Slashdot Mirror
U.S. Gov Agency Blunders With Keyword Blacklist
Anonymous Submitter writes "There's an interesting CNet article which highlights a report released by the OpenNet Initiative. The report examines how "a U.S. government agency charged with fighting Iranian and Chinese Internet censorship is quietly censoring the Web itself". Among some of the sites this U.S. agency accidentally blocks are breastcancer.com, teens.drugabuse.gov, several gay rights websites, and even usembassy.state.gov. Some of the members of the group who prepared this report were responsible for a previous Slashdot discussion entitled "Academics Take On Government Net Censorship". The report raises questions about the potential inaccuracy of proprietary and other secretive filtering mechanisms: who should be responsible for ensuring their accuracy?"
The list includes "ass" (which inadvertently bans usembassy.state.gov), "breast" (breastcancer.com), "hot" (hotmail.com and hotels.com), "pic" (epic.noaa.gov) and "teen" (teens.drugabuse.gov). Goodbye any site with the word topic.
Well because as you could see if you RTFA, it lists what keywords are being blocked, Here.
Portland, North Dakota Puppies
Come on. This is a pile of Orwellian BS. What's next. GoodNet (tm) instead of Goodspeak?
As the amount of information and its accessibility increases the whole idea that you can selectively censor the right things 100% accurately all the time becomes comical. You simply can't have a proliferation of easily accessible information and censor the "bad information" since what is bad is subjective anyway.
If you must place controls, its more practical to do so on the tools and materials required to perpetrate the "evil" you wish to combat.
I for once like the access to information that the internet gives me. Its empowering and I've used this information practically not just for entertainment or frivolous uses.
When doctors have given me and the ones I love incomplete or inaccurate information as they have on a couple of occassions I've been able to get better information and present it back to them to act on it. Its sped up a couple of key diagnoses for my girlfriend and I. In both cases not working out what the problem was as soon as we did would have resulted in each of us spending significant amounts of time out of work (not to mention feeling miserable). We'd each for different medical reasons have been permanently excluded from driving, and would almost certainly have had our lives shortened. Had the information been buried in some public library without any access to anecdotal evidence (usenet) life today for me would be very much worse.
These posts express my own personal views, not those of my employer
Err... I'm glad that everyone has the best interests of the populations of Iran at heart, but I think there's some confusion about how anonymizer.com actually works.
Anonymizer.com is intended to keep your identity a secret only from the target web server. From the original article: "they can use Anonymizer.com as a kind of jumping-off point, also called a proxy server".
This is correct. The client sends a request for a web page (say google.com) from anonymizer.com (or sedayama.com, or barandaz.com, or whichever). The anonymizer goes out, fetches the page for them, and then feeds it back. In this way, google.com has no idea who they are.
Since anonymizer.com's server is in California, all data must be sent between the server in California and the client in Iran, through the country's firewall and whatever sniffer programs they have running.
In no way whatsoever does this process prevent the Iranian government from snooping the connection between the browser and anonymizer.com to see whatever the heck the client is looking at. In fact, it makes the censor's life easier. All they have to do now is scan for all data to or from anonymizer.com, sedayama, etc. Then they can either parse the data and see what banned sites the client is viewing, or just assume that they're up to no good, raid their house, confiscate their computer and look at the browser cache.
According to the Opennet report, the only real "anonymizing" functionality of this site comes from converting URLs from text to hexadecimal, and the obfuscation from the anonymizer site having to change URLs and IP addresses whenever the Iran government blocks one.
I think the IBB is doing these people a grave disservice by advertising that sites can be viewed anonymously, when in fact they can't. Even if the connection was completely encrypted with SSL, the government censors could determine that a connection was made to an anonymizer site, and that the client is worthy of further investigation.
Again, from the OpenNet report: "Iranian users may not be aware that their use of the service may identify them to Iranian government authorities as citizens wishing to view forbidden content, or as supportive of the ideas found within that content."
Enough said. The people who run the IBB Anonymizer project should realize it was a well-meaning but flawed concept from the start, and it can actually be counter-productive by exposing Iranians who trust the claims of anonymity.
Those claims should be retracted and a big warning banner posted on the site(s), or the project should be killed outright.
While I was in Thailand recently, the current attitudes in most of asia towards gay rights were all over the news... China is a mostly Buddhist country, and except for the noisy protests of the 5% Christian and/or Muslim members, it's going over without much of a fight. They're currently thinking of legalizing same-sex marriage (albeit slower than southeast asia, where it's very likely that we will see laws being passed shortly).
Hardware, software, and blinking lights!
Aha, thanks.
Here's the important info for anyone else who may be curious:
For those who are found to be within Iran, the service is freely accessible through several domain names. As soon as the Iranian authorities block one of the service's domain names or IP addresses, new locations are announced to Iranians through Radio Farda and VOA Persian Radio broadcasts. (Some of these domain names are filtered by some ISPs in Iran and thus inaccessible to users, however even the filtered domains can be accessed by directly entering the IP address.)
Who cares? Compared to the fact that the draft board is making plans to draft geeks the blacklisting of certain keywords in govt. computer systems seems a rather trivial issue.
"In line with today's needs, the Selective Service System's structure, programs and activities should be re-engineered toward maintaining a national inventory of American men and, for the first time, women, ages 18 through 34, with an added focus on identifying individuals with critical skills,"
How much more relevant the Slashdot editors choices of blacklisted keywords and the SEC fine of Gates are to the average geek reading slashdot! It will be so good to know when you get sent out to Baghdad to fight for Halliburton, that there are people back in the US fighting for the right of middle ranking civil servants to visit gay web sites during working hours.
If news of the plannning were not enough Rumsfeld has denied that the administration thinks that extending the draft is desirable or necessary. If you have been following the real news sites with stuff that matters you will know that Rumsfeld also said that there was no need for more troops in Iraq only a week before they were sent.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Chinese attitudes to homosexuality are very conservative. I've met mainland Chinese who assert that there aren't any homosexuals in China. Until not so long ago (at least the 70s), homosexuality was treated as a psychiatric disorder, and homosexuals could wind up in a psychiatric hospital.
As for China being a mostly Buddhist country... well, China is a mostly Confucian country, with a strong familial ethos and a traditionally prudish attitude to sexuality. That's not a culture which homosexuality fits into very easily...
That said, I have had a gay Chinese man (discretely) proposition me in Shanghai...
And, here's the other thing that drives me nuts. All you nutters that think this sort of behavior is perfectly normal and acceptable. You... are... fucking.... insane. WAKE UP.
First of all, if human rights aren't universal, we don't deserve them any more than anybody else does, and our government has no need to feel obligated to keep those inconvenient "rights" that are such an impediment to their power plays and growth. Removing a right from a single person is like taking a chisel and putting a crack in the dam. The instant it's there, it's only a matter of time before the whole thing is worn away from that foothold and the water comes crashing through. The longer you ignore it, or try to play it off as insignificant, the harder it becomes to patch it back up. Let it go long enough, and only a mssive, coordinated, immediate response will avert disaster.
Second of all, YOUR bandwidth is YOUR private "property", as it were and is not subject to the same rules as the government. That has NOTHING to do with anything related to this discussion, and if you've taken at least a basic Civics class and think about it for a minute or two, you'll realize why.
Thirdly, democracy has nothing to do with censorship and, in fact, part of the reason the government is there is supposedly to protect the minority from majority abuse. Censorship is censorship, and the government has no place practicing it without an extremely compelling reason to do so. Yelling 'fire' in a crowded theatre can be censored (and even that's debateable due to the "crack in the dam" thing again) because it presents a legitimate public safety hazard. Last I knew, nobody ever died jerking off to porn unless they had a fucking heart attack or something.
Finally, not only is it irrelevant to this discussion what YOU think is a waste of tax dollars, it's also irrelevant how success is measured, if at all. These are completely different issues, and are only superficially related to the topic of censorship.
And, I might add: I agree, if the government cannot be trusted to run these systems without sticking their nose into moralistic bullshit like what the Chinese should and shouldn't watch, they shouldn't be running the fucking servers.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
Some content filterng programs use lists of sites, categorized. This allows you to implement the kind of nuanced policy that you're talking about, (say block Sex/Acts but allow Sex/Education) but has the weakness of allowing anything that hasn't been put on the lists. If someone starts a new porn site, it won't be filtered until the fitering software list is updated. Also, this runs into trouble when a site (say, Geocities or images.google) hosts a huge vareity of content, and blocking the site will block all of it.
The alternative is dynamically filtering pages based on words that appear in it. That's the approach being used here, but sometimes it's tricky to differentiate between a medical site talking about penises and a porn site talking about penises, just based on which words are on the page. Some material is ambiguous enough that different humans have a hard time agreeing whether or not it's porn. Good luck getting a fast algorithm to do better.