Slashdot Mirror
Symantec Tries to Censor Criticism
Let's first get the facts straight. Peacefire has not posted copyrighted material. It has posted code to decrypt I-Gear's encrypted blacklist. This is exactly like the DeCSS case, except the goal is criticizing a product instead of space-shifting movies.
The criticism here is that 76% of the .edu-domain blocks are wrong. This is a huge number. This suggests that, for every time the product blocks you from offensive material at an .edu Web site, there are three other times it blocked you from perfectly ordinary material.
While there are some people (like Bruce Taylor of the National Law Center for Children and Families) who would like to deny it, nobody's making this stuff up. Censorware really does suck. In fact, Peacefire did the same thing to X-Stop, another blocking package, two weeks earlier, and found a 68% .edu error rate. (But its maker hasn't threatened to sue. Yet.)
So what did Peacefire learn about I-Gear? A description of a milking machine system written in Spanish - blocked. Tricks for a flight sim game - blocked. A page entirely in Latin - blocked. Volumes 4 and 6 of "Decline and Fall of the Roman Empire" - blocked (but you can still read Volumes 1, 2, 3, and 5, go figure).
Furthermore, Peacefire revealed that Symantec is apparently violating its privacy policy by sending information to its servers without telling the user. Your Windows-registered "real name" and "company name" secretly get sent back to Symantec.
You may recall Haselton's Slashdot story "Keep it Legal to Embarrass Big Companies," from two weeks ago. He wondered if these kinds of pressure tactics would be the response to his efforts. It's already started.
The legal issue appears to be whether Symantec's End-User License Agreement (EULA) can contain a clause prohibiting reverse-engineering - and whether that clause can be enforced. UCITA will be the thousand-pound gorilla here, providing real legal muscle behind onerous EULAs. Fortunately, the current legal situation is more iffy, and cnet's story talks about that a little.
Symantec wants to distribute I-Gear only on the condition that nobody looks under the hood or says anything bad about it. And UCITA would back that up - by sending people like Haselton to jail for revealing products' flaws.
And then there's the question of why Symantec is using lousy crypto in the first place. As KnobDicker concludes: "Rather than being thankful that Haselton has conducted testing and work that they should have done themselves in the first place (for *free*), Symantec is crying in their beer and threatening to break out the lawyers to quash the bad press. Chalk up another one for the Open Source model's system of thorough peer review instead of development in a proprietary vacuum."
I urge everyone who supports anti-censorship causes like this one go to the PeaceFire site and buy a t-shirt and give a donation. The last time PeaceFire was featured in an article a number of people bought shirts, but nobody made a donation. Bennett is not making money off the t-shirt sales. Giving a little, even just $US5-10 would be helpful, and would bring the price of the t-shirt up to what you'd normally see.
----------
"And I thought 'Reverend Billy
Remember when Sony filed suit against Connectix for essentially the same thing? End result was Sonly lost because the court of appeals stated that Connectix was in compliance with the DMCA and that this use of reverse engineering is protected under fair use.
More race stuff in one place,
than any one place on the net.
Eric
At least, I'm not suprised. Symantec has lots of money and lawyers, and they are the average petulant company, pissed that someone isn't playing exactly by their rules.
Some of you may recall that Solid Oak Software has threatened Peacefire in the past. Hell, Solid Oak has even mail-bombed detractors and has recompiled their CYBERSitter software to generate a fake error message if it finds peacefire.org in your browser cache on install. Don't be suprised if Symantec does equally vile things to their consumers. After all, censorship is vile business. Certainly, there is no reason for this attack on Peacefire other than to "get even" for questioning their "moral" authority.
The only thing we can hope for is that this will result in a win for Peacefire. Otherwise, get ready for Big Brother in full effect...
-- Count Spatula: The Culinary Vampire "...because my cooking sucks."
I kind of agree with symantec here... I mean, what Peacefire did is extremely misleading... No site blocking software is going to be perfect, but for them to disect the list, but only the first 50, and at that, only the first 50 educational sites, and then post findings such as a 76% error rate... I mean, that's very biased, and absurd.
.edu sites contained in the list. 5%? 10%?
If they can decode the list in it's entirety, why don't they do a little more analyisis of it... What is percentage of
How about an analysis of the first 1000 entries? EDU or not.
In direct marketing, people realize that a sampling of 10,000 people from a given list is generally the bare minimum to use in terms of being able to accurately predict response rates... For instance if mail something to 1,000 people from the same list and get a great response, you shouldn't go ahead and buy 100,000 more names fom that list, because you didn't get an accurate sampling...
The same goes with peacefires thing... They're using nearly enough information to give a real idea of what's happening... When you're able to skew data like that, you can show nearly any result that you want.
One large arguement I see from many of you is that censor proxies have too many valid sites blocked. Well, how about taking the Open Source/distributed.net approach? I know there are some for squid. How about a system where each morning/once a week/whatever a group of moderators are sent URLs to check up on. They do so, trying to determine if it's some directory, or the whole domain that gets listed. If there is porn (a set of standards would have to be established), they report back and it's added to the blacklist. I know I would be willing to take a few minutes every once in a while to do so. You could have a whole system of checks on the web site, if someone doesn't agree with a blacklisting, it's sent to two or three moderators and if they don't agree it's removed. If someone finds a new porn page, they can submit it and it's added to the queue. If there were hundreds of moderators, like Debian does with it's packs, each individual has only a small workload.
Then every week or so the HQ web site puts out a new blacklist. We can have all kinds of easy update utils to help those not squid-knowledgable, and some folks could make a Windows application to do it for those folks as well. Heck, if the existing censorware's methods are decrypted like this one, we could write utils to encrypt it again and drop it in to their directory.
I'm not going into whether you like blacklists or not, so let's keep these to ways of doing it correctly, since these other prorgams don't seem to do it very well. Using an open source list, and appropriate means of rectifying errors, we can do it properly.
There is no implication that a similar number of .com sites are blocked. The only way to determine that is to do what Peacefire did with .coms.
.edu is a good target for Peacefire are: .edu sites must be relatively good-- .com has too many sites, and too many lousy/ trivial sites, to be a good test subject. Sure, there are lots of pointless student homepages, but most students don't have time to completely fill up their 5 MB with pictures of their friends. Moreso, .edus must have very strict rules governing what students can put up-- most student-run porn sites on a Uni server will go down really quickly. Finally, .edu sites tend to be well-indexed by search engines, including their own internal engines (meta-crawlers get a lot of .edu hits). .edu blocked.
.edu. That's what Internet 2 is supposed to be-- returning the bandwidth to .edu and .gov. So, it seems reasonable to plant the battle flag on .edu
The reasons
1) k12.edu sites often have pages made for group projects by kids under 18, the ones who are supposedly being protected.
2) These same kids will probably end up looking at university sites (or the Smithsonian, if their project is on George Lucas's use of mythology...blah) for those same projects. Doing a report on Diocletian? Go to that Calvin College site and grep (or "find" in Netscape) for his name. Unless, that is, the pages are blocked.
3) The signal/noise ratio on
4) If you are out to Prove Something, like Peacefire, Greek and Roman histories/ literature translated into English SGML are valuable statistics-boosters. I haven't gotten to Vol. IV of Gibbon yet, but I would venture that any good translations of Sophocles's plays have frequent use of words like "bitch." Despite this, who's going to argue that high schoolers shouldn't read Sophocles? (Thomas Bowlder would, but he's dead.) It's very convincing to point a figure at the percentage of
Remember that, at least according to the Al Gore types, the Big Use for the Internet is
--Kevin T.
Even if you had 95% accuracy (which is far, far better than anything on the market actually achieves), there would still be an unacceptable number of unblocked sites and mistakenly blocked sites. Let's assume there are 10,000,000 web sites; under a given rating system, 1,000,000 are blockable, and 9,000,000 are permissable. With 95% accuracy you would have 50,000 sites that should be blocked that are not, and 450,000 sites blocked that shouldn't be.
What really makes me scratch my head is why adult-oriented sites provide links to the various censorware sites. Webmasters, particuarly adult webmasters, should be the LAST people on the planet to lend legitimacy to these snake-oil salesmen and wanna-be thought police.
The internet is an amazing resource. Like the real world, cyberspace has much to offer; some of it appropriate for children, some of it not. Parents need to be educated that they need to supervise their children in cyberspace just as much as they do in meatspace. If people spent half as much money and effort promoting parent education as they did promoting ineffectual censorware, they might actually achive their stated goal of protecting the children. Unfortunatly, for most of these people "protecting the children" is a merely convienient cover for their real agenda of forcing their religious beliefs down everyone else's throats.
"The axiom 'An honest man has nothing to fear from the police'
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
From:
.edu domain blocked as "pornography", 38 of those were errors, for a 76% error rate. We also discovered that when you install I-Gear, it scans in your real name used to register your copy of Windows, and uploads this information to Symantec
.edu sites have porn?
http://www.peacefire.org/
March 2, 2000
Download IGDecode, a program that can decrypt the list of sites blocked by I-Gear. We decrypted I-Gear's list and determined that of the first 50 URL's in the
...
So, uhh...12 of the first 50
(I know, it's miles off-topic, but still a good story.)
Much Love,
"S"HM
*****
(I refuse to spellcheck out of contempt for your belief system)
Have you looked at their analysis? It wasn't some quick and dirty glance; you have to read the whole page to be sure the whole page is "clean". If a site is mistakenly listed, you have to look at the entire page to see that.
Doing this to EVERY site would simply take too long. In fact, this is how these idiot filter companies get bogus entries to start with -- they just look at the name, don't even bother to read the page itself.
Secondly, this is the TOP 50 sites, presumably the worst offenders. It's as if you were verifying the FBI top most wanted criminals, and found 76% who were in fact not criminals, just ordinary professors or students. Why bother checking the rest? If the so-called worst offenders are 3/4 wrong, why even bother with the rest? If they can't even get the worst offenders right, what does it matter how right the rest are? If Symantec can't be bothered to verify even the worst offenders, what makes you think they are going to verify the small fries?
--
Infuriate left and right
We use a Sonicwall unit for DHCP/VPN/filter here at work, and it blocks the peacefire.org site with the following codes:Code:abcdefghijkl - 00.C0.F0.48.51.E0 - www.peacefire.org
Here's the breakdown on what those letter codes mean
Time to let their filter people know about this "oversight"...
OK, I now I'm really begining to wonder. One of the pages that was censored was 75k of latin (at least according to the description). Well, being a latin major I was intrigued and decided to check this out. It turns out that this is part of the Confessions of St. Augustine, perhaps one of the most famous theologans in christianity!!! The rest of the corpus is located in the same directory, but apparently not blocked either, but I still find it quite humorous that Symantech thinks St. Augustine to be worthy of censorship. Must be Calvanists and Lutherans, only plausible explanation. :-)
Um, not to get off topic, but could we please stop pretending that porn is nothing but "nude pictures"? I have heard people compare the range avalible on the internet to a kid being able to read "our bodies our selves" and other such silliness.
If you are pro-porn-choice, be honest about what you are talking about. On line porn includes (but is not limited to) stuff which can be 1. graphicly disgusting (a picture of a man shitting into a woman's mouth) 2. emotionally disturbing (B&D S&M) or 3. humiliating or frightning to those who identify with the subject (teen, pre teen or "oops" sites.)
You do not need to be a puritan to imagine that a kid particularly could be confused or disturbed by such things, especially if they don't have the sort of relationship with their parents which allows them to ask about it and sort out why it makes them feel that way. Now we can argue about what the best way to deal with this is, from better parenting to start out with to censorware, but could we acknowledge the reality of the problem instead of brushing it under the rug? To hear this group sometimes, you would think the porn content of the internet was mildly more raunchy than a display of renisance sculpture. It is unneccassarily insulting and condesending to the people we should be reaching out to, and it prevents rational discussion of solutions that work for everyone.
-Kahuna Burger
...will work for Chick tracts...
>On the other hand: porn, violence, crackers, warez etc shouldn't be. Nobody argues about that too.
Au contraire. The question 'what is porn' is argued over constantly, leading to the vague-but-appropriate concept of community standards in obscenity trials and the like. What you call porn, I call erotic art, and Europeans call commercials.
Same with violence. Just filtering on violence gives you a world where Teletubbies are OK, and _Saving_Private_Ryan_ is banned. Who decides?
>Categories without a moral value judgement, just cleanly categorize it.
Except that categorizing _IS_ value judgment. Again with _Ryan_, it would be 'objectively' categorized into "Violence, graphic dismemberment," and correctly so. The fact that it is, in fact, a powerful work of art cannot be reflected except by offering up a relative value judgement of some kind.
>universally bad things (blatant violence, _commercial_ porno, the Ku Klux Klan
Right there. A value judgement. In the US, even the Klan has a right to express and believe whatever they want, so long as they're not actually committing crimes. Period. Calling it 'universally bad' and therefore OBVIOUSLY needing to be censored is exactly what you allege to be against: selling your ideas of propriety onto others.
Ratings systems, censorware, whatever, the very ACT of dividing things into acceptable and unacceptable is a set of value judgements. And it's simply impossible to make a set of value judgments that works for everyone, and irresponsible to try.
--