[LINK] Green light for internet filter plans
rene
rene.lk at libertus.net
Wed Dec 16 20:27:55 AEDT 2009
On Wed, 16 Dec 2009 18:22:56 +1100, Rick Welykochy wrote:
[...]
> If it includes complete URLs, as in
> "http://nasty.com/?page=1239823&SID=1234" then it cannot possibly be
> accurate since dynamic pages as per such a URL change all the time
> and often include things like SID (a session ID) and other user-level
> identifying and modifying information. It is impossible for the
> filter maintainers to know what all the parameters on a dynamic URL
> are and what they are used for.
Also, the Enex Report states:
"An increasingly common technique used to negate filters is known as fast
fluxing and involves the rapid and automated change in IP addresses. This
technique can be effectively employed against a number of filters that
block using the IP address. Importantly, it should be noted that this
technique is employed by providers of content rather than end-users."
Also, Telstra's report on their own trial (not conducted via the Enex/Govt
trial) states:
"After some review of the available industry data it was decided that
testing an IP Plus Proxy solution wouldnt yield value due to a recent
rising phenomenon known as 'Fast Fluxing'.
Fast Fluxing is the term used to describe the rapid movement of
Internet content from one IP address to another in order to avoid IP based
blacklisting. This technique is now widely used by individuals who are
attempting to propagate objectionable material, especially over the last 6
months. This has become a popular method of distributing objectionable
content because the content is actually hosted on PCs which have been
hijacked. The IP address of a hijacked PC typically changes every time the
(unsuspecting) Internet user connects to the Internet (which makes IP
blocking ineffective)."
http://exchange.telstra.com.au/wp-content/uploads/2009/12/TBT-final-report1
.pdf
The relevance of the above is that Conroy has long cited UK BT's
implementation of blocking 'cp' as evidence that blocking works without
performance degradation etc. BT uses a purpose built 'hybrid' filter (which
they invented in about 2004) which uses IP address lookup in the first
stage of the filtering process.
Enex and Telstra are saying that IP address lookup has become ineffective
in dealing with objectionable content because some/many of the alleged
content providers have moved on to using "fast fluxing" (which presumably
means that the much lauded UK BT system is much less effective now than it
was some 5 years ago).
For that reason, Telstra trialled a hybrid system that uses DNS, instead of
IP address lookup, in the first stage of the filtering process. Telstra
said in its report that their system would be easily circumvented; and that
if URLs on heavy traffic web sites, such as YouTube, were added to the
blacklist then there would be significant speed degradation (the leaked
ACMA blacklist had YouTube URLs on it, reportedly some were videos
promoting the crime of graffiti); and that their system would cause the
same problems as happened when UK IWF added a page on Wikipedia to their
blacklist (which they subsequently removed from their blacklist).
All up, it's an "arms race" and there does not appear to be any
filtering/blocking method that can prevent inadvertent, and certainly not
intentional, access by children or adults to objectionable content.
At most, the govt's plan to implement mandatory ISP level blocking will
result in a false sense of security by anyone who does not have an adequate
understanding of how the Net works.
Irene
More information about the Link
mailing list