Slashdot Mirror

← Back to Stories (view on slashdot.org)

U.S. Gov Agency Blunders With Keyword Blacklist

Posted by simoniker on from the speeding-up dept.

Anonymous Submitter writes "There's an interesting CNet article which highlights a report released by the OpenNet Initiative. The report examines how "a U.S. government agency charged with fighting Iranian and Chinese Internet censorship is quietly censoring the Web itself". Among some of the sites this U.S. agency accidentally blocks are breastcancer.com, teens.drugabuse.gov, several gay rights websites, and even usembassy.state.gov. Some of the members of the group who prepared this report were responsible for a previous Slashdot discussion entitled "Academics Take On Government Net Censorship". The report raises questions about the potential inaccuracy of proprietary and other secretive filtering mechanisms: who should be responsible for ensuring their accuracy?"

6 of 240 comments (clear)

  1. Censured Words by Rendrago · · Score: 5, Informative

    The list includes "ass" (which inadvertently bans usembassy.state.gov), "breast" (breastcancer.com), "hot" (hotmail.com and hotels.com), "pic" (epic.noaa.gov) and "teen" (teens.drugabuse.gov). Goodbye any site with the word topic.

  2. Re:Given that... by tyleroar · · Score: 5, Informative

    Well because as you could see if you RTFA, it lists what keywords are being blocked, Here.

    --
    Portland, North Dakota Puppies
  3. No anonymity here! by Memophage · · Score: 5, Informative

    Err... I'm glad that everyone has the best interests of the populations of Iran at heart, but I think there's some confusion about how anonymizer.com actually works.

    Anonymizer.com is intended to keep your identity a secret only from the target web server. From the original article: "they can use Anonymizer.com as a kind of jumping-off point, also called a proxy server".

    This is correct. The client sends a request for a web page (say google.com) from anonymizer.com (or sedayama.com, or barandaz.com, or whichever). The anonymizer goes out, fetches the page for them, and then feeds it back. In this way, google.com has no idea who they are.

    Since anonymizer.com's server is in California, all data must be sent between the server in California and the client in Iran, through the country's firewall and whatever sniffer programs they have running.

    In no way whatsoever does this process prevent the Iranian government from snooping the connection between the browser and anonymizer.com to see whatever the heck the client is looking at. In fact, it makes the censor's life easier. All they have to do now is scan for all data to or from anonymizer.com, sedayama, etc. Then they can either parse the data and see what banned sites the client is viewing, or just assume that they're up to no good, raid their house, confiscate their computer and look at the browser cache.

    According to the Opennet report, the only real "anonymizing" functionality of this site comes from converting URLs from text to hexadecimal, and the obfuscation from the anonymizer site having to change URLs and IP addresses whenever the Iran government blocks one.

    I think the IBB is doing these people a grave disservice by advertising that sites can be viewed anonymously, when in fact they can't. Even if the connection was completely encrypted with SSL, the government censors could determine that a connection was made to an anonymizer site, and that the client is worthy of further investigation.

    Again, from the OpenNet report: "Iranian users may not be aware that their use of the service may identify them to Iranian government authorities as citizens wishing to view forbidden content, or as supportive of the ideas found within that content."

    Enough said. The people who run the IBB Anonymizer project should realize it was a well-meaning but flawed concept from the start, and it can actually be counter-productive by exposing Iranians who trust the claims of anonymity.

    Those claims should be retracted and a big warning banner posted on the site(s), or the project should be killed outright.

  4. Re:Culture Bombing... by Jennifer+E.+Elaan · · Score: 5, Informative
    Check your culture there for a minute. While Iran's view of gay rights is about at that point (like, kill on sight...), CHINA is another story entirely.

    While I was in Thailand recently, the current attitudes in most of asia towards gay rights were all over the news... China is a mostly Buddhist country, and except for the noisy protests of the 5% Christian and/or Muslim members, it's going over without much of a fight. They're currently thinking of legalizing same-sex marriage (albeit slower than southeast asia, where it's very likely that we will see laws being passed shortly).

    --

    Hardware, software, and blinking lights!

  5. Re:Hmmm by DaveLatham · · Score: 5, Informative

    Aha, thanks.

    Here's the important info for anyone else who may be curious:

    For those who are found to be within Iran, the service is freely accessible through several domain names. As soon as the Iranian authorities block one of the service's domain names or IP addresses, new locations are announced to Iranians through Radio Farda and VOA Persian Radio broadcasts. (Some of these domain names are filtered by some ISPs in Iran and thus inaccessible to users, however even the filtered domains can be accessed by directly entering the IP address.)

  6. Re:Majority Rule... by the_mad_poster · · Score: 4, Informative

    And, here's the other thing that drives me nuts. All you nutters that think this sort of behavior is perfectly normal and acceptable. You... are... fucking.... insane. WAKE UP.

    First of all, if human rights aren't universal, we don't deserve them any more than anybody else does, and our government has no need to feel obligated to keep those inconvenient "rights" that are such an impediment to their power plays and growth. Removing a right from a single person is like taking a chisel and putting a crack in the dam. The instant it's there, it's only a matter of time before the whole thing is worn away from that foothold and the water comes crashing through. The longer you ignore it, or try to play it off as insignificant, the harder it becomes to patch it back up. Let it go long enough, and only a mssive, coordinated, immediate response will avert disaster.

    Second of all, YOUR bandwidth is YOUR private "property", as it were and is not subject to the same rules as the government. That has NOTHING to do with anything related to this discussion, and if you've taken at least a basic Civics class and think about it for a minute or two, you'll realize why.

    Thirdly, democracy has nothing to do with censorship and, in fact, part of the reason the government is there is supposedly to protect the minority from majority abuse. Censorship is censorship, and the government has no place practicing it without an extremely compelling reason to do so. Yelling 'fire' in a crowded theatre can be censored (and even that's debateable due to the "crack in the dam" thing again) because it presents a legitimate public safety hazard. Last I knew, nobody ever died jerking off to porn unless they had a fucking heart attack or something.

    Finally, not only is it irrelevant to this discussion what YOU think is a waste of tax dollars, it's also irrelevant how success is measured, if at all. These are completely different issues, and are only superficially related to the topic of censorship.

    And, I might add: I agree, if the government cannot be trusted to run these systems without sticking their nose into moralistic bullshit like what the Chinese should and shouldn't watch, they shouldn't be running the fucking servers.

    --
    Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!