×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Security Flaws In Aussie Net Filter Exposed

ScuttleMonkey posted more than 5 years ago | from the let-your-government-do-your-thinking-for-you dept.

Security 182

Faldo writes "There's a three-part interview with a computer security expert on BanThisURL that goes into the flaws in the Aussie net filtering scheme. In addition to SSH tunnels and proxies, more worrying problems like trojaning the boxes to set up man in the middle attacks (which the interviewee has done in his lab), cross site scripting and the Australian blacklist leaking are all discussed. Worrying and relevant, especially since Thailand's blacklist has just been leaked."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

182 comments

Poor Design (5, Insightful)

Anonymous Coward | more than 5 years ago | (#26203367)

The concept itself is flawed. Centralized filters will never work, and any filtering system is imperfect. The best we can do is have individuals ascribe a reputation to a particular resource and based on trusting others' ratings we can tailor the firehose to our liking.

Anything else is just a way for some fearmongers to stay in office and/or make a quick buck.

Re:Poor Design (4, Insightful)

Hatta (162192) | more than 5 years ago | (#26203539)

The concept itself is flawed. Centralized filters will never work

Anything else is just a way for some fearmongers to stay in office

Sounds to me like it will work just fine then.

Re:Poor Design (3, Insightful)

D_Blackthorne (1412855) | more than 5 years ago | (#26205021)

I disagree; what it mainly will do is give the illusion that Australia's children are being protected from the Big Bad 'Ol Intarwebs -- which is to say that it'll make some busybody politicians look good to their constituency.

Don't they have anything better to do over there than screw with the internet? Don't they have some crime problems to solve or something?

From the article (4, Funny)

thewils (463314) | more than 5 years ago | (#26203373)

I've played with a lot of these boxes and the chances of having no security vulnerabilities at all is extremely low. In our testing we haven't actually found a box that we've been happy with the security of, except for little dedicated and extremely cut down boxes, but nothing of this type.

Disagree, they could just use a Windows box for this, as long as they keep it up-to-date with patches they'll be fine, right?

Re:From the article (2, Insightful)

Anonymous Coward | more than 5 years ago | (#26203549)

As long as Microsoft can keep up-to-date with their current security holes, then yes. However, with it taking them weeks to release patches for some of the biggest holes (recent IE flaw) that plan gets shot to shit fast. Even with all the latest patches, any system, be it Windows, your favorite linux distro or OS X, there's always holes waiting to be found and exploited. It's not how well the user is at running system updates, but how well the OS developers respond to critical security flaws.

Re:From the article (1, Troll)

iago-vL (760581) | more than 5 years ago | (#26203837)

Don't forget that every security patch that Microsoft releases is a hole that blackhats could already have been exploiting. Patches created now could (and often do) fix vulnerabilities dating back to the release of Windows 2000 or Windows NT. There's no way to guarantee that the holes aren't known and exploited by others.

That being said, any system with proper firewalling mitigates much of the issue. If the only port open to the public network is the one running the proxy software (or whatever it is), then there is very little attack surface.

Re:From the article (1)

suckmysav (763172) | more than 5 years ago | (#26206081)

"If the only port open to the public network is the one running the proxy software (or whatever it is), then there is very little attack surface."

1) Find buffer overrun hole in proxy URL parsing mechanism.

2) Craft website with appropriate URL

3) Browse your web site via the proxy

4) Profit

Great Filter. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26203387)

About GNAA:
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the first organization which gathers GAY NIGGERS from all over America and abroad for one common goal - being GAY NIGGERS.

Are you GAY?
Are you a NIGGER?
Are you a GAY NIGGER?

If you answered "Yes" to all of the above questions, then GNAA (GAY NIGGER ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join GNAA (GAY NIGGER ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time GNAA member.
GNAA (GAY NIGGER ASSOCIATION OF AMERICA) is the fastest-growing GAY NIGGER community with THOUSANDS of members all over United States of America and the World! You, too, can be a part of GNAA if you join today!

Why not? It's quick and easy - only 3 simple steps!

        * First, you have to obtain a copy of GAYNIGGERS FROM OUTER SPACE THE MOVIE and watch it. You can download the movie (~130mb) using BitTorrent.
        * Second, you need to succeed in posting a GNAA First Post on slashdot.org, a popular "news for trolls" website.
        * Third, you need to join the official GNAA irc channel #GNAA on irc.gnaa.us, and apply for membership.

Talk to one of the ops or any of the other members in the channel to sign up today! Upon submitting your application, you will be required to submit links to your successful First Post, and you will be tested on your knowledge of GAYNIGGERS FROM OUTER SPACE.

If you are having trouble locating #GNAA, the official GAY NIGGER ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is NiggerNET, and you can connect to irc.gnaa.us as our official server. Follow this link if you are using an irc client such as mIRC.

If you have mod points and would like to support GNAA, please moderate this post up.

_______________________________________________' 160-0023 Japan Tokyo-to Shinjuku-ku Nishi-Shinjuku 3-20-2

Copyright (c) 2003-2007 Gay Nigger Association of America

Re:Great Filter. (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#26203609)

You could at least update the Copyright notice to 2008. Put some effort in!

Just like DVD piracy... (4, Insightful)

hack slash (1064002) | more than 5 years ago | (#26203439)

...it will only serve to piss off those that can't circumvent the firewall (or unskippable anti-piracy adverts in the case of legit DVDs)

It is completely ignorant to think... (5, Insightful)

NoobHunter (1090113) | more than 5 years ago | (#26203455)

that things are unhackable.

"If you code it, it will be hacked!"

The Titanic was an example of what should be called Cockyisms. (The beliefe that one is better or their product is better than it truly is.) in this case, Unsinkable...and we all know how THAT turned out!

DVD encryption, DRM and now Net Censorship...the tighter the grip, the faster they will lose control.

Re:It is completely ignorant to think... (5, Informative)

flyingfsck (986395) | more than 5 years ago | (#26203811)

There were 3 identical ships built (Titanic, Olympic, Britannic). Only one suffered from bad rivets.

Re:It is completely ignorant to think... (5, Insightful)

Volante3192 (953645) | more than 5 years ago | (#26204025)

Also, only one suffered from iceberg collision.

Re:It is completely ignorant to think... (5, Funny)

Anonymous Coward | more than 5 years ago | (#26204279)

Also, only one suffered from a Celine Dion soundtrack.

Re:It is completely ignorant to think... (5, Funny)

Anonymous Coward | more than 5 years ago | (#26204341)

We _ALL_ suffered from a Celine Dion soundtrack.

Re:It is completely ignorant to think... (5, Funny)

Anonymous Coward | more than 5 years ago | (#26204549)

But we all benefited from Kate Winslet's bare boobs.

Re:It is completely ignorant to think... (2, Informative)

DragonWriter (970822) | more than 5 years ago | (#26205229)

Also, only one suffered from a Celine Dion soundtrack.

Wandering well off-topic, though, the 1997 film Titanic had a James Horner soundtrack, and Celine Dion had vocals on exactly one song on it.

Re:It is completely ignorant to think... (2, Informative)

DragonWriter (970822) | more than 5 years ago | (#26205085)

Also, only one suffered from iceberg collision.

That's true. Britannic, which was launched as a hospital ship due to WWI, sunk after striking a mine. Olympic is the only one which lasted through the 1910s.

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26204511)

Actually do some reading - The builders knew something was flawed in the Titanic.

Her sister ships had VERY different expansion joint designs among other things.

Still didn't help - they collectively were not around long

Re:It is completely ignorant to think... (2, Informative)

Nimey (114278) | more than 5 years ago | (#26204653)

It didn't help that Britannic struck a mine in 1916. Olympic served for 24 years, until 1935; she appears to have been withdrawn because the owners wanted to spend money on newer ships.

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26204783)

No they were built the same way. After Titanic sank, both sister ships were refitted with a double hull.

But I must thank you. I had a lot of fun reading the Brittanic story on Wikipedia. Quoting:

Along with the damaged watertight door of the firemen's tunnel, the watertight door between boiler rooms six and five also failed to close properly for an unknown reason. Now water was flowing further aft into boiler room five. The Britannic had reached her flooding limit.

Luckily, the next crucial bulkhead between boiler rooms five and four and its door were undamaged and should have guaranteed the survival of the ship. However, there was something else that probably sealed Britannic's fate: the open portholes of the lower decks

Re:It is completely ignorant to think... (1)

JasterBobaMereel (1102861) | more than 5 years ago | (#26204677)

Titanic - Hit an Iceberg - Sank

Britannic - Hit a mine - Sank

Olympic - Rammed by HMS Hawke - Limped back to port, Repaired, served for another 24 years was nicknamed "Old Reliable" ....

Re:It is completely ignorant to think... (1)

peragrin (659227) | more than 5 years ago | (#26204725)

Actually all three sank roughly the same way. A hole in the bow caused massive flooding,sinking the ship. The redesigns after titanic helped, but the base design was flawed. While the britanica took a torpedo and had a full complenment of life rafts. All three ships sank similarly.

Re:It is completely ignorant to think... (1)

DragonWriter (970822) | more than 5 years ago | (#26205143)

Actually all three sank roughly the same way.

Olympic didn't sink at all, much less in "roughly the same way" as either Titanic or Britannic. It was dismantled when retired from service after the merger of White Star Lines with Cunard Lines.

A hole in the bow caused massive flooding,sinking the ship. The redesigns after titanic helped, but the base design was flawed. While the britanica took a torpedo and had a full complenment of life rafts.

The Britannic struck a mine; it appears to have sunk because its watertight portals on the lower decks were open to ventilate patient wards (it had been pressed into service as a hospital ship in WWI) and perhaps because internal watertight doors were open for ventilation and access purposes.

(And, of course, because it struck a mine, a device purpose built for the sinking of ships.)

All three ships sank similarly.

That's a stretch even in the case of the two that sank, and of course nonsense in the case of the one that did not.

Re:It is completely ignorant to think... (5, Funny)

Paradise Pete (33184) | more than 5 years ago | (#26205405)

Actually all three sank roughly the same way.

For sufficiently small values of actually.

Re:It is completely ignorant to think... (1)

DragonWriter (970822) | more than 5 years ago | (#26205031)

There were 3 identical ships built (Titanic, Olympic, Britannic). Only one suffered from bad rivets.

They weren't identical; Olympic, the first built wasn't identical to Titanic initially, and was refitted in the immediate aftermath of the Titanic disaster while Britannic (originally promoted as Gigantic, a name which was changed in the wake of the Titanic disaster), which hadn't been completed at the time of the Titanic disaster, incorporated design changes as a result of the Titanic disaster.

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26205809)

if they were identical then they all suffered from open-at-the-top bulkheads, and perhaps brittle steel plates as well.

although only one suffered from a cocky captain ordering full steam through unusually-far-south icebergs, which also perhaps include a lack of current enough information about weather/climate conditions in the regions they were traversing.

lots of things had to come together to make the Titanic sink, an incredibly unlikely event by any account, but it went and happened anyway.

but that's kind of the point. you can't design a ship to be unsinkable because more goes into being 'unsinkable' than just the design; like rivets.

Re:It is completely ignorant to think... (5, Informative)

computersareevil (244846) | more than 5 years ago | (#26203855)

The Titanic was an example of what should be called Cockyisms. (The beliefe that one is better or their product is better than it truly is.) in this case, Unsinkable...and we all know how THAT turned out!

There already is a word: Hubris [merriam-webster.com]

Re:It is completely ignorant to think... (2, Funny)

ultranova (717540) | more than 5 years ago | (#26204325)

There already is a word: Hubris

The grandparent is too good to use borrowed words like "hubris". His supremacy deserves better.

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26204397)

Off-topic, but wow, I haven't seen a website that uses custom cursors in a long time.

And will they be switching to IPA pronunciations at any point? Hell, they list the IPA in their pronunciation guide. Respelling isn't very helpful when each dictionary does it differently and you have to download a PDF to understand it.

Re:It is completely ignorant to think... (1)

blhack (921171) | more than 5 years ago | (#26203999)

and we all know how THAT turned out!

A pg-13 rated movie with bewbies in it?

Re:It is completely ignorant to think... (0, Offtopic)

dasheiff (261577) | more than 5 years ago | (#26204361)

DVD encryption, DRM and now Net Censorship...the tighter the grip, the faster they will lose control.

Close, but the quote is: The more you tighten your grip, Tarkin, the more star systems will slip through your fingers.

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26204375)

"If you code it, it will be hacked!"

Mind hacking the following?
print "Hello world!\n";

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26205163)


print "h4x0rd j00!!\n";

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26205437)

gdb hello
> restore hacker.bin binary main
> run

Re:It is completely ignorant to think... (1)

SIR_Taco (467460) | more than 5 years ago | (#26204607)

I get the meaning behind your example... but the Titanic was never said to be 'unsinkable', that's just one of those myths that keep flying around. And anyone with any reasonable knowledge of computer programming/security knows that nothing is 'unhackable'.

Titanic - Unsinkable [wikipedia.org]

Re:It is completely ignorant to think... (0)

Anonymous Coward | more than 5 years ago | (#26204619)

that things are unhackable.

"If you code it, it will be hacked!"


int main(){
        exit(1);
}

I dare you to hack that one.

Not really news? (4, Interesting)

Corpuscavernosa (996139) | more than 5 years ago | (#26203497)

An amazing story would be "NO SECURITY FLAWS IN AUSSIE NET FILTER WHATSOEVER". I'm just sayin'. There are flaws in everything.

Re:Not really news? (5, Funny)

D Ninja (825055) | more than 5 years ago | (#26203785)

There are flaws in everything.

Obviously you haven't yet heard of Natalie Portman.

Otherwise, yeah, you're right.

Re:Not really news? (5, Funny)

maxume (22995) | more than 5 years ago | (#26204015)

You are entirely happy with her decision not to sleep with you?

Re:Not really news? (0)

Anonymous Coward | more than 5 years ago | (#26205073)

Yes, that would just destroy the whole mystery of her being flawless. It would be a flaw in and of itself if she did sleep with me!

Re:Not really news? (0)

Anonymous Coward | more than 5 years ago | (#26204159)

Except for the boobs and bat cave.

Re:Not really news? (0)

Anonymous Coward | more than 5 years ago | (#26204207)

Obviously you haven't yet heard of Natalie Portman.

Primary flaw: she is not naked and petrified.

Re:Not really news? (3, Funny)

genner (694963) | more than 5 years ago | (#26204491)

There are flaws in everything.

Obviously you haven't yet heard of Natalie Portman.

Otherwise, yeah, you're right.

She lacks stone skin and grits. How can you overlook such obvious flaws.

Re:Not really news? (1)

lord_sarpedon (917201) | more than 5 years ago | (#26204645)

But that's _is_ what the story title says on my machine!

--Randy in Australia

Re:Not really news? (0)

Anonymous Coward | more than 5 years ago | (#26205175)

heh, for more believability you'd need to change your name to Bruce.
Randy is about as non Australian a name as possible.

In theory, this could work (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26203511)

but GOD has ordained that you GODLESS HORES shall be PONISHED GREIVUSLY!!!!! suck mah BALLS!@

But What About The Children/Terrorists/Etc. (5, Informative)

MightyMartian (840721) | more than 5 years ago | (#26203529)

The Australian government seems to have gone pretty crazy over this thing, and is taking one of the classic paths when meeting resistance; that is to make the plan even bolder and more sweeping. There seems no recognition of the fact that this won't do a damned thing to prevent the production and distribution of child pornography, but will cause no end of problems for legitimate users. But this government clearly feels it's back is against the wall, and rather than simply taking the more sensible path and admitting that filtering is flawed, and in its own way dangerous, and that any attempt to screw with various P2P and secure protocols is going to real harm to legitimate users, is basically saying "We know better than the ISPs and technical experts."

Politics tends to attract the insanely vain, but these guys are way out to lunch. I have no idea who their technical advisers are, but either these guys are morons or simply being paid to tell the government what it wants to here.

But as anyone who has dealt with any kind of Internet security can tell you, it's always a game of catch-up. Whether it's viruses, root kits, DRM, firewalls, and so on, there's always someone willing, for good or ill, to crack systems, and believe me, if they actually go through with this nonsense, the desire to crack the filters, and more dangerous and delerious attempts to bust encryption and P2P is simply going to be met with better innovations to overcome them.

But it does go to show you that the intellectual tyrannies are not simply the product of political tyrannies, but any government so sure in its own righteousness can play the part of the tyrant, simply by repeating the mantra "it's for their own good".

The Enlightenment has died in Australia, and it's sad that the people aren't marching on Adelaide demanding the government's resignation and Rudd's forced expulsion. Western Civilization has lost its balls. We've fought world wars, sacrificed our young on countless battlefields, beat back the Communists by even the most questionable means, for what? So some religious nut can make decrees as to what law-abiding citizens of a so-called free country can view on the Internet?

What a sad, fearful, pathetic lot the West has become.

Re:But What About The Children/Terrorists/Etc. (4, Funny)

dgatwood (11270) | more than 5 years ago | (#26203599)

Politics tends to attract those who want power, and those who want power are seldom in the best interests of those who are being led. Therefore, an ideal political structure would include a benevolent dictator randomly chosen from the population, who would be deposed if another group of a dozen randomly chosen people decide to throw him/her out. It would then have a mock electoral process to elect fake leaders. The resulting political body's sole purpose for existence would be bringing politicians out of the woodwork and keeping them isolated from polite society.

I hereby nominate CmdrTaco as the first benevolent dictator. All in favor, say aye!

Re:But What About The Children/Terrorists/Etc. (4, Interesting)

Drakkenmensch (1255800) | more than 5 years ago | (#26203753)

This concept is central to the galactic government in the Hitch Hiker's Guide to the Galaxy where the galactic president is chosen to be a figurehead, a distraction whose sole purpose is to wo wthe media with his moronic antics. This explains why Zaphod Beeblebrox was so succesful in the role. The people really in charge knew well that anyone wanting power was always a menace to the people they sought to represent, so anyone manifestin gthe slightest desire to be president was kept away from real power by any means possible. The true leader of the galaxy was in reality a man who had no idea about anything that happened outside his isolated wood cabin, and whose biggest preoccupation was keeping his cat happy. The whole system worked as good (if not better) than anything else the galaxy had ever seen.

Re:But What About The Children/Terrorists/Etc. (1)

jgtg32a (1173373) | more than 5 years ago | (#26203909)

Didn't he order the destruction of Earth?

(note I haven't read the book, and only saw that part of the movie)

Re:But What About The Children/Terrorists/Etc. (3, Informative)

Drakkenmensch (1255800) | more than 5 years ago | (#26204267)

Didn't he order the destruction of Earth?

No, that was the psychiatrist association because they didn't want the meaning of life to become widespread knowledge and thus relieve people of their bread-winning anguish and angst. So they hired the Vogon constructor fleet to blow it up for them, under the pretense of clearing up the path of a hyperspace bypass.

Re:But What About The Children/Terrorists/Etc. (3, Insightful)

immortalpob (847008) | more than 5 years ago | (#26204409)

So almost exactly like creating a filter to block bit torrent under the pretense of stopping child porn?

Re:But What About The Children/Terrorists/Etc. (1)

kent_eh (543303) | more than 5 years ago | (#26204377)

Didn't he order the destruction of Earth

Nah, the earth was destroyed as a beurocratic expediency. It was in the way of a hyperspace bypass, so it had to be demolished. Much like Arthur's house was in the way of a highway bypass, and had to be demolished.
Nothing personal. It's just in the way, you see.

Re:But What About The Children/Terrorists/Etc. (1)

Mozk (844858) | more than 5 years ago | (#26204475)

I truly love any site where a serious analogy made to galactic governmental politics in a fictional work is rated informative. :-)

Re:But What About The Children/Terrorists/Etc. (1)

shermo (1284310) | more than 5 years ago | (#26205261)

"Solar lottery" by Philip k Dick was based on this premise.

Randomocracy.

Re:But What About The Children/Terrorists/Etc. (2, Informative)

Kalriath (849904) | more than 5 years ago | (#26204221)

The Enlightenment has died in Australia, and it's sad that the people aren't marching on Adelaide demanding the government's resignation and Rudd's forced expulsion.

Being Australians, they probably are. They'll find it pretty ineffective though, considering the government is situated in the Capital - Canberra.

Re:But What About The Children/Terrorists/Etc. (1)

mabinogi (74033) | more than 5 years ago | (#26205237)

Well, given how much time federal politicians actually spend here in Canberra, you may as well march on Adelaide as anywhere else

Re:But What About The Children/Terrorists/Etc. (1)

MichaelSmith (789609) | more than 5 years ago | (#26205703)

Well, given how much time federal politicians actually spend here in Canberra, you may as well march on Adelaide as anywhere else

It would certainly liven the place up!

Re:But What About The Children/Terrorists/Etc. (1)

ACMENEWSLLC (940904) | more than 5 years ago | (#26204353)

With this, expect P2P to move to dynamic DNS. The P2P payload in the TXT DNS replies, MIME encoded perhaps.

If they are this draconian, why don't they just mandate VCR type screen recording of everyone's screens. Isn't that the only way they can truly accomplish their goals? Tampering would result in life imprisonment, by law.

Geez.

Re:But What About The Children/Terrorists/Etc. (1)

andrew.morrison (1437085) | more than 5 years ago | (#26205109)

The Enlightenment has died in Australia, and it's sad that the people aren't marching on Adelaide demanding the government's resignation and Rudd's forced expulsion.

Marching on Adelaide to affect change in Australia is about as effective as marching on Juneau to affect change on the US. and Canberra? most people i know wouldnt waste their time going there...

Re:But What About The Children/Terrorists/Etc. (0)

Anonymous Coward | more than 5 years ago | (#26205473)

Hmmm....I believe you have touched on the plan behind the plan. Rather than intending to actually filter the internet their true goal is accelerating the development of anti-filtering technology and methods to the point where it can only be filtered by unplugging from it rendering all filtering totally useless. Brilliant!

WikiRights (0)

Anonymous Coward | more than 5 years ago | (#26205955)

http://rights.theseekerr.com/

Band together and fight for your freedom - it was going to remain a prototype a little longer, but I think it's time to move!

Australia is pathetic (1)

lordsegan (637315) | more than 5 years ago | (#26203781)

The people need to DO something about this. It IS a slippery slope.

Re:Australia is pathetic (1)

maxume (22995) | more than 5 years ago | (#26203927)

Government itself is a slippery slope (there is always going to be someone extreme on each side of an issue). You mean that you don't like this because it goes too far.

Too late... (0)

Anonymous Coward | more than 5 years ago | (#26203947)

The people need to DO something about this. It IS a slippery slope.

Too late, the Aussies already let their government take away their (most effective) guns.

A government that fears guns in the hands of its people... should.

Re:Too late... (2, Insightful)

Curtman (556920) | more than 5 years ago | (#26204993)

A government that fears guns in the hands of its people... should.

Right, because American gun ownership has obviously done wonders for stopping its government from harassing its citizens. Or maybe you'd just rather keep on thinking it has.

Depends on the bechmark (1)

sunking2 (521698) | more than 5 years ago | (#26203827)

If stopping 100% of the users is the goal, then it fails. However, if stopping or impeding 50% perhaps it could be labeled a success. In general the argument against most of these proposals seems to follow the line of, 'it wont stop me so why bother.' However, for every one you can't stop there are scores of those you do. Does that make the effort less worthy? For every one that gets by, there are dozens of 14 year old girls who will now be denied the latest Fergie album on their ipod. This is really what they care about. Girls like guys with skills. Maybe your skill can be that you can still score the free music for the girls.

I'm not arguing whether its the right thing to do or not. Just saying that just because it can be circumvented by some (and lets face it, its a very small number compared to the whole) doesn't mean its not worth doing.

Re:Depends on the bechmark (3, Insightful)

mcgrew (92797) | more than 5 years ago | (#26204033)

If stopping 100% of the users from getting indie music is the goal, then it fails. However, if stopping or impeding 50% of indie music perhaps it could be labeled a success? Becaue that's what this is about - stopping the use of a legal and legitimate product to destroy an industry's independant competetion.

The industry isn't afraid of Fergie being downloaded, it's afraid of The Station being downloaded.

Re:Depends on the bechmark (4, Insightful)

johnsonav (1098915) | more than 5 years ago | (#26204395)

The industry isn't afraid of Fergie being downloaded, it's afraid of The Station being downloaded.

They should be. But I don't think the industry, that didn't even see P2P coming, has that much collective intelligence or foresight.

I think what they're really afraid of is a generation of potential consumers who give no thought to the copyright status or label affiliation of an album, who don't care if their downloads are legal or not. They're afraid of a culture which doesn't even consider paying for music. They're afraid that their role as musical gatekeepers will become obsolete. They're afraid that their product will have to compete with all others on a level playing field. And they should be.

Re:Depends on the bechmark (1)

houghi (78078) | more than 5 years ago | (#26205581)

The industry isn't afraid of Fergie being downloaded, it's afraid of The Station being downloaded.

You have a URL for that?

Re:Depends on the bechmark (2, Insightful)

danpat (119101) | more than 5 years ago | (#26204131)

While projects like this might hit their modest targets initially, they're totally doomed in the long term.

If 1% of users can get around it with highly technical trickery, it's not going to be long before one of those 1% packages the workaround up into a nice one-click piece of software that everyone can use. Just look at CSS. It only took one DVD-Jon to figure it out and now CSS is effectively useless.

That's why I think lots of people argue that it's either 100% or don't-bother.

Re:Depends on the bechmark (2, Insightful)

Anonymous Coward | more than 5 years ago | (#26204169)

If you set the goal very low, like stopping 50% of bad data, but accept blocking 50% of good data as well, then it's almost impossible to fail. simply deleting 50% of traffic would satisfy that goal, and doesn't even need any filtering at all.

Making a filter that stops more bad traffic than good traffic is very difficult, especially when the amount of good traffic is very large.

Re:Depends on the bechmark (4, Insightful)

MightyMartian (840721) | more than 5 years ago | (#26204183)

If a proposal is only going to stop a small proportion, stomps all over civil liberties, could potentially break important protocols, can be circumvented by the technically savvy (which tends to include the very people who the proposal alleges it can stop) and introduces dangerous new security flaws, then I'd say the proposal ought to be rejected.

Let's be clear here. All this plan may do, at the very best, is catch the technically challenged pedophiles. That's a best case scenario, and basically undermining an entire country's Internet access to catch this group is rather like a sniper sitting on an overpass randomly shooting at cars because some of those cars may be driven by drug dealers. Yes, it's true, some small number of drug dealers may actually be killed, but if that's your idea of policing, then we might as well declare everyone guilty, take away their computers and call it a day.

The plan is idiotic, it's proponents are at best naive, and international child abuse won't be dented by it.

Re:Depends on the bechmark (0, Troll)

Toll_Free (1295136) | more than 5 years ago | (#26204335)

Your analogy sucks because

A. The internet unfiltered isn't necessary
B. Nobody gets killed simply because of an internet filter.

Nice try, though.

--Toll_Free

Re:Depends on the bechmark (1)

genner (694963) | more than 5 years ago | (#26204623)

Your analogy sucks because

A. The internet unfiltered isn't necessary B. Nobody gets killed simply because of an internet filter.

Nice try, though.

--Toll_Free

Until a hospital can't download someones medical history because the filter is slowing traffic to a crawl.

Re:Depends on the bechmark (0)

Anonymous Coward | more than 5 years ago | (#26204735)

Maybe things work differently in Australia than they do here in the US, but here we don't have any national repository for our citizens' medical histories. Google is trying to get a voluntary database together, but "downloading someone's medical history" just doesn't happen here. Can you come up with another exaggerated life-and-death situation that we weren't able to mitigate before the Internet?

Re:Depends on the bechmark (1)

genner (694963) | more than 5 years ago | (#26205027)

Maybe things work differently in Australia than they do here in the US, but here we don't have any national repository for our citizens' medical histories. Google is trying to get a voluntary database together, but "downloading someone's medical history" just doesn't happen here. Can you come up with another exaggerated life-and-death situation that we weren't able to mitigate before the Internet?

Central repositories no. Databases that are hosted off site and hence require reliable internet acess, yes.
Not exagerated at all. I took a few calls like this when I did T-1 support.

Re:Depends on the bechmark (1)

danzona (779560) | more than 5 years ago | (#26204195)

In general the argument against most of these proposals seems to follow the line of, 'it wont stop me so why bother.'

That is not the general argument. The general argument is that it will not stop someone who is sufficiently motivated because the effort to circumvent the restriction is trivial. This goes for gun control, child pornography, DRM, abortion, prostitution, border fences, drinking ages, etc.

if stopping or impeding 50% perhaps it could be labeled a success

Stopping or impeding 50% (of anything) would be the greatest success in the history of government. Do gun control laws reduce gun crime by 50%? Did raising the drinking age from 18 to 21 reduce the number of 20 year olds who drink by 50%? Is the fence between Mexico & the US going to reduce illegal immigration by 50%?

why would the list have to "leak"? (4, Insightful)

Punto (100573) | more than 5 years ago | (#26204117)

doesn't the govenment publish the blacklist? this isn't like other countries where they just pretend like there is no filtering going on at all.

Re:why would the list have to "leak"? (4, Funny)

Qzukk (229616) | more than 5 years ago | (#26204263)

doesn't the govenment publish the blacklist?

I searched for it online but every time I tried to view the list, I got a page that said the site had been blocked.

Re:why would the list have to "leak"? (5, Informative)

arctanx (1187415) | more than 5 years ago | (#26204405)

Minister Conroy posted a response to this question [dbcde.gov.au] on his blog yesterday.

Basically he says that the blacklist will not be published because it will primarily contain child pornography and therefore publishing it would be equivalent to distribution of illegal material. I don't think this is going to alleviate the System Administrators' Guild's concerns [itwire.com] about how they're going to deal with their own servers being blocked, erroneously or otherwise.

Re:why would the list have to "leak"? (1)

KreAture (105311) | more than 5 years ago | (#26204705)

Umm, if the government published the blacklist then you'd have a target for when you wanted to try and circumventing the block right?

Re:why would the list have to "leak"? (0)

Anonymous Coward | more than 5 years ago | (#26205959)

No. The Blacklist will be secret, hence the leaking of it. The Blacklist is also exempt from Freedom of Information laws so no one can lodge an FOI request to see it. The more pressing issue with this filter being secret is that Conroy has also expressed that the filter will block Child Porn and other "Unwanted Content". The definition which has never been released. The government staffer of the day in charge of the list can put anything on it and no-one will legally know what was blocked or why.

ipv6 (4, Interesting)

Tony Hoyle (11698) | more than 5 years ago | (#26204143)

I bet the filter isn't ipv6 capable... I just can't see the lawmakers being that tech savvy.

That could be just the boost the protocol needs, in Australia at least.

The Aussie net filter does not have security flaws (0)

Anonymous Coward | more than 5 years ago | (#26204827)

The Aussie net filter is a security flaw.

Please refer to it correctly in the future.

Could be a router (2, Interesting)

lord_sarpedon (917201) | more than 5 years ago | (#26204927)

Let's not forget that, if a big important router was compromised (such as the one in charge of the carrier pigeon link between Downunderland and the rest of the world), the same things could be done.

These aren't new problems introduced purely by a porno filter. These are problems introduced by lack of encryption and made easier by insecure porno filters.

If they try to MITM a TLS connection, certificate warnings will pop up. As is supposed to be guaranteed. All the bullshit lately should go a long way to convince people that YES, we need widespread encryption NOW.

I stand by previous statements that Firefox's multi-click certificate override is the Right Thing. But more and more, I'm beginning to think we need an 'httpe' as some people suggested which operates on SSH's "ohhh shits teh key changed!!" model. Push it out in the new Firefox and WebKit. Have a nice, plain-language warning on first visit and a big scary multi-click override when the key changes. And here's something new...
Define a means by which a link, such as from a secure Google search results page, can include the expected key. No need for a warning - you now have a key for that domain if expected agrees with what you get. The reason is simple - big brother can't see your conversation with Google or some other secure/pseudo-trusted authority, but they CAN try to MITM you with a key other than the expected one. Google can lie about the expected key, but you'd get a different one (either the real one or one from aussieland's gov). If either party could do BOTH you'd be screwed anyway, because Google's certs would at that point mean jack shit.

chinese firewall... (1)

leuk_he (194174) | more than 5 years ago | (#26205219)

TFA: "The Chinese filter only works as well as it does because the people think that the filter is a good thing. Say for instance you've got a group of Chinese children. They won't know anything about Tiananmen Square. They won't even want to know anything about Tiananmen Square, because they think that that's unpatriotic to know. It's self-censorship in that regard. The Chinese firewall works because the citizens don't attempt to bypass it -- even though there's so many ways to."

At the same time chinese have become experts in ssh tunnels and proxies. There are many experts out there who know how to bypass the Chinese firewall.

Re:chinese firewall... (2, Interesting)

MightyMartian (840721) | more than 5 years ago | (#26206151)

Another reason it works is because of the general fear of surveillance. The PRC will regularly do strange things like mandate a specific operating system for Internet cafes. Maybe they're spying, maybe they're not, the key is the Orwellian notion that you never know whether you're being observed or not. That is ingrained in the Chinese people after sixty years of Communist rule.

The real question here is not whether a people, most of which have lived their lives under a watchful tyranny, can be cowed by real and imagined Internet surveillance, but whether a free society made of people who were raised with the ideas of personal liberty can ultimately be pushed into the same state of paranoia. Will Australians in general be convinced that this their government can meaningfully prevent them from viewing certain kinds of material, or will they see this for what it is, pandering to Australian religious extremists with little really technical way to prevent anyone with even a modicum of prowess from viewing nasty things.

In a way I'm fascinated by this. I wonder whether it will be tolerated as one of these easily avoidable public morality laws like drug and prostitution prohibitions, or will the people of Australia say "No, it's my right to watch one or more consenting adults doing peculiar sexual things to each other."

Who says filtering is hard? (2, Funny)

David Gerard (12369) | more than 5 years ago | (#26205751)

"We have buttiduously canvbutted the industry, buttessed what is available and buttembled the finest selection of contractors for this buttignment. The filters will buttociatively clbuttify all communications [today.com] and filter then, I can butture you, rebuttemble them with surpbutting exacbreastude in any quanbreasty. Consbreastuents can be rebuttured that a mulbreastude of industry compebreastors will butture quality and keep our clbuttrooms safe. EDS Capita Goatse will not embarbutt us."

The plans have attracted wide criticism. "It will only give supersbreastious rebutturance to medireview thinkers," said EFA. "Automated systems won't solve human problems like loveual harbuttment. Mbuttacring the written word into a Picbutto painting is not the anbreastank missile of Internet safety."

Unions also butterted that such close buttessment of staff in the workplace would hamper efficiency and could verge on workplace harbuttment. "Watermeloning cranberries."

The government was unfazed. "Butterting free speech is one thing, but a triparbreaste committee considers that that does not justify mere pbuttive breastillation at the expense of others."

The first filtering offices will be set up in Arsenal, Penistone and Scunthorpe.

Is the USA next? (0)

Anonymous Coward | more than 5 years ago | (#26205755)

As a lifetime USA resident and citizen [save for a semester abroad], I have been among the ranks who, in 2000 and 2004, talked about moving out of the country if Bush was elected [and re-elected].

I'll admit it--that talk was mostly in jest. However, I will say this now:

If the USA gets national web filtering, I WILL move out of the country. Period. I have relatives who live in Europe and could help me find work over there. I feel that strongly about it.

It's not supposed to work... (1)

darinfp (907671) | more than 5 years ago | (#26206219)

Funding technical problems with it is not going to help. It's not a technical solution, it's a political solution.
 

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...