[LINK] Conroy abandons mandatory ISP filtering

rene rene.ln at libertus.net
Fri Nov 9 12:21:10 AEDT 2012

On Thu, 08 Nov 2012 08:07:21 -0800, Rick Welykochy wrote:

> Rachel Polanskis wrote:
>> On 08/11/2012, at 23:20, Andy Farkas <andyf at andyit.com.au> wrote:
>>> http://www.itnews.com.au/News/322333,conroy-abandons-mandatory-
>>> isp-filtering.aspx
> The article above mentions a hit list of known kiddie pr0n sites on
> the web. Huh? Web sites are very easy to track down. I really don't
> believe that the purveyors of KP are using web sites. Anyone know?

Short answer: 

Some almost certainly do, but most perhaps all of the types of web sites 
used are hacked pages of legitimate web sites, misuse of legitimate 
image-hosting web sites, or hidden and password protected sections (of e.g. 
adult porn sites) that cannot be found or accessed except by people "in the 
know". (There'd be less misuse of legit. sites if police agencies 
notified/requested legitimate site hosts to remove images instead of just 
adding their domains to DNS poisoning/block lists. AFAIK, only the 
German/BKA police do that after the German Govt instructed them to do so, 
about 12-18 months ago, after a BKA trial had been highly successful, 
instead of pursuing previous intention to mandate blocking.)

Longer answer/statistics, if interested in more detail:

There is very little in the way of reliable statistics because almost all 
agencies involved in compiling web site or page blocklists (including 
Interpol/Circamp) operate in an entirely non-transparent and unaccountable 

An exception is the UK Internet Watch Foundation (IWF). IWF's blocking list 
of CSA material URLs is based on criteria that is vastly, vastly, broader 
than the criteria used by Interpol for its "worst of" list (and past 
indications are that from time to time IWF's included material that would 
not even be "Refused Classification" in AU). IWF's calendar year 2011 
Annual Report[1] states that during that year:
* they had known of URLs hosted "on 1,595 domains worldwide" 
* "the list contained an average of 602 URLs per day over the 12 month 
* 50% of URLs were taken down within 10 days, and 95% within 45 days. 
* "For the past two years we have seen an increasing number of legitimate 
websites being criminally exploited to host this content" and that the "top 
10 types of websites" (unclear what top 10 means) were:

"Image Host (45%)
Banner Site (12%)
Social Networking Site (12%)
Generic Websites (10%)
File Host (6%)
Image Store (5%)
Image Board (4%)
Forum (3%)
Web Archive (2%)
Blog (<1%)
Various (1%)"

Re Interpol list, on 10 November 2010, Lars Underbjerg, Danish police 
officer and member of the EU CIRCAMP Project (the primary contributor to 
Interpol's list), told a German Parliamentary Committee[2] that on a 
specific day in November 2010 there were 246 domains on the Interpol "worst 
of" list (criteria is much narrower than the IWF's) and when he re-checked 
those domains 16 days later only 168 were resolvable (the overwhelming 
majority of which were hosted in USA, Canada and Western EU countries) and 
remarked that "The difference of 78 domains shows how dynamic the existence 
of these websites is." (NB: A domain is included on the Interpol list, for 
DNS poisoning, if it contains a single CSA image meeting their criteria, 
and Interpol/Circamp do not notify even obviously legitimate web hosts of 
CSA images that have been put on their site).

On ABC AM this morning[3], Conroy said there are currently 1400 websites on 
the Interpol "worst of" list. Credible? I think not, unless for example he 
meant the list the Aust. Federal Police distribute to AU ISPs and perhaps 
the AFP add domains notified by Interpol to the list, but never or rarely 
delete domains that have ceased to be on the Interpol list.


[1] http://www.iwf.org.uk/accountability/annual-reports/2011-annual-report

[2] English translation:
German language:

[3] http://www.abc.net.au/am/content/2012/s3629110.htm

More information about the Link mailing list