Slashdot Mirror

According to Motherboard, a court of appeals in Washington D.C. ruled that an American citizen can't sue the Ethiopian government for hacking into his computer and monitoring him with spyware. "The decision on Tuesday is a blow to anti-surveillance and digital rights activists who were hoping to establish an important precedent in a widely documented case of illegitimate government-sponsored hacking." From the report: In late 2012, the Ethiopian government allegedly hacked the victim, an Ethiopian-born man who goes by the pseudonym Kidane for fear for government reprisals. Ethiopian government spies from the Information Network Security Agency (INSA) allegedly used software known as FinSpy to break into Kidane's computer, and secretly record his Skype conversations and steal his emails. FinSpy was made by the infamous FinFisher, a company that has sold malware to several governments around the world, according to researchers at Citizen Lab, a digital watchdog group at the University of Toronto's Munk School of Global Affairs, who studied the malware that infected Kidane's computer. The U.S. Court of Appeals for the District of Columbia Circuit ruled that Kidane didn't have jurisdiction to sue the Ethiopian government in the United States. Kidane and his lawyers invoked an exception to the Foreign Sovereign Immunities Act (FSIA), which says foreign governments can be sued in the U.S. as long as the entire tort on which the lawsuit is based occurred on American soil. According to the court, however, the hacking in this case didn't occur entirely in the U.S. "Ethiopia's placement of the FinSpy virus on Kidane's computer, although completed in the United States when Kidane opened the infected email attachment, began outside the United States," the decision read. "[It] gives foreign governments carte blanche to do whatever they want to Americans in America so long as they do it by remote control," Nate Cardozo, a staff attorney at the Electronic Frontier Foundation, a digital rights group who represented Kidane in this first-of-its-kind lawsuit, told Motherboard.

An anonymous reader quotes a report from Quartz: A new study from The Citizen Lab, a research group at the University of Toronto, reveals that censorship on WeChat occurs primarily in group chats rather than one-on-one chats between two people, and often in such a way where the sender of a text isn't even aware a piece of text has been scrubbed. The discoveries illuminates how China's government attempts to keep its citizens blind to the scope of its censorship regime. The researchers set out find the extent to which certain keywords got scrubbed from conversations between two or more users in WeChat. To do this, in June 2016 the team posed as a Chinese WeChat user and sent out 26,821 keywords containing terms that had been censored on other apps, including Tom-Skype (a made-for-China version of Skype) and YY (a live broadcast app). A corresponding Canadian user in the two-way chat would then report back to say whether or not the message had been received. The report states that out of the entire sample, only one term -- Falun Gong -- had been scrubbed. When they ran an identical test in August, even that text mysteriously passed without censorship. Yet when they tested group chats, they found multiple cases in which certain keywords triggered a removal. Specifically, while sensitive terms used in isolation were unlikely to trigger censorship (say "June 4th," a reference to the Tiananmen Square protests, brutally put down on June 4, 1989), it took effect when they were used in a full sentence or with other keywords. The researchers also discovered that when WeChat censored a message, the sender received no notice informing him that his text had not reached the intended recipient. The study also notes that "WeChat only censors content for users who bind their account to a mainland Chinese phone number when they first register to use the app." The censorship is still applied even if Chinese residents move to different countries or change phone numbers.

Trailrunner7 quotes a report from On The Wire: Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone. The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them.

The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto's Citizen Lab, who recognized what they were looking at. "On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ;new secrets' about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive "lawful intercept" spyware product," Citizen Lab said in a new report on the attack and iOS flaws.

An anonymous reader writes: A report from the Citizen Lab at the University of Toronto reveals that the popular QQ Browser is collecting sensitive user information and sending it in an insecure manner to its servers. The Android version is collecting data such as the user's search terms, browsing history, nearby Wi-Fi networks, and the user's device IMSI and IMEI codes. For the Windows version of QQ Browser, the app was caught collecting data such as the user's browsing history, hard drive serial number, MAC address, Windows hostname, and Windows user security identifier. All of this is sent unencrypted, or with a weak encryption, to Tencent's servers, QQ Browser's manufacturer. Additionally, the update process is flawed and delivered in an insecure manner that allows others to manipulate upgrade patches with malicious software. This is the third browser caught exhibiting this behavior after UC Browser and Baidu Browser.

Starting in April, the South Korean government required that cellphones sold to anyone below the age of 19 be equipped with approved monitoring software that would allow the user's parents to monitor their phone use, report their location, and more. Now, however, researchers have discovered that one of the most popular of the approved apps, called Smart Sheriff, may not actually be very smart to have on one's phone. Researchers from Citizen Lab and Cure53, at the request of the Open Technology Fund, have analyzed the code of Smart Sheriff, and found that it actually endangers, rather than protects, the users. Reports the Associated Press, in a story carried by the Houston Chronicle: Children's phone numbers, birth dates, web browsing history and other personal data were being sent across the Internet unencrypted, making them easy to intercept. Authentication weaknesses meant Smart Sheriff could easily be hijacked, turned off or tricked into sending bogus alerts to parents. Even worse, they found that many weaknesses could be exploited at scale, meaning that thousands or even all of the app's 380,000 users could be compromised at once.

Starting in April, the South Korean government required that cellphones sold to anyone below the age of 19 be equipped with approved monitoring software that would allow the user's parents to monitor their phone use, report their location, and more. Now, however, researchers have discovered that one of the most popular of the approved apps, called Smart Sheriff, may not actually be very smart to have on one's phone. Researchers from Citizen Lab and Cure53, at the request of the Open Technology Fund, have analyzed the code of Smart Sheriff, and found that it actually endangers, rather than protects, the users. Reports the Associated Press, in a story carried by the Houston Chronicle: Children's phone numbers, birth dates, web browsing history and other personal data were being sent across the Internet unencrypted, making them easy to intercept. Authentication weaknesses meant Smart Sheriff could easily be hijacked, turned off or tricked into sending bogus alerts to parents. Even worse, they found that many weaknesses could be exploited at scale, meaning that thousands or even all of the app's 380,000 users could be compromised at once.

An anonymous reader writes: A new report from The Citizen Lab identifies a distinct new technology entity sitting next to the Great Firewall of China. Dubbed the 'Great Cannon', the multi-process cluster revealed itself quite openly in the recent attacks on Greatfire.org and its two Github pages. The DDoS attack was so sustained that CL was able to study the new technology in depth, determining architectural similarities and unearthing many strong indications that it is a product of the Chinese authorities.

New submitter onproton writes: Citizen Lab released new research today on a targeted exploitation technique used by state actors involving "network injection appliances" installed at ISPs. These devices can target and intercept unencrypted YouTube traffic and replace it with malicious code that gives the operator control over the system or installs a surveillance backdoor. One of the researchers writes, "many otherwise well-informed people think they have to do something wrong, or stupid, or insecure to get hacked—like clicking on the wrong attachments, or browsing malicious websites...many of these commonly held beliefs are not necessarily true." This technique is largely designed for targeted attacks, so it's likely most of us will be safe for now — but just one more reminder to use https.

Daniel_Stuckey (2647775) writes with news that we may soon learn which countries were sold the FinFisher malware package to spy on their own citizens. "The UK's High Court ruled yesterday that HM Revenue and Customs acted 'unlawfully' when it declined to detail how it was investigating the export of digital spy tools created by a British company. Human rights group Privacy International is celebrating the decision of Mr. Justice Green, which means HMRC now has to reconsider releasing information on its investigation into controls surrounding the export of malware known as FinFisher, created by British supplier Gamma International. The widespread FinFisher malware family, also known as FinSpy, can carry out a range of surveillance operations, from snooping on Skype and Facebook conversations to siphoning off emails or files sitting on a device. It is supposed to benefit law enforcement in their investigations, but has allegedly been found in various nations with poor human rights records, including Bahrain and Ethiopia."

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Bennett Haselton writes this week with a dissection of the effects of one well-known, long-known problem with so-called Internet filters. "The New Braunfels Republican Women, the Weston Community Children's Association, and the Rotary Club of Midland, Ontario are among the sites categorized as 'pornography' by Blue Coat, a California-based Internet blocking software company. While the product may not be much worse than other Internet filtering programs in that regard, it reinforces the point that miscategorization of sites as 'pornographic' is a routine occurrence in the industry, and not just limited to a handful of broken products." Read on below for the rest.

On Monday I released a blog post through the Citizen Lab at the University of Toronto, listing some of the sites that we had found to be blocked by Blue Coat's Internet filtering program. Previously we had released a similar report on sites that were miscategorized as "pornography" by Smartfilter. We ran some of the same URL lists through both programs, and found that some unfortunate sites were even blocked as "pornography" by both products, including Barenboim-Said (a youth orchestra featuring musicians from Israel, Palestine, and different Arab nations), and the aforementioned New Braunfels Republican Women.

The full list of sites we said were "miscategorized" is at the end of the Citizen Lab blog post. As far as I know we didn't miss any porn hidden on any of the sites that were in the list. The closest we came was a photo on performancespace.org/ showing what appears to be a model taking one for the team by lying on the floor of a grungy art exhibit. There was also the other borderline case of http://safe-sex.org/, which does include articles on topics like "Safe Sex with Expensive London Escorts." But Blue Coat's own working definition of 'pornography' defines it as "Sites that contain sexually explicit material for the purpose of arousing a sexual or prurient interest," and the articles on Safe-Sex.org do not appear intended to arouse ("The heartwarming fact about having safe sex with expensive London escorts is that they usually present a clean bill of health to clients."), so it gets counted as a miscategorization. The overwhelming majority of miscategorized sites were completely G-rated fare like the Kiddie Kollege Nursery School (which, by the way, would probably have grounds for a lawsuit against Blue Coat, if parents trying to access their website were greeted with a message that it had been blocked for containing "pornography").

Anyone can play the parlor game of examining blocked websites looking for signs of what caused them to be blocked. Is the website of the New Braunfels Republican Women blocked by both Blue Coat and Smartfilter because it has the word "women" in the title? (Tempting to thing so, but unlikely, since there are so many other sites with "women" in the name which were not blocked by either product.) One of the blocked websites, http://www.foundations4betterliving.org/, until recently contained statistics such as "A growing variety of sexual behaviour is being practiced by teens 15- to 19-year-old... 53% admit to masturbating; 49% have participated in oral sex; 11% have had anal sex," all of which you could read on their front page while Bette Midler's 'From A Distance' auto-played in the background. (I was hoping to introduce you to that sublime experience, but unfortunately the domain apparently expired right after the report was published. When you list 150 domain names in a report, that's bound to happen with some of them.) And there's neobit.org/, the homepage of a manufacturer of emulators for dongles. While many Americans probably heard the term for the first time when Amy Poehler asked the Best Buy salesman "Can I use a dongle with this? Does it make you uncomfortable when I use the word 'dongle'?", the eggheads at Blue Coat should know what a dongle actually is. 'Dongle' has never been generally accepted anatomical slang, one rogue entry at the Urban Dictionary notwithstanding.

On the other hand, most websites in the report are not only not pornographic, they don't even seem to contain any content that could have triggered an accidental block. So it's quite possible that Blue Coat simply blocks a certain number of sites as a result of some pseudo-random process, and just by chance, some of those sites happen to contain content which looks like it might have caused the block, but the content actually had nothing to do with it.

Still, that leaves open the question of why so many sites turned up blocked by both Blue Coat and Smartfilter. Out of about 150 sites miscategorized by Smartfilter and about 150 sites miscategorized by Blue Coat, 8 sites showed up on both lists, or about 6%. (That group of 8 is listed in the middle of the blog post, beginning with balticsail.org.) Now if either Smartfilter or Blue Coat were blocking non-pornographic sites completely at random, then the percentage of overlap should be about the same as the percentage of non-pornographic sites that the product blocks generally. (For example: Suppose Blue Coat blocked 1% of non-pornographic sites completely at random. Out of 150 non-pornographic sites blocked by Smartfilter, we would therefore expect 1% of them -- about 1 or 2 sites -- to also be blocked by Blue Coat.) But despite the huge number of errors made by both products, neither of them comes close to blocking 6% of all non-pornographic websites as "pornography"; the percentage of overlap is much higher than we would expect if the blocking were random.

So this suggests that some factor is at work that caused the 8 sites in that list to be more likely than average to be blocked, such that they ended up blocked by both products. Did any of the domain names used to be registered to a porn site? It seems hard to imagine that balticsail.org or barenboimsaidusa.org/ could have ever been in demand as domain names used to advertise porn. moriah.org/ sounds like it possibly could have been (many domain names consisting solely of female first names are registered to porn sites), but according to the Wayback Machine, the a previous owner was a Christian band, before the domain expired and was bought by its present-day owner, a Jewish boarding school. Perhaps the IP addresses of these sites used to be held by porn companies, but then why would the products block the sites by their domain name as well? So I really don't know.

The good news is that, unlike Smartfilter, at least Blue Coat's blacklist doesn't appear to be used by any countries for nationwide Internet censorship. Citizen Lab had previously discovered installations of Blue Coat Internet blocking software in 19 "countries of interest" with poor human rights records, but none of them appeared to be set up to filter Internet traffic in and out of the country. In the one country where the product was being used for statewide Internet filtering, the United Arab Emirates, the Blue Coat software was being used in conjunction with Smartfilter's blacklist, so the sites that are mis-blocked by Blue Coat are not blocked in that country (unless of course they also happen to be mis-blocked by Smartfilter).

For the time being, it is not against U.S. law for a company to sell Internet censoring software to foreign governments, even with the knowledge that the tools are being used to restrict freedom of speech in a manner that would be considered a human rights violation by international standards, so both companies have made it a core part of their business.

What a bunch of dongles.

Slashdot contributor Bennett Haselton writes: "Internet users in Saudi Arabia, along with most users in the United Arab Emirates, are blocked by their respective government censors from accessing the websites of the Trinity Davison Lutheran Church, Deliverance Tabernacle Ministries in Pittsburgh, the Amitayu Buddhist Society of Taiwan, and GayFaith.org. An attempt to access any of those websites yields an error page like this one. However, the sites are not blocked because they conflict with the religions beliefs of those countries' governments. Rather, they are blocked because Smartfilter -- the American-made blocking program sold by McAfee, and used for state-mandated Internet censorship in those countries -- classifies those sites as "pornography". You can see the screen shots here, here, here and here." Read on for the rest of Bennett's thoughts.

I found these blocked sites by starting with a combination of URL lists and ad hoc spidering, and running as many sites as possible through the Saudi filters to catch the ones that were blocked. Some of the sites were blocked for reasons that were easy to guess -- for example, http://www.bighornbasinsfw.org/, the home page of the Big Horn Basin, Wyoming chapter of Sportsmen for Fish & Wildlife, was almost certainly blocked because of the slang term "nsfw" in their URL. http://www.AgainstPornography.org and http://www.SearchingForMySpermDonorFather.org were presumably blocked because of the presence of the words "porn" and "sperm".

On the other hand, there appears to be no rational reason why the Filipino American Women's Network, the Tuscon Jazz Institute, or the Sacramento Police Activities League would have been blocked by Smartfilter, even by accident. A partial list of the blocked sites that I found is in the blog post I wrote for Citizen Lab, an Internet censorship research center at the University of Toronto.

Articles about sites that are erroneously blocked by Internet censorship software, have a storied history. The first widely read piece was the article "Keys to the Kingdom" written by Brock Meeks and Declan McCullagh in 1996, calling out Cyber Patrol for blocking EnviroLink.org and the University of Newcastle Computer Science Department, and CYBERsitter for blocking the National Organization for Women. I made a minor name for myself and the Peacefire.org site in the late 1990's by writing more pages about sites blocked by other products, including some (like X-Stop and SurfWatch) which no longer exist, and others that are still around, including Smartfilter. I was also one of six people comprising the Censorware Project, a loosely organized group of volunteers that published a few more reports.

By the early 2000's, however, it became clear that anyone whose mind was likely to be changed by information about what kinds of sites were blocked by blocking software, would have changed their mind already (or would, if they came across the research that had already been done up to that point). So the further reports on Internet blocking software errors, by me and other people, slowed to a trickle. I wrote a report in January 2002 on the latest list of sites blocked by Cyber Patrol, a product that most people today have forgotten. In 2006 I worked with the ACLU of Washington to publish a report on sites erroneously blocked by FortiGuard, a program used on computers in some libraries in central Washington, as part of the ACLU's suit to challenge the constitutionality of the program's use on public library terminals. (The Washington State Supreme Court rejected the lawsuit on the grounds that, regardless of what sites were blocked on the computers, it didn't matter because an adult library patron could request for the filter to be turned off.) In 2007 I wrote an article for Slashdot titled "From Bess to Worse" listing some sites that were blocked by an Internet filtering program called Bess (which was later bought out by Smartfilter and discontinued).

Most people's awareness of this debate, if they had heard about it at all, was limited to the perception that "breast cancer sites" and sites about "chicken breast recipes" were sometimes filtered by Internet blocking programs. Or they heard that "Beaver College" actually had to change its name to avoid being censored by web filters. As I tried to explain in a FAQ (written, according to the Wayback Machine, in 1999, but which still broadly holds true today), these examples are true, but they miss the point. These examples make it sound as if blocking software companies are doing the best job they can under the circumstances, and that the errors are unavoidable due to limitations on machine intelligence. In reality, any software algorithm that blocks the American Board of Vocational Experts, the Hopewell United Methodist Church, and the Patriot Guard Riders of Mississippi, as "pornography" (as Smartfilter currently does), is probably not the best algorithm the company could have come up with -- but there's no incentive for them to try harder, because few people will ever look that deep.

And yet, people continue to remember the "breast cancer site" examples. This sounds to me like an example of the narrative fallacy -- people remember that breast cancer sites were blocked, because there's a tidy explanation. There is no tidy explanation for most other examples of blocked sites, so the meme never spreads very far. Conveniently for the blocking companies, the blocked-site errors which make the company look most sloppy (the Kennels at Simpson Creek Farms, the St. Francis Institute of Milwaukee, etc.) are precisely the ones that, due to the narrative fallacy, most people won't remember or hear about.

One company, CYBERsitter, did manage to make a few blocking decisions in the 1990s that were egregious enough that their antics did make the news, and did finally raise some people's awareness that the controversy over private Internet filtering extended beyond "breast cancer sites". After TIME Magazine's website published an article (no longer online) that criticized CYBERsitter's blocking policies, CYBERsitter responded by blocking TIME Magazine's pathfinder.com domain. A few months earlier, CYBERsitter had blacklisted the monthly e-Zine "The Ethical Spectacle, after the Spectacle's founder, Jonathan Wallace, published an article criticizing CYBERsitter for blocking my own Peacefire.org website. And Peacefire.org had been blocked, in turn, because of a page I wrote (now very much out of date) listing some of the sites that CYBERsitter blocked, including the International Gay and Lesbian Human Rights Commission and Mother Jones. (Nowadays, of course, nobody would be surprised that filtering companies block Peacefire.org, since the site publishes ample instructions on how to get around Internet blockers. But at the time, the site's first and only article was the list of sites blocked by CYBERsitter, which is why CYBERsitter received so much criticism for blocking the domain in retaliation.) CYBERsitter also threatened to have Meeks and McCullagh criminally prosecuted for writing "Keys to the Kingdom" and threatened to sue me over the page that I had made.)

The moral, it seems, is that if you want an example of a censored web site to stick in people's minds, it either has to be a forgivable error, or an insane vindictive dick move -- because in either of those cases, people will understand why it happened. The vast swaths of censored websites on the spectrum in between, the ones for which there is no rational explanation for the blocking, go ignored.

These days, though, American and Canadian "censorware" makers have also come under fire for selling censoring software to foreign governments which use them for country-wide censorship. Most of the criticism focuses, naturally, not on the kinds of sites that are accidentally blocked by the blocking software, but on the immorality of these companies enabling statewide foreign censorship in the first place. Netsweeper, Blue Coat, and McAfee have all made the claim that "Once we sell their product to them, we have no control over what they do with it" -- which, as I wrote previously in Slashdot, is nonsense, because for the product to be effective, it has to rely on updates to the blocked-site list, which are provided at regular intervals by the manufacturer. Cut off the updates, and the product will not work, at least not as well.

So the fact that McAfee has classified the Boy Scout Troop 87 of North Andover, the Pan-Iranist Party of Iran, and Reptile Conservation International as "Pornography" is (rightly) overshadowed by the fact that McAfee is selling to government censors in Saudi Arabia and the UAE in the first place. However, as long as the filters are installed, these blocked sites are at least part of the problem for users in those countries, just as much as they are for students or cubicle workers in the U.S. whose network administrators happen to use Smartfilter. And, of course, I sampled only a miniscule fraction of the Web to find these examples of blocked sites, so the true number of stupid blocks affecting Saudi and UAE users is likely to be much larger. For each individual example, you might reasonably ask, "Is it really a big deal if Saudis are blocked from accessing Boy Scout Troop 87 of North Andover?" But it adds up.

Slashdot contributor Bennett Haselton writes: "Internet users in Saudi Arabia, along with most users in the United Arab Emirates, are blocked by their respective government censors from accessing the websites of the Trinity Davison Lutheran Church, Deliverance Tabernacle Ministries in Pittsburgh, the Amitayu Buddhist Society of Taiwan, and GayFaith.org. An attempt to access any of those websites yields an error page like this one. However, the sites are not blocked because they conflict with the religions beliefs of those countries' governments. Rather, they are blocked because Smartfilter -- the American-made blocking program sold by McAfee, and used for state-mandated Internet censorship in those countries -- classifies those sites as "pornography". You can see the screen shots here, here, here and here." Read on for the rest of Bennett's thoughts.

I found these blocked sites by starting with a combination of URL lists and ad hoc spidering, and running as many sites as possible through the Saudi filters to catch the ones that were blocked. Some of the sites were blocked for reasons that were easy to guess -- for example, http://www.bighornbasinsfw.org/, the home page of the Big Horn Basin, Wyoming chapter of Sportsmen for Fish & Wildlife, was almost certainly blocked because of the slang term "nsfw" in their URL. http://www.AgainstPornography.org and http://www.SearchingForMySpermDonorFather.org were presumably blocked because of the presence of the words "porn" and "sperm".

On the other hand, there appears to be no rational reason why the Filipino American Women's Network, the Tuscon Jazz Institute, or the Sacramento Police Activities League would have been blocked by Smartfilter, even by accident. A partial list of the blocked sites that I found is in the blog post I wrote for Citizen Lab, an Internet censorship research center at the University of Toronto.

Articles about sites that are erroneously blocked by Internet censorship software, have a storied history. The first widely read piece was the article "Keys to the Kingdom" written by Brock Meeks and Declan McCullagh in 1996, calling out Cyber Patrol for blocking EnviroLink.org and the University of Newcastle Computer Science Department, and CYBERsitter for blocking the National Organization for Women. I made a minor name for myself and the Peacefire.org site in the late 1990's by writing more pages about sites blocked by other products, including some (like X-Stop and SurfWatch) which no longer exist, and others that are still around, including Smartfilter. I was also one of six people comprising the Censorware Project, a loosely organized group of volunteers that published a few more reports.

By the early 2000's, however, it became clear that anyone whose mind was likely to be changed by information about what kinds of sites were blocked by blocking software, would have changed their mind already (or would, if they came across the research that had already been done up to that point). So the further reports on Internet blocking software errors, by me and other people, slowed to a trickle. I wrote a report in January 2002 on the latest list of sites blocked by Cyber Patrol, a product that most people today have forgotten. In 2006 I worked with the ACLU of Washington to publish a report on sites erroneously blocked by FortiGuard, a program used on computers in some libraries in central Washington, as part of the ACLU's suit to challenge the constitutionality of the program's use on public library terminals. (The Washington State Supreme Court rejected the lawsuit on the grounds that, regardless of what sites were blocked on the computers, it didn't matter because an adult library patron could request for the filter to be turned off.) In 2007 I wrote an article for Slashdot titled "From Bess to Worse" listing some sites that were blocked by an Internet filtering program called Bess (which was later bought out by Smartfilter and discontinued).

Most people's awareness of this debate, if they had heard about it at all, was limited to the perception that "breast cancer sites" and sites about "chicken breast recipes" were sometimes filtered by Internet blocking programs. Or they heard that "Beaver College" actually had to change its name to avoid being censored by web filters. As I tried to explain in a FAQ (written, according to the Wayback Machine, in 1999, but which still broadly holds true today), these examples are true, but they miss the point. These examples make it sound as if blocking software companies are doing the best job they can under the circumstances, and that the errors are unavoidable due to limitations on machine intelligence. In reality, any software algorithm that blocks the American Board of Vocational Experts, the Hopewell United Methodist Church, and the Patriot Guard Riders of Mississippi, as "pornography" (as Smartfilter currently does), is probably not the best algorithm the company could have come up with -- but there's no incentive for them to try harder, because few people will ever look that deep.

And yet, people continue to remember the "breast cancer site" examples. This sounds to me like an example of the narrative fallacy -- people remember that breast cancer sites were blocked, because there's a tidy explanation. There is no tidy explanation for most other examples of blocked sites, so the meme never spreads very far. Conveniently for the blocking companies, the blocked-site errors which make the company look most sloppy (the Kennels at Simpson Creek Farms, the St. Francis Institute of Milwaukee, etc.) are precisely the ones that, due to the narrative fallacy, most people won't remember or hear about.

One company, CYBERsitter, did manage to make a few blocking decisions in the 1990s that were egregious enough that their antics did make the news, and did finally raise some people's awareness that the controversy over private Internet filtering extended beyond "breast cancer sites". After TIME Magazine's website published an article (no longer online) that criticized CYBERsitter's blocking policies, CYBERsitter responded by blocking TIME Magazine's pathfinder.com domain. A few months earlier, CYBERsitter had blacklisted the monthly e-Zine "The Ethical Spectacle, after the Spectacle's founder, Jonathan Wallace, published an article criticizing CYBERsitter for blocking my own Peacefire.org website. And Peacefire.org had been blocked, in turn, because of a page I wrote (now very much out of date) listing some of the sites that CYBERsitter blocked, including the International Gay and Lesbian Human Rights Commission and Mother Jones. (Nowadays, of course, nobody would be surprised that filtering companies block Peacefire.org, since the site publishes ample instructions on how to get around Internet blockers. But at the time, the site's first and only article was the list of sites blocked by CYBERsitter, which is why CYBERsitter received so much criticism for blocking the domain in retaliation.) CYBERsitter also threatened to have Meeks and McCullagh criminally prosecuted for writing "Keys to the Kingdom" and threatened to sue me over the page that I had made.)

The moral, it seems, is that if you want an example of a censored web site to stick in people's minds, it either has to be a forgivable error, or an insane vindictive dick move -- because in either of those cases, people will understand why it happened. The vast swaths of censored websites on the spectrum in between, the ones for which there is no rational explanation for the blocking, go ignored.

These days, though, American and Canadian "censorware" makers have also come under fire for selling censoring software to foreign governments which use them for country-wide censorship. Most of the criticism focuses, naturally, not on the kinds of sites that are accidentally blocked by the blocking software, but on the immorality of these companies enabling statewide foreign censorship in the first place. Netsweeper, Blue Coat, and McAfee have all made the claim that "Once we sell their product to them, we have no control over what they do with it" -- which, as I wrote previously in Slashdot, is nonsense, because for the product to be effective, it has to rely on updates to the blocked-site list, which are provided at regular intervals by the manufacturer. Cut off the updates, and the product will not work, at least not as well.

So the fact that McAfee has classified the Boy Scout Troop 87 of North Andover, the Pan-Iranist Party of Iran, and Reptile Conservation International as "Pornography" is (rightly) overshadowed by the fact that McAfee is selling to government censors in Saudi Arabia and the UAE in the first place. However, as long as the filters are installed, these blocked sites are at least part of the problem for users in those countries, just as much as they are for students or cubicle workers in the U.S. whose network administrators happen to use Smartfilter. And, of course, I sampled only a miniscule fraction of the Web to find these examples of blocked sites, so the true number of stupid blocks affecting Saudi and UAE users is likely to be much larger. For each individual example, you might reasonably ask, "Is it really a big deal if Saudis are blocked from accessing Boy Scout Troop 87 of North Andover?" But it adds up.

nk497 writes "Mozilla has sent a cease-and-desist order to Gamma International, after it was revealed the controversial creator of spyware for governments was disguising itself as Firefox on PCs. 'We cannot abide a software company using our name to disguise online surveillance tools that can be — and in several cases actually have been — used by Gamma's customers to violate citizens' human rights and online privacy,' Mozilla said." DavidGilbert99 writes on the wider implications of the Citizen Lab report: "Governmental spying software has been in the news a lot in recent months and today Citizen Lab has revealed its latest findings, showing that one of the most prolific tools in use, Finfisher, is now in use in 36 countries around the world [beware the auto playing video ads with sound]." And, Voulnet adds "According to analysis and report by CitizenLab of the Gamma FinFisher trojan spyware used against dissidents in the middle east and around the world, the FinFisher codebase uses the LGPL GNU Multiple Precision Arithmetic Library, possibly without adhering to its distribution restrictions."

Trailrunner7 writes "One of the attackers who has been targeting Syrian anti-government activists with malware and surveillance tools has returned and upped the ante with the use of the BlackShades RAT, a remote-access tool that gives him the ability to spy on victims machines through keylogging and screenshots. The original attacks against Syrian activists, who are working against the government's months-long violent crackdown, were using another RAT known as Xtreme RAT, with similar capabilities. That malware was being spread through a couple of different targeted attacks, including one in which activists were directed to YouTube videos and their account credentials were then stolen when they logged in to leave comments. That attack continued with the installation of the RAT, giving the attacker surreptitious access to the victims' machines, enabling him to monitor their activities online. Now, researchers say that at least one attacker who is known to be involved in these targeted attacks also is using the BlackShades RAT in a new set of attacks."

wiredmikey writes "Simurgh, a privacy tool used in Iran and Syria to bypass Internet censorship and governmental monitoring, is being circulated with a backdoor. The compromised version has been offered on P2P networks and via web searches. Research conducted by CitizenLab.org has shown that the malicious version isn't available from the original software source, only through third-party access, so it appears that Simurgh has been repackaged. The troubling aspect of the malicious version is that while it does install the proxy as expected, it then adds a keylogging component, and ships the recorded information off to a server hosted in the U.S. and registered to a person in Saudi Arabia. In response to this attack, the team that develops Simurgh has instituted a check that will warn the user if they are running a compromised version of the software. At present, it is unknown who developed the hijacked version of Simurgh, or why they did so."

judgecorp writes "Many Syrian government sites and services are hosted outside the country, in the U.S., Canada and Germany. A recent report suggests the hosting services may be breaking international sanctions against the Syrian regime, and assisting it in committing 'crimes against humanity.'"

Mortimer.CA writes "Last year researchers discovered a giant electronic spying operation they dubbed GhostNet. Now, after a further year's worth of research, Infowar Monitor has released a new report. The report (Scribbed PDF) documents a complex ecosystem of cyber espionage that systematically targeted and compromised computer systems in India, the Offices of the Dalai Lama, the United Nations, and several other countries. While the servers are in China, the report's authors say that there is 'no evidence in this report of the involvement of the People's Republic of China or any other government in the shadow network.' Furthermore, the 'intruders even stole documents related to the travel of NATO forces in Afghanistan, illustrating that even though the Indian government was the primary target of the attacks, one gap in computer security can leave many nations exposed.'"

Anonymous Brave Guy writes "There's an interesting article from the BBC today about a group of academics at the University of Toronto who are working to investigate and break down government-imposed censorship of the Internet. Are they defending human rights, or simply trying to impose their own beliefs on people from other cultures? Incidentally, one of their people was responsible for the previous Slashdot discussion of 'five fundamental problems with open source'."