrian
ABN 25 231 641 421

More information about the Link mailing list