Uh oh...

http://news.bbc.co.uk/1/hi/world/asia-pacific/7165987.stm

"The new Labor government wants internet service providers to filter
content to ensure households and schools do not receive "inappropriate"
material. Civil libertarians have condemned the plan as unnecessary, and
say it will erode the freedom of the internet."

"Critics of the proposals have insisted they have no place in a liberal
democracy, and have accused Canberra of being oppressive."

"Concerns have also been raised that the government's filters could slow
down access to the net, in a country where connection speeds are often
below international standards."

Krudd's vision of a computer for every child and world class broadband -
China style...

 

So sad and almost funny , the bloke making the proposal is young and
supposidly "switched on"


hands up those who can bypass proxy and ip filtering in under 5 minutes


hands up those who would gladly alow their children unsupervised
connection to the internet under even these filtered circumstances


How about the overhead on an already slow and sadly unresponsive
connection system when compared with general overseas performance


Bloody laboring fools .

 

My kids can,, little buggers. (well not so little any more)

VNC and a key logger worked well untill they wised up to it.

Have we learned nothing?

Politicians deal in perception not reality! It matters not from which side
of the political fence the stupidity spew's forth, the media like lackeys
lick it up.

Remember it's all about being seen to be doing.

 

In aus.motorcycles on Tue, 01 Jan 2008 03:16:47 GMT

Well people still fail to learn that there's no point in technological
solutions to social problems.

Porn on the net is a social problem, trying to filter it just leads to
silliness. Ask the inhabitants of Scunthorpe and Middlesex.

Ask the various breast cancer charities. And I guess anyone born
before about 1950 who is named Richard.

There was a joke running around UNSW when I was working there that the
bods working on computer vision techniques were setting up a system to
provide better automated detection of human faces and bodies in data
streams, and that the obvious use for this was porn detection, but
that the early stages would need a lot of human checking of the
results....

THe solution is social really. Bombard the little pests with porn!
Having done my stint on "pink bits patrol" where we were looking for
people over-using the faculty network and so clogging it up, and
checking whether whatever they were looking at was work related, after
a while it's all boring. Even teenage boys will get sick of it
eventually! (I think...)

Zebee

 

Alas, tis very true!

Also true!

Well maybe,, hopefully like the kid in the lollies shop!

I know a lady who was doing her soc masters in "Electronic Communication
Morality" (porn on the internet). She started out thinking she could make a
difference. You note I said was.

 

How is this proposed silly solution much different from previous gov't
offerings, net-nanny anyone?

My son implemented an internal filter once. A few days later he sent out a
email to all staff asking their views on a proposed Xnas function venue. He
got mad when no-one replied. His email was headed BIT (for Bekkers IT)
CHristmas party. The filter program saw BITCH and cancelled his post. Guess
how long we had that.

Theo

 

....without root?

Could you explain how subjecting traffic requests to increased
processing is going to have the effect of further reducing transfer
rates on a network where the limiting factor is the switching capacity?

 

The difference between what Stephen Conroy appears to be proposing and
what Helen Coonan, as communications minster in the previous
government, authorised some $80 million to be spent on is pretty
fundamental...

....the project run under Sen. Coonan supposedly developed a client-
side filter for free download; I say supposedly, because there's every
chance there was minimal development taking place. Easy to circumvent;
all you need is admin rights on your own PC.

What Conroy is proposing is to have the content scanning done by the
ISP. Potentially much more sophisticated and potentially very useful
in bouncing chatter from botnet zombies off the wider Int4rW38Z. If
it's done properly - and having lawyers comment on it gives every
indication that it won't be - it'll be done by mandating that ISP's
purchase and run some kind of enterprise-scale content scanning
solution. These days, that means a dedicated box from someone like
Crossbeam, Blue Coat, Barracuda or SonicWall, running in whitelist
mode and monitoring requests made by subscribers who opt-in for a
"clean" internet feed.

DISCLAIMER: The mob I work for flog, among other things, just this
type of network security solution. Currently, it's bought by medium to
large corporations not keen on having their staff use company
bandwidth to suck down torrents. If this proposal becomes law, I stand
to get a lot busier...

 

On Tue, 1 Jan 2008 21:17:42 -0800 (PST),

It looks like it will be a blacklist type. With regular updates to
cater for new sites and content as such). I really don't think a
whitelist is viable. That would mean every single site (and content
if they're looking at that) would need to be listed.
I even doubt they would log things for any appreciable period either,
the larger ISPs would generate an incredible amount of log real
estate.

Also, an opt-out has pretty much been verified by the reports. So
you initially get it whether you like or not, and they implied you
have to call to disable it. I imagine many ISPs will set up an online
setup interface where the user can opt-out, bypassing the physical
support people (of which some ISPs have very, very little).

My guess is they have put out a tender for this type of thing, with
database updates as well.

Though they might not, I have a gut feeling there will be only one
common blacklist updated database. That is, not have it up to the
ISP to decide who they want to go with.

This option (verses the client side filter bullshit they tried
earlier), is politically more palatable, since there will be very
little if anything as far as notable taxpayer funds being wasted. The
bulk (if not all) of the cost will be borne by the ISPs.
So the end user pays for it one way or another, but it's policially
more friendly to their voters.

 

So far, all we have to go on is a single statement delivered by
Stephen Conroy (from what I've seen of it, it wasn't even a press
conference; he spoke, then fucked off without taking questions);
subsequent reports have all been reaction shots from people who saw
the same evening news reports as us...

The opt-out *has* been explicitly mentioned; let's see how long that
lasts once submissions from stakeholders start coming in. Opt-in with
whitelisting is the most workable way to do this, and I'm betting a
glazed doughnut that's the form the legislation will take once (if?)
it gets in front of parliament...

 

On Tue, 1 Jan 2008 22:52:57 -0800 (PST),

I hope it's an op-in, it'll save me a phone call at least.

Again, I would be willing to guess it's an all-or-none deal with the
lists, that is, if it's a whitelist, it would apply to EVERYONE on
that ISP.

But as I said, I don't think a whitelist is viable. Might be if you
only ever have your kids on it, but I really don't see too many
broadband users with filters that would be a chore to change for each
and every user being done. Some people struggle with the power
switch, and how are they going to field support questions for an
opt-out only system just because the user can't see their obscure
overseas online newspaper?
And I REALLY don't see them adding everly little bloody innocent site
to the whitelist.

It's a chore enough to do it locally, let alone via phone or even
website.

 

Oh dear. I'm tempted to say you don't know teenage boys all that
well, but maybe you just have a positive attitude toward humanity
(unlikely in a motorcyclist as it may seem).

 

Since the traffic being 'additionally processed' is presumably http traffic
(at least mainly) and the switching is tcp/ip there is no direct correlation
except in that adding a delay anywhere in the stream will make things
slower.

I suspect the real issue is the perceived number of hits which would need to
be looked up and approved/declined/redirected thereby causing the delays,
and that would be the same with either a whitelist or a blacklist, though
there are arguments about the level of effect of either.

I still think proper parental/peer supervision is most effective. And that
doesn't require IT skills. Just observation.. "Johnny, what is that you are
looking at?"

P

 

I don't know about your, or anyone's, childhood, but my parents had little
control over where I was and what I was doing. Trying to hand that
responsibility to the gov't is pointless. Before this internetty gizmo, kids
had to rummage in the bottom of dad's wardrobe to get porn, or steal it off
the shelves at the newsagent. But don't imagine for a second they didn't
have any.

Theo

 

The government doesn't need an additional mandate to regulate access to
the internet. Media are already censored to some degree in Australia.
All Conroy is trying to do is bring Internet access into line.

And I don't believe pornography is the driving force here anyway. The
pressure is coming from big media to close off access to torrents and
other file sharing sites. Closing off access to porn sites hurts the US
GDP, closing off access to music and video stealing helps the US GDP.

And whether it is a blacklist or whitelist system, doesn't it have to
happen at the top level Domain Name Servers? The ISP won't be
duplicating those databases. The cynic in me says that it will be the
bad users who want to access 'How To Commit Suicide' sites that will
suffer the latency, not parents and kids happily admiring school
yearbooks. So it will be a blacklist of some sort.

 

Hmm.. I don't know what sort of search algorithm they'd have in place
for such a blacklist search, but surely the response time would be
longer on access to a site which was not blacklisted than a site which was.

Nev..
'04 CBR1100XX

 

Yes, that makes sense, I hadn't thought it through properly. Try this:
you don't want to mess with the DNS database structure, so you put one
of IK's black boxes in front at the ISP which has a copy of the DNS
database with a full access flag field added and the IP addresses deleted.

Your request includes your flag status (full or restricted access),
which requires the same lookup at the ISP whether you're a good guy or a
bad guy: full access flag requests get passed through without checking
and the DNS resolves the IP. Restricted access flag requests only get
passed through if the black box flag matches and otherwise bounce.

Result: the good guys will observe some latency and the bad guys won't,
as you say.

To get round that you have to send the requests through to the black box
with the flag status unchecked, passing through all requests to
unrestricted sites and querying the access status of the user who wants
a full access site.

Result: the bad guys will observe some latency and the good guys won't,
but the system design sucks.

 

In aus.motorcycles on Fri, 4 Jan 2008 08:41:51 +0900

I read Legman's 2 volume "History of the dirty joke" when I was about
13. Was right there on the bookshelf. My parents just said "Don't
take it to school."

So I showed it to friends outside of school.

One unintended result - I can quote punchlines of pretty well every
dirty joke anyone knows and watch who blushes.

Zebee

 

So I'm wondering if anonymizing HTTP proxies will be blacklisted.

If every request coming from a computer goes straight to an
anonymizing proxy using encryption, not only do you completely
circumvent the censorship, you create less work for the black box and
prevent intermediate parties from reading your packets...

 

If the real purpose is to prevent copyright theft, then yes, since you
want to be able to prosecute the bad guys. So you would require the
black box to reject encrypted HTTP requests.